Vista and More: Piecing Together Microsoft's DRM Puzzle
The copy-control technologies baked into Vista and the Windows Media platform cover plenty of ground, but who benefits?
Computerworld - If you ask five veteran Windows users to explain Vista's take on digital rights management (DRM), you're likely to get five different answers that have just one thing in common: Whatever it is, they know they don't like it.
In a nutshell, this is the dilemma Microsoft faces as it prepares to launch Windows Vista. By any standard, Vista's new DRM capabilities -- aimed at protecting the rights of content owners by placing limits on how consumers can use digital media -- hardly qualify as a selling point; after all, it's hard to sing the praises of technology designed to make life harder for its users.
Microsoft itself defines DRM in straightforward terms, as "any technology used to protect the interests of owners of content and services." In theory, it's an easy concept to grasp; in practice, however, modern DRM technologies include a multitude of hardware-, software- and media-based content-protection schemes, many of which have little or nothing in common.
DRM at the hardware level
Vista's DRM technologies fall into several distinct categories, all of which are either completely new to the operating system or represent a significant change from the technology found in previous versions of Windows. The Intel-developed Trusted Platform Module (TPM) makes DRM harder to circumvent by extending it beyond the operating system and into the PC's hardware components.
TPM is used with Vista's BitLocker full-drive encryption technology to protect a PC's data against security breaches. A TPM microchip embedded on the PC's motherboard stores unique system identifiers along with the BitLocker decryption keys. If a system is tampered with -- for example, if the hard drive is removed and placed in a different machine -- TPM detects the tampering and prevents the drive from being unencrypted.
A set of related technologies grouped under the name Output Protection Management (OPM) also takes DRM to the hardware level. Perhaps the most prominent (or notorious) OPM technology, known as Protected Video Path (PVP), provides a good example of how hardware-based DRM works and what it can do. PVP content-protection technology is supported both in Windows Vista and within a small but growing number of high-end graphics adapters, high-definition displays and even digital display connector cables. It is intended, first and foremost, to protect the high-quality digital content that is slowly becoming available on the next-generation Blu-ray and HD-DVD optical media technology.
Most commercial DVDs, of course, already include copy-protection technology. This protection, however, works only in conjunction with the DVD player itself. It cannot stop attempts to intercept and copy the protected content further downstream, as it moves first to the graphics card and finally to a user's display -- a problem sometimes referred to as the "analog gap."
PVP eliminates these security gaps, enabling a series of DRM measures that keep a high-resolution content stream encrypted, and in theory completely protected, from its source media all the way to the display used to watch it. If the system detects a high-resolution output path on a user's PC (i.e., a system capable of moving high-res content all the way to a user's display), it will check to make sure that every component that touches a protected content stream adheres to the specification. If it finds a noncompliant device, it can downgrade the content stream to deliver a lower-quality picture -- or it can even refuse to play the content at all, depending on the rights holder's preferences.
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your... All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!