Giz Explains: Everything You Wanted to Know About DRM

Condensed explanation: Digital rights management is a corporate pain in the ass that stops you from doing whatever you want with music and movies in the name of fighting piracy. But there's more to it.

Straight up, you run into DRM pretty much every day. Bought music from three of the four major labels or any TV show from iTunes? Played a game on Steam? Watched a Blu-ray movie? Hello, DRM. If you wanna get technical about it, digital rights management and copy protection are two different, if similar things. Digital rights management is copy protection's sniveling, more invasive cousin—it isn't designed simply to make it harder to steal content like straightforward copy protection—you thieving bastard you—but to control exactly how and when you use media. We're going to cover both here, since they both refer to technologies that restrict what you do with music, movies and more.

There are, approximately, 10,742,489 kinds of DRM and copy protection. Almost every company or format has its own flavor that works in a slightly different way from everyone else—Apple's iTunes-smothering FairPlay, Blu-ray's BD+, the restrictions built into every gaming console. They've gotten more complex and nuanced over time, too, as content delivery has evolved. For instance, elementary-school DRM would simply keep you from copying or converting or doing other unseemly things to a file, like playing it on a non-sanctioned device. Or you might remember old-school CD keys, before the days of online activation. Today's DRM, like for movie rentals, music subscriptions or software, constructs more elaborate obstacle courses, nuking videos 24 hours after you press play, or allowing a certain number of copies.

Many of these work in similar ways—files are encrypted with the DRM flavor of the day, and they're unlocked or decrypted for your use by authorized programs and devices. Think of it like a secret handshake that only certain programs or pieces of hardware know. Often, they're tied to an account like on Steam or iTunes. This makes it easy for the Man to keep track of and manage what you're doing with stuff—how many copies you've made, how many machines you've authorized to play your content, whether your monthly all-you-can-eat music subscription is still active, that kind of thing. DRM-busting cracks look for ways to strip that encryption out to allow free usage, copying or modification of the file.

So, aside from the fact that DRM keeps you copying or modifying content, and playing it on whatever damn player you wanna play it on, and maybe limits your time with a movie to a fleeting window, it doesn't sound so bad. Okay, it does. But it can get worse—like when DRM breaks. For instance, Valve's Steam network had a hiccup in 2004 that meant people were locked out of the game they paid to play. Or when Windows cocks up and tells users their OS isn't genuine. Or Sony's infamous rootkit CDs. Or when DRM servers are shut down, rendering music useless. The list goes on.

But wait, haven't you heard that DRM's dead? Or has a cold? Weeellll, yes and no. Sure, some music stores sell DRM-free MP3s—Amazon is unrivaled in that has 'em from every major label, and iTunes sells DRM-free music from EMI. And CDs have never had 'em, except for that aforementioned BS copy protection from Sony and a few other short-lived misguided attempts. So, it's sort of going away for pay-to-own music, but it's still fairly ubiquitous, in all-you-can-eat subscription music, in movies and in software, and it's not going away anytime soon. The emergence of streaming serious video content, like with Hulu in particular, sort of challenges this on the video front—there's no DRM, but then again, it's not as easy to rip a stream for Joe Blow as it is to share a file over Limewire. Harder questions, though, like whether DRM means you ever really own anything anymore, we'll leave to the lawyers.

Here's a list an quick blurb on every major kind of DRM you're likely to run into, and why it sucks (beyond the whole keeping-you-from-sharing-it-with-all-your-friends business):

Audio
FairPlay is Apple's flavor of DRM that's baked right into iTunes, iPods, QuickTime and iEverything else—most music from the iTunes store is lojacked with it, with exceptions from EMI and some indie labels. It allows for unlimited copies of music files, but only five computers at a time can be authorized. FairPlay files only play on Apple's own iThings. Like every other DRM scheme, it's been cracked.

PlaysForSure (now simply "Certified for Vista," which is confusing since not all "Certified for Vista" stuff will play PlaysForSure, like Microsoft's own Zune) was Microsoft's attempt to get everyone in the portable player industry on the same Windows Media DRM. Even though Microsoft has basically ditched it, it's successful in that a bunch of services, like Rhapsody and Napster, and players—essentially everyone Apple, from Sony to Toshiba to SanDisk—have used or supported it. It's fairly generic copy protection that keeps you from sending it to all of your friends, though it works with and enforces subscriptions, with the biggest bitch being that it restricts you to Windows and to PlaysForSure devices. (Read: Not iPods.)

Zune uses a totally different DRM tech than PlaysForSure and is incompatible with it. It allows you to share DRM'd subscription content with up to three other Zunes, though it won't let you burn songs unless you buy 'em. And if subscriptions die, it nukes your songs. It also manages the Zune's "squirt" feature, making sure you don't play beamed songs more than a few times and other annoying restrictions.

