The more you learn how Microsoft EULA has the right to enter your computer, check out what software you are using, and also use the DRM tools in Vista to prevent you from seeing files, data, videos, or hearing 'unauthorized' music files - the more you get a sick, sinking feeling in your gut that someone else has taken control of your machine.
US Federal Government Agencies have BANNED Microsoft Vista, and for good reason.
The Microsoft EULA takes control of your machine, stating directly: "this agreement only gives you some rights to use the software. Microsoft reserves all other rights." Even potentially deleting files or disabling programs.
Compared to the costs of Apple OS X or any Linux Distribution,
Keep in mind that Microsoft was convicted by U.S. Courts for its criminal behavior, and is being forced to pay $4 million A Day by the European Union for being in violation of their judgments.
Anti-freedom Vista takes away your rights - do you want to Confirm or Deny?
BOYCOTT WINDOWS VISTA MACHINES!
If you support Linux, freedom, democracy, or just want to keep control of Your own machine that You buy with Your own money, PROMOTE this idea now.
Microsoft - Where in the world did you think you were going to go today?
Thats true, im sure there is XP retail copies still out there. Just format reinstall and install XP and you can take care of your system from that point forward. No worries from Dell on how to fix any software issues you might have. :)
I think reg's point is that there are many reasons users may not want Vista. To translate some of those he mentioned into less inflammatory terms:
* Vista basically gives (in both the technological sense of the word and the legalese in the EULA) control of your machine (the ability to run arbitrary programs) to Microsoft. Some people may not like that because they're competitors of Microsoft. Others may not like that because they deal with sensitive government data. Others may not simply because they see it as a privacy invasion.
* Some people choose products according to the ethics of the company involved (for example those who preferred Pepsi when Coke was being accused of killing union members in central & south america). Microsoft has been convicted of illegal business practices, and those users may not want Vista.
Sure there are plenty of other reasons (personally, I don't like the UI) - but I think the poster was suggesting that right now there's a segment of users who are boycotting Vista for one reason or another; and that Dell is missing out on that market.
OK! You want Linux... we get it... Stop posting about Linux. There are 213312321 posts about Linux! Just vote for one of them!!! My Goodness, why waste everybody's time... Is this really going to help Dell make more profits and server their customers better ?? (95% whom would LOVE to have Vista, mind you!)
jmxz - well said. I wanted to make a point that all those Linux posts may be repeats by the same people.
To sort that out, I want to know how many people not only like Linux, but how many people are ACTIVELY AVOIDING WINDOWS VISTA?
Several federal government agencies, European governments, South African Government, many schools that don't see the logic in giving away buckets full of cash, etc. - you can find out who has banned buying Vista with Google news.
Vista Avoiders are 'Lost Sales' - harder to track those losses because they don't bother to tell you why they canceled the order for 500 units, they just stop buying Dell hardware. Ouch!
Linux is software written by computer users for computer users. Great.
Windows is a EULA written by lawyers to constantly move Microsoft customers toward the end goal - the 'public utility model' where you literally will subscribe to Microsoft software. Stop making monthly payments, and your systems will SHUT DOWN.
Microsoft time and time again has said they are moving toward a Subscription Model of software sales. Now I don't know what customer Wants to pay a monthly fee for their software use, but Microsoft says people already pay for Cable TV, utilities, AntiVirus, etc. Why not software? Subscription software also takes control completely away from the users, and gives termination privileges to Microsoft. Nobody can pirate software that requires regular monthly withdraws from your checking account.
If you use your machines for anything important - making money, running government, nuclear power plants, working in hospitals, managing shipping, production line assembly, any business, etc. etc. - you can't EVEN RISK them getting shut down by a third party.
It's not enough to say you support what is right. Sometimes, you actively have to resist what is wrong. Morally, Ethically, and Business practices-wise.
Windows NT I liked, Windows 2000 worked fine, Windows XP - good game platform, better than Win 3.11.
But Now, It seems like Microsoft has a new slogan: We Eat Our Customers
IF Dell KNOWS that government agencies can't buy Vista Dells, schools can't buy Vista Dells, financial institutions can't buy Vista Dells, etc. etc - THEN Dell MUST make sure they are offering alternative products.
And how many people are not avoiding Vista, and want to upgrade from XP? What is it so hard in buying a computer, and wiping it clean to install whatever you want? If you are that serious about Linux or whatever, you will a) build your own computer or b) build your own computer. Simple.
Well buying a Computer with Vista on it is funding Microsoft, and by doing that they see no reason to change their ways since they have a guaranteed income stream. And when you wipe it off the system, getting support from Dell Lets say is very difficult even if it is a Hardware issue.
Note also that even if you trust Microsoft fully - the ability reg mentioned about them having control over your machines is dangerous because they themselves have security problems and a history of being hacked .
For example, note yesterday's news that the XBox Live/Passport security's been hacked http://blogs.zdnet.com/security/?p=131 "I have been involved with Microsoft Support for days on this exact issue and have spent many hours on the phone trying to prove to them that, first, my Windows Live ID was stolen and, second, the ID and password associated with my ID were changed; two actions that Microsoft swears can NEVER happen; and third that the thief was able then use my credit card information associated with one of my Windows Live ID accounts to purchase over $800 of Microsoft products."
With the ability for Microsoft to control end-user's machines that they put in Vista, if Microsoft gets hacked again, such hackers might choose to go after Vista machines instead of XBox accounts next time.
Well jmxz there is a new story on Zdnet on the XBOX Live/Passport, you wont like it. Not that I believe either story since there is very little evidence either way. http://news.zdnet.com/2100-1009_22-6169500.html
Since you are so anti-Vista, pro Linux and other OS why don't you just push for Dell to offer computers with no OS and then you install whatever one you want when you receive it. This would be a much easier thing for Dell to do instead of making surveys on which version of Linux to use. If Dell supplies a version of Linux they will still get alot of complaints of "you should have picked this other version" just like you are doing with XP vs Vista.
Although it doesn't hurt to point out issues WITH Vista, I do think it would help more for everyone to throw fewer stones and try, instead, building with them...
We really don't need all the 'linux fanboy' 'windows fanboy' nonsense at this site... and Dell needs it least of all... it provides NO value to Dell whatsoever.
Microsoft is what it is... but, if you ask for CHOICE, you'd better be supportive of Windows users choices as well... it's called freedom.
While I agree with your statement "Microsoft is what it is... but, if you ask for CHOICE, you'd better be supportive of Windows users choices as well... it's called freedom."
They are not trying to boycott Microsoft just Vista, they could have added in there they would prefer the choice of XP over Vista.
mmmm, true, that distinction was not missed by me... but this is still a Microsoft issue, not a Dell issue.
If you want philosophical or social consciousness, you need to attend to it yourself... corporations aren't very big on that sort of thing.
I really don't see what the topic has to do with the IdeaStorm site... except that individuals are using this as their own forum without regard to Dell's intent, request, desire, or NEEDS.
What Dell (as well as others) is doing in China... Dell launches low-cost PC in China Dell is offering its new low-cost desktop with Windows XP instead of Vista http://www.infoworld.com/article/07/03/21/HNdelllowcostpcchina_1.html< with Linux, too, but apparently little demand??
Their is absolutely no reason that Vista should be as big as it is and require as much hardware as it does.
Vista sucks. XP is the best microsatan OS that their will ever be. It will only get worse from here on out.
EVERYONE should be considering alternatives because it is now completely obviuous that MS DOES NOT CARE WHAT THEIR CUSTOMERS WANT............AT ALL!!!!!!
If they did they would CLEARLY stop forcing OEM's to preload Vista and offer their consumers a choice.
I liked Win NT, and even Win 2000 was good - why did MS kill the WinNT line?
I would rather buy Windows NT 7.0 than Vista nonsense - NT without the Vista EULA nonsense and backdoor shenanigans.
Is it so hard to write a 5 ringed security model?
Untouchable Micro kernel level 0, drivers doing hardware abstraction things level 1, supporting operating system utilities (file systems, etc) level 2, graphical user interface, sound, video, peripheral devices, level 3, user programs, data and applications level 4.
