Microsoft Says Kinect Left Open By Design

kai_hiwatari writes "Around two week ago when Adafruit announced a bounty for developing an open-source driver for the Kinect, Microsoft made it clear that they didn't condone it. Now Microsoft seems to have realized the potential of their device and has made a U-turn. Alex Kipman, Xbox Director of Incubation, now says that they left the Kinect open by design. Kipman said, 'What has happened is someone wrote an open-source driver for PCs that essentially opens the USB connection, which we didn't protect, by design, and reads the inputs from the sensor.'"

Oh yeah

We totally meant to do that cool thing you guys thought we didn't mean to do ... and stuff.

Re:Oh yeah

[phantomfive]

He's probably right. You should see what they did with Windows Phone 7; the protocol they speak over USB is encrypted, even though the protocol is known, and the data being transferred is usually also known. It has deep security.

Now, maybe they didn't leave it open specifically because they wanted people to write an open source driver, but if they had been serious about keeping it closed, they would have almost certainly given it a better attempt.

Re:Oh yeah

[timeOday]

Really, who cares what they intended in the first place?

I read this statement as: "we are NOT going to sue or try sue unauthorized Kinect developers. we are not going to upload new firmware to close the barn door every time it connects to the Internet. We are not going to try to figure out who is doing this and ban them from XBox Live."

All this is great news.

Re:Oh yeah

[Dunbal]

I read this statement as: "we are NOT going to sue or try sue unauthorized Kinect developers.

      And I read it as "we are NOT going to sue unauthorized Kinect developers unless they come up with some really revolutionary, astounding and above all - money making - idea."

Re:Oh yeah

[noidentity]

Interesting how it's now great news for a company to not be a fucking asshole and prevent owners of the devices from doing whatever they want with them. Used to, this was just considered what any normal company would allow.

Re:Oh yeah

[Mysteray]

No, it "isn't some random project by 4 college dropouts." Based on what I see from the outside about the way MS works it's more likely to be:

13 MBAs from prominent schools who specialize at yelling at their subordinates
1 guy from the former Soviet Union with a Master's degree in EE
1 guy with a Master's degree in Java UML frameworks from each country that has a population over 1B
18 part-time contractors and outsourcers

Only one of these is likely to know what the word "hackable" means and he's smart enough to know when to keep his mouth shut.

Re:Oh yeah

[QuantumRiff]

Of course, they didn't bother to implement the encryption features of the ActiveSync protocol developed by this company called Microsoft, for this server product called "Exchange" so companies that require remote device encryption can't use these brand new phones. In fact, Android doesn't support it yet either. (but hey, its not a google protocol or server, so i cut them slack). In fact, the only mainstream device that does support it is the iPhone.

Re:Oh yeah

True. it is pretty darn obvious that when MS first heard about "hacking" the Kinnect they were worried about actually having another device that could pretend to be a valid Kinnect. This has not been done. In fact, what was done is not really hacking - more just determining what the USB signals are. Nothing was broken, no security was compromised, etc. MS now realizes that it wasn't what they thought it was and are certainly not upset that you can use a Kinnect on other platforms. They just don't want to have other devices that can authenticate as a Kinnect to an XBox 360 so that cheating isn't enabled. Very straightforward.

Re:Oh yeah

[Locutus]

Windows Phone 7 encryption is all about DRM and so there's little in the Kinect to protect. Plus, they need every bit of processing they can get on the Xbox so encrypting the sensor stream would have required CPU power to decrypt and again, what's there to protect? My guess is that it was just easier to just the data as it was delivered and to even try to do as much as possible on the Kinect before shipping data over the USB bus.

Microsoft probably realized that if they try to block this it will make them look more like idiots instead of business people looking to make money of anything they can. If they locked it down it would cost them CPU cycles on the console, they'd sell fewer Kinects. and they'd look like the protectionists they really are.

They did the right thing by leaving it alone and continuing to sell it as a separate device. I am surprised they are not requiring it be sold with a bundled game at a higher price though.

LoB

Re:Oh yeah

[vegiVamp]

Since you are suggesting that everything they leave open is deliberate, I should say it's high time to start suing their balls off for all the security holes, viruses and botnets they've enabled.

Re:Oh yeah

[TheRaven64]

More importantly, adding encryption and decryption adds latency. This is something that you want to avoid in any input device, but especially in one that is used for games.

Re:Oh yeah

[smartin]

Yes isn't it, but I heard the NPR interview and there were many long pauses before this guy said the things he said. I suspect that he got a long talking to when he got back to the evil empire and that Microsoft's new open stance on this is really just them watching the ass of the horse run away while they stand in the open barn door.

The part that really got me was when Ira asked him if M$ was going to sue anyone for doing this. There was probably 30 seconds of dead air while the guy squirmed in his seat and then he said no.

Re:Oh yeah

[IamTheRealMike]

The Xbox 360 encrypts the contents of RAM and hides the overhead behind the memory access latencies. I really doubt encrypting the Kinect data stream would have added much overhead. It might have added cost though, and why bother? As pointed out, there isn't a whole lot you can do except "build cool stuff" with this data. Given the completely crazy security system the core Xbox has, they clearly are telling the truth.

Re:Oh yeah

[pregister]

Exactly.

The quote from the MS exec was taken from this week's Talk of the Nation Science Friday show on NPR (as pointed out in the article) which I think is available as a podcast. It was an interesting segment because despite the obvious product evangelizing that was going on, they really do seem enthused about how a device like this will be a game changer in the way we interact with technology.

In the first part of the quote, not included in the fine summary, he takes pains to point out the Kinect hadn't been "hacked". He gives two meanings of hacked, the second one being that nobody has been able to modify the signal coming from the Kinect sensors before it gets to the Xbox...which would allow cheating.

Re:Oh yeah

[NNKK]

WTF? He's talking about USB. As in physical interconnection between the phone and the PC. If someone has tapped into a USB link, they already have the physical access necessary to get at your data regardless.

By your absurd logic, the USB mass-storage protocols should be encrypted because you might transfer personal information to/from a USB disk.

Needs more Xbox

[slyborg]

I think what he meant to say about the earlier statement was that Microsoft turned 360 degrees and walked away from it.

Everyone has a right to change their mind

[19thNervousBreakdown]

If Microsoft's knee-jerk reaction is the wrong one, well, that's to be expected. They're assholes by nature. But, if after sleeping on it (and consulting with their lawyers and engineers and finding out there's nothing they can do that won't eat up every cent of profit they might have made on the thing) they come up with the right decision, I'm willing to forget their previous stance. Keep it up long enough, and they might even earn some goodwill.

Re:Everyone has a right to change their mind

[hipp5]

If Microsoft's knee-jerk reaction is the wrong one, well, that's to be expected. They're assholes by nature. But, if after sleeping on it (and consulting with their lawyers and engineers and finding out there's nothing they can do that won't eat up every cent of profit they might have made on the thing) they come up with the right decision, I'm willing to forget their previous stance. Keep it up long enough, and they might even earn some goodwill.

I do agree that this is certainly better than them being complete idiots and trying to fight this til the end of time. However, if they didn't want to come off as asshats I think they should have said, "originally we had said that the Kinect should remain closed. However, we see that a group of talented enthusiasts has taken our hardware and done some truly innovative stuff with it. We now see that value in this, and wish to commend them on their hard work. In fact, we're so stoked about this that we've decided to donate a Kinect to 100 high school robotics teams across the country." Now THAT would look good on Microsoft.

Re:Everyone has a right to change their mind

[Rockoon]

However, if they didn't want to come off as asshats I think they should have said, "originally we had said that the Kinect should remain closed.

No, thats not what they originally said.

What they said is two very short quotes. Here, let me help you:

"Microsoft does not condone the modification of its products. With Kinect, Microsoft built in numerous hardware and software safeguards designed to reduce the chances of product tampering. Microsoft will continue to make advances in these types of safeguards and work closely with law enforcement and product safety groups to keep Kinect tamper-resistant."

Thats what they said, exactly.

Re:Everyone has a right to change their mind

[hedwards]

Right, but as it turns out, this isn't tampering, and it's not something which they made any meaningful effort to avoid either. I suspect that if anybody does manage to upload a custom firmware that they may step down hard on that.

Re:Everyone has a right to change their mind

[Aldenissin]

That's just doublespeak for, "We knew it was left open (D'oh!) , but we still had to talk tough against it because it goes against everything our souless company stands for." I wish I could believe they were being nice, but as someone pointed out, even if you were right they could have still said "Tthis is GReeeaaaTTT!" and donated 100 to some highschool. Instead they play it off (poorly), as if they "meant" for this to happen. Give me a break.

The Usual Microsoft Flip-Flop

Before open driver:

"Developing open drivers for the Kinect hardware will be considered here at MS as tampering with trade secrets, and will be prosecuted as such."

After:

"Oh no no no no no we totally designed it that way in order to foster, um, innovation?...yeah good job to those guys."

Re:The Usual Microsoft Flip-Flop

[Shadow99_1]

It wasn't a flip flop, it was one random persons comment within MS earlier on that everyone has assumed is gospel on MS's stance. If MS had: Given a press release, stance commented on by someone among the top (like the director of the gaming division), or made an official statement this would in fact be a flip-flop. Instead this was the intention that one random uninformed person didn't know about in the first place.

Now it would probably also be different if people wanted to do something besides using the kinect...

Their side of story

[asvravi]

The first thing to talk about is, Kinect was not actually hacked. Hacking would mean that someone got to our algorithms that sit inside of the Xbox and was able to actually use them, which hasn’t happened. Or, it means that you put a device between the sensor and the Xbox for means of cheating, which also has not happened. That’s what we call hacking, and that’s what we have put a ton of work and effort to make sure doesn’t actually occur.

        What has happened is someone wrote an open-source driver for PCs that essentially opens the USB connection, which we didn’t protect, by design, and reads the inputs from the sensor.

MS has mixed up 'Hacking' and 'Cracking'

[HalAtWork]

Hacking would mean that someone got to our algorithms that sit inside of the Xbox and was able to actually use them, which hasn’t happened. Or, it means that you put a device between the sensor and the Xbox for means of cheating, which also has not happened.

No, that's cracking. Hacking seems to be exactly what has taken place... The device has been used as defined by the user, not the original software, for purposes outside of the original scope of the device as intended by the producer of the device.

Developers?

[huckamania]

I haven't seen any Kinect APIs or support in Visual Studio. I do see some very early libraries by some 3rd parties.

For Steve "Developers^3" Balmer to not have the resources in place is pretty ludicrous and tantamount to negligence. They obviously have all the pieces, I just don't see them in play. If they were smart, they would start rolling this out the SDK and OS integration before Christmas. Unfortunately, I have about as much faith in MS handling this right as I do the Dallas Cowboys making the Super Bowl this year.

I am much more excited by gesture and voice controls then touch interfaces. I have a cold this week and just trying to keep my monitor clean without touching it is a challenge.

Probably not even changing their mind

[Sycraft-fu]

People far too often ascribe personal characteristics to a corporation to the extent of viewing them as having one mind, one vision, one goal. That's not the case of course. They are made up of many people, who have different objectives. This is particularly true in the case of the massive conglomerate types like MS that doesn't have a controlling leader.

So what very well could have happened is that the development/project team on Kinect said "Let's leave this sucker open. We aren't going to spend any funds developing alternate uses, but let's not spend any time putting shit to prevent it either. Let people do whatever the hell they want with it." So Kinect gets developed with that in mind. However when it is launched and people look at it Assistant PR Flunky Third Class Number B was asked about hacking it, probably with the journalist using the term "hacking" and then fired back with Standard Lawyer BS Statement Regarding Hacking Form 5114CXX1 Subtype J which said "Graaaah! Hacking bad MS smash!" After a bit this makes the rounds, while Kinect is hacked, and internally the questions is asked as to the real intent. The director of the project says "It was supposed to be open!" and after clearing that with legal and corporate for release, they do so.

Notice the original statement was "a company spokesperson." In other words some low level guy who gets the calls when a news publication wants to know something, someone with no real knowledge or authority. This new statement is from Alex Kipman, a director at Microsoft who is directly involved with this, someone who knows what the hell is going on.

