“Microsoft wants to change the fundamental architecture of the PC, adding security hardware prior to the release of the next generation of its Windows operating system around 2004, according to a media report and an analyst briefed by the company.” Read the article at InfoWorld.
Microsoft Plans Security Chip for Windows Longhorn
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSAlert.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
“Security hardware”… Yeah, right.
Big Billy Will Be Watching You!
It only sounds like a ploy to lock windows to the exact computer it is was installed on; i.e. copy protection built into the hardware. OR shift the focus on computer security to the hardware level rather than software. No matter what the REAL purpose is, it will no doubt remove the flexibility from the consumer and increase the dependance on MS. I trust nothing from MS.
I’m also wondering if this ‘security’ feature really has something to do with another form of product activation?
Microsoft should not be allowd to take any control of the hardware platform, the pc must remain an open system, for the good of all non ms os’s and all end users.
I am calling AMD and Intel today to ask that they not support it. I hope others do the same, they will not push it if they think it will make them unpopular. Look what happened to the Pentium III’s serial #.
Welp I guess I am done with windows (for home use). I can stand to use it at work, but win2k will be the last ms os on my home pc. I guess I am going to become a MAC user now.
this “security” chip will also include a DRM protection…. meaning: any media, video or sound, that is copyrighted, cannot be downloaded/stored/saved on your harddrive/computer or copied to cd’s, dvd’s, mp3 players, portable hdd’s, or whatever.. fancy shit.. yes? NO! /me casts a dark spell over the evil empire that is located in Redmond
“It only sounds like a ploy to lock windows to the exact computer it is was installed on; i.e. copy protection built into the hardware.”
“I’m also wondering if this ‘security’ feature really has something to do with another form of product activation?”
So what? It’s not like this is anything new. Many architectures have implemented similar systems for quite some time. For example, Sparc systems have a PROM ID that software uses to implement “hardware copy protection”. You order software for Sparc, you give the vendor your PROM ID, that PROM ID gets hard coded into the software, and the software won’t run on any system that doesn’t have that same PROM ID.
This type of system is nothing new. But suddenly now that Microsoft wants to implement it people are having fits. Why is that? Is it just because it is Microsoft that is requesting it? Or is it because of ignorance that people just didn’t realize this system has already been in place for years on many architectures?
… I wonder if this security chip would allow/hinder the installation of alternative OS’s?
If it’s transparent or ignored by them, cool. If not, this truly would bite.
This type of system is nothing new. But suddenly now that Microsoft wants to implement it people are having fits. Why is that? Is it just because it is Microsoft that is requesting it? Or is it because of ignorance that people just didn’t realize this system has already been in place for years on many architectures?
—-
ahem, there is a SLIGHT difference between a expensive SPARC system and your average home users computer, yes? good.
First of all, it will be impossible for microsoft to FORCE this standard, since the PC design is totally open, nobody can force motherboard manufacturers to implement this feature. But if they do implement it, i’m sure there will be a option to turn it off through the BIOS. And, besides, i doubt Microsoft will be dumb enough to lock Longhorn, so that it will be able to install on systems with this security chip ONLY. thus, making the whole thing pointless in copyright/etc point-of-view. But, it could be a start.. but there is always ways to get around things…
“ahem, there is a SLIGHT difference between a expensive SPARC system and your average home users computer, yes? good.”
True. But lets not forget that cheap x86 hardware with clustering technology is starting to erode SPARC’s market in some areas. So people are starting to use x86 hardware for tasks that traditionally have been the domain of expensive SPARC servers and such.
“First of all, it will be impossible for microsoft to FORCE this standard, since the PC design is totally open, nobody can force motherboard manufacturers to implement this feature.”
Don’t be so sure. I think Microsoft probably could force this standard if they wanted to given their marketshare. It would really be rather simple. It would go something like this:
Microsoft creates a hardware certification program that involves this ID system. Windows simply will not run on any motherboard that does not implement this “security” feature. Motherboards that do implement it get to proudly display the “Compatible with Microsoft Windows” logo. Any motherboard manufacturer that wants to stay in business will quickly implement this feature into their board since failure to support Microsoft Windows would reduce their market potential to almost nonexistant.
Whether Microsoft could get away with a strategy like this given their recent legal troubles is another story. But assuming they could, it is fairly easy for Microsoft to control the direction that the hardware vendors go in.
I don’t like it anymore than you do. But this is the reality of the situation.
“… I wonder if this security chip would allow/hinder the installation of alternative OS’s?
If it’s transparent or ignored by them, cool. If not, this truly would bite.”
You couldn’t do something like this without violating some kind of law. The system wouldn’t work this way.
Basically, it would most likely work something like this:
The hardware has a unique fingerprint that programmers can access via a system call in the API. The programmer simply codes a conditional into their software that tests whether the system call returns the fingerprint that the software expects. If it does, the software runs. If it doesn’t the software bails. But implementing the system would be up to the programmer. You could completely ignore the fact that the fingerprint exists by simply not coding the logic into your software to get the value of the fingerprint. Or you could read the fingerprint and simply program your software to say “I don’t care what the fingerprint is. Run no matter what value it returns.” There should be several ways to ignore the system and programmers that want to use it would have to do so.
Wow, this is excellent! Maybe they’ll let us dev’s use it too and they can put a nice COM inteface(s) wrapper around with 20mb of dll’s to load! SWEET! i can’t wait. Hmm, or maybe they’ll just integrate it into their current DRM wrappers. Afterall, they have the COM interfaces and 20mb of dll’s for that already. Nah, should be a whole new set of crap, right?
<barf>
nivenh
Another reason I think Microsoft can force this issue…
They will most likely have the support of other software vendors on this one. For example, Adobe Photoshop is generally considered to be the most pirated application in the world. I’m sure that Adobe would love hardware copy protection where they could make it so a copy of the software simply will not run on any system other than the one for which it was originally licensed.
This sounds like one of those rare occasions where other software vendors are likely to unite behind Microsoft.
> This type of system is nothing new. But suddenly now
> that Microsoft wants to implement it people are having
> fits. Why is that? Is it just because it is Microsoft
> that is requesting it?
Yes, wouldn’t that be enough reason to be worried? I mean, this is potentially dangerous.
“Yes, wouldn’t that be enough reason to be worried? I mean, this is potentially dangerous.”
Sure. But it is also inevitable. Like I said, Microsoft is going to have the support other other software vendors on this issue–particularily the support of vendors that already use a system like this for non x86 versions of their software.
Anyone who is surprised by this shouldn’t have been. Anyone who worked with other systems besides x86 or even just knew about the architecture of these other systems should have seen a few years ago that it was inevitable that x86 would eventually implement such a system. Software vendors are going to want to implement the same kind of hardware copy protection on the x86 versions of their software that they can currently use on other versions.
this 100% change wont happen anytime soon anyway, with the release of longhorn, they cant FORCE everyone in the world to buy new computers with this technology in it. i mean, sure, they could, but hey – i think microsoft atleast has a little better clue than that.
also, how in the heck would the companys (example: adobe) deliver specific versions to be specific for one computer? everyone should call in to adobe and get their specific version sent to them after telling them their ID ? no way, that would require HEAPS of staff = expensive, and besides, crackers always find a way – that will _never_ end. also, what if i buy adobe photoshop for my “current” PC’s ID, then, i decide to upgrade 6 months later ? what then ? i need to call back and get a new version ? no way.. i mean, this is ok in the SPARC/heavy server business, as they are rarely replaced often, and parts much more rarely needs replacement, like in the x86 business.
what you’re implying, in my meaning, is totally impossible to do regarding mass-marketing. we’re talking about 90% of the computer users in the world here. but yes, they COULD do it, but i think it would cost the respective company’s more in the end. and again, pirates/crackers _always_ finds a way (you only have to wait 1-5 days after the initial product release..).
This ridiculous. These people don’t seem to understand that a law is supposed to be something that people voluntarily follow, not something that they follow because they have no choice. “Security chips” in computers is the logical equivilent of implanting chips inside people’s brains that prevent them from commiting murder or robbery or voting for the wrong candidates. It all starts with safety scissors, then who knows what’s next!
I’ve always liked the idea of having the bare bones windows setup on a RAM disk, anyone working on Amigas will probs know what I’m on about when I say load Windows from a RAD disk.
Maybe Microsoft want to develop a Windows ROM card interface, allowing ultra fast boot speeds but at the same time stopping people copying it.
If Microsoft developed a Addon ‘card’ or developed a new kind of expansion slot for them, I would go for it.
Just think, loading Windows in 2-3 seconds then loading the settings and patches from the harddisk, would be a hell of a lot faster then the current setups.
If hackers can breaqk X-box security within a few months of release.. they can break this too.
and if Longhorn only installs on machines with the DRM chip – they will never sell a single upgrade copy ! Upgrade copies make more money per unit than OEM installations.
There’s always Macs.. lol. Or a Playstation 4 running KDE and Bochs… ( oh, it’ll happen… )
no
hurry openbeos.org hurry….
Palladium is NOT the same as a built in copy-protection dongle.
–nix the Sparc analogy. Many companies have used dongles to
protect their software from piracy but Palladium goes far
beyond copy protection. Name ONE other major company. No dongles please.
I can only hope that people realize that microsoft should be
kept as far as a cattle prod can keep them from PC hardware.
— Why would anyone worry about Microsoft trying to put a
proprietary chip into ALL new PCs??
Microsoft the monopoly?? The company looking out for my
welfare with every decision they make. I can’t imagine.
Anyone hoping for full compliance with the chip will HAVE to
run a product coming out of Redmond(according to Juarez).
— I am going to have to buy a cattle prod and a soldering
iron.
I’m not what you might call a linux fan, I actually run an offical Win98 version on my PC and I like it that way.
But here we have something, folks: I’m wondering if that Palladium would kill the ability to install another OS, even on another partition of our hard drives… And no other OS means: …..no Linux anymore…
How long would it be before a mod chip came out to circumvent any such haedware security feature?
Kinda gives a whole new meaning to modding your system.
In the end, it would have little effect on stopping those who will do as they want, while eroding the useability of the x86 platform for the rest of us.
Please, oh PLEASE let this be the straw that breaks this 800lb. gorilla’s back!
“How long would it be before a mod chip came out to circumvent any such haedware security feature?”
It would be difficult to impossible as any such chip would have to know in advance what fingerprint the software expected to get and would have to be able to dynamically modify the fingerprint it returned. The software isn’t going to advertise what it is looking for. It is simply going to request the fingerprint from the system and then compare it with what it expected to get.
Sure, this sounds dangerous and what not, but think about it. You’ll have a dedicated drm/crypto/what ever chip built in. Run an alternative os on it [the machine] and use the hardware to break other drm/crypto/what ever keys on it. Takes the load off the cpu (to most degree) so you can code in java while in the background a deamon is running that just keeps feeding the chip information. As we all know the us government will not ALLOW anything too fancy so this will be some kind of watered down algorythm. On top of that, due to cost limitations, this thing will probbly not be housed in a tamper proof enclosure.
To recap
This is nothing to wory about. It’s just MS being a bunch of retarted douche bags (again and again and again and…)
“what if i buy adobe photoshop for my “current” PC’s ID, then, i decide to upgrade 6 months later ? what then ? i need to call back and get a new version ?”
SPARC implements the system as a plugin chip. So basically, if you upgrade your system, you unplug the PROM ID chip from your old system and plug it into the new system. This way you don’t have to call to get a new ID each time.
Of course, this also probably allows someone who is technically savvy enough to burn copies of the PROM ID chip and just make it so all of their systems have PROM ID chips with the same fingerprint.
After reading all the comments posted on this story so far, I’m surprised you can’t see exactly what MS has in store for us.
<p>
This is being presented as a national security measure. Not only will the majority of hardware manufacturers go along, beause they want to continue to be compatible with MS systems, but the government will participate. We don’t want terrorists and subversives using unauthorized software to launch attacks on our society from within.
<p>
MS always announces its intentions up front. The purpose of this announcement is to test the waters, to see whether or not there is an outcry against this scheme amoung members of congress, civil liberties organizations, churches, etc. MS could care less what nerds who participate in these forums think. Then we won’t hear much about it for a while. During that apparent lull in activity, MS will be working with hardware manufacturers and other major commercial software vendors and the government to get everything in place.
<p>
You will then discover when you go to buy new computer hardware that only MS approved systems and software can run on *any* new computer hardware for *any* platform except perhaps high end servers controlled by IBM and Sun. Of course Apple will join MS in this scheme.
<p>
Free software will not run on new hardware, and don’t think that it will be so easy to break these codes as it has been in the past. The government will be given broad search and siezure powers to enforce new ant-terrorism statutes. Violators will be treated as terrorists, not as ordinary lawbreakers.
<p>
The ultimate plan is to outlaw programming and software development except at approved corporate and governmental centers. Development and use of free software will be regarded not only as an obstacle to the enforcement of intellectual property rights, but as a subversive and terrorist activity.
<p>
Also expect for required government certification of those allowed to develop software at approved corporate and research centers. Of course applicants for certificates will be tested only in their knowledge of MS approved systems and programming languages, and no applicant will be approved who has a history of involvement in the free software movement.
By the way… This is basically nothing more than the software version of predator/prey coevolution. Copy protection methods keep becoming more and more complex because people keep breaking the existing copy protection methods.
And the same people do most of the complaining and moaning about Microsoft’s latest copy protection scheme are usually the same people who are feeding this cycle of coevolution because they are the ones that refuse to obey the copyright laws. If people just obeyed the law, there wouldn’t be a need for these kinds of anti-piracy methods.
They will most likely have the support of other software vendors on this one. For example, Adobe Photoshop is generally considered to be the most pirated application in the world. I’m sure that Adobe would love hardware copy protection where they could make it so a copy of the software simply will not run on any system other than the one for which it was originally licensed.
Hmmm… And what would stop the crackers from defeating this über-dongle, where every dongle-protection-scheme in the past has been cracked (afaik). As long as there is a piece of software that check if your hardware has the correct “serial number” compared to the software, someone will modify it to suit their purpose.
And just what makes you think that they are not already doing all that covertly at some level?
“Hmmm… And what would stop the crackers from defeating this über-dongle, where every dongle-protection-scheme in the past has been cracked (afaik).”
As I said before, it would be extremely difficult because you would have to have a chip that could know what number the software was looking for before the software actually requested it. And the chip would have to be able to present a different number for each piece of software that wanted a different one. This would be difficult to do.
Also, if it is implemented as a plugin chip like SPARC does it, the vendors can really keep the crackers on their toes. It could work very much like VideoCypher technology for restricting access to satellite broadcasts. As soon as the algorithm gets cracked, the vendors modify it and send out a new chip. If the algorithm is protected well enough, it could take a very long time for crackers to break it. And when they do finally break it, the vendors release a new plugin replacement and the crackers have to start all over again.
this scream FUD all over the place. It tell buy a hackable PC while you can because soon it will be pay-and-play.
This is to drive new hardware sale that ultimately lead to more XP sale.
Currently it piss M$ to no end to have most user keep their 500Mhz PC (especialy company) and win98 and office 97.
Despite all the arguments, it’s simply *talk*
of stuff like this that is driving me to learn
GNU/Linux.
I like IBM compatable hardware, and as time permits
me to learn the bash system, I’ll be completely
**Microsoft free**!!
I’m with an organization that saves *tons* of old hardware
from landfill- the GNU/Linux model allows powerful operations on “old” machines…..I know I’ll have a socket7 running some bossass version of Linux 10 years from now and I won’t be missing a THING net-wise by not having Microsoft on my box.
GNU rules.
do not doubt today’s crackers – new protections are “fixed” within a few days, whatever the protection is, how new it is, or whatever. i bet that most of the “programmers” in most popular cracking groups (wont mention them here) is smarter than any damn Microsoft programmer. as long as there is code (read: software) involved, there is always a solution. -ALWAYS-
and if MS wants to control piracy and everything with this, i’ll gladly pirate every MS app that comes out that uses this protection, and i’ll do it with a huuuuge smile on my face.
..is clueless and has no grasp on cryptography. I work for a CA company. Videocipher and Videocipher 2 were hacked. (Ofcourse this is MHO and made while I’m sitting in the comfort of my own home)
Read this: every video encryption device made as a button chip or embedded in hardware which has been in service for at least 6 months has been hacked.
Why? Precisely because they were non-removable solid-state devices in the box.
You CAN NOT do CA hardware swapout with fixed protection devices. You have to use a removable smartcard. Any other protection is useless because you have to assume that the user is the lowest common denominator in terms of intelligence and not capable of much besides pulling a card. Ignore this and soon you have a flurry of class action lawsuits because you rendered users’ systems useless.
And whatever the complexity of the encryption, it will not be flawless, and will eventually be circumvented, either by reverse cryptography, direct flaws in the system (keys in the clear), or side-band defeat of the crypto algorithm.
Lets not forget that the OS is software on disk. Its a matter of un-DRM’ing the subsystem/dlls that talk to the crypto chip, reverse-engineering them, and replacing them with ones that do nothing and poll nothing, depending on the type of authentication required for each DRM app or file, ofcourse.
And if we get even more inventive – if the crypto chip turns out to be smart enough (and the developers stupid enough), once it is defeated it could be used to break DRM files, versus ensuring they remain protected. I could quite easily see this happening if there is the possibility to load an alternative OS on the system which doesn’t recognise the crypto chip or use it (like Linux).
Anyway this is all hypothetical.
Well, if you don’t like this in the first place; use Linux. Linux has 3.8% of market share, and if Red Hat finally decides that the desktop is profitable, they could get even more market share. I’m sure mother board manufacturers would allow this to be turned off. Sure, when you turn it off, Windows would stop working.
Haven’t any of you been reading related articles on this story? This isn’t being presented as a copy protection scheme but as a security measure. The United States is at war, or claims to be.
Sure, security chips can be circumvented just like dongles, but that is irrelevant. It will be much easier for the average user (including business users) not to mess with the hardware and besides most don’t know how. Further, there will be criminal penalties for installing mod chips or writing software workarounds.
The only real purpose of this plan is to make it difficult to run anything but approved software on approved hardware. And who will be doing the approving?
Strangely, the opposition to this scheme, if any, will come from businesses who resent Microsoft’s increasingly restrictive and expensive licensing schemes, and who want to use free software for cost/benefit reasons. Joe User doesn’t know or care just so he can get the latest version of Quake to play on his 2 Ghz. pc and use MS Office. He’s used to getting screwed and is willing to pay a premium price. Of course he will insist on new hardware because he’s been led to believe that more Ghz. alone provide a meaningful computing experience.
It’s really stupid to be talking about mod chips and other technical methods to defeat this scheme because that will solve nothing. It will only provoke retalliation and police action against “hackers” generally. Do you really want to be salvaging old 486’s from landfills and trading your latest build of the linux kernel on the black market just to prove that you can still do creative things with a computer? Well, maybe this will be good for the “underground” economy, for those willing to risk stiff jail terms if they are caught.
I don’t think there’s much anyone can do except NOT to use any Microsoft products, NOT to spend money on the inane productions of Hollywood, NOT to buy CD’s from the big labels, and to vote.
This has nothing to do with the united states being at war. Talk about your FUD.
This is about your freedom of choice and not having the MPAA and RIAA control your PC and stuff protection down your throat, where every consumer is a criminal and will always be one.
THIS: http://216.110.42.179/docs/cbdtpa/
is what this all ties into. Maybe you should read it.
You are totally missing the point.
It’s no news they planned that for long…
can’t find back the patent page, but it shouldn’t be hard…
Google pointed me to this page :
http://www.intertrust.com/main/home/news/2001.html
It seems someone claims for prior art on DMR OS :^)))
Yet another M$ trial… not a bad thing
“You are totally missing the point.”
Who is missing point again? I believe he said “The United States is at war, or CLAIMS to be” (added capitols)
It seems to me no matter what the background intentions are as many have written here, this will kill the DIY market completely. There might be some motherboard manufacturers like Abit or small timers that for some time will sell motherboards without this “thing” on them, but they will be forced to in the end.
I know for a fact that if this goes through, ill have a loan in the bank for mucho $$$$ to buy as much hardware as i can that has not been infected with this shit.
Please OpenBeOS. Hurry the hell up!
“The United States is at war, or CLAIMS to be”
Thats all well and good introducing this in the US – but what about all the other countries who don’t claim to be at war?! I don’t think this hardware cr*p would stick somehow.
Plus, think of the cost of distribution and implementation, the lawsuits if it went wrong on someones pc and they urgently needed data, the problems of upgrades and installations.
If you ask me this, if it does become realistic rather than some ‘flash in the pan’ news story, will be nothing more than a ‘feature’ that the end user can turn on or off willingly. Otherwise MS would be up sh*t creek without a paddle…
One other point:
Saying MS did impose this sort of protection meaning all media was ‘protected’ – what’s to stop someone from dropping into linux or OBOS and ripping/downloading/burning/sharing MP3s etc that way? We’d then see MS trying to get lawsuits against Linux and the law would be on their side……oh wait <<click>> now we see the real reasons behind this, eradication of other OSs from the average PC…..we see where you’re coming from MS and it isn’t a pretty picture.
Do you really think they’ll give a toss about you. Hell no, they are the other 85% of the population thare are morons, thats what they are concerned about, not you or me, the people that can see through the spin.
Who the hell are Micro$oft to change the PC’s fundamental architecture?! They are to stupid to make Windows secure and now they want to infect the very hardware that the computer needs with Micro$oft bugs?! God, what’s next? Changing humans to be less of a threat to Windows?
Obviously you don’t know how the SUN id operates. When changing machines, ring up, state you’re transferring a license across, then voila, new license.
“..is clueless and has no grasp on cryptography. I work for a CA company. Videocipher and Videocipher 2 were hacked. (Ofcourse this is MHO and made while I’m sitting in the comfort of my own home) :-)”
You’re right. They were hacked. And if you followed this at all, you would know that this is why General Instruments came up with VideoCypher Plus. VideoCypher Plus is a module that can have the cypher rewritten simply by inserting a new plugin card. So when the VideoCypher Plus algorithm gets cracked, GI simply writes a new algorithm and the vendors simply send authorized subscribers a new plugin card.
Greetings Simba:
In your post about SPARCs, do you mean the HOST ID
(that MAC-like ID) that Suns have? If so, then that
ID can be changed on any Sun.
My CMOS batteries are bad on my SS5 & SS1, and after I
power them up, I have to “create” a new HOST ID hash.
I doubt that Microsoft will give the freedom Sun does.
My $.02
“In your post about SPARCs, do you mean the HOST ID
(that MAC-like ID) that Suns have? If so, then that
ID can be changed on any Sun.”
Hi End User:
It *might* be possible to program a new PROM ID from the FORTH intepreter in the OpenBoot firmware. I don’t know for sure.
Are you perhaps confusing the PROM ID with the MAC address? The “MAC-like ID” you are seeing could very possibly be the actual MAC address. SPARC is weird in that way. It doesn’t have the MAC address hard coded into the network card itself but instead stores it in the EEPROM. So on SPARC, you can actually give the system a new MAC address. (Which can be a great way to cause difficult to track down network problems).
There are a few x86 network cards where you can change the MAC address as well, but on most cards it is hard coded.
ok if microsoft does this. it doesn’t matter much because ANY vendor at a computer show will sell you OEM Software.
I just bought myself a copy of windows xp Pro Full for $150 at the last computer show I went to. 100’s less then the boxed retail. SO even if microsoft plans on trying to kill pirating how will they stop Vendors from selling OEM software?
“I just bought myself a copy of windows xp Pro Full for $150 at the last computer show I went to. 100’s less then the boxed retail.”
It’s also a good excuse to buy new hardware. For example, many mail order vendors will sell you an OEM copy if you purchase a new hard drive from them (or new motherboard and CPU). The great part about this is 80Gb Hard drive + OEM Win XP Pro can be cheaper than retail Win XP Pro.
before i buy a computer with this hog wash implemented in it, I will keep running my existing hardware and not upgrade, same with software…
Friends don’t let friends use Micro$oft…