Does Vista have DRM on a file-system level?

[drizzt81]

I think this is a pretty straightforward question, but let me make it more clear with some examples:

1. I run Vista as Administrator. I see a file that I would like to delete. If I booted into safe mode -does that exist in Vista?- is there a mechanism by which I could be prevented from deleting this file? Does this mechanism work only for OS/ Microsoft files, or can a third party utilize this to prevent me from deleting their file?
2. I run Vista as a limited user. Can a program utilize DRM to circumvent my limited access rights? For example change optical drive firmware? Hijack file-system call like the Sony rootkit?

 

[SuperSubZero]

Digital Rights Management has nothing to do with files at the system level.

 

[Whatsisname]

I'm not so sure you understand what 'DRM' really is.

 

[Captain Slow]

DRM only controls access to protected media you purchase. It has absolutely nothing to do with anything else.

 

[drizzt81]

I'm not so sure you understand what 'DRM' really is.

From my -obviously limited- understanding DRM stands for a mechanism which manages (and enforces) the things that a user (or consumer) can do to some digital content. My previous questions are aimed to further my understanding of how integral DRM is to Vista.

From my perspective, there seem to be two, colliding rights models: You have the classical approach, where the root or administrative user has all the rights and can chose to give other users some or all of them. And then you have the DRM system, where the license holder has the ultimate choice about what rights are assigned to a user or not.

From my -still limited- understanding it appears that the DRM agent in Vista lives in the kernel. As such it likely has `system' permissions, which are at least equivalent to, if not superior to the administrative privilege. Hence my rather simple, 2nd question: can this power be abused to circumvent system owner restrictions?

My first question is aimed at finding out whether Vista will make it easier for content publishers to infect my system with junk. Just today I had some runin with a piece of ``copy protection'' software that broke my system and was designed to resist removal by `simple' means. Given that I perceive copy protection measures to become more and more intrusive, I think that it is natural for me to wonder what changes will come in this area with Vista.

Did I make myself more clear?

 

[calebb]

I can sympathize with your problems with SecuRom - that's some pretty shady DRM!

However, their DRM attempts have nothing to do with the built-in support for DRM schema in Vista. The built-in DRM support only pertains to a specific set of DRM schema that are used to protect high definition media.

You can "expand Vista's built-in DRM support" by installing programs such as iTunes - this would allow you to play AAC protected media - although I put that phrase in quotes since you are not actually altering Windows system files when you add support for iTunes DRM.

In any case, the SecuRom issue you ran into is a clever programmer creating filenames that cannot be viewed by the filesystem. I've run into similar problems back in 1999/2000/2001 when Windows 2000 rootkits were popping up like crazy - the hackers would try to setup FTP servers (serv-u) and hide them in crazy paths in the recycler folder or other places you wouldn't think to look. Some of the rootkits were so efficient that you could view all files, all hidden/system files, all protected operating system files - and then go to the c:\ drive, ctrl-a, right click -> properties and you could be hundreds of GB short from your actually disk usage.

In any case, in linux, this problem is trivial You just delete by inode instead of file name. Vista is getting close to that level of control with the advent of junctions. (these were available in Server 2003 as well) - they basically work like hard links. check your documents and settings folder - it's a junction to \users for backwards compatibility.

So, you need to delete (or backup) some files with illegal filenames...

So, start by trying dir /r and see if you can get additional information on those SecuRom files.

 

[sparks]

EVERYTHING in vista is built for and with DRM.
DRM in Vista is WAY beyond anything a person logged in as a user or administrator has
rights to.

WHY do you think Vista exist....it sure as F ain't for gaming or speed.

IF anyone tells you its not they probably work for MS or the movie industry..

 

[402blownstroker]

WHY do you think Vista exist....it sure as F ain't for gaming or speed.

You forgot usability also

Keith

 

[masteraleph]

EVERYTHING in vista is built for and with DRM.
DRM in Vista is WAY beyond anything a person logged in as a user or administrator has
rights to.

WHY do you think Vista exist....it sure as F ain't for gaming or speed.

IF anyone tells you its not they probably work for MS or the movie industry..

