Digital Rights Management Goes Corporate

This is AVNation’s first contribution to the EFF’s Copyright Week.

When most people think about the concept of Digital Rights Management (DRM) they associate it more with their personal devices. For example, you’ve had an iPhone for 10 years. You were an early adopter and you went hog wild with your iTunes purchases. Yes, you own the media you bought, be it music, movies, or television shows, but the thing is if you’re one of those people that doesn’t want to give up your 3.5mm headphone jack, or be forced to utilize a proprietary dongle for connection, you may never be able to upgrade your phone to the latest generation again. So, how do you get that media on to your new Android device? You can’t, not without painstaking effort or going into the media itself and modifying the code.

Copyright Killed the Video

This is a struggle that many people face when they think about the gadgets that are incorporated into our daily lives. However, when you take a step back and look at the larger implications of DRM there’s a much more complex story to tell that has a significant impact on the commercial and corporate world at large.

If you’re not familiar with the greatest implications of DRM in the corporate world, let me introduce you to HDCP (High Definition Copy Protection). This is the digital code that requires handshakes between devices in order to ensure that they are able to play copy protected content. This content includes any Blu-Ray, any DVD, or really any media that comes out of major studios and production houses. This is a code that gets cracked almost as quickly as the next version is announced by someone on the planet. But the fact remains that no matter how easily it’s cracked it creates havoc for the commercial systems.

Just over a year ago the latest version of HDCP (v2.2) was released. It came out in conjunction with the development of widespread 4K televisions flooding the market as display manufacturers were trying to maintain consumers purchasing the next level of technology. HDCP 2.2, though, was different than previous upgrades. As opposed to being a software update, to accommodate the required bandwidth increase in 4K signal transmissions, HDCP 2.2 was going to change the physical chipset that goes with HDMI v2.0 and was only going to partially backwards compatible.

What this meant was that any HDCP 2.2 device would be able to receive protected content from any previous generation of HDCP. So if you have an HDCP 2.0 Blu-Ray player at home, you can connect it to your brand new HDCP 2.2 TV. However, if you love your four-year-old plasma TV for the deep blacks that it has, you would never be able to play a movie from any source that was trying to transmit an HDCP 2.2 signal.

Copy Protection Isn’t Just Personal

That doesn’t seem like much of an issue to most people in their homes. But think of it in terms of the corporate world. While the devices that we connect in offices across all industries aren’t likely to be thinks like Blu-Ray players, we sure do use a lot of computers, laptops and tablets. All of these devices are also constructed with HDCP protects that’s hard-coded into their video output. Most notorious in the audiovisual world is Macs.

AVNation’s digital janitor, Bradford Benn, recounts one experience he had trying to merely give a presentation where he was a key speaker providing training:

“…Part of my responsibilities include making presentations for clients and at industry events. At one of these events I arrived the day before and connected my laptop via HDMI to the projection system. Rehearsal went well with everything performing properly. I was able to present the PowerPoint presentation I had put together without issue. The next day I returned to setup in the morning. I plugged in my computer, using an active HDMI switching system provided by the AV vendor, the computer indicated I was plugged in and the software configured itself to dual screen usage. The problem was that there was no picture on the projection screen.

We tried a different HDMI cable with the same result. We tried different inputs on the switcher without seeing a change. We bypassed the switcher and used an HDMI in-line coupler and suddenly the picture appeared. We disconnected the laptop and reconnected the switcher and once again the projection screen was blank. However, the laptop still indicated that there was a second screen attached. We decided to forego the switching system and simply move the HDMI cable between presenter’s computers.

After the presentation we tried a little more troubleshooting. We hooked the cable from my co-presenter’s laptop into the switcher and it worked perfectly. I connected my laptop using the same cable and, again, there was no picture. If we connected the two cables via a coupler the picture returned. This pretty much ruled out everything in the system except for the switcher. I contacted the AV switch manufacturer’s tech support. Their first question was which computers were being used; an Apple MacBook Pro and a Lenovo Thinkbook.

