About | Buy Stuff | News | Products | Rants | Search | Security
Home » News » Roundups

$eason$ Greeding$ from Micro$oft

You thought you knew him?

The 2006 holiday season promised to be an especially enjoyable one - no new version of Microsoft Windows available. Despite the Vista system being completed months ago, there's been considerable delay in getting it to market.

By the time Microsoft were on trial in Washington DC the browser war was over and Microsoft were the victor. Using every dirty trick in the book - and even a few new tricks not found in the books - Bill Gates had managed to eliminate the threat posed by Apple, Netscape, and Sun Microsystems, and any rap on the knuckles by TP Jackson was that and no more.

As Microsoft execs have long intimated, such legal repercussions - even the multimillion dollar lawsuits and the EU imposed fines - are merely a cost of doing business 'the Microsoft way'.

And no sooner had Microsoft eliminated the threat than development of their Internet Explorer web browser came to a standstill. A project based on code obtained from Spyglass on curious royalty conditions - effectively granting Microsoft the code for free - it had never had any intentions of recovering research and development costs. Internet Explorer was never sold - and so no need to pay Spyglass for their contribution - but the total bill for its development ended up at more than $5 billion.

All the while surfers still using Microsoft Windows and the Internet Explorer browser found themselves more and more behind the times. Tabbed browsing was introduced - but IE users couldn't have it. PNG transparency - introduced nearly ten years ago - has been available all along with every browser except Internet Explorer yet even this minor code modification was considered 'not worth it'.

And when it came to standards, Internet Explorer fell even farther behind. The tales of woe told by webmeisters were unending, special CSS code snippets specifically for IE littering otherwise straightforward web pages.

And in terms of user security, Internet Explorer continued to be a nightmare above and beyond the normal portion of leaks available on the platform itself.

And all the while Microsoft did nothing. Under the aegis of Bill Gates Microsoft were instructed to do nothing. Creating a satisfactory browser was no longer a priority as the competition were irrevocably gone. In fact creating a satisfactory browser had never been a concern: Gates' only concern had been to keep intruders out of his monopoly. And he'd succeeded - and all the fines and verdicts slapped on him changed nothing.

Meanwhile, as Netscape became Mozilla became Firefox and people saw a ray of hope that alternative browsers would again find market share, as the Firefox people purchased expensive ads in the New York Times, as Firefox market share did in fact take off, Bill Gates was somewhere else.

Bill Gates was concentrating on DRM: digital rights management. Winning a browser war was no longer important - he'd won. And so for the past five years or more he's been working on a new system - to be released next month - that will, in the words of Peter Gutmann, make the browser war look like a 'velvet glove'.

With Vista Bill Gates has crafted a blueprint for a brave new world of the digital age: a world where you the user have little or no control, where your costs skyrocket, where your quality of living suffers dramatically, where your personal interests are still arrogantly ignored - and where Bill Gates, that humanitarian cited by countless idiots over the past few years, will complete his domination of not only the IT industry but his effective coup of much of the electronic world and everyday life.

It's not about money anymore - it can't be about money: Bill Gates is already the richest person on the planet. No, for anyone to go to these great lengths and to make people suffer so ignominiously for next to nothing, one must be obsessed with power and power alone.

A Cost Analysis

Noted technology expert Peter Gutmann of the University of Auckland New Zealand has come out with a paper entitled 'A Cost Analysis of Windows Vista Content Protection'. You can download it at the URL below. The paper is somewhat technical but not prohibitively so; anyone should be able to understand it and it is in everyone's best interests to read it.


What follows is a brief summary of Peter Gutmann's paper. The paper is based not only on the Microsoft specification but on confidential reports from within both Microsoft and several component manufacturing companies.

Executive Summary

'Windows Vista includes an extensive reworking of core OS elements in order to provide content protection for so-called 'premium content', typically HD data from Blu-Ray and HD-DVD sources. Providing this protection incurs considerable costs in terms of system performance, system stability, technical support overhead, and hardware and software cost. These issues affect not only users of Vista but the entire PC industry, since the effects of the protection measures extend to cover all hardware and software that will ever come into contact with Vista, even if it's not used directly with Vista.'

Executive Executive Summary

'The Vista Content Protection specification could very well constitute the longest suicide note in history.'

Disabling of Functionality

'Vista's content protection mechanism only allows protected content to be sent over interfaces that also have content protection facilities built in.' This means that even if you are not using Vista you will be affected.

Indirect Disabling of Functionality

'As well as overt disabling of functionality, there's also covert disabling of functionality.'

Decreased Playback Quality

'Vista requires that any interface that provides high quality output degrade the signal quality that passes through it.' Best to read that again: any signal passing through tomorrow's components and devices will be programmatically degraded. This after years of research to make reproduction as high quality as possible.

The Microsoft specs call for degradation on the order of 'slightly fuzzy video' and audio that's 'fuzzy with less detail'.

And this can have disastrous effects beyond the home entertainment industry. The field of medical imaging either bans outright or strongly frowns on any form of lossy compression: artifacts introduced by the compression process can cause misdiagnoses and in extreme cases even become life threatening.

