DRM Hole Sets Patch Speed Record For Microsoft 397
puppetman writes "Wired columnist Bruce Schneier has an article up called 'Quickest Patch Ever', about a patch that was issued within three days to fix a vulnerability in Windows Digital Rights Management (DRM)." From the article: "Now, this isn't a 'vulnerability' in the normal sense of the word: digital rights management is not a feature that users want. Being able to remove copy protection is a good thing for some users, and completely irrelevant for everyone else. No user is ever going to say: 'Oh no. I can now play the music I bought for my PC on my Mac. I must install a patch so I can't do that anymore.' But to Microsoft, this vulnerability is a big deal. It affects the company's relationship with major record labels. It affects the company's product offerings. It affects the company's bottom line. Fixing this 'vulnerability' is in the company's best interest; never mind the customer."
Patch (Score:4, Interesting)
Critical, or not? (Score:5, Insightful)
Actually, this is a very serious question: is the patch marked critical, or not? This is important, because:
1. If the patch is critical, it will get criticized for being, in effect, mandatory degradation of capability (by the tech-savvy). Also, this will make light of Microsoft's security policy, to call this sort of patch 'critical'.
2. If the patch is not critical, then - oh, the irony - by default, it will not be installable on computers failing WGA. Perhaps Microsoft will get around this. But, as WGA currently works, only critical patches are allowed to systems marked as 'non-genuine'. This would be amusing - pirated copies of Windows would not receive this unwanted patch, but paid-for copies would.
I can't find, in TFA or the sources it cites, any mention of the severity of the patch. Anyone know the answer to this?
Re:Critical, or not? (Score:5, Interesting)
Re:Critical, or not? (Score:5, Funny)
Re:Critical, or not? (Score:4, Funny)
Re: (Score:3, Funny)
Wouldn't a pirate be more likely to say, "Ah! Treasure!" or "How nice! Treasure!"? Unless, of course, he dropped the chest on his own foot.
Re:Critical, or not? (Score:5, Funny)
Oh no, "Aaaaaarghhhhh!" is very pirate like. The full drawn out heavily accented version of 'ah' spoken at barely louder than standard volume helps establish the credibility and persona of the pirate, helping differentiate him from the Royal Navy captain ("Oh, I say!"), the unretrievably insane ("Twip Feeble Snarf!") and the common or garden ninja ("").
Re:Critical, or not? (Score:5, Interesting)
How can they make it a mandatory patch, even if marked critical? It seems to me that the most they could do is impose a restriction that you couldn't install other patches until you installed this one, but they still can't force you to install it.
<microsoft bashing bitch session>It really makes me wonder whether, as Microsoft introduces more "security" and "protection" that diminish a user's capability, at what point will it cease to be worthwhile to upgrade/patch/fix? Sometimes I think that point was crossed with the introduction of Windows XP</microsoft bashing bitch session>
Re:Critical, or not? (Score:4, Informative)
I know some people that have never upgraded their windows XP ever via windows update, yet have never been infected with virus' (virii?) or other malware. Just takes half of a brain on the user-end to make this possible.
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
Windows gaming is more expensive than console gaming, if you include licenses and special hardware needed, and it's far less convenient.
Windows gaming doesn't have much to stand against next generation console gaming. I don't think gaming in Vista will be as important as it was, for instance, in win98. Consoles have lots of advantages over what a computer has to offer.
GNU/Linux for computing, Wii (or whatever rocks your boat) for gaming. That should be easy enough, and keep administration
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
Re: (Score:3, Informative)
Back when I first stopped, I would have patched if I felt it was necessary. Now, I wouldn't patch unless you held a gun to my head.
To be honest, I am stuck in a position that as my computer software ages, I am unsure how to upgrade. I will be VERY unlikely to switch to Vista or any future MS offering. Switching to some Linux distro will be a pain because my mai
Second the VM thing. (Score:3, Interesting)
I was actually surprised at how spry Windows feels, when it's not bogged down by a lot of anti-virus/spyware/adware, automated backup programs, and the like. Of course, without those things it's not a terribly useful host OS, because it gets owned so easily (click on wrong link in Internet Explorer -> ActiveX control -> rootkit), but as a guest OS, I just disable al
Re: (Score:3, Interesting)
An imperfect solution?
