Peter Gutman’s A Cost Analysis of Windows Vista Content Protection should be required reading for anybody in the technology business. It’s an analysis of the way Microsoft’s devotion to ‘content protection’ is crippling the PC of the future.
It should also give pause to those thinking of building a media-centre around Microsoft technologies in the New Year, or of upgrading their PC to one based on Vista.
The good news is that you may be able to play Hollywood movies in high-definition on your Vista machine (as opposed to, say, on a dedicated DVD player). The bad news is that almost everything else about the PC platform will be made worse as a result.
Here are a few extracts:
Vista’s content protection mechanism only allows protected content to be sent over interfaces that also have content-protection facilities built in. Currently the most common high-end audio output interface is S/PDIF (Sony/Philips Digital Interface Format). Most newer audio cards, for example, feature TOSlink digital optical output for high-quality sound reproduction, and even the latest crop of motherboards with integrated audio provide at least coax (and often optical) digital output. Since S/PDIF doesn’t provide any content protection, Vista requires that it be disabled when playing protected content. In other words if you’ve sunk a pile of money into a high-end audio setup fed from an S/PDIF digital output, you won’t be able to use it with protected content.
The requirement to disable audio and video output plays havoc with standard system operations, because the security policy used is a so-called “system high” policy: The overall sensitivity level is that of the most sensitive data present in the system. So the instant any audio derived from premium content appears on your system, signal degradation and disabling of outputs will occur. What makes this particularly entertaining is the fact that the downgrading/disabling is dynamic, so if the premium-content signal is intermittent or varies (for example music that fades out), various outputs and output quality will fade in and out, or turn on and off, in sync.
Consider a medical IT worker who’s using a medical imaging PC while listening to audio/video played back by the computer (the CDROM drives installed in workplace PCs inevitably spend most of their working lives playing music or MP3 CDs to drown out workplace noise). If there’s any premium content present in there, the image will be subtly altered by Vista’s content protection, potentially creating exactly the life-threatening situation that the medical industry has worked so hard to avoid. The scary thing is that there’s no easy way around this – Vista will silently modify displayed content…
Once a weakness is found in a particular driver or device, that driver will have its signature revoked by Microsoft, which means that it will cease to function (details on this are a bit vague here, presumably some minimum functionality like generic 640×480 VGA support will still be available in order for the system to boot). This means that a report of a compromise of a particular driver or device will cause all support for that device worldwide to be turned off until a fix can be found….
If a particular piece of hardware is deactivated (even just temporarily while waiting for an updated driver to work around a content leak) and you swap in a different video card or sound card to avoid the problem, you risk triggering Windows’ anti-piracy measures, landing you in even more hot water.
In order to prevent active attacks, device drivers are required to poll the underlying hardware every 30ms to ensure that everything appears kosher. This means that even with nothing else happening in the system, a mass of assorted drivers has to wake up thirty times a second just to ensure that… nothing continues to happen.
and from the FAQ:
4. Microsoft is only doing this because Hollywood/the music industry is forcing them to.
“We were only following orders” has historically worked rather poorly as an excuse, and it doesn’t work too well here either. While it’s convenient to paint an industry that sues 12-year-old kids and 80-year-old grandmothers as the scapegoat, no-one’s holding a gun to Microsoft’s head to force them do this. The content industry is desperate to get its content onto PCs, and it would have quite easy for Microsoft to say “Here’s what we’ll do with Vista, take it or leave it. We won’t seriously cripple our own and our business partners’ products just to suit your fancy”. In other words they could make it clear to Hollywood who’s the tail and who’s the dog.
I also liked this quote from a reader:
“The [copy protection mechanisms] will serve to make the illegal product the most full featured and least restrictive, and thus the most attractive to the consumer. Add in the expense of buying new equipment to vew the legal content (when existing equipment is perfectly capable) and the performance drain imposed by in-line encryption/decryption and they’ve put out the biggest incentive to piracy yet”
This type of thing should really be the start of the end for Windows, at least as a media platform, but it won’t be. When you have a monopoly, you can dictate the terms, however damaging they may be to the industry as a whole.
It’s been a very long time since any significant innovation came out of Microsoft (despite lots of good people doing great stuff inside the company – just search this blog for some examples). For most of the last few years it has simply been a drag on the industry – a giant sea-anchor burning up resources and slowing things down. But this is, perhaps, the biggest set of handicaps they’ve imposed on the IBM PC architecture, whose very openness was largely responsible for their success in the first place.
Oh, and even playing regular DVDs, which you legally own, is illegal in France, starting today, if you do it with one of the top two Open Source DVD-playing applications.
With all of this in the pipeline, it’s good to hear that the first stage in cracking the copy protection on HD-DVD has been completed. There’s a fair bit more still to be done, but this is a step in the right direction. The guy who posted the source code gave his motivations:
I just bought a HD-DVD drive to plug on my PC, and a HD movie, cool! But when I realized the 2 software players on windows don’t allowed me to play the movie at all, because my video card is not HDCP compliant and because I have a HD monitor plugged with DVI interface, I started to get mad… This is not what we can call “fair use”! So I decide to decrypt that movie. I start reading the AACS specification I have found on the net. I estimate it will take me about 4 weeks of full time job to decrypt that. I was wrong, it was in fact, easy…
BTW, when I disable my HD monitor, I can watch the movie, on my old VGA screen, but, what is the point of having a HD monitor and not being able to watch a HD movie on it!
Precisely.
[…] I know one is not supposed to start the year on a gloomy note, but Quentin has a really gloomy post about the implications of the DRM measures built into Vista. Peter Gutman’s A Cost Analysis of Windows Vista Content Protection should be required reading for anybody in the technology business. It’s an analysis of the way Microsoft’s devotion to ‘content protection’ is crippling the PC of the future. […]
[…] Quentin Stafford-Fraser (British web pioneer, who helped devise the first webcam) points to a frightening article by Peter Gutman about “Microsoft’s devotion to ‘content-protection’”. From Peter’s executive summary: Windows Vista includes an extensive reworking of core OS elements in order to provide content protection for so-called “premium content”, typically HD data from Blu-Ray and HD-DVD sources. Providing this protection incurs considerable costs in terms of system performance, system stability, technical support overhead, and hardware and software cost. These issues affect not only users of Vista but the entire PC industry, since the effects of the protection measures extend to cover all hardware and software that will ever come into contact with Vista, even if it’s not used directly with Vista (for example hardware in a Macintosh computer or on a Linux server). […]