Bruce Schneier on DRM *bugs*

Bruce Schneier writes at:

http://www.schneier.com/blog/archives/2006/09/microsoft_and_f.html

and at:

http://www.wired.com/news/columns/0,71738-0.html

Last week, a hacker developed an application called FairUse4WM that
strips the copy protection from Windows Media DRM 10 and 11 files.


Now, this isn't a "vulnerability" in the normal sense of the word:
digital rights management is not a feature that users want. Being able to
remove copy protection is a good thing for some users, and completely
irrelevant for everyone else. No user is ever going to say: "Oh no. I can
now play the music I bought for my computer in my car. I must install a
patch so I can't do that anymore."


But to Microsoft, this vulnerability is a big deal. It affects the
company's relationship with major record labels. It affects the company's
product offerings. It affects the company's bottom line. Fixing this
"vulnerability" is in the company's best interest; never mind the
customer.


So Microsoft wasted no time; it issued a patch three days after learning
about the hack. There's no month-long wait for copyright holders who rely
on Microsoft's DRM.


This clearly demonstrates that economics is a much more powerful
motivator than security.