• dreamwave@sh.itjust.works
    link
    fedilink
    arrow-up
    1
    ·
    1 year ago

    Not just key store, since you can quite easily use a secure enclave on Linux just as on any other platform.

    The key issue is the render stack. On Windows and MacOS, providers can get certain assurances that the parts of the stack that take their decoded DRM’ed content and draw it into a window, get composited with other windows, have various transforms applied, and actually get things out to an HDCP-supporting monitor are all unmodified and (at least to a certain extent) immune to screen captures and other methods of getting the plain un-encrypted media stream. Linux on the desktop almost never provides those assurances. The only ones that really do are ChromeOS and Android–and both of those provide relatively high trust DRM as a result.

    DRM doesn’t work in practice to prevent piracy, but if you drink that cool-aid and assume for a moment that DRM actually worked, then Linux is basically impossible to provide verified DRM content to with the current landscape in the way that Windows, MacOS, CrOS and Android/iOS do