Digital rights management: Difference between revisions
m Fixed some phrasing. Notify me on the discord if there's any other tone that needs fixing, really want that tag gone... Tags: Mobile edit Mobile web edit Visual edit |
No edit summary |
||
| Line 13: | Line 13: | ||
Attempting to protect video content is one of the most common uses of DRM. The idea of using copy protection on video content predates the term "DRM", one early example being the "Automatic Gain Control" requirement in VCRs used to enforce the "Macrovision" copy protection scheme.<ref>[https://www.law.cornell.edu/uscode/text/17/1201#k_1_A 17 U.S. Code § 1201 - Circumvention of copyright protection systems, K.1.A.i]</ref><ref>[https://cs.stanford.edu/people/eroberts/courses/cs181/projects/1999-00/dmca-2k/macrovision.html Macrovision Demystified], Stanford CS181. </ref> This requirement resulted in VCRs not being able to record commercial VHS tapes{{citation needed}}. | Attempting to protect video content is one of the most common uses of DRM. The idea of using copy protection on video content predates the term "DRM", one early example being the "Automatic Gain Control" requirement in VCRs used to enforce the "Macrovision" copy protection scheme.<ref>[https://www.law.cornell.edu/uscode/text/17/1201#k_1_A 17 U.S. Code § 1201 - Circumvention of copyright protection systems, K.1.A.i]</ref><ref>[https://cs.stanford.edu/people/eroberts/courses/cs181/projects/1999-00/dmca-2k/macrovision.html Macrovision Demystified], Stanford CS181. </ref> This requirement resulted in VCRs not being able to record commercial VHS tapes{{citation needed}}. | ||
Starting in 1996 DVDs started to feature the "Content Scramble System" (CSS), an encryption based DRM. CSS was successfully | Starting in 1996 DVDs started to feature the "Content Scramble System" (CSS), an encryption based DRM. CSS was successfully circumventented as early as 1999, less than five years after its introduction in 1996, partly due to the limited length of 40-bits the encryption key, used to comply with US government export regulation of the time.<ref>http://www.cs.cmu.edu/~dst/DeCSS/FrankStevenson/mail1.txt</ref><ref>[https://web.archive.org/web/20000302000206/http://www.dvd-copy.com/news/cryptanalysis_of_contents_scrambling_system.htm "Cryptanalysis of Contents Scrambling System", Frank A. Stevenson, archived from dvd-copy.com]</ref> Following this DVDs as well as HD-DVD and Blu-Ray would implement various other DRM, one of them being the "Advanced Access Content System".<ref>https://web.archive.org/web/20070302130221/http://www.aacsla.com/specifications/specs091/AACS_Spec_Common_0.91.pdf | ||
</ref> When the AACS key was similarly extracted the AACS Licensing Administrator began to issue cease-and-desist letters to websites to which the key was posted.<ref>http://www.chillingeffects.org/notice.cgi?sID=03218</ref> Another form of Blu-Ray DRM, [[Cinavia]], uses a form of audio watermarking that makes certain | </ref> When the AACS key was similarly extracted the AACS Licensing Administrator began to issue cease-and-desist letters to websites to which the key was posted.<ref>http://www.chillingeffects.org/notice.cgi?sID=03218</ref> Another form of Blu-Ray DRM, [[Cinavia]], uses a form of audio watermarking that makes certain releases unplayable in devices that are not equipped to recognize it, a notable example being Sony's Playstation 3.<ref>https://www.anandtech.com/show/5693/cinavia-drm-how-i-learned-to-stop-worrying-and-love-blurays-selfdestruction/2</ref> | ||
To attempt to prevent ripping video via a capture card, modern displays, optical disc players, and computers use the High-Definition Content Protection system to encrypt display signals.<ref>https://www.digital-cp.com/about_dcp</ref> For example, [[Netflix stream-quality controversy|Netflix will refuse]] to stream content at the full resolution that the customer has paid for if the user is not using an HDCP-enabled video card and display. | To attempt to prevent ripping video via a capture card, modern displays, optical disc players, and computers use the High-Definition Content Protection system to encrypt display signals.<ref>https://www.digital-cp.com/about_dcp</ref> For example, [[Netflix stream-quality controversy|Netflix will refuse]] to stream content at the full resolution that the customer has paid for if the user is not using an HDCP-enabled video card and display. | ||
==DRM in audio content== | ==DRM in audio content== | ||
DRM's strangest inclusion was within audio content, which was not quite commonly put to use due to audio's analog nature compared to video and software, which made it questionable to be capable of blocking the replication of the data. The most notable application of audio DRM was [[MediaMax]]<ref>https://en.wikipedia.org/wiki/MediaMax</ref>, which essentially functioned as malware to combat simply playing these audio discs on [[Windows]] and [[MacOS]] operating systems. There was also the less-notable [[Extended Copy Protection]]<ref>https://en.wikipedia.org/wiki/Extended_Copy_Protection</ref> (XCP) DRM, however it did leave [[Sony]] in hot water<ref>https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal</ref>, dubbing this form of DRM also as the Sony Rootkit | DRM's strangest inclusion was within audio content, which was not quite commonly put to use due to audio's analog nature compared to video and software, which made it questionable to be capable of blocking the replication of the data. The most notable application of audio DRM was [[MediaMax]]<ref>https://en.wikipedia.org/wiki/MediaMax</ref>, which essentially functioned as malware to combat simply playing these audio discs on [[Windows]] and [[MacOS]] operating systems. There was also the less-notable [[Extended Copy Protection]]<ref>https://en.wikipedia.org/wiki/Extended_Copy_Protection</ref> (XCP) DRM, however it did leave [[Sony]] in hot water<ref>https://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal</ref>, dubbing this form of DRM also as the Sony Rootkit. | ||
