Kuro5hin.org: technology and culture, from the trenches
create account | help/FAQ | contact | links | search | IRC | site news
[ Everything | Diaries | Technology | Science | Culture | Politics | Media | News | Internet | Op-Ed | Fiction | Meta | MLP ]
We need your support: buy an ad | premium membership

TCPA and Palladium: Sony Inside

By adamba in Media
Tue Jul 09, 2002 at 08:46:44 PM EST
Tags: Technology (all tags)

The recent publicity about the Trusted Computing Platform Alliance (TCPA) and Microsoft's Palladium security initiative have portrayed them as Microsoft's latest weapon against the software industry.

This is incorrect. What they really represent are Hollywood's latest weapon against the personal computing industry.

For me, this story starts back in 1997. I was a software developer at Microsoft, working on remote boot - making Windows 2000 boot across a network. One issue with remote boot was security, preventing a malicious user on the network from corrupting the operating system binaries as they were being downloaded.

A short digression: Microsoft normally protects against this (and the more typical case, that someone would attempt to pass off their home-built binaries as belonging to Microsoft) using code signing. Code signing uses an encryption method called public key cryptography.

Real briefly, public key cryptography uses two different but related cryptographic keys. Either key can be used to encrypt data, and the other key is then used to decrypt it. One of the keys is made public, and one is kept as a closely guarded secret. One aspect of public key cryptography is that if person A (or company A) encrypts data with its private key, anyone can verify that the data really did come from person A just by decrypting it with A's public key.

In code signing on Windows, a company providing software uses a private key to encrypt some data that is derived from the compiled binary (it's known as a "digest", a one-way hash function of all the data in the binary that produces a much shorter, fixed length blob of data). It then packages the encrypted digest together with the binary. Any other piece of code wishing to verify the authenticity of the binary recomputes the digest itself, decrypts the digest (using the company's public key), and compares the two. If they match, then the binary is the one the original company intended.

This is the technology behind those popups asking "Do you want to run this binary signed by Company X". Code signing ensures that the binary is the one that Company X produced, not a version modified by someone else. There are ways to establish chains of trust, so a user or operating system can say "I trust any binary that was signed by someone who is trusted by someone who is trusted by someone who is trusted by VeriSign" - which is a service that VeriSign charges money for.

When the Windows 2000/XP kernel loads another operating system component, it checks that the code was signed by Microsoft, otherwise it refuses to load it. Getting back to our remote boot security issue, most of the operating system would be protected against network hacking because any modification would cause the code signing check to fail, resulting in the boot failing - a possible denial of service attack, but not nearly as bad as silently booting corrupted binaries.

Unfortunately there was a weak link in the chain. The very first piece of Microsoft code that was loaded off the network - the boot loader - was loaded by a boot ROM in the network card of the computer. That transfer itself was done using the tftp protocol, a very simple, unsecure transmission method. Thus, a clever hacker could corrupt the loader as it went by, then have his modified loader bring up a version of the kernel that did not do the code signing check, and at that point all heck could break lose on the user's machine (or, for the quick and dirty version, the corrupted loader could just format the hard drive and then stop).

This was back in the days when the "network PC," a machine that booted off the network and stored data on a server, looked like it might become a widely used type of computer. Therefore, making it boot securely was critical, and we had to figure out some way around the unsigned loader problem. The network boot ROMs were based on a standard called the Preboot eXecution Environment, or PXE, a part of Intel's Wired for Management spec which Intel considered establishing as an RFC. We went back to Intel to discuss how to solve the security issues. The plan we came up with involved a new standard called the Boot Integrity Specification, or BIS. BIS would be implemented in the firmware and would extend PXE, by moving the sphere of code signing down to include the initial tftp download of the loader. The boot ROM would use BIS services to check for a properly signed loader, the loader could use BIS services to check for a properly signed kernel, and then the existing code in the kernel would check for proper signing of all the binaries it downloaded over the network. BIS would also allow everyone to share the same encryption keys.

As BIS was being hashed out in 1998, the issue of securing binaries was popping up elsewhere on Microsoft's radar. Hollywood movie studios were becoming concerned about the possibility that playback of DVDs on personal computers could lead to perfect digital copies of movies. This was a year before the appearance of the DeCSS program, which broke the encryption scheme of DVDs, but already content companies felt that they had been misled on the security of DVD-ROM drives. As the movie studios put it in a filing in the lawsuit they filed about DeCSS, "the studios would not have agreed to releasing movies on DVD if it hadn't been for the DVD consortium's assurance that DVD technology implements an effective copy protection scheme."

My group working on remote boot was approached by Peter Biddle, a Microsoft employee who was the company's liaison with DVD standards bodies, and by extension kept an eye on Hollywood. Biddle explained how Hollywood expected to make money off of movies: first with theatrical releases, then with home VHS and DVD copies. Eventually a movie would be shown on television, at which point copies were expected to be rampant and no further revenue was expected. However, the period of time during which a movie was only available on VHS and DVD was considered key to making money. Movie studios were worried that easy copying of DVDs would have a serious impact on that.

To protect against this, a copy protection standard developed by Macrovision had been included in every DVD player. Extra bits were included in the DVD data, which caused the image quality to be degraded when a copy was made to a VCR (there were no Macrovision bits in broadcast television, which is one of the reasons that movie studios stopped expecting revenue once a movie had been broadcast). Hollywood was getting concerned that the access to DVD data offered by DVD-ROM drives was going to make it too easy to work around these restrictions.

When Microsoft thought of Hollywood, especially back then before the AOL - Time Warner merger, it often saw it as personified by one company: Sony. Best known for its home electronics, Sony had also become a content powerhouse after acquiring CBS Records and Columbia Pictures in the late 1980s, and was also becoming a leading personal computer vendor. It had recently introduced the Memory Stick storage media, marking it as one of the few PC vendors that innovated outside of the guidelines set by Intel and Microsoft. As a producer of both DVDs and DVD players, Sony sometimes found itself on both sides of a battle, but either part of the company was big enough to force Microsoft to pay serious attention to its plans.

It's important to understand that DVD playback on personal computers was not guaranteed to happen once DVD-ROM drives existed. It was the result of negotiation between movie studios, the DVD consortium, and the personal computer industry. In particular, it was agreed that the Macrovision bits would be preserved in the NTSC output of a laptop playing a DVD movie. As a result, DVD playback applications were given one of 408 preassigned keys allowing them to decrypt the DVD data. These keys were supposed to be carefully guarded (in fact, a DVD player eventually coughed up its key, which was one of the factors that made DeCSS possible, although it was not the only one).

As Peter Biddle explained to us, it was possible that the movie studios would completely disallow playback of newer formats - including higher-definition DVDs - on personal computers. They preferred closed hardware, such as dedicated DVD players. In fact, the upcoming Playstation 2 was really the perfect device, from Sony's point of view: it could play DVDs, yet could also be a generic computing platform, with only applications explicitly allowed by Sony able to run on it. Furthermore, there were rumors that Sony was going to make a keyboard available for the Playstation 2, and Sony was saying things such as this quote from a 1999 press release: "Sony Computer Entertainment Inc. today announced that it will establish its revolutionary computer entertainment system, PlayStation 2, as a platform for Internet-based electronic distribution of digital content in 2001."

Talk like this was enough to seriously spook Microsoft. One of the ways it combated this threat was with the Xbox, on which work began in early 1999. The Xbox could also play DVDs and run only approved binaries - approved by Microsoft.

Another way to fight Sony was to ease its security concerns, with an initiative tentatively called "Trusted Windows." The goal was to allow DVDs to be played on a Windows machine with no possibility that the bits could be copied, whether by another application running at the same time, a malicious driver, or even a custom piece of hardware that monitored the bus. Whereas code signing was designed to protect a user from an attack by code sent from another machine, Trusted Windows was designed to protect bits from an attack by a user on the same machine. Recognizing that truly dedicated DVD crackers could build specialized hardware that took the data out of the VGA output signal, the movie studios still wanted a solution that would prevent anyone from copying DVD data with off-the-shelf hardware, including the shelf of the local Radio Shack.

Since any trust in the operating system would have to begin with trust that the loader had loaded the proper kernel, Peter Biddle wanted to talk to the remote boot team about BIS and security. He invited us to a meeting that also included some folks from Microsoft Research: John DeTreville, Paul England, John Manferdelli, and Butler Lampson.

Butler Lampson was a notable in the industry, of a type Microsoft had been collecting recently. Among his other accomplishments, he was a manager at Xerox PARC in the early 1970s who proposed funding the Alto personal workstation.

In the meeting, Lampson explained his plans for trusted DVD playback. He wanted to write a hypervisor, a meta-operating-system that would run two operating systems above it: one was plain vanilla Windows 2000, the other a smaller operating system dedicated to playing DVDs. The hypervisor would provide a complete emulation of a personal computer for Windows 2000 to run in, but would intercept all calls to the hardware to make sure they were not illegally accessing DVD bits under the control of the dedicated operating system.

We felt it was an interesting idea, but not necessarily feasible. Although Microsoft Research does some very good work, both theoretical and applied, we were wary of previous interactions between Research and product groups. These sometimes resulted in partially completed Research projects being handed over to the product group with orders to finish them, because the Research team had caught the ear of a Microsoft Vice President.

Eventually we brought in some reinforcements from the Windows 2000 kernel team and convinced Lampson that the hypervisor was not a good idea in this situation. We also gently extricated ourselves from the Trusted Windows meetings, since we had other things to worry about, mainly completing remote boot in time to ship in Windows 2000.

We never did implement BIS for remote boot, but England, DeTreville, and Lampson eventually filed a patent for a digital rights management operating system, which incorporated some of the idea from BIS and didn't mention a hypervisor. TCPA was formed by Compaq, HP, IBM, Intel, and Microsoft in the fall of 1999, and although I was no longer involved in it, it appears that the Trusted Windows work continued inside of Microsoft Research, was eventually moved to a product development group, and has now recently made its public debut under the code name Palladium.

What does TCPA mean? At its core, it relies on code signing to ensure that "trusted" binaries are being run. Palladium builds on that; since you can now be sure that you really are running the correct Palladium binaries, you should now be able to trust Palladium to perform various other operations on your behalf. One of these is playing DVDs without leaking data, since Palladium should protect the data from malicious applications as defined in the DRM OS patent. According to a recent puff piece in Newsweek, which broke the Palladium story, Palladium also includes a series of other security-related features. However the bulk of these are not related to TCPA and instead build on Microsoft's existing security work, including its Public Key Infrastructure, the Encrypting File System, and various other features.

So which binaries will be "trusted" on a TCPA-compliant operating system that is allowed to play back DVDs? Recall that in code signing, it is the owner of the private key who gets to decide what is signed. The TCPA architecture does not specify a particular level of trust or security, just that whatever level is desired can be verified. It is possible that the same future Windows system could be booted in several different security modes corresponding to different private keys. For example, a system running on a corporate network might allow only binaries that were signed by the corporate IT department. In such an environment, a version of Linux that had been enhanced to support TCPA, built and signed by the corporate IT folks, might be a useful proposition.

The real issue at hand, however, is who is going to own the private key for a system authorized to play back DVDs. It won't be Microsoft, that's for sure. No, it will probably be a consortium of content providers, led by Sony.

What will the consortium agree to sign? Certainly not a home-built Linux application, since there are no guarantees that the application behaves. It's possible that a binary-only TCPA-aware Linux system might be signed, although it would have to enforce the DRM rules. This would break the spirit of the GPL, since it would prevent users from rebuilding the code themselves. While this is not (as some have claimed) the goal of TCPA, the GPL might become an unfortunate example of collateral damage in the battle between Microsoft and Sony.

Would the consortium agree to sign Windows 2006 (or whenever) with Palladium included? This is Microsoft's plan, of course, and Hollywood would have to balance the fear of leaking bits with the realization that being able to play DVDs on your personal computer leads to a lot of DVD sales. Microsoft would also have to get its act together: its recent Trustworthy Computing initiative, which may or may not be mere marketing, aims to reassure that remote exploits in Windows are a thing of the past. Thus it is focused on avoiding bugs in the existing architecture, as opposed to Palladium, which is a new architecture. But Trustworthy Computing may need to become reality if Palladium is to succeed: the user question "Do you want to run a binary signed by Company Y" will disappear on such a system, avoiding any potential for Outlook viruses, but if a trusted part of the operating system is discovered to have an exploitable buffer overflow, there may not be anything the TCPA hardware and Palladium software can do to stop DVD bits being copied.

On the other hand, without TCPA and Palladium, new media formats might be shut out from playback on a personal computer. Sony might be much happier if improved DVDs were only viewable on a Playstation 2, where it controls the environment. You can play DVDs on a Playstation, and you can also run Linux on a Playstation 2 - but you can't do them at the same time. A Playstation 2 with Linux is a preview of TCPA machines to come: you can boot in a less-secure mode and get more general functionality, or you can boot into secure mode but only play DVDs and games that have been approved by Sony.

For those who feel this is all irrelevant because any new DVD formats will be quickly broken, don't get your hopes up: beyond the fact that the Digital Millennium Copyright Act makes it illegal in the United States, it may be simply be technically impossible. The ease with which the DVD CSS encryption format (and other highly-publicized recent formats) have been cracked does not mean that all encryption algorithms will yield so easily. For example, nobody has yet been able to run an Xbox application that wasn't signed by Microsoft, except by modifying the firmware - and in the future TCPA might even detect such firmware modifications and refuse to boot the operating system.

TCPA and Palladium were not created so Microsoft could damage its rivals. They were created because Microsoft and other personal computer heavyweights felt they had to. Personal computers are nice, but Sony wants them to behave like closed DVD players, becoming commodity devices for displaying Sony's content. In the forthcoming battle between technology companies and media companies for control of your entertainment dollar, TCPA and Palladium may represent the beginning of the victory of the media companies.


Voxel dot net
o Managed Hosting
o VoxCAST Content Delivery
o Raw Infrastructure


Related Links
o Trusted Computing Platform Alliance
o code signing
o public key cryptography
o Preboot eXecution Environment
o Wired for Management
o establishi ng as an RFC
o Boot Integrity Specification
o DeCSS program
o filing
o lawsuit they filed about DeCSS
o copy protection standard developed by Macrovision
o Sony sometimes found itself on both sides of a battle
o not the only one
o 1999 press release
o funding the Alto personal workstation
o hypervisor
o patent for a digital rights management operating system
o Public Key Infrastructure
o Encrypting File System
o other features
o Trustworth y Computing
o run Linux on a Playstation 2
o do them at the same time
o Digital Millennium Copyright Act
o Also by adamba

Display: Sort:
TCPA and Palladium: Sony Inside | 178 comments (163 topical, 15 editorial, 1 hidden)
why is the world turning into a cyberpunk cliche? (3.87 / 8) (#2)
by moron on Tue Jul 09, 2002 at 05:35:29 PM EST

It seems that every day the world is looking more and more like some Womack or Jeter authored corporate dystopia.  Do the heads of these corporations read science fiction to plan out their campaigns for world domination or what?

culture: http://industrial.org
music: http://deterrent.net
code: http://codegrunt.com

My thoughts exactly... (3.00 / 1) (#33)
by concept on Tue Jul 09, 2002 at 08:20:05 PM EST

You're spot on.  I regularly re-read Gibson's works just so I know where we're all heading.  

[ Parent ]
Reign of Fire (3.33 / 3) (#74)
by frankcrist on Wed Jul 10, 2002 at 02:56:21 AM EST

When they have dragons running Seattle, then I'll be a believer.

Get your war on!
[ Parent ]
Can anyone see a balanced outcome? (4.66 / 9) (#3)
by Xeriar on Tue Jul 09, 2002 at 05:42:23 PM EST

Regarding the Microsoft vs. Linux, Common Artist vs. MPAA/RIAA, 'trusted' computing versus 'open' computing and so on.

I get the feeling that this will end up being very one-sided in the end. Either corporations lock nearly everything down, via laws, treaties and technology, or the free market chooses the other route and makes them all irrelevant.

I would like to think that ~4 years is a sufficient timetable for the latter outcome to be quite likely. It may be that I am also an optimist - we shall see.

When I'm feeling blue, I start breathing again.

Corporations (4.00 / 3) (#13)
by ucblockhead on Tue Jul 09, 2002 at 06:53:11 PM EST

You are making a very common mistake in thinking that this is a sort of "Corporations vs. the little guy" thing. It isn't, really. It is some corporations vs. some other corporations. Do you really thing that a company like Phillips Electronics gives a shit whether you pirate the latest Britney Speers? Hardly! In fact, if they can make a buck selling you a handy-dandy music ripper to do just that, they'll do it. They make money selling you stuff. Ripping off an artist cost them nothing. So in fact all the new copying, ripping, burning devices are a way for them to sell you even more stuff, making them even more money.

The only thing holding them back at all is threats of lawsuits from the media companies, and you can bet that the obstinance of the RIAA/MPAA is pissing them off.
This is k5. We're all tools - duxup
[ Parent ]

Company VS Company (5.00 / 3) (#34)
by Matrix on Tue Jul 09, 2002 at 08:22:48 PM EST

you can bet that the obstinance of the RIAA/MPAA is pissing them off.

Heh, not a chance. Lets have a look at the typical cycle here, shall we? Note that this can be applied to practically anything - games, music, movies, e-books, you name it.

  1. Company M releases some media product, P. Sheep... Err... People with money, bombarded with advertising from all of their 10,243 cable channels, (all, of course, owned by Company M) rush out to buy it. Company M makes millions.
  2. Some small percentage of the purchasers of product P use their hardware and software from Company E to make copies. These copies are distributed, presumably electronically, to people who lack the money to purchase product P. Many of these people, having sampled Product P, will then buy it when they get money if they liked it enough. Company M makes more, and Company E makes millions.
  3. Company M's executives make speaches about *cough* *cough* *scribbling on financial statements* "Losses to piracy" and the need for stricter "rights protection measures". They use this as an excuse to introduce some new rights infringement technology or over-specific peice of legislation.
  4. As in #1, above, Company M releases Product P2, with all-new DRI technology. The same group of people that bought Product P buy Product P2. Company M makes millions.
  5. A short time later, Company E releases new technology for bypassing the latest round of DRI technologies. Due to the demand for copies of Product P2, a segment of the above market purchases these devices, at vastly inflated prices. Company E makes millions.
  6. The above cycle repeats, only now Product P is "protected" by the "compromised" DRI technology. Company E's technology "drops" in price and becomes standard as this wave of DRI technology is discarded in favour of the next.

Still seeing it as company versus company? The electronics companies stand to make just as much selling "handy-dandy music rippers" that bypass DRI technology as the media companies do in selling "uncopyable" CDs to a captive audience. And with private reverse engineering illegal (thanks, DMCA and Senator Democrat-Disney!) Company M is the only one that can provide media and Company E the only one that can provide electronics. It is now big companies versus the customers they're supposedly dependant on.

"...Pulling together is the aim of despotism and tyranny. Free men pull in all kinds of directions. It's the only way to make progress."
- Lord Vetinari, pg 312 of the Truth, a Discworld novel by Terry Pratchett
[ Parent ]

Well, maybe... (4.00 / 1) (#57)
by ucblockhead on Tue Jul 09, 2002 at 11:12:50 PM EST

That's not happened yet...the Electronics manufacturers have been perfectly content to do that with record->tape->cd->mp3, etc., without bothering with anything more nefarious. I'm pretty convinced that the electronics manufacturers will be perfectly able to find other ways to keep people buying stuff.

I'm not saying that anyone's pro-consumer here. I'm just saying that corporation E has no a priori reason to do what corporation M wants. That's precisely why the media companies have to go to people like Senator Hollings in order to attempt to mandate things like DRM. Clearly if corporation E was in bed with corporation M, no one would have to force corporation E to do DRM, they'd just do it of their own accord. What is really interesting is that "corporation E" doesn't even force DRM on its customers when, as in the case with Sony, "corporation E" and "corporation M" are actually divisions of the same company!

The thing you've got to keep in mind (with regards to step 4) is that corporation M can't release a new technology without corporation E's support. Columbia Music doesn't have a clue how to create a new media format, and even if they did, no one would a Britney Speers album in it because it is corporation E that makes the players.

If any one electronics giant makes a DRM system, they risk sending customers to a competitor. Forcing customers to a new format is very hard. Sony's a perfect example of this. Betamax, anyone? Got a minidisc player? It's easier for the manufacturers just to build stuff that breaks in 3-5 years in order to keep the customers coming back.
This is k5. We're all tools - duxup
[ Parent ]

Players (5.00 / 1) (#87)
by Matrix on Wed Jul 10, 2002 at 08:43:58 AM EST

The thing you've got to keep in mind (with regards to step 4) is that corporation M can't release a new technology without corporation E's support. Columbia Music doesn't have a clue how to create a new media format, and even if they did, no one would a Britney Speers album in it because it is corporation E that makes the players.

Okay, I was glossing over that with the assumption that Company M can make players. But if Company E makes the players, then they've got even more money coming in. Why? They introduce a new round of players every few years with Company M's new DRM scheme. Starts out in niche markets, then a year after release, all the latest pop stars' music is only in this format. Why? "Not enough demand for obsolte formats."

Forcing people to a new format is easy. You just slowly make it the only thing available, and make lots of noise about how much better it sounds and how much cheaper it is, really, you're actually getting far better value! We're almost selling it at a loss! (*cough* *cough* *scribbling on financial statements*) Extend the cycle out to five or ten years, with Company E's duplication devices being available at reasonable prices only towards the end of it. Both companies now have a garunteed revenue stream.

Why's the electronics industry not playing along? Possibly because its not quite to the required monopoly stage yet. There's still a few small, independant producers. (Apex, with their extra-features DVD drives, for example) Has it occured to you what the media industry legislation (like the renamed SSSCA) will do? It won't force the electronics companies into line, it'll force the smaller ones that compete by offering extra features out of business.

The solution? Get rid of the laws that give the RIAA and MPAA insane taxes on high-quality authoring and duplication devices. (And the media necessary to use said systems) Drop the blank media taxes. Pursue vigorous antitrust action against the RIAA and MPAA. Of course, the Democritans will never endanger their revenue stream by doing this.

"...Pulling together is the aim of despotism and tyranny. Free men pull in all kinds of directions. It's the only way to make progress."
- Lord Vetinari, pg 312 of the Truth, a Discworld novel by Terry Pratchett
[ Parent ]

New Formats (4.00 / 1) (#103)
by ucblockhead on Wed Jul 10, 2002 at 11:17:22 AM EST

How's forcing people to use new formats "easy"?

Has Sony managed to force the public to use Betamax? To use Minidiscs? To use the new SACD format?
This is k5. We're all tools - duxup
[ Parent ]

Hard to buy vinyl any more... (4.00 / 2) (#144)
by sgp on Wed Jul 10, 2002 at 09:33:03 PM EST

which is kind of ironic, it's much easier to rip a CD to MP3 than it is vinyl - they've obsoleted the more secure version:)

There are 10 types of people in the world:
Those who understand binary, and those who don't.

[ Parent ]

DMCA? (3.00 / 1) (#110)
by Shpongle Spore on Wed Jul 10, 2002 at 12:22:45 PM EST

Ummm...isn't step 5 illegal under the DMCA?
I wish I was in Austin, at the Chili Parlor bar,
drinking 'Mad Dog' margaritas and not caring where you are
[ Parent ]
DMCA and Companies E and M (none / 0) (#161)
by Matrix on Thu Jul 11, 2002 at 09:49:48 AM EST

Yes, technically, I suppose it is. However, this relies on Company M persecuting Company E or the users of Company E's technology. The above scenario assumes that Company M and Company E are co-conspirators. Company M makes millions of "uncopyable" media, and then Company E makes more millions of devices to copy said media. Which, in turn, increases the market share of both companies, as some individuals who listen to the copies will decide they want to buy the next release.

Of course, anyone using Company E's devices to independantly produce and distribute media would get squished for possession of a circumvention device. Remember, this goes hand-in-hand with making everything illegal and then selectively persecuting anyone who does anything you don't like.

"...Pulling together is the aim of despotism and tyranny. Free men pull in all kinds of directions. It's the only way to make progress."
- Lord Vetinari, pg 312 of the Truth, a Discworld novel by Terry Pratchett
[ Parent ]

No Apocolypse, No Outcome (3.00 / 1) (#73)
by frankcrist on Wed Jul 10, 2002 at 02:54:49 AM EST

There will be no "Final Outcome" with regards to these subjects... it is just another manifestation of the eternal struggle -- good vs. evil; right vs. left; haves vs. have nots.  This process doesn't end, but rather flourishes, and is quite healthy.  Checks and balances.  It may seem like it is coming to a head, and these issues certainly are headed for conflict, but will there ever be an end to for-profit software/content?  or for individual effort and underground/indy media?  Chances are it will continue along a similar path for a long time: money leading the way (because it can afford to), and freedom right behind it (because it knows how).

Get your war on!
[ Parent ]
I'm not talking about the 'eternal struggle' (3.00 / 1) (#78)
by Xeriar on Wed Jul 10, 2002 at 04:09:12 AM EST

Likely it will continue in some form... Genetics and/or nanotechnology, whatever. I'm talking about -this- fight. It seems almost over to me.

The only barrier to content creation should be ones own creativity, eventually. And the only barrier to education ones own willpower or personal drive. Money should not have to enter into this.

Money will try to enter into this, sure, but it takes only one mistake to break the system. If the MPAA and RIAA are dumb enough to say 'no' to Palladium, which they just might be stupid enough to do, any further planned technology will take far too long to develop. (IBM, Intel and others were also willing to hand the media companies their balls on a silver platter with that new hard drive standard... So glad I don't have to live with that.)

When I'm feeling blue, I start breathing again.
[ Parent ]

Starvation, Creation, Eating (5.00 / 1) (#129)
by frankcrist on Wed Jul 10, 2002 at 03:26:41 PM EST

I get the feeling that this will end up being very one-sided in the end. Either corporations lock nearly everything down, via laws, treaties and technology, or the free market chooses the other route and makes them all irrelevant.

You have to admit that this paragraph sounds very polemic.  My point is:  Will Microsoft ever end?  Will Linux?  I don't think we'll see either extreme -- in this fight or any -- or if one does manifest, it won't last very long until it becomes more moderate.  Will Tom Hanks stop making movies that many people will want to see because of the industry?  Will Bob J. Nobody stop using his MiniDV and iMac to make his personal punk-rock kung fu flicks because the MPAA wants to lock down the technology?

Books -- there's a good example.  In the front of old books (60's maybe?  I don't have any on hand..) there is a paragraph in the publishers info that said something to the effect of, "This work shall not be lent or resold without the express permission of the publisher."  But how many used book stores are there today?  I think the standard software EULA's are going to find themselves going the way of the book "EULA", hopefully someday soon.  However the software publishers will still retain their other rights -- copyright, etc.

All I'm saying is that there are a lot of pieces on the board who have unclear motives towards a little piracy in (mainly) three, billion dollar industries (software, music, movies).

Get your war on!
[ Parent ]

Monitor Tapping? (4.37 / 8) (#6)
by reshippie on Tue Jul 09, 2002 at 05:55:14 PM EST

I don't know the technical feasibility, but what would prevent someone from creating a box that can record the output stream from a graphics card, and redirect it back to the hard drive, or something?

Unless all computer hardware is part of the TCPA, which I guess is what they might be gunning for, there is always the "analog hole." At some point it can be tapped, just a question of how easily.

Those who don't know me, probably shouldn't trust me. Those who do DEFINITELY shouldn't trust me. :-)

They already do that, more easily, too :(( (3.00 / 3) (#9)
by Jel on Tue Jul 09, 2002 at 06:07:21 PM EST

PGP comes with and/or can use special "fuzzy" fonts -- the outlines of which are less easy to distinguish when reconstructing the text on your monitor from the (I guess) electrical noise it generates.  I expect it's easier to reconstruct intelligible images of a GUI desktop, and, further, that it can be done from outside, without the need to gain access to your machine in order to "tap" the gfx card.  Reconstruction from recorded data would be equally straightforward, I presume.
...lend your voices only to sounds of freedom. No longer lend your strength to that which you wish to be free from. Fill your lives with love and bravery, and we shall lead a life uncommon
- Jewel, Life Uncommon
[ Parent ]
tempest (3.80 / 5) (#14)
by anon868 on Tue Jul 09, 2002 at 06:54:09 PM EST

You're talking about tempest monitoring, which allows you to re-construct what's on a monitor from some distance away, without any physical connection. I belive it can detect hard lines on the screen easier & that's how fuzzy fonts can fool it. I would doubt this would give you a very good picture for copying dvd's though. As for a device between the video card & the monitor, I would bet that one of the things that TCPA is shooting for IS security between the monitor & the video card. Of course, you could always point a camcorder at the monitor...
Open a window. No, not that one! One made from actual glass, set in an acual wall, you dork.
[ Parent ]
DMCA (3.66 / 3) (#11)
by dipierro on Tue Jul 09, 2002 at 06:36:54 PM EST

what would prevent someone from creating a box that can record the output stream from a graphics card, and redirect it back to the hard drive, or something?

The DMCA. Sure, laws aren't very effective at stopping the spread of software, but it sounds like what you're talking about would necessarily be hardware based.

[ Parent ]
It's called DVI (4.00 / 3) (#27)
by curunir on Tue Jul 09, 2002 at 07:33:01 PM EST

Lots of the new video cards have DVI connections instead of the old analog RGB connectors. In a couple of years, it will be pretty much all of them.

It's being done under the guise of being a "feature," but once it's been adopted, there will be no "analog hole" (you can actually still point a video camera at your monitor, but the quality will suffer.)

People will accept it since it does improve picture quality quite a bit and removes the need for monitors to have on-screen controls.

[ Parent ]
Nothing whatsoever wrong with DVI (4.00 / 2) (#46)
by Perianwyr on Tue Jul 09, 2002 at 08:55:26 PM EST

AFAIK, the stream encryption stuff isn't even in current DVI implementations.

[ Parent ]
HDCP was attacked in theory (4.50 / 2) (#65)
by marxmarv on Tue Jul 09, 2002 at 11:58:31 PM EST

and the attack looks strong and fairly practical. (Like, omigod, knapsack ciphers are so last year.) Read about the proposed attack here.


[ Parent ]

I don't think I understand... (4.00 / 4) (#47)
by Danse on Tue Jul 09, 2002 at 08:57:57 PM EST

So they could encrypt the signal from the card to the monitor, but that would mean that everyone needs to buy a new monitor that can decrypt the signal, right? There's no way I'm replacing the monitor that I blew 800 bucks on. How do they expect to pull something like this off?

An honest debate between Bush and Kerry
[ Parent ]
You will buy a new monitor (none / 0) (#166)
by vectro on Thu Jul 11, 2002 at 03:57:39 PM EST

sometime in the next 10 years.

“The problem with that definition is just that it's bullshit.” -- localroger
[ Parent ]
tapping monitors (none / 0) (#157)
by Garath on Thu Jul 11, 2002 at 04:04:59 AM EST

Heck, even if they encrypt the output to the monitor, wouldn't it be possible to tap the connections to the CRT that lead to the color guns? Arcane and analog, yes, but still.... Fnord, Garath

[ Parent ]
Preventative costs becoming too heavy (4.70 / 10) (#8)
by Torgos Pizza on Tue Jul 09, 2002 at 06:05:31 PM EST

This particular FUD was in heavy use in the gaming industry in the 80's. The problem was that it became too troublesome to the honest consumer with code wheels and passwords that it wasn't worth it.

Piracy exists in the gaming community today, but for the most part developers just accept it. It becomes too cost prohibitive to pay someone a salary just to come up with a scheme that will be broken a few days after release. Instead, the community at large started to promote the "if you like it, support the developer by buying it" philosophy.

Before Napster tanked, the music community started to adopt this same philosophy. The MPAA and RIAA should cut their losses and adopt a similar position.

I intend to live forever, or die trying.

Empire II (4.00 / 2) (#29)
by Ressev on Tue Jul 09, 2002 at 08:01:52 PM EST

If I recall the name of the game correctly, required you to look up a word from the manual according to the page and paragraph whenever you started it. But the was the 80's.

Now, we have the major game companies like MS employing c-dilla in their games in an effort to "stop pirating". I do not think they have really given up on the whole notion of copy protection.

Also, there are enough people who simply don't care and will jump through the hoops to aquire the end product - their favorite movie in the newest and best format if they can afford it. There are not enough people, at this point, who care or think about where things are going. They will take some notice and be very annoyed when the newer DVDs come out and won't play on their computers or home equipment. The home equipment may seem like an issue but how many people have more than one gaming console? They will purchase the new equipment needed to watch their new movies.
Nobody should pirate someone elses work - even if they think they are protesting.
"Even a wise man can learn from a fool."
"There is something fascinating about science. One gets such wholesale returns of conjecture out of such a trifling investment of fact." - Mark Twain
[ Parent ]

Copy Protection (2.75 / 4) (#45)
by Danse on Tue Jul 09, 2002 at 08:55:03 PM EST

There are all sorts of tools out there for cracking copy protections, but it is something of an arcane art now. There are all sorts of things to consider. What CD burner you have, which flavor of protection a disc uses, whether or not a certain version of a certain tool will work for a specific game, etc. It's a lot of hassle. I think it's at the point now where the only people that really bother are the ones that either don't have the money for the game in the first place, or refuse to buy it even if they do have the money. So really, the game industry isn't losing much money. The only places they are really losing money are in asia where I can go pick up a copy of GTAIII for 5 bucks at the mall. I went to the Philippines a while back and went to a mall there. I walked out with 5 new PC games for less than 20 bucks. When it's that cheap and easy, then you have a problem. When it's a pain in the ass like it is for most people, then there is no problem.

An honest debate between Bush and Kerry
[ Parent ]
Pain in the ass? (3.25 / 4) (#49)
by ShadowNode on Tue Jul 09, 2002 at 09:15:34 PM EST

Burn game. Download pre-cracked binaries. Play game.

Too much for grandma, maybe, but how many grandmas are playing WarCraft 3?

[ Parent ]
Current types of copy protection (4.50 / 6) (#54)
by cgenman on Tue Jul 09, 2002 at 10:40:00 PM EST

Actually, they seem to have learned their lesson quite well.

The lesson was that copy protection schemes need to involve the consumer as little as possible or else they affect sales negatively.  Most modern copy-protection schemes involve the user as little as possible.  Ever wonder what that little registry was designed to do?  Yes, in fact it was designed to make sure your programs wouldn't function properly anymore... at least not if it thought anything shadowy was going on.  Plus basically all games require the original CD to run, most have some sort of corrupted or interestingly formatted sector that requires special programs to copy, you need to enter the passcode to install...  There are a ton of things that are done to prevent people from copying games.  Ever tried logging on to a server with a modified copy of a game?  Ever been kicked off because you "updated" a game to a version that recognized your regcode as loose in the wild?

The difference is that the copy protection these days is relatively transparent... An aim similar to what palladium is trying to achieve.  The difference, of course, is that these are not games or programs that Palladium is trying to regulate, but access to files.  That's a much more worrysome beast, but the reasons behind that will be (I'm sure) covered in great detail by other avid posters.
- This Sig is a mnemonic device designed to allow you to recognize this author in the future. This is only a device.
[ Parent ]

Sony (4.63 / 11) (#12)
by ucblockhead on Tue Jul 09, 2002 at 06:41:50 PM EST

It is important to note that while Sony does indeed have feet on both sides of the stream in this particular battle, it grew out of the electronics side of things. It's still more of a hardware company than a media company. The ultimate owners all cut their teeth on hardware, and bought the media companies to sell hardware. Of course, the media companies were all companies before being bought, and were left largely independent, which is why the company can act so schizophrenic some times. The guys in Sony Electronics and the guys in Sony Music have little contact with each other.

But however much money "Spider-man" made, it's still Sony Electronics that brings the largest and most reliable profits to the company. So I'd expect that in any war between wanting to make money selling customers awesome media ripping machines and wanting to protect media properties, it will be the hardware guys that will win.

In that sense, it is a bit odd using Sony as the example here...it is the only one of the media companies that does have a foot on both sides.

caveat: I work for Sony, though I do not speak for them.
This is k5. We're all tools - duxup

Makes sense to me... (3.50 / 2) (#43)
by Danse on Tue Jul 09, 2002 at 08:45:57 PM EST

As much as they whine and complain, the media division of Sony is still making money hand over fist. The electronics division is too. Given that situation, is the specter of file-sharing really enough to scare them into shooting the electronics division in the head? I can't see them making that decision, at least not at this point. It would have to get a whole lot worse for them I think. I don't see any electronics companies doing something crazy like this unless the media companies manage to get legislation passed forcing all electronics companies to incorporate copy restrictions. If that happens, then there will be problems.

An honest debate between Bush and Kerry
[ Parent ]
Sony is really the point. (3.00 / 1) (#62)
by static on Tue Jul 09, 2002 at 11:44:01 PM EST

Because as the authot states, Microsoft is most afraid of Sony. Sony Electronics have said in public that they don't trust Microsoft. Palladium and TCPA are a wierd kind of Sony vs Microsoft war with us consumers and users the dumb bunnies in the middle.


[ Parent ]

Sony's not the only crossover company (4.00 / 1) (#97)
by Ricdude on Wed Jul 10, 2002 at 10:39:35 AM EST

Now that AOL/Time/Warner is under one roof, you have the Media Conglomerate (Time/Warner) combined with a tech company (AOL).  Interesting that AOL is the company funding Winamp development, yet the Time/Warner side is so opposed to Mp3s.  Sony is in the same boat:  Mp3s are bad (for our media company).  But Mp3 players are good (for the electronics company).  I wouldn't be surprised if Vivendi/Universal, BMG, and EMI didn't have at least a foot in hardware somewhere in their mega-conglomerate holdings.  

[ Parent ]
Original content? (4.87 / 16) (#15)
by dennis on Tue Jul 09, 2002 at 06:54:27 PM EST

You seem to know what you're talking about, so perhaps you can answer this question: what happens when I burn my own, original DVD video on a Mac and try to play it on a Palladium PC?

not sure actually (4.60 / 10) (#23)
by adamba on Tue Jul 09, 2002 at 07:13:52 PM EST

I'm not an expert on DVD playback per se. The issue is what exactly your Mac writes on the DVD, how much it looks like a commercial CD. Does it put the Macrovision bits on? In any case, the DVD should play back fine on a Palladium PC since that is the goal, to play back DVDs. Then real question is, will Palladium protect your bits the way it protects commercial bits. That I don't know.

- adam

[ Parent ]

Consumer DVD drives will not write such keyblocks (4.33 / 6) (#44)
by Perianwyr on Tue Jul 09, 2002 at 08:52:43 PM EST

To do that, you'd need a "DVD-Authoring" drive and disks. These disks have the capacity to get CSS keyblocks written to them. What's sold in stores (both disks and drives) is called "DVD-General", which lacks that capability.

So, when you write your own DVDs, they don't have any CSS data on them.

[ Parent ]

Consumer blanks won't either. (3.66 / 3) (#61)
by static on Tue Jul 09, 2002 at 11:40:30 PM EST

The distinction between a "DVD-Authoring" and a "DVD-General" drive is illuminating. It also explains why common DVD-R blanks have a label saying they won't work in an Authoring drive! I originally thought it was a size issue, but the key issue makes more sense.


[ Parent ]

Another question (3.50 / 2) (#141)
by sgp on Wed Jul 10, 2002 at 08:57:39 PM EST

Since I don't even own a DVD player, let alone a burner, this may be a stupid question, but...

Q1: Presumably a consumer-level DVD burner cannot accurately copy a Hollywood DVD, since it cannot copy the CSS?

Q2: Presumably I can set up a company called "SGP Films" and distribute my movies on encrypted DVDs - surely this ability isn't limited to Hollywood. In that case, I must have a "full" burner, and the information required to create the CSS encoding.

Now I have both the kit and the information, what is to stop me creating properly-signed (maybe as "SGP Films", not as "Sony") copies of Hollywood movies?

Of course, these would be fully-signed (my own signed movies would play on a PS2, Palladium, etc), so they would authenticate properly, and be playable on any PS2, Palladium machine, Xbox, etc.

There are 10 types of people in the world:
Those who understand binary, and those who don't.

[ Parent ]

This can never be made available (5.00 / 2) (#148)
by Sloppy on Wed Jul 10, 2002 at 11:46:08 PM EST

Equipment and media that allows Joe Schmoe to create his own CSS-protected DVDs, can never be made available. It's not prohibited by law, but by (justifiable) fear.

IF a non-consortium-member were able to produce a CSS-protected DVD without signing any contracts, then they would be able to sue all DVD player manufacturers (e.g. Sony) under the DMCA, for trafficking in devices that circumvent without the copyright holder's authorization.

I would love to see that. DVDCCA would not. Therefore they must prevent it. You're not going to make a CSS-protected DVD.
"RSA, 2048, seeks sexy young entropic lover, for several clock cycles of prime passion..."
[ Parent ]

There is (and always will be) a choice. (4.43 / 16) (#18)
by quasipalm on Tue Jul 09, 2002 at 06:59:52 PM EST

There will always be resistance to -- and competition against -- these new copy-restriction schemes. But, from your insider account, it sounds as if these companies arrogantly assume public compliance with any future product they can dream up. Frankly, the day Microsoft decides to ship operating systems with copy-restrictions is the day I'll finally take the time to get Linux running on my system. Likewise, the day Sony decides to ship all new CD's with schemes to prevent me from playing them on my computer is the day I will never buy a Sony CD again.

What these companies seem to have forgotten is that they aren't in competition with their customers. To make your customers annoyed and angry with you is to fuck your own company's future. It'll be interesting to see if they go bankrupt before realizing this.

M$ (3.00 / 1) (#30)
by salsaman on Tue Jul 09, 2002 at 08:08:29 PM EST

Frankly, the day Microsoft decides to ship operating systems with copy-restrictions is the day I'll finally take the time to get Linux running on my system.

How do you know they AREN'T ALREADY ? Have you seen the source code to Win XP ?

[ Parent ]

XP (3.57 / 7) (#39)
by xerxes on Tue Jul 09, 2002 at 08:35:34 PM EST

The original poster probably feels that XP (or whatever he is using) doesn't have copy-restrictions because he can currently rip, burn, trade, play and copy all the media he wants or cares about.

Seeing the source code is irrelevant to the average user if the user can do what he wants. I would guess that it is becuase he can do what he wants, easily, that he hasn't bothered to invest the time in climbing the Linux learning curve.

[ Parent ]

Well (4.00 / 2) (#95)
by TunkeyMicket on Wed Jul 10, 2002 at 10:05:48 AM EST

Why take the time to climb the Linux learning curve if you don't have to nor need too. If he's more efficient using Windows, let him use Windows. I'm more efficient in 2k pro than I am in Red Hat or Mandrake. Granted I don't put much stock in Linux as a desktop OS. I prefer using *BSD's anyways, as they make great server OS's. The key to picking and using an OS is what are you most comfortable with and what OS allows you to be the most efficient.

I could build my own car from scratch, but why do it when it is easier and more efficient for me to buy one?
Chris "TunkeyMicket" Watford
[ Parent ]
When... (5.00 / 1) (#173)
by puppet10 on Fri Jul 19, 2002 at 05:13:24 PM EST

I could build my own car from scratch, but why do it when it is easier and more efficient for me to buy one?
Maybe when they start installing speed governors to prevent you from going over 55mph?

[ Parent ]
The final straw.... (4.33 / 3) (#81)
by ShiteNick on Wed Jul 10, 2002 at 05:49:46 AM EST

You're probably right ....

Windows XP is already reaching the point where the mass of pirates will have to shift gears and move to lower cost alternatives such as Linux.

Copying an old W2K CD was easy. No hacks to the OS were needed. You could buy a perfectly complete copy of W2k from your local pirate and run it without fear of getting caught.
And then you get XP. With all it's registration issues. So the pirates now carry modified versions of XP that don't need the activation.

However, it also means that most pirates do not carry complete unmodified versions of XP.

I'm assuming that a TCPA OS will have all kinds of valid reasons to talk back to MS or VeriSign (which I have never trusted or liked). This in itself would mean that your IP address and all kinds of usefull information would leak back to MS/VeriSign etc. This in itself is sufficient reason to move to Linux.

So I wonder what MS will do about this? On the one hand write loads of copy protection into the OS and then leave in a few backdoors? A very very large number of software developers learn and train in south east asian countries. They usually start with pirated copies (full versions being unaffordable) and then later in life may choose to move towards paid versions...

Still not having an easily piratable os will mean that most of the new developers will start out with Linux ...

[ Parent ]

Heh (4.85 / 28) (#28)
by trhurler on Tue Jul 09, 2002 at 07:36:59 PM EST

You have too much faith in trusted clients. They're inherently an unsolvable problem. Any client you can make, someone can hack. Why? Because of keys and hardware.

Keys have to be stored. Any place a key is stored - that is a weakness. Clients need certain kinds of keys. These can be replaced once their location is known - often in ways a software man wouldn't necessarily think of. For instance, you put it in that IC? Sure, replacing that IC is hard. Cutting traces to give a key of all zeros, on the other hand - that's easy. Or to give some other pattern, quite possibly. Hardware that can be modified means security that can be modified. You put in tamper proofing, I remove it. You put in devices that self destruct if opened, I simply avoid them, fake their input and/or output, or replace them. You store keys in some goofy thin film tamper resistant device, I extract them via power, thermal, or timing analysis.

Sure, you can make all that illegal. Here, anyway. Will that matter? No, because the real piracy industry is already in southeast Asia, and they can afford to spend nearly any sum of money needed to crack new formats, break new hardware, and sell the cracks right along with the copies.

Don't worry though. A simple fact will prevent this from becoming a real problem. Palladium is intrusive. Businesses won't buy it to replace PCs. Therefore, PCs as we know them will continue. Sure, maybe they won't play the new media - without special hacks. Similarly, you can't get digital outs on a playstation's dvd - unless, of course, you just do a bit of soldering...

And of course, the key and watermark schemes are all weak. CSS isn't weak just because the algorithm sucks. If it were strong, we'd still have cracked it by now - because the keys have to exist in vulnerable places. Watermarking is useless, and doesn't prevent digital copying and the creation of software that will just ignore the watermark. Nothing will work, when the opposition is dedicated - and in this case, the opposition is dedicated. Sure, granny will have to follow the rules - but hey, she has to do so anyway, because she can't even work her VCR. The rest of us don't have to do a god damned thing.

'God dammit, your posts make me hard.' --LilDebbie

Clearly, you've not read the specification. (4.50 / 8) (#50)
by ipoverscsi on Tue Jul 09, 2002 at 09:44:43 PM EST

The specification states that all trust in the system comes from the Trusted Platform Module (TPM). The TPM uses 2048-bit keys for encryption and signing. Unless the TPM has signed off on the hardware/software you've got on the system the security level of the system is reduced, effectively making the system totally unusuable.

The private key for the TPM is stored in a tamper-proof area directly on the chip and cannot be extracted by any input command (unless somebody really hoses the design, in which case it likely would not receive certification). In addition, the TPM has another key (also in the tamper-proof area) that means it has been certified by a TPM Certification Authority. Unless you can extract both of these keys you're not going to be able to fake it. If you damage the chip to extract the data (thermal/static/or other means) the chip erases itself and all the info is gone.

Also note that the TMP Certification Authority can have their key signed by the TPM and kept at their site for their records. The specification allows for people/code to verify the TPM before trusting it. If the TPM CA does not have the signed key on file, the TPM is considered invalid and the verifying entity will not engage in communications with it.

See this document for the full details.

It's only 33 pages long but it contains a good deal of information on how the system works.

[ Parent ]
TPM signing off (4.50 / 4) (#51)
by localroger on Tue Jul 09, 2002 at 09:54:11 PM EST

How does the TPM sign off? It seems like a signal needs to emerge from it, where it can be sampled and perchance emulated, in order to do this.

I assume it's another layer of public-key encryption (it would be just TOO easy if it were, say, a TTL line that goes high to say "OK to copy" :-) but that means at some point the key from the TPM must be hashed and compared with a key stored in the player, or hashed against the content to decrypt it. In either case a key is available in a place that isn't the TPM which can be used to reconstruct the content.

Now that key might be different for every piece of content, but all it takes is one hacker who's automated the process of extracting it and posting unencrypted copies on the Internet to hose the entire scheme.

I can haz blog!
[ Parent ]

Re: TPM signing off (5.00 / 6) (#53)
by ipoverscsi on Tue Jul 09, 2002 at 10:37:10 PM EST

All of the encryption, signing and hashing takes place within the TPM.  None of the intermediate values are visible outside the unit.  In addition, nonces (random values salting the transaction) are used to prevent replay attacks.

Usually what happens is that code that needs to be verified has already been signed by the supplier, who in turns has been certified "Plays well with others" by an "independent" entity.  For example, the BIOS would have a signature (a hash value encrypted by the private key of the manufacturer) stored somewhere in the BIOS.  This signature has in turn been signed by the Certification Authroty.  When the BIOS gets executed by the CPU, part of its routuine is to load into the TPM the public key of the BIOS manufacturer (either retrieved from the Internet or from within the BIOS itself) and the encrypted hash value.  The TPM is then instructed to decrypt the hash and the resulting unecrypted hash is stored in the TPM log somewhere in memory.  That is it.  All that happens is some value (in TCPA parlance, a "metric") is stored for later examination.  If the BIOS supports Secure Boot, the BIOS may also computes a hash on itself and compares it with the one in memory.  If hashes match the computer boots; otherwise it locks up.

Lets say you want to replace the BIOS with something of your own design that allows you to 'hack the system'.  You can even sign it with your own key, and the computer boots without a problem.  It's just that the BIOS metric is either missing or different.

Now you want to try to use Developer Studio to try and hack the keys out of the Minority Report movie that you just downloaded from Dreamworks SKG.  If the OS determines that the BIOS aren't safe (by checking the hash in the TPM log, and maybe even checking that with the signed hash stored by the CA mentioned earlier), it might not allow you to load Developer Studio.  It might not even load the DVD player.  Hell, the OS might not load at all.

So you (magically) copy the code onto a non-TCPA machine, which is very unlikely since the OS knows that security has been reduced (invalid BIOS) and disables copying.  Alas! the movie has been encrypted by a 2048-bit key that has been signed or encrypted by the TPM.  So you now have to crack not only the key from the movie but the key from the TPM as well.  That TPM signing key may even have been uniquely generated by the TPM when you downloaded movie.

It may still sound like there is a potential point of failure, but there really isn't.  Each time control is passed from one system to another (TPM to BIOS to Boot Loader to OS Loader to OS) a metric is stored in the TPM to records the signature of each component.  The entity that wants to establish communications with your system (i.e. Dreamworks) can verify that list of metrics before talking to you.  So if you're not running a certified version of Windows,  booted with a certified boot-loader and a certified BIOS, they won't even send you a copy of the movie (which you presumably would have paid for).  And if the only people who have copies of the movie are those using Trusted versions of Windows, all they've got is a doubly-encrypted version of the movie.


[ Parent ]

Well..maybe one weakness... (4.83 / 6) (#56)
by ipoverscsi on Tue Jul 09, 2002 at 11:07:56 PM EST

When I said there were no points of failure, I meant technologically. There are still other points that can exist in any software system.

  1. Security and Software Developers: All security eventually comes down to how well the developers implement it. For example, Rainbow Technoliges offers a hardware dongle for licence enforcement. But license enforcement does not happen automagically. The developer must sprinkle the code liberally with CRC checks, timer-based checks, key checks and key value checks to ensure the code hasn't been modified and that the correct key is attached. If the developer does a simple check at the beginning of the program the security can easily be defeated with a simple hex editor. Developers are inherently lazy (a good thing!), so the level of security is likely to be low.
  2. Certification: Certification by nature takes lots of time while the code is examined and verified for correctness. The time it takes for certification is likely too long for most companies whose revenue streams are dependent on quick software releases. This will likely lead to de facto certifications (Microsoft anyone?) and accelerated certifications. The unchecked bugs in such certified software would be ripe for the plucking by talented individuals.
  3. Permissions: The premissions system would necessarily become more complicated with the introduction of Palladium. Here are just a few examples of the various permissions affecting copying:
    • No cut & paste
    • Paste only
    • Can only copy once onto any target machine
    • Can only copy onto a machine with the same owner
    • Can make as many copies as you like as long as they're on the same machine
    • Can only print one copy
    • Can't print at all
    The myriad permissions can become quite confusing and could potentially lead to lapses in security; another weakness to exploit.
As with any system the weakness will be the human one. The technology, if used as planned, will be hard to beat, but human error and greed will likely leave the door cracked for some time to come.

[ Parent ]
Impressive, but here is the weak point (4.85 / 7) (#58)
by localroger on Tue Jul 09, 2002 at 11:12:55 PM EST

If the BIOS supports Secure Boot, the BIOS may also computes a hash on itself and compares it with the one in memory. If hashes match the computer boots; otherwise it locks up.

