Inisoft of Korea Acquires BuyDRM May 24, 2012
Posted by Bill Rosenblatt in DRM, Video.add a comment
Inisoft, a Korean company that does software development for mobile media applications, has acquired Texas-based BuyDRM. BuyDRM is a well-established player in the Microsoft DRM ecosystem with customers including HBO, BBC, and NBC. The company offers a DRM platform called KeyOS that incorporates Microsoft’s PlayReady DRM; Inisoft focuses on media player applications and DRM clients for mobile devices.
The deal is a good one for both parties as well as the premium video content marketplace in general. It enables BuyDRM — which will continue to operate under its own name — to increase its ability to offer the “one stop shopping” that service providers are often looking for, to build services that work on multiple devices more quickly and easily. This is increasingly necessary as service providers are scrambling to build “TV Everywhere” type services over multiple networks to a growing number of devices.
The newly-merged company is in a sweet spot in the video market, due to PlayReady’s emergence as a leading DRM for Hollywood content, for both streaming and download. Yet while Microsoft has fostered a healthy partner ecosystem, as it typically does for “platform” technologies like PlayReady, the ecosystem that exists can be confusing to service providers.
For one thing, Microsoft isn’t supporting the most popular client platforms by itself. Microsoft provides PlayReady server code and client code for Windows, Silverlight (Microsoft’s web application development platform), and Windows Phone, plus an SDK for porting to non-Microsoft platforms. But unlike other video DRM providers (e.g., Widevine), it doesn’t provide the actual ports to other client devices — including the most popular (and admittedly competing) platforms, Apple’s iOS and Google’s Android. Instead it leaves that to its partners.
The other problem is that Microsoft’s PlayReady partners cover an overlapping array of technologies and services that can be confusing to service providers who just want to get something up and running that meets Hollywood’s content protection requirements. There’s a profusion of vendors with different and often overlapping product sets. As a few examples: Discretix and Trusted Logic offer secure client ports but not server code; Axinom and castLabs offer server-side only; AuthenTec and Irdeto offer both server and client implementations; Verimatrix integrates PlayReady with its own stream protection technology; yet other vendors like Azuki Systems provide complete platforms for multiscreen Internet video content delivery with many more components beyond DRM.
The process of acquiring this technology is thus more complicated than it needs to be, especially in this age of proliferating devices and platforms. Service providers that are interested in using PlayReady to protect licensed content don’t get much help from Microsoft in guiding them through this maze of products and services; partners are left to do all the marketing. (Microsoft itself hasn’t put out a press release on PlayReady in over a year, despite its traction in the market.) In effect, Microsoft has let the market sort itself out through the relatively slow and cumbersome processes of partnerships, OEM deals, multiple-vendor arrangements, and — in the case of BuyDRM and Inisoft — mergers/acquisitions.
Having said that, Inisoft’s acquisition of BuyDRM should help bring some much-needed clarity to service providers. It is a positive development for the market for multi-device video services with studio content.
Webinar on Studios’ Content Security Policies April 24, 2012
Posted by Bill Rosenblatt in Conditional Access, DRM, Events, Video, Watermarking.add a comment
For those who couldn’t attend the breakfast event at the NAB trade show last week, I will be doing a webinar on Content Security Requirements for Multi-Screen Video Services, on Thursday April 26 at noon US east coast time/1700 GMT. I’ll be presenting a synopsis of the whitepaper I published last December on the topic. I will be joined by Petr Peterka, CTO of Verimatrix, sponsor of the webinar. Click here to register.
UltraViolet Gets Two Lifelines January 12, 2012
Posted by Bill Rosenblatt in Economics, Fingerprinting, Services, Standards, Video.add a comment
A panel at this week’s CES show in Las Vegas yielded two pieces of positive news for the DECE/UltraViolet standard, after a launch several months ago with Warner Bros. and its Flixster subsidiary that could charitably be called “premature.” Of the two news items, one is a nice to have, but the other is a game-changer.
