Slashdot Mirror
Virtualization May Break Vista DRM
Nom du Keyboard writes "An article in Computerworld posits that the reason Microsoft has flip-flopped on allowing all versions of Vista to be run in virtual machines, is that it breaks the Vista DRM beyond detection, or repair. So is every future advance in computer security and/or usability going to be held hostage to the gods of Hollywood and Digital Restrictions Management? 'Will encouraging consumer virtualization result in a major uptick in piracy? Not anytime soon, say analysts. One of the main obstacles is the massive size of VMs. Because they include the operating system, the simulated hardware, as well as the software and/or multimedia files, VMs can easily run in the tens of gigabytes, making them hard to exchange over the Internet. But DeGroot says that problem can be partly overcome with .zip and compression tools -- some, ironically, even supplied by Microsoft itself.'"
> So is every future advance in computer security and/or usability going to be held hostage to the gods of Hollywood
> and Digital Restrictions Management?
Microsoft has nothing to do with Hollywood. There are waiters in Hollywood who have forgotten more about movies than anyone at Microsoft will ever know. Even the accountants use Macs here in California.
Microsoft does not even make a movie player that plays the standard format. Calling Windows Media Player or Zune a movie player is like saying Microsoft Word is a Web browser because it can also display text and images. That is a very unsophisticated view that you can't sell to someone who actually knows how the Web works. Well, in Hollywood, they know how movies work. MPEG-4 was coming for many years, then it was standardized, then it became the format in iTunes+iPod, then the iPod took off. MPEG-4 is also HD DVD and Blu-Ray and AppleTV and iPhone and PSP. MPEG-4 is also the standardization of the QuickTime format which all the content creation tools are built around, even those like Avid that compete with Apple, so it arrived already having mature development tools. One day there was a QuickTime update and all of my tools could now generate MPEG-4 H.264 as if they had always known what it was. Further there is a free open source MPEG-4 streaming server that runs on every Unix and also Windows, it also has no streaming tax. Finally, most of all, MPEG-4 has no "content tax" while Microsoft's Windows Media business model depends on a content tax and everybody in both music and movie industry already knows better than that. All this happened already with sheet music and player pianos 100 years ago. Nobody is going to use an encoder that spits out a file which you can't copy or share without paying a tax to Microsoft, because everybody wants their movie or album to sell 100 million copies (even if it actually has no chance) so when Microsoft says aw it's only a penny per copy, people do the math and say no you are raping me with that, I can buy an MPEG-4 encoder for $20 and use it to make all the copies I want and not owe anybody anything why don't I just do that? And MPEG-4 just happens to already be integrated into all my tools and integrated into the hardware of consumer video playback so there was never any there there with Microsoft and movies. Even if they built a technically sound system or one that had a cost advantage, they would have to overcome the fact that nobody wants to work with the evil typewriter company.
All you are seeing here is another way that Windows sucks. Core computing functionality that customers use and want and even need to stabilize their Windows software on a real operating system is falling victim to Microsoft's lack of focus and hopeless star fucking. Why isn't Windows ready to be a good typewriter today? Because of its magic DRM.
Being a generous IT worker, when an employee's machine goes bad I'll sometimes give them my own machine if they need something fast. Last time I did this, a copy of Vista which I purchased directly from Microsoft's website suddenly became "not genuine". Not wanting to fuss with it, hoping I'd be able to get my machine back and make my copy of Vista genuine again, I ended up passing the time frame (30 days?) allotted for using the OS, then was locked out with a red screen saying "this copy of Microsoft Windows Vista Business is not genuine". This statement was clearly a lie if taken literally, but discussing vocabulary destruction through marketing would be quite a digression.
So, I went back to using my dual-boot linux partition and another spare PC for my day-to-day work.
Fast forward a few weeks...
Last Friday I got my laptop back, put the hard disk back in, and what's this? Vista still said it was not genuine. I tried to re-activate online but it said I couldn't do that because that key had already been activated. (Gee, you think? Maybe when I bought it?) So, taking the only course left, I called Microsoft on the phone and entered a series of numbers about 30 digits long. When the computer couldn't validate my install it forwarded me to some Indian call center, a place I'm familiar with because I've had to do this process more than a few times.
But this time was different... (Don't get your hopes up, it wasn't different in a good way. I was on the phone with a Microsoft offshore call center, remember?) Not only was my personal system down, but apparently their whole call center system was down. They were unable to validate my install and told me I'd need to call back later after they got their system back up and running. Apparently there was no other backup call center online, I simply had to hang up and call back another time when their system was back up.
Back to my trusty dual-boot Linux partition with its `sudo bash -c 'apt-get update && apt-get upgrade && reboot'`, or my Mac with its `sudo bash -c 'softwareupdate -i -a && reboot'`
Oh, and Jim Allchin can kiss my ass. "It's rock solid and we're ready to ship." Rock solid as in paper weight. What good is a stable OS that won't let you use it?
DRM is really one of the core components of Vista. It makes virtualization easier to defeat than you may realize. Go look up Palladium, renamed "Trusted Computing". It's hardware level authentication and software access control, and it's specifically designed to weld host authentication to file access. Those keys are hardware stored, on the motherboard, not software stored. And the encryption chips or CPU based encryption is not directly accessible to emulation, not without paying a genuinely unacceptable performance penalty in use.
At the rate technology is progressing, somebody with a HD projector, a HD camcorder and a few extra lenses and filters will be able to do an analog capture that easily satisfies the average guy with a 50" LCD display.
It sure helps that even today all of the satellite HD signals are highly degraded, often re-encoding from 1920x1080 to 1280x1080 and the vast majority of the viewers don't give a damn. Even the broadcast networks do shitty job, Fox is bitrate starved for no good reason, running their stuff at roughly 10Mbps when the available bandwidth over the air is just under 20Mbps. NBC and ABC are only a little bit better. Only CBS seems to give a crap about the quality of their broadcasts.
So, either consumer standards are going to have get a LOT higher or pricing on DRM'd products is going to have get a LOT cheaper if they want to compete with the quality level available via "free."
All that assumes that no bored grad students ever take an electron-tunneling microscope to the "tamper-proof" chips in these DRM systems and extracts the keys necessary to do the decrypt at the digital level. Nowadays that's not particularly expensive to do.
When information is power, privacy is freedom.