With no privilege escalation possible and no buffer overflows built in?
They teach that kind of stuff to Undergrad Computer Science majors, and Microsoft people should be able to build a solid, transportable, hardened system.
I still think the best thing for everyone in this discussion would be Dell selling systems with an option of having no software installed and the buyer installing whatever they want. Linux people could install whatever version they prefer, MS people could install the version they want ... The only down side to this is that Dell would not service or support your OS when you do this since they did not install it.
Unfortunately the house (windows) was built with a poor foundation and it has had band-aid after band-aid applied and no matter how many good coders you get, you cant fix it until you start from SCRATCH. That being said it would be impossible for Microsoft to do that since the project has gotten so big and to duplicate the functionality on a good foundation will take way to long.
reg must have something to hide. Who cares if MS looks at my install list, get over it because if you use linux the repository you use can just as easily log what you've installed and are using the most, are you sure the mechanism you use to install patches isn't reading extra files? Big Brother has been watching you for a long time, don't use a computer if you don't want to be tracked.
Vista is just another OS, from someone who uses more than one or two or three its the same thing every time a new one comes out or a major upgrade is released don't think Vista is any different other than cost which is actually cheap compared to MacOSX and its yearly upgrade cost and its bound to the hardware. Then there's the Linux's which are pay for upgrade/update, SOS. Which reminds me Dell seems to be going for Xerox Unix which means you'll be paying for that, don't bet on Dell using a Free Linux/Unix, because they don't want to support the OS just ship it and pass the buck to the OS for support.
Which concludes with reg just build your own computer box and get off the board.
What you Can Not Hide is the Total Cost of Ownership - TCO! Apple Macintosh Computers are Cheaper than Microsoft Windows PCs. Linux is far cheaper than both. q.e.d.
Well, Now they have activated the negative voting system (sounds like Florida and Ohio) - they can suppress the will of the people. The funny thing is, with screen shots and the public numbers, ideastorm is still more open than a USA election!
> but how many people are ACTIVELY AVOIDING WINDOWS VISTA?
Count me in on that.
I use Windows XP. I like XP. It is a big improvement over 95/98/ME. I MIGHT have been okay with Vista (after they work out the bugs, hardware compatibility, backward compatibility), except for the DRM.
DRM is the perfect example of a "feature" that I do not want, that I don't have the option of not having in Vista.
(As a sidenote, Microsoft recently released "Windows Genuine Advantage", which thankfully I had the option of not installing. This however IS installed in Vista.)
So yes, Vista is directly responsible for me looking to switch to Linux.
"Vista Install in 2 Minutes" - Ouch! Man, that was harsh!
He had a 'compatibility problem' there for a second, but by adjusting the settings on his machine, he was able to get his Vista Upgrade installed very quickly.
The Trick is... Microsoft gets paid for a full license of Windows whether the computer they sell has Windows on it, or not. That's how he started out with DOS back in the IBM days, and that's how they do it now. It is really smart... if you want to make lots of Moolah... Now... that's what makes Linux pre-installations so tricky, since DELL will recoup their Windows expense anyway. Enjoy!
Are You ACTIVELY AVOIDING WINDOWS VISTA? (Dell wants to keep You as a hardware customer, and not lose your business!)
Let DELL know WHY:
1. Your Employer Banned Vista. 2. Your Government Banned Vista. 3. (1 & 2 are the same, Employer = The Government). 4. Incompatible with Important Software or Valuable Hardware. 5. Too expensive to upgrade, plus upgrade software and hardware. 6. Can't get it to load on my Commodore 64. 7. Other, and please tell Dell why:
They do even worse than what's mentioned in that link.
It's not just the old "Ready for Vista" stickers that were misleading - they're currently actively misleading people into Vista versions inappropriate to the specific machines they talk about.
For example, they often write "Dell Recommends Vista Premium" on pages where they're discussing a machine that's rather incapable of running Vista Premium features -- for example, their machines that default to < 2GB ram when you go to buy one.
Their print ads do this as well - you can find print ads recommending some high end version of Vista yet the page shows machines completely inappropriate for some of the machines shown on those pages.
Oh, but a ton of BS ideas is good jervis961? A mascot, get real man how is that to help Dell or even you? Oh, for you you need to to hug something instead of the computer.
That wasn't my idea, but while I have posted some jokes I have also put in some serious ones. At first I was totally serious and against people like reg. Now I've seen the light and joined them. Either way at least I've participated and not just been an armchair quarterback.
If I think of a serious good idea - I post it. If something strikes me funny - I post it. If I think of something to get a rise out of people - I post it. If I am bored - I post it.
I'll leave the screening and censorship up to the good people of Dell, so far it seems like they don't like women, for some reason.
But, I do hope some of the ideas make them think, some of the ideas they build into products, and some ideas make them giggle.
Well my ideas have been incorporated into a slurly of other ideas so AT least somebody Dell has read them and moved them some where else besides the trash bin. Have you gotten an e-mail from Dell about your ideas? Probably not. Just a clarification but still.
No way, who would trust somebody else's install? Especially when you have your own mass installer with all the pickings and setting you need all done for you? But you guys can have the Dell Pre-installed settings and muck with it later.
I agree with you on your comment of March 21. Dell is already about to offer Linux, so next time I see another anti-Windows article or pro-Linux article or both (this idea is both)...I will report abuse according to Dell IdeaStorm's Terms of Use.
Indeed, I too am considering Windows Vista, and many other people surely are doing the same...No wonder Microsoft sold 40 million copies of Vista in the first month -- two times more than XP in the same time period!
Vista - and all it's flaws (makes computers slow; still has security holes; etc) - is the best opportunity yet for Dell to reclaim some of the profit of a PC that's been mostly going to Microsoft for many years. Finally, Dell can demand that Microsoft pay Dell for distribution (like Dell does to most software vendors) - rather than giving away all their profits to Microsoft.
- Forcing people to buy new product through required obsolescence. Get Vista: Need: More RAM, New Camera, New Printer, New Scanner, New software, very expensive graphics card, new everything!
Churning in the stock market - conning people into buying and selling that doesn't benefit them, but certainly increases brokerage fees and commissions - is a crime. The same laws should be applied to forced churning in computer software and hardware too...
You mean like BetaMax vs VHS? Or DAT Tape for Music when CD was about to eat everything up? Or still selling dual-up access when we all know DSL/Cable Modem are the minimal for real internet access these days?
It would be nice for Dell to post a WARNING: This system uses Microsoft Vista. You may be required to buy all new hardware, advanced graphics cards, and new software for it to work on your machine. Not all Windows XP hardware or software will work with Windows Vista.
Just a note - so people don't call up Dell and complain 'you never told me I would need so many new things!!!' - Well, Dell puts a warning on every Vista order before you confirm the purchase. So Dell told you, warned you that you might have to buy a lot more stuff. It will cut down on the profit wasting and time eating customer service phone calls, and pointless tech support calls: ''Sorry Miss Johnson, that program doesn't run on Windows Vista - you'll need to buy some other program, sorry for the inconvenience. ''
reg: "t would be nice for Dell to post a WARNING: This system uses Microsoft Vista. You may be required to buy all new hardware, advanced graphics cards, and new software for it to work on your machine. Not all Windows XP hardware or software will work with Windows Vista. Just a note - so people don't call up Dell and complain 'you never told me I would need so many new things!!!' "
Despite the Pure Profit Motive, it is the duty of a corporation to always put it's customers best interests FIRST, and Profits second.
You might think otherwise, but the Duty of any Company is to provide its Best performance for all stake-holders, not just executives, not just stock holders, not just employees, customers, or government regulators.
A good corporate citizen will earn and keep the trust of millions of customers, while one major blunder can cause Billions of dollars of loss.
Good, Beneficial Ethics benefits both the company and the customers.
In an ideal society that would be true. But that is not how it is configured atm. A coroporations first and only duty is to its share holders. you know the _owners_. It has always been the case that the owner class gets the highest priority. It sucks and we should do something about it, but that's how we've configured our society.
