April 19, 2006 | By Fred von Lohmann

DMCA Encourages Bad Security

Professor Ed Felten has been posting this week (1, 2, 3) about HDCP, a content protection technology rapidly becoming ubiquitous in the world of high-def video, whether from your cable, satellite, or next-gen Blu-Ray/HD DVD player.

Apparently, HDCP has serious security weaknesses, Hollywood knew it, and everyone went ahead with it anyway. So it won't stop "pirates," but it will create incompatibilities for regular movie fans for years to come.

Why? Because the developers were dumb? Because they were desperate to stop piracy? Nope. Felten explains:

A much more plausible answer is that HDCP encryption exists only as a hook on which to hang lawsuits. For example, if somebody makes unlicensed displays or format converters, copyright owners could try to sue them under the DMCA for circumventing the encryption. (Also, converter box vendors who accepted HDCP's license terms might sue vendors who didn't accept those terms.) The price of enabling these lawsuits is to add the cost of 10,000 gates to every high-def TV or video source, and to add another way in which high-def video devices can be incompatible.

So, in other words, the DMCA gives Hollywood a strong incentive to deploy cheap, weak security systems in order to get legal leverage over technology companies, rather than investing in good security.


Deeplinks Topics

Stay in Touch

NSA Spying

EFF is leading the fight against the NSA's illegal mass surveillance program. Learn more about what the program is, how it works, and what you can do.

Follow EFF

In all, @agcrocker addressed the appeals court on NSLs for more than 25 minutes. Here's the full recording. https://youtu.be/ccS06CFkZ5M

Mar 24 @ 1:09pm

EFF in appeals court: @agcrocker explains how national security letters are unconstitutional in under 37 seconds https://www.youtube.com/watch...

Mar 24 @ 1:07pm

Without limits on digital border searches, the new laptop travel ban makes travelers feel less secure, not more: https://www.eff.org/deeplinks...

Mar 23 @ 2:09pm
JavaScript license information