Slashdot Mirror
Microsoft Ties DRM Technology To Windows
Andy Tai writes: "This InteractiveWeek article describes how Microsoft, without much public attetion, has built multimedia content protection technology into Windows, thus encouraging the movie and music industries to adapt the Windows Media formats for their content. Microsoft's offering is not very different from other DRM (Digital Rights Management) technologies, but MS has the advangage of being able to place it in the OS, which gives it credibility in the eyes of content providers. 'What's novel is that it's built directly into (Windows Media) that is quickly gaining ground on its own, and that the two (DRM and media) technologies are inextricably linked. The technologies, in turn, are being set deeply into the Windows operating system. Other technologies being built into Windows further boost content-protection features, such as the so-called Secure Audio Path, which scrambles output from a computer sound card so that music streams can't be tapped and copied at that point.'"
Now you certainly aren't going to be watching Windows Media under linux...
Actually, the Windows Media Format is properly known as ASF - Advanced/Active Streaming Format. Microsoft claims the codec is open and documented - which is true, in an MS like way...i.e, without a licensing agreement and NDA, the only publicly avaliable documents descrive ASF version 2. This would bea good thing if 100% of the content found on the Internet wasn't in ASF 1 format, which is is.
Luckily some smart folk have reverse engineered and documented the ASF 1 format and are using it to make the avifile project (which currently plays DivXs and ASF using thin layer of Wine to implement the Win32 avifile API) actually implement its codecs natively.
This is a good thing. So help them out.
And don't make a player. We have enough. Port more codecs and fix the existing players.
Have you ever programmed a sound card?
Ultimately, there is a 16-bit hardware register which receives this 1/44000sec sample of sound level, which will soon be converted to a voltage, amplified, and fed to your speakers.
Have you ever designed a hardware peripheral? The CPU puts an address on a bus which announces to any piece of hardware in the machine that there is data on the data bus which might be of interest to it. The CPU does not know and does not care which or how many devices grab the output of a write, and if multiple devices respond to a read there is nothing it can do to stop the resulting data corruption when both devices try to assert an answer at the same time.
Unless, as another poster has suggested, the decrypter is built into the DAC, which would be a radical change of architecture requiring (at minimum) for everyone in the world to buy a new sound card, there is nothing at all the industry can do to stop you from adding a piggyback card to pick off the outgoing audio stream and make it available to some other totally unrelated piece of software for recording. This requires a board to be built, which is why it is called a hardware hack.
Picking off the sound at the driver is a software hack, and it is remotely possible that uSoft might prevent you from doing this for, oh, a few months until someone hacks the OS itself and provides a patch which prevents it from realizing that output is going to unsigned drivers. Unless uSoft decides to encrypt the whole damn operating system, there isn't much they can do to prevent this, either.
Brackets contain world's first nanosig, highly magnified:[.]
Are the corporations going to hand over the keys to the public so we can copy the music freely? Are they going to fulfill their side of the social contract that copyright is supposed to be - a limited period of monopoly in return for the public good? If their past exploits are any indication, they'll just keep buying politicans to extend the "limited" term of copyright in perpetuity, and if you choose to listen to the music of your ancient forebears you'll pay whatever they demand.
In Britain in 1534, as the printing press became more available, the Crown made it illegal for anyone to publish without a license. In 1557, the Crown granted a monopoly to the Stationers' Company - only one guild had sole right to publish books, by royal decree, in return for censoring any works the Crown disapproved of. It didn't matter if the authors had been dead for a thousand years, only the guild could publish their work. It didn't matter if the authors were alive and well either!
See any similarities in where we're heading? It's congress instead of royalty, and corporations instead of a guild, but only the names have changed.
I found it interesting to discover that the Stationers' Company still exists today, more than four hundred years since its incorporation. Maybe if I manage to live that long, I'll be able to listen to music created today without having to pay a corporation for the privilege. Oh, wait. I'll still need the decryption keys.
Sorry, but you're making the all-too-common on /. mistake WRT Windows. Not that I blame those who make it, because you're already living with Linux, so you don't come from the same perspective as a Windows user or even a (shudder) Mac user.
