Welcome to DRM Hell
As the amount of premium content used and played on PCs has increased over the past few years, so-called digital rights management (DRM) and other content-protection technologies have also seen a dramatic – and corresponding – rise in popularity and sophistication. Two major players in the rise of DRM have been Microsoft and Apple. In this article we will take a look at the future of pervasive DRM and what that means for the end user. Is the future of content a dark, post-apocalyptic nightmare of encrypted license files and protected video paths – DRM Hell? Or will it be a paradise of content and new content distribution models made possible by DRM?
At the moment, premium content played in Windows XP – and most other operating systems, for that matter – is “vulnerable” in a number of ways. Even if the software side of the equation is secure, in many cases these measures can be circumvented. The lowest-common-denominator attack is the “play and record” attack, where a user plays the premium content and then plugs the outputs of the computer – audio and video – into a recording device. The upcoming Windows Vista will include Protected Video Path Output Protection Management (PVP-OPM), a system which essentially allows content to contain flags determining what protection is required on the outputs of a PC. If these requirements are not met, those outputs will be blocked. So for example, you could conceivable download a movie which requires High-bandwidth Digital Content Protection (HDCP) encryption for the display adapter; if you don’t have a compatible display/video card combination then you basically won’t be able to watch the video. HDCP has been around for a few years, but many LCD monitors and projectors do not support it. HDCP requires DVI.
At first this sounds pretty close to DRM Hell. It is easy to imagine a scenario where an unsuspecting consumer buys a video and is then completely unable to watch it without buying a new monitor. Although this is certainly bad news, it is important to remember that this is an optional feature of video playback in Windows Vista and most content providers will probably avoid such heavy-handed measures as most computers currently in existence do not support HDCP – or even DVI for that matter.
Along these same lines, another low-end attack commonly used is drivers or kernel mode software which monitors the video and audio outputs of the computer and writes them to disk. In Vista it appears that process isolation and a kernel-mode monitor will block this type of attack – at least for the most part. This change will almost certainly displease hackers and college students everywhere, but is certainly much less obnoxious to the typical user than PVP-OPM, as it is really nothing more than a security improvement to the software operating environment.