I ran into this question some years ago and decided on a different solution. I installed Linux and bought a PS2 (Now GameCube). The reasons are simple and straightforward:
I found over the years that th
Re:Critical, or not? (Score:5, Informative)
On August 25th, 2006, Engadget.com reported on a software tool that would allow consumers to decrypt WMDRM protected content. In response, on August 28, 2006, Microsoft released an update to the individualized blackbox component (IBX) designed to ensure that client applications using the Windows Media Format SDK version 9.5 who individualize to this latest version are robust against a new circumvention tool.
This update is not yet available for the Windows Media Format 9 Series FSDK or for users of Windows XP Media Center Edition 2005 Update Rollup 2.
Consumers are not at risk in any way. Content services can require that the updates be present in order to issue licenses by following the instructions below. Please note that the version number of IBX was not incremented as part of these updates to avoid delaying the release of these critical breach mitigations. Consequently, the only way to determine if the update is installed is to query the build number of the IBX. This requires code executing on the client.
To determine the build number of the IBX:
1. Ensure the PC is running the August 2005 update to Windows Media DRM. See the attached white paper for details.
2. Determine the path of the WMDRM folder. The path is stored in the registry at HKEY_LOCAL_MACHINE\Software\Microsoft\DRM\DataPat
3. Identify the file name of the latest IBX. If the machine has been individualized only once, the IBX file name will be indivbox.key. Otherwise, the IBX file name is in the form indivbox_xxx.key, where xxx are digits 0-9. The file name with the greatest value of xxx will be the latest IBX.
4. Call GetFileVersionInfo() to retrieve the build version of the file identified in step 3. See [link].
5. If the IBX file version is 11.0.5497.6285 or greater, then the updated IBX is installed
Please submit questions to [email removed]
Best regards,
Windows Media Licensing Department
Microsoft Windows Digital Media Division
Basically -> the content provider CAN require that patch to be there. I don't know whether it's a separate patch through WMP or through MSUpdate but since I don't use Windows/Microsoft I can't speak for them.
Re: (Score:3, Interesting)
Re: (Score:3, Insightful)
Re:Critical, or not? (Score:4, Informative)
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
Re: (Score:3, Insightful)
In the long run, it doesn't matter whether this particular patch is mandatory. The next time there is a truly security-related patch for Media Player, they'll either include this fix or require it as a prerequisite.
References for Treason and Perjury. (Score:3, Informative)
One of the many M$ troll accounts that cloud around here challenged me to produce references to M$'s infamous Windoze source code national security claim swiftly followed by sale of said code to China and Russia. Of course, I'd love to trot that whole mess out again. Non free software exists on trust alone and M$'s performance there really shows what contempt they have for the US Government and their customers.The memory hole has not yet extinguished the information presented by eweek [eweek.com] and Microsoft themsel [microsoft.com]
Re: (Score:2, Informative)
Re:Patch (Score:5, Informative)
Umm all that I have to do to disable automatic updates is:
1) Start->Control Panel
2) Click Automatic Updates
3) Select Turn Off Automatic Updates
4) Press OK
No registry tweaking needed. Now I do have XP Pro, do other versions of XP really make you edit the registry? That would really piss me off.
Re:Patch (Score:5, Interesting)
MS is just way too slow for t3h hax0rz.
Meanwhile, I'm testing the new version in conjunction with Vongo (Downloading a movie now). Let's see how that works. If so, I may stick to Vongo rather than BitTorrent ('cept, the very rare/hard-to-find stuff will still get me on BT).
I'm sure the DRM astroturfers on here will scoff, and say, "Yeah right, you spoiled rich college kid theif scumbag criminal. You're just going to keep stealing from the mouths of millionaires like the incorrugible brat you are." If you'll just take it as read that I said 'Fuck off, tool.', we can avoid the whole thing.
Kinda blows their excuse (Score:5, Insightful)
Re:Kinda blows their excuse (Score:5, Funny)
Re:Kinda blows their excuse (Score:5, Funny)
Clippy: It looks like you're trying to pirate some music, do you want me to:
1. Send your details to the RIAA
2. Delete your files
3. Ruin the files by overlaying Cliff Richard music into it?
Re:Kinda blows their excuse (Score:5, Interesting)
A programmer is the person who actually, through their very creativity and knowledge, makes the product come into being. This is far different than someone that works as an assembly line worker who just does their small part. Programmers are the reason the products exist. For me, that's the reason I don't work as a programmer. I don't want my blood, sweat, and creativity exploited by companies such as Microsoft that make billions of dollars a quarter on my work.
