[Info-vax] OT: Arun Kishan
John Wallace
johnwallace4 at yahoo.co.uk
Fri Jan 29 17:01:35 EST 2010
On Jan 29, 8:19 pm, cornel... at eisner.decus.org (George Cornelius)
wrote:
> In article <dec96c96-1ba6-4f28-af8f-099e46fa6... at m26g2000yqb.googlegroups.com>, John Wallace <johnwalla... at yahoo.co.uk> writes:
>
> > More recently, Vista had a whole load of redesign work done to bring
> > back some of the isolation which had been abandoned so long ago. This
> > time the goal wasn't system reliability, the goal was Hollywood-
> > mandated content protection. Vista (especially Vista64) was supposed
> > to provide secure tamper-proof end-to-end copy protection of DRM-
> > protected commercial content such as Blu-Ray. But obviously content
> > protection is trivially bypassed if any arbitrary kernel mode code can
> > see other arbitrary bits of data passing through the kernel; what
> > good's your DRM then? So the "protected media path" was introduced,
> > along with a whole load of other features that allow media rights
> > owners to determine what your computer can do with their content.
>
> I hate to tell you this, but a little razzle dazzle does not keep a
> true kernel mode hacker from finding where your data is and stealing
> it. Find the magic bullet - where in the kernel to insert your code -
> and you collect any information you want from the running processes.
>
> And if that's too difficult, you find the simplest architecture
> that Vista can possibly run on, run the code within an emulator for
> that architecture, and insert your hooks into the emulator itself.
> Not to mention that if you can find a processor in which you can
> disable the processor data cache, you can grab the bits from the
> bus on their way to and from external storage. Where there's a
> will there's a way. And I haven't started talking about popping
> the covers off the chips yet.
>
> As far as I know, the only way to come close to truly implementing
> end-to-end secure transfer is to put the decryption - and the
> decryption keys - in the graphics card itself. That may explain,
> of course, why my ATI HDTV card won't work with just any graphics
> processor - they want one where enough of the crucial operations are
> inside that processor, preferably an ATI branded one, where I can't
> hack into them.
>
> Where you find implementations that are convoluted beyond belief,
> look around a bit. There's an entire flock of attorneys who had
> a major influence on the final outcome. And that applies to a lot
> more than just computer systems.
>
> George Cornelius
>
> > "System reliability" isn't the driving force behind these changes
> > though; being a Hollywood-compatible general purpose media-centric OS
> > is.
"run the code within an emulator for that architecture, and insert
your hooks into the emulator itself. "
Kernel mode, or even the emulator, on its own doesn't buy you much if
the high value content is encrypted till it reaches not just the
graphics card but the (in theory) HDMI-connected HDCP-protected
display, which is supposed to do a key exchange thing at connect time
before it will work in proper HD mode... it's not about making it
impossible, it's just about making it look too tedious (or, from a
DMCA point of view, too dangerous) to be worth doing in general.
More information about the Info-vax
mailing list