DRM and Java Card

The DRM world, at least for its music part, is shaking on its grounds, with today’s memo from Steve Jobs. Jobs argues in there that music sold on Internet should be DRM-free, and his main argument is interesting: record companies are selling 90% of their music on DRM-free CD’s, so why bother protecting the rest? The argument is definitely valid, and is a blow to music DRM.

This does not seem related to Java Card, but it has some impact on future architectures.

If we look at the new smart card architectures, some are more affected than others. DRM is a major use case for smart card cores embedded in USB memory sticks, and it also has been a major use case for SIM cards that include large memory. For instance, it is cited first on Oberthur’s Gigantic card description.

Of course, a closer look on Jobs’ paper shows that it is not necessarily consensual. For instance, he mentions interoperability by mentioning the possibility to license Apple’s technology:

The second alternative is for Apple to license its FairPlay DRM technology to current and future competitors with the goal of achieving interoperability between different company’s players and music stores. On the surface, this seems like a good idea since it might offer customers increased choice now and in the future. And Apple might benefit by charging a small licensing fee for its FairPlay DRM. However, when we look a bit deeper, problems begin to emerge. The most serious problem is that licensing a DRM involves disclosing some of its secrets to many people in many companies, and history tells us that inevitably these secrets will leak.

Some lessons are hard to learn, and trying to achieve security through the secrecy of the algorithm is definitely not a good idea. For the smart card industry, this single comment is even a bigger blow than Jobs’ message. It means that even high-profile technologists are just not getting it.

On the bright side, Jobs’ argument does not apply to movies, which are mostly sold on DRM-protected media, i.e., DVD’s. Of course, it has been broken, and the zoning was a mistake. But still, it was better than a CD, and Jobs’ main argument does not hold as strongly as it does for music. And there is a lot more content that needs to be protected, one of them being of course the end user’s own private content.

No Comments

Leave a Reply

Your email is never shared.Required fields are marked *