Let’s get to the game-changer first: Amazon announced that a major Hollywood studio is licensing its content for UltraViolet distribution through the online retail giant. The Amazon executive didn’t name the studio, though many assume it’s Warner Bros. Even if it’s a single studio, the importance of this announcement to the likelihood of UltraViolet’s success in the market cannot be overstated.
Leaving aside UltraViolet’s initial technical glitches and shortage of available titles, the problem with UltraViolet from a market perspective had always been a lukewarm interest from online retailers. As I’ll explain, this hasn’t been a surprise, but Amazon’s new interest in UltraViolet could make all the difference.
UltraViolet is the “brand name” of a standard from a group called the Digital Entertainment Content Ecosystem (DECE), headed by Sony Pictures executive Mitch Singer. It implements a so-called rights locker for digital movies and other video content. Users can establish UltraViolet accounts for themselves and family members. Then they can obtain movies in one format (say, Blu-ray) and be entitled to get it in other formats for other devices (say, Windows Media file download for PCs). They can also stream the content to a web browser anywhere. The rights locker, managed by Neustar Inc., tracks each user’s purchases.
In other words, UltraViolet promises users format independence and a hedge against format obsolescence, while providing some protection for the content by requiring it to be packaged in several approved DRM and stream encryption schemes. It includes a few limitations on the number of devices and family members that can be associated with a single UltraViolet account, but in general UltraViolet is designed to make video content more portable and interoperable than, say, DVDs or iTunes downloads.
Five of the six major Hollywood studios (all but Disney*), plus the “major indie” Lionsgate, are participating in UltraViolet.
One of the design goals of UltraViolet was to ensure that no single retailer could attain a market share large enough to be able to control downstream economics — in other words, to avoid a replay of Apple’s dominance of digital music downloads (and possibly Amazon’s dominance of e-books). To do this, the DECE studios pushed for ways to thwart consumer lock-in by online retailers that would sell UltraViolet content.
The most important example of this is rights locker portability: users can access their rights lockers from any participating retailer. UltraViolet retailers must compete with each other through value-added features.
Amazon’s Kindle e-book scheme offers a good illustration of platform lock-in and how it differs from other features that a retailer can build or offer. If you buy an e-book on Amazon, you can download and read it on a wide variety of devices: not just Kindle e-readers but also iPads, iPhones, Android devices, BlackBerrys, PCs, and Macs — in other words, pretty much everything but other e-reader devices. You get e-book portability — it will even remember where you last left off if you resume reading an e-book on another device — but you are still tied to Amazon as a retailer. If you want to read the same e-book on a Nook, for example, you have to buy it separately from Barnes & Noble (and then you can read that e-book on your PC, Mac, iPhone, Android, etc.).
This lock-in gives Amazon power in the market as a retailer; it had 58% market share as of February 2011 (by comparison, Apple has over 70% of the music download market). UltraViolet wants to make it as difficult as possible for a single digital video retailer to assert such market power.
The downside of that policy has been a lack of enthusiasm among retailers to sell UltraViolet-licensed content — which entails significant development investment and operational expenses. A good shorthand way to evaluate the potential impact of a standards initiative is to look at the list of participants: what points in the value chain are represented, how many of the top companies in each category, and so on. In DECE’s case, members have included most of the major movie studios, plenty of consumer device makers, lots of DRM and conditional access technology vendors, and so on, but few big-name retailers… one of which (Best Buy) already had a different system for delivering digital video content via Sonic Solutions.
Warner Bros. tried to jump-start the UltraViolet ecosystem by acquiring Flixster, a movie-oriented social networking startup, adding digital video e-commerce capability, and using it as an UltraViolet retailer for a handful of Warner titles. This has been little more than a proof-of-concept test, which was plagued by some technical glitches and suboptimal user experience — all of which, according to Singer, have been fixed.
It would be unworkable for Hollywood to pin its hopes for its next big digital format on a small unknown retailer owned by one of the studios. It has been vitally necessary to attract a big-name retailer to both validate the concept and provide the necessary marketing and infrastructure footprints. There had been talk of Wal-Mart entering the UltraViolet ecosystem, although it already has its own video delivery scheme through VUDU. But otherwise, the membership list had been short on major retailers.