And yet amazingly superfetch and the new search setup make my system so much better and more efficient. And no, I don't work for MS or the movie industry.

 

[markt435]

EVERYTHING in vista is built for and with DRM.
DRM in Vista is WAY beyond anything a person logged in as a user or administrator has
rights to.

WHY do you think Vista exist....it sure as F ain't for gaming or speed.

IF anyone tells you its not they probably work for MS or the movie industry..

you can take off the tin foil hat anytime now....

 

[markt435]

I think this is a pretty straightforward question, but let me make it more clear with some examples:

1. I run Vista as Administrator. I see a file that I would like to delete. If I booted into safe mode -does that exist in Vista?- is there a mechanism by which I could be prevented from deleting this file? Does this mechanism work only for OS/ Microsoft files, or can a third party utilize this to prevent me from deleting their file?
2. I run Vista as a limited user. Can a program utilize DRM to circumvent my limited access rights? For example change optical drive firmware? Hijack file-system call like the Sony rootkit?

hopefully UAC would catch something like a rootkit as it is a potential hardware change...and would prompt you about it. and yes safe mode is still there. and unless the OS is using the file at the time, you would be able to delete it. and i figure if you're in safe mode, you'd be able to delete most anything besides core OS files. but i really dunno

 

[drizzt81]

Thanks for the insightful answers.

However, their DRM attempts have nothing to do with the built-in support for DRM schema in Vista. The built-in DRM support only pertains to a specific set of DRM schema that are used to protect high definition media.

Could a publisher say that ``Control and Conquest 7: Rise of the Kryptonitans'', a computer game, is HD content?

But reading your answer has made me think some more about the problem and figure out that there is a rather simple, fundamental question that I can pose:
Is the DRM system read-only?

 

[Martyr]

all drm is concerned with is providing an encrypted path from the hd disk drive to the monitor screen. however, as they are learning, unless you provide a completely seperated datapath for such data, people will hack it apart.

 

[calebb]

Thanks for the insightful answers.


Could a publisher say that ``Control and Conquest 7: Rise of the Kryptonitans'', a computer game, is HD content?

But reading your answer has made me think some more about the problem and figure out that there is a rather simple, fundamental question that I can pose:
Is the DRM system read-only?

http://en.wikipedia.org/wiki/Digital_Rights_Management

DRM protected hi-definition content requires at least 2 "keys" to unlock. The media key (private key), the player key (software).

Both these keys are hidden via 'security by obscurity' because once you discover the keys, you can trivially decrypt the high definition content on HDDVD or Blu-ray disks.

The "correct" way to obtain those keys is through the DRM schema, which is software-based and can require you to follow certain rules such as what kind of video-out and audio-out you are allowed to use.

If you decrypt the high definition content in the "incorrect" way, there are no limitations to your video out / audio out options.

DRM in Vista is 1. A private key for decrypting content. 2. Code that can make function calls to your media player to restrict your choices of video out and audio out while watching DRM-protected HD content ONLY. (i.e., no such restrictions exist when you are not playing DRM protected media).

So yes, DRM in Vista is very much read-only. The only thing that can be changed is the 'player' key can be revoked / reissued if the MPAA decides that Vista is not a secure platform for playing their content. But you would have to receive an update from windowsupdate or possible a HDDVD/Blu-ray disk for the key to be revoked.

 

[markt435]

under that premise you'd need the media and the player. so for a game to be DRM-able i guess you'd need a player. i guess the best example for such a thing would be Steam.

 

[LstBrunnenG]

EVERYTHING in vista is built for and with DRM.
DRM in Vista is WAY beyond anything a person logged in as a user or administrator has
rights to.

WHY do you think Vista exist....it sure as F ain't for gaming or speed.

IF anyone tells you its not they probably work for MS or the movie industry..

There should be a hall of fame for uninformed posts.

I must just be naive, I figured it was built to act as an OS.

 

[devman]

under that premise you'd need the media and the player. so for a game to be DRM-able i guess you'd need a player. i guess the best example for such a thing would be Steam.

that would be one hell of a code job. Considering games are not sequential files like multimedia, and the large parts of the game are loaded in to memory, to protect it you'd have to scramble it, not to mention decrypting on the fly. To be blunt, performance nightmare. I don't see games ever using the same IP protection as other multimedia, but as always only time will tell.

 

[markt435]

that would be one hell of a code job. Considering games are not sequential files like multimedia, and the large parts of the game are loaded in to memory, to protect it you'd have to scramble it, not to mention decrypting on the fly. To be blunt, performance nightmare. I don't see games ever using the same IP protection as other multimedia, but as always only time will tell.

agreed...but alas...that was the best example i could give. games you buy on Steam HAVE to be played with Steam running...even if its Medieval 2 or COD2 or obviously anything HL/HL2 related.

 

[griffinhart]

Thanks for the insightful answers.


Could a publisher say that ``Control and Conquest 7: Rise of the Kryptonitans'', a computer game, is HD content?

But reading your answer has made me think some more about the problem and figure out that there is a rather simple, fundamental question that I can pose:
Is the DRM system read-only?

Games are not considered HD content. At least not when concerning DRM. Digital Rights Management only has to with Digital Media such as Music and Video playback. It has nothing to do with file systems. You can actually copy a DRM protected file to any other location or system without making any sort of modifications to the file itself. DRM makes sure that your system complies to the policy set during the creation of that file and the protection is a part of the file itself and not just an attribute of the file.

Vista's DRM remains inactive unless you actually use it.

 

[LhasaCM]

that would be one hell of a code job. Considering games are not sequential files like multimedia, and the large parts of the game are loaded in to memory, to protect it you'd have to scramble it, not to mention decrypting on the fly. To be blunt, performance nightmare. I don't see games ever using the same IP protection as other multimedia, but as always only time will tell.

Well - you could have it set up so the executable/files could only be opened by a certain process, which would contain all of the requisite checking/etc. (This is how ATi distributed its DVD decoder - you had to run its setup file which verified legality by checking for the presence of its installation CD to launch the decoder's actual installation program.) Any other attempt to open/copy/view the files would be prevented by the file system if it did not come from that approved process. It wouldn't be terribly strong, but strikes the reasonable balance between protection and functionality...

 

[Zinn]

EVERYTHING in vista is built for and with DRM.
DRM in Vista is WAY beyond anything a person logged in as a user or administrator has
rights to.

WHY do you think Vista exist....it sure as F ain't for gaming or speed.

IF anyone tells you its not they probably work for MS or the movie industry..

This post actually made me laugh. Sparks seems pretty paranoid, biased, and ignorant about what Vista really is. Don't believe the FUD! (that goes for you Sparks )

BTW you should definitely check out Spiderman 3. It's a great movie.

 

[Catweazle]

..Vista's DRM remains inactive unless you actually use it.

Sort of and sort of not.

Vista's DRM inclusions are, as mentioned above, aimed only at enabling full quality playback of protected HD media, but in order to ensure that can happen there are checks running in the background to determine whether or not the user is actually trying to play such content. It's not technically 'inactive' although, of course, it won't be impacting on anything else in the sense of blocking functionality. In order for Vista to become a 'compliant player' for protected HD content there's a small overhead, in other words.

Not enough of an overhead to impact on your machine's usability to any meaningful extent, of course. It's just that it's technically innacurate to claim that it is 'inactive'. You can disable it if you like. The "nutters" probably will, because they'll jump up and down crying that it's detectable and measurable, and thus must be 'hurting' them in some way. But disable the background activity and you'll 'break' some of the Vista multimedia inclusions. If you later decide you want playack of protected HD media you'll have to run alternative playback software, and you'll have to also run some means of stripping the protection from the media. Or you'll have to re-enable that background activity.

Seems too much bother to me, just to eliminate something which isn't effectively doing any harm. We didn't see all this kerfuffle when Media Center Edition or DVD player software introduced enabling software technology to allow compliancy for playback of CSS protected DVDs. I'm finding it rather amusing to see the kerfuffle about the inclusion of HDCP software technology to enable playback of protected high definition DVDs.