OK, what locks the computer up? What calculates the hash? Obviously it can't be the BIOS itself. This must be some kind of function hardcoded into the CPU microcode. What is to stop someone from emulating the CPU on another platform, TPM communications and all, but ignoring the BIOS validation or perhaps supplying a false hash to the TPM? Or even playing it straight? At some point the bits have to be decoded. This cannot happen in the TPM since they have to appear on a monitor and at a sound card somewhere. If that silicon isn't subject to the strict controls of the TPM, then all the hacker has to do is fool the TPM into thinking it is communicating with a real Octium or whatever and all those unencrypted bits will show up somewhere to be siphoned off.

This is not as much work as it sounds like. For copying purposes emulation doesn't have to work in real time, and emulation has reached an advanced stage thanks to classic video gamers. With the usual increases in computer power and enough dedicated people attacking the system, I can't see how it would last more than a few years.

Or is the TPM part of the CPU itself? That would pretty much force you back to the analog hole...

I can haz blog!
[ Parent ]

Let's hack the system... (5.00 / 2) (#117)
by ipoverscsi on Wed Jul 10, 2002 at 12:59:30 PM EST

The biggest problem in understanding the TPM is that the TPM does not enforce trust, it merely acts as a repository for a list of the hardware and software you have on the machine and signs that list to say "Yes, this is the actual system configuration". Other entities (software, computers, people) request this list from the TPM before engaging in any transactions to see if the system configuration is trustworthy. The entries in that list can even be checked with a public list of known software/hardware.

Just for kicks, lets try to subvert the system. For this section the word "System" (note the upper-case 'S') means a computer with a running Operating System and a functioning TPM.

  1. Load a custom driver for a man-in-the-middle attack. If the driver isn't signed, the OS drops the security level of the System. The subsystems that use the TPM for decrypting keys no longer function properly because the System's security level has changed. If you sign the driver that signature can be checked with a public registry of known good drivers. Since yours likely isn't on that list, the System lowers the security level.
  2. Change out the CPU. You can bet that the TCPA system will require serial numbers or a manufacturer's signature in the CPU. If the custom CPU doesn't have one or is different from the one present before, the System detects the change and lowers the security.
  3. Place a device on the bus to monitor the TPM. The BIOS will detect the new device and change the configuration log in the TPM. The System again detects the change and lowers the security level. If you change the BIOS to hide the device the System detects the BIOS change and lowers the security level.
  4. Hook wires to the motherboard traces and monitor the TPM's actions. Good luck on that one. You'd have to monitor more than 200 lines. Plus, adding wires changes the electrical behavior of the system likely rendering it quite unstable. In most cases all you'd end up with are hash values that you already know (the TPM is merely verifying the signatures). The TPM is designed to eliminate the need of having an unecrypted keys outside of the TPM.
  5. Write a program to scrape the unecrypted bits out of memory. Again, your program isn't signed or is signed with an unknown key.
  6. Use custom memory chips. There's already a chip on the memory modules that is used by the motherboard chipset to identify the type and timing setting required by that module. Care to guess what else is in there?
  7. Use an In-Curcuit Emulator (ICE). To use the ICE you have to boot from another disk other than that containing the OS, a fact recorded by the BIOS when it boots off a floppy. When the ICE loads the OS, the OS then checks the TPM's configuration log and sees it wasn't booted from the hard drive and lowers the security level.
  8. Remove the TPM. The Operating System can't find a valid TPM and lower's the security level.
  9. Emulate the TPM. The TPM is certified by a third party (i.e. the TPM's signature is signed by someone who verified that signature) and an endorsement key is stored in the TPM by the certifier. If you try to emulate the TPM without having both the TPM's private key AND the endorsement key, the System detects the changes and lowers the security level. Even if you do have the two keys, emulating the TPM is the same thing as having the TPM so there's no hack value. Remember the TPM does not enforce trust -- it only guarantees that the list of hardware and software loaded on the System hasn't been altered since it was created.
The only thing that is left is the analog hole -- record the signals coming out of the VGA port and the sound card.

[ Parent ]
Feh (3.50 / 2) (#121)
by trhurler on Wed Jul 10, 2002 at 02:18:43 PM EST

You're trusting the OS to be bug free. We're talking about Windows here, buddy. Get real. On Windows systems, overwriting parts of the OS memory image without the OS knowing is trivial. The system just LOST.

'God dammit, your posts make me hard.' --LilDebbie

[ Parent ]
Where the guards stop watching the guards (5.00 / 3) (#142)
by localroger on Wed Jul 10, 2002 at 09:18:14 PM EST

Change out the CPU. You can bet that the TCPA system will require serial numbers or a manufacturer's signature in the CPU. If the custom CPU doesn't have one or is different from the one present before, the System detects the change and lowers the security.

Compared to the other statements about the System, this is extremely and interestingly vague. So the CPU has a way to report its identity; I seriously doubt this will be hashed or hidden. It can be emulated, not with a custom CPU (expensive), but with another computer -- even a TPM-equipped computer running Linux, which doesn't know what that user app with the hardware card is really doing -- with wires running to the CPU socket of the victim computer. This would require serious underclocking of the victim but it's been done before in other contexts. Is the TPM really so paranoid that it will recognize that a CPU which reports the same serial number and runs all the same instructions isn't really the same CPU?

I don't believe it.

If the system really is this paranoid it will lock up irrecoverably every second Tuesday for no discernable reason at all, making the Win95 BSOD look like a charming friend from the past by comparison, as the BSOD doesn't require you to pack up the computer and send it off to the manufacturer for reformatting.

I will believe that the TPM will be difficult to break -- and I also believe someone will break it, probably within a year or two of its introduction. It's like the efforts by the US Army Corps of Engineers to keep the Mississippi River flowing in its current channel; it can be done for awhile, but all it takes is one flood to take out the Old River Control Structure and the river's going through downtown Morgan City, and there's nothing human beings can do to change that.

More likely the TPM will be compromised in the same way CSS was, by improperly written DRM software, but even if it isn't the life of the system is inherently limited.

Remember CD's were originally supposed to be "uncopyable" due to the expense of the equipment needed to reproduce them. Amazing how these companies can't seem to learn from the past.

I can haz blog!
[ Parent ]

I've got another idea ... (4.00 / 1) (#149)
by pyramid termite on Wed Jul 10, 2002 at 11:48:56 PM EST

... even if "enemy code" to crack this System might be hard to write, I don't think it would be that hard for a virus to be written that would break the System and make the highest security level unusable - open the wrong file and certain things get written in the OS that would make it impossible to play DVDs or whatever anymore. Yes, decrypting the information to copy it would be a major task. I'm afraid screwing up the System so it can't read the information might be pretty easy. Wanna bet someone tries it?
On the Internet, anyone can accuse you of being a dog.
[ Parent ]
Exploit (none / 0) (#162)
by Matrix on Thu Jul 11, 2002 at 10:07:03 AM EST

From what others have said, this sort of exploit (dropping the system security level) would be trivial. Unsigned drivers lower the security level? Well, there's got to be an API for driver installation. Just get your virus to drop in a custom mouse driver or something. Or if that won't work, I'm sure that any of the dozen other ways to get the system to drop the security level will be software-exploitable.

"...Pulling together is the aim of despotism and tyranny. Free men pull in all kinds of directions. It's the only way to make progress."
- Lord Vetinari, pg 312 of the Truth, a Discworld novel by Terry Pratchett
[ Parent ]

Heh (3.00 / 1) (#120)
by trhurler on Wed Jul 10, 2002 at 02:12:39 PM EST

Unless the TPM has signed off on the hardware/software you've got on the system the security level of the system is reduced, effectively making the system totally unusuable.
For some purposes, yes. Not for all.
The private key for the TPM is stored in a tamper-proof area directly on the chip and cannot be extracted by any input command (unless somebody really hoses the design, in which case it likely would not receive certification). In addition, the TPM has another key (also in the tamper-proof area) that means it has been certified by a TPM Certification Authority. Unless you can extract both of these keys you're not going to be able to fake it. If you damage the chip to extract the data (thermal/static/or other means) the chip erases itself and all the info is gone.
I read the PDF. It is uninspiring, because I know things you don't.

First of all, yes, obviously they're not going to provide a "give me the keys" command. That's irrelevant.

Second, there is no such thing as tamper proof. You need to quit buying marketing bullshit. Tamper resistance may be arbitrarily expensive to overcome, but it can always be done.

Third, the self-destruct mechanisms are always dodgy in these things. However, damaging the chip is likely to be unnecessary. You need to do research on power, timing, and thermal analysis, all of which are passive in nature.

Fourth, certificate authority schemes are inherently vulnerable. A CA is like a bank, except that all the money in the world is in that one bank, and there's no FDIC. If the tamper resistance on the chips is really good, and the designs are uniformly strong against analysis(good luck; the military doesn't have stuff that is, and the same companies sell to them as to you or me,) then quite possibly the cheapest attack would be to physically or electronically attack the CA. Doing this without being detected is quite expensive, but possible.

Fifth, the economic argument that you could make this "too hard" to break is absurd. If this is deployed, then everyone will come to rely on it. As soon as that happens, it IS worth it to break the scheme, regardless of the cost of doing so. Breaking it without getting caught makes you a god. This is why CA schemes are doomed to fail; economically, they lack viability.

You might want to read Bruce Schneier's essays on this subject. He's rather unkind to people who think mathematics can secure the real world, because he has learned the falsehood of that notion in very publicly humiliating ways. He knows how to do this stuff "right" better than almost anyone on the planet, and he's not preaching the gospel.

'God dammit, your posts make me hard.' --LilDebbie

[ Parent ]
Nah. (none / 0) (#156)
by i on Thu Jul 11, 2002 at 03:48:52 AM EST

S'pose you broke one TPM and extracted one key. How much did you spend on this, and how much are you planning to gain?

If you're going to attack a (not "the" by the way) CA electronically, good luck. Physically? Gimme a break. It is theoretically possible to physically attack Fort Knox. How many would dare to?

People behind TCPA might be evil, but they are not quite such idiots you want make us believe they are.

Does Bruse Schneier have to say anything about TCPA/Palladium specifically? I didn't find anything on Counterpane, but then maybe I don't know where to look.

and we have a contradicton according to our assumptions and the factor theorem

[ Parent ]

Not yet (none / 0) (#163)
by trhurler on Thu Jul 11, 2002 at 12:55:12 PM EST

I expect he'll comment in his next newsletter, but Palladium is just another PKI scheme, and he's written quite a bit about those.

In any case, if I attacked one TPM, I'd be extracting two keys. The unit has a key, and there's a key for the CA in there too. And as for multiple CAs, yeah, there might be a couple, but not more(at least, not for long,) because that's a business that has strong incentives towards monopoly. (As it happens, all businesses that sell trust follow that pattern, which is why banking consolidation proceeds despite massive popular opposition.)

A CA will not be defended as well as Fort Knox. It is unrealistic to expect security to be tighter than it is at a bank that specializes in large accounts. Those get attacked successfully more often than they'll ever let you read in the papers. And remember, the CA has the same incentive as the bank to keep things quiet. Give them half a chance to let you escape quietly, and they'll probably do it, then quickly try to change over all their customers to new keying while using lawyers and whatever insurance they can scrounge to deal with the occasional irate customer and/or his lawsuit threats. Costly? Yes, but not as costly as going out of business, which is what happens to trust businesses that lose the trust of their customers.

Finally, you have entirely too much faith in the security of computer networks. Most large companies use tons of commercial firewall products and so on, all of which are known to have holes, and don't bother patching them. They use Windows, and even if they do patch it, they have so many systems that they can't keep track. They have incompetent admins(and a few overwhelmed good ones.) They have RedHat installations that haven't been hardened. They have stock commercial unix installs from five years ago. Any idiot with a set of root kits can attack them; the trick is not getting caught. Anyone talented who's done this before can probably pull that off too, with a bit of luck. And remember, even if a hundred fail and go to prison, the one who succeeds owns your ass, and you don't even know it. While it may not be legally true, in point of fact, he's now a rich man.

'God dammit, your posts make me hard.' --LilDebbie

[ Parent ]
However (4.66 / 3) (#89)
by vicchi on Wed Jul 10, 2002 at 09:04:24 AM EST

All valid points, however ...

Businesses won't buy it to replace PCs.

If Palladium was the only reason for a business to upgrade then I could agree wholeheartedly with this. But it's not just that single point; you can virtually guarantee that these businesses will want to continue to run Windows applications and may well end up being forced down this route regardless of their concerns over the integrity of their corporate data.

It's almost taken as given that a new version of Windows will be required in order to run Palladium and the OEMs will be pressured into pushing this and its associated hardware onto the customer.

Windows has such inertia behind it that this makes it almost inevitable.

If this makes me a fatalist then maybe (shrugs). Personally I hope that this whole scheme dies a quick and hopefully painful death. Yes, there's an outcry against it from the informed side of the population but the uninformed side will in all likelyhood sign up as requested, lemming style.

More publicity needed methinks.

There are two major products that came out of Berkeley; LSD and UNIX. We don't believe this to be a coincidence.
[ Parent ]

Cost (4.00 / 1) (#151)
by Ressev on Thu Jul 11, 2002 at 12:15:54 AM EST

Unless they sell it cheaply, there may still be plenty of companies that see the usefullness of not being locked into the "update the MS OS cycle". In which case, they would have to move to other platforms. As for software... being an issue: if a company can get copies of a spreadsheet that acts the same or better as Excel or of a word processor that acts like or better than Word then they will go for the cheaper platform - unless the learning curve for the new software cost heavily in productivity.

However, if the GUI is unmanageble and the OS is reported as being insecure while Paladium is announced as being very secure and an excellent way to improve on-line transaction reliability; then you bet companies will buy it. Also, as long as the majority of IT personel are MSers are unfamiliar with other platforms, then you bet they will do their best to discourage any executive decisions to switch platforms away from MS. After all, they don't want to be replaced because they don't know the new platform.
"Even a wise man can learn from a fool."
"There is something fascinating about science. One gets such wholesale returns of conjecture out of such a trifling investment of fact." - Mark Twain
[ Parent ]

Cost Doesn't Seem To Be An Option (none / 0) (#154)
by vicchi on Thu Jul 11, 2002 at 02:56:10 AM EST

Likewise, resilience, reliability or ease of use.

if a company can get copies of a spreadsheet that acts the same or better as Excel or of a word processor that acts like or better than Word then they will go for the cheaper platform

In an ideal world I'd agree; I run a variety of Open Source OS's which prop up my domain and I don't even need one finger let alone one hand to count the number of outages I've had.

Compare and contrast that against the system I'm composing this on at work (sshh, don't tell anyone). It's a Win2K box, hooked into a Win2K domain with Outlook as the MUA. At least once a day I suffer some form of outage, either on the network or on my box. Now multiply that by the number of desktops in this office alone, and that's not even counting servers ...

The company knows the Linux and the *BSD's are cheaper and more resilient but the only concession to these platforms is the running of the corporate DNS and that's only because this system derived from our development DNS, which runs, of course, on an Open Source *NIX platform.

But I don't foresee any major paradigm shift for the corporate network, even though a trial machine was put together running a customised KDE desktop, and offering either KOffice, OpenOffice or StarOffice and demonstrated to the high and mighty, and I might add, at a fundamental level they approved and were quite impressed. The result? No change whatsoever, unless you count the fact that the company standardised on Win2K rather than NT.

The inertia just isn't there and the bean counters don't trust what they don't know and don't understand.

One just has to hope that the Palladium initiative shoots itself in the foot; which is quite likely given the participants previous track record.

There are two major products that came out of Berkeley; LSD and UNIX. We don't believe this to be a coincidence.
[ Parent ]

All to true now that I think about it. (none / 0) (#167)
by Ressev on Fri Jul 12, 2002 at 12:08:55 AM EST

It is similar to my company - we have counter-intuitive policies and procedures: Percentage limits on how much of a raise you may get a year or from internal transfering. The idea is keep people from transfering for the sake of getting more pay which means people have diminushed interest in remaining at the comany when they can get paid more if they were a new hire.

Likewise, between corp IT and the accounting gods, anything other than a Windows system will be snuffed. You're right: I am silly to think they think sensibly or ahead.
"Even a wise man can learn from a fool."
"There is something fascinating about science. One gets such wholesale returns of conjecture out of such a trifling investment of fact." - Mark Twain
[ Parent ]

Non Techies make corporate purchasing decisions (none / 0) (#172)
by CENGEL3 on Tue Jul 16, 2002 at 04:29:09 PM EST

From my own experience in the corporate world most of the people responsible for actualy making purchasing decisions about software are not Tech people at all. Mostly thier MBA/Manager types and completely ignorant of the technology they are making purchasing decisions about. Those types tend to believe whatever garbage MS marketing spoon feeds them. They'll buy into Palladium not because of any supposed technical merits of the system but because the marketing presentations use pretty colors and have all the right buzzwords. The reason why some of the big software companies hold such pervasive market shares for corporate applications right now is not because of the technical merits or cost of thier products (The small indy companies often beat them on both). It's because of the pervasive myth in the corporate world that "No one ever got fired for buying a brand name". Which is why Palladium will probably fly despite all the unwanted baggage attached to it. My only hopes are: 1) Joe Consumer starts to become a little bit better informed about techology issues and therfore gets (rightfully) outraged about the stuff Hollywood and MS are trying to pull over on them. 2) Civil liberties, consumer groups and Congressmen that actualy serve the public (rather then Hollywood) manage to defeat things like the Hollings bill and hopefully even ammend the DMCA to better represent the public interest. In which case while granny and Joe Consumer will be stuck with DRM and Palladium (which would really be a shame) but there will still be a niche market for those of us who don't want our technology and content to exist at the sufference of the MPAA and MS..... and as long as thier is a niche market demand there will be someone willing to sell products to fill it. 3) (Probably the best of all possible outcomes) The entertainment and software cartels will get too greedy and too ambitious. They will impose usage restrictions that are so draconian that they REALLY start to inconveniance the average consumer....who, if they haven't already slipped too far into a pop culture induced stupor, will get annoyed enough to actualy do something about it. There will be a huge public backlash and the Entertainment and Software cartels and thier whole rotten house of straw will come tumbling down. Well at least I can dream!

[ Parent ]
Misconceptions (4.33 / 3) (#94)
by jpmorgan on Wed Jul 10, 2002 at 09:56:42 AM EST

Palladium is intrusive. Businesses won't buy it to replace PCs.

Just considering DRM issues... businesses won't go out of their way to buy palladium enabled PCs, but overall they won't go out of their way to avoid them too. If Microsoft can situate palladium such that it becomes a de-facto standard (which is very likely, since they seem to be working with Intel, AMD and other major hardware manafacturers on this), then it will become the standard, and corporations would have to go out of their way to avoid systems with this included. And can you imagine any reasonable company raising their IT costs simply to avoid DRM capabilities in their systems? How can you justify that cost to your shareholders?

The other issue with respect to that is it appears that while Palladium was designed for use in DRM, it may have some tangible benefits in terms of security. If the same technology that enables DRM Microsoft also uses to improve security and network interoperability (which it appears they fully well intend to), then you suddenly do have a tangible benefit to a corporation for buying Palladium enabled PCs with no, AFAICT, major disadvantage.

You have too much faith in trusted clients. They're inherently an unsolvable problem. Any client you can make, someone can hack. Why? Because of keys and hardware.

This is actually a common misconception. A popular myth. Sure, it looks to be obviously true, but like so many obviously true things (the world is flat!) once you've got a bit of perspective you realise it's false.

There's been a lot of research into inherant security and trust in the domain of mobile applications and intelligent agents, but the work is just as applicable to DRM software. It turns out it is very possible to develop these trusted clients. It's hard, certainly, but it has been proven and demonstrated to be possible. Right now none of the major players have noticed this work, but it's only a matter of time before someone working in DRM takes a look over at what the mobile code researchers are doing and says "Hey! That's exactly what we need!"

[ Parent ]

Heh (2.00 / 1) (#122)
by trhurler on Wed Jul 10, 2002 at 02:23:37 PM EST

Where can I find this mythical trusted client? It must be an interesting beast, since it is a mathematical impossibility.

'God dammit, your posts make me hard.' --LilDebbie

[ Parent ]
Read the specs (none / 0) (#155)
by i on Thu Jul 11, 2002 at 03:24:38 AM EST

here and point out what's wrong with them, mathematically.

and we have a contradicton according to our assumptions and the factor theorem

[ Parent ]
I read them (none / 0) (#165)
by trhurler on Thu Jul 11, 2002 at 01:04:35 PM EST

And you know what? If the device was tamper proof, it'd work. Problem is, nothing is tamper proof. That's one of the assumptions any description of a client has to make - it can be tampered with. Notice the utter lack of discussion of that assumption in the text. Interesting, if you ask me.

I don't even know how to specify these descriptions formally, but the people who do are quite happy to say that it is impossible to build a secure system with a trusted client, and their reason, translated into ordinary people speak, is quite simple: clients can be tampered with. Security requires mechanisms, and those can be tampered with. All true security depends on monitoring of the necessary equipment to prevent tampering. You can't possibly do that with massive numbers of quite possibly mobile clients which will often reside inside other secured areas you don't even have access to.

'God dammit, your posts make me hard.' --LilDebbie

[ Parent ]
avoiding DRM (4.00 / 1) (#135)
by semaphore on Wed Jul 10, 2002 at 05:52:26 PM EST

...can you imagine any reasonable company raising their IT costs simply to avoid DRM capabilities in their systems?

fact is that many companies are already going out of their way to avoid msft on the server for valid, non rabid-drooling-doltish-crosseyed-moronic-we'll-save-the-world-whether-it-needs-i t-or-not-(yay-linus)-dribble-drool-some-more reasons. here, every new system that's planned is non-msft on principle unless there's some very unusual reason. however, drm is not an issue in the server arena.

while the server market shrinks, msft should still be able to hang on to the workstation marketshare for a bit. but this will go the same way in a couple of years as cheap/free alternatives improve and the beancounters finally do the arithmetic based on their server experiences. msft's new licensing scheme is going to help this along, it's trying to force them to upgrade much more frequently than they like to.

i don't think drm will be in place before the decline in msft's share of the corporate workstations market begins.

msft will be left with running your home life - which is why they want this stuff.

"you want enlightenment? stare into the sun."

[ Parent ]

If only... (3.33 / 3) (#31)
by regeya on Tue Jul 09, 2002 at 08:14:34 PM EST

If only all the trouble of making a virtual machine to run Windows on were done to make for a more portable windows; in other words, it would be nice to have a Windows that would be both stable and easy for software engineers to move to the Next New Platform(TM) and not break both the OS and applications. Oh, I know, I know; MS is making strides toward the Run Anywhere Binary. In the past, it seemed as if MS's whole policy was to help prop up Intel so the x86 would live on forever. Hopefully, finally, we're moving away from that; I happen to think that a layer between the hardware and the actual Windows OS would be beneficial . . . for something other than copy protection.

[ yokelpunk | kuro5hin diary ]

Writer Misses The Point (4.57 / 14) (#32)
by concept on Tue Jul 09, 2002 at 08:18:28 PM EST

Fact: If a user can view it, a user can copy it.

Sure... (3.60 / 10) (#37)
by Danse on Tue Jul 09, 2002 at 08:32:47 PM EST

You just can't copy it with your computer. Or your stereo. Or your PDA. Or your MP3 player. Or anything else that requires electricity.

An honest debate between Bush and Kerry
[ Parent ]
Bad ratings (3.33 / 3) (#55)
by ucblockhead on Tue Jul 09, 2002 at 10:47:24 PM EST

Carbon, the "zero" is for spam and crapflooding, not things you disagree with.
This is k5. We're all tools - duxup
[ Parent ]
thats what the macrovision does (3.50 / 2) (#38)
by nodsmasher on Tue Jul 09, 2002 at 08:33:23 PM EST

its screws up copying from the out put
Most people don't realise just how funny cannibalism can actually be.
[ Parent ]
Which of course is dead. (3.50 / 2) (#42)
by Perianwyr on Tue Jul 09, 2002 at 08:43:43 PM EST

It's very easy to get around (either use an old VCR, or one of the ten billion billion anti-macrovision boxes you can get online.)

Like all such schemes, it's doomed.

[ Parent ]

Well (3.50 / 2) (#52)
by carbon on Tue Jul 09, 2002 at 10:30:34 PM EST

The idea isn't to make copying impossible in general (which can't be done) so much as to make it prohibitively expensive or difficult as to make it not worth it. Sure, you can get around Macrovision, but if you don't have an old but working VCR lying around, it'll cost more then the price of several DVDs...

Wasn't Dr. Claus the bad guy on Inspector Gadget? - dirvish
[ Parent ]
Only once (3.00 / 1) (#68)
by Ig0r on Wed Jul 10, 2002 at 12:58:24 AM EST

The expense of building hardware to break the content-control mechanisms only has to be undertaken one time. Once a copy to VHS has been made, then the content is in the wild. After that first copy, only the willingness of the 'consumers'   to pay much more for a slightly better quality, and do it legally, will drive new DVD (or whatever the new medium is) sales.

[ Parent ]
True to the extreme (3.50 / 2) (#48)
by The Amazing Idiot on Tue Jul 09, 2002 at 09:12:47 PM EST

Simply, nobody will have DRM in their eyes or ears. If it can be seen or heard, some device can and will be able to copy it.

A/D converters are cheap. And it's simple to make a home a/d converter out of radio-shack parts. And nobody's going to make electrical engineers, electricians, or tinkerers illegal.

All copy protection is wasteful.

[ Parent ]

ADCs (3.50 / 2) (#59)
by Danse on Tue Jul 09, 2002 at 11:23:02 PM EST

That's why they want to plug the analog hole.

An honest debate between Bush and Kerry
[ Parent ]
I'm not an expert on video ... (3.66 / 3) (#66)
by pyramid termite on Wed Jul 10, 2002 at 12:10:39 AM EST

... but I suspect that a way may exist to copy video in spite of any effort to "plug the analog hole". But I will say this - the analog hole cannot and will not be plugged in regards to audio. If I can't do it within a windows box, I can do it with jacks and outside recording equipment; even microphones if necessary. And don't underestimate the quality possible here - a person who knows what he's doing can produce a high quality copy that will certainly equal FM radio/MP3 quality or even better. If you can hear it you can record it.
On the Internet, anyone can accuse you of being a dog.
[ Parent ]
Heh, you REALLY dont understand... (2.00 / 4) (#69)
by The Amazing Idiot on Wed Jul 10, 2002 at 01:56:57 AM EST

First, you actually buy that "they want to close the analog hole"? If you do, you oughtta go back to slashdot. Are you telling me that they wish to make electronics illegal? Yeah, right.

I'm in school right now studying to be an electric engineer. In that, they teach us elementary circuit creation/debugging, programming, and many other skills. However, the biggest two skills they teach us is

1: Why?      and
2: Theres another way to do this....

Your post is plain FUD. No matter what idiots from MS(or any other software/hardware company) try to do, we can find another way to stop/reverse it. If you doubt that , look at this <a href=http://kwyxz.nerim.net/cubix/> page</a>. According to you, this wouldnt be possible.

[ Parent ]

You're forgetting one little thing... (4.40 / 5) (#77)
by Cloaked User on Wed Jul 10, 2002 at 03:02:27 AM EST

The DMCA has already made any such circumvention device illegal.

Sure, they can't stop you from building it - at some point, the data must be unencrypted. Even if it means replacing the electron gun in the CRT (or equivalent for LCDs) with a gadget to grab the signal, it could be done. Unfortunately, that would constitue a device for circumventing a copy protection measure, and so would be illegal.



"What the fuck do you mean 'Are you inspired to come to work'? Of course I'm not 'inspired'. It's a job for God's sake! The money's enough and the work's not so crap that I leave."
[ Parent ]

The emulator is fake (4.00 / 2) (#79)
by Krolours on Wed Jul 10, 2002 at 04:31:59 AM EST

int main(int argc, char *argv[])
fprintf(stderr,"%s version %d\n",argv[0],VERSION_NUMBER);
fprintf(stderr,"Error: file ngcfirm.zip not found in ~/.cubix/ directory.\n");
fprintf(stderr,"You need the Nintendo® GameCube original firmware to run this emulator.\n");

[ Parent ]
Until they come up with (4.00 / 1) (#125)
by Mysidia on Wed Jul 10, 2002 at 02:41:21 PM EST

DRM implants that can be legally required implanted in children at birth to prevent them from illegally perceiving corporate IP, illegally acquiring confidential information, or illegally thinking about protected ideas

-Mysidia the insane @k5+SN
[ Parent ]
+1 FP, but not buying the analysis (4.00 / 2) (#35)
by gbroiles on Tue Jul 09, 2002 at 08:28:16 PM EST

I appreciate the article, and found it interesting, but please don't confuse that with accepting the conclusion that TCPA/Palladium is driven solely by content providers.

Hmm.. (4.00 / 1) (#36)
by Danse on Tue Jul 09, 2002 at 08:31:29 PM EST

Ok, I'll bite. What's driving it then, if not content providers? I haven't heard anyone else clammoring for such a system.

An honest debate between Bush and Kerry
[ Parent ]
Microsoft... (5.00 / 3) (#63)
by Skywise on Tue Jul 09, 2002 at 11:47:02 PM EST

Microsoft's modus operandi for the last 15 years has been to be the "troll on the bridge" (so to speak).  You don't get to your information, your data, your content, except through them.  It doesn't matter what data that is, so long as Microsoft controls your access, they control everything.

This worked well up until Gates miscalculated the advent of the internet and almost lost control of that access point.  Microsoft wasn't afraid of the web browser.  Microsoft was afraid that the browser would become the next access point to get at your data.  And if people could get to their data through another point, Microsoft was toast.  So Microsoft "embraced" standards and went after the web browser market... first giving it away for free, then claiming it was integral to the OS and couldn't be removed.

But now that Microsoft has saturated the market with Windows, it's getting harder to show fiscal growth.  You can only force people to upgrade so much, so they turn to the next best thing.  Verifying that one copy of windows and office goes on one and only one machine.  Thereby instantly increasing your sales.  So if you're going to have all this infrastructure for that... why not just integrate it into the OS and sell it back to your other markets...

The next "big thing" now is for Microsoft to be between you and all of your data in electronic format.  That means banks, credit card companies, movie producers, video games, etc.  The problem with THAT is security.  Banks and credit card companies are already on-board and giving out info on the internet, but that's chicken-feed to what they want to do.... provide digital cash.  Movie producers would love to put their movies out into the open, so long as they could charge $5 a view, same with video games.

.NET was the big push to initiate all of that.  Your computer was going to be constantly connected to the internet and information would be pushed to you as needed.

But the companies didn't bite, and the whole .NET architecture collapsed... (Oh, the CLR and virtual machines are still around... But that's not what .NET was supposed to be...)

So Microsoft took a step back and offered the next big thing.  They'd secure the operating system, which of course, will only be secure with their servers.

IF the banks and hollywood bite, you'll see this become a reality.  But don't worry, they won't (they're greedier than that) and all of this will go the way of the MSN 1.0, the new PC initiative, Black Bird, Microsoft BOB and OLE...

[ Parent ]

Possible... (4.00 / 1) (#109)
by Danse on Wed Jul 10, 2002 at 12:19:47 PM EST

I'm sure that Bill is drooling over this opportunity. I just don't think that Microsoft could pull this off alone, especially so soon after having Hailstorm shot down. Nobody is going to want this, except content providers. The only way that this will work for Microsoft is if Hollywood gets the legislation it wants. That's why I think that the whole thing is driven by Hollywood. They are the ones with the agenda that they're trying to ram through. Microsoft just sees it as a chance to finally get what has been eluding them for so long.

An honest debate between Bush and Kerry
[ Parent ]
Like I said... (4.00 / 1) (#131)
by Skywise on Wed Jul 10, 2002 at 04:05:40 PM EST

If the big markets don't bite, Microsoft will scale back its initiative and just make use of them for its own internal purposes (OS verification, virus security, etc)  But the underlying structural technologies will probably hang around , so they can be reactivated...just in case...

[ Parent ]
Slanted... (3.66 / 3) (#114)
by Shren on Wed Jul 10, 2002 at 12:37:34 PM EST

IF the banks and hollywood bite, you'll see this become a reality. But don't worry, they won't (they're greedier than that) and all of this will go the way of the MSN 1.0, the new PC initiative, Black Bird, Microsoft BOB and OLE...

You're very close to being sort of objective but you keep letting bits of linux-movement bias slip in.

To pick out one bit in particular, if Palladium goes the way of OLE then it will be quite successful indeed. OLE stands for Object Linking and Embedding, which was first a movement to let word apps have excel spreadsheets in them and vice versa.

OLE became COM, which stands for "Component Object Model", which revolutionized a big fat part of the computing industry. COM is built largely on top of RPC (Remote Procedure Calling, I think) and lets you build objects that are binary compatible across all versions throun an interface. That's *binary* - like a DLL without versioning issues. The third party market for COM objects has in the past shown a larger sales margin than Microsoft itself. COM has it's own competitors, such as CORBA (about which I know little.) Mozilla's object model walks and talks a lot like COM.

COM led to SOAP...

The point is, Microsoft has lots of failed projects - Bob and the like. Everybody who sells projects has a failed one or two. The internal mechanism of Microsoft rolls on, developing software.

If Microsoft's life work was to be the troll at the gate, flexible technologies such as COM would have *never* come about. Despite the difference in philosophy between them and many other software developers, they're just trying to sell software. They sell software by adding features other people, from the customers to other buisnesses, want. A couple market people or a VP or two might be on the OS jihad - might - but the rest of them write code to do stuff, and they're not trying to crush all competitors when writing thier OS routines. Sometimes they steal our ideas. Sometimes, like COM, we steal thiers.

.NET, dead? Hardly. .NET objects are COM compatible, and thus the ease of developing a COM component just increased by an order of magnitude. I wish it had been around when I was doing COM development.

[ Parent ]

Not really... (4.40 / 5) (#124)
by Skywise on Wed Jul 10, 2002 at 02:28:47 PM EST

I'm not anti-Microsoft, but I am a realist.  You've been listening to too much Microsoft Marketspeak(tm)(r)

OLE was supposed to be a generalized object linking/embedding technology.  In reality, it was a "me too" marketing counter attack to Apple's already working technology for OpenDoc.  OpenDoc, however, was to be far more broad in that it was going to provide a standard set of interfaces so that ONE word processor could be used for every type of action that required editing.  OLE was rarely, if at all, used outside of Word and Excel. To this day, documentation for OLE access is severely limited and Microsoft continually changes the interface specifications (which is against their own OLE spec.) to suit their whims.  (The only book that ever covered the topic "Inside OLE2" has 0, ZERO workable examples.)

OLE did not become COM, OLE always was COM, do you know why?  Because COM is a DLL.  Oh, it has fancy names and stuff, but all COM is, is a set of required methods in a DLL. (The spec says COM is something completely different, but in reality you will NEVER see a COM object that is not a DLL.)

COM did not lead to SOAP.  SOAP came from RPC calls, which COM was shoehorn adapted to mimic in another failed technology, DCOM.  But COM and SOAP are completely and totally dissimilar technologies that just so happen to provide the same functionality.

Microsoft's life's work IS to be the troll at the gate.  COM technologies are Microsoft system based only, regardless of how "open" they are.  If it was Mirosoft's goal to sell software, you'd already see Office for Linux, Office for SCO, a Windowing layer to run DirectX games in Unix, in addtion to a standardized COM layer.

And .NET was supposed to be "Hailstorm" and "Hailstorm" is dead.  All that's left of .NET now is the virtual machine, and Microsoft hasn't decided what exactly that means yet.  Logically speaking Microsoft should've already been announcing that .NET code will run seamlessly on 32 bit, 64 bit Windows, AND Windows CE without incident.  But they haven't, and there's not even any market gossip about such features coming.

I'm not saying Microsoft's technology sucks.  My point was that Microsoft pushes technologies based on marketing strategies... not on whether the technology is actually good.  (Sure alot of copmanies work that way... But look at Sony which actually pushes good technology but markets it poorly (minidisc, Beta, memory sticks, etc). )
Which is why I think that if hollywood doesn't bite, Microsoft will just drop the Palladium initiative.

[ Parent ]

I still think so... (3.00 / 3) (#128)
by Shren on Wed Jul 10, 2002 at 03:22:52 PM EST

I'm not anti-Microsoft, but I am a realist. You've been listening to too much Microsoft Marketspeak(tm)(r)

I'm not pro-Microsoft, but I am a realist. You've been listening to too much Linux Hype(tm)(r)

OLE was supposed to be a generalized object linking/embedding technology. In reality, it was a "me too" marketing counter attack to Apple's already working technology for OpenDoc. OpenDoc, however, was to be far more broad in that it was going to provide a standard set of interfaces so that ONE word processor could be used for every type of action that required editing. OLE was rarely, if at all, used outside of Word and Excel. To this day, documentation for OLE access is severely limited and Microsoft continually changes the interface specifications (which is against their own OLE spec.) to suit their whims. (The only book that ever covered the topic "Inside OLE2" has 0, ZERO workable examples.)

All true. OLE is the ancestor to COM, which is a much more workable technology with a lot more power.

OLE did not become COM, OLE always was COM, do you know why? Because COM is a DLL. Oh, it has fancy names and stuff, but all COM is, is a set of required methods in a DLL. (The spec says COM is something completely different, but in reality you will NEVER see a COM object that is not a DLL.)

"COM is just a DLL" is just a handwave. Is that the best handwave you can come up with? There is a whole lot that you can do with COM that's quite difficult without. Explain why COM was and is still in demand. Explain why Mozilla uses, almost everywhere, objects that are COM with the serial numbers filed off.

COM did not lead to SOAP. SOAP came from RPC calls, which COM was shoehorn adapted to mimic in another failed technology, DCOM. But COM and SOAP are completely and totally dissimilar technologies that just so happen to provide the same functionality.

SOAP is essentially RPC hacked over port 80. It doesn't make it a particularly pleasant technology, but it is often used with and pretty strongly connected to COM.

Microsoft's life's work IS to be the troll at the gate. COM technologies are Microsoft system based only, regardless of how "open" they are. If it was Mirosoft's goal to sell software, you'd already see Office for Linux, Office for SCO, a Windowing layer to run DirectX games in Unix, in addtion to a standardized COM layer.

To write a version of Office for Linux and SCO and your other pet UNIX flavor, they'd either have to give up the source code or compile, package, and distribute many different versions, and they'd be doing so to produce a product that would not be widely bought. It's a money losing proposition, even if it were feasible under thier methodologies. Selling user-software for linux doesn't make a whole lot of money. Most of the time, it doesn't make any. What was that company that made linux ports of popular games? Didn't they just fold up like a collapsable chair? Linux enterprise and server software sells. Linux end user software flops hard. Why should Microsoft be eager to add a failure to thier rather impressive list of failures?

The fact that the commercial software world has had some flops is pretty irrelevant, compared to the fact the open source world sits around and duplicates all of thier successes.

[ Parent ]

outlook & virus (3.50 / 2) (#60)
by Strange on Tue Jul 09, 2002 at 11:40:14 PM EST

the user question "Do you want to run a binary signed by Company Y" will disappear on such a system, avoiding any potential for Outlook viruses

How come? Outlook's Virus are scripts, interpreted by outlook, which in turn will have been digitally signed...

Unless Palladium has some way to restrict the actions of a program by where the data has come, or outlook will just stop having bugs/features...

Because... (3.00 / 1) (#64)
by Skywise on Tue Jul 09, 2002 at 11:53:40 PM EST

All future scripts will have to be signed to run.

Outlook will consult the Systems "Sentinel" which will verify the signatures and trustowrthiness of the system its on, and then verify the signature of the script.

The Sentinel itself will be able to dial out to the internet of its own accord, I suspect, and verify the signature.

All without you, the user, ever seeing a dialog box.  You will be safe... protected... and managed.

[ Parent ]

don't you mean euthanized? (n/t) (2.00 / 1) (#76)
by SocratesGhost on Wed Jul 10, 2002 at 03:00:52 AM EST

I drank what?

[ Parent ]
Wouldn't work (3.00 / 1) (#90)
by mcherm on Wed Jul 10, 2002 at 09:19:32 AM EST

Running only signed scripts is not really workable, because then users would not be able to write scripts!

Of course, eliminating user-accessible scripting entirely WOULD be possible, but would that really be acceptable, even to MS?

-- Michael Chermside
[ Parent ]

It doesn't say, but... (3.00 / 2) (#93)
by Skywise on Wed Jul 10, 2002 at 09:55:53 AM EST

I'm willing to bet the "Trust module" will auto-sign stuff created from your computer.

However you're right in that this won't stop those attacks at all.  The attacking program will have to be identified and then the appropriate signature groups will have to be notified so the signature can be switched to hostile status.  But before that could be done, the virus could've gotten out for a day or two and done most of its damage.

Although long term re-attacks should be stopped cold, but any good anti-virus software would be doing that too, TODAY.

[ Parent ]

Can't auto-sign locally created stuff (4.00 / 1) (#115)
by mcherm on Wed Jul 10, 2002 at 12:38:40 PM EST

Several reasons why you couldn't just auto-sign stuff created on this computer.

  • Most people who use scripts don't write the scripts themselves, someone else writes it for them (even if it's the office guru across the aisle). So this would make scripts useless for most people.
  • People would quickly stop mailing COMPILED scripts and start passing around the TEXT version. Which would then be compiled locally. But as soon as the practice became widespread, it would be a pathway utilized for viruses and trojans.
  • If things compiled on the local computer are auto-signed, I am nearly certain I can design a script to compile things. Bootstrap this, and it all falls apart.

-- Michael Chermside
[ Parent ]
old way of thinking (3.00 / 1) (#119)
by adamba on Wed Jul 10, 2002 at 02:09:45 PM EST

You are thinking about software by starting with features and moving forward. That is how Outlook became such a fertile environment for viruses: gee wouldn't it be nice to have an email client, hey it would be cool if you could run scripts inside email, well you should give the scripts access to the address book, etc.

In the new "delight your customer" Microsoft, it's about starting with scenarios and going backward. One scenario for Palladium is playing DVDs securely. So what has to be done to allow that?

Now when I said "Outlook viruses" up there I was actually thinking of the ones that are binaries attached to email -- those should be stopped as any other executable you try to run. But you are right of course there are viruses in the scripts. So what to do about those? Well something will have to be done. Maybe there are no scripts on a secure system, or they have to be signed (which makes them basically useless I agree), or Outlook has to radically cut the API available to scripts. But something's gotta change.

- adam

[ Parent ]

That would be "safe" programming (3.00 / 1) (#126)
by Skywise on Wed Jul 10, 2002 at 02:51:22 PM EST

I suspect they'll expand their scripting to include "safe" commands on stuff that won't access your email and format your hard drive, etc;  Then, the first time you run a script, it can be analyzed for its "safeness".

[ Parent ]
I don't get it (4.16 / 6) (#67)
by cts on Wed Jul 10, 2002 at 12:32:06 AM EST

What I don't get is the money. Just checking the RIAA and MPAA for media, and Microsoft and IBM for computing, look at the numbers. I know it's limited, gross revenue (needed to compare media to computing,) limited number of references and such.

RIAA financials 2001 $13.7 billion.
MPAA 2001 box office: ~$8.5 billion. (please browse the site to find this information.) I'll double that to $18 billion to include VHS/DVD rentals. (Please correct me, I'm only quickly using the companies sites.)

IBM 2000 financials (pdf) $88 billion.
Microsoft anual reports 2001: $25 billion.

So, why is media running the show?

for mutual benefit (4.00 / 2) (#72)
by SocratesGhost on Wed Jul 10, 2002 at 02:52:32 AM EST

Consumers love entertainment and the latest killer app for the PC market has been digital entertainment. If you look at all of the latest commercials, they really don't talk about productivity software but how easy it is to send pictures to grandma, to download music, to watch the latest DVD releases, to make home movies, etc. The computer industry wants to cooperate with media, then, because media has what the consumer wants. Tech may then profitably play as intermediary.

I drank what?

[ Parent ]
I still question who is in charge (none / 0) (#158)
by cts on Thu Jul 11, 2002 at 06:33:43 AM EST

   I agree that the public, myself included, wants to have entertainment. I love movies. I love music.  My favorite movie is Millers Crossing by the Cohen brothers, and my favorite CD is Velvet Underground, and I love having VU on my mp3 server. (ogg is having troubles on my HP.) I believe the artist-creator should benefit from their work, as should everyone [get benefit from their work]

   But I was trying to show is that the computing industry could dictate what the media companies can implement.  My problem is that the "computing" industry has a chance to to keep computers computers, not toasters, and they might not do it.

Maybe I'm naive.


[ Parent ]

Computers or Toasters? (none / 0) (#160)
by Matrix on Thu Jul 11, 2002 at 09:40:38 AM EST

Think about it from the point of view of the computer company. Computers are hard beasts to market and support - they can do almost anything their user wants them to. How do you sell that? (Think from an executive point of view here, not as someone who sees the usefulness of generic computational devices) Toasters, on the other hand, are easy sells. People have been selling toasters for decades. If its a toaster that plays content from the media industry (which has an absolutely massive captive audience and control of almost all other forms of advertising and information), you're likely to get lots of steady profits, lots of control, and that same captive audience.

Not only that, but there'll still be people who demand generic computational devices. Since they're a minority market in need of something you have an absolute monopoly over, you can charge as much as you want.

"...Pulling together is the aim of despotism and tyranny. Free men pull in all kinds of directions. It's the only way to make progress."
- Lord Vetinari, pg 312 of the Truth, a Discworld novel by Terry Pratchett
[ Parent ]

Revenue means squat (3.00 / 1) (#75)
by Lord of the Wasteland on Wed Jul 10, 2002 at 02:59:25 AM EST

In terms of influence, revenue doesn't mean all that much. There are many reasons for this:

  • You need more than revenue to buy politicians, campaign contributions come after cost of goods and payroll

  • You need to bring money into a region. I don't know the breakdown, but I imagine IBM pays a fair amount to Asian silicon manufacturing companies.

    [ Parent ]
  • Just talkin' bout money (4.00 / 2) (#85)
    by cts on Wed Jul 10, 2002 at 06:57:43 AM EST

    Not just revenue, combine the "net" profits from IBM ($8 B) and MS ($7.7 B) and it equal the "gross" industry profits of the RIAA.

    Not that I know anything about accounting, let alone corparate accounting, but I was just trying to show how little the money "media" groups represent. Since I'm a USian, this should mean something. :~)

    <Anti MS FUD>
    Microsoft has $31 billion (3.1x10^10) in "cash". They could buy almost any media company they wanted to or at least a controlling interest. Maybe they're behind everything. They're looking to control media distribution. The RIAA and MPAA are just fronts to give them control of even more standards. Then they will unleash some sort of unholy, yet pretty, media company that will change everything. </FUD>

    Not very good FUD, but man... $31B. Ahh... Umm... WOW!?!?!

    Thanks for talking,

    P.S. Check IBM's (2000) financial report. The CEO, CFO, and auditor all sign it. Don't know what that means, but it looks nice.

    [ Parent ]
    Software vs. Hardware (3.00 / 1) (#102)
    by ucblockhead on Wed Jul 10, 2002 at 11:13:42 AM EST

    Microsoft is a softare company, and as such, is a company, like the media companies, that makes money primarily through selling IP. Thus Microsoft has a vested interest in making it hard to copy IP without permission.
    This is k5. We're all tools - duxup
    [ Parent ]
    Vested interest (3.00 / 1) (#133)
    by acceleriter on Wed Jul 10, 2002 at 04:26:27 PM EST

    Microsoft has a vested interest in making copying difficult only to the extent that it doesn't reduce demand for their wares (heh)--which Palladium will likely do. Even the general public isn't going to fall for this one--they're already scurrying like roaches caught by the light back to their drawing boards trying to figure out the next way to foist this Trojan horse into general purpose computing.

    [ Parent ]
    why they cater to the music industry (none / 0) (#175)
    by cerberusti on Mon Jul 22, 2002 at 09:21:44 AM EST

    Because if this fails, they need somebody to blame it on and, if it works, it is definitely to their advantage.

    [ Parent ]
    why media is running the show (none / 0) (#153)
    by bob bobbish on Thu Jul 11, 2002 at 01:48:45 AM EST

    Media is running the show because of the impending bandwidth explosion. Who needs to surf at the 10 or 20 or 30 megabit level? No one. So they are looking for content to fill up the bandwidth to make it attractive to consumers. The logical choice is on demand viewing and that leads right into copyright protection etc....etc....etc...

    [ Parent ]
    I disagree (none / 0) (#159)
    by cts on Thu Jul 11, 2002 at 07:05:12 AM EST

    The media is afraid of the bandwidth expolsion. I'm not. It still doesn't mean they should be in charge.
    What the media companies should be doing is making their content available online. They know that people will pay more for "better" service. (check Blockbuster prices) They just need to make it available to Internet. Maybe they don't have the resources to create this infrastructure and that's why they are scared.

    Thanks for talkin',

    [ Parent ]

    Damn right they're scared (none / 0) (#176)
    by bob bobbish on Wed Jul 24, 2002 at 11:31:30 PM EST

    They are scared sh##less because once something hits the net in digital form it's gone. That is why they are "attempting" to run the show and have the hammer with all the DRM stuff

    [ Parent ]
    Microsoft is catering to the media (none / 0) (#171)
    by FlipFlop on Mon Jul 15, 2002 at 05:04:26 PM EST

    Microsoft is most definitely in favor of TCPA. TCPA is one thing Microsoft can provide that open source can not. If the major media companies only support TCPA, open source systems will be unable to view, listen to, or display most content. Who will use Linux, if they can't read the news, listen to music, or watch video clips with it?

    Hardware companies are along for the ride because they are deftly afraid of Microsoft. If Microsoft did not have a monopoly, TCPA would never get support from most hardware vendors.

    AdTI - The think tank that didn't
    [ Parent ]

    What happens when the certificate expires? (4.62 / 8) (#70)
    by Bora Horza Gobuchol on Wed Jul 10, 2002 at 02:00:57 AM EST

    Comment the first: an excellent story and a well-written insight into a company that is typically surrounded by walls of FUD. Thank you.

    Comment the second: there is no way I'm buying into any such system. I've been to enough websites in which the security certificate has expired or somehow been invalidated. An expired certificate doesn't stop me from using the site - I recieve a warning, and continue on. But a system such as the one proposed by Palladium would stop the transaction from proceeding.

    An example - in 2008 I buy a HD (high definition) DVD made by Miramax. I take it home and want to play it on my computer. But the week before, Miramax declared Chapter 11, and has not paid its yearly fee to renew its digital certificate. Result : Windows 08 cannot find a valid certificate, so it refuses to play the DVD. I have a product I have purchased - the data is right in my hands - but I cannot use it because of its failure to be "validated".

    When I buy a product, it should be mine to use as I wish. Certainly there are laws and EULA's that might restrict my rights - but I'll be damned if I'm going to have a product checked everytime I want to use it. Even with trusted third parties, there are too many things that could go wrong.
    -- "Don't criticise. Create a better alternative."

    two different things (4.33 / 3) (#71)
    by adamba on Wed Jul 10, 2002 at 02:17:28 AM EST

    There are two different things here. The first is how does TCPA and Palladium verify that the bits that are being run are authorized to go near DVD data. The second is how are high definition DVDs encoded so they can't be broken by a bored 15-year-old Norwegian.

    My article was about the first situation, I know nothing about the second since I don't think HD-DVD has been defined yet. Certificates can come in many forms and the way they behave on a particular website is not necessarily the way they will behave when validating DVDs.

    It may be that the only ongoing checking that will be done by TCPA will be to check that no component (software or hardware) that was previously thought to be trusted at a certain level has been discovered to not be trustworthy and has been put on a "do not trust" list. You do bring up a general issue with these services that expect an Internet connection to be around, which is how do they behave when the connection goes away. But that kind of thing won't get hashed out until Microsoft gets around to implementing Palladium.

    - adam

    [ Parent ]

    interesting point (4.50 / 2) (#91)
    by vinay on Wed Jul 10, 2002 at 09:52:53 AM EST

    you mention that this requires an internet connection.

    a. if so, then (as you mentioned) what happens when my DSL connection goes down? Does that mean I can't fallback on watching a movie instead of reading kuro5hin? :-)

    b. 2nd (and more seriously), would it be possible to spoof the check response? Or, maybe more to the point, would it be difficult to spoof the response?


    [ Parent ]
    connection down (4.00 / 1) (#101)
    by adamba on Wed Jul 10, 2002 at 11:01:09 AM EST

    a) Who knows what will happen if your connection goes down. I doubt the system will be designed so you can bypass it just by yanking your net cable. It also depends on how often you need to "check in" with the Sony consortium to check on the validity of your system. Is it every time you play a DVD for the first time? Every time you play a DVD? Actually it will probably be something more like every time you change your hardware, you have to get re-approved before you can play DVDs.

    b) I would be very surprised if you could spoof the check response. Since network communication has been public for so long, people have figured out how to protect the conversations. It's this new world of trying to protect the PC bus that is the driving force behind TCPA.

    - adam

    [ Parent ]

    A good point (4.33 / 3) (#82)
    by ShiteNick on Wed Jul 10, 2002 at 05:58:19 AM EST

    You're right .... What's the whole point of storing stuff in DVD's that may one day be unreadable?

    I thought the whole point of archival storage was to choose a medium that will be aorund for years to come.

    It is for precisely this reason that I would never rip to WMA even if it offered much better quality and much, much easier interfaces than mp3 rippers (this is an *if* scenario -- please re-read before you flame).

    What if a new version on Windows Media Player refuses to play anything but properly signed WMA files with *valid* certificates?

    [ Parent ]
    A good point (none / 0) (#83)
    by ShiteNick on Wed Jul 10, 2002 at 05:58:36 AM EST

    You're right .... What's the whole point of storing stuff in DVD's that may one day be unreadable?

    I thought the whole point of archival storage was to choose a medium that will be aorund for years to come.

    It is for precisely this reason that I would never rip to WMA even if it offered much better quality and much, much easier interfaces than mp3 rippers (this is an *if* scenario -- please re-read before you flame).

    What if a new version on Windows Media Player refuses to play anything but properly signed WMA files with *valid* certificates?

    [ Parent ]
    Emulating the hardware an option? (4.50 / 4) (#80)
    by matthijs on Wed Jul 10, 2002 at 04:43:13 AM EST

    I was wondering about the possibility of emulating the hardware, just like VMWare does. Would this be impossible or what hurdles would have to be faced in doing so? If you can manage to fool the software into thinking that it's running on secure hardware, all security would basically be bypassed, right?

    I don't know (4.00 / 1) (#92)
    by salsaman on Wed Jul 10, 2002 at 09:55:07 AM EST

    The system still has to boot up, and if the security checks start with the BIOS, how would you get around that ?

    [ Parent ]
    you need 'insecure' hardware (4.50 / 2) (#98)
    by matthijs on Wed Jul 10, 2002 at 10:47:16 AM EST

    You'd have to have a general purpose computer (hardware) for emulation, I think. I was only suggesting bypassing the security of the OS that decodes media files and sends it through the hardware. Installing a 'unsecure' OS on secure hardware will probably be impossible or much harder then fooling the OS into thinking it's running on secure hardware. Of course, general purpose computers still need to be available by then for this to have a chance at working at all.

    [ Parent ]
    revenge of the hypervisor (4.50 / 2) (#100)
    by adamba on Wed Jul 10, 2002 at 10:56:32 AM EST

    You are saying you want a hypervisor, like Butler Lampson was originally proposing for secure DVD playback on Windows, but for the opposite reason. He wanted to be able to take an unsecure OS and prevent bits from being copied; you want to take a secure OS and allow bits to be copied.

    - adam

    [ Parent ]

    Strange.... (4.00 / 4) (#84)
    by ShiteNick on Wed Jul 10, 2002 at 06:06:24 AM EST

    Well done story with loads of information. Thank you.

    There is however one thing that seems really strange to me ... why on earth are people so willing to trust MS / Sony / VeriSign to trust things for them? Should this not be a govt. job?

    I realise that this is really a separate story, but since it is very related to the current one: Can anyone tell me why goverments around the world are not getting excited about setting up their own digital certification systems? Why should any particular corporation or bunch or corporations control what is trusted and what is not? How many American news companies are truly owned by Americans anymore?

    Still increased govermental interference is probably one way to control Sony/MS etc.

    Company? Govt? User? Freedom? (4.66 / 3) (#111)
    by Strange on Wed Jul 10, 2002 at 12:27:47 PM EST

    Should this not be a govt. job?

    Whose govt? Yours? Mine? I trust none...

    This should be the user's job. He should be specifically asked to trust a CA, either Microsoft's or whatever. Alas, without him trusting Microsoft, we won't be able to run its produts. Which won't be a choice until its monopoly is terminated and users get the chance to choose whatever OS and whatever Apps (just that those Apps would run in any OS or allow to be changed in orther to).

    [ Parent ]

    If the company screws up... (3.00 / 1) (#130)
    by BushidoCoder on Wed Jul 10, 2002 at 03:34:51 PM EST

    ... and makes mistakes that let malicious code run, then another company will pop up and take their place with a better system. This doesn't happen with the government.

    Furthermore, companies are quicker to update their technology to new market conditions than the government is. They're also more subject to special interest groups. Granted, a company is always motivated by money, and so they're hardly impartial, but in the end, if they make decisions that benefit themselves at the expense of the consumer, a competitor will arise.


    [ Parent ]

    I think a big issue... (4.77 / 9) (#86)
    by TunkeyMicket on Wed Jul 10, 2002 at 08:38:40 AM EST

    ...is the fact that I don't want people determining what I can and can't view on my computer. If I wish to view malicious code, I should be allowed. If I wish to decompile a binary to hack a game, I should be allowed. If I wish to write my own DVD player, I should be allowed. Doing all these things for myself and not for sale to others is perfectly legal last I checked. Palladium would do things to hinder these 'rights' as I call them. And what will Palladium's stance be on home videos? Those won't be signed. What about a CD I made on my burner. Those won't be signed. These are things MS will have to think about.

    But another issue is Do I Need Palladium? In my opinion, no. It won't make my machine any more secure. Why? I run the latest antivirus software on top of the fact that I don't run arbitrary code. I'm not about to open an attachment about 7 dwarves fucking snow white, I don't need Palladium double checking this for me. I seriously don't see any end-user benefits from using Palladium. I see alot of benefits for vendors, but nothing for me.

    If MS wants me to buy into their Palladium system then they better give me some damn good reasons, other than: I can't watch my DivX's, I can't listen to my MP3's [practically half are personal copies], I can't see snow white get pounded in her cakehole. Palladium sounds great for vendors and corporations who need restrictions on their computers, but it smells somethin funny for the end user.

    Chris "TunkeyMicket" Watford
    Easy one (5.00 / 2) (#96)
    by Rogerborg on Wed Jul 10, 2002 at 10:30:25 AM EST

      If MS wants me to buy into their Palladium system then they better give me some damn good reasons

    How about: if you want to use new (retail) hardware ever again.

    Let's not kid ourself. Palladium - as a system of interdependent hardware and software - is going to be forced down our throats.

    Intel and AMD are on board, because they realise that the Desktop means Microsoft. They have nothing to lose with this, and something to gain. They already distinguish between server and desktop components, but Palladium lets them enforce it. You want to run Solaris/Linux/BSD/*nix/VxWorks on a server or embedded system? Pay a premium for a server chip, or buy an older, slower pre-Palladium chip for embedded platforms. You want to buy a cheap, high performance chip? Fine, then run Windows, and screw the 2% of us that don't. We're a marginal market It's not really going to hurt AMD and Intel, because lucrative corporate purchasers won't give a damn; in fact, for most corporate desktops, Palladium is just dandy. So the chips keep shipping, and Palladium Windows keeps shipping, and Microsoft will gulag WinXP as soon as they possibly can, so that there's - de facto - absolutely no choice on the Intel/AMD desktop.

    The question is: what can we do about it?

    I wish I knew. I really do. We could exhort our elected representatives to block this blatant move to set up a watertight desktop cartel before it happens (given the time that it's taken the DoJ to move on Microsoft's past behaviour). We could start switching focus to PowerPC (or Transmeta) sooner rather than later, and hope that they don't jump on board. Or we could start saving up now to buy server components that (I hope) won't be Palladium crippled, at least for a few more years.

    "Exterminate all rational thought." - W.S. Burroughs
    [ Parent ]

    I've started preparing for the hardware apacolypse (3.50 / 2) (#106)
    by TunkeyMicket on Wed Jul 10, 2002 at 11:40:55 AM EST

    I've been stockpiling computer hardware. I've got more drives in my RAID array now. 3 more dual penitum 166 machines w/ 64mb ram in my cluster of 4 boxes now. Plus another 3 486dx2's [bringing the total of those to 5]. I've also got 1gb of PC133 in my secondary machine w/ 80gb of hdd, and now I have 1.5gb of DDR in my main machine with a 1.2ghz proc [soon to get another] and dual 80gb drives. I should add more to the array but the cluster of pentiums handle all my NAS needs. Why buy their hardware when I can stockpile all the good stuff I have now. Besides I don't need anything more than Win2k/FreeBSD/GTA/GTA3/HL/CS/PhotoShop. I can live with just those :D
    Chris "TunkeyMicket" Watford
    [ Parent ]
    Two kinds of OS for two kinds of users... (4.50 / 4) (#104)
    by werner on Wed Jul 10, 2002 at 11:19:52 AM EST

    Windows XP clearly showed that Microsoft knows better than you and I.

    2000 was an impressive OS - powerful, stable, pleasant to use. It was the first MS OS I really liked. It did its job - not crash - and let me do what I wanted.

    XP is a whole different thing. First it demands to be activated. One of our Windows XP machines was delivered with a dodgy NIC. Now the NIC is fixed the activation period of grace is over, I can neither activate it - because the network is not configured - nor log in to configure the network. Now I have to take the PC to a room with a phone, reassemble it, and talk to the MS computer voice for 20 minutes to get the fucker working. Who was it claimed Windows was user-friendly?

    When you get one working, it bombards you from the off with inane questions about MSN, Passport, Messenger and unused files on the desktop. The search window and much of the UI looks like a Teletubbies game.

    Most of these problems can be fixed, but it takes time and I have 28 Windows XP machines to admin at work. Activation was fun. Stopping people using Messenger took a while, too.

    I don't think you should have to spend time deactivating and deinstalling stuff when you install a new OS. It struck me as sneaky at first. With 30 machines it a downright tedious annoyance. I realize all these things would probably be a lot easier if I had a MS server, too, but we use Linux.

    For me, XP is a counter-productive OS. I know what I want to do but, it seems, my OS knows best. Every now and again, I get taken to the IE download page instead of Google. I get asked if I want to send a debug message to MS, even if I wrote the program myself. An OS should do what the user wants, not what it wants, or what MS wants.

    Some of my students love it. But my students love porno-dialers, too. Indeed, the 20 new machines have no floppy drives. Because of this, I taped up the slots so the students don't stick disks in. They pull the tape off and then stick disks in. I think this is the right audience for XP.

    Ultimately, if you continue to use MS, you can expect them to take more and more control away from you and make ever more decisions for you. I think that this is merely a convergence of interests between MS and content providers. MS were always going to take over your PC, now Hollywood are going to fight MS for it.

    [ Parent ]

    not throw fuel on the fire (3.00 / 1) (#136)
    by yankovic on Wed Jul 10, 2002 at 06:24:50 PM EST

    but you should really look at getting SMS. It takes care of all the issues you have, especially configuring what people can and can't run. Makes managing XP/2000 super super easy. New patch comes down, you can auto apply. Want to turn off messenger? Done.

    [ Parent ]
    to stop the message from going to microsoft (none / 0) (#174)
    by cerberusti on Mon Jul 22, 2002 at 09:11:27 AM EST

    BOOL AddERExcludedApplication(
      LPCTSTR szApplication

    It is the first in the list of new functions for Windows XP.  Older programs still report but, something tells me that they plan to charge developers in the future for the privilege of seeing what errors their users had.

    Also, for that many installs, you should have a volume license (with no activation), and image software (such as ghost) really helps when doing multiple installs (configure it once).  

    I do like windows XP, I generally give Microsofts newest a try for a while, and promply dump it, but this one has stayed (I kept my other, FreeBSD of course.)  I think XP is the first thing Microsoft has done correctly in quite a while.

    I am also not too concerned about not being able to boot other systems, since that would create quite a bit of backlash, which I do not think they can quite afford.

    [ Parent ]

    You'll take what you're offered, or suffer. (none / 0) (#150)
    by Sloppy on Thu Jul 11, 2002 at 12:07:55 AM EST

    When your ancient dusty 8 GHz 2-CPU machine starts to croak, are you going to learn to live without a computer?

    Or are you going to scour Ebay for a used 8 GHz 2-CPU replacement, and hope that you get another 4 years of life out of your $1000 investment? (Good. Perhaps you will know how this (now ex-) pathetic Amiga holdout felt at the dawn of the 21st century.)

    Or are you going to go buy a 200 GHz sixteen CPU (each dual-cored) machine at Wal-Mart for $300, like everyone you know has, where the CPUs themselves refuse to bootstrap a BIOS that fails the challenge-response protocol?

    It's a lonely road. Maybe anyone can do it once, but twice may be just too much heartbreak to bear. I hope I can avoid selling out, but they're not going to make it easy.
    "RSA, 2048, seeks sexy young entropic lover, for several clock cycles of prime passion..."
    [ Parent ]

    The even bigger issue - locking out the little guy (4.70 / 10) (#88)
    by richieb on Wed Jul 10, 2002 at 08:52:29 AM EST

    I don't care if the big media players want to lock down their "content". The stuff they produce is hardly worth copying.

    However, these technologies can be used to lock out independent artist (musicians, filmmakers or programmers), because in order to produce stuff that will be viewable/playable on devices that everyone owns the producer will have to pay M$ or RIAA for the priviledge of being able to record in the "official" format. (i.e. Can you produce a DVD full of home movies that will play in your granma's DVD player?)

    Not only that, if I want my "content" to be freely copied and distributed, this technology will prevent my fans from distributing my free stuff.

    Instead I would be forced to pay someone to distribute my work via official channels. Which in practice would stop me from even trying.

    I'm an amatuer musicians and I distribute my own recordings in MP3 format to my friends around the world (maybe there are 10 people all together who are interested). Will Palladium prevent me from doing this? Certainly I will not pay to have my files officially DRM-ed.

    It is a good day to code.

    issue of playing home DVDs (4.50 / 4) (#99)
    by adamba on Wed Jul 10, 2002 at 10:53:31 AM EST

    As I mentioned elsewhere this is a separate issue, unless the format of DVDs and other future media gets hopelessly commingled with TCPA and Palladium (doubtful since then some of it would need to be implemented on standalone DVD players).

    The idea behind Palladium is to protect the bits that the big media companies care about protecting. What about your home-produced bits? They don't care about those much at all. So the question is, what does a Palladium DVD player (or a closed box DVD player, or a Playstation 4) do when it sees a future high definition DVD that has no protection on it at all. Will it play it or reject it? Well, it depends on how the format is defined. It's certainly something that organizations like the EFF should keep an eye on as the format is defined.

    Keep in mind the code signing rules in Palladium should be (and I emphasize should!) enforce only for code that executes. DVD bits should be considered data, like a Word doc, and there should not be any reason to require that those be signed. Palladium will likely give the user the ability to optionally do so however. At that point, how "global" your signing is will likely depend on how much you want to pay for it. If you just want it signed so only the 3 people in your office can see it, that's probably free; if you want it signed so it is as protected as a commercial DVD, then that will cost $$$.

    - adam

    [ Parent ]

    play/reject unsigned next gen DVD? (none / 0) (#164)
    by Ngwenya on Thu Jul 11, 2002 at 12:58:52 PM EST

    So the question is, what does a Palladium DVD player (or a closed box DVD player, or a Playstation 4) do when it sees a future high definition DVD that has no protection on it at all. Will it play it or reject it? Well, it depends on how the format is defined.

    And what laws end up surrounding the media business.  If, for instance, the EU thinks that the whole thing is a scam to keep the American film industry dominant at the expense of the European one, they're quite likely to pass some laws forbidding such restrictive software - or at least ensuring that the contracts which make the software producers adhere to the DVD consortium's conditions is null and void (thus clearing the way for independent software to be produced).

    It seems to me that the media industry is having it all its own way right now - but the pendulum is likely to swing in backlash.

    And then there is the technical angle. Unless TCP enabled systems come with hard restrictions which ensure that they will invariably refuse to boot non-signed OSes (very unlikely) then the path must become clear for a future Linux to have an "unauthorised" player made.

    So, while I can accept the argument about removing the general PC as a content playback device, I just don't see it succeeding - not without wholesale changes to both the entire PC market as well as the entire distribution method for content (ie, there would need to be some form of online authorisation to activate a DVD - which means that the current retail method couldn't be used).


    [ Parent ]

    not quite: region 0 should exist (3.00 / 1) (#147)
    by gps on Wed Jul 10, 2002 at 09:47:15 PM EST

    Home video, home music, and indy media is an important market.  I'll be very surprised if there isn't a system equivilent to today's "region 0" encoded DVDs that are simply not encrypted.

    Indy media will not be banned, it will just be locked out of enjoying copy protections due to the monopoly that any public-key infrastructure naturally creates.

    Watch the creation of the PKI here.  I don't expect any keys allowing taking advantage of the security features to be made available to anyone who hasn't paid an exhorbinant fee for the privledge.  [pretty much a "protection fee" for anyone who wants their content to be protected by big Billy, these can even be time limited so that protection runs out if more money isn't coughed up in time]

    [ Parent ]

    Interesting tactics... (2.00 / 2) (#105)
    by werner on Wed Jul 10, 2002 at 11:32:44 AM EST

    ...but I think of all people, MS will manage to botch up a secure machine implementation. Their software isn't secure against attacks over the Internet - what chance would their code have on a good [c|h]acker's own machine?

    MS should pay MandrakeSoft (who need the cash) to build a DRM Linux, then reboot to that to play protected content. It would be better than their Swiss-cheese implementation.

    Unnecessary (3.50 / 2) (#123)
    by pla on Wed Jul 10, 2002 at 02:27:24 PM EST

    Their software isn't secure against attacks over the Internet

    The goals of the XBox compared to a general purpose PC differ radically.

