Intel SGX proves Blu-ray DRM is defective by design

Non release banter
User avatar
Rava
Contributor
Contributor
Posts: 5401
Joined: 11 Jan 2011, 02:46
Distribution: XFCE 5.01 x86_64 + 4.0 i586
Location: Forests of Germany

Intel SGX proves Blu-ray DRM is defective by design

Post#1 by Rava » 16 Feb 2022, 04:38

to quote the Greg Farough, DbD <info@defectivebydesign.org> newsletter
*This story received a flurry of coverage and then disappeared. Our
role here at Defective by Design is to not let these stories go, for
the fact that they are forgotten so quickly is how Digital
Restrictions Management (DRM) perpetuates itself.*

Eagle-eyed readers of a [technical document][1] recently published by
Intel, which details upcoming changes to their line of processors,
noticed that the Software Guard Extension (SGX) will soon be
deprecated. The SGX provided the ability for certain areas of system
memory on Intel computers to be dedicated to encrypting and decrypting
information, and therefore private -- off-limits to the rest of the
system in a so-called "secure enclave." Connecting the dots, readers
of Intel's document [soon realized][2] that this would prevent users
from viewing certain kinds of media, particularly Blu-ray discs, used
primarily for their high resolution capabilities. As it always does,
the DRM in these discs is now forcing an added, arbitrary restriction
on top of others: in processors without the SGX, 4K streams will be
downgraded to the lower-quality 1080p, even if the device is perfectly
capable of playing it.


[1]: https://cdrdv2.intel.com/v1/dl/getContent/655258
[2]: https://www.pcworld.com/article/606310/ ... grade.html

"Secure enclaves" sound nice from a privacy perspective, but when
examining buzzwords like these, it's important to ask: privacy for
*whom?*
At least in principle, there's nothing wrong with offloading a
system's cryptography to another part of that system, provided it can
still be controlled by the user. But that's precisely where the
problem is: in practice, the SGX was used by Intel to implement
[DRM][3]. The security and privacy the enclave was supposed to provide
its user was forked over to media conglomerates instead -- securing
and hiding their misdeeds. In effect, if you're using the SGX, part of
your computer is off-limits to you, like a room in your own house
you're not even allowed to enter, let alone use how you would like.

[3]: https://www.defectivebydesign.org/what_is_drm

The problems with Blu-ray disks are nothing new. Not content with the
ways they already compromised DVDs with region codes and copy
restriction mechanisms, the media cabal behind the format made them
dependent on a more complex set of keys, and worse, [proprietary
software][4]. The con played by the Motion Picture Association of
America (MPAA) and their friends has been a long one: first convincing
users that DRM was necessary to guard against ["copyright
infringement,"][5] and then, over time, sneaking more and more onerous
restrictions into our devices in exchange for the latest superhero
flick.


[4]: https://www.gnu.org/proprietary/proprietary.html
[5]: https://www.defectivebydesign.org/faq#copyright

While on the surface this issue only seems to inconvenience customers
who view Blu-ray discs with their home computers, this move's other
implications are worth examining. It represents another attack on
physical media on the part of corporations like [Netflix][6] and
[Disney][7], locking users into streaming platforms, whose films and
television shows they can revoke -- or edit -- on a whim. Whereas
before an album or film could be passed down through a family as a
sentimental object imbued with its own history, the world the
deprecation of the SGX helps to create is one where "access" is all
that a customer has when it comes to their favorite works of art. No
earmarked pages or personal notes in this case: merely an "access" that
involves agreeing to ever more restrictive licensing terms, and paying
an interminable monthly fee.

[6]: https://www.defectivebydesign.org/netflix
[7]: https://www.defectivebydesign.org/blog/ ... ck_culture

In all likelihood, Intel's decision to deprecate the SGX was not
something they did to increase streaming platforms' bottom-line. At
the same time, our response shouldn't be to try to persuade Intel to
keep it around, given the harm it's caused, and the ways it can be
[exploited][8]. What we *can* do is [let them know][9] they should
show respect to their users by never implementing features designed
for DRM.

[8]: https://arstechnica.com/gadgets/2019/02 ... -software/
[9]: https://corporateofficeheadquarters.org/intel/

Even if the Blu-ray case and disc on our shelf doesn't seem liable to
get up and fly away, or dissipate into the ether anytime soon, all
DRM'd media comes with strings attached. The "access" we may think we
have now really *can* disappear at any moment, or worse, held over our
heads until we exchange even more of our freedom for the next caped
crusader.
In a world where perfectly intact physical media can play
one day and refuse to play the next, the only truly sustainable
solution is to reject DRM entirely, and support those companies and
storefronts that [act ethically][10] instead, those who view their
customers as people with rights and freedoms, rather than part of a
faceless mass they can siphon for profit.

[10]: https://www.defectivebydesign.org/guide

In freedom,

Greg Farough
Campaigns Manager
(highlighting by me)
Cheers!
Yours Rava