[UnoriginalGuy]

While true this is like any other file type that connects back to the internet. It has nothing at all to do with DRM in particular.

For example you could download a HTML file over Tor, that file could have a <img /> tag in it which reveals your real IP when you open it in the non-Tor browser. Ditto with Office macros, any scripting language, Adobe Reader, etc. If you're going to just accept through warning dialogs then you're in trouble.

[hackerfantastic]

There are other ways of doing a similar attack which have been covered by HD Moore. We found this one interesting due to the minimal interaction required on Windows and the prevalence of media sharing on the darknet (for good or evil).

[hackerfantastic]

just to clarify, there are no warning messages doing this with signed WMV files. There is a single warning from Tor which you can selectively disable - and I am sure many users do. You open the file and the action is triggered, office documents now have protected mode which comes with alerting and I am sure that Adobe warns users in a similar fashion. Most users would not expect playing a movie file to perform this action hence why it has a use case here.