So that's probably what happened. Not changing their minds, just normal corporate confusion. The statement Cnet got was just a generic response from PR, that probably hadn't been well considered or prepared, just pulled from the "We defend our IP," bin. The second statement is their real position, from the project director.

Re:open by design? My ass!

[hedwards]

I'm sorry sir, but this isn't the appropriate venue to offer those sorts of services. I'd refer you to Craig's list, but apparently they aren't that sort of venue either.

Doesn't appear to be a DMCA violation

[tepples]

Can you spell DMCA?

Breaking encryption that was put there for a purpose other than to control access to an original work of authorship does not violate the anti-circumvention provisions of the Digital Millennium Copyright Act. Chamberlain v. Skylink; Lexmark v. Static Control Components.

Re:Doesn't appear to be a DMCA violation

[Sam+Douglas]

Cheers for those references.

The arguments presented in the Chamberlain v. Skylink case are interesting:

According to undisputed facts, a homeowner who purchases a Chamberlain GDO owns it and has a right to use it to access his or her own garage. At the time of sale, Chamberlain does not place any explicit terms or condition on use to limit the ways that a purchaser may use its products. A homeowner who wishes to use a Model 39 must first program it into the GDO. Skylink characterizes this action as the homeowner's authorization of the Model 39 to interoperate with the GDO. In other words, according to Skylink, Chamberlain GDO consumers who purchase a Skylink transmitter have Chamberlain's implicit permission to purchase and to use any brand of transmitter that will open their GDO. The District Court agreed that Chamberlain's unconditioned sale implied authorization. Id.

The authorisation argument seemed important to that case, and potentially to other cases where the manufacturer of a product attempts to use copyright law to control (fair) use of the device.

Also relevant to this discussion:

In a similar vein, Chamberlain's proposed construction would allow any manufacturer of any product to add a single copyrighted sentence or software fragment to its product, wrap the copyrighted material in a trivial "encryption" scheme, and thereby gain the right to restrict consumers' rights to use its products in conjunction with competing products.[16] In other words, Chamberlain's construction of the DMCA would allow virtually any company to attempt to leverage its sales into after-market monopolies—a practice that both the antitrust laws, see Eastman Kodak Co. v. Image Tech. Servs., 504 U.S. 451, 455, 112 S.Ct. 2072, 119 L.Ed.2d 265 (1992), and the doctrine of copyright misuse, Assessment Techs. of WI, LLC v. WIREdata, Inc., 350 F.3d 640, 647 (7th Cir.2003), normally prohibit.

Re:The hardware is useless

[Rockoon]

How is this insightful when its wrong?

The Kinect does not do stereo image capture. Thats what those 3D movie people are doing (when they bother with that.)

The Kinect has two image sensors, thats for sure, but they dont even capture the same wavelengths of light.

The IR sensor captures only infrared.

There is some processing going on in the Kinect, but only to measure the spacing (and perhaps size) of the IR dots that are being projected by the device in order to produce a depth-map. This processing is clearly mostly trivial.

The magic of the Kinect as used by Microsoft is whats going on inside the xbox where they take the optical image, and with assistance from the depth map, detect people and construct a simplified 3d model (usable for input triggers) of how their body is oriented.

It is this second part that is clearly not-trivial. People come in all shapes and sizes, wear different clothing (if any..), and so forth and so on. Simply flagging the pixels that belong to people vs pixels that dont isnt easy, which is why the depth map is used for assistance.

Re:The more open one?

[bami]

What is not standard about the USB ports on the Xbox? You can even hook up a regular old USB keyboard to it (makes debugging so much easier, by just adding some keyboard listeners to your code and let them fire debug stuff), it's the only device except for my PC that will charge my MP3 player (USB power handshake thing) , and inside the plastic shell lies a regular laptop SATA drive, with a funky connector to connect it to the Xbox (I've broken the thing open because my drive likes to spin down after initial boot, giving me a E68, but a quick disconnect-connect fixes that). That the drive is signed by microsoft with a file on the first couple of sectors is just DRM/anti-piracy/money grabbing, but you can rip it out, format it and use it as a normal drive, nothing abnormal about it.

