Why, it's a brand new era of spyware, viruses, hacks, exploitation, encryption. Steve: Yeah, yeah. Hello, Steve. Steve: Hey, Leo. Great to be back. Our first episode of the new year. And just so everyone knows, we're kidding about there being no more Security Now!.
Leo: Do you think anybody believed it? Steve: I don't think so. Leo: I can see it on Digg, though. I should really learn. You've got to be very careful what you say these days because it's taken out of context, it gets on Digg, and it gets a life of its own. Steve: Oh, it's true. Leo: I was having trouble getting guests, yeah.
Steve: That's right, for TWiT. Leo: I didn't even say I was going to kill it, I just said I'm having trouble. Steve: And it was a firestorm. Leo: I still hear from people. I said I don't think so.
In fact, I'm very pleased to say TWiT was named one of the top ten podcasts of the year from Time magazine, so Steve: Time magazine. Leo: Time magazine.
Pretty high honor. We're up there with all the biggies. Steve: Mainstream media. Leo: Yeah. And most of it is mainstream media. Anyway, enough of that. And I consider, by the way, that that's the TWiT network more than just any one podcast. Because really TWiT is made up of so many pieces. We're going to talk today about something that is really new in , a new form of digital rights management. Steve: Well, yeah.
When he and I were corresponding, his email was going into a different folder. And I thought, okay, I know I just got email, where did it go? Well, I had a folder from a dialogue I had had with Peter and one of his coworkers back in regarding a free cryptographic library that they were making available, an open source cryptographic library. And back then I was talking to him about making use of some of the functions and wanting to get his permission to do so. So I've had a dialogue going back with Peter four years, five years.
And what happened was, he wrote a really interesting paper which I was reading on the plane heading to Northern California for Christmas. Actually it was on December By the time I got to the second page of this thing it had me in its grip. It was fantastic. And this is something that we've never talked about before. Peter has a very progressive, open source, free speech sort of take on this.
But it was really interesting. So it got me focused on this issue of, wait a minute, I mean, you and I deal with media a lot, Leo.
DRM is an issue. So he's going to join us in next week's episode about Vista and DRM to talk about the things he said. And also I think it will be fascinating to hear about the reactions to his paper. In the email that he and I have had, in our correspondence, he's just been in a firestorm.
Many bloggers have jumped on the things he said, saying that he's wrong. So anyway, it sent me into a research mode for most of the last week to understand what this AACS content protection system is. I wanted to understand the technology of it and basically to do a fact check of what Peter wrote and also to be able to bring sort of a comprehensive view of what this means to our listeners. Leo: So we'll set that up this week, and then next week we'll talk with Peter, having kind of a foundation for understanding what he's talking about.
Steve: Well, yes. And in fact the reason I want to talk about this, first of all, I think it will be interesting to all of our listeners. And although technically we're about security, no base of listeners more than ours has the foundation to understand this stuff because this is all about crypto and the technologies that we've been talking about, as you said, since Hey, before we get started on understanding AACS, what it is and what it's going to mean going forward, let me just mention, as always, that this podcast starts a brand new year with Astaro.
They've sponsored us most of last year, and they've decided to come back for all of We're really thrilled. It's a good match for us. Astaro makes the Astaro Security Gateway. Now, if you're a small or a medium business, and you're looking for superior protection from spam, from viruses, from hackers, you get a complete VPN, you get intrusion protection, you get content filtering and an industrial-strength firewall, all in a box, a little, affordable, high-performance appliance, it's really neat.
You can contact Astaro to get a free trial, Astaro. You can schedule a free trial of an Astaro Security Gateway appliance in your business. And home users, non-commercial users can download the software from ASG for home use for free, which is pretty neat. It's open source and very, very powerful. Astaro Corporation, Astaro. We thank them for their support. So AACS. What does that stand for? Advanced Access Content System is what it stands for. Leo: Is it a replacement for CSS, which was Steve: Well, it's sort of a replacement Leo: That's the DVD encryption.
