Vista: The World's First User-Hostile Operating System

permalink         categories: technology         originally posted: 2007-02-23 15:11:59

Engineers have been joking for years that a particular software package, far from being "user-friendly", is actively "user-hostile". But Vista is the first operating system that is deliberately user-hostile, and it is entirely by design. I don't ever, ever want to buy Vista or own a computer with Vista on it—and I've been a "Windows" guy for more than 15 years. (In fact, this is the straw that broke this camel's back—but that's a topic for another day.)

You see, Microsoft is worried about Digital Rights Management, or DRM. DRM is the concept of a computer preventing you from doing something with digital data that you might like to. Generally this means preventing you from making a perfect digital copy of some digital data—like an MP3, or a DVD movie, or a video game. I'll call these things "content". The company that made the "content" wants to sell to you, but they don't want you making free copies for your friends and family (or posting it for everybody on the Internet). So they use DRM technologies to try and prevent you from succeeding. DRM generally works by encrypting the data, then only allowing your computer to unencrypt the data when it proves "yes this is a legal copy".

This approach can never work for long—there is no such thing as a totally secure DRM scheme. In order for the content to be useful, your computer has to be able to get at it. Your computer can't play an MP3 unless it can see the decrypted MP3 data. If you hacked into your computer so that it made a copy of the MP3 at the same time that it played it back, it could make a DRM-free copy of the MP3. The moment you do that, you've defeated the DRM scheme, and you can make all the copies you like. (That works for movies, too. Games work a little differently; defeating the DRM of a game usually means either hacking the game or fooling the game into thinking the CD or DVD is in your computer when it isn't.)

There's only one way to ensure that DRM is unbeatable: you have to physically secure the computer, and ensure that no hackers can access the computer (either over the network or by sitting down in front of it).

Of course, that hasn't stopped companies from employing increasingly draconian measures. The Starforce copy protection scheme for games, and Sony's XCP copy protection scheme for audio CDs, use "rootkits" to install drivers in your operating system to prevent you from making copies of their protected content. Apart from permanently slowing down your computer (to make sure that you don't do anything they don't want you to!), these drivers are often poorly-written, leading to system instability, security holes that can make your computer more suceptable to hackers, or both. Again, these never could have work forever; both these technologies have been defeated. More to the point, both of these became scandals; XCP was a major blow against Sony's credibility, and gamer petitions have caused several vendors to abandon Starforce. The real problem is that these technologies stick around, degrading the experience for most users, long after the cat is out of the bag. For instance, hackers discovered that the game Flatout 2 sped up 15% when they stripped out Starforce!

Well, Microsoft has taken a interesting—but, I remind you, ultimately doomed—approach with Vista: they have made DRM support a central design point of the operating system itself. Even though it's your computer, and you should be able to do with it whatever you like, Microsoft has designed Vista so it won't let you do some things it feels are "wrong".

This is bad enough, but the way that they did it is what really takes the cake. Here are some examples:

  • In the 32-bit version of Vista, video drivers and audio drivers are only allowed to see high-quality digital data if they have been digitally signed by Microsoft. In order to be digitally signed, Microsoft has to review them and make sure they don't allow users to make copies of the high-quality digital data. If you have unsigned video drivers, you can't view high-quality digital data, ever. And the process of getting a driver signed is long, slow, and expensive. So it'll be hard to get fast turnaround for driver bugfixes, and generally we'll see fewer driver releases, particularly from smaller vendors.

    On the 64-bit version of Vista, all drivers must be digitally signed, period. There are painfully few drivers for 64-bit Vista right now.

  • All communications inside the operating system between these drivers are encrypted. And I mean encrypted at every step—it extends all the way from the original decoder to the output device. Anything else wouldn't be secure. But encryption is CPU intensive, so this slows down every step of the process. It's like a ball and chain permanently attached to your computer. And the more data you process, say for higher-resolution movies or better audio, the slower it will be.

  • As mentioned in the above point, the secure data path must be supported all the way up to rendering the data to "analog"—in other words, until the data is shown on your screen or played out your speakers. Some digital outputs, like S/PDIF, or DVI on slightly-old video cards without HDCP, don't support an encrypted signal. So Vista's drivers will simply refuse to use those outputs for high-quality digital data.

  • Microsoft recommends that drivers be continually suspicious. Is that video decompressor taking longer than you think it should? Did the voltage just drop unexpectedly on the PCI bus? Vista has a concept it calls "tilt bits", as in the "tilt" mechanism on a pinball machine. When a driver sees something suspicious, it bumps the "tilt bits"; if too many suspicious activities happen close to each other, Vista degrades the data to lower quality so you can't see the high-quality data. (Or, I think, shuts it down entirely!)
Remember how I said it will never work for long? Well, it won't. The hackers out there have already started taking these things apart, and soon they will be able to make all the digital copies they want. But all these requirements will make your computer slower and lousier, forever. It doesn't matter if you've never made a single copyright-violating digital copy—Vista has already found you guilty, and sentenced you to permanent probation.

For more reading, see:

DRM in Windows by Bruce Schneier
If you only read of these articles, read this one. Mr. Schneier started out as a cryptography researcher, but realized that the hole in most security systems is not the cryptography, it's... everything else. These days he is a security specialist and frequent commenter on what's happening in the security world.

Vista and More: Piecing Together Microsoft's DRM Puzzle by Matt McKenzie
Additional coverage about the topic, written for the layman.

A Cost Analysis of Windows Vista Content Protection by Peter Gutmann
This essay touched off the most recent firestorm of controversy on the subject. It's a lenghty and highly technical dissection of Vista's DRM technologies; if you can read and understand it, you'll have an excellent command of the problem.

This essay has one truly memorable quote:

Executive Executive Summary

The Vista Content Protection specification could very well constitute the longest suicide note in history.

About Momentary Fascinations

RSS

Recent Fascinations

A Quick 2017 Survey Of Rolling Linux Distributions

An Adventure In Buying Home Audio Speakers

The 2014 Lenovo X1 Carbon: Lenovo Giveth, And Lenovo Taketh Away

Bound Inner Classes For Python

All Essays

Years

2017

2014

2013

2011

2010

2007

2006

2005

Tags

books

entertainment

eulogies

game jones

general

meta

music

politics

programming

repeat-1 song of the day

tales of the self-indulgent

technology

trampled liberties

video games

Momentary Fascinations is Copyright 2005-2017 Larry Hastings.