United Airlines Requires You To Install Special Brand Of DRM To Watch Movies On Flights

from the yeah,-that's-not-happening dept

On Twitter yesterday, Brian Fitzpatrick, a tech entrepreneur, noted that while trying to enjoy the in-flight entertainment on the United Airlines flight he was taking, the in-flight Wi-Fi system told him he need to install its special brand of DRM. They didn't even try to sugarcoat it with some fancy confusing name. It's literally called the DRM plugin:
In case you can't see the image, it says:
Click 'Okay' to download the latest DRM Plugin.
After installation playback should resume immediately,
if it doesn't then you may need to restart your browser.
Fitzpatrick kindly sent me a bunch more screenshots and details. That little error message pops up -- along with other error messages -- when you go to watch a movie:
This is part of United's "beta test" of its "Personal Device Entertainment" option, that allows you to apparently fuck up your computer, just to get access to the short list of films and TV shows that United has contracted to allow you to watch while in flight. The "requirements" on United's website only shows "the latest version" of various browsers (oddly, Chrome is excluded -- which we'll get to) and Flash Player 15 or higher.
Notice that it doesn't say anything about "our own personal malware." The only indication something may be up is in this infographic that says "you may be prompted to download a plug-in." No biggie.

Fitzpatrick also realized that if you don't have Flash (which is actually a good security practice) United will helpfully offer to install it for you as well:
Because what's flying the friendly skies without the opportunity to push multiple pieces of software that might put your computer at risk!

At this point, United will provide lots of detailed instructions on how to install the DRM-you-never-wanted on your machine:
Notice the more detailed instructions to get it to work in Chrome (and the earlier note about how this system doesn't support Chrome)? That's because the plugin is using NPAPI, which is a security nightmare and is no longer supported in Chrome for security reasons. As the Chrome team has noted: "NPAPI is a really big hammer that should only be used when no other approach will work."

So, not only is United trying to install unnecessary and annoying DRM on your computer, it's also doing so in a way that it is recognized as being a security nightmare. That's encouraging.

In the interest of science, Fitzpatrick dug a little deeper and discovered that the "DRM plugin" in question is actually Panasonic's Marlin DRM -- something we actually wrote about years ago, as an attempt to create an "open source" DRM. Though, amusingly, Fitzpatrick notes that the DRM comes with strong copyright warnings itself:
This Software Product is protected by copyright laws and treaties, as well as laws and treaties related to other forms of intellectual property. Panasonic Avionics Corporation or its subsidiaries, affiliates, ad suppliers (collectively "PAC") own intellectual property rights in the Software Product. The Licensee's ("you" or "your") license to download, use, copy, or change the Software Product is subject to these rights and to all the terms and conditions of this End User License Agreement ("Agreement").
How sweet. You need to abide by Panasonic's rules when you install its security nightmare of a DRM you didn't want, just to watch an in-flight movie.

And, really, after all this, people should be asking but why? What "threat" model requires United to force dangerous malware onto your computer? And the answer is likely that Hollywood requires it, because to Hollywood everything is a threat, and the idea that someone might be paying hundreds of dollars for flights and they might also then make a copy of a movie... well, that's just too much to handle, and they have to first ask you to break your computer and put all your data at risk. Isn't that sweet of Hollywood? Oh wait, no I didn't mean sweet. I meant insane.

I'm sure that United Airlines didn't think through much of this and the details when it agreed to these ridiculous terms. It just thought it was adding an option that sounded nice. Letting people have access to more entertainment options, including on their own devices sure sounds like a nice option for some passengers. But if it comes with forcing people to put their computers and information at risk, it gets problematic fast.

Filed Under: drm, flash, in flight entertainment, marlin, marlin drm
Companies: united airlines

Reader Comments

Subscribe: RSS

View by: Time | Thread

  1. icon
    TJGeezer (profile), 22 Jul 2015 @ 10:34am

    Strange marketing

    So United declares openly that it distrusts its own customers and expects them to behave without honor. What I don't get is why anyone would voluntarily pay to put their lives in the hands of a company with such attitudes. If they won't trust me, it probably reflect the distrust they feel they themselves have earned. They expect you to treat them the way they know they treat you - it's a sort of mirror principle. Why on earth would I trust such people with my life?

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here

Subscribe to the Techdirt Daily newsletter

Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: Techdirt Logo Gear
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Report this ad  |  Hide Techdirt ads
Recent Stories
Report this ad  |  Hide Techdirt ads


Email This

This feature is only available to registered users. Register or sign in to use it.