A podcast interview with Peter Gutmann on Vista DRM

Discussion in 'NZ Computing' started by Dianthus Mimulus, Jan 14, 2007.

  1. Dianthus Mimulus, Jan 14, 2007
    1. Advertisements

  2. Leo: What you’re describing is an operating system that is essentially
    insanely paranoid. It’s gone off the deep end.
    PETER: That’s true.
    Lawrence D'Oliveiro, Jan 14, 2007
    1. Advertisements

  3. I think this DRM crap in Windows NT 6 is great. It just provides
    another reason for people to switch to Linux. Its just one more
    advantage that Linux has over windows now. And Microsoft was kind
    enough to pay all of the development costs too.
    David Goodwin, Jan 14, 2007
  4. Dianthus Mimulus

    Phil Guest

    David Goodwin wrote, On 14/01/07 3.53 p:
    How is it an advantage not to at least support DRM? If you're customers
    want to play new HD content, and you don't support it, you've lost them.

    Phil, Jan 14, 2007
  5. Wrong assumption. Your assumption is really "If your customers want to put
    up with the hoops they will have to jump through and the bullshit as thick
    as treacle that they will have to wade through to play new HD content...".

    Once it is clarified in that way, you realize that the pool of such
    customers may turn out to be smaller than some are expecting.
    Lawrence D'Oliveiro, Jan 14, 2007
  6. You don't need to implement the restrictions - merely implement the
    ability to decode and to play the HD-DVD content.

    Why implement any of the restrictions?
    Dianthus Mimulus, Jan 14, 2007
  7. How are you going to stop/make it hard for people to make a 100% copy of
    your work?

    hoops? If your OS/Hardware supports DRM then the encrypted stuff will just
    work. If not then it will not work. If you don't accept you have to use
    something which supports it then no one is forcing you to watch it. Do you
    want to Watch protected movies without accepting the T&C of actually
    watching it?

    Is you real problem DRM? not Vista or other OS's which support DRM or other
    copyright methods? If you think any kind of copyright methods are bad then
    get rid of your VCR Tapes /Units (Macrovision), your DVD players
    (macrovision,css), your cellphones, smart cards, Sky TV, even your unix
    passwords are encrypted so no one else can use your computer without your
    permission + anything else which has any kind of encryption to limit what
    you can or cannot do with the data on it.

    Craig Whitmore, Jan 14, 2007
  8. Read the interview again. Pay specific attention to what was said about
    hardware implementation with dependencies in the OS. Pay attention to what was
    said about 'not documenting the workings of the devices'. Now explain to me how
    you will write a [linux] driver that does decryption, for a partially
    undocumented grafix device with incorporated, hardwired malware (by trial and
    error? I think not).

    Basically, there is only one way of cicumventing this stuff, and that is buying
    hardware that doesn't have the crap implemented and hardwired in (yet).


    I have been sitting here for the last 6-9 months wondering if I should think
    about upgrading NOW, before it's too late - when I don't even know what gear is
    already infected -- or if I just shouldn't bother. I don't give a shit about
    HD-tv on my comp.
    And I don't need a bleeding edge system for twitchies, I am fine playing
    nethack on this system, until it falls over. Which, sadly, it will eventually
    do. :-( I will most certainly not be supporting the Evil Empire (and by that I
    mean the unholy alliance of Microsoft and Hollywood) with my dollars; either by
    purchasing ANY drm media nor by buying Vista.

    Peter Huebner, Jan 14, 2007
  9. Dianthus Mimulus

    Earl Grey Guest

    You might even get the idea that they don't want you to play HD content
    on your computer.
    Earl Grey, Jan 14, 2007
  10. Once again, this encryption /isnt/ required for HD playback. The
    encyrption, degrading of content and other such things is all /extra/
    stuff. You dont need it for video playback. You can decode AACS just
    fine without it.

    Years back when the DVD appeared people could have said the exact same
    thing. DVD discs are protected by CSS and there were no official DVD
    players available for linux. It didnt take long for someone to break
    CSS - as soon as that happened the way was opened for DVD players and
    DVD rippers.

    The situation now is amlost exactly the same. The media is HD-DVD and
    Bluray. The content protection system is AACS which is somewhat
    superior to CSS. But it is still the same. It will be broken and
    players and rippers will appear. Players without all of this
    encryption of video streams and dropping quality if your hardware isnt
    new enough.
    David Goodwin, Jan 14, 2007
  11. You can't.
    Have a look at this long list of Vista bugs reported by a columnist:
    <http://blogs.zdnet.com/Ou/?p=402>. Notice how most of them are
    media-related? That's consistent with Peter Gutmann's analysis that
    integration of DRM restrictions right through every level of the OS in
    Vista will lead to never-ending problems.

    In other words, DRM doesn't "just work".
    Lawrence D'Oliveiro, Jan 15, 2007
  12. If you buy a film in HD-DVD format you should still be able to view that
    film using ANY HD-DVD player that is capable of decrypting the data on the
    DVD. All you need to do that is the key. Those keys have already been

    If that player does not degrade the content due to the OS not turning on
    the degrading/constricting circutry then great.