WA needs to revert back to the laws that allow these programmers to get paid overtime. It is only fair. This isn't a management position and thus should never have been changed. It only happened because Microsoft lobbied to make it happen.
Re:Kinda blows their excuse (Score:5, Interesting)
In the case of DRM, the system is setup to block comprised clients at the server level immediately.
In the case of DRM, backup DRM methods are already pre-written and ready to ship.
As soon as a system is compromised, the existing method is deactivated, servers notified to deny licenses, and the new system is delivered via the servers.
They are able to 'patch' this so quickly because they already had it written months, if not years, ago. Just like when this one gets compromised, they will be able to 'patch' as fast because they already have the next backup DRM method already on the shelf waiting.
They know this is a game with those who circumvent DRM, and a game which requires time for each DRM method to be circumvented. So they build a store of different methods of DRM and when one is circumvented they release the next. The game continues... and time is currently on the side of Microsoft as they have their next few moves on the shelf ready.
Re:Kinda blows their excuse (Score:5, Funny)
Re: (Score:2)
Futile request to any /. reading MS employee (Score:5, Interesting)
Plain and simple (Score:5, Insightful)
The fast fix suggests that rapidness of response might be a function of "whose ox is being gored".
Re:Plain and simple (Score:5, Insightful)
Re: (Score:2)
Then again, it could have been a huge effort, where developers weren't allowed to go home, use the telephones, or even use the bathroom, until it was fixed. I sure as hell don't know for sure. I'm just saying, either could be possible.
Re:Plain and simple (Score:5, Insightful)
Actually, I suspect the vast majority of security fixes are just this. Usually it involves adding a couple more error checks to function inputs, putting length limits on operations on memory buffers, that sort of thing. I suspect it's quite rare for a patch to be any more involved, unless it's the result of a serious error in design.
Re:I'll play devil's advocate too (Score:5, Insightful)
I'm sure they're more "worried" about DRM breaking than the everyday security holes that merely allow someone to glom your computer onto their botnet, since there's money and contracts that depend on the DRM. The EULA is probably the only agreement that might be impacted by a security flaw, but we all know those are meaningless.
Re: (Score:3, Interesting)
I don't want the "monthly rollouts were requested by corporate customers" line, either... Even if they
Re: (Score:2)
That depends on if the vulnerability was already public knowledge. Once a patch is released, it usually only takes someone a day or two to find out what was patched, how the unpatched version can be exploited, and how to adapt some existing worm to automatically exploit it.
Re: (Score:2)
Or was this a "critical" DRM fix?
Re:Plain and simple (Score:5, Insightful)
I once moved a single line of code up one line and broke the product in a subtle and interesting way that fouled up major testing, delayed a milestone, and severely and justifiably pissed off one of my colleagues.
There are no small fixes. A famous single-character error (typing "." for "," in a FORTRAN DO loop header, so it read DO I=1.10 instead of DO I=1,10) resulted in the destruction of a spacecraft.
So I guess fixes that involve changing less than one character are safe to release with minimal testing. All the rest need the full cycle.
The only reason why Microsoft might not do that in the present case is because keeping partners who depend on DRM happy is really, really important, and therefore they are willing to take the risk of crashing user's machines. Either that, or the person making the decision is just not very smart, a possibility never to be discounted.
Re:Plain and simple (Score:4, Informative)
There are no small fixes. A famous single-character error (typing "." for "," in a FORTRAN DO loop header, so it read DO I=1.10 instead of DO I=1,10) resulted in the destruction of a spacecraft.
While I agree that even tiny changes can have large consequences, it appears the FORTRAN-lost-a-spacecraft bug is a programming urban legend that eventually made its way into computer texts as a cautionry example. (See this Google archive [google.com] of a relevant 1993 alt.computer.folklore discussion on Mariner I.)
Funny how fast they are on screwing the customer (Score:2, Insightful)
The only thing that comes to mind (Score:2, Insightful)
They patched it, but... (Score:5, Informative)
"It should surprise no one that the system didn't stay patched for long. FairUse4WM 1.2 gets around Microsoft's patch, and also circumvents the copy protection in Windows Media DRM 9 and 11beta2 files."
So it's not totally horrible... though I'm sure (and the article agrees here) that M$ will be quick to fix their fix.
Headline wrong again (Score:5, Informative)
DRM Hole Sets Patch Speed Record For Microsoft & Gets cracked again!!
