[Geeks are Sexy] technology news





Wednesday, December 27, 2006

Vista's Content Protection Badness

As most of you probably know by now, Windows Vista is proving to be a mixed bag of happy improvements and irkful headaches. Yes, there's the shiny new Aero Glass UI, which really does look nicer than Windows XP's offerings (though it comes with its own set of headaches). On the other hand, there are numerous instances of rather uncool things being done in the background, such as Vista's new (and decidedly unshiny) Virgin Stack. The argument over whether or not users should upgrade to Microsoft's latest offering abound, and are beyond the scope of this particular post. But from what I've seen, read, and heard, not enough people outside the more geekish circles are really seeing the important pros and cons of the new OS beyond the purely cosmetic changes. This is probably one of the reasons behind the recent founding of sites like BadVista and the noise they are trying to stir up.

I've heard all manner of rumors and rumbles concerning the copy-protection technologies that are supposedly built into Vista. The credible ones make me sad, and a little nervous about the future, but at the end of the day they didn't have much impact beyond "Well, there's yet another reason to get a Mac or switch to Linux." Reading a recent paper by one Peter Gutmann changed that.

The basic story here is that Microsoft is introducing a large suite of features and technology that enable Vista to control and enforce the use of so-called "premium content"...which amounts to copy-protected media such as HD-DVD and Blu-ray disks. This not only takes a lot of software technology to accomplish, but also requires a large amount of new hardware, as well as new driver technology to support it. The end result is that successful playback of this "premium content" demands that a secure connection is made between the media's reader device and the display it is projected onto. If this secure connection cannot be established (whether it be because you are using unsupported hardware connections, unsupported drivers or chipsets, or whatever) or if that connection is even interrupted, playback will silently fail. The results of this can be anything from severely degraded playback results, to a completely black display. Details of how and why this will happen, as well as the ramifications of Microsoft essentially forcing this technology on hardware manufacturers can be found in the paper.

If you think that degraded output really isn't more than an annoyance, you may be surprised to learn differently.


Beyond the obvious playback-quality implications of deliberately degraded output, this measure can have serious repercussions in applications where high-quality reproduction of content is vital. For example the field of medical imaging either bans outright or strongly frowns on any form of lossy compression because artifacts introduced by the compression process can cause mis-diagnoses and in extreme cases even become life-threatening. Consider a medical IT worker who's using a medical imaging PC while listening to audio/video played back by the computer (the CDROM drives installed in workplace PCs inevitably spend most of their working lives playing music or MP3 CDs to drown out workplace noise). If there's any premium content present in there, the image will be subtly altered by Vista's content protection, potentially creating exactly the life-threatening situation that the medical industry has worked so hard to avoid. The scary thing is that there's no easy way around this - Vista will silently modify displayed content under certain (almost impossible-to-predict in advance) situations discernable only to Vista's built-in content-protection subsystem.

Some other choice tidbits include how Vista's copy-protection technology will foster the "elimination of open-source hardware support" and "elimination of unified drivers," enable "denial-of-service via driver revocation," cause serious system instability, and noticeably increase hardware and software development costs across the board.

It may seem like an article like this would be nothing more than crazed Vista-bashing, but it is not. The horrible fallout for implementing the copy-protection mechanisms described in the paper is completely logical, and Microsoft's reasons for going forward with it anyway are equally so. In short, it stands to put them in a very strong position to completely dominate not only software and hardware markets, but content distribution as well. Seriously, what self-respecting (and continually employed) CEO doesn't want to conquer their respective planet and gain control of their market?

In the same way that Apple has managed to acquire a monopolistic lock-in on their music distribution channel (an example being the Motorola ROKR fiasco, which was so crippled by Apple-imposed restrictions that it was dead the moment it appeared), so Microsoft will totally control the premium-content distribution channel. Not only will they be able to lock out any competitors, but because they will then represent the only available distribution channel they'll be able to dictate terms back to the content providers whose needs they are nominally serving in the same way that Apple has already dictated terms back to the music industry: Play by Apple's rules, or we won't carry your content. The result will be a technologically enforced monopoly that makes their current de-facto Windows monopoly seem like a velvet glove in comparison.

