Introduction

"The biggest trick the devil ever pulled was in getting folks to blame someone other than Hollywood for video DRM." —not Keyser Söze

Peter Gutmann, author of a well-known and fascinating paper describing the tradeoffs of Microsoft's content protection system in Windows Vista, is on the hunt again. Last year, his paper "Cost Analysis of Windows Vista Content Protection" painted a grim picture of the lengths Microsoft went to in order to gain full compliance with AACS, the next-gen copy control system for Blu-ray and HD DVD (and they did go far). Now Gutmann is reiterating his claims but also reportedly digging deep in his attacks on Microsoft. While Microsoft deserves some of the blame, the bigger story here is the technical nightmare created by AACS and how its tentacles are reaching into the consumer technology we all use daily. It's a shame that this is getting lost in the mix, but after discussing the issue with a journalist this weekend, I decided to delve a little more into it here.

Gutmann's presentation at this year's USENIX Security Symposium in Boston has been profiled at Network World. Gutmann's thesis is fairly basic and unchanged from last year: Microsoft spent way too many resources appeasing Hollywood when it should have been making Windows Vista better. Gutmann is essentially correct; any time a consumer electronics manufacturer or other technology company has to waste time with DRM, that company is wasting resources that could be better spent elsewhere if DRM wasn't a sad fact of life. Let no one doubt that. All of this attention focused on Microsoft is missing the bigger story, however.

AACS: coming to an (incorporated) OS near you

This is important but rarely acknowledged in these discussions (and my journo discussion partner was rather surprised to learn this): Apple will also have to adopt a strict DRM regimen at the most fundamental levels of Mac OS X in order to be able to (legally) play back AACS-protected Blu-ray or HD DVD discs (e.g., most commercial discs in those formats). Apple thus far has avoided criticism, but only because the company has not unveiled its full plans for appeasing the various requirements imposed by the AACS Licensing Administrator for next-gen optical disc DRM. When Apple does, we'll all see that Blu-ray/HD DVD support comes with plenty of strings attached—strings that Apple will have to work into its OS, too. There is no way around it; something similar to Microsoft's Protected Media scheme will be required of Mac OS X if Apple is a licensee to AACS. (The same would be true for Linux, except that AACS won't be licensed for Linux desktop use. There's no way to securely implement it since desktop Linux is an open environment, and AACS requires keeping secrets.)

Here's the basic rundown: AACS has "robustness rules" that include strict mandates for the path that video data takes through a software-based system, like a modern PC. These rules require that decrypted video "not be present on any User-Accessible Bus in analog or unencrypted, compressed form," because users could possibly record or redirect that content. Companies like Apple and Microsoft are additionally required to use "encryption, execution of a portion of the implementation in ring zero or supervisor mode (i.e., in kernel mode), and/or embodiment in a secure physical implementation," or any other method that can "effectively" keep encryption keys secret. Furthermore, they are required to use "techniques of obfuscation clearly designed to effectively disguise and hamper attempts to discover the approaches used" to secure the systems. Thus, video content must travel through the system encrypted and must only interact with authorized components over authorized pathways.

Again, these are the requirements of AACS, and they're not simple to accomplish, especially in an operating system where there are multiple ways to attack the system. This is why AACS goes even further, requiring that operating systems constantly monitor the "integrity" of the content protection system and purposely stop playing content in the event that any "unauthorized modifications" are detected. In this way, the system not only watches the video path as video travels on it, but it monitors the state of the PC as a whole.

So, when thinking about this issue, we have to ask ourselves: is a company like Microsoft or Apple likely to tell Hollywood to jump off a cliff? No, because both companies know that users will want to play HD DVD or Blu-ray discs on their computers. Microsoft didn't tell AACS LA to stuff it, and Apple won't tell them to, either. Not only do both companies want to be a part of the HD "revolution," but both of them are also DRM developers, too. While Steve Jobs may be an opponent of DRM for music, he has said on record that his objections to DRM for music do not apply to video.

Timeline flaws adding up



Most of what breaks the "HD experience" on PCs right now stems from AACS's demands on technology, starting with the requisite HDMI/HDCP support on video cards and displays. HDMI/HDCP are two key parts of the "secure path" for video, but the two technologies have still not penetrated the PC market in any substantial way. (I'm quite surprised that monitor and video card manufacturers were so late implementing HDCP, given that this aspect of AACS has been known about for some time.)

Regardless, note that hardware-level support for AACS (via HDMI/HDCP) has nothing to do with Microsoft or Apple, but both companies will have to grapple with balancing the AACS requirements with providing users with a simple playback environment. Thankfully, Hollywood has backed off the Image Constraint Token for now, the biggest snag in the HDCP plan, likely because of the slow adoption of HDCP itself. Hollywood holds the cards here: it's the studios' content licensing practices at work, and it's their call when to start enforcing technical requirements for full HD display. So, while the HDCP issues may seem only theoretical for now, those days are numbered.