Thursday, August 23, 2007

E-Tickets and copy protection

(Back in the day, back before my day, "e-ticket" meant the best rides at Disneyland -- or maybe the Pasadena Freeway. I forget.)

Two questions come to mind about buying tickets to a events online:
  • Do they have to call the because-we-can and the because-the-venue-can fees "convenience charges"? Just exactly whose convenience are we talking about here?
  • Copy protection always fails. Why doesn't that matter here?
I can't answer the first one, but the second one is easy. You can make as may copies of an electronic ticket as you want. Knock yourself out. All you're really doing is copying a number. But you can only use that number once.

It says so right on the ticket, something like "This ticket may only be scanned once." If someone gets hold of one of the copies you've made and they get to the gate first, you're out of luck. Sorry, that ticket, meaning the magic number and not the piece of paper it's on, has already been used.

That's interesting, actually. You can make as many copies as you want, but you don't want to make any more than you have to. Enforcement is by incentive, not prohibition. This is a bit different from airline tickets, which are tied to an individual so that the would-be ticket thief will also need to forge your ID. I remember being a bit surprised that I didn't have to show ID to use an e-ticket to a show.

The underlying principle is that copy protection exists in the physical world. Things can only be in one place at a time and a particular event only happens once. To limit copy protection in the virtual world, you have to tie your virtual object to something the physical world, either an object or an event.

Copy protection based on objects has a long history. It worked fine when copying was physically difficult. Printing a book ties the virtual object (the contents of the book) to physical ink on a physical page. For centuries this was something most people couldn't easily do. Even with a photocopier, it's not something most people could do very cheaply or easily.

Since this approach worked so well it's no surprise that a lot of early copy protection schemes tried to emulate it. I remember writing code to talk to a dongle that hung off the printer port of a PC every so often to make sure the thing was still there and shut down the application if it wasn't.

The dongle itself was (according to its manufacturer) based on strong encryption, so you weren't going to be able to make a working copy of the dongle for your friend without factoring some infeasible-to-factor numbers. But I could never figure out why you'd have to.

The tie between the virtual object (the app) and the physical one (the dongle) was inherently weak. It couldn't be too hard for someone to figure out what part of the code talked to the dongle and replace it with something that only pretended to.

I remember spending quite a bit of time trying to design dodges like putting the dongle-handling code in some encrypted dynamic module, but it never took long to figure out a way around that, too. I'm pretty sure I later ran across papers in the literature saying the same thing more rigorously, and evidently the market came to the same conclusion. You don't see dongles anymore.

The same basic story has played out repeatedly. CDs worked fine until everyone had a CD burner (so copying the CD was easy) or an MP3 player (cutting the virtual/physical tie so you didn't need a CD player to hear a song). DVDs are more or less in the same boat now (and I'm not even talking about CSS).

The iPod effectively tried to tie iTunes songs to the player, but Apple's heart was never really in it. If nothing else you could burn songs to CD and re-rip them for your favorite player (so much for CDs as a copy-protection mechanism!). Certain recent operating systems appear to try to tie playback to physical artifacts like MAC addresses, but at this point I'm thinking I've seen this movie before and I know how it ends.

On the other hand, tying virtual objects to events seems to fare rather better. E-tickets work fine and rake in tons of money in because-we-can fees. Smartcard-based authentication systems are a variation of the same theme. A particular magic number will only flash on the display once and the server knows when that will happen.

I'm not sure how broadly this applies, though. In both the cases above the virtual object is the key to something physical of interest. It's not the object of interest itself. If it's the (virtual) content that's of interest, it's not clear that the tie to the physical world can ever be ironclad.

I was about to cite live broadcasting as an example, but this really depends on control of the broadcast mechanism. There's no technical reason I couldn't take the picture on my TV screen and stream it to all my friends and have a big virtual pay-per-view party. I personally don't have the bandwidth for such things, not to mention it being illegal, but the bandwidth will be there sooner or later and illegality won't deter everyone.

Other models are on even shakier technical ground. Producing an advertising-free public copy of a particular news source or private database is not a problem technically. It's an interesting question why it doesn't happen more.

Is it because The Man can come after someone who put up such a site (and why put it up unless lots of people will find out about it)? Is it because people don't like breaking the law? Is it because most people intuitively understand that if writers can't make money there won't be any content to steal? Or is it maybe because people just don't mind ads that much and it's not worth trying to pirate the content?

My guess is that it's a combination of all of those factors. It has to be something. Technology is not going to protect content. For most mass-market applications "strong" copy protection, where the virtual/physical tie is inherently strong and does not depend on control of some particular mechanism, seems doomed from the beginning.

That leaves a web (if you will) of legal and social constructs. Same as makes the rest of the world go round.

No comments: