Friday, January 13, 2006

DRM is impossible in a secure system

An honestly secure computer system is own in which the owner makes the rules, which get perfectly enforced. The use of a microkernel, and completely separate environments for each and every task, allows secure implementation of any rule set.

I've learned from my reading of KeyKOS and other design documentation that one of the tricky (and thus powerful) rules of a multi-level system is that each higher level of access must be able to undetectibly read the state of lower access machines.

It took a while for the implications of this to sink in. ANY secure OS could enforce a rule such as this. Thus any system which can virtualize a machine can wrap a DRM system such that there will always be some equivalent to the "analog hole", which allows direct access to the unencrypted content, which is required to be able to read it in authorized contexts.

This means that a DRM system can NEVER protect content from being copied or outerwise altered if the user is EVER authorized to read the contents. This is the fundamental reason that DVD "protection" has failed.

The reality is that our computers are defintely not secure, and any imposed DRM is a symptom of that problem. Truely secure computers are immune to DRM.


No comments: