Intel SGX proves Blu-ray DRM is defective by design

This story received a flurry of coverage and then disappeared. Our role here at Defective by Design is to not let these stories go, for the fact that they are forgotten so quickly is how Digital Restrictions Management (DRM) perpetuates itself.

Eagle-eyed readers of a technical document recently published by Intel, which details upcoming changes to their line of processors, noticed that the Software Guard Extension (SGX) will soon be deprecated. The SGX provided the ability for certain areas of system memory on Intel computers to be dedicated to encrypting and decrypting information, and therefore private -- off-limits to the rest of the system in a so-called "secure enclave." Connecting the dots, readers of Intel's document soon realized that this would prevent users from viewing certain kinds of media, particularly Blu-ray discs, used primarily for their high resolution capabilities. As it always does, the DRM in these discs is now forcing an added, arbitrary restriction on top of others: in processors without the SGX, 4K streams will be downgraded to the lower-quality 1080p, even if the device is perfectly capable of playing it.

"Secure enclaves" sound nice from a privacy perspective, but when examining buzzwords like these, it's important to ask: privacy for whom? At least in principle, there's nothing wrong with offloading a system's cryptography to another part of that system, provided it can still be controlled by the user. But that's precisely where the problem is: in practice, the SGX was used by Intel to implement DRM. The security and privacy the enclave was supposed to provide its user was forked over to media conglomerates instead -- securing and hiding their misdeeds. In effect, if you're using the SGX, part of your computer is off-limits to you, like a room in your own house you're not even allowed to enter, let alone use how you would like.

The problems with Blu-ray disks are nothing new. Not content with the ways they already compromised DVDs with region codes and copy restriction mechanisms, the media cabal behind the format made them dependent on a more complex set of keys, and worse, proprietary software. The con played by the Motion Picture Association of America (MPAA) and their friends has been a long one: first convincing users that DRM was necessary to guard against "copyright infringement," and then, over time, sneaking more and more onerous restrictions into our devices in exchange for the latest superhero flick.

While on the surface this issue only seems to inconvenience customers who view Blu-ray discs with their home computers, this move's other implications are worth examining. It represents another attack on physical media on the part of corporations like Netflix and Disney, locking users into streaming platforms, whose films and television shows they can revoke -- or edit -- on a whim. Whereas before an album or film could be passed down through a family as a sentimental object imbued with its own history, the world the deprecation of the SGX helps to create is one where "access" is all that a customer has when it comes to their favorite works of art. No earmarked pages or personal notes in this case: merely an "access" that involves agreeing to ever more restrictive licensing terms, and paying an interminable monthly fee.

In all likelihood, Intel's decision to deprecate the SGX was not something they did to increase streaming platforms' bottom-line. At the same time, our response shouldn't be to try to persuade Intel to keep it around, given the harm it's caused, and the ways it can be exploited. What we can do is let them know they should show respect to their users by never implementing features designed for DRM.

Even if the Blu-ray case and disc on our shelf doesn't seem liable to get up and fly away, or dissipate into the ether anytime soon, all DRM'd media comes with strings attached. The "access" we may think we have now really can disappear at any moment, or worse, held over our heads until we exchange even more of our freedom for the next caped crusader. In a world where perfectly intact physical media can play one day and refuse to play the next, the only truly sustainable solution is to reject DRM entirely, and support those companies and storefronts that act ethically instead, those who view their customers as people with rights and freedoms, rather than part of a faceless mass they can siphon for profit.