Virtualization May Break Vista DRM

Nom du Keyboard writes "An article in Computerworld posits that the reason Microsoft has flip-flopped on allowing all versions of Vista to be run in virtual machines, is that it breaks the Vista DRM beyond detection, or repair. So is every future advance in computer security and/or usability going to be held hostage to the gods of Hollywood and Digital Restrictions Management? 'Will encouraging consumer virtualization result in a major uptick in piracy? Not anytime soon, say analysts. One of the main obstacles is the massive size of VMs. Because they include the operating system, the simulated hardware, as well as the software and/or multimedia files, VMs can easily run in the tens of gigabytes, making them hard to exchange over the Internet. But DeGroot says that problem can be partly overcome with .zip and compression tools -- some, ironically, even supplied by Microsoft itself.'"

Said before

[mcrbids]

Encryption allows Alice to send a message to Bob that can't be viewed by Jack. The problem with DRM is it uses encryption such that Bob and Jack are the same person.

Think about it.

Alice (the publisher of the song) is using encryption to ensure that you and only you (Bob) can recieve the message. But Jack (also you) is being prevented from viewing the message.

The only reason that DRM is making any kind of headway is because of the hand-waving around terms like "dual key cryptography" and "license management". When you get right down to it, the content producers exist to deliver content to me. Once I get it, the only thing limiting my distribution of that content is legal in nature - I'm afraid of getting sued or prosecuted, so I don't.

Speakers can be recorded, screens can be videotaped. DRM can make it more difficult to copy content, but it will NEVER make it impossible. And the sad part is, DRM frequently makes it more difficult to VIEW content legitimately.

As a good example, I just set up a Windows XP laptop for one of my sales associates. I spent an ungodly amount of time going thru "Genuine Advantage" this and "Genuine" that, along with some dozen or more reboots. It's riduculously annoying, especially when updating a new CentOS system takes a single line:


yum -y update; shutdown -r now;


Microsoft has it wrong, and it may well be their undoing to find this out.

Tens of Gigs? No way. Try 10kilobytes.

Why would the file have to be so large? There's no need to exchange the entire VM file... just swap the key file which is produced after authentication. To explain, if two VMs are set up as identical (e.g. same HDD size, same virtual processor, same virtual RAM, same video card, etc.) they will produce the same hardware "hash". Once an authentic software ID has been used to unlock the first file, a file will be written to disk which contains an encrypted signature which authenticates the software and thus "unlocks" it. That same key, copied elsewhere to an otherwise identical environment, will also authenticate the other environment. Put another way, one key will unlock them both.

I'm sure there's a legal use for this. I just can't think of one...

Not the whole story

[earlymon]

I believe that there's more to Microsoft's dislike of VM than simply DRM, and I think that they're hoping to be shielded by a bit of DRM FUD.

Last year I was in Taiwan running WinXP under VirtualPC - with the appropriate upgrades after Microsoft had bought the product from its creators - and I had zero trouble.

This year, I'm in Taiwan again, but this time I'm running WinXP under Parallels. Shortly after my use of the machine here on the internet, I got this message telling me that my hardware had significantly changed since the original installation and that I needed to re-validate - I don't recall the rest of the message, but it involved Genuine Advantage and suggestions of unusability. So, even though I'm not carrying my original box around with the keycode (would you??), I decided to be brave and tapped on the warning from the tray as instructed. Took me right to an MS page at what appeared to be Microsoft-Taiwan, and it was quite persistent that I should continue to be routed to some Chinese language page. Long story short, I got some embedded wizard launched, got the MS phone number for the USA (Bangalore notwithstanding), called in, got re-validated and woot, woot, woot.

It seems - very strongly to me - that the only thing that Microsoft could have detected was my location in a way that didn't make sense to them, and I think I triggered something that decided I had a pirated copy. I really haven't had any use of my machine or anything change in any other way to cause me to suspect anything else.

So, how long before business travellers - and we fill a lot of 747s, virtually all running Windows - picking up VM for one reason or another start pitching fits when they discover that they can go into a full-screen presentation and be tagged publicly as potential software pirates?

I couldn't understand why MS had a real problem with Vista under VM, but if the cause I posited is in fact true, then the problem Microsoft is worried about goes back to the XP codebase. Say anything about Vista's new codebase, but it's all from the same company..... so, I think DRM is a specious explanation but it allows them to hide behind something where they can try to claim some innocence regarding VM - when in fact the OS may be more seriously broken w.r.t. VM than they're admitting.

I hope *IAA keeps wasting thier money on DRM

[symbolset]

These jerks think they define popular culture. They don't.

DRM doesn't work. People steal the stuff before it's encoded with the DRM. The key is always distributed with the content or recoverable.

DRM can't work. Their attempts are hilarious. In order to be perceived by a human it has to be rendered in analog format, at which point capturing and encoding it in an open format is trivial in all cases.

DRM shouldn't work. If they won't sell me the content for the device I want to play it on when I want to play it where I want to play it, I'll convert it and to hell with what they think I should be allowed to do. Fair use.

DRM is a security risk. I will not surrender control of my PC to render your content.

The more they annoy people, the more visibility worthy indie acts get. People will listen to their popmart derivative garbage less.

I am personally opposed to straight pirating the stuff but I have to admit my conviction on the subject is wavering at this point.

Choose something else

[symbolset]

Ok, you've got many PCs most of which run Windows XP. They've been crashing every Exploit Wednesday since October. Every one has a license that was paid for three times (six times under Software Assurance). You have seventeen core apps. Some of them are paid for several times. Some have a licensing server so that some people can use them when other people aren't, and come with a utility so that priority users can kick off nonpriority users. A couple of them are free. Four of them are nagware that came with your PCs or that you thought were a good idea at the time. One is an in-house app that only runs in a DOS box and accesses dBase files stored on your server. Every month a couple get pwned for no detectable reason.

Even if they don't run Windows you've paid over and over. You have to because they've made it happen what "enforcement" will happen if you don't.

Every software vendor you buy from makes it clear the software you bought is being split into "basic" versions that include most of the features you use, and an "Enterprise" version that includes must have features you can't live without. Both new versions will be annual subscriptions instead of purchases. Naturally, the Premium version you require will cost many times what you already paid and the cost will be annual rather than once each. Of course they're entitled to this conversion of your purchase into a "revenue stream" because they've upgraded their product from an application to a "platform framework" that "optimizes" your "TCO".

You're thinking about investigating this multicore thing that people are talking about, but it seems impossible to reconcile the software licenses with multiple "cores" on one or more CPUs. You want to do server consolidation, but every server app has to be evaluated both by a professional enginner and by a hideously expensive team of lawyers who also want to audit every piece of software you've purchased since 1974. Your CPA wants to know why you licensed the same software 3-6 times for each PC, and why you're buying licenses for software that won't run on the PCs they're purchased for. And what's this entry for "SCO Linux licenses"? You live in dread of being audited by jack-booted thugs, not because you're pirating but because the danger of a paperwork snafu that destroys your budget is nearly certain and the slightest discrepancy is going to get you canned.

I have one question: What the hell are you thinking? Get off the train to crazy town. The free stuff isn't just good, it's better. So much better that you're not going to believe you put up with this crap. If it's truly free you don't have to account for each copy/user/use/year/processor/incidence. It's not free because it's less worthy: it's free because you're not the first person to be disgusted by the experience you're having. Pay for support. Nobody ever got sued for terminating their support contract. Figure it out. The world has changed. The future is open.