On the implications of machine virtualization for DRM and fair use: a case study of a virtual audio device driver

Abstract

This paper examines the architecture of present day systems and shows that they are not trustworthy enough to support certain DRM features/restrictions, even when the DRM delivery system exclusively utilizes signed and protected operating system components. This weakness was discovered while creating a technique for remote transfer of audio streams generated by a Virtual Machine Monitor (VMM), to achieve network transparency for audio devices. The technique is based on the implementation of hosted I/O VMMs that intercept device I/O instructions executed by a "guest" O/S and emulate them through system calls processed by device drivers of a "host" O/S. The design consists of a virtual audio device driver that forwards sound streams to a user-level network server. Because (1) the virtual device intercepts audio data in an unprotected format (WAV), regardless of which application and file format are in use by the guest O/S, (2) modern virtual machine-based systems already achieve performance levels that allow for real-time audio playback, the playback only model of service/restriction imposed by some content delivery businesses is rendered ineffective by this technique. It enables Fair Use of DRM enabled media by allowing the user to make a copy of legally purchased audio media and time-shifting of Internet Radio stations. Experiments have shown that audibly perfect copies of media played by a VM "guest" can be made in PCM/WAV format, even though DRM-enabling features are present in the "guest" O/S drivers and media players. This paper also draws attention to the fact that the VM should be considered while designing the security and DRM capabilities in future general-purpose systems since a device driver in between the VMM and the host O/S has the potential of being an eavesdropper and a malicious end user.