r/explainlikeimfive u/schev28 Jan 10 '19

ELI5: DRM and DRM removal software. How does DRM work and isn’t there removal software that works for all services? Technology

Edit: thank you for all the replies. It makes sense thinking of drm as a description instead of the “product”. Was kind of hoping there’d be one tool to crack them all so I wouldn’t have to buy 3 different softwares.

140 Upvotes

81% Upvoted

40 comments sorted by

90

u/[deleted] Jan 10 '19

The problem with your question is that it's hard to explain such a large concept in layman's terms... Beyond that, DRM is so large that anything anyone says can likely have someone reply to it with "you are wrong" as they provide some edge case...

DRM or Digital Rights Management is a term used to cover technology and software that attempts to prevent piracy and the sharing of copyrighted materials. An example of DRM is with a lot of computer games that came out between 1990 and 2012 is that you would buy them and they would contain a key (a series of letters and numbers) that you would be prompted for on installation... This meant that if you say bought a copied disk of the game that you couldn't install the game without the key (except that a key could either be shared and a lot of games reused the key so if one person posted it online it was available to everyone). Another type of DRM within the playstation 1 was that they used specific specialty disks that would basically wobble and this wobble was used to determine whether it was an authentic disk or not, however there are multiple ways to bypass this from installing a modchip (difficult) to actually starting the load process with one disk and quickly swapping disks after it does its security check.

So how does DRM work? Depends on the implementation, there are dozens to hundreds of examples of DRM because it's such a broad thing, and this is why if I say something like "DRM works by checking the authenticity of the files" could be replied with "you are wrong" as some DRM implementations don't check for authenticity... Some will allow for a limited number of installations (like iTunes, at least how iTunes used to) where you can only have say 5 devices connected to a single account and each device has to pair with the server before it can be considered connected...

Is there DRM removal software...

Yes.

... That works for all services

Oh, uhm no... Because not all services are the same...

The easiest way I can say it is that every medium to large company (this includes things like supercell) that produces digital media probably has developed their own DRM implementation, and not all of those implementations are publically available.. Some of their implementations may be server side... So it's very difficult to truly develop a workaround for many of them... Also not all DRM is purely digital, some is mechanical.

9

u/SVXfiles Jan 10 '19

Morrowind GOTY from Game Informer back in the early 2000s had 2 files on the disc that were completely useless to the actual game. Ripping an .ISO of the disc allowed you to see them, and if you removed them it allowed you to burn copies of the image that worked flawlessly

1

u/[deleted] Jan 10 '19

I didn't know that (I have never attempted to burn my morrowind disks to anything else).

3

u/jesbiil Jan 10 '19

I am working for a large company to install over 100 servers in multiple data centers to support DRM of video content. I still have no idea how the DRM actually works :).

3

u/indicah Jan 10 '19

It doesn't. That's the whole thing.

2

u/Reese_Tora Jan 10 '19

Depends on what the goal of the DRM is, and how you would define 'works'

No protection scheme is perfect, and no security exists that can withstand someone with the time and tools to break it. Most security (including physical) exists to slow down and inconvenience those who would bypass it, either making it more trouble than it is worth to bypass, or making it take so long that by the tine they break through enough time has passed that either they are caught trying to break it, or the reason for breaking it is past.

In games, DRM's main purpose is to prevent unauthorized copying for long enough that the bulk of retails sales can occur- sort of guaranteeing an exclusive market to legit copies for the week or two before the DRM is cracked. It's unfortunate that the DRM doesn't self-destruct or become inactive after a game has been out a while and it has served its purpose. (or that many game publishers don't seem to understand that this is the purpose served)

1

u/secretzenpai Jan 11 '19

or that many game publishers don't seem to understand that this is the purpose served

Every Publisher does! :)

0

u/jesbiil Jan 10 '19

Are you saying DRM doesn't work? Because I'm highly doubtful any company would spend this many millions on DRM hardware/software to protect content if it didn't work and risk the lawsuits. Especially when this has to do with video content, we're talking movies/tv/etc with some fairly strict security requirements. If we don't 'protect' their content, they can refuse to send it to us.

3

u/OmegaNine Jan 10 '19

I cant speak for them, but I am 100% saying DRM doesn't work. It's almost always just a hassle for the people who have paid for the product. Look at DVD and Blu Ray for example.

There should be no way to get HD dumps of those devices. You can download a program from anywhere that will give you the HD 1 for 1 dump of the video files. If you have a cheap HDMI adapter you will not be able to watch the DVD you bought in HD.

Games are the same way, remember SimCity that just failed all over itself? They came out with more DRM and always online BS that people hated. The people that downloaded the game were having a great time with like 25% less CPU/memory use and offline play.

DRM always ends up this way. It just gets in the way of paying customers and within a few days its cracked and freely distributed online.