I think that Vista and XP are both among the best of operating systems, they both have their pluses and minuses -- Vista is just as good as XP, an vice versa...In fact, I fear that I am going crazy about Vista already! Although I didn't buy Vista yet, I tried on an HP notebook at a CompUSA...and I have plans already about buying Vista within the next 6 months. Also, Vista is not that expensive compared to XP, and Windows is actually becoming cheaper, considering inflation of almost everything else. Comparison:
Note: These prices are actual prices which you may find in a computer store or on the Internet, like Dell or Best Buy.
Anyway, Home Basic is comparable to Home Edition, Home Premium to Media Center, and Business to Professional. Ultimate is a new edition which has no equivalent in previous versions of Windows.
Actually, Vista apparently gives us more freedom, as there are more versions to choose from than XP.
I order you to stop speaking offensively against Windows Vista, and stop tempting us from promoting this idea. Let those who want Windows Vista get it, and do not bother them from getting it. Remove the offensive/insulting content, so that the article would just say "Do not force us to buy Vista", rather than "Boycott Vista."
I already reported your idea to Dell, so if you do not remove the offensive/defamatory content within the next time I see your idea, then I shall post an idea on making Dell remove offensive and defamatory posts, as the "Report abuse" option is not working.
His idea seems reasonably well researched; and the points he raised seem quite valid and he gave links backing up his claims. There seems nothing offensive/defamatory about it - unless you're the paralegal who wrote the offensive EULA or the developer who wrote the offensive "security" popups that annoy users without helping security. If you say reg's relatively factually correct posting is insulting - surely the lies promoting Vista should be removed first. Oh, and seeing how many other people voted him up it seems a lot of people - both XP and Linux users - agree with him.
I move for the U.S. Supreme Court to Render Summary Judgement:
All EULA are null and void, software manufacturers be held fully accountable for financial damages, lost profits, down time, pain and suffering, errors and flaws, When software corporations are publishing their own 'closed source' programs, the full Source Code with commenting be required to be entered on file with the U.S. library of congress, for open public inspection.
Only Full disclosure can protect our government from subversive programming, and only full accountability will bring Error proof consumer and business software.
Microsoft would fix its software if each error ended up costing them several million dollars each, and each Blue Screen of Death resulted in fines and penalties no less than $100,000 per incident.
(A note to readers: The reaction to what started out as an obscure technical post to a security mailing list has been rather unexpected and overwhelming, so I'm totally buried in Vista email at the moment. Please be patient when expecting replies, and apologies if I can't reply to all messages).
Executive Summary
Windows Vista includes an extensive reworking of core OS elements in order to provide content protection for so-called “premium content”, typically HD data from Blu-Ray and HD-DVD sources. Providing this protection incurs considerable costs in terms of system performance, system stability, technical support overhead, and hardware and software cost. These issues affect not only users of Vista but the entire PC industry, since the effects of the protection measures extend to cover all hardware and software that will ever come into contact with Vista, even if it's not used directly with Vista (for example hardware in a Macintosh computer or on a Linux server). This document analyses the cost involved in Vista's content protection, and the collateral damage that this incurs throughout the computer industry.
Executive Executive Summary
The Vista Content Protection specification could very well constitute the longest suicide note in history [Note A].
Table of Contents
Introduction Disabling of Functionality Indirect Disabling of Functionality Decreased Playback Quality Elimination of Open-source Hardware Support Elimination of Unified Drivers Problems with Drivers Denial-of-Service via Driver/Device Revocation Decreased System Reliability Increased Hardware Costs Increased Cost due to Requirement to License Unnecessary Third-party IP Unnecessary CPU Resource Consumption Unnecessary Device Resource Consumption How Effective is it Really? Final Thoughts Acknowledgements Sources Use, Modification, and Redistribution Appendices and Footnotes Mini-FAQ Open Questions Microsoft's Response About the Author Glossary Quotes Footnotes Introduction
This document looks purely at the cost of the technical portions of Vista's content protection [Note B]. The political issues (under the heading of DRM) have been examined in exhaustive detail elsewhere and won't be commented on further unless it's relevant to the cost analysis. However, one important point to keep in mind when reading this document is that in order to work, Vista's content protection must be able to violate the laws of physics, something that's unlikely to happen no matter how much the content industry wishes that it were possible [Note C]. This conundrum is displayed over and over again in the Windows content-protection requirements, with manufacturers being given no hard-and-fast guidelines but instead being instructed that they need to display as much dedication as possible to the party line. The documentation is peppered with sentences like:
“It is recommended that a graphics manufacturer go beyond the strict letter of the specification and provide additional content-protection features, because this demonstrates their strong intent to protect premium content”. This is an exceedingly strange way to write technical specifications, but is dictated by the fact that what the spec is trying to achieve is fundamentally impossible. Readers should keep this requirement to display appropriate levels of dedication in mind when reading the following analysis [Note D].
A second point to note is that the term “premium content”, or in more recent statements by Microsoft, “commercial content” (I've used “premium content” throughout this writeup for consistency) goes well beyond the HD-DVD and Blu-Ray examples that I've used above and encompasses not just the obvious definition of “HD content in any form” but even non-HD content, or as Microsoft put it “commercial content generally, independent of resolution”. While premium content is currently still somewhat scarce, in five years' time it'll be hard to find a movie or similar content that isn't HD or similar premium content. So although Microsoft have tried to downplay the perceived impact of Vista's content-protection by stating that it'll only apply when premium/commercial content is present, this conveniently sidesteps the fact that Microsoft hopes that this situation will become universal in the near future. The whole future of Vista's content protection is predicated on this fact, because without near-universal premium content there's no point in having content-protection features in the first place.
Disabling of Functionality
Vista's content protection mechanism only allows protected content to be sent over interfaces that also have content-protection facilities built in. Currently the most common high-end audio output interface is S/PDIF (Sony/Philips Digital Interface Format). Most newer audio cards, for example, feature TOSlink digital optical output for high-quality sound reproduction, and even the latest crop of motherboards with integrated audio provide at least coax (and often optical) digital output. Since S/PDIF doesn't provide any content protection, Vista requires that it be disabled when playing protected content [Note E]. In other words if you've sunk a pile of money into a high-end audio setup fed from an S/PDIF digital output, you won't be able to use it with protected content. Instead of hearing premium high-definition audio, you get treated to premium high-definition silence.
Say you've just bought Pink Floyd's “The Dark Side of the Moon”, released as a Super Audio CD (SACD) in its 30th anniversary edition in 2003, and you want to play it under Vista (I'm just using SACD as a representative example of protected audio content because it's a well-known technology, in practice Sony has refused to license it for playback on PCs). Since the S/PDIF link to your amplifier/speakers is regarded as insecure for playing the SA content, Vista would disable it, and you'd end up hearing a performance by Marcel Marceau instead of Pink Floyd.
Similarly, component (YPbPr) video will be disabled by Vista's content protection, so the same applies to a high-end video setup fed from component video. But what if you're lucky enough to have bought a video card that supports HDMI digital video with HDCP content-protection? There's a good chance that you'll have to go out and buy another video card that really does support HDCP, because until quite recently no video card on the market actually supported it even if the vendor's advertising claimed that it did. As the site that first broke the story in their article The Great HDCP Fiasco puts it:
“None of the AGP or PCI-E graphics cards that you can buy today support HDCP […] If you've just spent $1000 on a pair of Radeon X1900 XT graphics cards expecting to be able to playback HD-DVD or Blu-Ray movies at 1920×1080 resolution in the future, you've just wasted your money […] If you just spent $1500 on a pair of 7800GTX 512MB GPUs expecting to be able to play 1920×1080 HD-DVD or Blu-Ray movies in the future, you've just wasted your money”. (The two devices mentioned above are the premium supposedly-HDCP-enabled cards made by the two major graphics chipset manufacturers ATI and nVidia). ATI was later subject to a class-action lawsuit by its customers over this deception. As late as August of 2006, when Sony announced its Blu-Ray drive for PCs, it had to face the embarrassing fact that its Blu-Ray drive couldn't actually play Blu-Ray disks in HD format:
“Since there are currently no PCs for sale offering graphics chips that support HDCP, this isn't yet possible”. In fact so far no-one has been able to identify any Windows system that will actually play HD content in HD quality, in all cases any attempt to do this produced either no output or a message that it was blocked by content protection. Even nVidia's latest and greatest device, the G80, can't output 1080p HD video, because once you enable HDCP (which is required by Vista for HD-DVD or BluRay playback), you're limited to 720p resolution. nVidia's older G7x line also has this problem, as does ATI's R5xx. In fact the only graphics device that appears to support full-resolution HD playback, requiring dual-link HDMI, is ATI's not-yet-released R600. While it's not possible to prove a negative in this manner, it's certainly an indication that potential buyers may be in for a shock when they try and play full HD-quality premium content on their shiny new Vista PC.