Steve: Right, a sort of replacement for CSS, although really it's an evolution forward. That's one of the things that I learned during this research is that this is not a completely brand new system. There's been a constant evolution in content protection ever since, well, since the beginning of digital tape stuff happened. Because here was going to be a consumer digital audio tape recording format that would potentially allow consumers to make perfect copies of recordings.
And so when we moved into this digital era from the older analog era, things that were already sort of set up to be a problem for the content producers got a lot worse because now there was not this notion of a recording of a recording of a recording.
You may remember in elementary school when we had cassette tape recorders, kids would get two cassette tape recorders, hook their connections together, set one to play and the other to record. Remember those old days, Leo? Leo: Right, yeah. Steve: And you'd make a copy of some Leo: And it would get hissier and hissier with each copy. Steve: Exactly. And so, yes, that was a violation of copyrights. And so even back way Leo: I think there was a loophole, though, wasn't there?
I think there was the Home Recording Act, which allowed you to do that. Steve: Actually that didn't come until after DAT tape. It was, like, four years later. It was in And the reason that that happened was, well, first of all what SCMS was, was it allowed you to make one first-generation copy, but the copy could not be copied. And the reason that happened was that even later, back in '72, the recording industry was worried about consumer tape recorders, as we were talking about, and wanted to tighten up the regulations.
But due to the sort of the historical nature of copyrights, the Congress was concerned about just banning all copying. So essentially what's been going on is, over time this notion of who owns the material really has evolved.
The original copyright provision, back in , of the Constitution, it allowed for year protection on books, maps, and charts. And basically it stood that way for about a century, after which time that 28 years was doubled to 56 years. And the notion of printing, which is what they were talking about then, turned into copying because we were beginning to have phonographs and player piano, remember sheet roll music stuff. But what's happened is, well, the idea was that the overall goal was that the public interest was going to be served, that is, the formal law says that what's good for the public is what we want.
So the idea was that allowing anyone to copy anything was not good for the public because that would disincentivize content producers. So the idea was, let's give content producers some length of time in order to have exclusive rights, after which the content will revert to the public domain.
And of course that's very much like the patent system that we still have today, where you file a patent that publicly discloses your invention, so for example it's no longer a trade secret, it will be made public, but in doing so you're guaranteed 17 years of exclusivity to that invention in return for making it public, the idea being that that allows other people to build off of your invention during that time, although they have to pay licensing rights and royalties to you if they use it.
Now, the flipside of that is, look how the world has changed in, for example, the last 30 years, where back in elementary school kids were plugging two tape recorders together.
Now we have hard drives, gigabytes of storage; we have Internet; we have fantastic communications technologies. All of these things, of course, work to make the proliferation of copyrighted material far easier. So those people who are trying to say, wait, you know, we need greater protections today because the world is nothing like it was envisioned back when these original laws were created, I mean, you could argue that they've got a good point.
Leo: Oh, boy. Steve: Yes. And that's where we got this DMCA, the Digital Millennium Copyright Act, which basically criminalizes and makes much greater the fines involved with basically touching in any way content which has ever been encrypted. And so essentially, technically there's still this fair use provision in the law, but it's gone for encrypted content.
Look at CDs. Now, CDs are non-encrypted, and nobody thinks twice about ripping a CD and sticking it in your MP3 player for your own personal use. And fair use law allows that to be done. You're certainly not supposed to copy the CDs and hand out perfect digital copies to your friends.
But unfortunately for the content producers, it's entirely possible to do that because the CD technology was never produced with any encryption. That is, there's nothing there to prevent that from happening. So the way the laws have come down is, okay, the DMCA criminalizes the circumvention, even the exploration actually of circumvention into any technology used to thwart copying.
So essentially what's happened is, over time the world has changed, computers are becoming powerful, and from the standpoint of content producers, I mean, the creation of the PC is the worst thing that ever happened. So you can stick DVDs in. With the proper software you're able to rip them, decrypt them, and burn copies.
