Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

A Cost Analysis of Windows Vista Content Protection
University of Auckland Department of Computer Science ^ | 23 December 2006 | Peter Gutmann

Posted on 12/23/2006 5:51:48 PM PST by IncPen

Executive Summary
Windows Vista includes an extensive reworking of core OS elements in order to provide content protection for so-called "premium content", typically HD data from Blu-Ray and HD-DVD sources. Providing this protection incurs considerable costs in terms of system performance, system stability, technical support overhead, and hardware and software cost. These issues affect not only users of Vista but the entire PC industry, since the effects of the protection measures extend to cover all hardware and software that will ever come into contact with Vista, even if it's not used directly with Vista (for example hardware in a Macintosh computer or on a Linux server). This document analyses the cost involved in Vista's content protection, and the collateral damage that this incurs throughout the computer industry.

Executive Executive Summary
The Vista Content Protection specification could very well constitute the longest suicide note in history.

Introduction
This document looks purely at the cost of the technical portions of Vista's content protection. The political issues (under the heading of DRM) have been examined in exhaustive detail elsewhere and won't be commented on further, unless it's relevant to the cost analysis. However, one important point that must be kept in mind when reading this document is that in order to work, Vista's content protection must be able to violate the laws of physics, something that's unlikely to happen no matter how much the content industry wishes it were possible. This conundrum is displayed over and over again in the Windows content-protection specs, with manufacturers being given no hard- and-fast guidelines but instead being instructed that they need to display as much dedication as possible to the party line. The documentation is peppered with sentences like:

"It is recommended that a graphics manufacturer go beyond the strict letter of the specification and provide additional content-protection features, because this demonstrates their strong intent to protect premium content".

This is an exceedingly strange way to write technical specifications, but is dictated by the fact that what the spec is trying to achieve is fundamentally impossible. Readers should keep this requirement to display appropriate levels of dedication in mind when reading the following analysis [Note A].

Disabling of Functionality
Vista's content protection mechanism only allows protected content to be sent over interfaces that also have content-protection facilities built in. Currently the most common high-end audio output interface is S/PDIF (Sony/Philips Digital Interface Format). Most newer audio cards, for example, feature TOSlink digital optical output for high-quality sound reproduction, and even the latest crop of motherboards with integrated audio provide at least coax (and often optical) digital output. Since S/PDIF doesn't provide any content protection, Vista requires that it be disabled when playing protected content. In other words if you've invested a pile of money into a high-end audio setup fed from a digital output, you won't be able to use it with protected content. Similarly, component (YPbPr) video will be disabled by Vista's content protection, so the same applies to a high-end video setup fed from component video.

Indirect Disabling of Functionality
As well as overt disabling of functionality, there's also covert disabling of functionality. For example PC voice communications rely on automatic echo cancellation (AEC) in order to work. AEC requires feeding back a sample of the audio mix into the echo cancellation subsystem, but with Vista's content protection this isn't permitted any more because this might allow access to premium content. What is permitted is a highly-degraded form of feedback that might possibly still sort-of be enough for some sort of minimal echo cancellation purposes. The requirement to disable audio and video output plays havoc with standard system operations, because the security policy used is a so-called "system high" policy: The overall sensitivity level is that of the most sensitive data present in the system. So the instant any audio derived from premium content appears on your system, signal degradation and disabling of outputs will occur. What makes this particularly entertaining is the fact that the downgrading/disabling is dynamic, so if the premium-content signal is intermittent or varies (for example music that fades out), various outputs and output quality will fade in and out, or turn on and off, in sync. Normally this behaviour would be a trigger for reinstalling device drivers or even a warranty return of the affected hardware, but in this case it's just a signal that everything is functioning as intended.

Decreased Playback Quality
Alongside the all-or-nothing approach of disabling output, Vista requires that any interface that provides high-quality output degrade the signal quality that passes through it. This is done through a "constrictor" that downgrades the signal to a much lower-quality one, then up-scales it again back to the original spec, but with a significant loss in quality. So if you're using an expensive new LCD display fed from a high-quality DVI signal on your video card and there's protected content present, the picture you're going to see will be, as the spec puts it, "slightly fuzzy", a bit like a 10-year-old CRT monitor that you picked up for $2 at a yard sale. In fact the spec specifically still allows for old VGA analog outputs, but even that's only because disallowing them would upset too many existing owners of analog monitors. In the future even analog VGA output will probably have to be disabled. The only thing that seems to be explicitly allowed is the extremely low-quality TV-out, provided that Macrovision is applied to it. The same deliberate degrading of playback quality applies to audio, with the audio being downgraded to sound (from the spec) "fuzzy with less detail".

Amusingly, the Vista content protection docs say that it'll be left to graphics chip manufacturers to differentiate their product based on (deliberately degraded) video quality. This seems a bit like breaking the legs of Olympic athletes and then rating them based on how fast they can hobble on crutches. Beyond the obvious playback-quality implications of deliberately degraded output, this measure can have serious repercussions in applications where high-quality reproduction of content is vital. For example the field of medical imaging either bans outright or strongly frowns on any form of lossy compression because artifacts introduced by the compression process can cause mis-diagnoses and in extreme cases even become life-threatening. Consider a medical IT worker who's using a medical imaging PC while listening to audio/video played back by the computer (the CDROM drives installed in workplace PCs inevitably spend most of their working lives playing music or MP3 CDs to drown out workplace noise). If there's any premium content present in there, the image will be subtly altered by Vista's content protection, potentially creating exactly the life-threatening situation that the medical industry has worked so hard to avoid. The scary thing is that there's no easy way around this - Vista will silently modify displayed content under certain (almost impossible-to-predict in advance) situations discernable only to Vista's built-in content-protection subsystem.

