DRM and Download FAQ content protection used on Ovi

[jimgilmour1]

Hi,
DRM 1.0 will be used in Ovi Store here is the FAQ.
This thread is for Opinions and comments on DRM 1.0

http://www.forum.nokia.com/Resources...load/FAQ.xhtml

Jim

[jimgilmour1]

Hi,

This Wiki article shows how to protect FlashLite using DRM
see http://wiki.forum.nokia.com/index.ph...th_OMA_DRM_1.0

Jim

[jimgilmour1]

Hi,
The two commonly asked questions seems to have missed the FAQ.
Just found in an past posting by some one who knows better

Q:1: Why we can not download DRM 1.0 Forward lock content using BT or IRdA?

Ans: content downloading supports only http protocol.


Q:2:Problem with OMA- DRM downloading method i.e. with *.dd file:

Ans: Please specify, proper MIME type, size and most important is its web address.

[jimgilmour1]

Hi,
The DRM Developers guide helps by describing the DRM files .dm and Forward Locking in detail

DRM Developer Guide 3.0


Note this is not c++ coding but description of files generated .dm .dd


Jim

[jimgilmour1]

Hi,
One of the Forum Nokia Champion's published an article on Flash Lite packaging (NFL) for Nokia Series 40 and OMA DRM 1.0 Forward Lock

Jim

[m00gl3]

Hi,
Thank you for these files.

It was a bit of trouble to install NMIT 4.1 on Vista.
So first of all, the trick is to right click the installation file->properties and choose Windows XP in compatiblity mode (I also set "Run as Administrator). This installs NMIT perfectly.

I then read the DRM developer guide. The steps as I see them for S60 applications is:
1) Create what's calld a PIP file, which is a zip containing the SIS and a datafiles.DEF file (which is a normal text file). The DEF file should be in this format:

application
level1.dat
level2.dat
level3.dat
registry.dat text/plain c:\system\data\appregistry.dat
trailer.mpg video/mpeg

Where the .dat files and .mpg files are resource files if you need them (page 14). I only use a SIS file so my zip contained the DEF file with only the "application" line and the SIS file.

2) Create a DM Message in NMIT. Choose the ZIP file and Forward-lock and click Save.

That's it! [also I would like to mention that this is only done for the FULL version of my application. The demo version does not need a DRM protection)

Now, my question is: Do I upload this DM file when I submit files to Ovi? Don't they need a SIS file upload?!

[jimgilmour1]

Hi,

There may be some confusion here. The DRM creation in this case is to allow your application to sense and detect DRM and to make sure your application still runs whist using DRM.

Now, my question is: Do I upload this DM file when I submit files to Ovi? Don't they need a SIS file upload?!

Yes this is exactly as before they need a "signed" sis file, otherwise there will be messages on install.

The thread How does the Ovi Store implement Forward Lock (for native S60 apps)?.

Was asking how to detect DRM and to do that you need to setup a DRM download and see how the appliction will detect this.

The DRM is put on to your submitted signed .sis file via the Nokia download server and delivered as encrypted files which can only be unlock with the DRM key and phones firmware.

Sorry if this lead to any confusion.
Jim

[m00gl3]

Hi,

There may be some confusion here. The DRM creation in this case is to allow your application to sense and detect DRM and to make sure your application still runs whist using DRM.




Yes this is exactly as before they need a "signed" sis file, otherwise there will be messages on install.

The thread How does the Ovi Store implement Forward Lock (for native S60 apps)?.

Was asking how to detect DRM and to do that you need to setup a DRM download and see how the appliction will detect this.

The DRM is put on to your submitted signed .sis file via the Nokia download server and delivered as encrypted files which can only be unlock with the DRM key and phones firmware.

Sorry if this lead to any confusion.
Jim

Hi Jim,
I am still confused.

I DO NOT need to DRM my SIS file using NMIT?
Do I upload a full version SIS file (and not DM file) to the Ovi store, and Nokia deals with the DRM for me?

Is this correct?
Nokia generates their own DM files and that is what is sent to the device when the user downloads/purchases the application on the Ovi store?

[1] Do we need to make TWO versions for EACH application?
1) Full version (Content Type = "Amount $"?)
2) Demo version with 12-day expiration period (Content Type = FREE?)

[2] Also, once the demo is over, to what link do I forward the user? (we have a dialog saying "This demo has expired. To get the full version, please visit URL" - what is the URL the user should visit?

[3] And if we need two versions for EACH app - that will cost us 40$ (both the demo and the full version have to be signed). Is this correct?!

[jimgilmour1]

Hi Jim,
I am still confused.

I DO NOT need to DRM my SIS file using NMIT?
Do I upload a full version SIS file (and not DM file) to the Ovi store, and Nokia deals with the DRM for me?