/. This was ~late 1998/early 99. I'd been reading /. based on the recommendation by a Linux-running friend. For more than two years now, I have known about Linux, and have dabbled in Linux, but never switched, even though I agree with much of the philosophy behind it and would on some levels like to switch. So, I just got my new computer, a KT7-RAID with a proc that easily overclocks to 1GHz without even getting as hot as my old k6-2 did at its measly 400MHz--in honor of the occasion I backed up all my data files onto the new HD and reformatted my two old small ones. What operating system did I choose to install as my main one? I had copies of Windows 98SE, Win2k, Win 2k Advanced Server (pirated, of course), and recent versions of Mandrake, Corel Linux, BeOS, and some other various stuff.
.rtf or text. Likewise, betwen Media Player and RealPlayer I can open all the audio formatsI'm likely to run across--but even so, since I'm used to WinAMP and have used it since before it was bought by AOL, I still use the latest WinAMP to play mp3s. And even though any of the three players I just mentioned can now play audio CDs, I still install Virtuosa to play them for me, because it's what I've always used, I like it, and it works and is pretty while doing so. I use ACDSee to view image files, IrfanView to open weird formats that ACDSee can't decode, and have done so for years. I edit images with an older version of Photoshop, though I do use the Win32 port of GiMP for some of its special script-fu. I use Scramdisk for security and GetRight for managing downloads, WinZip and WinRAR to uncompress stuff. It's what I'm used to and I can operate any one of these apps without even thinking about it, andsince I'm just an end user who only needs a few hours at a time with his computer I haven't seen a single BSOD in over a year if you discount the few times I've put a badly damaged CD in the drive and ejected it while Windows was still trying to read it since it was taking too long to try. Even though I do video capture and use my PC as my DVD player, I still never have BSODs or conflicts or any other stereotypical Windows ills, except for that CD problem I mentioned. Now, with all this experience invested, why would I want to switch to Linux and have to pick out apps all over again, basically starting from scratch and throwing away all my former computer experience?
/., and do it every day, for more than 2 years. Yes, I agree with most of the philosophy expressed here against the practices of certain patently unethical corporations. I don't buy Intel, beause I can just buy AMD and still run the apps I'm used to. I hate Disney, so I don't buy Disney stuff--I get other types of toys for the kids. I support the EFF monetarily. Etc. etc. But, even though I dislike the tactics used against Netscape and OS/2 and the other tresspasses of Microsoft, I still use Windows because it works, it's unified, standardized, and above all else it's what I'm used to and I don't have to throw out years worth of apps.
So, here's your mistake: you think most end users care about stability and an overwhelming breadth of apps and the ability to make custom changes thanks to access to the source code. Well, sorry, but we don't care about any of that.
Here's why--but first, some background, so you can see where I come from. I've been using computers since my first day at college in 1995. I started out at the lab with a 20MHz 68k Mac running, I think, System 7 with a plethora of tools like Netscape 1, Fetch, and NCSA Telnet to grab my e-mail off the campus VAX. Being a Mac campus, and having no previous computer experience, I learned to use Macs and was happy with them--except that they always seemed to lock up every hour or so whenever I was doing more than one thing. OS 8 and PPC 7200 Macs in the lab changed that in coming years, and things were stable enough. When I graduated I needed my own computer, so I bought an old used WinBook XP laptop running Windows 95, because I couldn't afford a Mac. Soon after I started being actually interested in what the computer did, what settings I could tweak and why, etc. So, I became computer literate under Windows. I started collecting and using lots of apps. When the laptop dies of old age, I bought a brand-new k6-2 400, based in part on a dislike of Intel's P!!! ID number and its possible misuse if adopted, which I learned about by reading
I installed Windows 98SE as my primary operating system, although I cheated a bit and used 98lite to allow me to install it without Internet Explorer and most of the other useless crap, and I use Powerdesk 4 as my file browser instead of Explorer/IE. But why would a partially-sane, fairly computer literate guy like me, who's played with all the operating systems I listed above on spare drives and what not, do such a thing?
Because, like most people, I don't need uptime measured in months, weeks, or even days--an uptime of 3 or 4 hours is more than sufficient, unless I'm leaving the computer on all night to download something huge in which case it isn't doing anything that will make it crash. I turn my computer off whenever not in use, as do most people. Giving the computer a minute to boot up isn't at all annoying to me or most people--press the button, go get a soda or take a wee-wee, and by the time you get back it's ready to go.