Of course, Amazon is the major-est online retailer of them all. And it so happens that Amazon’s digital video strategy is a good fit to UltraViolet in two ways. First, Amazon currently runs a streaming service (Amazon Instant Video), whereas UltraViolet is primarily focused on downloads, a/k/a Electronic Sell Through (EST): the idea of UltraViolet is to buy a download and only then be able to view it via streaming.
Second, Amazon Instant Video does not look particularly successful. Of course, Amazon does not reveal user numbers, but it is telling that Amazon included Instant Video Unlimited as a perk in its US $79/year Amazon Prime program… and that when people extol the virtues of Amazon Prime, they tend to emphasize the free overnight shipping but rarely the streaming video.
The biggest winner thus far in the paid online video sweepstakes is Netflix, with about 24 million subscribers as of mid-2011. Netflix’s subscription-on-demand model is most likely far more popular than Amazon Instant Video’s pay-per-view (except for Amazon Prime members) model. Thus Amazon may be looking for ways to improve its market position in video without having to hack away at the Netflix streaming juggernaut.
The video download market is in comparative infancy. It has no runaway market leader a la Netflix, or Apple in music. If this situation persists long enough, and if Amazon’s trial run with UltraViolet is successful, then other retailers might see UltraViolet as a viable format as well… precisely because it will make them better able to compete with the Online Retailing Gorilla.
Yet the other dimension of UltraViolet that is currently lacking is availability of titles. And that’s where the other CES announcement comes in. Samsung announced a “Disc to Digital” feature that it will incorporate into new Blu-ray players later this year. With this feature, users can slide in their Blu-ray discs or DVDs, and if the content is “eligible,” they can choose to have that content available in their UltraViolet rights lockers for delivery in any UltraViolet-compliant format.
The Disc to Digital feature is a collaboration between Flixster (i.e. Warner Bros.) as online retailer and Rovi as technology supplier. It works in a manner that is analogous to “scan and match” services for music such as Apple iTunes Match: it scans your DVD or Blu-ray disc, identifies the movie, and if the movie is available in the UltraViolet library of licensed content, gives you an UltraViolet rights locker entry for that movie. Rovi’s content identification technology and metadata library are undoubtedly at the heart of this scheme.
There are two catches: first, users will have to pay a “nominal” fee per disc for this service, which is even larger (and as yet unspecified) if they want it in high definition; second, it is limited to “eligible” content, and no one has offered a definition of “eligible” yet (beyond the fact that the content must come from one of the DECE participating studios). But surely the “eligible” catalog will exceed the current list (19 titles) by orders of magnitude, or the service will not be worth launching.
Nevertheless, these developments are very positive news for DECE/UltraViolet after months of embarrassments and bad press. DECE still has lots of work to do to make UltraViolet successful enough to be the major studios’ designated successor to Blu-ray, but at last it’s on track.
*Yes, I’m aware of the irony of using a tag line from “Who Wants to Be a Millionare” in the title of this article: Disney owns the home entertainment distribution rights to that hit TV game show.
New White Paper: Content Security Requirements for Multi-Screen Video Services January 9, 2012
Posted by Bill Rosenblatt in Conditional Access, DRM, Technologies, Video, Watermarking, White Papers.add a comment
I have released a new white paper on content security requirements for video services that distribute content to multiple devices. This white paper discusses copyright owners’ requirements for security in today’s world of proliferating devices and delivery channels.
So-called managed networks (cable, satellite, and telco TV) are under increasing pressure to compete with “over the top” (OTT) video services that can run on any IP-based (unmanaged) network to a variety of devices — services like Netflix and Hulu. In the US, in fact, total subscriberships of OTT services are fast approaching the total subscriberships of cable, satellite, and telco TV.
Therefore pay-TV operators have to respond by making their content available on a similar variety of devices and even through unmanaged networks. While some major pay-TV providers like Comcast and Time Warner Cable are launching “TV Everywhere” services, many more pay-TV operators are trying to keep up by building their own service extensions onto mobile phones, tablets, and home devices other than traditional set-top boxes (STBs).
Content security is one of the many requirements that operators have to meet in order to license content from studios, TV networks, sports leagues, and other major content sources. Life for pay-TV operators used to be relatively simple: adopt a conditional access (CA) technology that was equally effective in thwarting signal theft as it was in thwarting content piracy. Economic and security goals were aligned between operators and copyright owners. Now life is considerably more complicated, as operators have to support home networks and branch out into mobile services. Content security requirements are more complicated as well.
This white paper gathers security requirements from major content owners and describes them in a single document. The intent is to help pay-TV operators and other video service providers that are looking to launch multi-screen video services, so that they know what to expect and avoid any unpleasant surprises with regard to security requirements when licensing content to offer through their services.
I spoke to representatives from most of the major Hollywood studios to get their requirements. Although it is not possible to build a gigantic table that an operator can use to look up DRM or conditional access requirements for any given delivery modality and client device — among other things, such a table would become obsolete very quickly — I was able to create a set of guidelines that should be useful for operators.
Content security guidelines do depend on certain factors, including release windows (how long after a film’s theatrical release or a TV show’s first airing), display quality, and the usage rules granted to users and their devices. In the white paper, I map these factors to certain specific content security requirements, such as roots of trust, watermarks, software hardening, and DRM robustness rules. Security guidelines also depend on external market factors that the white paper also describes.
Many thanks to Verimatrix for commissioning this white paper. To obtain it, follow this link and fill out the form for a PDF download. Feel free to contact me with any questions or other follow-up.
Irdeto Acquires BayTSP October 24, 2011
Posted by Bill Rosenblatt in Fingerprinting, Publishing, Services, Video.2 comments
Irdeto announced on Monday that it is acquiring the antipiracy services company BayTSP. Terms were not disclosed, but this is the culmination of a “strategic alternatives exploration” process that BayTSP had been engaging in for some time.
BayTSP monitors P2P networks, file-sharing services, and other places where unauthorized content might lurk and generates evidence that content owners can use to support legal action against infringers. It uses a range of technologies, including sophisticated network traffic analysis and fingerprinting. It has been one of a shrinking number of providers of such services as the industry has consolidated.
This is a good strategic fit for Irdeto in various ways. First, BayTSP will boost Irdeto’s existing antipiracy services; this will strengthen the company’s competitive positioning particularly against NDS, which is known to have robust antipiracy services to complement its content protection technologies. Second, BayTSP has made some recent forays into e-book antipiracy services, which will complement Irdeto’s own new content protection technology for the e-publishing market.
Yet the consolidation of antipiracy services within a major content protection company has interesting implications for the economics of content protection. Typically, copyright owners pay for antipiracy services such as those of BayTSP, Peer Media, and Attributor, but downstream entities such as network operators, online retailers, and device makers pay for content protection technologies such as conditional access and DRM. At the same time, pay TV operators are starting to launch services in which the content can go beyond the customer’s set top box, possibly onto their tablets, mobile handsets, and PCs. The question is: do pay TV operators believe it’s their responsibility to protect the content beyond the STB?
Irdeto will have to decide the answer to this question. Specifically: will it continue to charge content owners for BayTSP’s antipiracy services, or will it attempt to add to the fees it charges its operator customers? To put it more cynically, have Hollywood studios encouraged Irdeto to acquire BayTSP (as they encouraged Irdeto to buy BD+ Blu-ray content protection technology from Rovi just three months ago) so that they no longer have to pay for it?
Seen in this light, Irdeto’s acquisition of BayTSP becomes part of the company’s overall strategy to offer more comprehensive and higher-grade content protection services to pay TV operators, on the theory that they will pay more to get better protection. This is a risky strategy, but given the growing footprint that Irdeto has in the overall content protection market, it’s a risk that Irdeto can probably afford to take.
New White Paper: The New Technologies for Pay TV Content Security August 18, 2011
Posted by Bill Rosenblatt in DRM, Fingerprinting, Technologies, Video, Watermarking, White Papers.add a comment
I have just published a new white paper: The New Technologies for Pay TV Content Security. This white paper was commissioned by Irdeto.
The 28-page paper describes the current state of the art of techniques for protecting video content delivered over pay television networks such as cable and satellite. The two primary theses of the white paper are:
- Pay TV often leads in content protection innovation over other media types and delivery modalities. That is because, among other reasons, it is a fairly rare case where the economic interests of content owners and service providers are aligned: content owners don’t want their content used without authorization, and pay-TV operators don’t want their signals stolen. Therefore pay-TV operators have incentives to implement strong and innovative content security solutions.
- Before today, many content security schemes could be described as hack-it-and-it’s-broken (such as CSS for DVDs) or a cycle of hack-patch-hack-patch-etc. (such as AACS for Blu-ray or FairPlay for iTunes). Now technologies are available that break the hack-patch-hack-patch cycle, thereby decreasing long-term costs (TCO) and complexity.
The white paper starts with a brief history of content protection technologies for digital pay TV, starting with the adoption of the Digital Video Broadcasting (DVB) standard in 1994. Then it describes various newer technologies, including building blocks like ECC (elliptical curve cryptography), flash memory, and secure silicon; and it describes new techniques such as individualization, renewability, diversity, and whitebox cryptography. It ties these techniques together into the concept of security lifecycle services, which include breach response and monitoring.
The final section of the paper discusses fingerprinting and watermarking as two techniques that complement encryption as ways of finding unauthorized content “in the wild.”
My thanks to Irdeto for sponsoring this paper.
Irdeto Acquires BD+ Technology from Rovi July 7, 2011
Posted by Bill Rosenblatt in DRM, Economics, Technologies, Video.add a comment
Irdeto announced that it has acquired the BD+ content protection technology for Blu-ray discs from Rovi Corp. (formerly Macrovision). This includes the team and patents related to Cryptography Research Inc.’s Self Protecting Digital Content (SPDC), which Rovi acquired in 2007.
Given the string of recent acquisitions that Rovi has unwound (eMeta, InstallShield, FlexNet, TryMedia, and others), most of which have to do with content security or license management, this deal would seem to be yet another in the same vein; and in fact, BD+ was the last content security asset that Rovi owned, apart from its legacy serial copy management technology. Rovi is apparently paring assets to focus on its metadata (acquired from All Media Guide and Muze) and Electronic Program Guide (Gemstar) businesses; Rovi has dominant market shares or IP positions in both areas.
But a conversation I had with Irdeto revealed an entirely different purpose for this deal: one of the major Hollywood studios brokered it in an attempt to fix Blu-ray security, which has been seriously hacked. Irdeto did not name the studio, but those who follow the industry closely can probably guess which one it is.
BD+ is one of two sets of security technologies used in the Blu-ray disc format. The other, AACS, has been hacked — but the impact of the hack is not as severe as that of other hacks, such as the hack to CSS for DVDs. Nevertheless, the security of Blu-ray discs is apparently so poor that Hollywood is concerned enough to find a solution.
The idea in this deal is that Irdeto will bolster the security of Blu-ray by applying the Cloakware software-security technology that it acquired in 2007. According to Irdeto, this is a nontrivial engineering challenge but one that it believes it can solve in a few months’ time.
When Blu-ray first hit the market, with its multiple layers of content security, I had thought it was a real breakthrough for Hollywood. It looked as though Hollywood had not only learned its lesson about approving content security schemes that are too easy to hack (such as CSS for DVDs) but also had figured out a way to get downstream entities, such as consumer electronics makers, to pay for truly superior security.
Yet now we know that Hollywood has, once again, gotten what it paid for. Now that the latest intelligence about the Blu-ray format says that rumors of its demise are exaggerated, Hollywood wants to shore up the format’s security and protect its release windows. It wants to rely Irdeto’s Cloakware technology to plug the holes.
This is a great vote of confidence in Irdeto. But relative to the bigger picture, one must ask: does it really change Hollywood’s behavior so that this kind of thing doesn’t happen again? To put the question another way: what does Irdeto get out of this deal that would create incentives for it and other vendors to produce truly superior content protection — technology that is secure and affords a decent user experience?
