Vista's Suicide Bomb: who gets hurt?

Mostly Wintel, we reckon

Website security in corporate America

Analysis So have fun fighting the battle against CPRM and alike but please do not be surprised when you fail, after all the war has been lost, long live the new world order: proprietary devices, proprietary interfaces, copy protection, limited functionality, and prepare you credit card accounts for all those monthly rental and service charges you will be paying for every "computer controller consumer electronics device" you use.

 - Hale Landis, March 2001

If you read just one thing over the holiday break, make sure it's Peter Gutmann's cost analysis of Windows Vista, that we noted here. It's an eye opening 20 minutes.

Gutmann describes in great detail the various measures Microsoft has taken to lock down Windows on behalf of Hollywood. This isn't a comprehensive look at all of Vista's DRM - Gutmann barely touches on Microsoft's new activation framework; this is beyond the scope of his enquiry.)

To recap: in order to playback HD-DVD and BluRay content, Microsoft agreed to degrade video and audio functionality in Windows. Gutman points out that when "premium" content is being played, component video - YPbPr - and S/PDIF interfaces are disabled. Third party hardware that fails to obey these orders may have its be "certified" status revoked by Microsoft - leaving the user with minimal (eg VGA) functionality.

Additional hardware specifications decreed by Microsoft, which are intended to alert the system that the "secure path" may have been compromised, open up a potentially devastating new vulnerability for net-connected PCs. As Gutman describes it -

Vista's content protection requires that devices (hardware and software drivers) set so-called "tilt bits" if they detect anything unusual. For example if there are unusual voltage fluctuations, maybe some jitter on bus signals, a slightly funny return code from a function call, a device register that doesn't contain quite the value that was expected, or anything similar, a tilt bit gets set. Such occurrences aren't too uncommon in a typical computer... Previously this was no problem - the system was designed with a bit of resilience, and things will function as normal. In other words small variances in performance are a normal part of system functioning.

This creates a new attack vector for malware:

Non-US governments are already nervous enough about using a US-supplied operating system without having this remote DoS capability built into the operating system.

With the introduction of tilt bits, all of this designed-in resilience is gone. Every little (normally unnoticeable) glitch is suddenly surfaced because it could be a sign of a hack attack. The effect that this will have on system reliability should require no further explanation.

In short, the Vista specifications explicitly cripple the PC. We say "specifications" quite deliberately, for in a sense this is a game of chicken.

This DRM only affects the playback of next-generation DVDs; which isn't a real problem for anyone quite yet: players cost $1,000 at the moment and there's next to no content available for them. In the coming few months, far more ordinary users will be affected by the DRM designed to prevent unlicensed use of Windows itself, than by these Hollywood mandates.

Nevertheless, Gutmann calls Vista multimedia DRM the "longest suicide note in history" - a phrase with some resonance to British voters [***].

This is evocative, but perhaps errs on the side of understatement. It may be more accurate to think of Vista's DRM as a suicide bomber waiting to go on his mission. For if and when Windows Vista optical multimedia DRM is activated, it destroys Windows Vista DRM reputation in the market as a multimedia playback device. The blowback will be felt most by Microsoft, the PC industry, and third party hardware manufacturers. In other words, the biggest loser would be the Windows market.

Quite rightly, Gutmann points out immediate disadvantages - such as the increased cost to hardware manufacturers who have been obliged to "secure" their digital pathways because Hollywood and the CE industry couldn't be bothered to secure their own. (The i/o interface S/PDIF is wide open). This is a cost which is passed on to consumers, whether we use the functionality or not.

DRM explodes - not many dead?

But if implemented, and the "big switch" is finally turned on, how much would it really matter?

Often discussions about DRM degenerate into self-serving hysteria about "the end of culture". So we're grateful that Gutmann took the time to state a fact so obvious, that it's often overlooked:

"If I do ever want to play back premium content," he wrote, "I'll wait a few years and then buy a $50 Chinese-made set-top player to do it, not a $1000 Windows PC. It's somewhat bizarre that I have to go to Communist China in order to find vendors who actually understand the consumer's needs."

Quite so. (I hardly think my "culture" is being thwarted when I can simply slip my over-priced next-generation DVD into an over-prived next-generation DVD player. Or download the file via Bittorrent.)

Compromising the open PC platform for the sake of playing back BluRay and HD-DVD simply nukes the PC in the consumer electronics market - but that's somewhere it arguably should never have been in the first place. Despite Wintel's best efforts, the PC makes for a lousy home entertainment hub. It's still too fussy, complicated and expensive: a case of technological overkill driven solely by the vendors, led by Microsoft and Intel.

Exactly six years ago, we broke the story of what was (and perhaps still is) the most nefarious stunt ever attempted on the open PC platform: the attempt to add CPRM into the specification for industry-standard hard drives, ATA. This provided a mechanism for content producers to lock down media to a specific machine, and would have arrived on the market by stealth. After the resulting outcry, the plans were dropped, and CPRM lives on as the standard DRM for removable flash media such as SD cards.

Consumers are now better educated, and we can be far more confident that a restricted PC will land on the market with a dull thud - and never be heard of again.

But some of the issues remain, not least for free software authors. As Richard M Stallman eloquently described it at the time:

"If users accept the domination of centrally-controlled data, free software faces two dangers, each worse than the other: [our emphasis] that users will reject GNU/Linux because it doesn't support the central control over access to these data, or that they will reject free versions of GNU/Linux for versions "enhanced" with proprietary software that support it. Either outcome will be a grave loss for our freedom."

But we'd be more confident if consumer groups and governments kept the manufacturers to a minimum standard of disclosure. For the market to arrive at an informed buying decision, it needs all the information.

So should Vista DRM require such technical counter-measures to play next-generation DVDs, then so be it: but these must be marketed as such.

And despite protests, Microsoft has proved itself perfectly able to produce a "reduced functionality" - in its own words - version of Windows on demand. It once cheerfully produced a version that didn't boot at all, for a US district judge.

Naturally, this reduced functionality version should be marketed separately. We suggest clear labelling - such as putting the shrink-wrap version in a BioHazard bag.

And the name? "Windows Vista SE".

For "Suicide Edition", of course. ®

Bootnote The phrase is attributed to right-wing Labour MP Gerard Kaufmann describing his party's 1983 election manifesto.

Protecting users from Firesheep and other Sidejacking attacks with SSL

More from The Register

next story
Early result from Scots indyref vote? NAW, Jimmy - it's a SCAM
Anyone claiming to know before tomorrow is telling porkies
TOR users become FBI's No.1 hacking target after legal power grab
Be afeared, me hearties, these scoundrels be spying our signals
Home Depot: 56 million bank cards pwned by malware in our tills
That's about 50 per cent bigger than the Target tills mega-hack
Hackers pop Brazil newspaper to root home routers
Step One: try default passwords. Step Two: Repeat Step One until success
NORKS ban Wi-Fi and satellite internet at embassies
Crackdown on tardy diplomatic sysadmins providing accidental unfiltered internet access
UK.gov lobs another fistful of change at SME infosec nightmares
Senior Lib Dem in 'trying to be relevant' shocker. It's only taxpayers' money, after all
Critical Adobe Reader and Acrobat patches FINALLY make it out
Eight vulns healed, including XSS and DoS paths
Spies would need SUPER POWERS to tap undersea cables
Why mess with armoured 10kV cables when land-based, and legal, snoop tools are easier?
prev story


Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
The next step in data security
With recent increased privacy concerns and computers becoming more powerful, the chance of hackers being able to crack smaller-sized RSA keys increases.