open-source DRM


Mike Wilkes
 

I'm told that IP hinders if not entirely obviates the possibility of creating a reasonable open-source DRM solution. That may well be the case.

In addition to that, the point of security is to protect the user from external attackers. But in the DRM threat model, the user is the attacker essentially and the rights owner is the defender.

Most (streaming) DRM approaches simply try to hide the key and make it time-bound. But in cryptography it's hard to make that anything other than an all or nothing proposition. How can the user be trusted to decrypt the asset and not take advantage of access to the unencrypted data? Are there any frameworks that can be applied to solve the problem and deliver (what I believe to be) a needed solution?

Join main@lists.aswf.io to automatically receive all group messages.