==DRM in software== | ==DRM in software== | ||
Most in the DRM discussion often correlate the usage of DRM to the protection of software in some form, from the simple product key, to the infamous [[Denuvo]] DRM. Historically, DRM started off with more simple physical techniques; decoder wheels and LensLok<ref>https://en.wikipedia.org/wiki/Lenslok</ref>. The efficacy of these systems varied, and many cracking groups simply found ways around this system, especially since 2nd-hand copies of software that used these primitive forms of DRM could easily become lost or damaged, or worse, not even function with some forms of hardware.<ref>https://www.eurogamer.net/banging-the-drm-article?page=2</ref> This has sparked essentially a game of cat and mouse that continues to fester especially for the gaming community to this day. | Most in the DRM discussion often correlate the usage of DRM to the protection of software in some form, from the simple product key, to the infamous [[Denuvo]] DRM. Historically, DRM started off with more simple physical techniques; decoder wheels and LensLok<ref>https://en.wikipedia.org/wiki/Lenslok</ref>. The efficacy of these systems varied, and many cracking groups simply found ways around this system, especially since 2nd-hand copies of software that used these primitive forms of DRM could easily become lost or damaged, or worse, not even function with some forms of hardware.<ref>https://www.eurogamer.net/banging-the-drm-article?page=2</ref> This has sparked essentially a game of cat and mouse that continues to fester especially for the gaming community to this day. | ||
== | ==Consumer rights issues with DRM== | ||
DRM, by definition, is designed to make content less compatible with devices. This means that there is an elevated chance of a software or hardware product refusing to play content due to buggy or overly-restrictive DRM. For example, with the aforementioned Netflix HDCP requirement, it is not enough for the display where you are going to watch the content to support HDCP - all monitors connected to the system must support it.<ref>https://old.reddit.com/r/pcmasterrace/comments/1avkwtb/netflix_requires_all_monitors_to_be_hdcp_22_how/</ref><ref>https://old.reddit.com/r/netflix/comments/mam2l9/how_do_i_get_netflix_working_at_4k_on_my_second/</ref><ref>https://help.netflix.com/en/node/23931</ref> This means that if you have a multi-monitor setup on your PC, you cannot use an older but perfectly working monitor as a secondary screen, without breaking Netflix's DRM. | DRM, by definition, is designed to make content less compatible with devices. This means that there is an elevated chance of a software or hardware product refusing to play content due to buggy or overly-restrictive DRM. For example, with the aforementioned Netflix HDCP requirement, it is not enough for the display where you are going to watch the content to support HDCP - all monitors connected to the system must support it.<ref>https://old.reddit.com/r/pcmasterrace/comments/1avkwtb/netflix_requires_all_monitors_to_be_hdcp_22_how/</ref><ref>https://old.reddit.com/r/netflix/comments/mam2l9/how_do_i_get_netflix_working_at_4k_on_my_second/</ref><ref>https://help.netflix.com/en/node/23931</ref> This means that if you have a multi-monitor setup on your PC, you cannot use an older but perfectly working monitor as a secondary screen, without breaking Netflix's DRM. | ||
Such requirements are not always clearly disclosed. If they are disclosed, they are often buried in a ToS, or in the case of Netflix, require you to follow several links around the FAQ pages. Furthermore, some content may surreptitiously install DRM without the knowledge or consent of the user, such as in the Sony Rootkit scandal.<ref>https://web.archive.org/web/20150317040653/http://blogs.technet.com/b/markrussinovich/archive/2005/10/31/sony-rootkits-and-digital-rights-management-gone-too-far.aspx</ref> Such software may contain exploits that can compromise the security of the user's PC.<ref>https://web.archive.org/web/20061116191907/http://blog.washingtonpost.com/securityfix/2005/11/virus_writers_exploit_sony_ant.html</ref> | Such requirements are not always clearly disclosed. If they are disclosed, they are often buried in a ToS, or in the case of Netflix, require you to follow several links around the FAQ pages. Furthermore, some content may surreptitiously install DRM without the knowledge or consent of the user, such as in the Sony Rootkit scandal.<ref>https://web.archive.org/web/20150317040653/http://blogs.technet.com/b/markrussinovich/archive/2005/10/31/sony-rootkits-and-digital-rights-management-gone-too-far.aspx</ref> Such software may contain exploits that can compromise the security of the user's PC.<ref>https://web.archive.org/web/20061116191907/http://blog.washingtonpost.com/securityfix/2005/11/virus_writers_exploit_sony_ant.html</ref> | ||