This has been a nightmare for content producers. And while they have succeeded in lobbying strongly and passing laws to increase the length of their ownership of properties and to basically make increasingly onerous the threat of breaking these rules, they recognize that laws are one thing, but preventing the copying is what they have to do if it's not going to happen.
I mean, look at filesharing. And I'm not that much into the industry. He's got a friend who is a song author. So what's happened is, sort of quietly and behind the scenes, there has been a continuous march of technology moving forward. You mentioned CSS. It had a number of problems. Also back then the available processing power in players was far lower, so you could argue that players wouldn't have been able to really manage much heavier crypto anyway.
So CSS uses a bit key, and analyses of it have shown that only 25 bits of the 40 turned out to be mathematically significant. Leo: Oh, that's terrible. Well, it's very reminiscent, remember, of the bit Leo: WEP. WEP encryption. You know, it's like, oh, 40 bits is a lot. Leo: It's enough. Steve: And it turned out that weaknesses in the encryption caused it to have real problems, as we've covered in the past talking about Wi-Fi stuff.
So bottom line is that CSS was protection against casual copying, but it allowed the technology to be cracked and to the point now where people who want to copy commercial DVDs are pretty much able to do so. On the other hand, the DMCA absolutely guarantees that, since it was encrypted, their intent to protect it is in place.
Now, the problem is, it really does block fair use because individuals by law should be able, were it not for this DMCA ban on copying anything that is encrypted, individuals should be able to copy for their own use. And one of the things that I found really interesting, you may remember this, it was a report that came out maybe about a year ago, and that is that pressed CDs and DVDs are not nearly as archival as was believed.
It turns out that there's an oxidization problem that occurs over time. And so our large collections of CDs and DVDs are degrading and have a lifetime that some have measured of maybe 10, maybe 15 years, but not Whereas it turns out that recordable technology, because it doesn't use the same materials at all, CD-R and DVD-R material, has much longer archival shelf storage life.
And I buy them because I love movies, and I would like to be able to watch these in 30 years. Turns out we don't have that freedom anymore to do so legally. So over time there's been a series of evolutions in CSS. Informally there's something called CSS2 that never really existed. You will want to classify the data in your core system and understand its sensitivity level and how it is being handled.
Consider how the data is manipulated by both code in the system and the people who have operational access to this data during all phases of system development, debugging, and operation. For example, if you are sharing private information with third parties, you will want to make sure how it should be handled is explicitly called out in your Privacy Policy, Terms of Service, and Vendor contracts.
SOC and ISO both include security requirements for these areas and therefore may be good programs to consider for your needs. Last but not least, keep in mind that many of the frameworks have overlapping requirements—so one process or one internal control may satisfy requirements in multiple frameworks.
On the security front, organizations like Adobe have reviewed a variety of compliance frameworks, determined where they overlap, and released a common controls framework that enables itself and its customers to comply with a multitude of certifications, standards, and regulations. Their Common Controls Framework is open-source so any organization can leverage it.
On the privacy front, Nymity , a privacy management software, has done the work of mapping both GDPR and CCPA requirements and identified a set of privacy management activities and technical and organizational measures that are relevant to both.
Develop a project plan. Treat implementing a new data security framework like a project and manage it closely. Develop a timeline, make sure the right people are involved, and ensure everyone understands the importance of successfully completing this project. Perform a risk assessment. Risk assessments are foundational to an effective compliance gram. After all, your compliance measures should be tailored to minimize the risks that are material to your organization.
Design and implement controls. Once you know your risks, you can develop internal controls to mitigate them. Controls are processes designed to provide assurance that your business is meeting its objectives in security, data privacy and the effectiveness of your operations.
Document your work. During an audit, one of the main ways you will show compliance is through documentation. You should keep detailed records on your processes, policies, training, implementation, internal and external audits, and any other activities related to your compliance efforts because auditors will need them to verify the efficacy of your internal controls.
Conduct an audit readiness assessment. To mitigate the risk of failing an audit, your organization should conduct a compliance audit readiness assessment before the formal audit. During an audit readiness assessment, which should ideally happen a couple of months before the formal audit, the auditor will talk with the key personnel involved in compliance within your organization.
These interviews are a means for auditors to understand your key policies and compliance processes. Conduct a formal audit. To inculcate a culture of ethics and compliance, you need to document your compliance measures and collect evidence on an ongoing basis to ensure your controls are working as intended.
Along with potentially protecting your company from being fined in the event of an incident such as a data breach, having evidence of your compliance processes on hand can give you an opportunity to find your compliance blind spots. Going forward, we can expect to see increasing regulations in areas such as user privacy, security, and others at the local, state, federal, and international levels.
Hyperproof has done our own research on the GRC tools market. We evaluated almost two dozen different tools and found that GRC tools tackle one or more of the following areas:. For an organization to sufficiently inoculate itself against risks and threats, the firm must first understand the different risks it has exposure to, given its current business model and go-to-market plan.
Within the GRC tools market, there are some software applications that are primarily focused on helping risk and compliance professionals and business leaders make sense of the risks. The tools facilitate a risk identification process, help users develop a model of their risks, and categorize their risks according to various criteria e.
This risk assessment serves as the foundation for an organization to develop the appropriate governance structure and risk-mitigation policies and controls.
This top section of the GRC tools market is served by some of the most established vendors in the market. Once risks have been identified and policies developed, organizations get into the block-and-tackle work of compliance. These include tasks such as establishing internal controls and operating procedures to ensure that policies are being followed and requirements are met, monitoring the internal controls environment, and testing various controls to make sure they are working as intended.
This category of work also includes scheduling and preparing for external audits. In other words, findings from a security audit can serve as a recipe for reducing risks. Not addressing risks on a continuous basis e. Going through an external audit is typically an extremely time-consuming process.
Process owners across teams IT, Accounting, Finance, Engineering must submit hundreds of files and documents to their auditors to review.
For even a single audit, it can take over hours for a compliance team to produce, locate, verify, and organize all the documents and evidence they must submit to their auditors. At this time, several companies tried to carve out a niche for themselves in the GRC tools market by building software to simplify and streamline the audit process. These tools are built to eliminate or reduce the amount of time compliance teams spend on manual processes.
They come with features that help compliance teams and business process owners work collaboratively with auditors to gain visibility into controls, certifications, and PBC evidence requests. In general, audit management tools give compliance and audit professionals the ability to manage all PBC requests in a single place, centralize communication between process owners and auditors, and remind key process owners to complete their tasks on time.
While these tools do provide IT security and compliance professionals a better way to work with their auditors, they are not built to support users with the third, and arguably the most critical workstream of GRC: the on-going, day-to-day management of risk and compliance projects. Unfortunately, compliance professionals today are struggling to make the time for this ongoing, operational work.
First, given how long it takes to prepare for external audits, compliance teams are left with little time to focus on other key tasks e. For instance, when you have hundreds of security controls managed by a dozen different people, and half of those controls need be reviewed on a quarterly basis, it's all too easy for things to slip through the cracks. Unfortunately, these issues pose significant negative costs to individual and organizations: Compliance professionals are often overwhelmed and stressed out; they aren't sure that control operators are keeping up with what they need to do.
They are left with little time to devote to other strategic projects aimed at improving the security and compliance posture of their organizations. Compliance Ops software such as Hyperproof eliminates the tedious, repetitive tasks traditionally associated with managing compliance projects and audits, and helps compliance and security teams effectively collaborate with stakeholders to keep internal controls and evidence fresh on a continuous basis, which ultimately lead to reduced risks and improved security.
Hyperproof does the job through four mechanisms:. Hyperproof has created a series of starter compliance templates to help organizations jump-start their journey to compliance. Each template comes with requisite requirements and illustrative controls.
Once you choose a template, you can easily upload existing files, tailor controls to their specific environment, create new controls, and iterate your way to full compliance. You can also upload your existing compliance framework as a CSV file into Hyperproof and manage it in the software. Once a program e. Many of us recognize that successful compliance efforts require cooperation from various stakeholders. Yet, compliance teams have traditionally had difficulty enticing cooperation from their business counterparts.
Business stakeholders do not need to learn the language of compliance or any new tools. They can receive notifications to complete their tasks through the tools they are already using e. Outlook, Slack, Gmail , complete the tasks in those tools, and have information routed back and reflected in Hyperproof. Hyperproof streamlines audit processes, by eliminating administrative overhead from the entire evidence collection and management process.
Hyperproof serves as a single source of truth for all of your evidence files. Once files have been uploaded into Hyperproof, a compliance project manager can link evidence to controls across multiple programs and multiple requirements, and retrieve the right file instantaneously through search function. With Hyperproof, you can retain a detailed trail of all former audits, both internal and external. The software is able to capture metadata with each evidence file, so new employees or someone new to a particular audit can use that information to have an immediate impact on preparation activities.
They will know where artifacts were sourced, when the last person did it, and from whom. It will reduce the amount of time and confusion that comes with aggregating information to something almost trivial in the audit process.
Hyperproof can help compliance professionals meet that expectation. And so if they say you must do this, and then it gets broken, they're in trouble. Leo: Ah. So they can't be specific. PETER: Right, they can't afford to be specific because, if they end up being wrong, then they're liable. But then reading the AACS stuff and looking at the revocation technology which has been bundled into this, it's very clear that, while Microsoft is bearing some responsibility, there's a tremendous onus also put, for example, on graphics card makers.
I mean, they're hugely incentivized to make their cards perform and their drivers perform really at a level of quality that we've never asked from them before. And that's particularly nasty for them because they're not given any hard and fast rules. They're just told that you'd better show a lot of compliance.
You play by Hollywood's rules, or you don't play at all. What's your response to that? And in fact I've been updating the document constantly to cover this, and I addressed that in a very recent release. Microsoft owns, I don't know what it is, 95 percent of the market or so.
And particularly for desktop OSes, they own pretty much the entire market. They could quite easily say to Hollywood, you know, we're not going to put this stuff into the operating system because it severely degrades the performance and reliability and stability and so on and so forth. Take it or leave it. Well, Hollywood relies entirely on Microsoft. If Microsoft said we refuse to do this, Hollywood can't afford to ignore 95 percent of the market.
So I think that's a bit of a red herring. Leo: So companies like Apple, people who make Linux distributions, could safely ignore this content protection and say, well, you know, we don't have to do it, let Microsoft do it, we won't do it. And that's, you know, so the example you cited of the suicide note, that was actually taken, just as sort of a bit of background information, that was taken from the British Labour Party's election manifesto, which someone said was the longest suicide note in history.
The Microsoft suicide note is a bit longer. But the thing is, that was so bad that their opponents actually printed it out and used it as propaganda for their own cause. And so it could well be that Apple's going to go and point out some of these really nasty things inside Vista and say, look at how bad this is. Buy our computers and our operating system instead. And certainly the Linux people are going to use it for propaganda to make Linux look good.
Leo: Right, right. So this is a technical podcast. And that really sort of came from Apple because the Apple II had the same thing. Leo: And it really kick-started the PC revolution. And so I was hugely empowered by the fact that IBM had left the platform so open. And of course everyone remembers how the PC just exploded with all this add-on software and hardware.
And of course IBM famously sort of backed away from their open stance when they created that horrible Micro Channel Architecture, which was pretty much stillborn.
But still, I mean, ever since then the PC has been fully documented. You could get specs. You could find sample code. I mean, it's just been this tremendous environment. And what really upsets me is to do what Microsoft has decided they're going to do requires closing down major chunks of the architecture.
