[Section contents]

GNU Home / Malware / By type /

Proprietary DRM


Nonfree (proprietary) software is very often malware (designed to mistreat the user). Nonfree software is controlled by its developers, which puts them in a position of power over the users; that is the basic injustice. The developers and manufacturers often exercise that power to the detriment of the users they ought to serve.

This typically takes the form of malicious functionalities.


Here are examples of proprietary programs and systems that implement digital restrictions management (DRM): functionalities designed intentionally to restrict what users can do. These functionalities are also called digital handcuffs.

DRM is reinforced by censorship laws that ban software (and hardware) that can break the handcuffs. Instead of these laws, DRM itself ought to be illegal. Please support our campaign to abolish DRM.

If you know of an example that ought to be in this page but isn't here, please write to <webmasters@gnu.org> to inform us. Please include the URL of a trustworthy reference or two to serve as specific substantiation.

  • 2025-05

    Denuvo is a digital restrictions management (DRM) system that is integrated into the code of some PC games, as an “anti-piracy solution.” But what Denuvo does, really, is to make the games Defective by design.

    Of course, gamers hate Denuvo. But hate is useless. They should go one step further, and stop buying games that use DRM.

  • 2025-04

    Synology forces users to install self-branded hard drives in some of its recent NAS systems on pretext of reliability, by blocking critical functions of drives that were purchased from other sources, and cutting down on support. Synology does this by replacing the original firmware with custom firmware that acts like DRM.

  • 2024-01

    UHD Blu-ray disks are encrypted with AACS, one of the worst kinds of DRM. Playing them on a PC requires software and hardware that meet stringent proprietary specifications, which developers can only obtain after signing an agreement that explicitly forbids them from disclosing any source code.

  • 2023-12

    Newag, a Polish railway manufacturer, puts DRM inside trains to prevent third-party repairs.

    • The train's software contains code to detect if the GPS coordinates are near some third party repairers, or the train has not been running for some time. If yes, the train will be “locked up” (i.e. bricked). It was also possible to unlock it by pressing a secret combination of buttons in the cockpit, but this ability was removed by a manufacturer's software update.

    • The train will also lock up after a certain date, which is hardcoded in the software.

    • The company pushes a software update that detects if the DRM code has been bypassed, i.e. the lock should have been engaged but the train is still operational. If yes, the controller cabin screen will display a scary message warning about “copyright violation”.

  • 2023-11

    To block non-Apple repairs, Apple encodes the iMonster serial number in the original parts. This is called “parts pairing”. Swapping parts between working iMonsters of the same model causes malfunction or disabling of some functionalities. Part replacement may also trigger persistent alerts, unless it is done by an Apple store.

  • 2023-05

    HP delivers printers with a universal back door, and recently used it to sabotage them by remotely installing malware. The malware makes the printer refuse to function with non-HP ink cartrides, and even with old HP cartridges which HP now declares to have “expired.” HP calls the back door “dynamic security,” and has the gall to claim that this “security” protects users from malware.

    If you own an HP printer that can still use non-HP cartridges, we urge you to disconnect it from the internet. This will ensure that HP doesn't sabotage it by “updating” its software.

    Note how the author of the Guardian article credulously repeats HP's assertion that the “dynamic security” feature protects users against malware, not recognizing that the article demonstrates it does the opposite.

  • 2022-09

    B-CAS [1] is the digital restrictions management (DRM) system used by Japanese TV broadcasters, including NHK (public-service TV). It is sold by the B-CAS company, which has a de-facto monopoly on it. Initially intended for pay-TV, its use was extended to digital free-to-air broadcasting as a means to enforce restrictions on copyrighted works. The system encrypts works that permit free redistribution just like other works, thus denying users their nominal rights.

    On the client side, B-CAS is typically implemented by a card that plugs into a compatible receiver, or alternatively by a tuner card that plugs into a computer. Beside implementing drastic copying and viewing restrictions, this system gives broadcasters full power over users, through back doors among other means. For example:

    • It can force messages to the user's TV screen, and the user can't turn them off.
    • It can collect viewing information and send it to other companies to take surveys. Until 2011, user registration was required, so the viewing habits of each customer were recorded. We don't know whether this personal information was deleted from the company's servers after 2011.
    • Each card has an ID, which enables broadcasters to force customer-specific updates via the back door normally used to update the decryption key. Thus pay-TV broadcasters can disable decryption of the broadcast wave if subscription fees are not paid on time. This feature could also be used by any broadcaster (possibly instructed by the government) to stop certain persons from watching TV.
    • As the export of B-CAS cards is illegal, people outside Japan can't (officially) decrypt the satellite broadcast signal that may spill over to their location. They are thus deprived of a valuable source of information about what happens in Japan.