The person I was talking with stopped me immediately. He explained the cause was that the switching system is configured so that it will not distribute any HDCP restricted content to multiple displays. The content, though, was something I had created so why was it restricted? It was explained to me that Apple products are configured to restrict their HDMI output to one display at a time.

I asked if there was a way to defeat the enforcement of the restriction on the switching hardware? At that point I was told “no, there was not.” That would make sense. If the content protection could be defeated that could easily be considered a violation of the DCMA.”

We are even looking at the potential in the future for HDCP communications to create security risks for corporations. As audiovisual systems go, today they are usually relegated to being on an air gapped network or isolated into a VLAN on the corporate network. Most people don’t realize just how many devices are in each office building, but it’s possible that for every single meeting room in a corporate headquarters there could be anywhere from one to twenty AV devices.

The next generation of HDCP is looking at the possibility of utilizing a public-private key solution. This means that every single device in a system that could potentially receive or transmit a copy protected signal – your video extenders, your matrix switches, your audio system, your displays – would need to be connected to a network that has the ability to reach outside the LAN and access a cloud key server somewhere so that each device could provide its individual key that states it is capable of passing a copy protected signal. In some corporate offices this could be hundreds, even thousands of IP devices that have less than stellar network security standards.

Don’t Mod Your Hardware

Instances like HDCP often leave people looking for a work around. It’s a simple concept: you bought the media, you own the devices that play the media, so you should have no issue playing the media; until you do. This is where many people look to solve their problems in the easiest, and least costly way, possible – through mods and hacks. However, even if you own the system, the DMCA restricts your ability to modify the software or hack the devices, even to the point of rendering the incapable of broadcasting certain media.

From Bradford Benn’s archives:

“Indulge me for a moment, what happens if one wants to take a computer and install a new operating system on it. Would that be illegal? It could be construed as circumventing copy protection. While it might not be obvious allow me to illustrate.

I had an older computer that ran a Windows operating system very slowly. Rather than give up on the machine, I tried running Ubuntu on it. It worked great. I was able to surf the World Wide Web, write documents with Open Office, listen to music, etc. … all the typical things. However, there was a unique twist to the operating system. Since it was not a Windows operating system I was not impacted by the Rootkit that Sony placed on the CDs to prevent copying through the Windows operating system (http://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal).

I easily made an archival copy of an audio compact disc, something that is deemed legal. I clearly had just circumvented the copy protection as I was running an unauthorized operating system on the hardware.

Following the same logic as making it a violation of the DMCA to modify a Playstation 3, I violated the DMCA by modifying my computer and installing an alternate operating system on it. It also happened to be a Sony product that I installed Ubuntu onto, a Sony Vaio computer.”

Your Media Must Be Your Own

It may not occur to most people that the commercial audiovisual industry is valued in excess of $100 billion. This is the industry that is providing the majority of video conferencing capabilities for the multibillion dollar corporations worldwide. Yet, any of these high profile meetings where the construction of factories and the creation of jobs can be taken down or derailed simply because the laptop that the visiting corporate consultant purchased happened to be a Mac with an incompatible AV system seems ridiculous (as well as a slightly extreme example).

The push to teach kids to code in order to be competitive means that there is going to be more and more creation and more and more people looking at what exists and thinking that they can just make slight modifications in order to improve upon it. Corporations don’t want you doing that to their devices because it means that if you’re modifying what exists then you might improve it to the point where you no longer have to pay for the next physical or software based solution. They want you continuing to purchase the latest and greatest from them.

Changes to the rules and rights of the owners of devices must be made. Prior to computers being installed in everything and software running the world, people had the ability to make upgrades to what they owned. They could swap out an engine on their hot rod. They could make their own repairs to a tractor. They could implement whatever modification seemed like a good idea to suit their personal use of their electronics. Why should that change simply because the medium itself is no longer physical but ones and zeroes?

It’s time for copyright reform to reflect the current state of the world and the marketplace. Your devices should be your own. You should not be required to create network vulnerabilities just to watch a movie. You should truly own that which you have purchased and be able to modify and update it in the way that suits your needs.

Leave a Comment