Slashdot Mirror

← Back to Stories (view on slashdot.org)

Vista DRM Cracked by Security Researcher

Posted by ScuttleMonkey on from the only-a-matter-of-time dept.

An anonymous reader writes "Security researcher Alex Ionescu claims to have successfully bypassed the much discussed DRM protection in Windows Vista, called 'Protected Media Path' (PMP), which is designed to seriously degrade the playback quality of any video and audio running on systems with hardware components not explicitly approved by Microsoft. The bypass of the DRM protection was in turn performed by breaking the Driver Signing / PatchGuard protection in the new operating system. Alex is now quite nervous about what an army of lawyers backed by draconian copyright laws could do to him if he released the details, but he claims to be currently looking into the details of safely releasing his details about this at the moment though."

11 of 379 comments (clear)

  1. Pro Bono Security Attorneys by adambha · · Score: 4, Interesting

    How about a team of pro bono attorneys who are willing to defend (fight?) cases like this in which a researcher simply wants to share his/her findings? Sort of like a non-profit organization.

    1. Re:Pro Bono Security Attorneys by tddoog · · Score: 3, Interesting

      Not true at all.

      Here is a list of the EFFs recent battles.

              * EFF Warns ABC to Back Off Blogger
              * Florida Voters Challenge Judge's Shutdown of Election Investigation
              * EFF Defends Right to Link from Internet Wiki
              * EFF Backs DontDateHimGirl.com in Defamation Case
              * Computer Security Expert Edward W. Felten Joins EFF Board of Directors
              * Lawsuit Demands Answers About Government's Secret 'Risk Assessment' Scores
              * Fight to Unseal Critical Evidence in AT&T Surveillance Case
              * Tuesday Hearing on Critical E-Voting Evidence in Flawed Florida Election
              * American Travelers to Get Secret 'Risk Assessment' Scores
              * Self-Help Group Backs Off Attack on Internet Critic
              * EFF Accepts Barney's Surrender
              * EFF Fights to Shield Email from Secret Government Searches
              * Sarasota Voters File Lawsuit for Re-vote in Congressional Race
              * EFF Files Suit for Answers About New International Air Passenger Data Deal
              * California Supreme Court Rules in Favor of Free Speech on the Internet

  2. Moving to Redmond? by Anonymous Coward · · Score: 3, Interesting

    Sounds like somebody will soon get a juicy job offer from Microsoft to tighten up the system...

    1. Re:Moving to Redmond? by arivanov · · Score: 3, Interesting

      Yup. There is a word for this in the industry. It used to be called a BUGTRAQ gadfly though nowdays it should be called a "Full Disclosure Gadfly".

      You make enough stink on a non-moderated list like FD with the sole purpose to get hired and you get hired. There are pimps that follow FD, BUGTRAQ and the like for "fresh talent".

      --
      Baker's Law: Misery no longer loves company. Nowadays it insists on it
      http://www.sigsegv.cx/
  3. Alex is also re-implementing the win32 kernel by Anonymous Coward · · Score: 5, Interesting

    Alex Ionescu is the main kernel/HAL developer for the GPL'ed ReactOS project (www.reactos.org), which is aiming for an OS that is fully binary AND driver-compatible with Windows XP/Vista. If you look through the work he's done in the ReactOS SVN (developer name 'ion'), I have no doubts that he's fully capable of analyzing and defeating any kernel-level protections in Vista.

    Although ReactOS can share a lot of work with the WINE project for the win32 userland, it could still use any developers that are familiar with win32 development and would like to see a truly free operating system capable of using windows drivers/software.

  4. Is it illegal for me to have someone check safety? by Anonymous Coward · · Score: 4, Interesting

    If I drive a car, or heck use a toaster. Isn't it legal for me to give the product to a mechanic or someone versed in the art to check whether it's safe or not?

    So if I use windows .. I need to know if the DRM or digital signing is crap. I don't want spyware to be fakely "digitally signed" and run on my system. If the DRM is crap why would anyone release anything with it? Why are software companies able to prevent or hinder research into the security of their products and announcements to the public w.r.t their safety?

  5. Re:Post the details on MySpace by $RANDOMLUSER · · Score: 3, Interesting

    It works on GoDaddy domains.

    Closed captioned for the informationally challenged: Microsoft pays GoDaddy to use IIS for parked domains so it looks like IIS is "just behind" Apache on "who's using which web server" pie charts.
    --
    No folly is more costly than the folly of intolerant idealism. - Winston Churchill
  6. Honest question by jiggerdot · · Score: 4, Interesting

    Since the DRM in Vista is so inextricably tied in to the OS, then ANY hack which allows you to run stuff at kernel level will, by definition, be able to break the DRM. Which begs the question: could Sony's next rootkit be a violation of the DMCA, instead of just a huge pain in the ass?

    --
    "can't run, can't hide...oh well, return 0"
  7. Re:1st thing is to get a good lawyer by Phrogman · · Score: 5, Interesting

    No, that doesn't matter. I am sure that my govt will happily deport him if the **AA asks them to. We seem to bend over backwards for the US at this point, and for the **AA in particular, just look at the politician they bought recently up here. A Conservative government here in Canada turns us into a mere appendage of the US Government, compliant to their will most of the time. Hell, we just paid out 10 mil in damages to a Canadian Citizen we happily fingered for the US Dept of Homeland security so they could ship him to Syria to be tortured for a year or so even though there was no evidence he supported terrorism. I have no doubt that violating DRM (which is surely as Evil(tm) as terrorism in the eyes of the **AA, in fact they probably want to equate the two) will be sufficient to get this guy exported to some country for torture as well :)

    "Government for the corporations, by the corporations, for the benefit of all corporations..." or something to that effect.

    --
    "The first time I got drunk, I got married. The second time I bought a chimpanzee, after that I stayed sober" Arian Seid
  8. Re:He won't need to ... by drinkypoo · · Score: 4, Interesting

    Some of these people won't even be affected by USA law, unless they decide to visit or transit through the country.

    One wonders if the harassment of people who are not breaking US law in their own jurisdiction when they come to the US will have a chilling effect on technology in the USA. Certainly, some very smart people would be very stupid to visit here...

    --
    "You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
  9. Re:Misleading story by Alex_Ionescu · · Score: 5, Interesting

    1). It doesn't work out of the Box.

    Yes, it requires a reboot, which is why it's only useful for bypassing DRM, not for open source apps (which will have to bother the user to reboot).

    2). It uses a method provided by Microsoft.

    Erm, no, PMP is provided by Microsoft. This method bypasses it.

    3). It hasn't been tested.

    It works fine, the actual PMP-disabling code hasn't been tested because I don't want to touch that. But my code ran in kernel-mode, which means it's possible. Read up a bit on computer architecture and you'll see that as long as you have access to the kernel, you're God on the machine (Apart from hypervisor machines and/or additional hardware -- which PMP doesn't currently employ).

    4). Author is more afraid of the DMCA than of violating Microsofts EULA terms.

    Author is a student and doesn't want to be sued out of existence because this method could be used to "circumvent a technological measure primarly destined for copyright protection".