Elimination of Open-source Hardware Support
In order to prevent the creation of hardware emulators of protected output devices, Vista requires a Hardware Functionality Scan (HFS) that can be used to uniquely fingerprint a hardware device to ensure that it's (probably) genuine. In order to do this, the driver on the host PC performs an operation in the hardware (for example rendering 3D content in a graphics card) that produces a result that's unique to that device type. In order for this to work, the spec requires that the operational details of the device be kept confidential. Obviously anyone who knows enough about the workings of a device to operate it and to write a third-party driver for it (for example one for an open-source OS, or in general just any non-Windows OS) will also know enough to fake the HFS process. The only way to protect the HFS process therefore is to not release any technical details on the device beyond a minimum required for web site reviews and comparison with other products.

Elimination of Unified Drivers
The HFS process has another cost involved with it. Most hardware vendors have (thankfully) moved to unified driver models instead of the plethora of individual drivers that abounded some years ago. Since HFS requires unique identification and handling of not just each device type (for example each graphics chip) but each variant of each device type (for example each stepping of each graphics chip) to handle the situation where a problem is found with one variation of a device, it's no longer possible to create one-size-fits-all drivers for an entire range of devices like the current Catalyst/Detonator/ForceWare drivers. Every little variation of every device type out there must now be individually accommodated in custom code in order for the HFS process to be fully effective. If a graphics chip is integrated directly into the motherboard and there's no easy access to the device bus then the need for bus encryption (see "Unnecessary CPU Resource Consumption" below) is removed. Because the encryption requirement is so onerous, it's quite possible that this means of providing graphics capabilities will suddenly become more popular after the release of Vista. However, this leads to a problem: It's no longer possible to tell if a graphics chip is situated on a plug-in card or attached to the motherboard, since as far as the system is concerned they're both just devices sitting on the AGP/PCIe bus. The solution to this problem is to make the two deliberately incompatible, so that HFS can detect a chip on a plug-in card vs. one on the motherboard. Again, this does nothing more than increase costs and driver complexity. Further problems occur with audio drivers. To the system, HDMI audio looks like S/PDIF, a deliberate design decision to make handling of drivers easier. In order to provide the ability to disable output, it's necessary to make HDMI codecs deliberately incompatible with S/PDIF codecs, despite the fact that they were specifically designed to appear identical in order to ease driver support and reduce development costs.

Denial-of-Service via Driver Revocation
Once a weakness is found in a particular driver or device, that driver will have its signature revoked by Microsoft, which means that it will cease to function (details on this are a bit vague here, presumably some minimum functionality like generic 640x480 VGA support will still be available in order for the system to boot). This means that a report of a compromise of a particular driver or device will cause all support for that device worldwide to be turned off until a fix can be found. Again, details are sketchy, but if it's a device problem then presumably the device turns into a paperweight once it's revoked. If it's an older device for which the vendor isn't interested in rewriting their drivers (and in the fast-moving hardware market most devices enter "legacy" status within a year of two of their replacement models becoming available), all devices of that type worldwide become permanently unusable. The threat of driver revocation is the ultimate nuclear option, the crack of the commissars' pistols reminding the faithful of their duty [Note B]. The exact details of the hammer that vendors will be hit with is buried in confidential licensing agreements, but I've heard mention of multimillion dollar fines and embargoes on further shipment of devices alongside the driver revocation mentioned above.

Decreased System Reliability

"Drivers must be extra-robust. Requires additional driver development to isolate and protect sensitive code paths" -- ATI.

Vista's content protection requires that devices (hardware and software drivers) set so-called "tilt bits" if they detect anything unusual. For example if there are unusual voltage fluctuations, maybe some jitter on bus signals, a slightly funny return code from a function call, a device register that doesn't contain quite the value that was expected, or anything similar, a tilt bit gets set. Such occurrences aren't too uncommon in a typical computer (for example starting up or plugging in a bus-powered device may cause a small glitch in power supply voltages, or drivers may not quite manage device state as precisely as they think). Previously this was no problem - the system was designed with a bit of resilience, and things will function as normal. In other words small variances in performance are a normal part of system functioning. Furthermore, the degree of variance can differ widely across systems, with some handling large changes in system parameters and others only small ones. One very obvious way to observe this is what happens when a bunch of PCs get hit by a momentary power outage. Effects will vary from powering down, to various types of crash, to nothing at all, all triggered by exactly the same external event. With the introduction of tilt bits, all of this designed-in resilience is gone. Every little (normally unnoticeable) glitch is suddenly surfaced because it could be a sign of a hack attack.