Irdeto isn’t offering an answer. The terms of the acquisition from Rovi are undisclosed. It is unlikely that Blu-ray equipment and software makers will pay more for a license to Cloakware-enhanced BD+ technology than they pay now. Irdeto says that it will get “something” if it completes the Blu-ray fix successfully, but it won’t say what that something is.
I get the feeling that it will mostly be bragging rights. Irdeto will get the cachet of having “fixed Blu-ray,” which will (so the logic goes) lead to other opportunities with future formats; such is the power of Hollywood studio endorsement of content protection technology. And there is certainly some value in the elegant SPDC technology and the patents and engineering team that came with Irdeto’s acquisition.
But — putting aside the price of the acquisition vis-à-vis the value of the Blu-ray revenue stream that comes with it — the value of this deal strikes me as illusory. It’s the analog of user advocates who say that Hollywood studios should give away their content online so that consumers can “engage with the brands.” Both Hollywood studios and content protection vendors are in business to make money from their products. The major studios generally operate on the proposition that more money makes for a better product. Why can’t they apply the same principle to content protection?
The Early Release Window Experiment Continues June 29, 2011
Posted by Niels Thorwirth in Video, Watermarking.10 comments
The early release window, which offers Hollywood content for home consumption while it is still showing at theaters, has been debated for many years – in fact, I wrote about an enabling FCC ruling about a year ago. But now the debate about its success is raging more than ever.
Adding fuel to the fire is a current price tag of US $30. At this price point, the discussions revolve around the comparison of an expensive VOD movie to movie theater tickets that cost, on average, less than $8. Cinema owners and movie directors have voiced their concerns about the shift in content consumption habits. Though after all, it is impossible to reliably predict consumer interest – otherwise every Hollywood title would be a blockbuster.
I think that it will be an interesting offer for, initially, a small percentage of consumers. And while the rate of the adoption is questionable, it’s obvious to me that movie theaters won’t disappear any time soon and that electronic distribution will continue to grow.
The participating studios certainly have conducted their own research and it is evident that they have high enough hopes to shake the traditional models and to support this offer.
But I see the most relevant indicator in recent discussions that I had with operators. They are evaluating this opportunity seriously and investing time and resources in the studios’ requirement that early-window content be digitally watermarked as well as encrypted. This may be because even a small uptake by consumers will translate into a relevant chunk of revenue.
One technically interesting point is that operators often prefer server-side integration of watermarking. The tradeoff is whether the integration is done in the client device or in the video server before delivery. While a client-based approach has the advantage of distributed processing without head-end integration, server-side watermarking integration does not require modification to client devices.
The overall application is the same, yet the head-end component requires a very different technology approach. The manipulation of video pixels is too slow when considering the complex coding of compression schemes like H.264. The server-side manipulation has to be applied in the compressed and possibly encrypted domain, and applied while the content is delivered.
Efficiency is key, because the delivery infrastructure is all about delivering the maximum number of parallel streams. If watermarking introduces overhead to it, it must be small and fast. This is a fundamental difference from previous watermarking schemes that only focused on survivability (robustness). At the same time, with an expected broad deployment across multiple head end infrastructures, ease of integration is crucial to the adoption of digital watermarking.
This development will remain interesting because it’s an experiment on the technical front as well in business models, and I am sure there will be more progress to report in the future.
Irdeto Sets Next Level in Video Content Protection March 7, 2011
Posted by Bill Rosenblatt in DRM, Technologies, Video.3 comments
Last week, Irdeto of the Netherlands announced its new ActiveCloak for Media content protection technology for video. This is a real, bona fide breakthrough technique. It’s also revolutionary, in that it starts with a a bold statement for the DRM industry: an admission that it has a problem.
A long, long time ago, there was a myth: that DRM was hack-proof. Most knowledgeable people stopped believing this myth years ago, especially since it came to light that many DRMs were designed to be cheap to implement rather than strongly protective of content. But somehow the myth persisted and was very hard to eradicate.
The media industry responded to weak DRM in a couple of ways. First, they got a law passed that made hacking DRMs illegal. This law — the DMCA — placed liability for hacking solely on the hacker. The idea was to deter hackers through criminal penalties rather than to give incentives to technology vendors to create stronger DRMs, or to make the vendors liable for hacks.
Next, the industry created licensing frameworks for DRM technologies that bolstered them by imposing additional technical obligations on implementers. If you wanted to implement a system using a certain DRM technology, you had to agree to so-called robustness rules, which were designed to prevent the software “around” the DRM from leaving doors open to hackers. Robustness rules cover things like how to hide keys in software and how to “harden” software so that it can’t be reverse engineered.
As we know, DRMs are still routinely hacked.
Yet in some quiet corners of the industry, hacking is treated as a given. One example: the CEO of a software antipiracy technology company recently boasted about his company’s success in the gaming market. He measures success by the length of time until a game is hacked. The game publisher is pleased, he says, because his technology works well enough that games aren’t hacked until after their “new and hot” period is over. By this point, the game company has made the bulk of its money; it’s happy for the hacked game to “go viral” and generate demand for the next version of the game.
Try telling this to a Hollywood studio.
Meanwhile, DRM technologies have advanced by limiting the impact of hacks, through techniques such as key revocation (preventing the offending device from doing any more damage) and field-upgradeable encryption (changing the encryption algorithm so that a specific hack no longer works). But these techniques are analogous to making air passengers take their shoes off at security because someone tried to hide a bomb in his shoe once: they don’t prevent the damage from happening in the first place.
With last week’s announcement of ActiveCloak, Irdeto has taken the next logical step. Instead of trying to design DRMs so that they are hack-proof, or even so that they take as long as possible until they are hacked, assume they are going to be hacked and act before they are.
ActiveCloak enables network operators and service providers to change the content protection software proactively as well as reactively. Instead of upgrading the encryption or revoking keys after a hack — or as we Americans say, locking the barn door after the horse has escaped — ActiveCloak lets operators change the client configuration on a regular basis at intervals shorter than the time to expected hack. (Service providers could do this on their own, but ActiveCloak makes the process automated and much more straightforward.)
Irdeto doesn’t just do this by changing encryption keys or even random seeds used in code obfuscation algorithms. ActiveCloak represents a synergy between Irdeto’s legacy content protection technology for digital TV and the software hardening and key hiding technologies of Cloakware, which Irdeto acquired in late 2007.
Cloakware’s main offering in the digital media industry is tools and techniques for hardening DRM implementations so that they meet robustness rules. Many implementers of several different DRMs use Cloakware to harden their code; its only real competition in the digital media market is the smaller Arxan Technologies.
In fact, when the acquisition was announced three years ago, I had assumed that Irdeto’s objective was to collect a “toll” from those who implement content protection solutions from its competitors.
Now we have a product that embodies true synergies between the legacy Irdeto and Cloakware technologies. The system renews itself with respect to the key hiding and code hardening as well as the content protection itself, and it does so on a proactive basis. ActiveCloak gives new meaning to the term “race against the hackers”: hackers must do their thing before the clock runs out and the system is renewed. The integration of Cloakware’s technology makes outwitting this system that much more difficult — assuming, of course, that no one figures out a way to disable the overall scheme.
As Irdeto admits, ActiveCloak will be more expensive than comparable video content protection technologies — in terms of both upfront cost and operational complexity. The company argues that the total cost of ownership is lower than that of a system that has to be patched or replaced due to hacks.
With pay TV operators (cable or satellite), this may well be a reasonable sales proposition. Pay TV operators are somewhat unique among content service providers in that their economic incentives are aligned with those of TV networks, movie studios, and other content owners: none of these entities want their signals to be stolen. The same is emphatically not true for, say, an Internet content retailer or consumer device maker.
ActiveCloak for Media is initially targeted toward OTT (over-the-top or IP-based) content delivery to tablet, Google TV, and other devices. Ports to Apple iOS, Android, and Intel’s “Sodaville” chipset for set-top boxes exist. The technology is running on three Google TV platforms, Boxee, and tablet and PC implementations with unnamed operators.