    If your OS has not implemented the ability to turn on that constricting
    circutry then even better!

    I expect that Linux will not implement that nasty user-unfriendly hack and
    thus HD-DVD playback will work happily on all hardware with the capacity
    to display at the resolution of HD-DVD content.
    Dianthus Mimulus, Jan 15, 2007
  13. You fail to understand that once the decoder has the key for that disc
    then the full content of that disc will be accessable and decodable and
    playable. The *full* content.
    Dianthus Mimulus, Jan 15, 2007
  14. What you're saying here is completely contrary to what Micro$oft has
    published. Please read the document at the following URL, from which I
    have quoted below.


    In Windows Vista, the Protected Environment provides process isolation and
    continually monitors what kernel-mode software is loaded. If a rogue
    component is detected, then Windows Vista will stop playing high-level
    premium content, rather than risk it being stolen.

    The OPM OTA routes requests for resolution constrictions to the Enhanced
    Video Renderer (EVR) and routes all other output protection requests to
    the OPM component.

    In contrast, DVI without HDCP is definitely not liked by content owners,
    because it provides a pristine digital interface that can be captured
    cleanly. When playing premium content such as HD-DVD and Blu-Ray DVD,
    PVP-OPM will be required to turn off or constrict the quality of
    unprotected DVI. As a result, a regular DVI monitor will either get
    slightly fuzzy or go black, with a polite message explaining that it
    doesn’t meet security requirements.

    Analog YPbPr component was the CE industry’s first attempt at an interface
    to HD displays. However, apart from CGMS-A signaling, it doesn’t provide
    any protection mechanism. PVP-OPM will be required to turn off or
    constrict it for premium content such as HD-DVD or Blu-Ray DVD.

    Constriction is the process of downscaling the picture to the required
    resolution—for example, 520K pixels—and then scaling it back up to the
    original resolution. The result is a picture with an unchanged scanning
    raster, but it is now a bit fuzzy, because the information content of the
    picture has been reduced to degrade the picture. Constriction is done by
    putting a downscaler and an upscaler in series in the content path.

    The content owner’s constriction requirement is likely to be specified in
    terms of total number of pixels allowed to pass through the constrictor.
    For example, rather than specifying 840x630, the content owner will
    specify a maximum of 520K pixels. This way of specifying allows more
    flexibility when handling widescreen content. The “total number of pixelsâ€
    limit is translated into a specific resolution that the graphics chip is
    required to constrict to.
    Dianthus Mimulus, Jan 15, 2007
  15. Dianthus Mimulus

    Murray Symon Guest

    This is not CSS. It is not that simple. CSS was simple and weak. With
    AACS there are multiple keys, e.g. separate ones for players/decoders as
    well as individual titles. Invidual keys can be revoked. It is quite
    possible that one movie title may be distributed with many keys. Once a
    player (e.g. software player) is compromised the key for that player can
    be revoked.

    The idea behind the new generation of DRM is to have the hardware modified
    sufficiently so that a full "secure channel" can be established from
    source media to replay device.

    For the AACS to be truly "cracked" you would probably need Internet
    servers providing a continual supply of new keys for both the titles and
    the drives to keep working. Either that or once you "crack" a title,
    encapsulate it forever with its player in its own virtual machine image.

    I don't think you will see a simple and universal solution to AACS as
    there was with CSS.

    Murray Symon, Jan 15, 2007
  16. How will the DVD be updated to reflect the revoked key?

    How will the DVD player know that the key has been revoked?

    How will hardware purchased prior to the advent of video-card decryption
    know that ANY key has been revoked?

    What would stop the HD_DVD from being played if the software simply does
    not test for invalidity of the keys?
    Dianthus Mimulus, Jan 15, 2007
  17. I believe the discs title key is encrypted for each player key. The
    players key would be revoked by excluding it from newer discs. This
    would mean that the player wouldnt be able to decrypt the title key
    for newer discs and so it would be unable to play the media.

    If this is the case then one would either have to find a flaw in AES
    (the encryption that AACS uses) or have an easy method of getting the
    players key.

    For software players, if each individual copy of the player software
    has its own key rather than each release or version then the situation
    becomes somewhat easier. As long as you dont give out your copys key
    then the MPAA wont know to revoke it.
    David Goodwin, Jan 15, 2007
  18. But... if a software player deliberately uses the same key as, say, a
    popular hardware HD-DVD player... then how could the MPAA possibly revoke
    that key without those discs then falling foul of the Consumer Guarantees
    Dianthus Mimulus, Jan 15, 2007
  19. As I understand it I think the way that AACS is stronger than CSS is
    rather than each model of player having its own key, each instance of
    that model has its own key. So two players of the same model would
    have different keys.

    This means that if someone hacks one player and starts distributing
    the key the MPAA can revoke the key for that individual player without
    causing problems for other players.

    I think CSS just had one key for each model of player which is where
    it had problems - you couldnt revoke the keys for an entire model of
    player without people complaining.
    David Goodwin, Jan 15, 2007
  20. I wasn't aware that regular DVDs had keys that related to the hardware
    they were being played on. :eek:)
    Dianthus Mimulus, Jan 15, 2007
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.