The effect that this will have on system reliability should require no further explanation. Content-protection "features" like tilt bits also have worrying denial-of- service (DoS) implications. It's probably a good thing that modern malware is created by programmers with the commercial interests of the phishing and spam industries in mind rather than just creating as much havoc as possible. With the number of easily-accessible grenade pins that Vista's content protection provides, any piece of malware that decides to pull a few of them will cause considerable damage. The homeland security implications of this seem quite serious, since a tiny, easily-hidden piece of malware would be enough to render a machine unusable, while the very nature of Vista's content protection would make it almost impossible to determine why the denial-of-service is occurring. Furthermore, the malware authors, who are taking advantage of "content-protection" features, would be protected by the DMCA against any attempts to reverse-engineer or disable the content-protection "features" that they're abusing. Even without deliberate abuse by malware, the homeland security implications of an external agent being empowered to turn off your IT infrastructure in response to a content leak discovered in some chipset that you coincidentally happen to be using is a serious concern for potential Vista users. Non-US governments are already nervous enough about using a US-supplied operating system without having this remote DoS capability built into the operating system. And like the medical-image-degradation issue, you won't find out about this until it's too late, turning Vista PCs into ticking time bombs if the revocation functionality is ever employed.

Increased Hardware Costs

"Cannot go to market until it works to specification... potentially more respins of hardware" -- ATI.

"This increases motherboard design costs, increases lead times, and reduces OEM configuration flexibility. This cost is passed on to purchasers of multimedia PCs and may delay availability of high-performance platforms" -- ATI.

Vista includes various requirements for "robustness" in which the content industry, through "hardware robustness rules", dictates design requirements to hardware manufacturers. For example, only certain layouts of a board are allowed in order to make it harder for outsiders to access parts of the board. Possibly for the first time ever, computer design is being dictated not by electronic design rules, physical layout requirements, and thermal issues, but by the wishes of the content industry. Apart from the massive headache that this poses to device manufacturers, it also imposes additional increased costs beyond the ones incurred simply by having to lay out board designs in a suboptimal manner. Video card manufacturers typically produce a one-size- fits-all design (often a minimally-altered copy of the chipset vendor's reference design), and then populate different classes and price levels of cards in different ways. For example a low-end card will have low-cost, minimal or absent TV-out encoders, DVI circuitry, RAMDACs, and various other add-ons used to differentiate budget from premium video cards.

You can see this on the cheaper cards by observing the unpopulated bond pads on circuit boards, and gamers and the like will be familiar with cut-a-trace/resolder-a- resistor sidegrades of video cards. Vista's content-protection requirements eliminate this one-size-fits-all design, banning the use of separate TV-out encoders, DVI circuitry, RAMDACs, and other discretionary add-ons. Everything has to be custom-designed and laid out so that there are no unnecessary accessible signal links on the board. This means that a low-cost card isn't just a high-cost card with components omitted, and conversely a high-cost card isn't just a low-cost card with additional discretionary components added, each one has to be a completely custom design created to ensure that no signal on the board is accessible. This extends beyond simple board design all the way down to chip design. Instead of adding an external DVI chip, it now has to be integrated into the graphics chip, along with any other functionality normally supplied by an external chip. So instead of varying video card cost based on optional components, the chipset vendor now has to integrate everything into a one- size-fits-all premium-featured graphics chip, even if all the user wants is a budget card for their kids' PC.

Increased Cost due to Requirement to License Unnecessary Third-party IP

"We've taken on more legal costs in copyright protection in the last six to eight months than we have in any previous engagement. Each legal contract sets a new precedent, and each new one builds on the previous one" -- ATI.

Protecting all of this precious premium content requires a lot of additional technology. Unfortunately much of this is owned by third parties and requires additional licensing. For example HDCP for HDMI is owned by Intel, so in order to send a signal over HDMI you have to pay royalties to Intel, even though you could do exactly the same thing for free over DVI. Similarly, since even AES-128 on a modern CPU isn't fast enough to encrypt high-bandwidth content, companies are required to license the Intel-owned Cascaded Cipher, an AES-128-based transform that's designed to offer a generally similar level of security but with less processing overhead. The need to obtain unnecessary technology licenses extends beyond basic hardware IP. In order to demonstrate their commitment to the cause, Microsoft have recommended as part of their "robustness rules" that vendors license third-party code obfuscation tools to provide virus-like stealth capabilities for their device drivers in order to make it difficult to interfere with their operations or reverse-engineer them. Vendors like Cloakware and Arxan have actually added "robustness solutions" web pages to their sites in anticipation of this lucrative market. This must be a nightmare for device vendors, for whom it's already enough of a task getting fully functional drivers deployed without having to deal with adding stealth-virus-like technology on top of the basic driver functionality

Unnecessary CPU Resource Consumption

"Since [encryption] uses CPU cycles, an OEM may have to bump the speed grade on the CPU to maintain equivalent multimedia performance. This cost is passed on to purchasers of multimedia PCs" -- ATI.

In order to prevent tampering with in-system communications, all communication flows have to be encrypted and/or authenticated. For example content to video cards has to be encrypted with AES-128. This requirement for cryptography extends beyond basic content encryption to encompass not just data flowing over various buses but also command and control data flowing between software components. For example communications between user-mode and kernel-mode components are authenticated with OMAC message authentication-code tags, at considerable cost to both ends of the connection. In order to prevent active attacks, device drivers are required to poll the underlying hardware every 30ms to ensure that everything appears kosher. This means that even with nothing else happening in the system, a mass of assorted drivers has to wake up thirty times a second just to ensure that... nothing continues to happen. In addition to this polling, further device-specific polling is also done, for example Vista polls video devices on each video frame displayed in order to check that all of the grenade pins (tilt bits) are still as they should be [Note C].