    These unacceptable restrictions led to a sort of cat-and-mouse game, with some users doing their best to bypass the system, and broadcasters trying to stop them without much success: cryptographic keys were retrieved through the back door of the B-CAS card, illegal cards were made and sold on the black market, as well as a tuner for PC that disables the copy control signal.

    While B-CAS cards are still in use with older equipment, modern high definition TVs have an even nastier version of this DRM (called ACAS) in a special chip that is built into the receiver. The chip can update its own software from the company's servers, even when the receiver is turned off (but still plugged into an outlet). This feature could be abused to disable stored TV programs that the power in place doesn't agree with, thus interfering with free speech.

    Being part of the receiver, the ACAS chip is supposed to be tamper-resistant. Time will tell…

    [1] We thank the free software supporter who translated this article from Japanese, and shared his experience of B-CAS with us. (Unfortunately, the article presents DRM as a good thing.)

  • 2022-03

    Apple prevents people from upgrading their Mac hardware by imposing DRM on its removable SSD storage.

  • 2022-02

    Hewlett-Packard is implementing DRM in its printers so they refuse to print with ink cartridges from another supplier.

  • 2022-02

    Dymo is now embedding DRM in the paper rolls for its label printers to make those printers reject equivalent paper rolls made by other companies. This is implemented by an RFID tag, which keeps track of how many labels remain on the roll, and blocks further printing when the roll is empty—an efficient way to prevent reusing the same RFID with a third-party roll.

  • 2021-11

    Apple's new tactic to restrict users from repairing their own device and impose DRM on people is to completely disable its Face ID functionality when you replace its screen.

  • 2021-10

    Adobe has licensed its Flash Player to China's Zhong Cheng Network who is offering the program bundled with spyware and a back door that can remotely deactivate it.

    Adobe is responsible for this since they gave Zhong Cheng Network permission to do this. This injustice involves “misuse” of the DMCA, but “proper,” intended use of the DMCA is a much bigger injustice. There is a series of errors related to DMCA.

  • 2021-05

    Apple is systematically undermining interoperability. At the hardware level, it does this via nonstandard plugs, buses and networks. At the software level, it does this by not letting the user have any data except within one app.

  • 2021-03

    Amazon's monopoly and DRM is stopping public libraries from lending e-books and audiobooks. Amazon became powerful in e-book world by Swindle, and is now misusing its power and violates people's rights using Digital Restrictions Management.

    The article is written in a way that endorses DRM in general, which is unacceptable. DRM is an injustice to people.

  • 2019-08

    Apple is putting DRM on iPhone batteries, and the system proprietary software turns off certain features when batteries are replaced other than by Apple.

  • 2019-04

    Ebooks “bought” from Microsoft's store check that their DRM is valid by connecting to the store every time their “owner” wants to read them. Microsoft is going to close this store, bricking all DRM'ed ebooks it has ever “sold”. (The article additionally highlights the pitfalls of DRM.)

    This is another proof that a DRM-encumbered product doesn't belong to the person who bought it. Microsoft said it will refund customers, but this is no excuse for selling them restricted books.

  • 2019-02

    The HP “ink subscription” cartridges have DRM that constantly communicates with HP servers to make sure the user is still paying for the subscription, and hasn't printed more pages than were paid for.

    Even though the ink subscription program may be cheaper in some specific cases, it spies on users, and involves totally unacceptable restrictions in the use of ink cartridges that would otherwise be in working order.

  • 2018-10

    Printer manufacturers are very innovative—at blocking the use of independent replacement ink cartridges. Their “security upgrades” occasionally impose new forms of cartridge DRM. HP and Epson have done this.

  • 2018-06

    The game Metal Gear Rising for MacOS was tethered to a server. The company shut down the server, and all copies stopped working.

  • 2017-11

    The DMCA and the EU Copyright Directive make it illegal to study how iOS cr…apps spy on users, because this would require circumventing the iOS DRM.

  • 2017-05

    Google now allows Android apps to detect whether a device has been rooted, and refuse to install if so. The Netflix app uses this ability to enforce DRM by refusing to install on rooted Android devices.

    Update: Google intentionally changed Android so that apps can detect rooted devices and refuse to run on them. The Netflix app is proprietary malware, and one shouldn't use it. However, that does not make what Google has done any less wrong.

