Common use of Protection against Hacking Clause in Contracts

Protection against Hacking. Playback licenses, revocation certificates, and security-critical data shall be cryptographically protected against tampering, forging, and spoofing. The content protection system shall employ industry accepted tamper-resistant technology on hardware and software components (e.g., to prevent such hacks as a clock rollback, spoofing, use of common debugging tools, and intercepting unencrypted content in memory buffers). For software-only implementations on open computing platforms (e.g., personal computers), the content protection system shall employ tamper resistant software. Examples of tamper resistant software techniques include: Code obfuscation example: The executable binary dynamically encrypts and decrypts itself in memory, so that the algorithm is not unnecessarily exposed to disassembly or reverse engineering. Integrity detection example: Using one-way cryptographic hashes of the executable code segments and/or self-referential integrity dependencies, the trusted software fails to execute if it is altered prior to or during runtime. Anti-debugging example: The decryption engine prevents the use of common debugging tools. The content protection system implements secure internal data channels to prevent rogue processes from intercepting data transmitted between system processes as soon as possible after such secure internal data channels are commercially-available or are otherwise feasible. The content protection system shall prevent the use of media player filters or plug-ins that can be exploited to gain unauthorized access to content (e.g.: access to the decrypted but still encoded content by inserting a shim between the DRM and the player).