29 Reasons to Not Get Vista

Microsoft Windows Vista hits (assaults) consumers on 30 January 2007. Starting with New Years Day that gives you twenty nine days to think about the big mistake you're about to make.

Every day of January 2007 until Microsoft Windows Vista is released you can read yet another good reason why it's not a good idea to get it.

24 January 2007 Reason #24: Vista Content Protection.

Dr Peter Gutmann has studied the Vista content protection system in detail - the primary reason Vista has been delayed so many years. He calls it 'the longest suicide note in history'. Vista content protection is going to tear away at your rights and your comfort and leave you at a disadvantage like no system ever before.

Dr Gutmann's paper 'A Cost Analysis of Windows Vista Content Protection' is a bit technical but it's possible to read and absorb. And if you care about your rights you owe it to yourself.

Executive Executive Summary

'The Vista Content Protection specification could very well constitute the longest suicide note in history.'

Disabling of Functionality

'Vista's content protection mechanism only allows protected content to be sent over interfaces that also have content protection facilities built in.' This means that even if you are not using Vista you will be affected.

Indirect Disabling of Functionality

'As well as overt disabling of functionality, there's also covert disabling of functionality.'

Decreased Playback Quality

'Vista requires that any interface that provides high quality output degrade the signal quality that passes through it.' Best to read that again: any signal passing through tomorrow's components and devices will be programmatically degraded. This after years of research to make reproduction as high quality as possible.

The Microsoft specs call for degradation on the order of 'slightly fuzzy video' and audio that's 'fuzzy with less detail'.

And this can have disastrous effects beyond the home entertainment industry. The field of medical imaging either bans outright or strongly frowns on any form of lossy compression: artifacts introduced by the compression process can cause misdiagnoses and in extreme cases even become life threatening.

Elimination of Open Source Hardware Support

'In order to prevent the creation of hardware emulators of protected output devices, Vista requires a Hardware Functionality Scan (HFS) that can be used to uniquely fingerprint a hardware device to ensure that it's (probably) genuine.'

But to make this possible - without the risk of hijacking - the operational details of devices must be kept confidential.

'Obviously anyone who knows enough about the workings of a device to operate it and to write a third party driver for it will also know enough to fake the HFS process. The only way to protect the HFS process therefore is to not release any technical details on the device beyond a minimum required for website reviews and comparison with other products'.

Elimination of Unified Drivers

'Since HFS requires unique identification and handling of not just each device type but of each variant of each device type to handle the situation where a problem is found with one variation of a device, it's no longer possible to create one size fits all drivers for an entire range of devices.'

Component manufacturers can no longer use the 'one size fits all' method of design. Each and every device, whether it be targeted for the low price market or the high price market, must have its own unique design.

Denial of Service via Driver Revocation

'Once a weakness is found in a particular driver or device, that driver will have its signature revoked by Microsoft, which means that it will cease to function.'

And not just in the local machine either.

'A report of a compromise of a particular driver or device will cause all support for that device worldwide to be turned off until a fix can be found.'

Peter comments.

'Driver revocation is the ultimate nuclear option, the crack of the commissars' pistols reminding the faithful of their duty. The exact details of the hammer that vendors will be hit with is buried in confidential licensing agreements, but I've heard mention of multimillion dollar fines and embargos on further shipment of devices alongside the driver revocation mentioned above.'

Decreased System Reliability

'Vista's content protection requires that devices set so-called 'tilt bits' if they detect anything unusual.'

Innocuous things modern systems are designed to cope with - voltage fluctuations, jitter on buses, unusual function return or register values - will all trigger the setting of these 'tilt bits'.

'Every little glitch is suddenly surfaced because it could be a sign of a hack attack. The effect that this will have on system reliability should require no further explanation.'

And for hackers this becomes a carte blanche to do whatever they want - under the protection of the DMCA.

'Even without deliberate abuse by malware, the homeland security implications of an external agent being empowered to turn off your IT infrastructure in response to a content leak discovered in some chipset that you coincidentally happen to be using is a serious concern.'

'Non-US governments are already nervous enough about using a US supplied operating system without having this remote DOS capability built in.'

Increased Hardware Costs

'Possibly for the first time ever, computer design is being dictated not by electronic design rules, physical layout requirements, and thermal issues, but by the wishes of the content industry.'

Increased Cost Due to Requirement to License Unnecessary Third Party IP

'Protecting all of this precious premium content requires a lot of additional technology. Unfortunately much of this is owned by third parties and requires additional licensing.'

'In order to demonstrate their commitment to the cause, Microsoft have recommended as part of their 'robustness rules' that vendors license third party code obfuscation tools to provide virus like stealth capabilities for their device drivers in order to make it difficult to interfere with their operations or reverse engineer them.'

Unnecessary CPU Resource Consumption

'In order to prevent tampering with in-system communications, all communication flows have to be encrypted and/or authenticated. This requirement extends beyond basic content encryption to encompass not just data flowing over various buses but also command and control data flowing between software components.'

'In order to prevent active attacks, device drivers are required to poll the underlying hardware every 30ms to ensure that everything appears kosher. This means that even with nothing else happening in the system, a mass of assorted drivers have to wake up thirty times a second just to ensure that 'nothing' continues to happen.'

But it gets worse. Pay particularly close attention here.

'On-board graphics create an additional problem in that blocks of precious content will end up stored in system memory, from where they could be paged to disk. In order to avoid this, Vista tags such pages with a special protection bit indicating that they need to be encrypted before being paged out and decrypted again after being paged in.'

'Vista doesn't provide any other pagefile encryption, and will quite happily page banking PINs, credit card details, private, personal data, and other sensitive information, in plain text. The content protection requirements make it fairly clear that in Microsoft's eyes a frame of premium content is worth more than a user's medical records or their banking PIN.'

Final Thoughts

At the end of all this, the question remains: why is Bill Gates going to this much trouble? Peter sees only one explanation.

'Microsoft will totally control the premium content distribution channel. Not only will they be able to lock out any competitors, but because they will then represent the only available distribution channel they'll be able to dictate terms back to the content providers whose needs they are nominally serving.'

'The result will be a technologically enforced monopoly that makes their current de facto Windows monopoly seem like a velvet glove in comparison.'

'There is simply no escape. Whether you use Windows Vista, Windows XP, Windows 95, Linux, FreeBSD, OS X, Solaris (on x86), or almost any other OS, Microsoft's content protection will make your hardware more expensive, less reliable, more difficult to program for, more vulnerable to hostile code, and with more compatibility problems.'

As a final note Peter writes the following.

'If I do ever want to play back premium content, I'll wait a few years and then buy a $50 Chinese made set-top player to do it, not a $1000 Windows PC. It's somewhat bizarre that I have to go to Communist China in order to find vendors who actually understand the consumer's needs.'

If Vista dies in the marketplace, Bill Gates' latest scheme for world domination comes to naught; if it doesn't - if you go out and buy your copy on 30 January - then we all suffer.