PlayReady: Hey lookie, another Microsoft DRM scheme. This one's different from the similar-sounding PlaysForSure in that while it's backward compatible with Windows Media DRM, it works with more than just Windows Media audio or video files, like AAC and MPEG, and is meant to cover a broader range of devices, like mobile phones.

Video
FairPlay for video is a lot like the audio version, but adds a couple tricks like nuking rental videos 24 hours after pressing play and presenting a slightly more complicated obstacle course to sync them to portable iThings.

High-Bandwidth Digital Copy Protection prevents video from being copied as it moves across certain digital video interfaces like HDMI, DisplayPort and DVI, which sounds innocent enough, until you try to watch something on a non-HDCP compliant display—and you can't.

Content Scrambling System (CSS) was DVD's piddly encryption scheme, long ago busted open like a rotten watermelon.

AACS (Advanced Access Content System) is one layer of copy protection that's part of the spec of both HD DVD and Blu-ray. It's way stronger than DVD's CSS setup with several components involved in the encryption/decryption process, and allows for blocking specific players that have their keys compromised. Plus it can allow specific numbers of DRM'd copies of content, like for portable players. Also cracked, rather explosively.

BD+ is Blu-ray's secret sauce DRM that's actually a virtual machine, allowing it to do stuff like make sure the hardware and keys are kosher, and execute code. It's been cracked, twice actually, but part of the appeal is that it can be updated—the last version is at least three months away from being cracked again, though it totally will be. BD+ was the main reason some studios supported Blu-ray over the AACS-only HD DVD, and you can see why.

Macrovision VHS, yep, that old chestnut: copy protection on VHS tapes that made everything squiggly when you tried to run two VCRs together. Why include it in a digital roundup? Well, besides nostalgia, if you want to convert your original 1986 Star Wars VHS tape to digital, this will make your life difficult—fortunately, a quick Google search turns up ways around it.

TV and cable—there's a lot going on there to keep you from stealing cable's goods, so you need a box or a CableCard to take the encrypted feed and make it watchable. The industry didn't even really get behind the plug-n-play CableCard, either—it was more or less forced on them. There's also this thing called a broadcast flag that stations like ABC or NBC or HBO can embed in shows at will so you can't record them.

• Tivo uses DRM from Macrovision that can slap you with all kinds of restrictions, ranging from no copying at all to automatic expiration, limiting copies or managed transfers to PCs, or even not allowing you to view certain football games outside of a designated region. Its TivoToGo, for porting stuff to portable devices, actually uses Windows Media DRM though.

Windows Media DRM, speaking of it, is one of the more popular off-the-shelf DRM kits, used by everyone from Netflix for its streaming service to Amazon's defunct Unbox downloads (now Video on Demand downloads) to Walmart's old video store, that's somewhat flexible it what it allows or doesn't, depending on the service's wants—from no copying to nothing but Windows Media compatible devices (i.e., no iPods). It only runs on Windows, naturally.

• Even Adobe Flash has DRM now. If you've used the streaming part of Amazon's Video on Demand service, you've run into Flash DRM (which had a lovely Antarctica-sized hole allowing you to rip movie streams until a couple months ago). Two bad things about this DRM, notes the EFF: First, with an unencrypted stream it's "unlikely that tools to download, edit, or remix them are illegal." That changes if it's locked up with DRM. Also, it means you'll have to use Adobe's own Flash player to video Flash videos. Lame.

PlayReady is another Microsoft DRM flavor, aimed mostly at portable devices, but it also powers the DRM in Microsoft's Silverlight, which is what just brought Netflix streaming to Macs.

Software
Windows Genuine Advantage is what makes sure you're not using a pirated copy of Windows. It phones home occasionally, which can cause bad things if the servers go down. If your copy is legit and it says you're a pirate, you're not the first person it's falsely accused.

Valve's Steam is one of the most elegant, integrated DRM solutions we've seen in a physical-media-be-damned world (except for its two infamous outages). Unlimited copies of games on unlimited computers, but only one can play on an account at a time. It's fairly seamless, like good DRM should be.

EA's copy protection system got real famous, real fast thanks to Spore, and nefariously restricts game installations to three computers—in its lifetime, not just at one time like some media DRMs.

• Pretty much every console has varying levels of DRM and copy protection (duh, it's a closed system), but DRM issues are coming more brightly into focus as we download games from stores, like on the Xbox 360 and Wii, where games are tied to your original system, so you're screwed if you get a replacement—it'll take some decent footwork to get your games back, at the very least.

• Not software DRM per se, but Windows Vista has a ton of DRM technologies baked right into it.

Any DRM schemes we missed, feel free to complain about how they make your life more miserable in the comments.

Something you still wanna know? Send any questions about DRM, rights, McDonald's managers or Taiko Drum Master to tips@gizmodo.com, with "Giz Explains" in the subject line.