Is this correct?
Nokia generates their own DM files and that is what is sent to the device when the user downloads/purchases the application on the Ovi store?

Yes thats right!

[1] Do we need to make TWO versions for EACH application?
1) Full version (Content Type = "Amount $"?)
2) Demo version with 12-day expiration period (Content Type = FREE?)

Yes thats right

[2] Also, once the demo is over, to what link do I forward the user? (we have a dialog saying "This demo has expired. To get the full version, please visit URL" - what is the URL the user should visit?

Well IMHO this is http://store.ovi.com/. This is the store front currently and all the adverts for users got to this address this is the address I CAN login at as an Ovi user. Registered ages ago to use Ovi.
IMHO there will not be a need for a real link when the Ovi store application becomes available which should integrate with Ovi phone application on the N95 (F/W version 21.1.0) etc

[3] And if we need two versions for EACH app - that will cost us 40$ (both the demo and the full version have to be signed). Is this correct?!

Yes this seems the case BTW $20 is for Java!, no standard price for symbian has been published
Jim

[briansmith]

The $20 price is for Symbian Express Signed. Java Verified is *much* more expensive than that.

[jimgilmour1]

The $20 price is for Symbian Express Signed. Java Verified is *much* more expensive than that.

Hi Brian,

Yes I forgot about the initial sign on fee of $200.
On the Webinar these were the quoted prices

What would be the speculative price for Euros and GBP (£) pounds.
With the exchange rates at the moment VERY expensive.

Looking round the Internet one off price without sign on fee is very high.
Thanks,
Jim

[jimgilmour1]

all,

There is lots of useful information on DRM in the webinar Packaging, DRM, and Distributing Flash Lite Content 2009-3-18

Update: - from webinar is the link for Flash from Adobe How to protect Flash Lite content with OMA DRM 1.0


Jim

[ilsocio]

Hi Jim,
I want to share here mine concerns as developer and company owner, about the DRM Forward-Lock protection.

Currenly, when an application gets cracked, its certification became invalid, so at least, users needs to obtain a DevCert in order to properly install the cracked application in their devices...

The problem with the DRM Forward-Lock protection is that is possible to obtain the again the .sisx certified file, crackers just need to remove the DRM wrapper and after they did it, the applications will be exposed to mass-piracy, because anyone will be able to install the plain and certified .sisx file without needed of DevCert.

P.S.
About the DevCert spreading, it would be appreciated if Nokia/Symbian will start to do something to protect developers against piracy!
If an entity which claims to be a company, has ZERO applications, but keep requesting dozen of DevCert every week (note each DevCert can contain 1000 imei) then probably it's NOT for develop purposes and it's not hard to guess that it's for piracy purposes, isn't it?!?
Just introduce a black-list of PublisherID in the DevCert request process and you'll make happy a lot of developers.

Give them the opportunity to upload a PublisherID private key in the black list and you'll make them twice happy!! (The PublicherID private key of the cracking group of course)
As every developer knows, the private key must be kept secret, but when the DevCert is used for cracking purposes, it needs to be publicly shared in order to allow users to use their DevCert.
A simple webpage to allow everyone to upload the PublisherID private key (which of course has been compromized) in the black list, will definitely kill the piracy... All done in a working day.

Marco.

[jimgilmour1]

Hi Jim,
I want to share here mine concerns as developer and company owner, about the DRM Forward-Lock protection.

Currenly, when an application gets cracked, its certification became invalid, so at least, users needs to obtain a DevCert in order to properly install the cracked application in their devices...

The problem with the DRM Forward-Lock protection is that is possible to obtain the again the .sisx certified file, crackers just need to remove the DRM wrapper and after they did it, the applications will be exposed to mass-piracy, because anyone will be able to install the plain and certified .sisx file without needed of DevCert.

...
Marco.

Hi Marco,
I agree everything you say. On DRM using version 2 drm with Public Key system would provide more protection. On DevCert, You have probably found an exposed a problem that Symbian/Nokia should look into. Well dont know any process to get this registered. This is certainly an abuse of DevCert process and should be stopped.

In a past posting I suggested that the app stopped working if the DRM had been removed, but this looks technically very hard as the DRM tokens are hidden without other capabilities beyond express signed,costing more money.

Jim

[jimgilmour1]

Hi
Forum Nokia Champions have written new articles on the Forum Nokia Wiki
How to protect Flash Lite content with OMA DRM 1.0 when content is packaged into a Symbian installer .sis


This is article written on WRT protection
How to protect WRT widgets with OMA DRM 1.0

Have you ever wanted to set up a local webserver to test DRM, well read this article

How to use Vista personal webserver to test OMA DRM 1.0
by adding MIME types.