DRM in video games has frequently been implemented in an intrusive manner where the performance of the game and load times are | DRM in video games has frequently been implemented in an intrusive manner where the performance of the game and load times are noticeably poorer.<ref>https://80.lv/articles/testing-reveals-games-with-denuvo-launch-up-to-four-times-slower/</ref> This behavior has been more due to negligent usage of the DRM rather than anything that can be directly attributed to malicious behavior. | ||
DRM failures can also come as a surprise. For example, with a YouTube Premium subscription, you can "Download videos to watch offline," but such videos are only available for 48 hours if you do not have an internet connection.<ref>https://support.google.com/youtube/answer/6141269</ref> This is confusing and problematic, as a user might want to download videos if they will know that they will not have an internet connection for a while. They may even take the extra step of turning off their internet connection to ensure that the videos still play offline. Once the 48 hours have expired, however, the user is surprised to find that the videos that they thought they had downloaded for offline consumption actually require an internet connection to work. | DRM failures can also come as a surprise. For example, with a YouTube Premium subscription, you can "Download videos to watch offline," but such videos are only available for 48 hours if you do not have an internet connection.<ref>https://support.google.com/youtube/answer/6141269</ref> This is confusing and problematic, as a user might want to download videos if they will know that they will not have an internet connection for a while. They may even take the extra step of turning off their internet connection to ensure that the videos still play offline. Once the 48 hours have expired, however, the user is surprised to find that the videos that they thought they had downloaded for offline consumption actually require an internet connection to work. | ||
===Ineffectiveness of audio and video DRM=== | ===Ineffectiveness of audio and video DRM=== | ||
Non-interactive content such as audio and video is nearly impossible to protect from copying. Many HDMI splitters<ref>https://old.reddit.com/r/PS3/comments/19dohrh/bypassing_hdcp_in_2024/lbtqiky/</ref> and capture cards<ref>https://old.reddit.com/r/PS3/comments/19dohrh/bypassing_hdcp_in_2024/kj7cu60/ | Non-interactive content such as audio and video is nearly impossible to protect from copying once it is distributed to the consumer. Many HDMI splitters<ref>https://old.reddit.com/r/PS3/comments/19dohrh/bypassing_hdcp_in_2024/lbtqiky/</ref> and capture cards<ref>https://old.reddit.com/r/PS3/comments/19dohrh/bypassing_hdcp_in_2024/kj7cu60/ | ||
</ref> are capable of decrypting HDCP and copying the video stream. As long as at least one bypass exists at the HDCP level, all streaming content can be trivially ripped. | </ref> are capable of decrypting HDCP and copying the video stream. As long as at least one bypass exists at the HDCP level, all streaming content can be trivially ripped. | ||
Audio DRM is | Audio DRM is trivial to bypass, as the audio must be decrypted into a plain analog signal in order to drive physical speakers or headphones. | ||
===DRM degradation=== | ===DRM degradation=== | ||
The development of some forms of DRM, such as Games For Windows Live<ref>https://en.wikipedia.org/wiki/Games_for_Windows_%E2%80%93_Live</ref>, are reliant on special processes within some operating systems that end up becoming unsupported or depreciated as time goes on. Legacy [[SecuROM]]-protected titles (released roughly between 1998 and 2005) are notoriously known for not running on operating systems newer than Windows XP<ref>https://www.lucadamico.dev/papers/drms/securom/ArabianNights.pdf</ref><ref>https://web.archive.org/web/20220226230919/http://www.reversing.be/article.php?story=20061015153108847</ref> | The development of some forms of DRM, such as Games For Windows Live<ref>https://en.wikipedia.org/wiki/Games_for_Windows_%E2%80%93_Live</ref>, are reliant on special processes within some operating systems that end up becoming unsupported or depreciated as time goes on. Legacy [[SecuROM]]-protected titles (released roughly between 1998 and 2005) are notoriously known for not running on operating systems newer than Windows XP<ref>https://www.lucadamico.dev/papers/drms/securom/ArabianNights.pdf</ref><ref>https://web.archive.org/web/20220226230919/http://www.reversing.be/article.php?story=20061015153108847</ref>. Customers must spend an extensive amount of time circumventing the DRM (or using more illicit methods) just to play content they legitimately purchased.<ref>https://www.youtube.com/watch?v=vjkqI7dBDVg</ref> | ||
This DRM degradation has the worst effects for those who own physical licenses to products that they own, since unlike a digital installation, if a physical copy of a game's DRM stops being supported by modern hardware, a developer cannot simply distribute a patch that directly modifies the code on a disc, and online patches cannot last forever. | This DRM degradation has the worst effects for those who own physical licenses to products that they own, since unlike a digital installation, if a physical copy of a game's DRM stops being supported by modern hardware, a developer cannot simply distribute a patch that directly modifies the code on a disc, and online patches cannot last forever. | ||