Re:Headline wrong again (Score:5, Informative)
Re: (Score:2)
Not a problem. They can have a ball with that - Because by the time they do, v9 and v10 will remain only as a distant bad memory, as will everything using v11 up to this point.
And in a few more years, someone will kindly break 11, 12, 13, with a partial fix for 14. Rinse, wash, repeat.
One day, the backers of DRM will realize that they waste their money on an arms race that only serve
Regulation? (Score:5, Interesting)
This leads me to 2 questions: "can patching be regulated?" and "should patching be regulated?". It seems obvious the free market can't keep our computers secure. I've been wrong before though. I guess maybe it could if people didn't already have the expectation that they shouldn't have to pay for patches b/c Microsoft should fix their own faulty software.
I guess it's all pretty moot since open source is going to take over the world anyway.
Re: (Score:2)
Windows is not designed or sold to people who value security. It is designed for and sold to people who value being able to use the 'Windows System', which includes generic PCs, a large collection of software, and moderate ease of use to the unskilled. Security is not a primary concern, though that is changing.
Re: (Score:2)
Yes, but here is where externalities come into play - for home users, insecure systems pose as much of a problem for the rest of the world as it does for them. If they were meant to feel the pain that their hacked computers caused, they'd patch.
Re:Regulation? (Score:4, Insightful)
So basically, plugging a computer into a network opens you up to the RIAA-style legal blackmail - after all, finding out if your computer was "sufficiently patched and configured" to clear you of negligence charges is going to make file sharing cases seem simple. Oh, and does running some non-mainstream program - such as Firefox - make you negligent ? After all, an obscure program could well have obscure bugs in it; in other words: "No one ever got sued (or at least convicted) for running Microsoft".
Besides, if your computer or network got damaged from traffick coming from my hijacked computer, then clearly you have been at least as negligent as I, since you failed to adequately secure your computer before plugging it to the network. So, given that you got damaged because of your own negligence, why should I pay for it ? Or, more to the point: why should I be responsible for my negligence but you not responsible for yours ?
No; the culprit here is the guy who hijacked my machine, not me. I cannot be blamed for you failing to adequately protect yourself from damage, anymore than I could be blamed if someone walked over my lawn to break into your house, or a hostage could be blamed for aiding terrorists since he didn't exercise enough caution to avoid being captured by them. The whole concept is absurd and totally unjust, and will also make running any new or non-mainstream program an unacceptable risk, since you never know if that program has any obscure security bugs that could make you liable for potentially infinite damages. It will grind software development to halt and disintegrate computer networks since plugging your computer into them becomes the financial equivalent of grabbing a high-tension wire. Even the US Government can't possibly be stupid enough to pass this law.
Yeah, go after the guy who hijacks people's machines in the first place, don't blame his victims for failing to defend themselves. Your whole idea is basically the same as throwing a serial rapist's first victim to jail because she failed to stop him and is therefore, by your twisted logic, responsible for every rape he does afterwards.
Re: (Score:2)
The devil is in the details, my friend, and I suspect any attempt to do this would result in a messy hash of confusion with no winners.
Re:Regulation? (Score:5, Insightful)
It's currently regulated so that the free market has NOTHING TO DO WITH THE PROBLEM.
The primary issue, and this is exactly out of Mr Schneier's playbook, is that Microsoft has no direct civil liability for their defects. It's exaclty as if you couldn't sue Ford becase your Pinto's gas tank exploded. Ford would have no reason to fix the defect. Well, the same problem here: if you buy defective software, you have no recourse to sue the manufacturer of the product. Remove that lack of liability and you'll start to see problems get fixed very very quickly.
If Microsoft was civilly liable for every piece of spam that was sent by a Windows zombie PC, there would very quickly be patches.
Less protection of corporations, and more market forces, would fix this problem. This is EXACTLY the kind of problem markets are very good at fixing. The problem is that the current regulation circumvents the market.
Re:Regulation? (Score:5, Insightful)
Re:Regulation? (Score:5, Insightful)
Computers are not a free market (Score:3, Insightful)
What day is it? (Score:5, Funny)
Ever? (Score:3, Insightful)
And isn't it sad that the quickest patch they ever release is for a hole no user cares about? More proof that MS cares more about their corporate friends than users.
The squeaky wheel gets the grease (Score:5, Insightful)
Is it proof that MS doesn't care enough about users, or is it (by extension) proof that users don't care much about OS vulnerabilities? Sure, they may complain, but do they actually take action and demonstrate that they care, by switching to more secure OS's (by moving to Apple or Linux)?
