Sunday, April 09, 2006

sap, drm, and other tla's

Microsoft has been working on this Secure Audio Path thing that they plan to put in Vista (when it finally gets released). This is interesting since they are building Digital Rights Management (DRM) capabilities into the kernel. What does this mean?

  • Media providers may have to use the DRM system that Microsoft provides, since it has to be built into the kernel. If Microsoft lets people build their own DRM components, then there is the issue of misbehaving components and buggy kernel libraries.

  • If you look at the diagram, the sound card driver is given full access to unencrypted data. This means that one could write a misbehaving third-party driver to capture streams. The SAP designers get around this by forcing the driver to be authenticated (see diagram). The DRM component is not "authenticated" though.

  • The decryption now happens in the kernel. Let's hope that the decryption module is not buggy -- especially if Microsoft lets vendors write their own kernel modules for DRM. Not only could the player program crash, but this could cause the whole system to go down.

Will this protect DRM media from being copied? I doubt it. Academics (or benevolent hackers) will publish instructions on how to subvert all of this, then the script kiddies will pick up the proof-of-concept software to scrape the streams. I think the only way this can "solidify" enforcement of DRM is with ALL pieces in kernel mode being "authenticated" (proven safe by signature and cert. authority) or no DRM decryption should work. The problem with this is that the CA (probably a Microsoft database protected from subversion with Trusted Computing hardware) will have control over which modules are authorized -- essentially control over which flavors of DRM get to be used.

Is DRM really the right approach to protect artists' and publishers' copyright? Is this protected audio path a good idea? I don't know a whole lot about SAP (just reading the whitepapers for the first time), so I welcome others' opinions...


Stephen Pierce said...

It doesn't just stop at audio either. Somewhere out there is info on the whole trusted computing platform that severely impedes the video paths as well (and probably other stuff too). They go as far as communicating back and forth with your displays, ensuring that your monitor is certified.
I don't think DRM is a solution that can work though. Someone who really wants to circumvent the technology will do so eventually, and then the DRM is just a speed bump to them and a series of hoops to someone trying to do something legitimate with their computer.

Sid Stamm said...


Yeah, I've been reading a lot about the Trusted Computing Group and the TPM chips that are distributed with about 20% of all new x86-based PCs (and all the intel-based apple development kits). The TCG doesn't go as far as DRM (in fact, they deny that TCG's main purpose is DRM) but it is an enabler. To do drm properly, you need collusion with the kernel -- and a trusted kernel. Do you trust the Vista kernel?

Sid Stamm said...

Link to the Trusted Computing Group