DRM Business Rules in Rollup 2


To clarify the somewhat vague statement I made about “business rules” for DRM changing in Emerald (Rollup 2), the changes were to include the new COPP (Certified Output Protection Protocol) support in the release and to support the new version of the DRM engine.  The actual behavioral changes in Media Center are not that great: we included the new “CopyNoMore” setting (previously “Reserved” in the CGMS-A standard) in our matrix of when to apply COPP, and were the “ship vehicle” for the new version of DRM from the DRM team. 


Whether we even engage DRM at all is governed by those “business rules” I was talking about; it’s a matrix that defines which protection level we apply to the recorded content based on multiple input vectors.  The entire response matrix is quite large, and defines things like whether you can create a recording1, whether DRM encryption is applied2, whether we permit recording the content to portable media, and whether to allow presenting the video over an given output3.  In a nutshell, DRM protection/encryption is only triggered in existing analog scenarios when the input content is protected by a) CGMS-A, b) PAL’s Copy Protection Flag, or c) Macrovision.  Realistically, you’re only going to see Macrovision if you are doing pass-through from a VCR or DVD player, or you live in Korea and get your TV from a certain satellite service. 


I’ve only personally seen CGMS-A broadcast on HBO & Cinemax, Showtime, and other “premium” channels.  VOD channels are usually marked CopyNever, while scheduled premium channels generally have CopyOnce tags.  I hear via forum postings that some people are seeing Fox News’ “The O’Reilly Factor” getting marked as Copy Protected in Media Center, but I haven’t witnessed it myself.  There’s certainly nothing stopping broadcasters from setting the 2-bit attribute in their VBI data.


1 – true for everything but CopyNever content
2 – true for everything but CopyFree (or no CGMS-A at all) and no Macrovision
3 – governed by COPP

Comments (15)

  1. Tony says:

    Thanks for the DRM tutorials. Very helpful. So, just to make sure – any content marked with a CGMS-A flag should be recordable no matter what to your local MCE drive. The flags just cover whether the data can be copied to DVD or a Portable device. Correct?

    What about the reports of people watching shows and after a minute or 2 getting a blue screen saying the content is protected and they can’t watch the show anymore… is there an issue in rollup 2? There are are enough threads on this to be concerned. I had only seen the behavior with a sporadic signal from directv in a thunderstorm and on a poor OTA signal (all in rollup 2)

    And finally, i’ve noticed in rollup 2 for OTA HDTV recording (like Saturday Night Live), during the recording the information page says copy protected but after the recording the protection message is gone and the content can be copied, viewed, etc.

  2. PeterRosser says:

    CGMS-A CopyNever will prevent any recording, including to disk, but the other 3 values will allow recording. The only thing I know of currently using CopyNever is VOD.

    The reports of people getting the protected overlay are most likely because their license store has become corrupt for some reason. This can happen for a number of reasons, most of which occur because of system time "tampering" (or what’s perceived to be tampering by DRM). We are aware of the issue, and the DRM team is investigating it now.

    Your observation of the CP being set for an ATSC recording is interesting–I haven’t heard of that before. Do you need to do anything special to make it repro, or does it happen on any ATSC recording?

  3. Tony says:

    The cp appearing randomly on shows, is visible only during recording, happens rarely, not reproducible, and goes away from the description page once the show is recorded.

    Chris Lanier has mentioned in threads on TGB that he’s seen it and reported it during rollup 2 beta. I’ve only seen it once or twice and you have to go into the recorded programs info screen while it’s recording to see it – something I usually don’t do. I did search the recordings xml file to see if there was a protected attribute in the listings and there wasn’t. Since it goes away from the description after recording, it wasn’t too big a deal.

  4. James says:

    Peter,

    First, you expressed your thoughts about DRM methods with your statements:

    "Like I said, I have no problem with DRM that gets out of my way. That’s the most important thing to me…It’s true that Microsoft makes its money from CONSUMERS, but CONSUMERS follow CONTENT. If we want to compete with set-top DVRs like TiVo and coexist with VOD, we have to respect the property rights of the publishers…." which many of your MCE customers would agree with and are glad to hear you considering Tivo your competition. But then after a few questions from your MCE customers who have been having copy protection problems related to the rollup 2 update, you almost deceptively answer with "The following is a response to people who thought for some reason that Rollup 2 was applying DRM to things that it did not before:…"

    Well, it turns out they did have some reason to think that since, as you explained about the DRM changes in rollup 2, “the changes were to include the new COPP (Certified Output Protection Protocol) support in the release and to support the new version of the DRM engine…” The team thought Media Center needed a little more locking down?

    Even that wouldn’t be so bad if it actually worked and did get out of our way like we all agree DRM should. But in your boast about how well Microsoft has locked down the video in Media Center, "The output channel is another avenue of attack, but now that the outputs are being protected by COPP, you have a much tougher target there, too. COPP encrypts the content all the way to the video card, so it doesn’t even traverse the PCI/AGP/PCIe bus in the clear. If the certificate exchange fails with the output device hooked up to the video card, then no data is presented at all through the port…"

    Hmmm…maybe that could be causing the copy protection overlay to appear for your customers, but the answer you gave "So… if you have a DRM license store problem, even watching live TV that is protected can be broken. That is probably going to affect a lot of people, if not now then eventually,…" certainly sounds like your telling your customers "Even though MCE was already protecting the copyright holders interests here (HBO, etc…) we’re adding more DRM methods and it’s going to cause trouble for a lot of you. We’d love to rip out our overaggressive COPP implementation and give you your HBO programming back, but impressing Hollywood with new DRM comes first."

    That may not be the exact reason for the trouble, but Media Center is a product that is aimed as among other things, a VCR replacing type of technology. My VCR never refused to record VOD and it never, ever tried to erase a show I had recorded because 24 hours had gone by.

    I know, I know…Microsoft might be sued if criminals could use MCE to pirate Hollywood content…I guess all the pirates are using Linux based computers now for their pirating activites.

  5. Mark Bowman says:

    Funny how we went 25 years with media "content" that could easily be copied and passed around and yet somehow Hollywood survived and reaped massive profits to boot. Now all of a sudden because its "digital" we need massive draconian digital restriction management there to stop us at every turn from doing anything other then hitting play. Does that not seem odd?

    I respect your opinion and still love mce for what it does(for now) but it scares me that anyone, yourself included, thinks that Hollywood et al needs more protection against consumers and not the other way around.

    I’m not one of those everything should be free people. Actually most people don’t even think that way. That’s a straw-man arguement put forward by content producers to make it seem like people who complain about DRM are just lazy greedy thieves who want to "steal" and never pay for anything. I’m not saying you think that btw, but when you or anyone says that it is what you are implying.

    Anyway just giving my thoughts that contrary to your opinion, DRM on content I record isn’t a necessary part of doing business. We gotten this far without it and locking down our recordings is unfair and unwarrented.

    I really hope that within a year we don’t start seeing forced deletion of network programming and things like not being able to fast forward through commercials. The way things are going I’m sad to say I honestly expect it, along with another explanation that "without drm we wouldn’t have any content".

    Thanks for your blog which I like to read and your handy utilities.

    Regards,

    Mark Bowman

  6. PeterRosser says:

    The bugs in DRM annoy and exasperate me as much as anyone, I’m not sure you’re properly separating the 2 issues. I do not think that DRM should be locking me out of my content, as long as I’m in Fair Use teritory. I firmly believe that I should be able to make my own mixes, view my content on the plane on my handheld device, listen to music on my MP3 player, make backups, all of that.

    But you cannot mix the 2 arguments, because they are orthogonal. A bug in DRM is annoying precisely because it keeps you from your viewing/listening, and that’s something you paid for. Something you have an emotional tie to. "Here I am *now*, entertain me!" And it craps out on you. That’s frustrating as hell. But it’s not DRM itself that you should be complaining about: it’s the damn bug. It’s the fact that the DRM implementors let this sort of thing out… unleashed it upon you.

    The problems you are seeing have *nothing* to do with COPP, or with Media Center code at all. The COPP changes we made were to add support for new devices and protocols, not to old paths. We are just as much at the mercy of the DRM bugs as you are. The MCE team is screaming bloody murder at the DRM folks over the issue–we have a lot of customers to take care of. DRM is a hot-button issue, inside the company and outside.

    You said "That may not be the exact reason for the trouble", and that’s exactly the point I’m making. Throwing your emotional arguments about DRM into a complaint about an implementation bug is ludicrous. You’re steamed about the bug, but more than that you’re upset about the very idea of DRM, which is the driving idealism behind your comment.

  7. JoeD says:

    It’s interesting that COPP (which sounds like it will acomplish the same type of protection as the Vista PVP-OPM mechanism) is being added to the XP version of MCE for new devices and protocols. Most Media Center users have resigned themselves to waiting for the Vista release to see new devices and protocols in MCE, such as HD cable TV and its cablecard, and HD DVD’s. Would the addition of COPP satisfy the cable industry’s need (or Hollywood’s, whoever gives the legal OK) for the secure output protection that’s been blamed as the XP weakness which prevents HD cable TV from being used in MCE?

  8. PeterRosser says:

    COPP isn’t new for Emerald, it was just fleshed out in it. There were no COPP-compliant graphics drivers available in time for Symphony, so we had to make changes to accommodate the final specification.

    To address the question about the cable industry, I cannot speak authoritatively on that issue, but I know that COPP is an integral part of it. Basically, the cable industry won’t allow digital CableCard support in a PC without many "safeguards" in place. They are so strict about this that many have despaired of getting anything done at all, which some in the industry are just fine with. We have kept plugging away at it, though.

    The cable industry wants a secure pipeline, from soup to nuts. Analog copying is not the issue… it’s when you can make perfect digital copies that they get scared. They are just as vulnerable to lawsuits are we are (from the studios), so they pay very close attention to the DRM. In order for us (or anyone, for that matter) to support CableCard, you have to commit to having an encrypted stream that *never* transits an unsecure medium (PCI bus included) in the clear. The encryption has to be strong, and the final output device has to be secure as well (i.e. if it’s a digital connection, it has to support COPP/HDCP).

    I can’t speak to whether any deals are done or timelines for any such deals, but CableCard is coming and bringing HD over digital cable to Media Center. On a parallel course, we’ve signed to 5C, so HD over Firewire from set-top boxes is coming, too. The next year looks to be truly exciting, with Windows Vista, Diamond, CableCard and Firewire support.

  9. the-tv-guy says:

    Peter,

    You keep insisting that "Analog copying is not the issue… it’s when you can make perfect digital copies that they get scared". However, the new improved DRM implementation enhancements (COPP) are primarily effecting Analog signal copying in the US. You seem to be talking out of both sides of your mouth. What was broken in MCE that needed to be fixed? This path will kill MCE.

    Bye the way, COPP is a nice acronym. Makes me feel protected.

  10. PeterRosser says:

    Hi tv-guy,

    COPP is /currently/ affecting mainly analog scenarios because analog makes up the lion’s share of what’s available right now. Its true target is digital, though, since it doesn’t even get enabled over non-HD-capable outputs. If you have 480i input and you want to make a copy, you can totally bypass COPP just by using S-Video or Composite. Hardly "robust"… unless you want to get at that HD content.

    I’m not talking out of both sides of my mouth, but I do apologize if I don’t always make everything clear. Sometimes it’s hard to remember what is general knowledge and what is not. I disagree that it will kill MCE; the x% of users who will hate us for doing it is justified given the (much larger) y% of users it allows us to reach.

  11. JoeD says:

    I was just wondering why there would be a need for something like this COPP mechanism in MCE-XP since the only HD-video that Media Center can currently receive is OTA DTV, and COPP mainly affects digital video and is only in effect over HDTV-capable outputs. Since OTA DTV doesn’t allow for copy protection methods, it sounds like COPP was added in anticipation of additional reception methods of DTV in MCE-XP, or perhaps, new laws allowing for copy protection in OTA DTV.

    Would you happen to know if COPP has the capability to protect DTV content carried over a firewire connection?

  12. PeterRosser says:

    COPP was first introduced to close the loop on protecting DVDs, actually. I won’t comment on the "silliness" or "non-silliness" of such an approach, since I’m not supposed to. ^_^

    COPP is engaged by a) the protection level of the content (i.e. non-protected content won’t get COPP), b) the output resolution (must be >720×480), and c) the output type (only engaged on DVI and Component). I’m not aware of any Component devices that could "talk back" to COPP, so realistically the only devices capable of rendering COPP-protected video without downrezzing are HDCP over DVI/HDMI and VGA.

    COPP is totally disconnected from the source (e.g. tuner, 1394, etc.); it only operates based on the information encoded onto the video stream. The 1394 connection just delivers the video stream to the PC. Any output of that video via DVI/HDMI, VGA, etc. is technically a "retransmission" (same concept as a network router), so there is a conceptual break between the 2. COPP is therefore input-agnostic.