Movie studios are considering an elaborate DRM scheme to limit copying of promotional “screener” videos distributed to Academy Award voters, according to an AP story by Gary Gentile.
The article’s description of the scheme is a bit confusing, but I think I can reconstruct how it works. The studios would distribute a special new DVD player to each person receiving videos. Each copy of a video would be encrypted so that only a particular person’s DVD player could decrypt it. The videos would also contain some kind of watermark to identify each individual copy.
The technology vendor, Cinea, makes a carefully calibrated technical claim:
Cinea executives said that with enough time and money, a hacker could eventually circumvent the encryption technology hardwired in a single DVD player, but the watermarking will help authorities track down that player.
The discs, by themselves, cannot be hacked, [a Cinea executive] said.
Assuming that this claim is correct, the discs must not be using the lame CSS encryption scheme used by normal DVDs. (CSS is so weak that encryption keys can be recovered easily from a single encrypted disc.) If the designers are smart, they’re using a standard encryption method, in which case it’s probably true that a single disc is not enough to recover the encrypted plaintext. Of course, it’s easy to access the video given a disc and a player – that’s the whole point of having a player.
It’s not clear how sophisticated the watermark would be. Last year, a simple, weak watermark was sufficient to catch a guy who distributed copies of Academy screener videos on the net.
All of this expensive technology might be enough to keep screener videos from leaking onto the net. But this kind of technology won’t work for consumer DVDs. Tethering each disc to a single player would cause major headaches for consumers – imagine having to buy all new discs whenever you bought a new player.
Worse yet, anybody could capture and redistribute the analog output of one of these players. Even if the watermark scheme isn’t broken (and it probably would be, if it mattered), the best the watermark can do is to trace the redistributed copy back to a particular player device. If that device was stolen, or transported to an outlaw region, there is no plausible way to catch the actual perpetrator. This might not be a problem for a modest number of devices, used for a short period by known people, as in the case of screeners; but it would be a fatal flaw on devices that are distributed widely to ordinary people.
UPDATE (July 7): Ernest Miller has some interesting comments on this issue.
