While this isn’t directly applicable to e-books, it’s definitely a good illustration of the fundamental problem with DRM—it’s fundamentally ineffective without strict laws to prop it up. Ars Technica reports that Warner Brothers has filed suit (PDF) against LegendSky, a company selling a $199 “HD Fury” HDMI-decryption dongle that would strip the High-bandwidth Digital Content Protection (HDCP) DRM from high-definition content, including on 4K videos.
HDCP is supposed to ensure that protected content can only play on players and video displays that support that DRM, and it can’t be intercepted and duplicated in full HD quality. A decryption box like the HD Fury would allow that content to be shown in full quality on unsupported monitors, which the company felt was a classic case of fair use—but Warner didn’t see it that way.
This is only the latest verse in a song that’s been going on for over ten years. In the mid-2000s, media producers prodded the FCC into attempting to institute a “broadcast flag” that would have prevented the manufacture of devices that did not “actively thwart” piracy by disallowing unprotected high-definition transmission. This would effectively have rendered early-adopters’ unprotected HDTVs incompatible with newer content. The attempt to pass the regulation was ultimately unsuccessful, but it seems to have become a de facto standard anyway as manufacturers toed the media producers’ line.
Ars Technica says the HD Fury is no longer available for sale online, but when I went to the website to place the order, it let me add it to the cart and move forward to the checkout. (I didn’t go any further than that, not wanting to risk entering my payment information just in case they did actually charge me for one.) Regardless, the fact that it was available so quickly—before much in the way of 4K content is even out—demonstrates the overall futility of attempting to slap a digital padlock on. It’ll just get broken anyway.
Indeed, even in 2006, security researcher Ed Felten observed that HDCP was surprisingly weak and suggested that this was intentional on the part of HDCP’s designer—it didn’t have to be very good; it just had to be good enough for the DMCA while staying cheap enough not to add too much in the way of manufacturing cost to players and TVs.
A much more plausible answer is that HDCP encryption exists only as a hook on which to hang lawsuits. For example, if somebody makes unlicensed displays or format converters, copyright owners could try to sue them under the DMCA for circumventing the encryption. (Also, converter box vendors who accepted HDCP’s license terms might sue vendors who didn’t accept those terms.) The price of enabling these lawsuits is to add the cost of 10,000 gates to every high-def TV or video source, and to add another way in which high-def video devices can be incompatible.
He also suggested, prophetically, that “HDCP will inevitably fail – catastrophically – when somebody manages to recover the master secrets that are the source of all power in the system, and publishes those secrets on the Internet.” That happened in 2010, when someone released an HDCP master key online.
Warner Brothers may be able to force LegendSky to stop selling its HD Fury in the USA (though given that the manufacturer is based in China, who knows if they can really put it out of business?), but they won’t be able to prevent other people from making other tools. For example, Blu-rays can be played with ease via any video player on a computer with the aid of HDCP-defeating software from SlySoft. (And it didn’t rely on the 2010 leak to do so, either; it first made the capability available in 2008.)
It’s conceivable SlySoft could even add 4K capability to its software—no physical dongles required—and it’s unclear whether a lawsuit would serve to stop the company from selling its product online. SlySoft is based in Antigua, which has received permission from the World Trade Organization to disregard American copyrights in recompense for the US killing its Internet gambling industry.
Warner Brothers may (or may not) have poked its finger in a dike, but it’s never going to be able to keep people who want to from bypassing DHCP. That’s the weakness of DRM—and why it must necessarily rely on laws for its operation.