This is more like publishing hashes of a file you download. You can use it to verify the identity of an object, but that's it.

This differs from DRM in a fundamental way, namely that you are not required to do this. You can choose to ignore it if it turns out the object isn't authentic. Whereas DRM relies on making you enforce certain rules, and putting technological or legal barriers in your way to prevent you from breaking them.

True, at the right price points for tag and reader, it could be used as yet another tech for jerky DRM on consumables like printer ink.

But some hard-to-clone and viable-to-read tagging technologies can be very useful for purposes like authenticating genuine product (which consumers are starting to care about), for tracing graymarket items (sold in contract-violating ways, which some international brands care about), and for disrupting retail theft rings.

There's also engagement angles that a lot of brands want to add to the tech investment. (And there may also cost be savings/consolidation opportunities with packaging costs, and it can involve the industrial design, and affect branding, and involve manufacturing, and distribution, and retail, and multiple IT integrations, and field operatives. Which is how your enterprise sales meetings get 10x more stakeholders than the person charged with reducing counterfeiting.)

(I worked on applications of hard-to-clone tags a few years ago. Unfortunately, our startup launched its first factory integration just as Covid hit the US, which meant that investors and customers understandably both got skittish about the near future, we ran out of runway, and our talent scattered to the winds.)

I think it can enable DRM but the DRM in that case is in the digital device, not the object.

I mean it's basically a hard to replicate barcode.

If this can help ensure that I have, say, an authentic pacemaker, and not a counterfeit, I’ll accept it.

I think it will help your device to know whether you are using authentic HP cartridges or Nespresso capsules.

That’s already happening. If companies want to be assholes, we should boycott the company and demand they change. Things are worse than printer ink. Soon, I’ll have to subscribe to turn the heat on in my car.

I still want an authentic pacemaker.

Provenance != DRM.

The ability to prove the origin of something over "Source: dude trust me bro" is critical to a great number of people.

But sure, let's stick with "yeah nah, this piece of paper says what's in the box is in the box so it must be legit" because FOSS is gonna get salty about this.

It's especially important for physical devices that are shipped. To make sure that nobody stuck a couple of extra "implant" chips in your new laptop, or phone.

You can hear plenty about the use of xrays (and how unwieldy that is) to verify electronic circuits in some CCC videos. I commented about some of the challenges of false negatives in another version of this thread (which was strangely posted three times by MIT? Is reposting daily until you get traction acceptable behaviour - may have to try it myself some time :)