Now, even so, why on Earth would I install Win98SE, out of all the possible choices? Simple: It has all the apps I like to use, and is compatible with almost every bit of software and hardware I would like to use, without much fiddling about and such. End users don't care about having all the software that's available with Linux--we just want to use what's easy and familiar. Linux apps are usually neither. Every app I'm running on my machine, and almost every app I could possibly download for it, uses the same key combos, and most of them have a consistent and predictable UI, and consistent and predictable install options. We don't want to apt-get-make-etc-etc anything; we want to download it or browse to the CD that has it, and double-click. The vast majority of people never ever ever would want to compile something even if they knew how, so the source code is meaningless to almost all end users. And the breadth of software available to end users with Linux is also largely useless--most of it has incomprehensible names which are useful if you're a hacker typing all day on your CLI but a total hindrance if you're an end user who just wants to download and click on something intuitively-named, like "Media Player," or something whose name is common parlance like "WinAMP" or "Napster." There's no wondering, "uhh, what's slrn do?"
The most important part of all that is that end users value consistency, both amongUI features and shortcuts and the ability to cut and paste between apps and the like, and consistency with whatever software they're used to. Which gets me back to why I chose Win98 from among all possible worlds: It runs every app I have ever used. Win2k may be more stable, but it won't run all of my old games, even though most of the other apps I use will run or have versions for it. People don't like to throw out stuff they like, and that goes for software. I mean, I *could* change to an open-source or Linux-supporting word processor like Star Office or WordPerfect, but why give up the same Word97 I've been using for years? When in college even, I was using Word for the Mac. It's comfortable. I'm used to it, and everyone can read it, though if sending to a guy who uses Linux or is mindful of security I just save in
Like most end users, I wouldn't. There has to be a compelling reason to upgrade, to make me throw away all my beloved apps and go wandering around for new ones. Sure, I like reading
That's why end users aren't flocking to Linux and never will. End users don't flock--they just use what they're used to and what works. Windows works well enough. You're never going to woo most users with technical superiority. Lots of superior tech ends up in the dustbins of history. The only way to get most users is to get in touch with new computer users. Get into as many schools and universities as possible, and you'll indoctrinate fresh users who have no predisposition, and they'll probably use Linux for the rest of their lives. The only way to win over old users, people who already have used Windows or Mac for a long time and have a bunch of software they're happy with, is to have a very compelling reason to undergo the upheaval of change. Being able to run your PC rock-solid stable for a month without rebooting isn't a compelling reason, since Windows is stable *enough* and Mac OS X will probably be nearly as stable as Linux. You mentioned having to wait ages for tech support for Windows--also not a compelling reason, since most people either learn Windows or Mac in school, or have a knowledgeable friend to help them learn. The same can't be said about Linux--I have only 1 friend who uses it, and most people have none.
"The more corrupt the state, the more numerous the laws."--Tacitus, *The Annals*
Microsoft doesn't have to invent an uncrackable scheme; they just have to invent one that makes it a bit more difficult and annoying to steal, while at the same time they make it as easy as possible to just pay for the song. I'm all in favor of this. (I want this to work on Linux too, so I don't really want Microsoft to control it. But the idea itself isn't evil.)
I disagree. The best way for the record labels to make money off of their music on the internet is to release high quality, unencrypted digital music that can be played on all hardware, all OS's, everywhere. Currently that format is MP3.
They bundle the music, they use Akamai so the downloads are fast, and they sell an album or a song for a small fraction of the price they charge for an album or a single.
They stop worrying about Napster and other P2P because they know that real fans of the music won't mind paying for it if it's EASY TO DOWNLOAD THE ENTIRE ALBUM, EASY TO PAY FOR, and most importantly, EASY TO PLAY ANYWHERE THEY WANT!
All encryption does is prevent honest people from using the music they paid for in the manner they wish. It doesn't stop the lamers who want to steal the music, because they will still circumvent the protections and encryptions.
ALWAYS.
