Random Thoughts – Randosity!

The continuing failure of Digital Rights Management (DRM)

Posted in computers, drm, windows by commorancy on February 6, 2009

When are companies going to learn their lessons about using Digital Rights Management (DRM) to protect content?  It seems that just as one company learns a lesson another also has to go through these same pains.

What is DRM?

DRM is simply a piece of software that is designed to limit use of or prevent unauthorized use over a piece of software or content (such as music, videos, video games or productivity software).  DRM software is usually run on start-up of the actual software or content to-be-protected to determine if the user running it has a legitimate license.

How does it work?

DRM comes in many forms and there are many different implementations of DRM.  The most obvious example of DRM is Microsoft’s activation server system.  This system requires that Windows ‘check-in’ with Microsoft’s servers to determine if the copy of Windows you are running is ‘Genuine’ or ‘Counterfeit’.  I’m not sure how exactly they determine what’s what, but apparently they have some methodology.

There are other forms of DRM, some more innocuous than others.  Sony, for example, got beaten down hard for its use of a rootkit based DRM system on some of its BMG CD releases.  This DRM system installed software unknown to the user and, as a result of its installation, left Windows open to attacks and software compromises (from viruses and trojans).  This is an extreme example from a, then, well-respected company.

Other forms include dongles (USB keys), having physical media present, requiring license servers to be run, etc etc.  Regardless of what form it takes, it will interfere with your ability to use the software in the way you want to use it.

What DRM doesn’t do!

DRM doesn’t actually target the people whom it should target.  The intent of DRM is to prevent piracy or unauthorized use.  The problem with DRM is that it basically only affects legitimate users and non-technical pirates.  It doesn’t affect technically inclined pirates and software crackers… the exact people they need to target.  

Because many of these software systems install software onto Windows, these installed softwares can interfere with Windows or other applications in Windows… especially if two different softwares require two different versions of the same protection system loaded on the system simultaneously.  These are instances where one app can interfere with another or even interfere with itself.

So, DRM inconveniences the paying user and not really the pirates, which is not the intent of DRM.  For example, ZBrush (a 3D object sculpting package) uses an arcane software protection system that doesn’t work on many installations of Vista 64 (and possibly even Vista 32).  Pixologic (the developers of Zbrush), have basically thrown their hands up on the issue.  They have no idea why it happens.  Also, because they have licensed their protection system from a third party vendor, they can’t even fix the issue.  So, Vista users who may legitimately want to purchase and use their software cannot do so.

EA’s Spore is another prime example.  Spore’s arcane DRM system prevented installation and use of this game on multiple computers due to the way it ‘registered’ with EA’s servers.  This DRM even prevented use by different users on the same computer.  EA was very slow to respond about this issue and, as a result, hundreds of reviews for Spore on Amazon ended up 1 star. 

Crackers 

The Crackers of the world, many of them, are actually very good at what they do.  They can get into hex code and/or disassembled (assembly) code and rework (remove the sections) that do the DRM checks.  By disabling the DRM checking in the application, the application will then launch without the need for the DRM checks.

Note that these people are so adept at doing this, they can probably do it in their sleep.  This means that no matter what protection scheme is devised by someone, the crackers can reverse engineer it and remove the protection system in time.  Sometimes, they aren’t fully successful at removing it, but they don’t need to be.  Instead, they can work with the DRM by producing softwares that mimic the things the DRM software needs to function.  Either way, it gets around the necessary things that the DRM needs.

For this reason, DRM fails to target the people whom they want to target and fails to adequately protect the content they so desperately want to protect.

Fed Up!

Users are tired of DRM systems that prevent them from legitimately using software they purchase.  The companies do have the right to protect their ‘assets’, yes.  But, is it right for them to do so at the expense of their userbase?  Making people jump through hoops just to run a piece of software is not the way software is supposed to work.  DRM systems get in the way of the software and user experience rather than helping the company protect their assets.

Wake up companies

For software companies that are considering or are now using DRM to ‘protect’ (and I use that term very loosely) their software, you need to rethink your strategy, especially if you are seeing complaints from your userbase about the protection system preventing proper usage of your software.  If the DRM is getting in the way of your paying user’s ability to use the software, then you need to get rid of the DRM.  DRM is intended to be transparent to the user… but in many cases it is not.  Which means, the DRM system failed.

Should companies do away with DRM?  At this point, yes.  It doesn’t serve your company by inconveniencing the very people who pay you money.  It also doesn’t give you any points with customer satisfaction.  As more and more people wake up to DRM and dislike it more and more, companies may find that their userbase is dwindling because people won’t agree to install DRM-based software on their computer.  Software without DRM is more likely to function properly than DRM protected software.  There are way too many software competitors on the market to keep DRM in your software when your competitors don’t use DRM in their products.

So, yes, companies should seriously consider the removal of DRM systems from their software.  Also, because DRM fails to adequately target the people whom it should target, adding DRM only serves to damage your company’s reputation and negatively impact your paying userbase.

Have you found a piece of software controlled by DRM that you wouldn’t buy or that you did buy but couldn’t use?  If so, please comment here.  I’d like to see just how widespread this issue is.

Say no to DRM.

All comments are encouraged under the following rules: Comments will not be posted that contain personal attacks. Personal attacks only serve to degrade your comment, make you seem like a troll, weaken your stance and undermine your points. Please choose your words carefully. Thank you for contributing!

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: