Slashdot Mirror
Virtualization May Break Vista DRM
Nom du Keyboard writes "An article in Computerworld posits that the reason Microsoft has flip-flopped on allowing all versions of Vista to be run in virtual machines, is that it breaks the Vista DRM beyond detection, or repair. So is every future advance in computer security and/or usability going to be held hostage to the gods of Hollywood and Digital Restrictions Management? 'Will encouraging consumer virtualization result in a major uptick in piracy? Not anytime soon, say analysts. One of the main obstacles is the massive size of VMs. Because they include the operating system, the simulated hardware, as well as the software and/or multimedia files, VMs can easily run in the tens of gigabytes, making them hard to exchange over the Internet. But DeGroot says that problem can be partly overcome with .zip and compression tools -- some, ironically, even supplied by Microsoft itself.'"
Encryption allows Alice to send a message to Bob that can't be viewed by Jack. The problem with DRM is it uses encryption such that Bob and Jack are the same person.
Think about it.
Alice (the publisher of the song) is using encryption to ensure that you and only you (Bob) can recieve the message. But Jack (also you) is being prevented from viewing the message.
The only reason that DRM is making any kind of headway is because of the hand-waving around terms like "dual key cryptography" and "license management". When you get right down to it, the content producers exist to deliver content to me. Once I get it, the only thing limiting my distribution of that content is legal in nature - I'm afraid of getting sued or prosecuted, so I don't.
Speakers can be recorded, screens can be videotaped. DRM can make it more difficult to copy content, but it will NEVER make it impossible. And the sad part is, DRM frequently makes it more difficult to VIEW content legitimately.
As a good example, I just set up a Windows XP laptop for one of my sales associates. I spent an ungodly amount of time going thru "Genuine Advantage" this and "Genuine" that, along with some dozen or more reboots. It's riduculously annoying, especially when updating a new CentOS system takes a single line:
yum -y update; shutdown -r now;
Microsoft has it wrong, and it may well be their undoing to find this out.
I have no problem with your religion until you decide it's reason to deprive others of the truth.
Why would the file have to be so large? There's no need to exchange the entire VM file... just swap the key file which is produced after authentication. To explain, if two VMs are set up as identical (e.g. same HDD size, same virtual processor, same virtual RAM, same video card, etc.) they will produce the same hardware "hash". Once an authentic software ID has been used to unlock the first file, a file will be written to disk which contains an encrypted signature which authenticates the software and thus "unlocks" it. That same key, copied elsewhere to an otherwise identical environment, will also authenticate the other environment. Put another way, one key will unlock them both.
I'm sure there's a legal use for this. I just can't think of one...
I believe that there's more to Microsoft's dislike of VM than simply DRM, and I think that they're hoping to be shielded by a bit of DRM FUD.
Last year I was in Taiwan running WinXP under VirtualPC - with the appropriate upgrades after Microsoft had bought the product from its creators - and I had zero trouble.
This year, I'm in Taiwan again, but this time I'm running WinXP under Parallels. Shortly after my use of the machine here on the internet, I got this message telling me that my hardware had significantly changed since the original installation and that I needed to re-validate - I don't recall the rest of the message, but it involved Genuine Advantage and suggestions of unusability. So, even though I'm not carrying my original box around with the keycode (would you??), I decided to be brave and tapped on the warning from the tray as instructed. Took me right to an MS page at what appeared to be Microsoft-Taiwan, and it was quite persistent that I should continue to be routed to some Chinese language page. Long story short, I got some embedded wizard launched, got the MS phone number for the USA (Bangalore notwithstanding), called in, got re-validated and woot, woot, woot.
It seems - very strongly to me - that the only thing that Microsoft could have detected was my location in a way that didn't make sense to them, and I think I triggered something that decided I had a pirated copy. I really haven't had any use of my machine or anything change in any other way to cause me to suspect anything else.
So, how long before business travellers - and we fill a lot of 747s, virtually all running Windows - picking up VM for one reason or another start pitching fits when they discover that they can go into a full-screen presentation and be tagged publicly as potential software pirates?
I couldn't understand why MS had a real problem with Vista under VM, but if the cause I posited is in fact true, then the problem Microsoft is worried about goes back to the XP codebase. Say anything about Vista's new codebase, but it's all from the same company..... so, I think DRM is a specious explanation but it allows them to hide behind something where they can try to claim some innocence regarding VM - when in fact the OS may be more seriously broken w.r.t. VM than they're admitting.
Pathological kinda promises Path + Logical - but instead, you get stuck with pathetic.
These jerks think they define popular culture. They don't.
DRM doesn't work. People steal the stuff before it's encoded with the DRM. The key is always distributed with the content or recoverable.
DRM can't work. Their attempts are hilarious. In order to be perceived by a human it has to be rendered in analog format, at which point capturing and encoding it in an open format is trivial in all cases.
DRM shouldn't work. If they won't sell me the content for the device I want to play it on when I want to play it where I want to play it, I'll convert it and to hell with what they think I should be allowed to do. Fair use.
DRM is a security risk. I will not surrender control of my PC to render your content.
The more they annoy people, the more visibility worthy indie acts get. People will listen to their popmart derivative garbage less.
I am personally opposed to straight pirating the stuff but I have to admit my conviction on the subject is wavering at this point.
Help stamp out iliturcy.
I use "Microsoft Plus! Analog Recorder" to record albums from Yahoo! Unlimited with the cable from line-out to line-in trick, effectively ignoring Microsoft DRM with their own software.
JVC hdtv, name and shame.
If you mod me down, I will become more powerful than you can imagine....
Clearly, all these problems would be solved if the RIAA and MPAA sued Microsoft over their use of zip compression and its aiding in the piracy of audio... :D
Damn that's hard to say with a straight face.
I wouldn't consider the mad hatter mad. Just reality impaired. He sure can make a mean cup of tea.
Being a generous IT worker, when an employee's machine goes bad I'll sometimes give them my own machine if they need something fast. Last time I did this, a copy of Vista which I purchased directly from Microsoft's website suddenly became "not genuine". Not wanting to fuss with it, hoping I'd be able to get my machine back and make my copy of Vista genuine again, I ended up passing the time frame (30 days?) allotted for using the OS, then was locked out with a red screen saying "this copy of Microsoft Windows Vista Business is not genuine". This statement was clearly a lie if taken literally, but discussing vocabulary destruction through marketing would be quite a digression.
So, I went back to using my dual-boot linux partition and another spare PC for my day-to-day work.
Fast forward a few weeks...
Last Friday I got my laptop back, put the hard disk back in, and what's this? Vista still said it was not genuine. I tried to re-activate online but it said I couldn't do that because that key had already been activated. (Gee, you think? Maybe when I bought it?) So, taking the only course left, I called Microsoft on the phone and entered a series of numbers about 30 digits long. When the computer couldn't validate my install it forwarded me to some Indian call center, a place I'm familiar with because I've had to do this process more than a few times.
But this time was different... (Don't get your hopes up, it wasn't different in a good way. I was on the phone with a Microsoft offshore call center, remember?) Not only was my personal system down, but apparently their whole call center system was down. They were unable to validate my install and told me I'd need to call back later after they got their system back up and running. Apparently there was no other backup call center online, I simply had to hang up and call back another time when their system was back up.
Back to my trusty dual-boot Linux partition with its `sudo bash -c 'apt-get update && apt-get upgrade && reboot'`, or my Mac with its `sudo bash -c 'softwareupdate -i -a && reboot'`
Oh, and Jim Allchin can kiss my ass. "It's rock solid and we're ready to ship." Rock solid as in paper weight. What good is a stable OS that won't let you use it?
Ok, you've got many PCs most of which run Windows XP. They've been crashing every Exploit Wednesday since October. Every one has a license that was paid for three times (six times under Software Assurance). You have seventeen core apps. Some of them are paid for several times. Some have a licensing server so that some people can use them when other people aren't, and come with a utility so that priority users can kick off nonpriority users. A couple of them are free. Four of them are nagware that came with your PCs or that you thought were a good idea at the time. One is an in-house app that only runs in a DOS box and accesses dBase files stored on your server. Every month a couple get pwned for no detectable reason.
Even if they don't run Windows you've paid over and over. You have to because they've made it happen what "enforcement" will happen if you don't.
Every software vendor you buy from makes it clear the software you bought is being split into "basic" versions that include most of the features you use, and an "Enterprise" version that includes must have features you can't live without. Both new versions will be annual subscriptions instead of purchases. Naturally, the Premium version you require will cost many times what you already paid and the cost will be annual rather than once each. Of course they're entitled to this conversion of your purchase into a "revenue stream" because they've upgraded their product from an application to a "platform framework" that "optimizes" your "TCO".
You're thinking about investigating this multicore thing that people are talking about, but it seems impossible to reconcile the software licenses with multiple "cores" on one or more CPUs. You want to do server consolidation, but every server app has to be evaluated both by a professional enginner and by a hideously expensive team of lawyers who also want to audit every piece of software you've purchased since 1974. Your CPA wants to know why you licensed the same software 3-6 times for each PC, and why you're buying licenses for software that won't run on the PCs they're purchased for. And what's this entry for "SCO Linux licenses"? You live in dread of being audited by jack-booted thugs, not because you're pirating but because the danger of a paperwork snafu that destroys your budget is nearly certain and the slightest discrepancy is going to get you canned.
I have one question: What the hell are you thinking? Get off the train to crazy town. The free stuff isn't just good, it's better. So much better that you're not going to believe you put up with this crap. If it's truly free you don't have to account for each copy/user/use/year/processor/incidence. It's not free because it's less worthy: it's free because you're not the first person to be disgusted by the experience you're having. Pay for support. Nobody ever got sued for terminating their support contract. Figure it out. The world has changed. The future is open.
Help stamp out iliturcy.
I have as much reason to hate MS's operating systems as the next guy. No, scratch that, I have vastly more reason to hate MS's OS's than the next guy, having watched them attempt to undermine and destroy OS/2 back in the early 90's, back before it become fashionable to hate MS OS's. I remember having to put up with the constantly shifting Win32s extensions for Windows 3.1, which were modified for the sole purpose of breaking OS/2 compatibility. Or their (then new) "per-processor license agreements". I haven't run a Windows machine as my desktop since 1992, having run OS/2, Linux, and Mac OS X (in that order) since that time.
As such, it really pains me greatly to say -- Vista under virtualization is surprisingly decent and well behaved. I've been running the 64-bit Business Edition of Vista inside VMware Fusion on a new 2.16Ghz Core 2 Duo MacBook with 2GB of RAM, and it's surprisingly quick and agile. Sure, I don't get Aero (which just looks bad to me anyhow -- honestly, how is an alpha-blended window title a good thing?), and I'm not using it to play games, and I don't use it to browse the web or do e-mail or digital media, but overall it has been very well behaved, and has been surprisingly quick to boot and run. I've even experimented with it running digital video, and the performance has been very good.
Now of course, I can see why they'd be worried about their DRM stance. As the VMware audio and video go through a virtualized driver/device to the Mac's hardware, it would be easy to use readily available tools to hijack the stream (like Rogue Amoeba's excellent Audio Hijack Pro.
Now there is no way in hell I'd ever run Windows as my primary OS -- still think their UI scheme is garbage, and don't like the fact they have both systematically loaded their systems with crap to appease other corporations while punishing their own end-users (DRM), and that they've frequently promised features they've never delivered (anyone else remember when they promised a stand-alone MS-DOS v7? Or when they promised an OODBMS-based filesystem for Cairo starting back in 1996? That same filesystem they didn't deliver with Vista? Or how about when they finally decided it was time to introduce a new filesystem for the 9X line that instead of using a well-designed FS they owned all the rights to, like HPFS or NTFS, they instead exacerbated the problem with a band-aid solution and invented FAT32?). It's still not what I look for in a desktop OS, but as much as it pains me to say it, on a modern machine (and the latest MacBook is hardly top-of-the-line, although it's certainly quite a capable system), under virtualization, Vista actually runs pretty acceptably. If I had to use it as my day-to-day system (and I don't use it much at all -- it's there to support a development toolset for some embedded programming I'm peripherally involved in), it certainly wouldn't be slow or painful to use -- it's instantly responsive, and has so far behaved very well (i.e.: it hasn't crashed yet).
Strange but true.
Yaz.