Check out "A Cost Analysis of Windows Vista Content Protection" by Peter Gutmann.

If you have a few minutes to spare, please read the whole thing. It's simply fascinating, and is something that EVERY responsible computer user will need to start thinking about as this kind of technology continues to develop and evolve. There is also some additional commentary that is also worth checking out. Via Schneier.

Labels: , , ,



15 Comments:

  • geez, makes you wonder what kind of relationship Microsoft 'really' has with the government and so on - I'm sure this level of control can't be purely Bill Gates's idea...more reason than ever to get a mac

    By Anonymous Anonymous, at 1:09 PM  

  • The sad thing is, Microsoft is trying to secure a bunch of future game titles as DirectX 10 only. I suspect they will find that the enthusiast market will find Vista about as wonderful as WindowsME.

    I hope Windows Vista does about as well as the PS3, Sinks like the Exxon Valdez, leaving a massive mess to clean up.

    By Blogger Chad, at 2:19 PM  

  • I'm pretty sure the "premium content" industry has enough money and influence to not need any government intervention to do that.

    By Anonymous Anonymous, at 3:09 PM  

  • Are you all really, really stupid? Or do you just not read all the facts before closing your minds?

    HDCP, which is the name of the protocol that protects high-definition content, is not Microsoft's idea. It never was.

    HDCP was invented by the movie industry because they're sick of people copying DVDs now, and want to stop them copying BD-ROMs and HD-DVDs in the future.

    Microsoft only added HDCP support to Windows so that you would be able to watch these movies. If they didn't add HDCP support, you would get lower-resolution video for all HDCP protected content.

    If Apple wants to allow its customers to view HDCP protected content, it too will have to add HDCP support.

    And if you're using Linux, you can kiss a high-definition future goodbye. HDCP support requires a licence to be paid each time it is incorporated into a product. Which will never, ever happen with Linux. So the only way Linux users will get to enjoy high-definition HDCP content is if it eventually gets cracked (i.e. you'll only be able to view HDCP content illegally).

    The older DRM technology included with WMV and WMA was, again, pushed by companies other than Microsoft. The record companies are particularly happy with DRM on WMA and MP3 files, because it means their music can't be illegally copied.

    Apple also uses DRM on its iTunes music, remember? They're no better - but it's also not their fault.

    Linux has the privilege of ignoring DRM because it keeps getting cracked. It's illegal, but that doesn't bother too many Linux users (who would be the first to complain if someone did anything against their precious GPL).

    If you really want to know who the big, bad wolf is here, go and have a read about the RIAA. They recently proposed to charge every home a licencing fee if they had a TV larger than 30 inches, and two comfortable chairs in front of said TV. How rediculous is that?!?

    (Oh, and that crap in the article about medical students losing quality... First of all, the reduced quality is only for the actual video that is being watched, not the entire screen. Second of all, if a doctor misdiagnoses something because they were watching a movie that degraded the screen quality, I personally would blame the doctor, not HDCP. He/she should be concentrating on the task at hand, not a movie.)

    ANONYMOUS: What are you smoking? What the hell does the government have to do with this? That is the most rediculous statement I have ever read.

    CHAD: So what if they are? They own Windows, they own DirectX, so naturally they would like people to make games using DirectX on Windows. What would you like them to do? Tell everyone to develop games for OpenGL on Linux? They are a business, and they do what's best for them.

    By Anonymous Anonymous, at 6:34 PM  

  • Anonymous #3-
    You bring up some good points, but you're also missing the general point of this post, and it doesn't seem like you read the paper that inspired it. It's true that HDCP is not at all a Microsoft thing, but HDCP only locks down content between a device's video-out and another device's video-in (over HDMI or DVI, specifically). The issue that this post addresses is regarding the internal workings of a computer, which encompasses everything between the media-reading device and the video-out point. HDCP is not an issue here.

    Regarding the medical-related "crap", again, you're missing the point a little. The choice quote addresses a scenario involving *medical imaging systems*. It has nothing to do with "doctors watching a movie while making a diagnosis." This is before a doctor even receives the imagery. And again, HDCP has nothing to do with the piece of the system that this concerns.

    The rest of you guys also seem to be missing the point a bit so far. The copy-protection measures that we're talking about here are very low-level software and hardware technologies. This is stuff that lives far below such things as DirectX and whatnot.

    Also, this has nothing to do with the government at all (for now). The stuff talked about here is a strictly technological issue that is backed by economic motivations. Yes, the content producers are fans of DRM (and have managed to push it on distributors like Microsoft and Apple), but the stuff talked about here is different. Apple's iTunes system has managed to secure a monopolistic strangle-hold on online music distribution. Microsoft appears to be attempting the same thing, but on a broader scale than Apple. Read the last paragraph and quote in the original post.

    Also, read the paper that inspired this post. Seriously. This is a whole lot scarier than HDCP and DirectX 10 dominance, or anything similar.

    Chad-
    Amen to your second bit. I hope Vista goes under too...I just wish we professional geek-types didn't have to deal with cleaning up the mess.

    By Blogger theMatt, at 7:52 PM  

  • Me again - anonymous #3.

    I (re)read the paper, just to make sure I hadn't missed anything.

    The problem with the paper is that it seems to be aimed at "dissing" the content protection features built in to Vista, rather than the content protection itself.

    The content protection he mentions only covers HDCP content.

    You are free to watch and listen to non-HDCP high definition content on any capable system, Vista or otherwise.

    The downsampling and degrading that Vista enforces when you are not using an HDCP-compliant system only occurs when watching HDCP content. Other content is not affected.

    If Apple wants Mac users to have to ability to watch HDCP content, they too will have to enforce these restrictions on non-HDCP compliancy (although, granted, they do make their own hardware and simply need to ensure that their systems are compliant).

    If you REALLY have an issue with how all of this works, then you have an issue with HDCP - NOT Vista.

    By Anonymous Anonymous, at 9:59 PM  

  • Or... let me think... you could always pirate.

    Which is really what's going to happen. Either Microsoft won't have the courage to push the shiny red button, and all that stuff will just weigh Vista down, or it's going to be piracy-for-everyone. I really don't see another logical outcome.

    By Anonymous Anonymous, at 10:02 PM  

  • The MPAA and RIAA have made legitimate users into criminals.

    I author DVDs on Apple computers. Apple has disabled screenshots whenever their DVD player is running, because obviously only pirates take screenshots of DVDs, right? Yet I need to take screenshots of the DVDs I make.

    Luckily Apple now runs UNIX (thank the gods!) The BSD core means that I can access a terminal (an app found in the Utilities directory) and enter a screenshot command which bypasses their OS lockout, so I can still take those shots.

    I wonder what will happen when HDCP hits Apple?

    I just don't know, but given what I have seen, it's a sure bet that legitimate users will have the most headaches.

    By Anonymous Robin Grant, at 12:47 AM  

  • I never liked Microsoft bashing, but Vista is just taking things too far. XP does everything I need, so wtf do I want Vista for? To make my life more difficult?

    I guess it's really time to switch to Linux. Linux users really seem to like it, and I don't think it will try to squeeze every last nickel out of me like Vista will.

    By Anonymous Anonymous, at 1:00 PM  

  • Anonymous #3-
    You're exactly right. The article attacks the content protection technology in Vista. It does not attack the larger idea of "content protection" (of which HDCP is indeed a part), rather the specific implementation of technologies in Vista itself. The paper "looks purely at the cost of the technical portions of Vista's content protection [Note A]. The political issues (under the heading of DRM) have been examined in exhaustive detail elsewhere and won't be commented on further, unless it's relevant to the cost analysis."

    HDCP, while being a closely related technology, is not relevant to the article, or this post. It's a piece of the larger puzzle that is out of this article's (and this post's) scope.

    From the HDCP specification document (.pdf):

    "HDCP 1.1 is designed for protecting Audiovisual content over certain high-bandwidth interfaces, referred to as HDCP-protected Interfaces, from being copied. In HDCP 1.1, the HDCP-protected Interfaces are Digital Visual Interface (DVI) and High Definition Multimedia Interface (HDMI)."

    HDCP is an authentication and encryption protocol that is designed to prevent interception, redirection and/or copying of an HD media stream as it passes across either DVI or HDMI.

    Yes, in order for a Vista box to work as an HDCP-compatible device, it has to conform to HDCP spec. HDCP does not, however, have any influence over the interactions between a motherboard and video card. Nor does it have anything to do with the "setting of tilt bits" or "driver revocation." Certificate or key revocation, yes. Driver revocation, no.

    And besides, this point is largely moot. The issue is not whether I (or Peter Gutmann) have a beef with HDCP. Having a beef with copy-protection in general (the technology described could easily be applied to other forms of DRM...hence the quote about Apple/iTunes) isn't even the real issue.

    The important thing is the slue of consequences and ancillary effects of Microsoft deploying this technology, and the way they have chosen to do so. It's why the paper has the title it has.

    By Blogger theMatt, at 2:42 AM  

  • Some technical details that have thus far been missing, that I will now add to the growing acronym soup:

    * Protected Video Path - Output Protection Management (PVP-OPM) makes sure that the PC's video outputs have the required protection or that they are turned off if such protection is not available.
    * Protected Video Path - User-Accessible Bus (PVP-UAB) provides encryption of premium content as it passes over the PCI Express (PCIe) bus to the graphics adapter. This is required when the content owner's policy regards the PCIe bus as a user-accessible bus.
    * Protected User Mode Audio (PUMA) is the new User Mode Audio (UMA) engine in the Windows Vista Protected Environment that provides a safer environment for audio playback, as well as checking that the enabled outputs are consistent with what the content allows.
    * Protected Audio Path (PAP) is a future initiative under investigation for how to provide encryption of audio over user accessible buses.

    This is the stuff that secures a media stream from a "premium content" reader device to an HDCP-compliant output. This is the stuff that Gutmann's paper looks at.

    Via a Microsoft white paper.

    By Blogger theMatt, at 3:41 AM  

  • To the guy that said;

    "Are you all really, really stupid? Or do you just not read all the facts before closing your minds?"

    Obviously sales and Marketing for Microsoft.

    By Anonymous Anonymous, at 9:11 AM  

  • this is a serious riaa/mpaa issue- they need to go down- and I am saying this as a musician who hates mac and doesn't have the apps support for what I do in linux- when it comes down to it for those of us that do audio/video on the pc, you are robbing peter to pay paul when it comes to these people. they try to bully everyone into giving them money and when things go the wrong way they bully someone else- personally I would like to see more things move online- the pirates have it right and the way I see it the only way that we don't run into a huge mess is to start realizing that reasonable monthly subscriptions and ad support through online distribution will be the way for the entertainment industry to survive. on the average I go to see 1-3 movies in the theater a year why, because rather than punking out 15 bucks to see a movie, unless it is something that I REALLY want to see now, i'll wait and netflix it- now if I had an all you can eat buffet of legal content online- If I paid 15-20 a month for it the mpaa would get a ton more than I am giving them right now- the mpaa gets banner ad $ in addition and doesn't have to crap all over my hardware and software to do it. we are in an age where we are supposed to be moving forward and instead are trying moving back to a time when things were less compatable- hardware and software specific, code specific and will generally decapitate itself and end up making linux the winning OS in all of this unless people stop cowtowing to the entertainment corporations (not just microsoft but the gov't and hardware manufacurers) and start finding ways to decrease piracy by pirating themselves first and closing a profit on the deal instead of trying to stand in the doorway and push ppl out of the way

    By Anonymous Anonymous, at 2:42 AM  

  • Microsoft puts a shotgun into it's mouth and pulls the trigger.

    Good riddance to the evil Micro$oft scum.

    By Blogger Masher1, at 11:20 AM  

  • Just a side note: The US government assisted Microsoft in developing Vista, per the Washington Post, InformationWeek, and Computer World.
    Read more here:
    http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9007719 http://www.theinquirer.net/default.aspx?article=36814

    By Blogger fallout11, at 1:49 PM  

Post a Comment

Links to this post:

Create a Link

<< Home