Although ActiveCloak is a real step forward in content protection technology, it still presupposes that Hollywood is dissatisfied enough with current technologies — and the various legal backstops — to make its content licensees pay a premium for the new technology. It’s doubtful that Hollywood studios will take other content protection technologies off their “approved lists,” but it may make robustness rules more stringent with respect to renewability.
At the same time, I’ll hazard a guess that if this approach catches on — if the rest of the industry is willing to admit that it has a problem — then Irdeto’s competitors will be looking to emulate ActiveCloak. If I were Arxan, I’d have investment bankers ready and waiting to field the incoming acquisition offers. And if I were Irdeto, I’d have my patent lawyers working overtime to protect the technology.
DECE Announces UltraViolet Roadmap and Usage Rules January 10, 2011
Posted by Bill Rosenblatt in Devices, Services, Standards, Video.4 comments
The Digital Entertainment Content Ecosystem (DECE) issued a press release in conjunction with last week’s massive CES trade show in Las Vegas. The verbiage in the press release proclaimed “series of milestones in the development and availability of UltraViolet™,” the latter being the brand name attached to DECE-compliant products and services.
So what, for those of us who have been following DECE’s progress over the past couple of years, are those milestones? The most interesting actual accomplishment is one that, unfortunately, I can’t tell you much about: DECE has completed a technical specification. I filled out a web form to request one, hoping that I could have read and written about it by now, but I haven’t gotten it yet.
There are two possible reasons for this: first, the folks at DECE are too busy with CES-related business and haven’t gotten around to it; second, they have decided to make DECE a closed club and not reveal any details without a paid-up evaluation license and/or a nondisclosure agreement. I’ll reserve judgment until a little later on, but let’s just say (once again) that the latter would be a bad idea.
Apart from the spec, the press releases discloses a few items of interest. One is that DECE has set usage rules for UltraViolet accounts. Recall that the heart of UltraViolet is a so-called rights locker service, which is run by the company Neustar. If you buy a movie or other piece of content, Neustar makes a record of your purchase in the central rights locker. This gives you the right to download that content onto any of your UltraViolet-compliant devices, to obtain a physical copy (e.g. on Blu-ray), and to stream it to virtually any web browser through your UltraViolet account.
Now we know that there will be limits to the number of users who and devices that can share content from a single UltraViolet account: 6 and 12 respectively. This is meant to represent the size of a family and its devices. In other words, DECE has decided that the only reasonable way to define what is known as a domain — a group of users and devices, such as all those in a family — is to put limits on users and devices. Other possible techniques include allowing devices within geographic proximity of one another to be in the same domain, but that doesn’t allow for portable or automotive use.
One presumes that those numbers represent a consensus of the content licensors involved in DECE, which include all major movie studios except Disney. But expect those numbers to be points of contention in the future. We’ve seen this before regarding such scenarios as the number of devices that can play content from an iTunes account (five) or the number of devices that can read an e-book in Adobe’s DRM (six, though the number has varied over the years).
Another interesting tidbit from the press release is that the voice of DECE is no longer Mitch Singer, CTO of Sony Pictures and DECE President; it is now Mark Teitell, DECE General Manager. This is evidence that the backers of DECE are investing in resources to make it happen, a good sign.
Otherwise, the CES press release is primarily a series of pre-announcements, a roadmap:
- By the middle of this year, the rights locker infrastructure will be up and running, and the first UltraViolet-based retail services will launch.
- By the end of this year, software updates to PCs and other devices will become available, enabling them to become UltraViolet-compatible. This means, among other things, to be able to read the DECE Common File Format and to interoperate it with one of the five DECE-approved DRMs.
- By early next year (presumably by CES 2012), the first UltraViolet-compatible devices will hit the market.
We’ll see how well DECE fares in meeting those milestones with a critical mass of retail service providers and (eventually) devices. But for now, I’d settle for a copy of that spec.
Bill Rosenblatt
Azita Arvani
Bill Jones
Niels Thorwirth
