There are two consumer electronic DRM stories bubbling to the Internet consciousness recently.
The first has to do with Sony Pictures deciding it was time to start encrypting their movie content with a new DRM scheme that their own Sony Electronics DVD Players (not to mention any other DVD player made until maybe a month ago) cannot decypher.
This can’t be too good for Sony, as they are still struggling with the poor “goodwill” created when they started installing malware onto their customer’s PCs.
If at first Sony doesn’t succeed, try again. And again. This is clearly a protracted example in how to piss customers off, permanently.
The second involves the reprogramming of more recent HD-DVD and Blu-ray “high definition” disc players that, unlike their DVD playing hardware cousins, were actually meant to be “field re-programmable.”
AACS LA, the DRM licensing authority for all your favorite take-home HD media needs has determined that it is time to release new DRM keys for your favorite take-home HD media players.
This is all fine and good, in an ideal world where hardware keys and locked media are defined and matched dynamically, you expire the old key and activate the new key at the same time you expire the old lock and activate the new lock.
The problem with hardware is, once it has left the factory (or store), you are purchasing a device with a defined key. The problem with take-home media is once it has left the factory (or store), you are purchasing a piece of media with a defined lock. The lock and key have to match before you are allowed by the media producer and the hardware manufacturer to enjoy your content.
If one side of the key holder and lock builder scenario diverge, consumers of keys and locks (because this is where the consumer media marketplace has evolved) are left with locks, keys and no content.
Field-programmable devices (such as HD-DVD and Blu-ray disc players) can accept their new keys by an automatic update included with all new locks er media, simply include a special header in the media handshake process that forces the player to avoid the content on the disc and install the new keys from the disc instead and then reboot. For device manufacturers, this is the ideal key distribution case. The other common hardware/firmware update can occur through manufacturers requiring consumers to download software from the Internet onto a CD-Rom and have them turn on their DVD/CD player with the disc inside (this is less ideal, as it requires alot of action from a consumer).
Where the funkiness begins is when key expiration is required. What happens to the old locks in your collection that needed this key to play? Well, they don’t unless they are allowed to work, only on media produced before the revocation date (when the new key and lock set were published).
The second amount of funkiness starts when lock makers (media companies), decide it is time to make, design and distribute a new lock. Not simply filling the distribution pipeline with new locks generated from the same algorithm the previous key could unlock but creating a new algorithm. This new algorithm needs to be installed along with new keys inside your DVD player or computer so that the media encrypted with the new lock. But what about the old keys and locks? Well, they don’t just go away either. They stick around anyway.
Requiring a media player to store and understand all these keys and algorithms is fine when it’s a PC, but sooner or later an “untethered” device will start to slow down or simply stop working because it can no longer handle all of these firmware changes.
The media companies have already defined a path, stating that it is the consumer equipment manufacturers’ responsibility to keep consumers up to date with the keys required of the media companies’ locks, even when these locks are non-standard and proprietary (and breaking the media format specification).
I predict two things will happen. Consumer electronics manufacturers will tire of their devices’ becoming randomly but eventually disabled by media companies’ drm policies. And, consumers will get pissed off that the lifetimes of their electronics and purchased media no longer means life-time it means time-to-disabled.
DRM can not last.