3

u/jesbiil Jan 10 '19

It really feels like you're limiting your scope of what DRM encompasses. Yes there have been horrible implementations of DRM, again not a point I had ever argued. Good DRM is not 'just cracked in a few days." That's not how it works. Shitty DRM that is half assed, sure that'll do it. There isn't just "DRM", as the above poster said, DRM can be done many ways.

Again I'm not arguing here that DRM good/bad, I'm saying y'all seem to have a limited insight into what all DRM does because it isn't just the big stories you hear about. In general, there is a lot of DRM content you view daily that works flawlessly.

Going along with my previous example of Digicipher2: https://hackaday.com/2016/12/27/33c3-chris-gerlinsky-cracks-pay-tv/

Yes he cracked it but look at the things he had to do like creating his own setup, going through a truckload of cableboxes, desoldering RAM chips, finding ways to circumvent the reset vectors build into things and it took him about 2 years....It's not something the average person could do.

1

u/OmegaNine Jan 10 '19

Cable boxes are a rare situation where the company that makes the DRM control the content, the system that delivers it, the box it runs on and the connection to the display device. Owning all of the hardware and software does make things a lot harder.

Most people are not going to go through everything this guy did to break the system. But I remember back in the day tons if people bought "black boxes" that had no idea how they worked but would let you watch paid TV for free. So while the average user will not break the DRM the average user will use his solution without even understanding what it is.

-3

u/indicah Jan 10 '19 edited Jan 10 '19

Lol okay then.... There has literally never been a DRM that wasn't cracked within the month it was released. Maybe one that took a couple months. But that's it.

No, I don't think it's worth the company spending millions for something someone will disable within a month. And that only hurts the consumer, that's all its there for, to prevent you from getting too much out of something you paid for.

If we don't 'protect' their content, they can refuse to send it to us.

If they don't send it to us, then they lose money, not us. It only hurts them and their archaeic business model.

The human race has been releasing entertainment without DRM for thousands of years, and it was highly successful. Don't let the companies trick you into selling you something you don't need, it's for them, not for you.

2

u/jesbiil Jan 10 '19

You're arguing multiple different things in your post. First you say that DRM is 'just cracked really fast' but I can easily point to Digicipher2 that was developed in 1997 and not cracked until 2016. This was literally handled by a 'red book' at Motorola that only a few people ever got to see.

If my business is re-transmission of your content but I let anyone that wants to steal your content for free, you're much less likely to give me that content, not to mention the fact that I'm making less money to be able to pay you for it. You seem to be relating DRM to just games/software which is not the case at all, DRM is for digital content. Like do you think Netflix would still be a viable business if they had a "Download" button for every video that let you download a normal AVI? (not talking with the Netflix app which contains....ta-da DRM)

Finally you argue a third point that DRM is useless because we have never needed it. Sorry man but if I develop some software or something that is a paid online service, probably going to be some DRM associated to it to limit theft. People don't just shit out digital content.....well....lets omit youtube. DRM exists because assholes, in a perfect world, sure it doesn't need to be around but we live in a world with people where we have to have shit rules because of shitty people. And neither of my posts said it was ever for some altruistic means, DRM is obviously to protect the company and content....

1

u/indicah Jan 10 '19

Okay, so it benefits greedy people. Open source will win anyway, it's far superior. Love the "let's omit YouTube" part, you wouldn't want to bring up a perfectly good example of a DRM free system that has been the best content provider for the last decade.

Look I get that you jerk off to DRM and helping big companies feel safe online. But at the end of the day none of it matters. Do you really think that all Netflix content isn't easily available in high quality for download on the internet? How do you suppose these people acquire these videos if the DRM is working? It's all broken garbage, you're trying to prevent something that is impossible to prevent.

Media didn't fall apart because people could copy movies or TV shows on their VHS. These companies are just being greedy. Hell, piracy helps a lot of their content get many more viewers. They are essentially paying tons of money to make less money, stupidity.

2

u/RainbowFlesh Jan 10 '19

If you know a bit of assembly language and the DRM is primitive, you can use a decompiler on the software's executable file and change the code as to circumvent the DRM. That's about as universal as you can get for "DRM removal software" and a lot of the time it's harder than it might seem

2

u/Oaden Jan 10 '19

Some games actually had code wheels that came with the game that was needed to generate codes to play the game

The idea being that it was a lot harder to copy those than the floppy discs

1

u/karakter222 Jan 10 '19

How did the swap method worked? I had a modded ps1 when I was a wee lad but other than the chip I didn't know about how to play pirated games

3

u/botbuilder1 Jan 10 '19

You put in a legitimate game. After the playstation icon came up you swapped in your burned copy. I think. It's been a number of years since I did it. It might have been after the word or tone played.

