Getting screwed again by DRM

I’m definitely no fan of Digital Rights Management (DRM) in it’s current form.  It’s intrusive, prevents me form taking advantage of something I purchased, and is generally an all around nuisance.

Take, for instance, DRM “enhanced” music.  Most DRM licenses only allow you to listen to the music on authorized devices, and limits the number of devices you can put the music on.  Some even go as far as to limit the number of times you can listen to a specific track.  For some users this is ok, but what about those of us who change music players on a regular basis?  Now we have to be concerned about the type of DRM being used and whether or not it’s compatible with our new player.  It’s truly a nightmare.

There are even more issues with DRM, though.  Let’s take a look at modern games.  For consoles, DRM isn’t much of an issue yet.  Every console is the same, so there are no compatibility problems if you have to get a new console, or if you want to take your game to a friend’s house to play.  Downloaded content is a little trickier as it is often tied to the console it was downloaded on.  Unfortunately, in many situations, if the console fails and you get a replacement, you must re-purchase the downloaded content.  This isn’t always the case, but it does happen.

For PCs, however, the landscape is a little different.  DRM is used to prevent piracy of games.  Unfortunately, with the wide number of PC configurations, this can cause incompatibility problems.  But even beyond the compatibility issues, there are sometimes worse problems.

Take, for instance, SafeDisc DRM by Macrovision.  SafeDisc has been around for years and is often the cause of incompatibility problems with games.  SafeDisc requires a special driver to be loaded into Windows that allows the operating system to validate the authenticity of games that use the SafeDisc DRM scheme.  Apparently, Microsoft thought it would be useful to bundle a copy of the SafeDisc driver with Windows and has done so since Windows XP shipped about 6 years ago.

Recently, Elia Florio, from Symantec, discovered a vulnerability in the SafeDisc driver.  This vulnerability allows an attacker to escalate their privileges, ultimately allowing them full control of the operating system.  Thanks to Microsoft bundling this driver with Windows, even non-gamers are susceptible to this attack.

This highlights a major problem with DRM.  Ensuring security is a pretty tough, complex job.  The more complex the programming is, the harder it is to keep secure.  DRM is intentionally complex, intending to prevent theft.  As a result, it becomes very difficult to ensure that the code is secure.  This is a perfect example of that problem.  Unfortunately, it seems that this will only grow to be a larger problem as time goes on, unless we stamp out DRM.

Macromedia apparently has a fix for this problem on their website, and Microsoft is working on a solution as well.  Microsoft has refused to commit to a delivery date, though.  I would encourage you to update this driver as soon as possible, or, if you are a non-gamer, remove it completely.

Leave a Reply

Your email address will not be published. Required fields are marked *