T
The poster formerly known as 'The Poster Formerly
http://tinyurl.com/ylgkvb
Vista's Suicide Bomb: who gets hurt?
Mostly Wintel, we reckon
By Andrew Orlowski
Posted in Security, 28th December 2006 17:41 GMT
Analysis So have fun fighting the battle against CPRM and alike but
please do not be surprised when you fail, after all the war has been
lost, long live the new world order: proprietary devices, proprietary
interfaces, copy protection, limited functionality, and prepare you
credit card accounts for all those monthly rental and service charges
you will be paying for every "computer controller consumer electronics
device" you use.
- Hale Landis, March 2001
If you read just one thing over the holiday break, make sure it's Peter
Gutmann's cost analysis of Windows Vista, that we noted here. It's an
eye opening 20 minutes.
Gutmann describes in great detail the various measures Microsoft has
taken to lock down Windows on behalf of Hollywood. This isn't a
comprehensive look at all of Vista's DRM - Gutmann barely touches on
Microsoft's new activation framework; this is beyond the scope of his
enquiry.)
To recap: in order to playback HD-DVD and BluRay content, Microsoft
agreed to degrade video and audio functionality in Windows. Gutman
points out that when "premium" content is being played, component video
- YPbPr - and S/PDIF interfaces are disabled. Third party hardware that
fails to obey these orders may have its be "certified" status revoked by
Microsoft - leaving the user with minimal (eg VGA) functionality.
Additional hardware specifications decreed by Microsoft, which are
intended to alert the system that the "secure path" may have been
compromised, open up a potentially devastating new vulnerability for
net-connected PCs. As Gutman describes it -
Vista's content protection requires that devices (hardware and
software drivers) set so-called "tilt bits" if they detect anything
unusual. For example if there are unusual voltage fluctuations, maybe
some jitter on bus signals, a slightly funny return code from a function
call, a device register that doesn't contain quite the value that was
expected, or anything similar, a tilt bit gets set. Such occurrences
aren't too uncommon in a typical computer... Previously this was no
problem - the system was designed with a bit of resilience, and things
will function as normal. In other words small variances in performance
are a normal part of system functioning.
This creates a new attack vector for malware:
Non-US governments are already nervous enough about using a
US-supplied operating system without having this remote DoS capability
built into the operating system.
With the introduction of tilt bits, all of this designed-in
resilience is gone. Every little (normally unnoticeable) glitch is
suddenly surfaced because it could be a sign of a hack attack. The
effect that this will have on system reliability should require no
further explanation.
In short, the Vista specifications explicitly cripple the PC. We say
"specifications" quite deliberately, for in a sense this is a game of
chicken.
This DRM only affects the playback of next-generation DVDs; which isn't
a real problem for anyone quite yet: players cost $1,000 at the moment
and there's next to no content available for them. In the coming few
months, far more ordinary users will be affected by the DRM designed to
prevent unlicensed use of Windows itself, than by these Hollywood mandates.
Nevertheless, Gutmann calls Vista multimedia DRM the "longest suicide
note in history" - a phrase with some resonance to British voters [***].
This is evocative, but perhaps errs on the side of understatement. It
may be more accurate to think of Vista's DRM as a suicide bomber waiting
to go on his mission. For if and when Windows Vista optical multimedia
DRM is activated, it destroys Windows Vista DRM reputation in the market
as a multimedia playback device. The blowback will be felt most by
Microsoft, the PC industry, and third party hardware manufacturers. In
other words, the biggest loser would be the Windows market.
Quite rightly, Gutmann points out immediate disadvantages - such as the
increased cost to hardware manufacturers who have been obliged to
"secure" their digital pathways because Hollywood and the CE industry
couldn't be bothered to secure their own. (The i/o interface S/PDIF is
wide open). This is a cost which is passed on to consumers, whether we
use the functionality or not.
DRM explodes - not many dead?
But if implemented, and the "big switch" is finally turned on, how much
would it really matter?
Often discussions about DRM degenerate into self-serving hysteria about
"the end of culture". So we're grateful that Gutmann took the time to
state a fact so obvious, that it's often overlooked:
"If I do ever want to play back premium content," he wrote, "I'll wait a
few years and then buy a $50 Chinese-made set-top player to do it, not a
$1000 Windows PC. It's somewhat bizarre that I have to go to Communist
China in order to find vendors who actually understand the consumer's
needs."
Quite so. (I hardly think my "culture" is being thwarted when I can
simply slip my over-priced next-generation DVD into an over-prived
next-generation DVD player. Or download the file via Bittorrent.)