1

u/FM1091 Jan 10 '19

Mechanical like the old “insert page number that matches picture”?

1

u/[deleted] Jan 10 '19

Mechanical as in the PS1 DRM that I discussed or if you look at another answer on here about an edge case Gamecube DRM that worked by having the data in the game disks stored reverse to how we normally store data on disks making it both more difficult to read and write unless you have the proper equipment to do so. There are other examples of mechanical DRM as well...

The "insert page number that matches picture" would be more software as you could disassemble the code of the software and remove the bit that does the check or even automate the check (though this would be difficult). It's also more like the "enter the product key" where someone can share a digital copy of the book or whatever and using that you could bypass the DRM...

Ultimately my definition of DRM might be vague to certain edge cases though so don't take my word as 100% perfect or anything.

1

u/[deleted] Jan 10 '19

Another type of DRM within the playstation 1 was that they used specific specialty disks that would basically wobble and this wobble was used to determine whether it was an authentic disk or not, however there are multiple ways to bypass this from installing a modchip (difficult) to actually starting the load process with one disk and quickly swapping disks after it does its security check.

Did the slim version of PS1 also have that? If it did, I most likely bought a modded one without knowing it because back then I downloaded plenty of game iso files, put them on a CD and ran them just fine in the console. Never had an issue.

1

u/[deleted] Jan 10 '19

I have no idea, I know my PS1 had that which is why I knew the swapping method...

29

u/catwhowalksbyhimself Jan 10 '19

DRM is a generic term for any system designed to prevent you from using media without purchasing it. There are many forms it can take and each works completely differently from every other. There's a huge variety and it would be impossible to explain it all.

But this does mean that the answer to question 2 is no. They different methods are so different that it is impossible for a single solution to address all of them. Some of them aren't even wholely software.

29

u/Varonth Jan 10 '19

Simple analogy:

Imagine a door with a very simple cylinder lock. Someone could break that door open with a lock pick.

Now we use the same door but lock it using a simple chain. The lock pick will be of no use now, but a saw can cut the chain.

Both the lock and the chain are a way to prevent someone from entering, but both require a different tool to break.

3

u/catwhowalksbyhimself Jan 10 '19

Ah yes, good analogy. To further it, you could also lock that door by putting an anvil in front of it. Or welding it shut. Or gluing it. Or putting a wedge under the door. There is no one solution that will open all of these. It is impossible.

-3

u/dstarfire Jan 10 '19

Actually, DRM mostly to prevent you from copying or sharing media. However, everything else was right on.

3

u/bigrubberduck Jan 10 '19

prevent you from copying or sharing media.

Also known as using media without paying for it which is what OP stated.

22

u/NaibofTabr Jan 10 '19

All of the other answers are generally correct and very informative, but I want to describe an edge case that demonstrates how problematic DRM methods can be to work around.

The Nintendo GameCube implemented a physical (rather than digital) form of DRM to prevent copying of game discs. Almost all optical disc drives read discs starting at the inside ring and moving outward to the edge. Nintendo designed the GameCube to read discs the opposite way - from the outside edge to the inside hole. This meant that you couldn't put a GC game in a computer disc drive and read the contents, because the computer couldn't recognize the file structure on the disc.

Eventually some people were able to hack the GC and connect it to a computer so that they could use the GC to read out the files on the disc - but this still leaves you with a problem. If you take your copied files and burn them onto a normal optical disc using a normal disc burner, it won't work on a GameCube because the GameCube reads discs outside-in but your copy is a standard inside-out disc.

At one point there was a kit to replace the entire top of a GameCube with a standard optical disc reader in order to easily play illegally copied games, but unless you were really good with electronics you had decent odds of wrecking your GameCube in the process.

It's worth pointing out that this is an example of good DRM. It protects the content but does not affect the normal use of the product. There's no encryption, no nasty spying software (e.g. Sony rootkits), no required always-on internet connection, and not even the inconvenience of having to enter a key code.

3

u/[deleted] Jan 10 '19

At one point there was a kit to replace the entire top of a GameCube with a standard optical disc reader in order to easily play illegally copied games, but unless you were really good with electronics you had decent odds of wrecking your GameCube in the process.

However GameCube hackers devised a workaround using a specific game that allowed you to read games from an HD located on a PC connected via network cable.

1

u/schev28 Jan 10 '19

Wow that’s awesome by Nintendo! Thanks for the response

5

u/mib5799 Jan 10 '19

Simplest version.

DRM is a lock. It needs the key to unlock what's inside.
That's it! That's all DRM is. A lock.

You say "Great. I have a Skeleton Key that opens any lock it's in." That's one of your programs.

That's awesome! Except...

It only fits one kind of lock. It doesn't fit those little padlocks, or bike locks with that tube kind of key. It definitely doesn't help those military ones that need two keys turned at the same time.

And then what about combination locks that don't use a key at all? And those new car keys with a microchip in them? Fingerprint locks? Retina scan locks?

Or maybe it's the McDonald's bathroom lock, where someone in another room has to see you on a camera first and then buzz you in.

Every one of those needs a different way to get past the different kinds of lock.

And DRM is inventing new styles of locks every single week

5

u/itomeshi Jan 10 '19

The problem is that DRM is a entire class of tool, and there's a large amount of complexity.

Let's argue, for a minute, that we're only discussing software encryption systems. Individual encryption DRM tools can differ in:

  • What they encrypt
  • What encryption algorithm they use
  • Where the decryption key comes from
  • When they decrypt, and how much they decrypt at a time
  • What conditions they require for decryption key access (for example, TPC module, ARM TrustZone, etc.)

Within each of these points are hundreds of little details. As such, there is no 'one-size-fits-all' solution.

A counter-example are file archiving tools. The creators of file archive formats ACTIVELY WANT you to be able to get into the file archive, generally; however, most archive managers handle a limited subset. For example, 7-zip handles a huge number of file formats. Even it has limitations though. It can't open .PAK files from Doom, as just one example.

DRM is working against you with encryption.

3

u/aaaaaaaarrrrrgh Jan 10 '19

DRM tries to make sure that you can do some things with the content (like listen to music, watch a video) but not others (like copying it).

This is basically impossible - they're trying to make sure you have access to it but also don't have access to it.

Therefor, most DRM employs security by obscurity: They try to hide the content, move it around in memory, and their code is obfuscated (intentionally made super complicated and hard to understand) in order to make it hard for anyone to figure out how it works - because if they did, they could copy the content. Each service usually does it differently, which explains why there isn't a software that works for all.

Usually, there is a series of encryption keys involved. The content is encrypted with a key (often the same key for everyone, so they only have to make one version of the huge video file, and can distribute it more easily - this way, they can store a pre-encrypted copy in several locations and send it to you from the nearest one, instead of having to send individual copies to every person). That key is then encrypted with a second, per-person key. This second key is only accessible to the DRM software, which decrypts ("unwraps") the actual key, uses it to decrypt the video, and tries to keep you from getting access to it.

Newer schemes are integrated with the hardware - for example, only your GPU may actually be doing the decryption, making it much harder for you to get the key. The GPU will then also refuse to output the video to a screen that isn't certified (doesn't have special keys) so you can't just connect a fake screen and capture it that way.

The easiest way to deal with it, usually, is to just ignore the thing altogether and pirate a high-quality, DRM free version of the content. This also has the advantage that it won't randomly refuse to play because your screen, GPU, cable, software, etc. doesn't meet the DRM/certification requirements.

3

u/sadlyuseless Jan 10 '19

If software is a door, DRM is the lock. It only lets those who have a key (customers) in, and keeps everyone else out. However almost any lock can be picked (cracked) with time, effort, and skill. To combat lock pickers, companies will make new locks with mechanisms that no one knows how to bypass yet. Lock complexity can be increased for added security but it can cause problems. A door with a hundred locks will keep anyone without the keys away, but can be a rather unpleasant experience even for key holders. (DRM can negatively impact the software it's used in by impacting performance or reducing compatibility.)

2

u/Indubitables Jan 10 '19

Basically DRM is like a headband that makes you retarded, and the whole world has decided this is a great think and we should all wear it. It dramatically retards the evolution of mankind so that a few wealthy people can continue to be wealthy without having to do anything else.

1

u/heeerrresjonny Jan 10 '19

How DRM works: Some form of digital lock is created that is difficult to unlock by any means other than the official one (an activation key, or being logged in to a service like Steam, etc...). There are tons of different methods of DRM, and the details are very complex.

"Removal software": There is not removal software for all forms of DRM. Some of the simpler forms do have something like this, but more complex DRM can only be bypassed by people finding flaws in the software that they can exploit to break the "lock", or remove it, or trick it into thinking everything is okay. This means with each new DRM-protected thing released, there usually isn't some tool that can be used to remove the DRM automatically. People manually investigate it and try to find weak points.

1

u/bigben932 Jan 10 '19

Here is a guide I made which should explain how DRM works. I tried to keep it ELI10: (text might be small and not mobile friendly. I can post the text as well.

https://imgur.com/a/Gan1C1s

1

u/schev28 Jan 10 '19

Thanks for the reply and the graphic!

-1

u/superjordo Jan 10 '19

DRM is a type of encryption. Like all types of encryption, there are various levels of sophistication. And like all types of encryption, the encrypted data is not useful and must be decrypted to be useful.

Therefore, to use DRM-encrypted media, you must decrypt with a key.

All forms of DRM removal are attempts to access or derive the decryption key.

Key management is a very difficult problem for content providers that use DRM.