After all, MS reacts to what its customers and business partners care about. The music companies go apeshit over stuff like this, but users (both corporate and personal) haven't really demonstrated that they'd rather take their business somewhere else, so why should MS give them anything more than lip service?
Devil's advocate (Score:2)
What really matters is probably something like the mean time to patch install on vulnerable systems as measured from the time of vulnerability disclosure, or the % of patched hosts after a given fixed time period. Think about it: if you turn out a patch in 30 minutes, but it takes on average six months for the patch to get installed, how much did that marvelous engineering feat really matter?
It might matter a lot to a few people, but by assumption (6 month
can someone explain ths (Score:4, Interesting)
what relationship? why is it important?
Do the get money from them? Is Steve B. banging a secretary in the RIAA office?
I just don't get it.
Re: (Score:2)
Re: (Score:3, Insightful)
Re:can someone explain ths (Score:5, Informative)
It's called Zune and MSN Music. If the labels don't think that Microsoft can bolt down the music they "sell" to people then the labels don't want Microsoft to be selling their music. Microsoft wants to own this market segment because Apple does, since it forms a part of their new "MS is your everything" strategy.
Plus it might also make the labels pull the plug from other on-line music stores that use Microsoft's DRM technology, opening themselves up to another volley of lawsuits.
Re: (Score:2)
Microsoft is convincing people do distribute content in their own formats, and part of the argument they make to content providers is that their DRM will keep their stuff secure and free from piracy and terrorism.
When people can get around MS's DRM, the media companies might have to start looking for something other than MS proprietary stuff.
MS loses money if that happens
Re: (Score:3, Insightful)
Re: (Score:2)
I think a lot of people have already gone to the iPod and iTunes, not that I have anything against alternatives like SanDisk's new player. But I'd bet that even the people who work for Microsoft are a lot more likely to have an iPod than a Zune player....
Re: (Score:2)
Big companies see big companies as big consumers. The only "help" they offer each other is helping themselves to as much of the other guys money as possible. Small companies do the same. MS wants their DRM to work so Media companies will buy their DRM solution over Apple's or any number of otehr DRM companies (many of whom are small & desperate enough to include buggy rootkits as part of the package). In their turn, media companies who have paid MS for DRM could see th
Not an article (Score:3, Insightful)
It is semantics, and its wrong semantics, too... (Score:3, Informative)
Of course, the full slogan is "News for nerds. Stuff that matters." Whether the second part is a limitation on, or addition to, the first is debatable.
Re: (Score:2)
Priorities (Score:5, Insightful)
allowing spyware to take over? who cares
DRM? we're on it!
Re:Priorities (Score:5, Interesting)
This is not a patch. A patch fixes a problem and makes software usable again.
This takes usable, functioning software (FairUse4WM) and breaks it.
"Patch" my ass, this is a bug, which users are expected to install themselves.
Who profits? (Score:5, Insightful)
Oh, I know! (Score:4, Funny)
Re:Oh, I know! (Score:5, Informative)
Re: (Score:3, Informative)
What it sounds like is ACTUALL
Priorities... (Score:3, Insightful)
A Correction (Score:5, Informative)
When the summary says "Within three days" they mean "three days after it was reported in engadget".
Coz,FairUSE4Wm was released on August 19th in the forum.Microsoft patched it on August 28th.So 9 Days.
Not Accurate (Score:5, Informative)
There is a big difference in how fast you can roll out what ammounts to a configuration change and how fast you can roll out a code change.
That said, it didn't seem to do much good given that it was cracked again in a matter of days.
Knowing Where Your Priorities Lie (Score:3, Informative)
It's nice of Microsoft to let us know where their priorities lie. Obviously, things aren't as complex as Microsoft have let on (one of the many excuses for not getting patches out) if they can patch something that quick.
"Oh no. I can now play the music I bought for my PC on my Mac. I must install a patch so I can't do that anymore."
Really? I'm going to Windows Update as I write this. Mind you, good luck finding anyone who actually uses PlaysforSure. For those that are they've found out that stores selling Windows Media files are crap (you effectively rent your music - yay, what a great idea!) and they're looking to get out before they buy any more of the crap. Microsoft have some slight delusions of grandeur about the importance of their DRM software.
Turn Off Your Automatic Updates (Score:2, Insightful)
Re: (Score:2)
Timeline is wrong (Score:5, Informative)
FairUse4WM "merely" wrapped up the techniques used by these tools in a neat package, and got to the frontpage of Engadget. It was pure luck that MS had a patch available at the time, even though it took extraordinary effort on the behalf of its DRM partners to implement, and denied "legacy" OS users, as well as users of the latest Media Center version, the use of new DRM-protected tracks.
A patch for FairUse4WM 1.2 still isn't available, even though the tool was released last weekend.
BTW, if you think MS is getting screwed by class breaks like this, think again. Content providers (think: RIAA members) will call in their non-refundable advances (usually over $25K per label!) received from distribution partners (think: music stores) for "material breach of contract". MS will fix the issue, the RIAA gets richer, and the guys that actually try to get music to you get screwed. Oh, well, they're used to it...
Re:Timeline is wrong (Score:4, Insightful)
"Don't deal with the RIAA" sounds good, but it's just not practical in the real world.
Shocking (Score:5, Informative)
Even then, the reason you don't release a patch in three days is that you're probably going to screw it up and not actually fix the problem. Amazingly enough, that appears to be exactly what happened.
patch is not pushed via windows update (Score:3, Interesting)
Second of all, from what I've seen, it's not pushed out via windows update, but rather the client you are using for music. For instance, Napster pushed out the new version via a tiny patch when I launched the client. There IS a way to trick your client into believing that you already have the latest version (thus preventing the forced update). Look it up in the doom9 forums.
This should keep the crack working until Napster pushes out a completely new version of the client that explicitly checks the version, or Micrsoft issues a regular update.
-T
P.S. Napster provided free of charge by my university. Hell, as a grad student, I guess I get paid to use it...
Let's be fair here* (Score:2, Insightful)
A patch for a DRM component surely involves much less code churn, risk, and testing than a change to a core OS component (such as network stack or IE) would require.
Furthermore, as the original post indicated, no end-users are going to care about this patch or badmouth it in the press if it doesn't perfectly close the hole. And partner businesses aren't going to abandon their deep investments in Microsoft's platform just b/c of one hol
Who the customer REALLY is (Score:4, Insightful)
One business contract with a large label, Dell, or Sony is worth more than the mutterings and begrudging updates from Windows consumers. Most of us are not the customers, we're the consumers. Most people don't buy windows from microsoft, they buy it from Dell, or Gateway, or whoever else sold them their computer. The Dells, Gateways, etc are the customers. The game companies writing for xbox 360s, the phone vendors embedding wince, they're the customers.
Bottom line, If you're bitching about this update, you're a consumer. If you think it's a good thing, then you're the customer.
Not quite accurate (Score:3, Informative)
They'll sneak it in like a U.S. Congressman (Score:3, Insightful)
Re:Customers' best interest (Score:5, Insightful)
Microsoft is serving its customers' best interests. Their customers are system builders such as Dell, purchasing managers at businesses, and media companies.
The guy at the keyboard of a Windows Vista box, using Microsoft Office at work, and Windows Media Player at home is not the customer, he is the product.
Re: (Score:2, Interesting)
I know this goes against the Slashdot groupthink but yeah, real customers (as in people) do get hurt by this kind of thing.
My brother used to subscribe to the Napster "all you can eat" music service, in which you basically rent music - you pay a fixed amount each month and just listen to however much you like. If you stop subscribing you lose access to the music. He liked this business model, because it suited the way he listens to music. I'm the same. There isn't any way to implement this without DRM, an
Re: (Score:2)
One of two things would happen: 1. Content providers would not serve the 90% of the market and go bankrupt, or 2. Somebody else (Apple, Real, etc.) would step up and serve the DRM market instead. This ignores that Apple's FairPlay was broken and unpatched for a long while before it was fixed, and the media companies didn't abandon them.
Finally, you need to be aware of the fact that even if the big record labels all went out of business, there would still be plenty of good music around. Actually, radio migh
Re: (Score:2)
Migrate to "what" other OS with better DRM?
No publisher is going to publish their media on an OS nobody uses and no user is going to migrate to another OS just to get said DRM'ed media if that's all that its good for. If the publishers stopped publishing on Windows we'd simply be right back to where we were, oh, say, a year ago? You know.. with all the media you ever wanted for "free" via P2P. Simple fact is DRM has not stopped anyone from getting something they really wanted. People are
Cued up for a reason (Score:4, Insightful)