I had a very interesting discussion with David Levine (SL: Zha Ewry) last night at the Metaverse Meetup, several luminaries were present, including Prokofy Neva, Tish Shute, and others. We had a varied discussion ranging from the possible future of Virtual Worlds to an informative discussion on the feasibility of copy protection in open standards and worlds.
Reuters has some interesting coverage over here, however I do feel the need to make some corrections on a few points made. While Eric has got lot of interesting points covered, some of them are a bit more nuanced than first appear and I’d like to cover a few of them.
In OpenSim, by default, no copy protection will exist at all. “You cannot know what a foreign piece of software will do with a piece of digital content once it receives it,” Levine said. To insert a digital rights management tool into OpenSim is to invite criminal hackers to find ways to circumvent it and undermine the credibility of the software, he argued.
This isn’t quite true - at least some of it anyway. While he’s spot on with David’s comment that you cant tell what a foreign system will do with a piece of data. OpenSim does support permissions by default - the nuance here is that permissions do not equal copy protection. Copy protection (also known as DRM) I’ve covered in more detail previously.
By default OpenSim - right now, supports your standard SL-flavoured permissions as the default permission module, it’s there today - yes you can swap one permission module with one that doesnt respect those, and yes you could remove it entirely.
Unfortunately as I’ve stated before, there’s no rule of computer science that stops someone from modifying something. Good or bad it is always possible, even if you need to go down to the level where you have a soldering iron installing a “mod chip”. With open source software this is admittedly easier - but any professionally schooled programmer will have all the grounding needed to defeat a copy protection system.
This is why both myself and David Levine believe that the solution is to engineer something that involves assisting and speeding up legal systems. Modern societies decide to respect copyright laws, and therefor they built institutions such as courts to handle disputes, however Prokofy does raise the point that lawyers tend to be expensive, and if the only way to sell content is to have a professional lawyer, then we’re back to old media conglomerates.
As I have stated before, I’m not entirely sure this will be the case, there’s a number of reasons for that, first - something being broken is somewhat black and white - if there is any way to get content under terms not licensed to you, then you can do it. It doesnt really matter that suddenly there is an additional method for doing so, because it was already possible.
The presence of the Open Grid Protocols allows one more potential avenue of attack, but to a malicious individual, this is more difficult than just grabbing the asset from the local cache, or using a tool such as GL Intercept, because it requires connecting in additional servers and dealing with a lot more than you absolutely have to.
Returning to my point - I think we will find that actually people want to be legitimate, purchase content from legitimate providers - and hosting companies (who are actually powering the systems running the World) will have big financial incentives to obey the law and not have copyright infringing content on their systems (since it makes them liable, and corporate lawyers really don’t like that.)
The solutions I’ve mentioned before still hold, first - you can keep on keeping on, in all probability sales will increase rather than decrease because you will be dealing with a much much wider audience. Second - hosting providers will want to be allowed to receive content from top creators, and that means signing contracts which indicate they will enforce permission models wanted by creators (and moderated by consumer demands).
I think for us, the developers the key is to make it possible for people to say “Well, I want my content handled in these five ways.” and be able to host a world that interoperates obeying those laws. Likewise we need to make the inverse easy too so that people who want to share content themselves can, and do so easily. This part comes down to tools - which is in the domain of the technical, however if someone violates that contract, then that’s the moment that social systems need to be employed.
Social solutions do not necessarily mean legal systems - it’s possible that it’s as simple as “Well, you violated our contract, therefor we’re never sharing any more content with you”. Legal contracts will likely be the mainstay at the higher levels (as they always are), but there is nothing stopping the establishment of guilds or other groups which represent groups of content creators to enforce en-masse.
Certainly commercial pressures will cause people doing hosting services to enforce these, because if they do not, their customers will be denied access to new content which will hurt business.
It’s also possible for people to consider alternative models of distribution, including the possibility of say subscriptions to content providers, for instance paying a regular fee to be allowed access to the content creators library of content (done either per user, or per region, I can see plenty of use for this).
For those of you interested in hearing more, and exactly what myself and David discussed, a video of the presentation has gone online - you can hear our exact words and all the nuances therein (and unfortunately with a topic this complex, there’s a lot.).
[...] my response online: Adam Frisby
"Not Rooting for Reuters" or "How I Learned About Journalistic Integrity the Hard Way - Page 2 - SLUniverse Forums
24 Jul 08 at 11:57 pm
But Adam, most people are not professionally schooled coders.
Moreover, most people are not professionally schooled coders who also want to defeat a copy protection system and steal other people’s stuff. In practice, that is not a very large group.
Those are not the people these systems are designed to protect against. You might as well say that there is no use putting a lock on the department store door because a professionally schooled locksmith could open it.
Any world (or whatever you want to call it) that refuses to take the most elementary precautions against content theft, but insists that people form guilds and whatnot instead, is a world I would not be interested in creating any content in.