On-board graphics create an additional problem in that blocks of precious content will end up stored in system memory, from where they could be paged to disk. In order to avoid this, Vista tags such pages with a special protection bit indicating that they need to be encrypted before being paged out and decrypted again after being paged in. Vista doesn't provide any other pagefile encryption, and will quite happily page banking PINs, credit card details, private, personal data, and other sensitive information, in plaintext. The content-protection requirements make it fairly clear that in Microsoft's eyes a frame of premium content is worth more than (say) a user's medical records or their banking PIN. In addition to the CPU costs, the desire to render data inaccessible at any level means that video decompression can't be done in the CPU any more, since there isn't sufficient CPU power available to both decompress the video and encrypt the resulting uncompressed data stream to the video card. As a result, much of the decompression has to be integrated into the graphics chip. At a minimum this includes IDCT, MPEG motion compensation, and the Windows Media VC-1 codec (which is also DCT-based, so support via an IDCT core is fairly easy).

As a corollary to the "Increased Hardware Costs" problem above, this means that you can't ship a low-end graphics chip without video codec support any more. The inability to perform decoding in software also means that any premium- content compression scheme not supported by the graphics hardware can't be implemented. If things like the Ogg video codec ever eventuate and get used for premium content, they had better be done using something like Windows Media VC-1 or they'll be a non-starter under Vista or Vista-approved hardware. This is particularly troubling for the high-quality digital cinema (D-Cinema) specification, which uses Motion JPEG2000 (MJ2K) because standard MPEG and equivalents don't provide sufficient image quality. Since JPEG2000 uses wavelet-based compression rather than MPEG's DCT-based compression, and wavelet-based compression isn't on the hardware codec list, it's not possible to play back D-Cinema premium content (the moribund Ogg Tarkin codec also used wavelet-based compression). Because *all* D-Cinema content will (presumably) be premium content, the result is no playback at all until the hardware support appears in PCs at some indeterminate point in the future. Compare this to the situation with MPEG video, where early software codecs like the XingMPEG en/decoder practically created the market for PC video. Today, thanks to Vista's content protection, the opening up of new markets in this manner would be impossible. The high-end graphics and audio market are dominated entirely by gamers, who will do anything to gain the tiniest bit of extra performance, like buying Bigfoot Networks' $250 "Killer NIC" ethernet card in the hope that it'll help reduce their network latency by a few milliseconds. These are people buying $500-$1000 graphics and sound cards for which one single sale brings the device vendors more than the few cents they get from the video/audio portion of an entire roomful of integrated-graphics-and-sound PCs. I wonder how this market segment will react to knowing that their top-of-the-line hardware is being hamstrung by all of the content-protection "features" that Vista hogties it with?

Unnecessary Device Resource Consumption

"Compliance rules require [content] to be encrypted. This requires additional encryption/decryption logic thus adding to VPU costs. This cost is passed on to all consumers" -- ATI.

As part of the bus-protection scheme, devices are required to implement AES-128 encryption in order to receive content from Vista. This has to be done via a hardware decryption engine on the graphics chip, which would typically be implemented by throwing away a rendering pipeline or two to make room for the AES engine. Establishing the AES key with the device hardware requires further cryptographic overhead, in this case a 2048-bit Diffie-Hellman key exchange. In programmable devices this can be done (with considerable effort) in the device (for example in programmable shader hardware), or more simply by throwing out a few more rendering pipelines and implementing a public-key- cryptography engine in the freed-up space. Needless to say, the need to develop, test, and integrate encryption engines into audio/video devices will only add to their cost, as covered in "Increased Hardware Costs" above, and the fact that their losing precious performance in order to accommodate Vista's content protection will make gamers less than happy.

Final Thoughts

"No amount of coordination will be successful unless it's designed with the needs of the customer in mind. Microsoft believes that a good user experience is a requirement for adoption" -- Microsoft.

"The PC industry is committed to providing content protection on the PC, but nothing comes for free. These costs are passed on to the consumer" -- ATI

At the end of all this, the question remains: Why is Microsoft going to this much trouble? Ask most people what they picture when you use the term "premium media player" and they'll respond with "A PVR" or "A DVD player" and not "A Windows PC". So why go to this much effort to try and turn the PC into something that it's not? In July 2006, Cory Doctorow published an analysis of the anti-competitive nature of Apple's iTunes copy-restriction system ("Apple's Copy Protection Isn't Just Bad For Consumers, It's Bad For Business", Cory Doctorow, Information Week, 31 July 2006). The only reason I can imagine why Microsoft would put its programmers, device vendors, third-party developers, and ultimately its customers, through this much pain is because once this copy protection is entrenched, Microsoft will completely own the distribution channel. In the same way that Apple has managed to acquire a monopolistic lock-in on their music distribution channel (an example being the Motorola ROKR fiasco, which was so crippled by Apple-imposed restrictions that it was dead the moment it appeared), so Microsoft will totally control the premium- content distribution channel. Not only will they be able to lock out any competitors, but because they will then represent the only available distribution channel they'll be able to dictate terms back to the content providers whose needs they are nominally serving in the same way that Apple has already dictated terms back to the music industry: Play by Apple's rules, or we won't carry your content.

The result will be a technologically enforced monopoly that makes their current de-facto Windows monopoly seem like a velvet glove in comparison. Overall, Vista's content-protection functionality seems like an astonishingly short-sighted piece of engineering, concentrating entirely on content protection with no consideration given to the enormous repercussions of the measures employed. It's something like the PC equivalent of the (hastily dropped) proposal mooted in Europe to put RFID tags into high-value banknotes as an anti-counterfeiting measure, completely ignoring the fact that the major users of this technology would end up being criminals who would use it to remotely identify the most lucrative robbery targets. The worst thing about all of this is that there's no escape. Hardware manufacturers will have to drink the kool-aid (and the reference to mass suicide here is deliberate [Note D]) in order to work with Vista: "There is no requirement to sign the [content-protection] license; but without a certificate, no premium content will be passed to the driver".

Of course as a device manufacturer you can choose to opt out, if you don't mind your device only ever being able to display low-quality, fuzzy, blurry video and audio when premium content is present, while your competitors don't have this (artificially-created) problem. As a user, there is simply no escape. Whether you use Windows Vista, Windows XP, Windows 95, Linux, FreeBSD, OS X, Solaris (on x86), or almost any other OS, Windows content protection will make your hardware more expensive, less reliable, more difficult to program for, more difficult to support, more vulnerable to hostile code, and with more compatibility problems. Here's an offer to Microsoft: If we, the consumers, promise to never, ever, ever buy a single HD-DVD or Blu-Ray disc containing any precious premium content [Note E], will you in exchange withhold this poison from the computer industry? Please?

Acknowledgements
This document was put together with input from various sources, including a number that requested that I keep their contributions anonymous (in some cases I've simplified or rewritten some details to ensure that the original, potentially traceable wording of non-public requirements docs isn't used). Because it wasn't always possible to go back to the sources and verify exact details, it's possible that there may be some inaccuracies present, which I'm sure I'll hear about fairly quickly. No doubt Microsoft (who won't want a view of Vista as being broken by design to take root) will also provide their spin on the details. In addition to the material present here, I'd be interested in getting further input both from people at Microsoft involved in implementing the content protection measures and from device vendors who are required to implement the hardware and driver software measures. I know from the Microsoft sources that contributed that many of them care deeply about providing the best possible audio/video user experience for Vista users and are quite distressed about having to spend time implementing large amounts of anti-functionality when it's already hard enough to get things running smoothly without the intentional crippling. I'm always open to further input, and will keep all contributions confidential unless you give me permission to repeat something. If you want to encrypt things, my PGP key is linked from my home page.

Sources
Because this writeup started out as a private discussion in email, a number of the sources used were non-public. The best public sources that I know of are: "Output Content Protection and Windows Vista", from WHDC. "Windows Longhorn Output Content Protection", from WinHEC. "How to Implement Windows Vista Content Output Protection", from WinHEC. "Protected Media Path and Driver Interoperability Requirements", from WinHEC

An excellent analysis from one of the hardware vendors involved in this comes from ATI, in the form of "Digital Media Content Protection", from WinHEC. This points out (in the form of PowerPoint bullet-points) the manifold problems associated with Vista's content-protection measures, with repeated mention of increased development costs, degraded performance and the phrase "increased costs passed on to consumers" pervading the entire presentation like a mantra. (Note that the crypto requirements have changed since some of the information above was published, for example SHA-1 has been deprecated in favour of SHA-256 and SHA-512, and public keys seem to be uniformly set at 2048 bits in place of the mixture of 1024-bit and 2048-bit mentioned in the presentations). In addition there have been quite a few writeups on this (although not going into as much detail as this document) in magazines both online and in print, one example being PC World's feature article "Will your PC run Windows Vista?", which covers this in the appropriately-titled section "Multimedia in chains".

Audience reactions at WinHEC are covered in "Longhorn: tough trail to PC digital media" published in EE Times; unfortunately you need to be a subscriber to read this but you may be able to find accessible cached copies using your favourite search engine

Footnotes

Note A: I'll make a prediction at this point that, given that it's trying to do the impossible, the Vista content protection will take less than a day to bypass if the bypass mechanism is something like a driver bug or a simple security hole that applies only to one piece of code (and can therefore be quickly patched), and less than a week to comprehensively bypass in a driver/hardware-independent manner. This doesn't mean it'll be broken the day or week that it appears, but simply that once a sufficiently skilled attacker is motivated to bypass the protection, it'll take them less than a day or a week to do so.

Note B: I see some impressive class-action suits to follow if this revocation mechanism is ever applied. Perhaps Microsoft or the content providers will buy everyone who owns a device that inadvertently leaks content and is then disabled by the revocation process replacement hardware for their system. Some contributors have commented that they can't see the revocation system ever being used because the consumer backlash would be too enormous, but then the legal backlash from not going ahead could be equally extreme. For anyone who's read "Guns of August", the situation seems a bit like pre-WWI Europe with people sitting on step 1 of enormously complex battle plans that can't be backed out of once triggered, no matter how obvious it is that going ahead with them is a bad idea. Driver revocation is a lose/lose situation for Microsoft, they're in for some serious pain whether they do or they don't. Their lawyers must have been asleep when they let themselves get painted into this particular corner. An entirely different DoS problem that applies more to HDMI-enabled devices in general has already surfaced in the form of, uhh, "DVI amplifiers", which take as input an HDMI signal and output a DVI signal, amplifying it in the process. Oh, and as a side-effect they just happen to remove the HDCP protection. These devices are relatively simple to design and build using off-the-shelf HDMI chips (I know of hardware hackers who have built their own protection- strippers using chip samples obtained from chip vendors. If you have the right credentials you can even get hardware evaluation boards designed for testing and development that do this sort of thing). Now assume that the "DVI amplifier" manufacturer buys a truckload of HDMI chips (they'll want to get as many as they can in one go because they probably won't be able to go back and buy more when the chip vendor discovers what they're being used for). Since this is a rogue device, it can be revoked... alongside hundreds of thousands or even millions of other consumer devices that use the same chip. Engadget have a good overview of this scenario at http://www.engadget.com/2005/07/21/the-clicker-hdcps-shiny-red-button/.

