Please note that all submissions to the site are subject to the wiki's licence, CC 4.0 BY-SA, as found here
Digital rights management: Difference between revisions
add reference to Defective by Design |
Expand on DRM |
||
| Line 5: | Line 5: | ||
{{Quote|<I>DRM creates a damaged good; it prevents you from doing what would be possible without it. – Defective by Design</I><ref>https://www.defectivebydesign.org/what_is_drm</ref>}} | {{Quote|<I>DRM creates a damaged good; it prevents you from doing what would be possible without it. – Defective by Design</I><ref>https://www.defectivebydesign.org/what_is_drm</ref>}} | ||
== DRM in Video Content == | |||
Attempting to protect video content is one of the most common uses of DRM. The idea of using copy protection on video content predates the term "DRM", such as the "Automatic Gain Control" requirement in VCRs, to enforce the "Macrovision" copy protection scheme.<ref>[https://www.law.cornell.edu/uscode/text/17/1201#k_1_A 17 U.S. Code § 1201 - Circumvention of copyright protection systems, K.1.A.i]</ref><ref>[https://cs.stanford.edu/people/eroberts/courses/cs181/projects/1999-00/dmca-2k/macrovision.html Macrovision Demystified], Stanford CS181. </ref> This resulted in VCRs not being able to record commercial VHS tapes and DVDs. | |||
DVDs also feature the "Content Scramble System," which was cracked.<ref>http://www.cs.cmu.edu/~dst/DeCSS/FrankStevenson/mail1.txt</ref> Later, HD-DVD and Blu-Ray would implement the Advanced Access Content System.<ref>https://web.archive.org/web/20070302130221/http://www.aacsla.com/specifications/specs091/AACS_Spec_Common_0.91.pdf | |||
</ref> The AACS key was similarly cracked, and the AACS Licensing Administrator began to issue cease-and-desist letters to websites to which the key was posted.<ref>http://www.chillingeffects.org/notice.cgi?sID=03218</ref> | |||
To attempt to prevent ripping video via a capture card, modern displays, optical disc players, and computers use the High-Definition Content Protection system to encrypt display signals.<ref>https://www.digital-cp.com/about_dcp</ref> For example, [[Netflix 4K Stream Quality Controversy|Netflix will refuse]] to stream content at the full resolution that the customer has paid for if the user is not using an HDCP-enabled video card and display. | |||
== Issues with DRM == | |||
DRM, by definition, is designed to make content less compatible with devices. This means that there is an elevated chance of a software or hardware product refusing to play content due to buggy or overly-restrictive DRM. For example, with the aforementioned Netflix HDCP requirement, it is not enough for the display where you are going to watch the content to support HDCP - all monitors connected to the system must support it.<ref>https://old.reddit.com/r/pcmasterrace/comments/1avkwtb/netflix_requires_all_monitors_to_be_hdcp_22_how/</ref><ref>https://old.reddit.com/r/netflix/comments/mam2l9/how_do_i_get_netflix_working_at_4k_on_my_second/</ref><ref>https://help.netflix.com/en/node/23931</ref> This means that if you have a multi-monitor setup on your PC, you cannot use an older but perfectly working monitor as a secondary screen, without breaking Netflix's DRM. | |||
Such requirements are not always clearly disclosed. If they are disclosed, they are often buried in a ToS, or in the case of Netflix, require you to follow several links around the FAQ pages. Furthermore, some content may surreptitiously install DRM without the knowledge or consent of the user, such as in the Sony Rootkit scandal.<ref>https://web.archive.org/web/20150317040653/http://blogs.technet.com/b/markrussinovich/archive/2005/10/31/sony-rootkits-and-digital-rights-management-gone-too-far.aspx</ref> Such software may contain exploits that can compromise the security of the user's PC.<ref>https://web.archive.org/web/20061116191907/http://blog.washingtonpost.com/securityfix/2005/11/virus_writers_exploit_sony_ant.html</ref> | |||
DRM in video games is often implemented in such an intrusive manner that the game takes longer to load, and reduces framerate in the game.<ref>https://80.lv/articles/testing-reveals-games-with-denuvo-launch-up-to-four-times-slower/</ref> | |||
DRM failures can also come as a surprise. For example, with a YouTube Premium subscription, you can "Download videos to watch offline," but such videos are only available for 48 hours if you do not have an internet connection.<ref>https://support.google.com/youtube/answer/6141269</ref> This is confusing and problematic, as a user might want to download videos if they will know that they will not have an internet connection for a while. They may even take the extra step of turning off their internet connection to ensure that the videos still play offline. Once the 48 hours have expired, however, the user is surprised to find that the videos that they thought they had downloaded for offline consumption actually require an internet connection to work. | |||
=== Ineffectiveness of Audio and Video DRM === | |||
Non-interactive content such as audio and video is nearly impossible to protect from copying. Many HDMI splitters<ref>https://old.reddit.com/r/PS3/comments/19dohrh/bypassing_hdcp_in_2024/lbtqiky/</ref> and capture cards<ref>https://old.reddit.com/r/PS3/comments/19dohrh/bypassing_hdcp_in_2024/kj7cu60/ | |||
</ref> are capable of decrypting HDCP and copying the video stream. As long as at least one bypass exists at the HDCP level, all streaming content can be trivially ripped. | |||
Audio DRM is even more trivial to bypass, as the audio must be decrypted into a plain analog signal at some point in order to drive the physical speakers or headphones. | |||
=== Always-Online DRM === | |||
Some DRM requires a constant internet connection. While this may make sense in something that inherently requires an internet connection such as a streaming service or multiplayer-only video game, this has also been employed in games with single-player content, rendering the customer unable to use their purchase if they do not have an active internet connection.<ref>https://www.forbes.com/sites/erikkain/2012/05/17/diablo-iii-fans-should-stay-angry-about-always-online-drm/</ref> | |||
== References == | |||
Revision as of 18:38, 20 January 2025
Digital Rights Management (DRM) broadly refers to any kind of access control technology that is used to deliberately restrict the usage of media content or devices after the sale. It is typically used by a seller to prevent unauthorized distribution or replication of their product. Implementations of DRM can range from very simple (such as a basic disc check) to extremely complex executable binary protection (such as Denuvo).