If you're really so gung-ho for open, I don't see why you would be interested in a PS3, with all the rampant "shove it up your ass" anti-modding updates sony has been going on for the last year or so, or the fact that you'd have to re-encode your MKV's to watch on the damn thing.

The perfect open system is a Windows PC (Linux gaming is still a sad affair, even with Wine) with a beefy videocard, a x360 controller, all hooked up to a nice TV. The Games For Windows thing makes it almost into an Xbox (can't tell the difference between Just Cause 2 PC or Xbox, even the tooltips give you the correct icons0, you get better graphics and you can do whatever the hell you want with it. A cheap dualcore system with a 5770 goes for not that much money these days, and can keep up at full HD resolutions with ease. Also gives you access to every codec you will ever need, as well as multitasking, free multiplayer gaming, home entertainment system and whatever you cook up yourself in whatever programming language that you prefer.

PS: Slight hate on the PS3 for all the "fsck linux" attitude, but not intentional as a flame post

On-Topic: I hope they release some sort of (un)official extension for XNA with kinect integration soon, do that and I will buy the thing in a trifle, just to do some hacking with it. I'd guess the thing could also be used at parties: no flying wii-motes to hit expensive TV's :D.

Re:The more open one?

[phillipsjk256]

I no longer consider Windows PCs open systems. Windows NT 6.x builds DRM deep into the system. Certain hardware such as video cards are required to implement undocumented features for Windows certification. This is done to facilitate the "protected path" for Blu-ray playback.

The Windows 7 EULA prohibits you from installing software that would add functionality to the system.

The reason "Linux gaming is still a sad affair, even with Wine" is because the hardware is undocumented. Without documented hardware, it is nearly impossible to write good drivers for that hardware. Wine sucks for games (aside form hardware issues) because of DRM. Currently, the Wine developers have a policy of not "patching out" the DRM on malware-infested games.

Digital Restrictions Management is a problem for Windows too. You can not install AAA titles on a computer you use for business because you can not install games under a separate limited user account. The DRM requires Administrative access: one of the reasons UAC was introduced. Why Microsoft didn't copy Apple in their MacOS9->X transition, I don't know. I suspect it is because they are hoping to make their money on DRM systems in the future.

Re:The hardware is useless

[marcansoft]

There is some processing going on in the Kinect, but only to measure the spacing (and perhaps size) of the IR dots that are being projected by the device in order to produce a depth-map. This processing is clearly mostly trivial.

No it isn't, and that's not how the algorithm works. As the camera is placed very near to the IR projector, the dot spacing is essentially constant. The dots may be farther apart in physical space for farther objects, but the camera can't see that.

As far as we can tell/guess, the way it actually works is by measuring horizontal displacement of the dots caused by objects at different depths, due to the horizontal distance between the projector and the camera. This is a lot harder, requires subpixel processing to achieve any kind of depth resolution, and requires a carefully controlled dot projection and calibration to that specific pattern. Not to mention this is likely the reason why the laser projector is temperature-stabilized with a peltier (to keep the pattern as generated by the diffraction grating stable) and why the Kinect's internal chassis is quite solid (the distance between the camera and projector and their angle is critical).

In fact, you can point two Kinects at the same subject and overlap their IR patterns, and they still work quite well and do not interfere (!) except at a small percentage of points where the clouds line up in the wrong way (you get two almost complete images, with a bunch of small holes where the patterns happen to line up).

Re:The hardware is useless

[RebRachman]

Absolutely. You can get a PrimeSense or Kinect camera if you are a serious game developer. You can also just purchase a Panasonic D-Imager depth camera for a few grand. Probably there will be a dozen of these cameras at consumer price points within a year or two. Having the data from the cameras, as pointed out, is somewhat limited.

Creating algorithms that will analyze movement takes about 4 years, and you can get this software from Softkinetic and from Omek (I work for Omek). Microsoft has obviously developed its own software, but it probably won't share it with you. Omek also has a gesture recording capability, which means that instead of programming new moves, you can actually stand in front of the camera and record new moves. You need to use a number of different people to get it right, but it does reduce development time dramatically. So anyone serious about this doesn't have to re-create this --it's out there and you can license it. Eventually there may be open source solutions, but it will take a while.