Yeraze's Domain 3.0

I just found an excellent essay by Peter Gutmann entitled “A Cost Analysis of Windows Vista Content Protection“.  While I’m not very interested in a cost breakdown, it’s an excellent description of how Vista’s Content Protection works and how you can expect it to affect your user experience, your hardware, and your computer in general whether you upgrade or not.

He covers some very interesting points:

• Everything about “Premium Content” is AES-128 Encrypted.  AES-128 by itself is too expensive to compute on-the-fly for high-def uncompressed video, so everyone is using Intel’s AES-128-like encryption called “Cascading Cipher”, which means royalties to Intel for every piece of hardware that has to touch Premium Content..
• The new “Tilt Bits” turn previously ignored or self-correcting glitches into new Denial-Of-Service Opportunities
• Even communication between software components (User-Apps & Kernel for example) uses OMAC Message Authentication, adding more overhead & delay
• All devices are required to poll every 30ms (~30 times per second) for tilt bits and system status, adding more overhead
• Video/Audio Decompression can’t be done in software anymore, meaning all video codes will have to be implemented in Hardware.. Bye-bye Ogg Vorbis.
• Performing all of this in hardware (On Video Cards mostly) means we’ll have to sacrifice pixel pipelines to add in encryption/decryption units
• One thing I really found surprising was Vista’s requirement that all hardware & drivers be uniquely matched.  This means that classic hardware design rules no longer apply.  Commonly, high-end PCB’s are designed and components are simply left off for low-end systems (Pixel Pipelines disabled, tuners not installed, etc).  This cuts manufacturing costs by only requiring a single tooling step for the PCB’s but allowing multiple versions (and price ranges) of the final product.  No more, as now there can be no more loose traces.  Same holds true for Drivers now, no more unified drivers.
• And, of course, he talks alot about Microsoft’s new method to “disable” noncompliant hardware by revoking the encryption certificates.  The knee-jerk reaction is “Well, the vendor will come out with new drivers with new certificates to fix the problems, and it’ll all be good.”  But he brings up the quite common case of older hardware, typically already antiquated (He uses the TNT2 as a very good example), will vendors be willing to revive old dead drivers or simply force people to buy new hardware?  Given that hardware seems to “phase out” in 6-9 months nowadays, that’s gonna make Vista expensive to maintain.

And there’s lots more.  Granted, all of this is based on the specs that Microsoft and the content industry (read: MPAA, RIAA) have published and admittedly, they’re pretty ridiculous.  They’re full of statements like:

“It is recommended that a graphics manufacturer go beyond the strict letter of the specification and provide additional content-protection features, because this demonstrates their strong intent to protect premium content”.

In other words, what they specified is a bare minimum and they reserve the right to “raise” the requirements at any time.  So be sure to cover your ass and add more stuff we didn’t think of.

It’s a good read, and not entirely Microsoft Bashing.  If you’re not sure exactly what all the DRM in Vista means to you, then read it.  It’s about a 20-minute read and contains alot of great information about not only the kinds of DRM they’re imposing, but how it will affect you (whether you’re viewing Premium Content or not).  Shame I didn’t get one of those free Microsoft Laptops to test it out on.  I’ld love to see how Vista really does this stuff in practice, especially when you start loading up Development Tools like Visual Studio or GCC.  It’s one thing to read the specs and see how they claim it will work, but it’s another to really sit down at one and try to do work on it.[tag:microsoft][tag:vista][tag:drm]