    As the parent article correctly points out, no one has successfully made an XBox run an arbitrary binary without some serious work beyond what even most "good" computer geeks could accomplish (the one exception involving a leaked SDK, and not having access to it, I can't say just how generally useful it seems).

    However, the XBox has exactly one official purpose, to run a tiny body of software over which M$ has 100% control.

    A PC, on the other hand, needs to run quite a lot of arbitrary software. Limiting that to "official" software helps (security-wise, if totally destroying the entire free software movement in the process), but it doesn't eliminate the risk of compromise.

    Totally bug-free software simply does not exist. Period. Eventually, someone will find the crack in all the armor, and the game ends until the next round, with a new generation of software to beat.

    However, beating the entire concept of DRM doesn't take a victory over every possible bug-fix, it only takes a victory over one bug *per media generation*. If I find a way to copy a DVD-V6 on Windows 2006, the damage has occured, and no amount of after-the-fact fixing will take away my ability to copy all DVD-V6's. So, until the media companies make DVD-V7, we end up in exactly the same situation we have now.

    This means two things - First, we will see a (literally) never-ending series of incompatible media offering no substantial quality improvement over the previous generation, yet requiring new hardware to play. Second, aside from pissing off consumers and wasting time and money on all sides, this won't actually have the slightest effect on piracy (aside from perhaps pushing it back by a year or two after each new media type comes out).

    And, finally, people still need to consider "the analog hole". Borderline amusing attempts by the RIAA/MPAA to "close" this hole will fail (It sounds scary, if you don't know the side effects. Even if they somehow get it passed, after enough people DIE because of it, people will scramble to fix the damage). So, with fairly cheap equipment, people will *always* have the ability to record the final stage of playback (camcorder pointed at screen, microphone over the speaker, etc). Even if, by some miracle, the analog hole *does* close, old equipment will still work, and some parts (like a microphone) involve simple enough electronics that a black market of small-scale manufacturers would spring up to dig an entirely new hole.

    Actually, I can think of quite a lot of amusing ways around even closing the analog hole. A large array of light meters, three color filters, and a tangle of fiber optics that would make Medusa envious. Do the media companies plan to watermark every single pixel? I'd like to see *that* not degrade image quality. Not to mention that building a crude ADC requires nothing more complicated than an elaborate network of resistors... Do the media companies plan to ban pencil leds of different lengths? Yeah, that sounds absurd, but it *could* work. The real absurdity lies in thinking that any method of preventing people totally committed to stealing content, will succeed. Not only *must* such prevention fail, it will give non-pirates motivation to break the protection just for fun (ala DeCSS, which despite claims to the contrary, does not form either a necessary or a sufficient condition to copy a DVD... Someone broke the encryption for fun, nothing more).

    [ Parent ]
    1,000 years from now... (4.30 / 10) (#107)
    by tapir on Wed Jul 10, 2002 at 11:42:14 AM EST

    people will be digging optical disks our of landfills and cursing the jerks who felt that had to encrypt most of them.

    On our way out,  our civilization will end up burning the planet's fossil fuels and wiping out half of the species on this planet.  Ecologist Howard Odum says that the least we can do is leave the information we create for future generations.  But Hollywood doesn't want to do that,  it's just afraid that people are going to rip off it's precious intellectual property.

    Well,  screw them.  I've only watched one movie in a theatre in the past five years and only watched one DVD.  I don't care what they do with the crap they produce because I don't need their toxic culture.  I just want to keep their hands off my computer,  and to refrain from doing anything that takes away our ability to create our own culture.

    Crackerz of the future? (none / 0) (#177)
    by Spork on Wed Sep 25, 2002 at 12:51:36 PM EST

    I don't know... it seems to me you're selling short the cracking powers of our distant descendants. First of all, if we could keep up Moore's law for 1000 years... well, you can imagine how easily such machines would undo any encryption we use today. As long as the media survives, I think we'll be OK.

    [ Parent ]
    The following sentiments have been posted (4.00 / 3) (#108)
    by Anonymous 7324 on Wed Jul 10, 2002 at 12:15:22 PM EST

    before and beaten to an unrecognizable pulp, but can someone humor me anyways and answer?

    Isn't the solution to all of these "media" locks just analog copy? So the entire playback chain from CPU to optical media to the LCD screen controller or audio DAC controller are now asymetrically encrypted using the latest and greatest crypto scheme. Yay. What stops me from sitting down with a camcorder in front of the LCD screen and recording the fucking thing? Same goes for a mike and a tape deck.

    Admittedly, this doesn't solve any concerns about the GPL being collateral damage as well as all the other political issues, but what I'm trying to get straight, is whether or not the media cos actually expect any of this to work?!?

    The fact is, unless users are prohibited from creating media themselves (say, of my grandma's 99th birthday party) and sending it to be played remotely on a friend's computer (because they love my grandma too...), I don't see how content can ever be protected.

    Unless the latest vidcams have AI technology that can recognize a scene and know that it's "copyrighted" and then refuse to record, or every single user-created video must be sent to some central server to be authenticated and signed (neither seems terribly likely for technical/logistical reasons), or all user-created media can only be viewed on the creating machine (would get a HUGE consumer backlash that not even both industries together can withstand...), I don't see how they plan to plug the analog hole.


    analog copy (4.33 / 3) (#113)
    by adamba on Wed Jul 10, 2002 at 12:29:32 PM EST

    There actually is a plan to plug the analog hole with watermarks that could be seen in the image.

    But I don't think that really concerns the media company. It's the same reason they didn't care much about fair use copying until Napster came along. Putting a camera in front of your screen degrades the quality. It's the perfect digital copies that worry them. Especially the perfect digital cracked copy that can be trivially duplicated with a file copy.

    - adam

    [ Parent ]

    Well (5.00 / 2) (#116)
    by Anonymous 7324 on Wed Jul 10, 2002 at 12:53:54 PM EST

    most users aren't very picky about audio/video quality. Sure, most fans probably held off to view Episode I on the big screen although camcorded copies were floating around the 'net a week before, but people like me (and others) who view Star Wars as a casual interest at best made no hesitation about skipping the $10 showing and watching the tilted, slightly off-color camcorder copy on our 17" monitors.

    Similarly, although I (now in the reverse situation) wouldn't be caught dead listening to a 3rd generation analog (or even redigitized) version of the latest song, since I'm one of those icky audiophile people, most people can't (more likely, don't bother to ) tell the difference between 128k mp3 and CD quality. Will it sound worse? Only on high-end stereos.

    As for watermarking and quality in general, the two concerns are together. One, the watermarks can't be too high in level or they disrupt viewing from legitimate owners, who then ask quite rightfully what the h3ll this supposedly "improved" format does for quality anyway. Secondly, unless each and every copy out there sold with watermarking can be linked to a verified identity of purchaser, nothing stops someone from walking into a store, buying a copy with cash, and walking right back out to their house to camcord the thing.

    The note about quality: most of the real money-losing stuff comes from the East, as people have pointed out. Furthermore, if we are forced to go all-analog, watch for "release" groups that are the analogs of the software groups like Razor 1911 and Hybrid which will vie with one another, and pride themselves on bringing you the latest and greatest, in true, fantastic quality (though analog-recorded). Suffice it to say that since watermarking can't be tied to an induvidual, and that neither the big-scale pirates nor the release groups exactly care about being legal (DCMA? what dat?!?), I'm fully expecting audio/video media to continue unabated.

    On the other hand, the Palladium FAQ and the repercussions on Open Source software and the GPL-like philosophy of programming has me pretty seriously worried. This could well be the chink in the free software armor...

    [ Parent ]

    Re: The following sentiments ... (none / 0) (#170)
    by runlevel0 on Sun Jul 14, 2002 at 09:51:03 AM EST

    Yeps, this is *exactly* the point:
    Crypto-protected MP3 ? A plain-vanilla stereo switch in the analog output and ready !
    And if you use a good Chrome Tape the copie is nearly perfect.
    And if you record it back to the PC and bakes it again to MP3, there would be no way to stat if it's the latest MTV-Hit or just a birthday greeting from your granny.

    So, even if the big companies would stop making analgo devices, there are hundreds of smaller ones, even in development countries with the technologie level to build them.

    [ Parent ]

    Analog hole legislation... (none / 0) (#178)
    by madopal on Wed Sep 25, 2002 at 04:42:45 PM EST

    Plugging the analog hole was exactly the purpose of the recent legislation called the Consumer Broadband and Digital Television Promotion Act (CBDTPA). This legislation aims to make it Federally mandated that hardware have internal protection for copyrighted intellectual property. Ok, now maybe it's a bit slippery slope, but so if something like that were to pass, here's what we'd have:

    - All new hardware must have HARDWARE LEVEL security in order to play copyrighted IP.
    - According to the DMCA, attempts to circumvent copy protection are a violation.
    - Therefore, all old hardware that is not in compliance with the CBDTPA is an attempt to circumvent existing copy protection, AND IS ILLEGAL.

    So, now, the only hardware you're allowed to have is hardware with DRM enabled, and DRM enabled hardware won't deal with any "analog" copies that don't have the proper signature.

    Therefore, the analog hole is closed. Even if it's not grandfathered like that, eventually, if all hardware sold has this, then recordings like the one you were talking about will be unsigned (or, if they remember to allow personal recording devices, they keys would be signed to YOUR identity...allowing for easy prosecution of this lapse in fair use).

    I believe if bills like the CBDTPA go through, we're looking at some ugly scenarios like this.

    And as far as consumer backlash...I think that's the most likely scenario. As it's mentioned in posts above there really isn't a lot of concern for the consumers going on.

    "...if you drink much from a bottle marked 'poison,' it is almost certain to disagree with you, sooner or later." -- Lewis Carroll
    [ Parent ]

    How does this help the general consumer? (3.50 / 2) (#112)
    by lanmaniac on Wed Jul 10, 2002 at 12:28:27 PM EST

    It doesn't. Most likely prices on DVDs/CDs/etc. will skyrocket to compensate for all of the so-called pirates, hell bent on destroying the industry. In the music industry's case, if they would spend all of that money used to save a dying form of despensing music, they might be doing better off in a few years. Do you think that it's entirely to do with people stealing their music? I mean to be honest, I haven't bought anything at a chain music store, but I do buy plenty of CDs...believe me. I spend most of it on imported indie stuff. The major labels have nothing that interests me anymore. If they can get their proverbial $hit together, perhaps that would help? Not to mention some of the trash the movie industry has been shoveling on the public lately. They are also putting their research dollars in the wrong place, if you want my opinion.
    Andy Adcock e-mail: lanmaniac@flyingmayhem.com home: http://www.flyingmayhem.com
    Anti-Trust Law (4.00 / 3) (#118)
    by Merk00 on Wed Jul 10, 2002 at 01:23:05 PM EST

    I wonder what the anti-trust implications of moving in such a direction are. Not just for Microsoft, but also for the content-providers (movie studios). Movie studio heads already refuse to be in the same room as each other because of the possibility of collusion. However, owning the "key" to sign all software that runs on a computer seems to be quite a movement into collusion. Not to mention that this would also keep competitors out of the market place.

    "At FIRST we see a world where science and technology are celebrated, where kids think science is cool and dream of becoming science and technology heroes."
    - FIRST Mission

    Anti-trust implications these days (3.66 / 3) (#132)
    by epepke on Wed Jul 10, 2002 at 04:22:09 PM EST

    "You have been found guilty of anti-trust violations, smashing entire industried and impoverishing consumers."

    "But we haven't gone bankrupt, so we're important to the economy."

    "Oh? Well, all right then. Carry on."

    The truth may be out there, but lies are inside your head.--Terry Pratchett

    [ Parent ]
    CSS & region locking not a requirement (none / 0) (#152)
    by DodgyGeezer on Thu Jul 11, 2002 at 12:22:26 AM EST

    DVD's don't have to be encrypted with CSS, nor do they have to be region locked. Thus anybody can produce a DVD and introduce it to the market place, although having "security features" isn't so practical. I hear that some of the early Hollywood DVDs were region encoded, but weren't encrypted. Can anybody verify this?

    [ Parent ]
    I thought I was among the Geeks (1.50 / 2) (#127)
    by frankcrist on Wed Jul 10, 2002 at 03:08:37 PM EST

    I guess there aren't too many Shadowrun fans here.  I guess I should have said, "I'll become a believer when my sister transforms into an Orc."

    Get your war on!
    Nobody else caught this? (4.75 / 8) (#134)
    by GreenCrackBaby on Wed Jul 10, 2002 at 05:45:29 PM EST

    TCPA and Palladium were not created so Microsoft could damage its rivals. They were created because Microsoft and other personal computer heavyweights felt they had to.

    While I hold some reservations about that statement (it is awfully convenient that gpl'ed stuff won't work on palladium), I'm bothered more by the fact one key ingredient is left out of your statement....the customer.

    The way it should work is that customers should be pushing what "features" should be in future products. Customers want to buy a DVD and be able to play it on their home computer. They want to be able to take a digi-cam and make their own videos. Etc. You'd be hard-pressed to find any customer that just can't wait until they get their new OS with its draconian restrictions on what can be viewed, copied, created!

    I just hope that this lack of focus on the customer becomes the undoing for M$ and the "entertainment" industry.

    customers want content (3.00 / 1) (#143)
    by gps on Wed Jul 10, 2002 at 09:32:50 PM EST

    Customers do/will want high definition movies and music (better than current CD and DVD formats) on their computers, that much is guaranteed.  If microsoft doesn't do this they will not be able to sell their OS for use in embedded entertainment devices, let alone have general purpose computers capable of entertaining their users with bigmedia content.

    Another reason for all of this is that microsoft subsists primarily on -new- licenses for its operating system issues with new hardware purchases.  Computer upgrades are already in significant decline now that the current speed of computers is plenty fast for most applications.  Expect microsoft to constantly create reasons to require new hardware.  (Intel is in the same boat with them, without bigmedia applications there would be -no- demand for faster cpus)

    [ Parent ]

    draconian restrictions only on bigmedia content (4.00 / 2) (#145)
    by gps on Wed Jul 10, 2002 at 09:39:08 PM EST

    While its true the draconian restrictions are destined for bigmedia content, nothing will happen to prevent normal consumer activities of making their own content (music, home movies, etc).

    However if a consumer wants to -protect- their own content, they'll have to pay huge fees (one soul please!) to the bigmedia establishment to have it properly signed+encrypted.  Your average consumer isn't trying to create copy protected videos of their new baby to put on the website for grandma.

    [ Parent ]

    Gee, I wish that were true... (4.00 / 1) (#146)
    by visigoth on Wed Jul 10, 2002 at 09:43:29 PM EST

    ...but it's unlikely the majority of potential customers would even care. Inundated by ever-increasing intensity and density of advertising and marketing hype, all they will care about is whether the latest entertainment toy will play the latest content. The media providers won't even care about the rest of us, since those of us who object to such draconian restrictions, especially those who don't want any restrictions at all, can simply be marginalized out of existence. It doesn't matter that some of us in this latter category also have some sense of honor and ethics, and wouldn't copy content we hadn't already paid for... that's fair use, and that's going out the window, too.

    Think I'm wrong? Think I'm being overly paranoid? Perhaps, but... remember when "the customer was always right"? That only holds when customers are scarce; when they're so plentiful a vendor can afford to ignore and ostracize a significant portion of them, the vendor can effectively move the market any direction it wants to go -- the only way to fight this is an educated and self-determined population of consumers forming the bulk of the "marketplace", able and willing to withhold their spending choices so as to not benefit vendors having this kind of arrogance, and I don't think that necessarily applies in the world of digital media.

    It's only a matter of time before it becomes pervasive in the software industry, particularly entertainment software such as games. With the recent trumpeting of successful investigations and convictions of "software pirates", restriction of execution to "trusted code only" starts to take on ominous tones... I could blather on about a coming era when independent software development will become illegal... code can only be produced and distributed by "trusted agencies" because of potential damage to guaranteed extort^H^H^H^H^H^Hrevenue streams of large software companies... but perhaps I've been reading too much science fiction...

    (yes, I could be wrong. I sure hope so!!!)

    [ Parent ]

    Agreed. (none / 0) (#169)
    by sulli on Sun Jul 14, 2002 at 04:29:10 AM EST

    So don't buy Palladium. Case closed.

    [ Parent ]
    way to go (4.00 / 3) (#137)
    by turmeric on Wed Jul 10, 2002 at 06:31:23 PM EST

    about the best article i've ever read on k5. the kind of thing u expect to see in the new york times magazine or whatever.

    correlated with ability to get PUBLISHED (2.00 / 1) (#138)
    by tbc on Wed Jul 10, 2002 at 07:09:35 PM EST

    I haven't read his book, but at Adam Barr wrote one. That's one reason this article is so good.

    [ Parent ]
    fixing typo... (none / 0) (#139)
    by tbc on Wed Jul 10, 2002 at 07:11:35 PM EST

    > but at Adam Barr wrote one.
    That should read "at least Adam Barr wrote one."

    First time I've hit Post instead of Preview. :-(

    [ Parent ]

    Newsweek article on Palladium (none / 0) (#168)
    by adamba on Fri Jul 12, 2002 at 05:47:54 PM EST

    The article is gone from msnbc, but was reposted here. This was the first public disclosure of it.

    - adam

    TCPA and Palladium: Sony Inside | 178 comments (163 topical, 15 editorial, 1 hidden)
    Display: Sort:


    All trademarks and copyrights on this page are owned by their respective companies. The Rest © 2000 - Present Kuro5hin.org Inc.
    See our legalese page for copyright policies. Please also read our Privacy Policy.
    Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
    Need some help? Email help@kuro5hin.org.
    My heart's the long stairs.

    Powered by Scoop create account | help/FAQ | mission | links | search | IRC | YOU choose the stories!