The same issue that affects graphics cards also goes for high-resolution LCD monitors. One of the big news items at the 2007 Consumer Electronics Show (CES 2007), the world's premier event for consumer high-tech, was Samsung's 1920×1200 HD-capable 27″ LCD monitor, the Syncmaster 275T, released at a time when everyone else was still shipping 24″ or 25″ monitors as their high-end product [Note F]. The only problem with this amazing HD monitor is that Vista won't display HD content on it because it doesn't consider any of its many input connectors (DVI-D, 15-pin D-Sub, S-Video, and component video, but no HDMI with HDCP) secure enough. So you can do almost anything with this HD monitor except view HD content on it.
If you have even more money to burn, you can go for the largest (conventional) computer monitor made, the Samsung's stupidly large (for a computer monitor) 46″ SyncMaster 460PN. Again though, Vista won't display HD content on it, turning your $4,000 purchase into a still-image picture frame (oddly enough, this monitor has been advertised as “HDTV ready” by retailers even though you can't display HD images on it, although in practice the term “HD-ready” has been diluted close to meaninglessness — 10-year-old 14″ CRT monitors have a higher resolution than many “HDTV-ready” TVs being sold today. I've since been told by someone at a large US retail chain that they'll advertise anything that'll run at a higher resolution than standard NTSC/PAL/SECAM as “HD-capable”. Here's an HD-capable PDA to illustrate where this sort of creative marketing leads).
In order to appropriately protect content, Vista will probably have to disable any special device features that it can't directly control. For example many sound cards built on C-Media chipsets (which in practice is the vast majority of them) support Steinberg's ASIO (Audio Stream I/O), a digital audio interface that completely bypasses the Windows audio mixer and other audio-related driver software to provide more flexibility and much lower latency than the Windows ones. ASIO support is standard for newer C-Media hardware like the CMI 8788. Since ASIO bypasses Windows' audio handling, it would probably have to be disabled, which is problematic because audiophiles and professional musicians require ASIO support specifically because of its much higher quality than the standard Windows channels. You can get more information on Vista's audio architecture and the changes from XP in this post from Creative Labs, and a discussion of the problems that the DRM-reengineered Vista audio system causes for sound card vendors in this article on the future of Vista audio.
Indirect Disabling of Functionality
As well as overt disabling of functionality, there's also covert disabling of functionality. For example PC voice communications rely on automatic echo cancellation (AEC) in order to work. Echo cancellation is used to prevent sound from a loudspeaker or headphones interfering with a microphone in the vicinity. This is rather tricky because the sound will be modified by the speaker and the surroundings that it's operating in, so it requires fairly sophisticated signal processing to remove, as well as a high-quality copy of the signal (if you get a degraded copy the signal, it becomes much harder to use it to cancel out the echo with it). Although it's not visible, echo cancellation is very widely used in applications like hands-free car phones, standard phones used in hands-free mode, and conference calling systems.
AEC in a PC requires feeding back a sample of the audio mix into the echo cancellation subsystem, but with Vista's content protection this isn't permitted any more because this might allow access to premium content. What is permitted is a highly-degraded form of feedback that might possibly still sort-of be enough for some sort of minimal echo cancellation purposes.
The requirement to disable audio and video output plays havoc with standard system operations, because the security policy used is a so-called “system high” policy: The overall sensitivity level is that of the most sensitive data present in the system. So the instant that any audio derived from premium content appears on your system, signal degradation and disabling of outputs will occur. What makes this particularly entertaining is the fact that the downgrading/disabling is dynamic, so if the premium-content signal is intermittent or varies (for example music that fades out), various outputs and output quality will fade in and out, or turn on and off, in sync. Normally this behaviour would be a trigger for reinstalling device drivers or even a warranty return of the affected hardware, but in this case it's just a signal that everything is functioning as intended.
Decreased Playback Quality
Alongside the all-or-nothing approach of disabling output, Vista requires that any interface that provides high-quality output degrade the signal quality that passes through it if premium content is present. This is done through a “constrictor” that downgrades the signal to a much lower-quality one, then up-scales it again back to the original spec, but with a significant loss in quality. So if you're using an expensive new LCD display fed from a high-quality DVI signal on your video card and there's protected content present, the picture you're going to see will be, as the spec puts it, “slightly fuzzy”, a bit like a 10-year-old CRT monitor that you picked up for $2 at a yard sale (see the Quotes for real-world examples of this). In fact the specification specifically still allows for old VGA analog outputs, but even that's only because disallowing them would upset too many existing owners of analog monitors. In the future even analog VGA output will probably have to be disabled. The only thing that seems to be explicitly allowed is the extremely low-quality TV-out, provided that Macrovision is applied to it (see the Decreased System Reliability section for further discussion of Macrovision problems with Windows).
The same deliberate degrading of playback quality applies to audio, with the audio being downgraded to sound (from the spec) “fuzzy with less detail” [Note G].
Amusingly, the Vista content protection docs say that it'll be left to graphics chip manufacturers to differentiate their product based on (deliberately degraded) video quality. This seems a bit like breaking the legs of Olympic athletes and then rating them based on how fast they can hobble on crutches.
The Microsoft specs say that only display devices with more than 520K pixels will have their images degraded (there's even a special status code for this, STATUS_GRAPHICS_OPM_RESOLUTION_TOO_HIGH), but conveniently omit to mention that this resolution, roughly 800×600, covers pretty much every output device that will ever be used with Vista. The abolute minimum requirement for Vista Basic are listed as 800×600 resolution (and an 800MHz Pentium III CPU with 512MB of RAM, which seems, well, “wildly optimistic” is one term that springs to mind). However that won't get you the Vista Aero interface, which makes a move to Vista from XP more or less pointless. The minimum requirements for running Aero on a Vista Premium PC are “a DX9 GPU, 128 MB of VRAM, Pixel Shader 2.0, and minimum resolution 1024×768×32”, and for Aero Glass it's even higher than that. In addition the minimum resolution supported by a standard LCD panel is 1024×768 for a 15″ LCD, and to get 800×600 you'd have to go back to a 10-year-old 14″ CRT monitor or something similar. So in practice the 520K pixel requirement means that everything will fall into the degraded-image category.
(A lot of this OPM stuff seems to come straight from the twilight zone. It's normal to have error codes indicating that there was a disk error or that a network packet got garbled, but I'm sure Windows Vista must be the first OS in history to have error codes for things like “display quality too high”).
Beyond the obvious playback-quality implications of deliberately degraded output, this measure can have serious repercussions in applications where high-quality reproduction of content is vital. Vista's content-protection means that video images of premium content can be subtly altered, and there's no safe way around this — Vista will silently modify displayed content under certain (almost impossible-to-predict in advance) situations discernable only to Vista's built-in content-protection subsystem (Philip Dorrell has created a neat cartoon that illustrates this problem). Microsoft claim that this hidden image manipulation will only affect the portions of the display that contain the protected content, but since no known devices currently implement this “feature” it's hard to say how it'll work out in practice (what happens currently is that Vista just refuses to play premium content rather than downgrading it).
An interesting potential security threat, suggested by Karl Siegemund, occurs when Vista is being used to run a security monitoring system such as a video surveillance system. If it's possible to convince Vista that what it's communicating is premium content, the video (and/or audio) surveillance content will become unavailable, since it's unlikely that a surveillance center will be using DRM-enabled recording devices or monitors. I can just see this as a plot element in Ocean's Fifteen or Mission Impossible Six, “It's OK, their surveillance system is running Vista, we can shut it down with spoofed premium content”.