  • 2017-04

    The Amazon Kindle has DRM. That article is flawed in that it fails to treat DRM as an ethical question; it takes for granted that whatever Amazon might do to its users is legitimate. It refers to DRM as digital “rights” management, which is the spin term used to promote DRM. Nonetheless it serves as a reference for the facts.

    We refer to that product as the Amazon Swindle because of this and other malicious functionalities.

  • 2017-04

    The iPhone 7 contains DRM specifically designed to brick it if an “unauthorized” repair shop fixes it. “Unauthorized” essentially means anyone besides Apple.

    (The article uses the term “lock” to describe the DRM, but we prefer to use the term digital handcuffs.)

  • 2017-02

    DRM-restricted files can be used to identify people browsing through Tor. The vulnerability exists only if you use Windows.

  • 2017-01

    Chrome implements DRM. So does Chromium, through nonfree software that is effectively part of it.

    More information.

  • 2016-09

    HP's firmware downgrade imposed DRM on some printers, which now refuse to function with third-party ink cartridges.

  • 2016-05

    Oculus Rift games now have DRM meant to prevent running them on other systems.

  • 2016-01

    The “Cube” 3D printer was designed with DRM: it won't accept third-party printing materials. It is the Keurig of printers. Now it is being discontinued, which means that eventually authorized materials won't be available and the printers may become unusable.

    With a printer that gets the Respects Your Freedom, this problem would not even be a remote possibility.

    How pitiful that the author of that article says that there was “nothing wrong” with designing the device to restrict users in the first place. This is like putting a “cheat me and mistreat me” sign on your chest. We should know better: we should condemn all companies that take advantage of people like him. Indeed, it is the acceptance of their unjust practice that teaches people to be doormats.

  • 2015-12

    Apple uses DRM software to prevent people from charging an iThing with a generic USB cable.

  • 2015-12

    Philips “smart” lightbulbs had initially been designed to interact with other companies' smart light bulbs, but later the company updated the firmware to disallow interoperability.

    If a product is “smart”, and you didn't build it, it is cleverly serving its manufacturer against you.

  • 2015-01

    The Netflix Android app forces the use of Google DNS. This is one of the methods that Netflix uses to enforce the geolocation restrictions dictated by the movie studios.

  • 2014-10

    Adobe made “Digital Editions,” the e-reader used by most US libraries, spy on the user for the sake of DRM.

  • 2013-11

    DRM in cars will drive consumers crazy.

  • 2013-10

    DVDs and Blu-ray disks have DRM.

    That page uses spin terms that favor DRM, including digital “rights” management and “protect”, and it claims that “artists” (rather than companies) are primarily responsible for putting digital restrictions management into these disks. Nonetheless, it is a reference for the facts.

    Every Blu-ray disk (with few, rare exceptions) has DRM—so don't use Blu-ray disks!

  • 2012-12

    Samsung “Smart” TVs have turned Linux into the base for a tyrant system so as to impose DRM. What enables Samsung to do this is that Linux is released under GNU GPL version 2, not version 3, together with a weak interpretation of GPL version 2.

  • 2011-02

    Android contains facilities specifically to support DRM.

  • 2010-02

    DRM does more nastiness to published works than merely stopping people from looking at and/or copying them. Even when it allows you to look, it harasses you in many ways. Cory Doctorow's article presents DVDs as an example.

    We condemn the propaganda term “pirate” when it is applied to people that share copies. Many of these DVDs are made and distributed commercially; in reference to that practice, “pirate” might be partly justified. But not when they protect users from harassment.

    The fundamental cause of this harassment, and the fundamental wrong of the DRM in DVDs, is the requirement to use nonfree software to play the DVD. Fortunately we have free replacement software.

  • 2008-11

    DRM (digital restrictions mechanisms) in MacOS. This article focuses on the fact that a new model of Macbook introduced a requirement for monitors to have malicious hardware, but DRM software in MacOS is involved in activating the hardware. The software for accessing iTunes is also responsible.

  • 2008-03

    HDCP is a DRM system that encrypts video and audio data from the processor to the monitor. It is implemented mainly in hardware, but the system software also participates, which makes it qualify as malware.

    Besides controlling users, HDCP denies their fair-use rights and causes numerous practical problems.

  • 2008-02

    DRM in Flash Player.

  • 2007-08

    DRM in Windows, introduced to cater to Blu-ray disks. (The article talks about how the same malware would later be introduced in MacOS. That had not been done at the time, but it was done subsequently.)

  • 2007-03

    iTunes videos have DRM, which allows Apple to dictate where its customers can watch the videos they purchased.