Compromising the open PC platform for the sake of playing back BluRay
and HD-DVD simply nukes the PC in the consumer electronics market - but
that's somewhere it arguably should never have been in the first place.
Despite Wintel's best efforts, the PC makes for a lousy home
entertainment hub. It's still too fussy, complicated and expensive: a
case of technological overkill driven solely by the vendors, led by
Microsoft and Intel.
Exactly six years ago, we broke the story of what was (and perhaps still
is) the most nefarious stunt ever attempted on the open PC platform: the
attempt to add CPRM into the specification for industry-standard hard
drives, ATA. This provided a mechanism for content producers to lock
down media to a specific machine, and would have arrived on the market
by stealth. After the resulting outcry, the plans were dropped, and CPRM
lives on as the standard DRM for removable flash media such as SD cards.
Consumers are now better educated, and we can be far more confident that
a restricted PC will land on the market with a dull thud - and never be
heard of again.
But some of the issues remain, not least for free software authors. As
Richard M Stallman eloquently described it at the time:
"If users accept the domination of centrally-controlled data, free
software faces two dangers, each worse than the other: [our emphasis]
that users will reject GNU/Linux because it doesn't support the central
control over access to these data, or that they will reject free
versions of GNU/Linux for versions "enhanced" with proprietary software
that support it. Either outcome will be a grave loss for our freedom."
But we'd be more confident if consumer groups and governments kept the
manufacturers to a minimum standard of disclosure. For the market to
arrive at an informed buying decision, it needs all the information.
So should Vista DRM require such technical counter-measures to play
next-generation DVDs, then so be it: but these must be marketed as such.
And despite protests, Microsoft has proved itself perfectly able to
produce a "reduced functionality" - in its own words - version of
Windows on demand. It once cheerfully produced a version that didn't
boot at all, for a US district judge.
Naturally, this reduced functionality version should be marketed
separately. We suggest clear labelling - such as putting the shrink-wrap
version in a BioHazard bag.
And the name? "Windows Vista SE".
For "Suicide Edition", of course. ®
Bootnote The phrase is attributed to right-wing Labour MP Gerard
Kaufmann describing his party's 1983 election manifesto.
--
"Software is like sex, it's better when it's free."
- Linus Torvalds
DRM and unintended consequences:
http://blogs.techrepublic.com.com/security/?p=435&tag=nl.e101
Vista's Suicide Bomb: who gets hurt?
Mostly Wintel, we reckon
By Andrew Orlowski
Posted in Security, 28th December 2006 17:41 GMT
Analysis So have fun fighting the battle against CPRM and alike but
please do not be surprised when you fail, after all the war has been
lost, long live the new world order: proprietary devices, proprietary
interfaces, copy protection, limited functionality, and prepare you
credit card accounts for all those monthly rental and service charges
you will be paying for every "computer controller consumer electronics
device" you use.
- Hale Landis, March 2001
If you read just one thing over the holiday break, make sure it's Peter
Gutmann's cost analysis of Windows Vista, that we noted here. It's an
eye opening 20 minutes.
Gutmann describes in great detail the various measures Microsoft has
taken to lock down Windows on behalf of Hollywood. This isn't a
comprehensive look at all of Vista's DRM - Gutmann barely touches on
Microsoft's new activation framework; this is beyond the scope of his
enquiry.)
To recap: in order to playback HD-DVD and BluRay content, Microsoft
agreed to degrade video and audio functionality in Windows. Gutman
points out that when "premium" content is being played, component video
- YPbPr - and S/PDIF interfaces are disabled. Third party hardware that
fails to obey these orders may have its be "certified" status revoked by
Microsoft - leaving the user with minimal (eg VGA) functionality.
Additional hardware specifications decreed by Microsoft, which are
intended to alert the system that the "secure path" may have been
compromised, open up a potentially devastating new vulnerability for
net-connected PCs. As Gutman describes it -
Vista's content protection requires that devices (hardware and
software drivers) set so-called "tilt bits" if they detect anything
unusual. For example if there are unusual voltage fluctuations, maybe
some jitter on bus signals, a slightly funny return code from a function
call, a device register that doesn't contain quite the value that was
expected, or anything similar, a tilt bit gets set. Such occurrences
aren't too uncommon in a typical computer... Previously this was no
problem - the system was designed with a bit of resilience, and things
will function as normal. In other words small variances in performance
are a normal part of system functioning.
This creates a new attack vector for malware:
Non-US governments are already nervous enough about using a
US-supplied operating system without having this remote DoS capability
built into the operating system.
With the introduction of tilt bits, all of this designed-in
resilience is gone. Every little (normally unnoticeable) glitch is
suddenly surfaced because it could be a sign of a hack attack. The
effect that this will have on system reliability should require no
further explanation.
In short, the Vista specifications explicitly cripple the PC. We say
"specifications" quite deliberately, for in a sense this is a game of
chicken.
This DRM only affects the playback of next-generation DVDs; which isn't
a real problem for anyone quite yet: players cost $1,000 at the moment
and there's next to no content available for them. In the coming few
months, far more ordinary users will be affected by the DRM designed to
prevent unlicensed use of Windows itself, than by these Hollywood mandates.
Nevertheless, Gutmann calls Vista multimedia DRM the "longest suicide
note in history" - a phrase with some resonance to British voters [***].
This is evocative, but perhaps errs on the side of understatement. It
may be more accurate to think of Vista's DRM as a suicide bomber waiting
to go on his mission. For if and when Windows Vista optical multimedia
DRM is activated, it destroys Windows Vista DRM reputation in the market
as a multimedia playback device. The blowback will be felt most by
Microsoft, the PC industry, and third party hardware manufacturers. In
other words, the biggest loser would be the Windows market.
Quite rightly, Gutmann points out immediate disadvantages - such as the
increased cost to hardware manufacturers who have been obliged to
"secure" their digital pathways because Hollywood and the CE industry
couldn't be bothered to secure their own. (The i/o interface S/PDIF is
wide open). This is a cost which is passed on to consumers, whether we
use the functionality or not.
DRM explodes - not many dead?
But if implemented, and the "big switch" is finally turned on, how much
would it really matter?
Often discussions about DRM degenerate into self-serving hysteria about
"the end of culture". So we're grateful that Gutmann took the time to
state a fact so obvious, that it's often overlooked:
"If I do ever want to play back premium content," he wrote, "I'll wait a
few years and then buy a $50 Chinese-made set-top player to do it, not a
$1000 Windows PC. It's somewhat bizarre that I have to go to Communist
China in order to find vendors who actually understand the consumer's
needs."
Quite so. (I hardly think my "culture" is being thwarted when I can
simply slip my over-priced next-generation DVD into an over-prived
next-generation DVD player. Or download the file via Bittorrent.)
Compromising the open PC platform for the sake of playing back BluRay
and HD-DVD simply nukes the PC in the consumer electronics market - but
that's somewhere it arguably should never have been in the first place.
Despite Wintel's best efforts, the PC makes for a lousy home
entertainment hub. It's still too fussy, complicated and expensive: a
case of technological overkill driven solely by the vendors, led by
Microsoft and Intel.
Exactly six years ago, we broke the story of what was (and perhaps still
is) the most nefarious stunt ever attempted on the open PC platform: the
attempt to add CPRM into the specification for industry-standard hard
drives, ATA. This provided a mechanism for content producers to lock
down media to a specific machine, and would have arrived on the market
by stealth. After the resulting outcry, the plans were dropped, and CPRM
lives on as the standard DRM for removable flash media such as SD cards.
Consumers are now better educated, and we can be far more confident that
a restricted PC will land on the market with a dull thud - and never be
heard of again.
But some of the issues remain, not least for free software authors. As
Richard M Stallman eloquently described it at the time:
"If users accept the domination of centrally-controlled data, free
software faces two dangers, each worse than the other: [our emphasis]
that users will reject GNU/Linux because it doesn't support the central
control over access to these data, or that they will reject free
versions of GNU/Linux for versions "enhanced" with proprietary software
that support it. Either outcome will be a grave loss for our freedom."
But we'd be more confident if consumer groups and governments kept the
manufacturers to a minimum standard of disclosure. For the market to
arrive at an informed buying decision, it needs all the information.
So should Vista DRM require such technical counter-measures to play
next-generation DVDs, then so be it: but these must be marketed as such.
And despite protests, Microsoft has proved itself perfectly able to
produce a "reduced functionality" - in its own words - version of
Windows on demand. It once cheerfully produced a version that didn't
boot at all, for a US district judge.
Naturally, this reduced functionality version should be marketed
separately. We suggest clear labelling - such as putting the shrink-wrap
version in a BioHazard bag.
And the name? "Windows Vista SE".
For "Suicide Edition", of course. ®
Bootnote The phrase is attributed to right-wing Labour MP Gerard
Kaufmann describing his party's 1983 election manifesto.
--
"Software is like sex, it's better when it's free."
- Linus Torvalds
DRM and unintended consequences:
http://blogs.techrepublic.com.com/security/?p=435&tag=nl.e101