Leo: Well, let's start with Section 1, disabling of functionality. You talk about how, if you bought a video card that supported HDMI digital video with HDCP, you're going to have to buy another one because they didn't really work when they first came out? In order to protect that, you have an encryption mechanism called HDCP. And to do that you need to put encryption keys onto your video card. The problem is that it costs money to put these individual encryption keys onto each video card.
So to reduce costs, the card manufacturer has simply omitted them. So if you bought a supposedly HD-ready video card Leo: It won't work. And that's the nasty thing with sort of audio fanatics or anybody who basically wants to produce high-quality audio from a PC or use some sort of digital interface and maybe even optical output, connected to some expensive amplifier or whatever.
And because there's no protection involved in the audio output, that has to be disabled. Leo: Now, we should make that clear. I mean, it's not always disabled. Because that all goes through the same sound output system, that kind of infects everything. So the protected content infects every other content that happens to be going through the system at the time.
Leo: We in fact wouldn't be doing this interview now because I use optical outputs. So they'd be shut down. Again, reading the specs, I think probably what most manufacturers would do is just shut it down. But what the specs say is that, depending on how much protected content is present, you partially shut it down.
So, for example, if you're playing protected content, and it's very quiet, then some of it will be shut down; and as the volume increases, more of it gets shut down. So Microsoft say that any display device that has a resolution of more than K pixels, which in practice is a resolution of about x, has to have its output degraded. Now, if you look at the Vista specs, in order to run Aero you need a resolution of x Leo: When will the output be degraded?
Leo: Ah, so my display isn't going to work. So effectively you get a very low-quality output. But because this requires custom hardware or custom drivers or whatever, stuff that the manufacturers haven't actually been able to put into their cards yet, it seems that at the moment when people are trying to play HD content or premium content, they simply don't get any output at all.
Leo: Great. Steve: So it was my feeling, and I guess this is from something I read in some forums, that in fact the current HD-DVDs would play, for example, on a consumer HD-DVD player, even out of their component outs, because the policy that goes along with the content was not yet so restrictive that the policymakers were saying we're not going to allow analog output to happen. I mean, obviously, if you've bought an HD player and some huge plasma screen and spent thousands of dollars, and you put a disk in, it doesn't play, you're not going to be very happy.
So at the moment, yeah, they're turning off this constriction. However, how Windows handles this is another matter. And the thing you see over and over again is I bought a computer, it came with an HD drive, I put the disk in, it didn't play. So maybe Windows doesn't honor that or doesn't handle it that well. It plays high-quality over component outputs and looks great. I guess they just haven't enabled it.
I mean, here's a Microsoft product where they haven't made that compromise. Leo: You think that Vista will. PETER: From the reports from beta testers and so on, from the reports we've been seeing, I mean, it's really hard to predict the future because it hasn't been officially released yet.
But from reports from beta testers, a standard complaint is that they put the disk in the drive and it doesn't play. Leo: Let's talk about some other consequences of this copy protection. Some of these are serious to a limited audience. For instance, open source hardware support, it's now going to be very difficult to write an open source driver for any of this hardware.
So one of the things they require, one of the things they're worried about is someone creating some emulation of a hardware device, so you emulate perhaps some software, or perhaps some hardware, a sound card or a video card or whatnot. And then Vista sends the decrypted content to your artificial sound card, your artificial video card, and your thing got direct access to it. The reason why they're worried about that is because this is exactly what people have done in the past under Windows XP.
They've created sort of loopback devices or whatnot, and Windows has sent the content to some loopback device or some artificially created device driver that pretends to be the real thing. Leo: This way you could capture keys and things like that. Leo: The content itself. Which means that the device driver has to probe the hardware and try to determine whether it's genuine hardware or not.
So it executes undocumented features or exercises some sort of undocumented functionality or pokes around inside the thing in such a way that hopefully it can't be faked by a malicious piece of hardware. The problem is, in order to do this you can no longer document the internals of the device because, if you did, then someone else could write an emulator for the device that pretends to be the real thing.