Elimination of Open Source Hardware Support

'In order to prevent the creation of hardware emulators of protected output devices, Vista requires a Hardware Functionality Scan (HFS) that can be used to uniquely fingerprint a hardware device to ensure that it's (probably) genuine.'

But to make this possible - without the risk of hijacking - the operational details of devices must be kept confidential.

'Obviously anyone who knows enough about the workings of a device to operate it and to write a third party driver for it will also know enough to fake the HFS process. The only way to protect the HFS process therefore is to not release any technical details on the device beyond a minimum required for website reviews and comparison with other products'.

Elimination of Unified Drivers

'Since HFS requires unique identification and handling of not just each device type but of each variant of each device type to handle the situation where a problem is found with one variation of a device, it's no longer possible to create one size fits all drivers for an entire range of devices.'

Component manufacturers can no longer use the 'one size fits all' method of design. Each and every device, whether it be targeted for the low price market or the high price market, must have its own unique design.

Denial of Service via Driver Revocation

'Once a weakness is found in a particular driver or device, that driver will have its signature revoked by Microsoft, which means that it will cease to function.'

And not just in the local machine either.

'A report of a compromise of a particular driver or device will cause all support for that device worldwide to be turned off until a fix can be found.'

Peter comments.

'Driver revocation is the ultimate nuclear option, the crack of the commissars' pistols reminding the faithful of their duty. The exact details of the hammer that vendors will be hit with is buried in confidential licensing agreements, but I've heard mention of multimillion dollar fines and embargos on further shipment of devices alongside the driver revocation mentioned above.'

Decreased System Reliability

'Vista's content protection requires that devices set so-called 'tilt bits' if they detect anything unusual.'

Innocuous things modern systems are designed to cope with - voltage fluctuations, jitter on buses, unusual function return or register values - will all trigger the setting of these 'tilt bits'.

'Every little glitch is suddenly surfaced because it could be a sign of a hack attack. The effect that this will have on system reliability should require no further explanation.'

And for hackers this becomes a carte blanche to do whatever they want - under the protection of the DMCA.

'Even without deliberate abuse by malware, the homeland security implications of an external agent being empowered to turn off your IT infrastructure in response to a content leak discovered in some chipset that you coincidentally happen to be using is a serious concern.'

'Non-US governments are already nervous enough about using a US supplied operating system without having this remote DOS capability built in.'

Increased Hardware Costs

'Possibly for the first time ever, computer design is being dictated not by electronic design rules, physical layout requirements, and thermal issues, but by the wishes of the content industry.'

Increased Cost Due to Requirement to License Unnecessary Third Party IP

'Protecting all of this precious premium content requires a lot of additional technology. Unfortunately much of this is owned by third parties and requires additional licensing.'

'In order to demonstrate their commitment to the cause, Microsoft have recommended as part of their 'robustness rules' that vendors license third party code obfuscation tools to provide virus like stealth capabilities for their device drivers in order to make it difficult to interfere with their operations or reverse engineer them.'

Unnecessary CPU Resource Consumption

'In order to prevent tampering with in-system communications, all communication flows have to be encrypted and/or authenticated. This requirement extends beyond basic content encryption to encompass not just data flowing over various buses but also command and control data flowing between software components.'

'In order to prevent active attacks, device drivers are required to poll the underlying hardware every 30ms to ensure that everything appears kosher. This means that even with nothing else happening in the system, a mass of assorted drivers have to wake up thirty times a second just to ensure that 'nothing' continues to happen.'

But it gets worse. Pay particularly close attention here.

'On-board graphics create an additional problem in that blocks of precious content will end up stored in system memory, from where they could be paged to disk. In order to avoid this, Vista tags such pages with a special protection bit indicating that they need to be encrypted before being paged out and decrypted again after being paged in.'

'Vista doesn't provide any other pagefile encryption, and will quite happily page banking PINs, credit card details, private, personal data, and other sensitive information, in plain text. The content protection requirements make it fairly clear that in Microsoft's eyes a frame of premium content is worth more than a user's medical records or their banking PIN.'

Final Thoughts

At the end of all this, the question remains: why is Bill Gates going to this much trouble? Peter sees only one explanation.

'Microsoft will totally control the premium content distribution channel. Not only will they be able to lock out any competitors, but because they will then represent the only available distribution channel they'll be able to dictate terms back to the content providers whose needs they are nominally serving.'

'The result will be a technologically enforced monopoly that makes their current de facto Windows monopoly seem like a velvet glove in comparison.'

'There is simply no escape. Whether you use Windows Vista, Windows XP, Windows 95, Linux, FreeBSD, OS X, Solaris (on x86), or almost any other OS, Microsoft's content protection will make your hardware more expensive, less reliable, more difficult to program for, more vulnerable to hostile code, and with more compatibility problems.'

As a final note Peter writes the following.

'If I do ever want to play back premium content, I'll wait a few years and then buy a $50 Chinese made set-top player to do it, not a $1000 Windows PC. It's somewhat bizarre that I have to go to Communist China in order to find vendors who actually understand the consumer's needs.'

About | Buy | News | Products | Rants | Search | Security
Copyright © Radsoft. All rights reserved.