-thomas
"And like that
Well, if you're at all like me, the phrase "Secure Audio Path" raised a lot more questions than it answered, so I've done a little digging around the msdn site and found some information. My apologies for the blockquote spam, but I think they explain it quite well:
The best information seems to be in their SDK documentation for windows media:
A quick glance at the latter's diagrams shows that, if nowhere else, they are clearly vulnerable to hardware based attack, but of course, the whole scheme, as has already been pointed out in this forum, is also vulnerable to a $15 tape recorder. :) At any rate, just some extra info for those similarly piqued.
Its interesting how many of these media access control architectures that the various large corporations are pushing are built around software.
What these big corporations are forgetting is that software is just a bunch of bits stored on some magnetic media somewhere. These bits can be looked at, pondered over, duplicated and modified.
Yes, your operating system may verify that your software is special in some way. Perhaps your programs must be signed by one of these corporation's master keys before the program can even begin play with the imprisoned audio and video. But your operating system itself is just a bunch of bits, and bits can be changed. How can an operating verify it has not been altered or even verify that it verified itself?
Of course, there is always hardware. Sure, your hardware may insist that your software meets some specific, magical criteria before the software gets the privilege of looking at that imprisoned song, book or movie, but the hardware still depends upon the software. And software is just a bunch of bits. And bits can be learned from or changed. And hardware can be deceived.
And then there is the hardware itself. The opaque, unchanging, mysterious hardware. Or is it? Opaque? No, hardware can be studied as well. Logic analyzers, in-circuit emulators, oscilliscopes and other toys allow for the exploration of the depths of the machines. Unchanging? Also wrong. Flash memory, EPROMs, and soldering irons abound. Nothing is immutable. Mysterious? No as well. Someone designed it. Somewhere out there exists the source code to the firmware and the VHDL for the chips themselves. Nothing can go undiscovered forever.
So where does this leave us?
No matter what obstacles are thrown at us by those who espouse the ideal that absolutely no action should go uncharged, they will be overcome. There will always be a Jon Johansen or a Julien Stern and Julien Boeuf that step out of the corner and say "Hey wait, your system isn't so special at all."
Then those big corporations will start all over again. They will come up with their Next Great Thing, their New Magic Bullet, their Unbreakable Secure System. Their marketing departments and PR flaks will crow about how wonderfully great their new system is. Until someone else steps out of the depths...
Information is unstoppable.
---
The Hotmail addres is my decoy account. I read it approximately once per year.
Jay Samit seems to get it.
Microsoft doesn't have to invent an uncrackable scheme; they just have to invent one that makes it a bit more difficult and annoying to steal, while at the same time they make it as easy as possible to just pay for the song. I'm all in favor of this. (I want this to work on Linux too, so I don't really want Microsoft to control it. But the idea itself isn't evil.)
But it won't work while the record companies try to charge too much money for the songs. $4 each? That's one-fourth the cost of a CD!
Whenever I consider copy-protection issues, I always remember the example Borland set in the mid-80's. At a time when other companies were charging high prices and using copy protection, Borland charged low prices and didn't use copy protection, and sold a ton of products. The lesson is clear: if you charge a fair price, most people will pay you instead of ripping you off.
So if Microsoft or anyone else can make a system as easy-to-use as Napster, which makes payment so easy it's automatic; and if this system is then loaded with music the average person thinks is fairly priced... it will be a gold mine.
But what makes a fair price?
Serving up music via the Net should reduce costs for everyone. No need to pay for warehouse space to store piles of CDs. No need to pay a CD manufacturer; no defective CDs to throw away. No guessing wrong what the people want, and having to destroy thousands of CDs no one would buy. No retail markup. The band makes the music, the web page sells it, the consumer listens. Not a middle-man in sight, which (as Scott McCloud says) is great news as long as you aren't one of the middle-men.
When costs fall, prices always fall too. If they can make money now selling a CD for $15, they ought to be able to make money charging a heck of a lot less just for a copy of the bits.
Well, here is the kicker: the record companies seem to want to lock the prices in where they are now, despite costs that will be lower to them. In other words, they want their profit margin to go up, a lot. And they seem to think that just by using the right copy-protection technology, they will be able to do it. It won't work.
In the future, the cost of music will fall. It's going to happen. The record companies can get on board and make money, or they can try to use copy-protection to prop up prices and go broke.
steveha
lf(1): it's like ls(1) but sorts filenames by extension, tersely