Leo: So you can't publish specs, and you can't publish source code. Now, again, the language in the spec is kind of wishy-washy. It doesn't say you can't publish any specs at all. It simply says that some aspects of the device will have to be kept proprietary. But that's kind of nasty for anyone writing open source software because, if you've got a graphics card, you need to know exactly how it works in order to write the drivers for it.
And if half the thing is undocumented, it becomes very hard to support it properly. Leo: Isn't it possible that just the undocumented part will be the premium content playback, and everything else will be documented; and you could still write a driver for Linux, for instance, but it just wouldn't play back HiDef movies? PETER: Well, it's not that you can partition a card into one specific premium content, but everything else is public.
What they are requiring that you do is that you exercise, and again the specs are vague, but some sort of functionality of the card, the graphics rendering engine as an example, like in several cases, and to determine whether it really is a genuine card or a copy of the thing or an emulator that someone's created. And leaving the whole graphics rendering engine undocumented is a pretty nasty denial of service on anyone who wants to write open source drivers for it.
Steve: Well, and the other thing that I think is really interesting, and Microsoft's spec makes this very clear, is they have this notion of a user-accessible bus. Because again, that bus is an opportunity for someone to snoop the bus and capture content as it's going from the motherboard up to the graphics card.
Leo: Bunnie Huang, yeah. And so they're trying to encrypt the system buses to stop exactly that sort of attack. It's kind of interesting, if you read through the specs and you think back, okay, what are they trying to defend against, here was a published attack, and presumably they're worried about exactly this kind of attack. And so they're taking these very unusual and probably excessive measures to try and defend against it.
And the problem is, again from Microsoft's own documents, the current processes simply don't have the horsepower to do both video processing and encryption of high-bandwidth content. And that's one of the sad things about this whole Vista DRM effort. They've put a huge amount of work into creating this protected environment. Now, imagine if they'd instead used that to protect against viruses and malware and rootkits and so on and so forth.
It's one of the things that I think I may have commented on last week was that, as you read this, you get a sense for this phenomenal amount of industry which has gone into turning Vista into this platform that can play HD-DVD and various types of other source forms of high-definition protected content.
And they've basically burdened the operating system with all this technology. Leo: Well, ironically, they've made it more susceptible to malware. We had tilt sensors to monitor physical interference with the device. Leo: Yeah, if you pick up the machine and get the ball in the hole, it's tilted, and it fails.
And so Microsoft have done or required that hardware manufacturers do pretty much exactly the same thing. The nasty thing with this is that, well, to put it bluntly, it makes your hardware in your system a lot less reliable. The typical PC is thrown together out of all sorts of random bits and pieces with different tolerances; and half the parts are made by the cheapest possible manufacturer, so a lot of them are cheap and nasty.
So they're designed to have a certain amount of tolerance for voltage fluctuations and strange bus signals and bugs in device drivers that set hardware bits wrong and so on and so forth. The problem is that, if you do get these strange voltage fluctuations or strange noise on the system bus or whatever, that could also be a sign of attack. And so Microsoft have said that hardware has to monitor for any of these peculiarities. And if they're found, then it sets these tilt bits in a register somewhere.
Vista polls these tilt bits; and if any of them are set, it reacts in some vaguely specified but somewhat drastic manner. Leo: Will it shut down, or crash, or put up a blue screen? Well, they say it initiates a complete reseat of the graphics system, and it also mentions it's a restart.
Now, I don't think that's a restart of the PC as a whole. Presumably it's just a restart of the graphics subsystem. Steve: Yes, and it requires a reauthentication of the whole system to be self-consistent internally. So I think the effect is going to be that, if any of these tilt bits get set, there will be some drastic amount of processing and change of system state going on in Vista.
And I don't know exactly how noticeable it's going to be, whether it takes five seconds or 10 seconds or half a second or whatever.
0コメント