If you want more people, you have to satisfy these basic needs, rather than continually coming up with various worst-case scenarios and other arcane reasons why you shouldn’t have to.
coco
Cocoanut Koala
25 Jul 08 at 10:34 pm
Well, that’s kind of the point - we do support those things. See where I wrote “By default OpenSim - right now, supports your standard SL-flavored permissions as the default permission module”.
The difference is, we’re supporting that because it’s a happy medium - it indicates what a content creator wants to do with something, but it doesn’t go into a technological cat and mouse game.
Trying to support something “Stronger” however is pretty much futile becuase breaking those permissions will be no more difficult than it is today. The idea that something stronger can be possibly implemented is a bit of a myth.
Tools like “Copybot” will always exist for those who want to get them, and there’s nothing (literally nothing) on the server side that can be done to stop those tools from working. Ditto for GLIntercept and others.
Enforcing the creators intent to the degree that permissions are handled correctly by default is about the best that can be offered - it’s what we support right now. (I do need to add however, that it is always possible to disable that)
However, it’s important that it gets publicized that this is *no different to SL today*.
The SL permissions are very much indicators of the creators intent, and how the system should handle them by default. People get around these permissions with fervency just by using things like GLIntercept, cache-rippers, copybots, etc.
So returning to my original point in summary:
- Protection is only as strong as the weakest link, in this case the client is the weakest link so anything done elsewhere is somewhat pointless.
*** - We support the same as SL does today since it is not copy protection, but permissions - permissions are something handleable. ***
- Efforts to obfuscate content on the back end is also rather pointless because it would never take much effort to decode, and once it is decoded, everything obfuscated is now decoded and a new scheme needs to be implemented.
- The copy protection industry has been noting the above and actually backing away from trying to protect content like this because of the futility of it. The “big four” music companies now release their content “protection”-free on all the major music sites, their reasoning being that trying to protect content was both annoying consumers and rather pointless - take a look at say the iPhone 3G, within two days of the release people had already produced cracks for it and it’s new-and-improved protection.
Adam Frisby
26 Jul 08 at 6:42 pm
[...] Finally, this is nothing that hasnt been said before. By default OpenSim - right now, supports your standard SL-flavoured permissions as the default permission module, it’s there today - yes you can swap one permission module with one that doesnt respect those, and yes you could remove it entirely. - Copy Protection Nuances [...]
Adam Frisby » Blog Archive » Copy Protection vs Permissions - again.
26 Jul 08 at 7:57 pm
Hi Adam,
I’m wondering if you might speak about this mantis issue a bit from your point of view as it I think pertains to this issue in some ways.
http://opensimulator.org/mantis/view.php?id=1784
Thank-you.
Terry Ford - aka Butch Arnold
http://www.3rdrockgrid.com
Terry Ford
16 Aug 08 at 4:10 am
Hi Terry,
That’s getting into a more complicated situation, probably a slight redesign is going to be needed there.
As far as I can tell there’s two issues at hand:
- 1. The permissions manager does not differentiate between say, being able to move/return/delete/reposition/mod objects, and being able to swipe them back to inventory - that definetely needs some fine tuning. (It also sounds like the inventory take code is not copying inworld permission bits properly, that’s definetely a bug.)
- 2. Region owners/operators are equivilent to your standard webhost, when you upload content onto a webserver (say like the one I put this site on), then the people with access to that server are going to be able to tweak it.
Estate/region owners have had powers over their regions for the same reason that webhosts do, but in some situations there will be cases where that’s not desired functionality - in that case, being able to disable the overrides via an option is probably a good feature to have.
I’ll go have a chat about it with the other devs and see if we can get those overrides set to a config option. (Although getting more detailed configurable ACL’s for the permissions manager is on the agenda at the moment, I think Melanie herself is working on that.)
Adam Frisby
16 Aug 08 at 7:26 pm
Thank-you for your time Adam your thoughts concerning this is very much appreciated.
Terry Ford
16 Aug 08 at 9:07 pm
Just an update: Melanie got those options in on #5892. See OpenSim.ini.example for usage.
Adam Frisby
17 Aug 08 at 6:00 am
[...] I have been following this for a long time, and there’s no question that Adam and other developers simply have no intention of attempting to mechanically engineer permissions implementations, or using c/m/t in any form, full stop. They duck and cover from this obvious copyleftist position by saying they will allow others to put it in if they wish, but that’s proved to be a sham. From Adam’s blog: Hi Adam, I’m wondering if you might speak about this mantis issue a bit from your point of view as it I think pertains to this issue in some ways. 0001784: Permissions Issue- Owner of land can take a copy of anything on their land which makes it full perms for them. - Mantis Thank-you. Terry Ford - aka Butch Arnold http://www.3rdrockgrid.com By Terry Ford on Aug 16, 2008 [...]
Central Grid Currency - Page 3 - SLUniverse Forums
17 Aug 08 at 6:30 pm
[...] OpenSim’s Adam Frisby’s follow-up on last Metaverse Meetup: “Copy Protection Nuanc… [...]
Annie Ok : tangent » interesting 7.27.08
4 Oct 08 at 2:07 pm