The silly thing about the industry's obsession with image quality is that repeated studies have shown that what really matters to viewers (rather than what they think matters) is image size and not quality. Sure, if you take the average consumer into a store and put them in front of the latest plasma panel they'll be impressed by the fact that they can count each individual hair in Gandalf's beard, but once he's leaping about wrestling with the balrog this detail becomes lost and the only differentiator is image size. You can find a good discussion of this in The Media Equation by Stanford professors Byron Reeves and Clifford Nass. In one experiment on visual fidelity they showed a film using the best equipment they could get their hands on, and again using a fifth-generation copy on bad tape and poor equipment. There were no differences in users' responses to the two types of images (see the book for more details on this). You can see an example of this effect yourself if you can set up a machine with a CRT and an LCD monitor. Use the CRT monitor for awhile, then switch to the LCD monitor for a minute or two. When you go back to the CRT monitor, does it seem faulty? Did you notice this before you looked over at the LCD monitor?
Conversely, image size is a huge differentiator: The bigger the better. So in practice a degraded image on a huge VGA monitor (or by extension anything with a lower-quality analog input) will rate better than a non-degraded image on a much smaller LCD monitor, assuming you can find an example of the latter that Vista will actually output an HD image to. Of course convincing consumers of this is another matter.
Elimination of Open-source Hardware Support
In order to prevent the creation of hardware emulators of protected output devices, Vista requires a Hardware Functionality Scan (HFS) that can be used to uniquely fingerprint a hardware device to ensure that it's (probably) genuine. In order to do this, the driver on the host PC performs an operation in the hardware (for example rendering 3D content in a graphics card) that produces a result that's unique to that device type.
In order for this to work, the spec requires that the operational details of the device be kept confidential. Obviously anyone who knows enough about the workings of a device to operate it and to write a third-party driver for it (for example one for an open-source OS, or in general just any non-Windows OS) will also know enough to fake the HFS process. The only way to protect the HFS process therefore is to not release any technical details on the device beyond a minimum required for web site reviews and comparison with other products.
This potential “closing” of the PC's historically open platform is an extremely worrying trend. A quarter of a century ago, IBM made the momentous decision to make their PC an open platform by publishing complete hardware details and allowing anyone to compete on the open market. Many small companies, the traditional garage startup, got their start through this. This openness is what created the PC industry, and the reason why most homes (rather than just a few offices, as had been the case until then) have one or more PCs sitting in a corner somewhere. This seems to be a return to the bad old days of 25 years ago when only privileged insiders were able to participate.
Elimination of Unified Drivers
The HFS process has another cost involved with it. Most hardware vendors have (thankfully) moved to unified driver models instead of the plethora of individual drivers that abounded some years ago (in the bad old days it used to be necessary to identify individual device types and download specific drivers for them, something that was more or less impossible for non-geek users). Since HFS requires unique identification and handling of not just each device type (for example each graphics chip) but each variant of each device type (for example each stepping of each graphics chip) to handle the situation where a problem is found with one variation of a device, it's no longer possible to create one-size-fits-all drivers for an entire range of devices like the current Catalyst/Detonator/ForceWare drivers. Every little variation of every device type out there must now be individually accommodated in custom code in order for the HFS process to be fully effective, resulting in a re-balkanisation of drivers that have only just become available in a clean, unified form in the last few years. This is more a concern for device vendors and driver developers than users, since they don't see any of this artifically-created extra complexity. As far as the user is aware it's still a “unified” driver since the internal re-balkanisation isn't visible in the driver bundle (although the “unified” driver suddenly becomes a lot larger). The indirect cost to the user (longer driver development cycles and higher cost) is mostly hidden from them.
If a graphics chip is integrated directly into the motherboard and there's no easy access to the device bus then the need for bus encryption (see Unnecessary CPU Resource Consumption below) is removed. Because the encryption requirement is so onerous, it's quite possible that this means of providing graphics capabilities will suddenly become more popular after the release of Vista. However, this leads to a problem: It's no longer possible to tell if a graphics chip is situated on a plug-in card or attached to the motherboard, since as far as the system is concerned they're both just devices sitting on the AGP/PCIe bus. The solution to this problem is to make the two deliberately incompatible, so that HFS can detect a chip on a plug-in card vs. one on the motherboard. Again, this does nothing more than increase costs and driver complexity.
An even more complex situation occurs with DVI paddle boards, in which the graphics device is on the motherboard but the DVI output is provided through a card that goes into the AGP slot. This means that the graphics device meets the requirements for a non user-accessible bus device (see the section Increased Hardware Costs) but the DVI output portion doesn't. Does this mean that your graphics output gets disabled or not? Either option is unpalatable, because Vista's content-protection design never anticipated such situations.
Further problems occur with audio drivers. To the system, HDMI audio looks like S/PDIF, a deliberate design decision to make handling of drivers easier. In order to provide the ability to disable output, it's necessary to make HDMI codecs deliberately incompatible with S/PDIF codecs, despite the fact that they were specifically designed to appear identical in order to ease driver support and reduce development costs. In fact the Windows Vista logo requirements explicitly state that “HDMI output cannot be shared with an S/PDIF output under any circumstances. All digital outputs must be independent” (reading this part of the logo requirements is another trip into the content-protection twilight zone: In the “Bus Controllers and Ports” section, right under the text telling us that “The requirements defined for controllers and ports emphasize […] industry standards and specifications”, we find the primary Vista requirement for bus controllers, “BUSPORT-0001”, which mandates support for “ requirements not specified in the Intel HD Audio specification”.
But wait, there's more! In order to provide the audio channel for HDMI, some manufacturers redirect the not-OK S/PDIF into the OK HDMI. So even if you go out of your way to get premium content-capable hardware, Vista can still disable it even though it's supposed to be approved for premium-content playback.
Problems with Drivers
As other parts of this writeup point out, adding all of this unnecessary overhead and complexity to device drivers costs time and money. The result is that many Vista drivers, particularly for the 64-bit version, are nowhere near ready even after Vista has already been released. There's even a special site set up where people can report which Vista drivers currently work for them, one list for 32-bit Vista drivers and another for 64-bit Vista drivers (note how short the list is for the 64-bit drivers, with major vendors like nVidia being completely absent). Numerous indications I've seen, ranging from public analyses through to private comments from driver developers are that it's going to be about the middle of the year before the drivers for video cards are fully reliable. As of this writing, major vendors like nVidia (graphics) and Creative Labs (sound) still don't have their Vista drivers ready, and other vendors like ATI have resorted to fudging their Vista certification, selling Radeon X1950 graphics cards with no certified drivers but with a “Certified for Windows Vista” label on the box, although nVidia them followed suit, selling their GeForce 8600GTS without a certified driver but with the same “Certified for Windows Vista” label. In fact nVidia only has beta (pre-release) drivers available from its web site (and a pending class-action lawsuit to match, with an accompanying class-action suit against Microsoft for good measure), and when ATI finally released a Vista-certified driver for the X1950, it crashed Vista and would only work reliably in basic VGA mode, circa 1987. Even large companies like Dell and Gateway are admitting that Vista's graphics drivers just aren't ready yet, resulting in them holding back shipping Vista upgrades to people who have already ordered (and paid for) them. For example you can't buy Dell's top-of-the-line XPS 710 PC with Vista installed because there are no graphics drivers for it.
An additional reason for the driver backlog is that 64-bit versions of Vista (which will be displacing the 32-bit versions within the next few years as everyone moves to 64-bit platforms) will only load drivers signed by Microsoft (there's a special debug mode invoked by hitting F8 on boot or using the /TESTSIGN flag that allows you to load unsigned drivers on a one-off basis for debugging purposes, but this gets disabled again at the next reboot, and, if you haven't already guessed it, premium content playback is disabled completely in this mode). This means that no drivers that potentially threaten premium content can be loaded. A downside of this is that an enormous mass of third-party drivers that haven't passed through Microsoft's approval process can't be used under 64-bit Vista, and because of the time and money involved in the approval process may never end up running under Vista. In any case a mere month or so after Vista was released, Indian security researchers at NV Labs released details of their Vbootkit, a pre-loader that allows unsigned (and therefore completely untrusted) drivers to be loaded into the Vista kernel. So the whole driver-signing process survived just over a month in the real world, and now remains as a serious impediment to legitimate driver vendors but little more than a speedbump to attackers.
Why is this a problem? Because the vast majority of drivers running on PCs today aren't signed, not so much because the developers couldn't be bothered but because the WHQL process that produces the signed drivers is so slow that they're obsolete by the time they've been approved by Microsoft (and even some of the WHQL-certified ones are still pretty flaky). As a result, vendors supply current but unsigned drivers, a practice so widespread that instructions on bypassing the warning dialog that pops up are a standard part of most device install instructions (you can use Google to find endless examples of the use of unsigned drivers. One quick example of a large, well-known vendor doing this is AGFA). Almost the entire PC industry relies on users clicking Continue in response to the unsigned-driver warning so that the driver can load anyway. This situation is so common that you'll see it written up in computer books and covered in Windows install guides. At the moment the problem with unsigned drivers isn't too visible as people seem to be avoiding 64-bit Vista because of the driver issues, but the inability to load drivers that haven't been through Microsoft's approval process is likely to become a serious headache when its use becomes more widespread. At some point something will have to give in order for Vista to have viable 64-bit driver support. It remains to be seen whether content protection or device support will prove the bigger hammer in this tug-of-war.
(Having said that, Vista isn't the only OS that's being hurt by short-sighted decisions about driver handling. Linux is also going to run into this problem in the near future with its planned refusal to load non-GPL'd drivers).
Denial-of-Service via Driver/Device Revocation
Once a weakness is found in a particular driver or device, that driver will have its signature revoked by Microsoft, which means that it will no longer be fed anything considered to be premium content. What this means is that a report of a compromise of a particular driver or device will cause all premium content-handling ability for that device worldwide to be turned off until a fix can be found. To quote the content-protection specs, “Vista will […] revoke any driver that is found to be leaking premium content […] if the same driver is used for all the manufacturer's chip designs, then a revocation would cause all that company's products to need a new driver”. If it's an older device for which the vendor isn't interested in rewriting their drivers (and in the fast-moving hardware market most devices enter “legacy” status within a year or two of their replacement models becoming available), all devices of that type worldwide become permanently unable to handle premium content.
An example of this might be nVidia TNT2 video cards, which are still very widely deployed in business environments where they're all that you need to run Word or Outlook or Excel (or, for that matter, pretty much any non-gaming application). The drivers for these cards haven't been updated for quite some time for exactly that reason: You don't need the latest drivers for them because they're not useful with current games any more (if you go to the nVidia site and try and install any recent drivers, the installer will tell you to go back and download much older drivers instead as soon as it detects that you're using a TNT2). If a such a device were found to be leaking content, it seems unlikely that nVidia would be interested in reviving discontinued drivers that it hasn't touched for several years, creating instant orphanware of the installed user base.
The threat of driver revocation is the ultimate nuclear option, the crack of the commissars' pistols reminding the faithful of their duty. The exact details of the hammer that vendors will be hit with is buried in confidential licensing agreements, but I've heard mention of multi-million dollar fines and embargoes on further shipment of devices alongside the driver revocation mentioned above.
This revocation can have unforeseen carry-on costs. Windows' anti-piracy component, WGA (or in Vista's case its successor Software Protection Platform, SPP), is tied to system hardware components. Windows allows you to make a small number of system hardware changes after which you need to renew your Windows license (the exact details of what you can and can't get away with changing has been the subject of much debate). If a particular piece of hardware is affected by a driver revocation (even just temporarily while waiting for an updated driver to work around a content leak) and you swap in a different video card or sound card to avoid the problem, you risk triggering Windows' anti-piracy measures, landing you in even more hot water. If you're forced to swap out a major system component like a motherboard, you've instantly failed WGA validation. Revocation of any kind of motherboard-integrated device (practically every motherboard has some form of onboard audio, and all of the cheaper ones have integrated video) would appear to have a serious negative interaction with Windows' anti-piracy measures.
Another unforeseen consequence of the potential for a downgrade disguised as an upgrade (that is, a driver being revoked by Windows Update) is that the whole process of updating your machine is supposed to provide benefits to the user in the form of enhanced functionality or, more pragmatically, bugfixes and security patches. Since malware attacks are invisible but a loss of playback capability isn't, if the only visible effect of an update is to reduce system functionality it incentivises users to disable updates in order to avoid this issue. The unfortunate hidden side-effect of this is that in the interests of protecting themselves from having their content-playback capabilities turned off, they're now vulnerable to all manner of malware, viruses, spyware, and so on.
The details of what will happen if a motherboard contains unused onboard audio capabilities and an additional sound card alongside it, and the motherboard drivers are revoked, is unknown. Windows can't tell that there's nothing connected to the cheap onboard audio because the user prefers to use their M-Audio Revolution 7.1 Surround Sound card instead, so it'll probably have to revoke the motherboard drivers even though they're not used for anything. Since virtually all motherboards contain onboard audio in some form, this could prove quite problematic.
An entirely different DoS problem that applies more to HDMI-enabled devices in general has already surfaced in the form of, uhh, “DVI amplifiers”, which take as input an HDMI signal and output a DVI signal, amplifying it in the process. Oh, and as a side-effect they forget to re-apply the HDCP protection to the output. Amusingly enough, precisely this approach has been recommended by a Westinghouse (large US TV manufacturer) VP of Marketing to resolve problems with Sony's interpretation of HDCP in the Playstation 3 and Westinghouse's interpretation in their 1080p televisions, who told consumers to “purchase an HDMI to DVI adapter to bypass HDCP”. The hardware vendors seem to have come to the same conclusion about content protection as the computer in Wargames did about global thermonuclear war: “A strange game. The only winning move is not to play”.
HDCP strippers are relatively simple to design and build using off-the-shelf HDMI chips. Beyond the commercially-available models, individual hardware hackers have built their own protection-strippers using chip samples obtained from chip vendors. If you have the right credentials you can even get hardware evaluation boards designed for testing and development that do this sort of thing. Even more accessible than that are HD players with non-HDMI digital outputs, for example ones that contain an HD-SDI (SMPTE 292M) interface. HD-SDI is an unencrypted digital link typically used in TV studios but also available from various non-US sources as after-market sidegrades for standard HD players, providing better-than-HDMI image quality without the hassle of HDCP.
Now assume that the “DVI amplifier” manufacturer buys a truckload of HDMI chips (they'll want to get as many as they can in one go because they probably won't be able to go back and buy more when the chip vendor discovers what they're being used for). Since this is a rogue device, it can be revoked… along with hundreds of thousands or even millions of other consumer devices that use the same chip. If they're feeling particularly nasty, they can recycle the HDMI chips from junked TVs to ensure that the maximum possible damage to the consumer base occurs. This cannibalisation process is actually fairly common among TV servicemen. When a major component like the picture tube or yoke (which is often only sold as an integral part of the picture tube) fails, it's often not worth repairing the TV any more, at which point it gains a second life as a source of spare parts for other TVs. In particular components like the jungle IC (which integrates a large amount of discrete circuitry into a single device) can cost as much as $50-100 to replace, so it makes sense to recycle some of the parts rather than buy new ones, particularly when it's not obvious whether this is the problem component in a set brought in for repair. Lifting an HDMI chip from such a TV set isn't nearly as exotic as it sounds. Engadget have a good overview of the ensuing doomsday scenario.
Exactly what will happen when a key is leaked depends on how the attackers handle it. The way HD-DVD/Blu-Ray keying works is that a per-device key is used to decrypt the title key on the disk, and the title key is then in turn used to decrypt the content. So the chain of custody is Device key ⇒ Title key ⇒ Content. This level of indirection allows an individual device to be disabled by revoking the device key without making the disk unplayable on all devices, since other device keys can still decrypt the title key and thus the content (I've simplified this a bit to cut down the length of the explanation, see the AACS specification for more details).
The device key is tied to a particular device/player/vendor, but the title key is only tied to the content on disk. You can probably see where this is going… by publishing the device key, the attacker can cause general mayhem by forcing device revocation. On the other hand by publishing the title key the attacker can release the content in an untraceable manner, since it's not known which device key was used to leak the title key. In addition since there's no way to un-publish the title key (encrypted content + title key = unencrypted content), at that point it's game over for the content.
(Finding the manifold holes in these content-protection mechanisms has proven an interesting intellectual exercise, first for security researchers and more recently for hardware and software hackers of all kinds. Some of the public attacks are described elsewhere in this writeup, and in particular the various AACS key recovery attacks have made most other types of attack unnecessary since once you have the keys to the kingdom everything else becomes pretty much irrelevant. Since this is no longer of much interest to an attacker, I may as well mention my reaction to reading about the details of the AACS revocation process, which was that the threat modelling was done pretty poorly, leaving it vulnerable to attack. The way the revocation processing works is that the player implements a high-water mark mechanism to avoid someone feeding in an old revocation list that doesn't contain the key(s) to be revoked. This is implemented via a monotonically increasing counter in the key block (referred to as a “version number” in the AACS spec). Players will ignore any list with a counter value smaller than one they've already seen, this preventing key rollback attacks.
So to immunise a player against ever processing another revocation list, you need to feed it a list with a counter value of INT_MAX, the largest possible integer value. Since nothing can exceed this, no future revocation lists will be processed by the player, and no matter how hacked it is, your player will never be revoked. Here's how you do this.
The lists are digitally signed, so you need a way to get around the signature on the data. To do this you hook the system's file read function using any one of a vast number of standard rootkit techniques, an example being a filesystem filter driver that intercepts file access IRPs. When the system reads the media key block file, you use VirtualProtect() to make the second 4K of data (corresponding to an x86 page) a guard page. Then you sit back and wait.
At some point the AACS verification code will check the digital signature on the data. Once the hashing gets to the second x86 page, the guard page exception will trigger and you'll be handed over control. Your exception handler then goes back 4K - 8 bytes from the exception location, sets the value there to INT_MAX, and returns from the exception. You now have a verified digital signature on a media key record with a counter value of INT_MAX, and your player (which carefully records the information in secure non-volatile storage) is immunised against any future revocations, since they'll all have a value less than INT_MAX. QED.
A simpler approach that's already being used is just to patch the drive firmware to bypass the check).
Decreased System Reliability
“Drivers must be extra-robust. Requires additional driver development to isolate and protect sensitive code paths” — ATI. Vista's content protection requires that devices (hardware and software drivers) set so-called “tilt bits” if they detect anything unusual. For example if there are unusual voltage fluctuations, maybe some jitter on bus signals, a slightly funny return code from a function call, a device register that doesn't contain quite the value that was expected, or anything similar, a tilt bit gets set. Such occurrences aren't too uncommon in a typical computer. For example starting up or plugging in a bus-powered device may cause a small glitch in power supply voltages, or drivers may not quite manage device state as precisely as they think. Previously this was no problem — the system was designed with a bit of resilience, and things will function as normal. In other words small variances in performance are a normal part of system functioning. Furthermore, the degree of variance can differ widely across systems, with some handling large changes in system parameters and others only small ones. One very obvious way to observe this is what happens when a bunch of PCs get hit by a momentary power outage. Effects will vary from powering down, to various types of crash, to nothing at all, all triggered by exactly the same external event.
With the introduction of tilt bits, all of this designed-in resilience is gone. Every little (normally unnoticeable) glitch is suddenly surfaced because it could be a sign of a hack attack, with the required reaction being that (from the spec) “Windows Vista will initiate a full reset of the graphics subsystem, so everything will restart”. According to Microsoft this will only take a few seconds and will only affect the graphics subsystem (so it's not a complete restart of Vista), but the true impact of this mechanism remains to be seen. In addition even if it's relatively quick, systems with high availability requirements probably won't appreciate the overhead of periodic soft-reboots of the graphics subsystem. So the effect that these tilt bits will have on system reliability should require no further explanation.
Content-protection “features” like tilt bits also have worrying denial-of-service (DoS) implications. It's probably a good thing that modern malware is created by programmers with the commercial interests of the phishing and spam industries in mind rather than just creating as much havoc as possible. With the number of easily-accessible grenade pins that Vista's content protection provides, any piece of malware that decides to pull a few of them will cause considerable damage. The homeland security implications of this seem quite serious, since a tiny, easily-hidden piece of malware would be enough to render a machine unusably unstable, while the very nature of Vista's content protection would make it almost impossible to determine why the denial-of-service is occurring. Furthermore, the malware authors, who are taking advantage of “content-protection” features, could claim protection under the DMCA against any attempts to reverse-engineer or disable the content-protection “features” that they're abusing.
Going beyond deliberate denial-of-service attacks, it's possible to imagine all sorts of scenarios in which the tilt bits end up biting users. Consider a warship operating in a combat zone and equipped with Vista PCs for management of the vessel's critical functions that does nothing more wrong that to suffer a severe jolt from a near miss, scrambling the bus just enough to activate the tilt bits (without causing any other real damage). In one infamous incident in September 1997, Windows NT managed to disable the Aegis missile cruiser USS Yorktown (“NT Leaves Navy 'Smart Ship' dead in the water”, Government Computer News, 13 July 1998). Now Windows Vista can do the same thing via a by-design feature of the OS [Note H]. This issue, unless it can be clearly resolved, would make the use of Vista PCs unacceptable for any applications that have any hint of unusual environmental conditions such as high altitude, environmental variations, shock, and so on.
Some contributors have commented that they can't see the revocation system ever being used because the consumer backlash would be too enormous, but then the legal backlash from not going ahead could be equally extreme. The only real indication that we have for how committed Microsoft really are to this is the amazing speed with which Microsoft released a patch for the WMDRM (Windows Media DRM) vulnerability, which they rushed out at a speed that even the most virulent worm never produced. This would seem to indicate that they're pretty serious about this, since they prioritised it above any conventional non-DRM-related security problem.
Can these protection mechanisms be inadvertently triggered? There's plenty of real-world evidence to show that this happens all the time. One example that I recently encountered in my friends-and-neighbours computer support work involved a retired filmmaker who has a 50-year collection of educational films made for teaching in schools. Recently he's been transferring his entire collection to DVD to make them more accessible to newer audiences. Unfortunately some component of Windows' content-protection has decided that some protection requirement isn't being met somewhere, and as a result 50 years of educational film-making have been reduced to an error message indicating that Macrovision can't be enabled and therefore the content can't be played. Since it plays just fine on a variety of non-Windows platforms including a range of standard DVD players, it's not a problem with the DVDs but is due to the malfunctioning of a Windows content-protection mechanism around a technology called Macrovision.
Macrovision is a basic analog signal-protection technique that's applied to TV-out ports on computer video cards. Strangely, his computer doesn't actually have any TV-out capability. What it does have is a video chipset that, in theory, can provide TV-out (most video chipsets have this capability, but it's only used on some types of video cards, see the section Increased Hardware Costs for details on their use in different variations of video cards). However, since no actual TV-out capability exists, it's not possible to enable Macrovision for it. This leads to a farcical situation where Windows is prohibiting playback due to the absence of copy protection on a nonexistent output (here's one of many examples of other users running into the same problem). As a result, in the name of content protection, the film-maker is prevented from playing back his own content!
This isn't just an isolated incident. A quick Google search of the error message that comes up reveals thousands upon thousands of users that have encountered this very problem, and this in turn is merely the tip of the iceberg, since few of those affected — home users wanting to play back movies — will have enough know-how to seek out the far-flung technical forums where this is being discussed (to get a better estimate of the number of affected users you need to make multiple searches using variations of the error message since it's reported in a variety of different ways, the single search link above is just one example). In any event even if they do get this far, it's a pointless effort because there's no known solution to the problem (although random poking around like wiping the computer clean and reinstalling Windows has reportedly helped in some cases).
This in turn is just one single way in which Windows' content-protection can malfunction. A Google search for various other playback-prevention error messages (here's one example of such a message) reveals further unfortunate communities of users united by the fact that they've been prevented from viewing legitimate content by malfunctioning Windows content protection.
Increased Hardware Costs
“Cannot go to market until it works to specification… potentially more respins of hardware” — ATI. “This increases motherboard design costs, increases lead times, and reduces OEM configuration flexibility. This cost is passed on to purchasers of multimedia PCs and may delay availability of high-performance platforms ” — ATI. Vista includes various requirements for “robustness” in which the content industry, through “hardware robustness rules”, dictates design requirements to hardware manufacturers. The level of control that the content producers have over technical design details is nothing short of amazing. As security researcher Ed Felten quoted from Microsoft documents on his freedom-to-tinker web site about a year ago:
“The evidence [of security] must be presented to Hollywood and other content owners, and they must agree that it provides the required level of security. Written proof from at least three of the major Hollywood studios is required”. So if you design a new security system, you can't get it supported in Windows Vista until well-known computer security experts like MGM, 20th Century-Fox, and Disney give you the go-ahead (this gives a whole new meaning to the term “Mickey-Mouse security”). It's absolutely astonishing to find paragraphs like this in what are supposed to be Windows technical documents, since it gives Hollywood studios veto rights over Windows security mechanisms.
As an example of these “robustness rules”, only certain layouts of a board are allowed in order to make it harder for outsiders to access parts of the board. Possibly for the first time ever, computer design is being dictated not by electronic design rules, physical layout requirements, and thermal issues, but by the wishes of the content industry. Apart from the massive headache that this poses to device manufacturers, it also imposes additional increased costs beyond the ones incurred simply by having to lay out board designs in a suboptimal manner. Video card manufacturers typically produce a one-size-fits-all design (often a minimally-altered copy of the chipset vendor's reference design, as illustrated by one product review that shows five virtually identical cards from different vendors with the only noticeable difference being the logo on the heatsink), and then populate different classes and price levels of cards in different ways. For example a low-end card will have low-cost, minimal or absent TV-out encoders, DVI circuitry, RAMDACs, and various other add-ons used to differentiate budget from premium video cards. You can see this on the cheaper cards by observing the unpopulated bond pads on circuit boards, and gamers and the like will be familiar with cut-a-trace/resolder-a-resistor sidegrades of video cards.
An example of omitting components from a high-end card to create a mid-range card clearly shows the large red rectangular area to the far left of the card, which is where the manufacturer has omitted a component to produce a lower- cost model. The same thing is visible in another card. Conversely, an (at the time it was released) top-of-the-line card with optional components fitted shows an additional chip to the left of the large square heatsink+fan that handles video encoding and can be added or removed (along with other optional components) to create different levels of cards at different price points. The automotive industry does the same thing, you have one basic model of each car type and 10,000 extras and options to suit everyone's needs and pockets.
In some cases the addition of extra circuitry isn't merely a convenient price-differentiation mechanism but is required for the device to function. Most newer video cards have dual video outputs, and the higher-end ones tend to have dual-DVI out. However, many devices only provide a single TMDS (Transition Minimized Differential Signaling, a high-speed serial data format) output for DVI signalling. The second output is provided by a DVO (Digital Video Out, not to be confused with Intel's similarly-named SVDO) port in combination with an external TMDS transmitter. In addition some high-resolution displays require multiple DVI/TMDS links because single-channel DVI doesn't have enough bandwidth to support very high resolutions, requiring external TMDS transmitters. You can see this in the first image on a review of Macintosh video cards, which shows the dual-link DVI output used to drive Apple's 30″ Cinema Display (this actually requires two dual-link TMDS transmitters to support a second display, but I'll spare you the technical details of that one). The important point in all of this is the phrase “external TMDS transmitter”, none of which meet the robustness requirements since they have direct access to the high-quality digital signal. Perversely enough, it's mostly the high-resolution displays advertised as suitable for HD content that require the external TMDS circuitry that makes them unable to meet the robustness requirements.
This problem is a nasty catch-22 from which there's no escape. In theory it would be possible to add a DVI-to-HDMI (with HDCP) encoder to bypass this (a typical example would be the Silicon Image Sil139x or Sil193x devices, which were specifically designed for this application. Silicon Image TMDS transmitters are widely used on graphics cards), but HDMI doesn't have the bandwidth to carry the high-definition images that the Cinema Display provides. Even without explicit image degradation via constriction, the requirement to use the lower-quality HDMI link to carry what should be a DVI signal means that image quality is lost, and to make it even more painful the resulting graphics cards will be more expensive because it costs extra to add the quality-downgrading HDMI transmitter. In other words consumers will be paying extra in order to get a lower-quality image.
Even with lower-resolution monitors, the fact that the data signal is present in unprotected form when it enters the external encoder means that it probably won't meet the robustness requirements. (Exactly how this is meant to work is unspecified in any documentation that I've been able to get my hands on. It appears to be close to impossible to output a content-provider approved protected signal from a PC while also meeting the robustness requirements).
Vista's content-protection requirements eliminate the ability to accomodate different feature sets in a one-size-fits-all design, banning the use of separate TV-out encoders, DVI circuitry, RAMDACs, and other discretionary add-ons because feeding unprotected video to these optional external components would make it too easy to lift the signal off the bus leading to the external component. So everything has to be custom-designed and laid out so that there are no unnecessary accessible signal links on the board. This means that a low-cost card isn't just a high-cost card with components omitted, and conversely a high-cost card isn't just a low-cost card with additional discretionary components added, each one has to be a completely custom design created to ensure that no signal on the board is accessible.
This extends beyond simple board design all the way down to chip design. Instead of adding an external DVI/TMDS chip, it now has to be integrated into the graphics chip, along with any other functionality normally supplied by an external device. So instead of varying video card cost based on optional components, the chipset vendor now has to integrate everything into a one-size-fits-all premium-featured graphics chip, even if all the user wants is a budget card for their kid's PC (although given the popularity of graphics-intensive computer games, it's more likely that they'd be getting the budget card for their own PC).
A further example of external meddling in hardware vendors' product development and distribution can be found in the document that specifies what happens when a product is compromised in some way even though it's previously been found to be fully compliant with the robustness requirements:
“Company shall promptly redesign the affected product […] if such redesign is not possible or practical, cease manufacturing and selling such product”. This indicates that no matter how much dedication you show to the party line, it still won't help you when the chips are down. Some years ago a friend of mine was working for a company that was building a custom IT solution for a government department. When the day came time to sign off on it, everyone in the entire department who had signing authority called in sick rather than end up being the one who put their name to it. I can just imagine the corporate sick day that must have taken place at ATI, nVidia, Intel, VIA, and SiS when it came time to put someone's name to this gem, which gives Hollywood veto rights over your production lines and sales and distribution channels.
Increased Cost due to Requirement to License Unnecessary Third-party IP
“We've taken on more legal costs in copyright protection in the last six to eight months than we have in any previous engagement. Each legal contract sets a new precedent, and each new one builds on the previous one” — ATI. Protecting all of this precious premium content requires a lot of additional technology. Unfortunately much of this is owned by third parties and requires additional licensing. For example HDCP for HDMI is owned by Intel, so in order to send a signal over HDMI you have to pay royalties to Intel, even though you could do exactly the same thing for free over DVI (actually you could do it better, since DVI provides a higher-quality link than HDMI). Similarly, since even AES-128 on a modern CPU isn't fast enough to encrypt high-bandwidth content, companies are required to license the Intel-owned Cascaded Cipher, an AES-128-based transform that's designed to offer a generally similar level of security but with less processing overhead.
The need to obtain unnecessary technology licenses extends beyond basic hardware IP. In order to demonstrate their commitment to the cause, Microsoft have recommended as part of their “robustness rules” that vendors license third-party code obfuscation tools to provide virus-like stealth capabilities for their device drivers in order to make it difficult to interfere with their operation or to reverse-engineer them (for example the spec requires “use of techniques of obfuscation to disguise and hamper attempts to discover the approaches used”). Vendors like Cloakware and Arxan have actually added “robustness solutions” web pages to their sites in anticipation of this lucrative market. This must be a nightmare for device vendors, for whom it's alre