DRM creates a damaged good; it prevents you from doing what would be possible without it. – Defective by Design[1]
DRM in Video Content
Attempting to protect video content is one of the most common uses of DRM. The idea of using copy protection on video content predates the term "DRM", such as the "Automatic Gain Control" requirement in VCRs, to enforce the "Macrovision" copy protection scheme.[2][3] This resulted in VCRs not being able to record commercial VHS tapes and DVDs.
DVDs also feature the "Content Scramble System," which was cracked.[4] Later, HD-DVD and Blu-Ray would implement the Advanced Access Content System.[5] The AACS key was similarly cracked, and the AACS Licensing Administrator began to issue cease-and-desist letters to websites to which the key was posted.[6]
To attempt to prevent ripping video via a capture card, modern displays, optical disc players, and computers use the High-Definition Content Protection system to encrypt display signals.[7] For example, Netflix will refuse to stream content at the full resolution that the customer has paid for if the user is not using an HDCP-enabled video card and display.
Issues with DRM
DRM, by definition, is designed to make content less compatible with devices. This means that there is an elevated chance of a software or hardware product refusing to play content due to buggy or overly-restrictive DRM. For example, with the aforementioned Netflix HDCP requirement, it is not enough for the display where you are going to watch the content to support HDCP - all monitors connected to the system must support it.[8][9][10] This means that if you have a multi-monitor setup on your PC, you cannot use an older but perfectly working monitor as a secondary screen, without breaking Netflix's DRM.
Such requirements are not always clearly disclosed. If they are disclosed, they are often buried in a ToS, or in the case of Netflix, require you to follow several links around the FAQ pages. Furthermore, some content may surreptitiously install DRM without the knowledge or consent of the user, such as in the Sony Rootkit scandal.[11] Such software may contain exploits that can compromise the security of the user's PC.[12]
DRM in video games is often implemented in such an intrusive manner that the game takes longer to load, and reduces framerate in the game.[13]
DRM failures can also come as a surprise. For example, with a YouTube Premium subscription, you can "Download videos to watch offline," but such videos are only available for 48 hours if you do not have an internet connection.[14] This is confusing and problematic, as a user might want to download videos if they will know that they will not have an internet connection for a while. They may even take the extra step of turning off their internet connection to ensure that the videos still play offline. Once the 48 hours have expired, however, the user is surprised to find that the videos that they thought they had downloaded for offline consumption actually require an internet connection to work.
Ineffectiveness of Audio and Video DRM
Non-interactive content such as audio and video is nearly impossible to protect from copying. Many HDMI splitters[15] and capture cards[16] are capable of decrypting HDCP and copying the video stream. As long as at least one bypass exists at the HDCP level, all streaming content can be trivially ripped.
Audio DRM is even more trivial to bypass, as the audio must be decrypted into a plain analog signal at some point in order to drive the physical speakers or headphones.
Always-Online DRM
Some DRM requires a constant internet connection. While this may make sense in something that inherently requires an internet connection such as a streaming service or multiplayer-only video game, this has also been employed in games with single-player content, rendering the customer unable to use their purchase if they do not have an active internet connection.[17]
References
- ↑ https://www.defectivebydesign.org/what_is_drm
- ↑ 17 U.S. Code § 1201 - Circumvention of copyright protection systems, K.1.A.i
- ↑ Macrovision Demystified, Stanford CS181.
- ↑ http://www.cs.cmu.edu/~dst/DeCSS/FrankStevenson/mail1.txt
- ↑ https://web.archive.org/web/20070302130221/http://www.aacsla.com/specifications/specs091/AACS_Spec_Common_0.91.pdf
- ↑ http://www.chillingeffects.org/notice.cgi?sID=03218
- ↑ https://www.digital-cp.com/about_dcp
- ↑ https://old.reddit.com/r/pcmasterrace/comments/1avkwtb/netflix_requires_all_monitors_to_be_hdcp_22_how/
- ↑ https://old.reddit.com/r/netflix/comments/mam2l9/how_do_i_get_netflix_working_at_4k_on_my_second/
- ↑ https://help.netflix.com/en/node/23931
- ↑ https://web.archive.org/web/20150317040653/http://blogs.technet.com/b/markrussinovich/archive/2005/10/31/sony-rootkits-and-digital-rights-management-gone-too-far.aspx
- ↑ https://web.archive.org/web/20061116191907/http://blog.washingtonpost.com/securityfix/2005/11/virus_writers_exploit_sony_ant.html
- ↑ https://80.lv/articles/testing-reveals-games-with-denuvo-launch-up-to-four-times-slower/
- ↑ https://support.google.com/youtube/answer/6141269
- ↑ https://old.reddit.com/r/PS3/comments/19dohrh/bypassing_hdcp_in_2024/lbtqiky/
- ↑ https://old.reddit.com/r/PS3/comments/19dohrh/bypassing_hdcp_in_2024/kj7cu60/
- ↑ https://www.forbes.com/sites/erikkain/2012/05/17/diablo-iii-fans-should-stay-angry-about-always-online-drm/