Vista and More: Piecing Together Microsoft's DRM Puzzle
The copy-control technologies baked into Vista and the Windows Media platform cover plenty of ground, but who benefits?
Computerworld - If you ask five veteran Windows users to explain Vista's take on digital rights management (DRM), you're likely to get five different answers that have just one thing in common: Whatever it is, they know they don't like it.
In a nutshell, this is the dilemma Microsoft faces as it prepares to launch Windows Vista. By any standard, Vista's new DRM capabilities -- aimed at protecting the rights of content owners by placing limits on how consumers can use digital media -- hardly qualify as a selling point; after all, it's hard to sing the praises of technology designed to make life harder for its users.
Microsoft itself defines DRM in straightforward terms, as "any technology used to protect the interests of owners of content and services." In theory, it's an easy concept to grasp; in practice, however, modern DRM technologies include a multitude of hardware-, software- and media-based content-protection schemes, many of which have little or nothing in common.
DRM at the hardware level
Vista's DRM technologies fall into several distinct categories, all of which are either completely new to the operating system or represent a significant change from the technology found in previous versions of Windows. The Intel-developed Trusted Platform Module (TPM) makes DRM harder to circumvent by extending it beyond the operating system and into the PC's hardware components.
TPM is used with Vista's BitLocker full-drive encryption technology to protect a PC's data against security breaches. A TPM microchip embedded on the PC's motherboard stores unique system identifiers along with the BitLocker decryption keys. If a system is tampered with -- for example, if the hard drive is removed and placed in a different machine -- TPM detects the tampering and prevents the drive from being unencrypted.
A set of related technologies grouped under the name Output Protection Management (OPM) also takes DRM to the hardware level. Perhaps the most prominent (or notorious) OPM technology, known as Protected Video Path (PVP), provides a good example of how hardware-based DRM works and what it can do. PVP content-protection technology is supported both in Windows Vista and within a small but growing number of high-end graphics adapters, high-definition displays and even digital display connector cables. It is intended, first and foremost, to protect the high-quality digital content that is slowly becoming available on the next-generation Blu-ray and HD-DVD optical media technology.
Most commercial DVDs, of course, already include copy-protection technology. This protection, however, works only in conjunction with the DVD player itself. It cannot stop attempts to intercept and copy the protected content further downstream, as it moves first to the graphics card and finally to a user's display -- a problem sometimes referred to as the "analog gap."
PVP eliminates these security gaps, enabling a series of DRM measures that keep a high-resolution content stream encrypted, and in theory completely protected, from its source media all the way to the display used to watch it. If the system detects a high-resolution output path on a user's PC (i.e., a system capable of moving high-res content all the way to a user's display), it will check to make sure that every component that touches a protected content stream adheres to the specification. If it finds a noncompliant device, it can downgrade the content stream to deliver a lower-quality picture -- or it can even refuse to play the content at all, depending on the rights holder's preferences.
- Silicon Valley's 19 Coolest Places to Work
- Is Windows 8 Development Worth the Trouble?
- 8 Books Every IT Leader Should Read This Year
- 10 Hot Hadoop Startups to Watch
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Radicati: Cloud Business Email - Market Quadrant 2013 Google was named the top cloud business email provider in a recent report by research firm Radicati. Out of 14 key players, Google...
- Tablets in the Enterprise: A Checklist for Successful Deployment How can you enterprise manage and secure tablets in order to protect corporate data while providing access to the information and applications employees...
- Enterprise Mobility: A Checklist for Secure Containerization The advantages and disadvantages of the multiple approaches to containerization. Learn More>>
- Enterprise File Sync & Share Checklist File sync and share has changed the way people work and collaborate in today's tech-savvy world. Gone are the email roadblocks, clunky FTP...
- Live Webcast LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- LIVE EVENT: 5/7, The End of Data Protection As We Know It. Introducing a Next Generation Data Protection Architecture. Traditional backup is going away, but where does this leave end-users?
- On-demand webinar: "Mobility Mayhem: Balancing BYOD with Enterprise Security" Check out this on-demand webinar to hear Sophos senior security expert John Shier deep dive into how BYOD impacts your enterprise security strategy... All Security White Papers | Webcasts