Note C: We already have multiple reports from Vista reviewers of playback problems with video and audio content, with video frames dropped and audio stuttering even on high-end systems. Time will tell whether this problem is due to immature drivers, or has been caused by the overhead imposed by Vista's content protection mechanisms interfering with playback.

Note D: The "kool-aid" reference may be slightly unfamiliar to non-US readers, it's a reference to the 1978 Jonestown mass-suicide in which Jim Jones' followers drank Flavor Aid laced with poison in order to demonstrate their dedication to the cause. In popular usage the term "kool-aid" is substituted for Flavor Aid because it has more brand recognition.

Note E: If I do ever want to play back premium content, I'll wait a few years and then buy a $50 Chinese-made set-top player to do it, not a $1000 Windows PC. It's somewhat bizarre that I have to go to Communist China in order to find vendors who actually understand the consumer's needs. A reductio ad absurdem solution to the "premium-content problem", proposed by a Slashdot reader, is to add support to Windows Vista for a black-box hardware component that accepts as input encrypted compressed premium content and produces as output encrypted (or otherwise protected) decoded premium content. In other words, move the entire mass of hardware, driver, and software protection into a dedicated black box that's only used in media PCs where it's (arguably) required. Now compare this add-on black box to the canonical Chinese-made $50 media player. Why would anyone buy the black box (which will almost certainly cost more than $50) when they can buy a complete dedicated media play that does the same thing and more?


TOPICS:
KEYWORDS: apple; microsoft; vista; windows
Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100101-120121-140141-152 next last
To: Charles H. (The_r0nin)

I don't think you understand at all what I said.

I didn't make any snide comments to anyone about wishful thinking.

I said we haven't invented a painless way to do it, but we eventually will. We just don't know what is it yet or how it will be done.


121 posted on 12/24/2006 3:53:18 PM PST by rlmorel (Islamofacism: It is all fun and games until someone puts an eye out. Or chops off a head.)
[ Post Reply | Private Reply | To 110 | View Replies]

To: RebelTex

Thanks for that answer.


122 posted on 12/24/2006 3:54:14 PM PST by rlmorel (Islamofacism: It is all fun and games until someone puts an eye out. Or chops off a head.)
[ Post Reply | Private Reply | To 113 | View Replies]

To: Syntyr
Also Games SUCK running on Mac's. I have tried. Flight Sim X, Battlefield 2142, Splinter Cell Double Agent... All suck. I can't even get Battlefield 2142 to run.

What Intel® Mac are you running? A Mac Mini?

That doesn't seem to match other's experiences. The Mac IS a PC when booted with Bootcamp.

Simon Ocean
Triple-A Player
Join Date: Jan 2005
Location: Sherburn, UK
Posts: 57

To add my two penneth:

I have Vista Ultimate installed on a Boot Camp created partition. To date there has not been one single problem running it on my iMac.

In fact, it works better/faster than the exact same install on my 4.2Ghz Pentium.

Previously to Vista I had XP Professional installed, same with that, no problems at all.

It will even play games such as Splinter Cell-Double Agent that will not play on my Pentium!

Source - Mac OSX Hints

. . . I tested Office 2003, Photoshop, InDesign, and a number of games, along with periperhals such as printers, USB gaming devices, and FireWire hard drives. Everything just works.

Source

Re: Multiple Monitors... the MacPro supports eight 30" monitors should you need them.

123 posted on 12/24/2006 4:02:44 PM PST by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 93 | View Replies]

To: ShadowAce

If it's a big enough problem, I think we will see the beginning of the production of open-source hardware.


124 posted on 12/24/2006 4:28:14 PM PST by B Knotts (Newt '08!)
[ Post Reply | Private Reply | To 116 | View Replies]

To: IncPen

Unfortunately you are incorrect in your assumption here. Every major video card manufacturer has had it's Vista compliant next generation of GPUs in the pipeline since late 2005.

Upgrading a Mac to a new generation video card will have a Vista fee associated with it, say $20 to $50 per card at the high end cards.


125 posted on 12/24/2006 4:35:54 PM PST by JerseyHighlander
[ Post Reply | Private Reply | To 23 | View Replies]

To: All

Ah, the fun's just beginning. Just imagine that Vista is two or so generations down the pike, and all the wrinkles have been ironed out. You've got two elements: hardware that can be linked to you and your online activities, and hardware that can be crippled remotely.

So it's 2015, and Italy's first Islamic Republic is elected to power. Maybe it's the U.K. The True Believers have a list of websites critical of Islam, and one of their first acts is putting into place a architecture that will identify and turn off every machine that contacts such a site from an Italian ISP. Sites like, say, the Vatican.

Or perhaps it's the US with "hate" speech. One day, Free Republic simply disappears, because every US machine stops working as soon as it contacts the server. Oh, maybe it take a few visits to take into account the possibility you clicked there by accident.

I hated Longhorn when I first heard of it, and I hate Vista now. It represents a grave threat to liberty.


126 posted on 12/24/2006 4:55:09 PM PST by GOP Jedi (Democracy, Immigration, Multiculturalism -- Pick Any Two)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

Check your FR Mail...


127 posted on 12/24/2006 5:03:57 PM PST by IncPen (When Al Gore Finished the Internet, he invented Global Warming)
[ Post Reply | Private Reply | To 120 | View Replies]

To: Central Scrutiniser; Northern Alliance

This article requires a Computer Degree almost.

You could be sorry if you want Vista for gaming. It is almost a given that your video card and monitor are incompatible with Vista if any HD content is running. Your game will be restricted to 800 by 600 or perhaps even 640 by 480. Your audio will be turned off or made to sound terrible. This could be content on a web page or on a CD. Microsoft could even decide your $300 Video Card was a threat to HD content and just deactivate it. Buy any new card and Monitor to overcome this and it will be slower or far more expensive in order to jump through all the new Copy Protection Hoops. Even dual core processors will be brought to their kneen by all the Copy Protection software Microsoft is requiring.

Vista will almost guarantee that PC's will be in the shop after a year or so. Dust alone can make the PC think it is compromised and then Microsoft will just dumb it down or not let it boot.

Drivers will be almost impossible to write and very, very expensive. Thus cards will be far less capable yet more expensive.


128 posted on 12/24/2006 6:22:22 PM PST by ImphClinton (Four More Years Go Bush)
[ Post Reply | Private Reply | To 20 | View Replies]

To: rlmorel

Very real.

HDMI you may have heard of. It is the newest thing in Video/Televisions.

This requires Video to be Encrypted 1024 bits all the way. This is very compute intensive. It has to be done in each device and over and over again in the PC. That makes for expensive and slow equipment.


129 posted on 12/24/2006 6:26:27 PM PST by ImphClinton (Four More Years Go Bush)
[ Post Reply | Private Reply | To 12 | View Replies]

To: IncPen

You are dreaming Mac 10.5 or 11 will be the same. Apple led the way with Music Sales and it's locked down IPod. Otherwise you could play no HD content on a Mac. What good would it be then.


130 posted on 12/24/2006 6:30:03 PM PST by ImphClinton (Four More Years Go Bush)
[ Post Reply | Private Reply | To 17 | View Replies]

To: barb-tex

This is not Microsoft.

This is Sony, RIAA, MPA, et all.

And you have another think coming if you think Apple won't jump on the bandwagon. Sony made Apple a new success.


131 posted on 12/24/2006 6:56:42 PM PST by ImphClinton (Four More Years Go Bush)
[ Post Reply | Private Reply | To 36 | View Replies]

To: Wonder Warthog; IncPen; rlmorel; Logophile

Books are different than video. However Books are in libraries. It is obviously not stealing to go to a library.

In a way the internet is a library as well. Thus why is it "stealing" if you access the same thing to read/view on the internet? What is the difference? I see none.

Other material not available in a library is in a different category. But then it is copyright infringement not stealing. I deprive you of nothing by copying a movie on the internet. No property has changed hands. Study after study has shown that people that see/hear material on the internet are far more likely to buy that material than had they only seen advertising. After all no one can possibly buy what they do not know about. Without getting the word out you have no income. There are an increasing number of people never exposed to advertising. They surf the Web and don't watch TV or pay attention to adds on the internet. I am in this category. I watch TV but surf during commercials. Just how are we supposed to know something exist?

If the DRM people get their way they may make more money for a short time but they will kill the goose that laid the golden egg. VCR's have made far more for the TV industry through sales of Video Tapes/DVD/s than they ever began to cost in lost add revenue (which never happened). DRM was forced out of the MP3 market for a large part. Yet music sales went up. I can download movies on the internet but you better believe I pay to see them in a theater if they are worth seeing. But I quit NetFlix two years ago because there are so very few good movies any more. It the game to make bad movies but use DRM to get more money?

DRM flies in the face of everything that makes America Great. Totally enforced only a very few would ever have a chance to sell anything. This crowd would make writing a song and giving it away (to get noticed) illegal. They would force you to pay every time you listened to a song or watched a movie.

Every attempt at DRM has failed and this will as well. I pray it takes Microsoft down with it. Then we might get PC's that actually worked for us instead of Sony, Microsoft, etc. I hate it when Microsoft decides to reboot my computer even though I have done everything I can to deny them this ability.


132 posted on 12/24/2006 7:36:35 PM PST by ImphClinton (Four More Years Go Bush)
[ Post Reply | Private Reply | To 86 | View Replies]

To: ImphClinton
"... deprive you of nothing by copying a movie on the internet..."

I disagree.

133 posted on 12/24/2006 7:49:19 PM PST by rlmorel (Islamofacism: It is all fun and games until someone puts an eye out. Or chops off a head.)
[ Post Reply | Private Reply | To 132 | View Replies]

To: Covenantor
" As a user, there is simply no escape. Whether you use Windows Vista, Windows XP, Windows 95, Linux, FreeBSD, OS X, Solaris (on x86), or almost any other OS, Windows content protection will make your hardware more expensive, less reliable, more difficult to program for, more difficult to support, more vulnerable to hostile code, and with more compatibility problems

This is interesting to me because I had purchased a software program that was compatible with MS back in June '06, loaded it and had some problems with it. I used it, unloaded it and just last week tried to load it again. I could load the program but I could not update the program service pack. MS windows installer told me to check with the vendor. The vendor wanted me to do a bunch of stuff to my computer. I said no that apparently their program was no longer compatible with MS because whatever they had in their Service Pack Windows Installer would not allow the replacement of the "protected file." I have XP Pro. The program is OmniPage 15 Pro. Anybody got any ideas? By the way I have the Installer version (v2)redistributed.

