Our dear editor Ben, is off on a much-needed holiday at the moment, so while he's tanning away his worries, I'll be here in his stead this week. Since I've been left to my own devices, I've chosen a topic that I have a particular disdain towards: Digital Rights Management or DRM.
What the heck is DRM anyway?
DRM is a legal framework that facilitates access to digital content...so really DRM is like a chastity belt for software. What do I mean by this? All the best parts are gate-kept, requiring payment to unlock the full version. This is absolute bullshit, and I'll tell you why, using a real life example. Let's say I'm a hardworking farmer in the American heartland. Naturally, you know I'm going to be grinding out a day's work on my John Deere tractor, cause nothin' runs like a deere. John Deere is a notorious abuser of DRM to nickel and dime their customers, especially regarding DIY repairs. They do this by placing digital locks on the software that runs their machinery, making it so that customers have to go to licensed dealerships to seek out repairs.
There are plenty more reasons why DRM sucks
Let's start with the most obvious reason, it is inherently insecure by nature. Here are some of the ways that DRM can be bypassed or have design flaws exploited:
Decryption Key Access: To view or listen to DRM-protected content, the end-user's device must have access to the decryption key. Once this key is on the user's device, it becomes a target for extraction by hackers. If the key is successfully extracted, the DRM protection can be very easily bypassed.
Analog Hole: This (strangely sexual sounding) term is used to describe a vulnerability in the conversion digital content to analog, which is then converted back to an unprotected digital format. Since DRM is only applied to digital content, the process of converting it to an analog form (like playing it on a screen or speakers) removes the DRM. This content can then be re-captured in digital form free of DRM.
Software Vulnerabilities: Software is the usual method of enforcing DRM, depending on the platform. With any software, there can be vulnerabilities or bugs that can be exploited to bypass the DRM.
Emulation and Virtualization: There are also some advanced techniques involve emulating DRM environments or using virtual machines to intercept and analyze the data and decryption keys being used. Once you have the keys, it's game over.
Obfuscated Code and Complexity: Ironically, the complexity involved in the protection of DRM systems can become their weakness. Complex systems are harder to secure fully, and obfuscated code can be unraveled by persistent threat actors.
But wait, there's more!
In addition to being absolute garbage security wise, DRM is also:
- (Possibly) A violation of private property rights. Critics argue that it restricts activities that fall under the range of normal and legal use
- At risk of obsolescence. When standards/formats change, the DRM protected content using that standard or format will likely become obsolete.
- Probably encourages piracy. As the EFF puts it: You Bought It, But They Still Own It. So why would I ever buy it at all then?
So DRM sucks, but what can I do?
The best place to start is by using software or products that have a GNY General Public License, as this licensing generally strips away any legal value of DRM. Another option is to find DRM-free works, such as GOG.com or Tor books. And as always, don't forget to make sure that Windscribe connection is active. It's simplest step you can take to protect your privacy online; we even have a Chrome, Edge, and Firefox extension that you can plug right in if you still want to keep using your browser of choice.
