[nitrogen]

produce unencrypted video/audio for the browser to display

That's the silly example used in all of the pro-EME propaganda, but the standard also allows content providers to demand an encrypted path all the way to the video card, IIRC, thus bypassing the browser's ability to save content, and exposing a potentially insecure video driver to the CDM blob.

[DerpDerpDerp]

This is my real objection to DRM: it fundamentally either is just a show (turning over the unencrypted message to the browser, anyway) or requires that I be locked away from the computation happening (has direct access to hardware and security features to keep me out).

So either it doesn't work by design, or it's a rootkit's wetdream since all hardware is designed to be able to lock me out.

[nullc]

Is a bank vault "just a show" simply because no one has ever invented one that can't be penetrated with a sufficient application of high explosives or a plasma torch?

The goal of making Joe-Average choose between the official channels or some malware laden underground site is a perfectly pragmatic one on the parts of the licensors. They don't need to block the ilicit copying completely to see a benefit...

Especially when the costs of their 'protection' are predominately externalized onto the users (in the form of restricted freedoms, closed software, spyware, etc).

[DerpDerpDerp]

In my terms, a bank vault would protect my valuables by fundamentally denying me access to them, except on terms dictated by some external trusted party. This is the case of DRM using entirely encrypted paths (which can be broken with the big guns, like in your analogy), not the case of it being "just for show".

> The goal of making Joe-Average choose between the official channels or some malware laden underground site is a perfectly pragmatic one on the parts of the licensors.

Uh... what? The problem with DRM from a practical standpoint is that the effective technical means serve as an impediment to Mr Joe Average using his computer for perfectly allowed purposes - including at times playing the game. (Look at any major game launch recently for thousands of upset players because the DRM servers are overloaded.)

Secondly, you presented a strawman, since there are lots of non-malware-laden copies available online.

I'm not really against DRM per se, if there were some magic solution. Nor am I arguing that partially effective security measures are meaningless. I'm arguing that having encryption protected computing channels which deny the user override (or inspection) access are dangerous (duh! they go on malware laden websites, as you point out), and that any DRM which doesn't use such hardware level (or even low-level software) is no more effective than just setting a metadata flag saying it's copyrighted.

I get why companies want DRM, but that doesn't mean that I think giving in to their wishes is a good idea, when it both creates worse computer security problems and fails to solve the problem at a technical level.

A lot of people pirate things precisely because DRM is such a hassle.

[lttlrck]

Incomplete or inaccurate, but "silly"?