134 posted on 12/24/2006 8:04:13 PM PST by Snoopers-868th
[ Post Reply | Private Reply | To 19 | View Replies]

To: Swordmaker

Actually, they indicated to me that they no longer handled this type of synchornization license. They directed me to the different labels. $2 a CD would have been great with me and it would have made me feel like I was doing the right thing.

This was about six months ago, so who knows--


135 posted on 12/24/2006 8:21:27 PM PST by Vermont Lt (I am not from Vermont. I lived there for four years and that was enough.)
[ Post Reply | Private Reply | To 120 | View Replies]

To: Logophile

Wrong.

Sony just lost on this in court.

When your DRM makes my computer unusable you are at fault and liable for the damage the DRM caused. Thus the incentive to get Microsoft to do the dirty work (as it is so hard to win against Microsoft as they could care less about bad press).

Unless Microsoft offers a Vista DRM free they will either lose in court or be forced out of the market. I refuse to buy anything that hobbles my computer and makes it unusable for its real purpose and that is not HD Movies. I will not infect my PC with Draconian versions of DRM.

Us tech guys will get the word out and Vista will fail miserably. We already got Microsoft to stop it's scheme of making Vista only installable twice (Buy a third Hard Drive and the OS will not install).

Vista is simply not needed. We will force NVidia et all to make XP versions of hardware until Microsoft removes DRM from Vista.

Enough bad press and Microsoft sometimes listens.


136 posted on 12/24/2006 8:57:01 PM PST by ImphClinton (Four More Years Go Bush)
[ Post Reply | Private Reply | To 99 | View Replies]

To: rlmorel

If I like something I buy it.

Thus if I copy your work and like it I will buy it. If I don't like it I won't buy it. However if I don't copy it I will most likely never know about it and thus never buy it.

Now other things I might borrow and rather than turn on the radio listen to an MP3. But once again if I like it I buy it to support the artist. I just hate commercials and refuse to listen to them under any circumstances so this is the only way I experience new stuff I like. Plus my taste are not on the radio much.

The internet is the greatest thing that has ever happened to the industry. It just hasn't figured it out because it is blinded by greed trying to figure out a way to extract even more. But I fear they will kill the goose that laid that egg if they force DRM down our thoughts.


137 posted on 12/24/2006 9:13:29 PM PST by ImphClinton (Four More Years Go Bush)
[ Post Reply | Private Reply | To 133 | View Replies]

To: ImphClinton

You and I have a basic philosophical difference here.

I understand your analogy with the Goose and Golden Egg, and why you think that is something to beware of. I agree.

I just feel that the creators of content need to be adequately protected. And I simply think that letting people have complete and total access for free to a perfect copy with no restrictions on how it it used is wrong.

I understand your point of view.


138 posted on 12/24/2006 9:19:30 PM PST by rlmorel (Islamofacism: It is all fun and games until someone puts an eye out. Or chops off a head.)
[ Post Reply | Private Reply | To 137 | View Replies]

To: ImphClinton
"...We already got Microsoft to stop it's scheme of making Vista only installable twice..."

I was unaware of this restriction until I saw it on Free Republic...and it may have even been you who voiced it. When I told that to my brother who works for himself doing PC tech support, he looked at me like I was a lunatic, and said..."WHAT?" I am no Microsoft fan, but I found that a bit shocking. Even as dim a bulb in some techorespects as I am due to my limited scope in certain areas of my work, I grasped the enormity of that pretty quick.

139 posted on 12/24/2006 9:25:21 PM PST by rlmorel (Islamofacism: It is all fun and games until someone puts an eye out. Or chops off a head.)
[ Post Reply | Private Reply | To 136 | View Replies]

To: IncPen

One solution that comes to mind isn't exactly legal. MSFT is forcing the inclusion of various "grenade pins", as the author calls them, with Vista. These pins can turn your Vista PC into a doorstop if pulled. The solution? Pull the pins.

What if malware writers started doing things with their code that messed with the host PC at a level that triggered MSFT's anti-tampering features? That PC would cease to function at the level the consumer expected as it attempts to protectss the Preciousssss premium contentsesss. (Though, it would still be just fine for use as a spam mailing zombie! In fact, it would work even better as a zombie. The CPU would no longer be wasting cycles processing encrypted video and audio data.) The consumer would, of course, blame MSFT for the outage. If enough PC users had their machines taken away from them by Vista, the backlash would force MSFT to back down. (And yes, they do respond to consumer pressure. Witness their repeated attempts to halt support for legacy software.) Such an approach would have to be implemented quickly; before hardware vendors make the investment necessary to play the Vista game.

As I said, action of this sort would be illegal. I am not endorsing it by writing this. I am merely thinking out loud. So if some hardware vendor with contacts in Russia should happen to read this, I didn't tell you to do anything. Whatever you do with this is your own business!


140 posted on 12/24/2006 10:32:38 PM PST by Redcloak (Speak softly and wear a loud shirt.)
[ Post Reply | Private Reply | To 1 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-20 ... 81-100101-120121-140141-152 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson