Piecing together Microsoft's DRM puzzle

If you ask five veteran Windows users to explain Vista's take on digital rights management (DRM), you're likely to get five different answers that have just one thing in common: Whatever it is, they know they don't like it.

In a nutshell, this is the dilemma Microsoft faces as it prepares to launch Windows Vista. By any standard, Vista's new DRM capabilities -- aimed at protecting the rights of content owners by placing limits on how consumers can use digital media -- hardly qualify as a selling point; after all, it's hard to sing the praises of technology designed to make life harder for its users.

Microsoft itself defines digital rights management in straightforward terms, as "any technology used to protect the interests of owners of content and services." In theory, it's an easy concept to grasp; in practice, however, modern DRM technologies include a multitude of hardware-, software- and media-based content-protection schemes, many of which have little or nothing in common.

DRM at the hardware level

Vista's DRM technologies fall into several distinct categories, all of which are either completely new to the operating system or represent a significant change from the technology found in previous versions of Windows. The Intel-developed Trusted Platform Module (TPM) makes DRM harder to circumvent by extending it beyond the operating system and into the PC's hardware components.

TPM is used with Vista's BitLocker full-drive encryption technology to protect a PC's data against security breaches. A TPM microchip embedded on the PC's motherboard stores unique system identifiers along with the BitLocker decryption keys. If a system is tampered with -- for example, if the hard drive is removed and placed in a different machine -- TPM detects the tampering and prevents the drive from being unencrypted.

A set of related technologies grouped under the name Output Protection Management (OPM) also takes DRM to the hardware level. Perhaps the most prominent (or notorious) OPM technology, known as Protected Video Path (PVP), provides a good example of how hardware-based DRM works and what it can do. PVP content-protection technology is supported both in Windows Vista and within a small but growing number of high-end graphics adapters, high-definition displays and even digital display connector cables. It is intended, first and foremost, to protect the high-quality digital content that is slowly becoming available on the next-generation Blu-ray and HD-DVD optical media technology.

Most commercial DVDs, of course, already include copy-protection technology. This protection, however, only works in conjunction with the DVD player itself. It cannot stop attempts to intercept and copy the protected content further "downstream," as it moves first to the graphics card and finally to a user's display -- a problem sometimes referred to as the "analog gap."

PVP eliminates these security gaps, enabling a series of DRM measures that keep a high-resolution content stream encrypted, and in theory completely protected, from its source media all the way to the display used to watch it. If the system detects a high-resolution output path on a user's PC (i.e., a system capable of moving high-res content all the way to a user's display), it will check to make sure that every component that touches a protected content stream adheres to the specification. If it finds a noncompliant device, it can downgrade the content stream to deliver a lower-quality picture -- or it can even refuse to play the content at all, depending upon the rights holder's preferences.

What does all this mean to a typical Windows Vista user who just wants to sit back, relax and watch a movie on his brand-new, state-of-the-art multimedia dream machine? That depends, of course, to a great extent upon what he wants to watch; the latest Hollywood blockbuster is far more likely to require a PVP-compliant system than less mainstream fare. But sooner or later, most Vista users will probably encounter PVP-protected content -- and more often than not, they will walk away from the encounter at least a little frustrated, disappointed or even angry.

Matt Rosoff, lead analyst at research firm Directions On Microsoft, asserts that this process does not bode well for new content formats such as Blu-ray and HD-DVD, neither of which are likely to survive their association with DRM technology. "I could not be more skeptical about the viability of the DRM included with Vista, from either a technical or a business standpoint," Rosoff stated. "It's so consumer-unfriendly that I think it's bound to fail -- and when it fails, it will sink whatever new formats content owners are trying to impose."

The Hollywood factor

As Rosoff's statement implies, many of Vista's digital rights management technologies exist not because Microsoft wanted them there; rather, they were developed at the behest of movie studios, record labels and other high-powered intellectual property owners.

"Microsoft was dealing here with a group of companies that simply don't trust the hardware [industry]," Rosoff said. "They wanted more control and more security than they had in the past" -- and if Microsoft failed to accommodate them, "they were prepared to walk away from Vista" by withholding support for next-generation DVD formats and other high-value content.

Microsoft's official position is that Vista's DRM capabilities serve users by providing access to high-quality content that rights holders would otherwise serve only at degraded quality levels, if they chose to serve them at all. "In order to achieve that content flow, appropriate content-protection measures must be in place that create incentives for content owners while providing consumers the experiences they want and have grown to expect," said Jonathan Usher, a director in the Consumer Media Technology Group within Microsoft's Entertainment and Devices division. "We expect that the improvements in Windows Vista will attract new content to the PC, which is exactly what consumers want."

Yet Usher also pointed out that while Microsoft may provide the DRM technology, it is entirely up to content providers to decide whether their business models should make use of it. "As a platform provider, we provide the technology that allows our partners to test and implement new business models and scenarios," Usher stated. "It remains up to the market to determine the equilibrium that drives any free-enterprise system.

"Consumers are the final arbiters because they can vote with their wallets," Usher added. "This is as it should be in any well-functioning market, and we believe the improvements in Windows Vista play to this strength."

Hollywood isn't the only group that benefits from Vista's assortment of content-protection technologies. While Microsoft can truthfully claim that it wanted no part of the DRM schemes added to Vista for Hollywood's benefit, the company clearly stands to benefit, both now and in the future, from its control over other pieces of the Vista DRM puzzle.

WGA: The next generation

One of these, dubbed the Software Protection Platform (SPP), deals mostly with the integrity of Windows itself. The next generation of Microsoft's Windows Genuine Advantage (WGA) program, SPP requires that users validate their version of Vista with a software license key within 30 days of its activation. Users who don't validate the operating system will be prevented from using certain features, including the new Aero graphical user interface, the ReadyBoost system performance application and, most controversially, the Windows Defender antispyware program.

After 30 days, Vista goes into a reduced functionality mode, similar to Windows Safe Mode -- users have access to a Web browser (so they can validate or purchase a copy of Vista), but none of their computers' other functions. (For details, see "The Skinny on Windows DRM and Reduced Functionality in Vista".)

Windows Media

Then there's the DRM built into the latest version of Microsoft's Windows Media platform, which was also significantly updated for Vista -- although for the time being, it remains interoperable with earlier versions of the Windows Media platform and associated DRM technologies, known as WMDRM. The key here, according to Bill Rosenblatt, founder of GiantSteps Media Technology Strategies and managing editor of Jupiter Media's "DRM Watch" newsletter, is the widespread use of WMDRM as a de facto digital music DRM standard.

Rosenblatt noted that besides serving as the underlying content-protection technology for almost every digital music service except for Apple's iTunes Music Store, WMDRM offers a fair amount of interoperability between digital music and portable music players labeled with the Microsoft-sponsored "PlaysForSure" moniker.

"Microsoft has developed an ecosystem of device makers around WMDRM 10," the version introduced with Windows XP, he said. "As a result, the Windows platform has developed a certain amount of interoperability" between music services such as Napster and MusicMatch on the one hand, and hardware manufacturers on the other.

Yet, according to Rosenblatt, there is trouble in paradise -- at least Microsoft's "PlaysForSure" partners are likely to see it that way.

Enter Zune

Microsoft, Rosenblatt noted, faced an intractable problem: Its current efforts, including the PlaysForSure program, were getting the company nowhere against Apple Computer's iPod, with a market share greater than 70 percent and unassailable brand recognition. Now, he said, armed with its own Zune portable music player and associated retail operation, a significant move away from the current, interoperable WMDRM model seems to be in the cards.

"Music bought for Zune may not be playable on other PlaysForSure devices; Zune will decrease interop, not increase it," said Rosenblatt. "Customers who bought tracks from Napster et al. can play them on Zune, but not vice versa.

"Why do this?" Rosenblatt asked. "The device ecosystem strategy is too fragmented, too complex to use and too hard to market to consumers; it simply is not an effective strategy to compete against Apple." In addition, he noted, while Microsoft's WMDRM is "much more flexible and powerful than Apple's own FairPlay DRM platform, it is also more complex -- and the existing [PlaysForSure] arrangement did not help matters."

Microsoft's Jonathan Usher acknowledged that interoperability differences between Zune and the existing PlaysForSure specification were necessary in order for Microsoft to deliver the type of user experience and feature set it envisioned for Zune. "The Zune team's focus is on building a rich community and service around the brand that provides consumers with a unique, integrated end-to-end experience," Usher said. "PlaysForSure, on the other hand, is designed for partners who choose to rely on broad compatibility -- for example, a device manufacturer who wants to connect to multiple services or a service provider who wants to connect to multiple devices."

Rosenblatt and Rosoff both noted that Zune is more than just a vanity project for Microsoft, or even an attempt to open a second front in the company's renewed rivalry with Apple. In fact, both analysts suggested that Zune, like the company's Xbox gaming console, is Microsoft's hedge against the increasingly distinct possibility that the PC won't evolve into the all-purpose digital media center the company once hoped it could become.

"Customers naturally want to know, 'What is going to happen when I try to play a Blu-ray DVD, or an HD-DVD, or some other type of protected content on Vista?' " Rosoff said. "And what's Microsoft's answer? 'That depends.' It's not exactly an encouraging answer."

The business of DRM

Finally, Bill Rosenblatt pointed out that Microsoft might yet turn DRM technology into a profitable, sustainable business -- not in the consumer market, but rather within the enterprise market, where content-protection technologies are winning over a growing number of supporters who see it as an important weapon against data loss, regulatory compliance lapses and other potentially costly business process failures.

"Microsoft actually enjoyed quite a bit of success when it released Windows Rights Management Services back in 2003," Rosenblatt said. "If Microsoft can put some marketing effort behind this product once it gets through its Vista-launch fire drill, I don't think it will be disappointed."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments