Link: http://slashdot.org/article.pl?sid=05/05/28/1718200 Posted by: Zonk, on 2005-05-28 17:37:00 from the get-you-where-you-live dept. Badluck writes "Microsoft and the entertainment industry's holy grail of controlling copyright through the motherboard has moved a step closer with Intel Corp. now embedding [1]digital rights management within in its latest dual-core processor Pentium D and accompanying 945 chipset. Officially launched worldwide on the May 26, the new offerings come [2]DRM -enabled and will, at least in theory, allow copyright holders to prevent unauthorized copying and distribution of copyrighted materials from the motherboard rather than through the operating system as is currently the case..." [3]The Inquirer has the story as well. References 1. http://www.digitmag.co.uk/news/index.cfm?NewsID=4915 2. http://en.wikipedia.org/wiki/Digital_rights_management 3. http://www.theinquirer.net/?article=23548 ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
On 2005-05-28T21:53:52+0200, Eugen Leitl wrote:
Link: http://slashdot.org/article.pl?sid=05/05/28/1718200 Posted by: Zonk, on 2005-05-28 17:37:00
from the get-you-where-you-live dept. Badluck writes "Microsoft and the entertainment industry's holy grail of controlling copyright through the motherboard has moved a step closer with Intel Corp. now embedding [1]digital rights management within in its latest dual-core processor Pentium D and accompanying 945 chipset. Officially launched worldwide on the May 26, the new offerings come [2]DRM -enabled and will, at least in theory, allow copyright holders to prevent unauthorized copying and distribution of copyrighted materials from the motherboard rather than through the operating system as is currently the case..." [3]The Inquirer has the story as well.
Is slashdot really a news source? How about posting one of the articles cited instead. -- Unable to correct the source of the indignity to the Negro, [the Phoenix, AZ public accommodations law prohibiting racial discrimination] redresses the situation by placing a separate indignity on the proprietor. ... The unwanted customer and the disliked proprietor are left glowering at one another across the lunch counter. -William "Strom" Rehnquist, 1964-06-15
Eugen Leitl wrote...
from the get-you-where-you-live dept. Badluck writes "Microsoft and the entertainment industry's holy grail of controlling copyright through the motherboard has moved a step closer with Intel Corp. now embedding [1]digital rights management within in its latest dual-core processor Pentium D and accompanying 945 chipset. Officially launched worldwide on the May 26, the new offerings come [2]DRM -enabled and will, at least in theory, allow copyright holders to prevent unauthorized copying and distribution of copyrighted materials from the motherboard rather than through the operating system as is currently the case..." [3]The Inquirer has the story as well.
(Continued) "Contrary to expectations, however, sales of the chip have been suprisingly low, with zero interest shown by major PC manufacturers. One major PC industry executive, who wished to remain anonymous sated: "There are 100s of millions of people trading files every day throughout the globe. I'm going to start using this chip and give up that market because...?" OK, Gov officials will eventually start trying to introduce laws mandating such technologies be used, but by then it's going to come down to a battle of lobbies: The Entertainment industry vs Telecom+PCs++Software. Which can pump dollars into Senatorial hands faster? -TD
On Sat, May 28, 2005 at 11:26:28PM -0400, Tyler Durden wrote:
(Continued) "Contrary to expectations, however, sales of the chip have been suprisingly low, with zero interest shown by major PC manufacturers. One major PC industry executive, who wished to remain anonymous sated: "There are 100s of millions of people trading files every day throughout the globe. I'm going to start using this chip and give up that market because...?"
What actually seems to be happening is that chipset DRM is being deployed silently, though not on a wide scale yet, and but for game consoles in a facultative version. Of course, such dormant DRM can be activated with subsequent software upgrades (watch the sneaky software-DRM games Cupertino plays). The billion dollar question is: will users let themselves lock in into the DRM prison, just because of a dangling premium content carrot, and the "I gots your IP, my lawyers 0wnZ0r Ur 455" litigation stick? We're going to see soon, as HDTV on BluRay&Co is going to be that experiment. The next-generation signal lanes to display devices are encrypted, so there's only the analog hole left to the naive user. Online activation of software is already quite widespread, so it seems customers are willing to accept restriction to ownership and use.
OK, Gov officials will eventually start trying to introduce laws mandating such technologies be used, but by then it's going to come down to a battle of lobbies: The Entertainment industry vs Telecom+PCs++Software. Which can pump dollars into Senatorial hands faster?
The entertainment industry has an order of magnitude less funds, but seems to spend them far more efficiently. Also, the Far East market is increasingly supplying itself, so Hollywood has less and less angle there. Let US and EU get the crippleware, while the rest of the world gets swamped with plaintext pirated copies (a single break is enough). -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Eugen Leitl wrote...
Online activation of software is already quite widespread, so it seems customers are willing to accept restriction to ownership and use.
Well, that's an interesting phenomenon. In industrialized nations where the price of software is fairly low compared to the wages, people seem somewhat willing to pay. At least, we don't see ticket sales for big movies going down at all. So it could be that people will eventually voluntarily release control, as long as the consequences (ie, prices) aren't too high. On the other hand, the whole P2P phenomenon is not happening simply because people don't want to pay. Stupid industry execs will probably continue churning out the same stupid shit they always did and P2Pers will find some way around their "protection" if needs be.
Le samedi 28 mai 2005 ` 21:53 +0200, Eugen Leitl a icrit :
Link: http://slashdot.org/article.pl?sid=05/05/28/1718200 Posted by: Zonk, on 2005-05-28 17:37:00
from the get-you-where-you-live dept. Badluck writes "Microsoft and the entertainment industry's holy grail of controlling copyright through the motherboard has moved a step closer with Intel Corp. now embedding [1]digital rights management within in its latest dual-core processor Pentium D and accompanying 945 chipset. Officially launched worldwide on the May 26, the new offerings come [2]DRM -enabled and will, at least in theory, allow copyright holders to prevent unauthorized copying and distribution of copyrighted materials from the motherboard rather than through the operating system as is currently the case..." [3]The Inquirer has the story as well.
References
1. http://www.digitmag.co.uk/news/index.cfm?NewsID=4915 2. http://en.wikipedia.org/wiki/Digital_rights_management 3. http://www.theinquirer.net/?article=23548
it seem more compagny are going to put protection and drm in hardware, to avoid bypassing or cracking it. I ask myself from times about such systems bypassing with emulators use. The role of an emulator is to work "as" a real cpu. What would be the usability of such an emulator with cpu-drm enabled emulation ? The emulator work with real instructions of drm-cpu, the os belive as a real one. But the emulation software can give access of such drm datas to softwares running in the host os to access or modify them. What people here that certainly have better experiences than me in crypto think about such system ? Is it a possible flow in new drm protected systems ? -- "Perhaps one day "computer science" will, like Yugoslavia, get broken up into its component parts. That might be a good thing. Especially if it meant independence for my native land, hacking." (hackers and Painters) [ Paul Graham ]
[could you use CPU emulator to bypass these motherboard and CPU based DRM systems]. Answer: no. They have but private keys inside the DRM hardware, and signed the corresponding public key with a CA that they control. That plus some hashing/bootstrapping etc of the startup and some other code allows them to ensure that an emulated version of the same software could not provide a valid signature + cert that a DRM content provider would accept. They also have models where the video card and/or monitor are in the trust model -- and there are secured high bandwidth channels between DRM provider and CPU, and CPU and graphics card/decoder. There is also a model for software called "Trusted Agents" that actually run on your CPU but are in a ring -1 (below ring 0) that you can not debug. Another possibility is read the stuff out of RAM or video RAM. Midterm they can fix that also with on the fly RAM encrypt/decrypt. But I still say it's futile and stupid, because people will hack the digital display, tap into the graphics card, hack video card drivers etc and re-encode. (Rip-once copy anywhere). Worst case people will A2D from the display "telesync" style. Adam On Wed, Jun 01, 2005 at 06:47:56PM +0200, DiSToAGe wrote:
it seem more compagny are going to put protection and drm in hardware, to avoid bypassing or cracking it. I ask myself from times about such systems bypassing with emulators use. The role of an emulator is to work "as" a real cpu. What would be the usability of such an emulator with cpu-drm enabled emulation ? The emulator work with real instructions of drm-cpu, the os belive as a real one. But the emulation software can give access of such drm datas to softwares running in the host os to access or modify them. What people here that certainly have better experiences than me in crypto think about such system ? Is it a possible flow in new drm protected systems ?
-- "Perhaps one day "computer science" will, like Yugoslavia, get broken up into its component parts. That might be a good thing. Especially if it meant independence for my native land, hacking." (hackers and Painters) [ Paul Graham ]
(thanks for interesting answer) I have read infos that say that audio and video drivers will be in the trusted chain. If your hardware system is used by an os (i.e. win) on which you can't create drivers, and only industry signed drivers can be used you can't bypass this by hacking drivers ... My though is the hardware drm can be reverse engineered ? If you use cert on your DRM you must put cert and private keys on your DRM chip ... So you have somewhere memory (rom or else) where you have this private and cert datas. So with good tools you can read what are the bits in this DRM. So you can make a "soft drm" that use all the instructions of the reverse engineered hard drm, you but the reverse engineered private key, certs on your soft drm. All this goes on a "emulated" drm part on your os emulator. So booting the os believe that it is hard, because all instructions are the same, certs is the same, and private key can be used by your soft drm to en/crypt drm files ...??? We see that with time almost all can be reverse engineered, can it be the same with hard drm systems ?? (so seems happy futur, something you buy and use but don't own ?) Le mercredi 01 juin 2005 ` 18:09 -0400, Adam Back a icrit :
[could you use CPU emulator to bypass these motherboard and CPU based DRM systems].
Answer: no. They have but private keys inside the DRM hardware, and signed the corresponding public key with a CA that they control. That plus some hashing/bootstrapping etc of the startup and some other code allows them to ensure that an emulated version of the same software could not provide a valid signature + cert that a DRM content provider would accept.
They also have models where the video card and/or monitor are in the trust model -- and there are secured high bandwidth channels between DRM provider and CPU, and CPU and graphics card/decoder.
There is also a model for software called "Trusted Agents" that actually run on your CPU but are in a ring -1 (below ring 0) that you can not debug.
Another possibility is read the stuff out of RAM or video RAM. Midterm they can fix that also with on the fly RAM encrypt/decrypt.
But I still say it's futile and stupid, because people will hack the digital display, tap into the graphics card, hack video card drivers etc and re-encode. (Rip-once copy anywhere). Worst case people will A2D from the display "telesync" style.
Adam
-- "Perhaps one day "computer science" will, like Yugoslavia, get broken up into its component parts. That might be a good thing. Especially if it meant independence for my native land, hacking." (hackers and Painters) [ Paul Graham ]
On Thu, Jun 02, 2005 at 11:05:30AM +0200, DiSToAGe wrote:
I have read infos that say that audio and video drivers will be in the trusted chain. If your hardware system is used by an os (i.e. win) on which you can't create drivers, and only industry signed drivers can be used you can't bypass this by hacking drivers ...
The code running in the trusted sandbox isn't magic, so if it's complex enough there will be vulnerabilities (not a problem in theory, but in practice).
My though is the hardware drm can be reverse engineered ? If you use
My thought is, can cryptosystems be broken? Not by 31337 h4x0rs, obviously.
cert on your DRM you must put cert and private keys on your DRM chip ...
Not you -- somebody else. Generated on board, probably, or generated externally, and loaded into the hardware.
So you have somewhere memory (rom or else) where you have this private
So far, so good.
and cert datas. So with good tools you can read what are the bits in this DRM. So you can make a "soft drm" that use all the instructions of
If you mean by good tools 100 k$ worth of hardware (and a skilled operator) to read out the state of bits on die, after etching away the enclosing, you're correct. Why do you think a system designed to contain and keep a secret will contain a convenient backdoor?
the reverse engineered hard drm, you but the reverse engineered private key, certs on your soft drm. All this goes on a "emulated" drm part on your os emulator. So booting the os believe that it is hard, because all instructions are the same, certs is the same, and private key can be used by your soft drm to en/crypt drm files ...??? We see that with time almost all can be reverse engineered, can it be the same with hard drm systems ??
-- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
Le jeudi 02 juin 2005 ` 09:27 +0200, Eugen Leitl a icrit :
My thought is, can cryptosystems be broken? Not by 31337 h4x0rs, obviously.
with time each, but not the general crypto "philosophy" ?
cert on your DRM you must put cert and private keys on your DRM chip ...
Not you -- somebody else. Generated on board, probably, or generated externally, and loaded into the hardware.
yes, with "you" I meen "you being an hardware maker"
Why do you think a system designed to contain and keep a secret will contain a convenient backdoor?
not a backdoor, we forget to much that every system is only 1 and 0 through electricity and physical circuits. If you can make them you can watch them (with time and monney i agree). Perhaps thinking that datas (certs, instructions) can be "hidden" behind a physical thing is only a dream ? I ask myself if not every cryptosystem where you must have something "hidden" or "physically not accessible" in point of the process is not sure ? -- "Perhaps one day "computer science" will, like Yugoslavia, get broken up into its component parts. That might be a good thing. Especially if it meant independence for my native land, hacking." (hackers and Painters) [ Paul Graham ]
On Thu, Jun 02, 2005 at 12:26:09PM +0200, DiSToAGe wrote:
yes, with "you" I meen "you being an hardware maker"
Yes, the hardware maker hides the secret in a bit of tamperproof hardware you buy. That's the whole idea of digital restriction management -- taking away things you could do with the hardware and data you paid for. If it wasn't for the tremendous abuse potential that this functionality just begs for, DRM would be actually be a good solution for motivating customers to reimburse content creators, and ensure sustainability of the creative process. Would. In some alternative universe, somewhere. Where the cow leaped over the moon. Not in this universe.
Why do you think a system designed to contain and keep a secret will
contain
a convenient backdoor?
not a backdoor, we forget to much that every system is only 1 and 0 through electricity and physical circuits. If you can make them you can
Every system is only made from some 100-odd different atoms.
watch them (with time and monney i agree). Perhaps thinking that datas
The point of a tamper-proof storage for secrets is that it takes ridiculous amounts of work to break it open, and to extract the secret in one piece. And you'll only get that *one* secret. So much easier to exploit the analog hole (but watch out for watermarks).
(certs, instructions) can be "hidden" behind a physical thing is only a dream ? I ask myself if not every cryptosystem where you must have
The stone you stubbed your toe upon is also just a dream. Still hurts, doesn't it?
something "hidden" or "physically not accessible" in point of the process is not sure ?
All of cryptography is based on keeping secrets. The hiding secrets in tamperproof hardware angle is that everybody owns safes but not their contents. Sounds ridiculously difficult to sell, doesn't it? It helps if you lie about it, and paint the safes in gaudy colors, and make them useful for lots of other, pretty and shiny things. But the lying about it bit is crucial. -- Eugen* Leitl <a href="http://leitl.org">leitl</a> ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE [demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
DiSToAGe wrote:
not a backdoor, we forget to much that every system is only 1 and 0 through electricity and physical circuits. If you can make them you can watch them (with time and monney i agree). Perhaps thinking that datas (certs, instructions) can be "hidden" behind a physical thing is only a dream ? I ask myself if not every cryptosystem where you must have something "hidden" or "physically not accessible" in point of the process is not sure ?
In theory the above is absolutely correct. In practice, it's extremely difficult to properly implement an accurate enough emulator, however as an emulator writer you have far more advantages than disadvantages despite the 10-100x in slowdown. (Speaking from personal experience - no, nothing on the kind of scale we're talking about here.) You can always have your virtual CPU decide that when it sees a certain instruction, to disobey it. For example, when it sees a checksum check, to decide to jump around it and so forth. Gotta love it when you can fool a program into thinking that 2+2=5 and that everything is still A-OK with that! ;-) If you can interface with real (protected) hardware, you might even be able to get around public key schemes with the emulator. HP/Agilent made some wonderful logic analyzers, which are very useful against ancient hardware (think Motorola 68K chips at around 5MHz) too bad nothing in the GHz range is (cheaply?) available out there, but there's lots that can be done. What can be done? For example, if you have something like Palladium or whatever it's called these days, you an always build a machine that has custom RAM that can change at the flip of a switch - sort of like the old EEPROM emulators, but with RAM chips that can be flipped to a ROM instead. You flip a switch after the DRM core has validated your BIOS and operating system, and at some point once the CPU cache gets drained, it winds up running code that it did not boot, code which you've written to do *OTHER* things for example - simply change the IRQ vectors to point to your code and you've taken over... Mind you, all this is easier said that done, but it is possible to implement. Remember, security is a chain, and each (media?) player out there is a link in that chain. It only takes one broken player to wipe out your entire investment in that DRM pipe dream. Any employee with access can leak the master keys and the game is over. Any wily hardware hacker with plenty of time on his hands can take a shot at reverse engineering any (media) player to the point of cracking it, etc. In the end, it's a waste of time and money for the makers of DRM as there's enough interest that someone somewhere will break it at some point in the near future. You can play cat and mouse games by watermarking the output with the serial # of the player in order to lock out cracked players, but the attacker only has to break more than one player (perhaps two different models so they get both serial # and model #) and compare the resulting outputs from the same movie to figure out which bits contain the watermarks. XOR is very nice for figuring this out. :-) None of this worries me, because I don't give a rats ass about copying movies or what not. Couldn't care less about it. I'll wait for the shit to make it to HBO, it's usually not worth watching the waste of Hollywood plotless overhyped crud anyway, so why worry about copying it? The few titles that are worth watching, are also well worth buying, and after a few months they can be had for under $20, so why bother? What is cause for worry is that it's quite _possible_ for Intel or other chip manufacturers to insert backdoors in their hardware which someone will go through the trouble of discovering, which does put everyone at risk. No matter how good your operating system and firewall rules, if your network card (and drivers) decide to bend over upon receiving a specially crafted packet, you're owned just the same. Mind you, I've never run across anything close to this, except perhaps the old F00FC7C8 bug in the original pentium (which really was a DOS, not a back door) and the old UltraSparc I in 64 bit mode multiuser hole. The Pentium IV hyperthreading bug is something recent to worry about along the same line of thought. Sadly, you haven't got much choice in this matter, you have to assume that you can trust the hardware that you run on (unless you're willing to make your own and have the resources to do so, etc.)
On Thu, Jun 02, 2005 at 11:05:30AM +0200, DiSToAGe wrote:
I have read infos that say that audio and video drivers will be in the trusted chain. If your hardware system is used by an os (i.e. win) on which you can't create drivers, and only industry signed drivers can be used you can't bypass this by hacking drivers ...
Right.
My though is the hardware drm can be reverse engineered ? If you use cert on your DRM you must put cert and private keys on your DRM chip ...
No the private key would be generated on the chip at manufacture, and a signed certificate of it inserted by the manufacturer.
So you can make a "soft drm" that use all the instructions of the reverse engineered hard drm, you but the reverse engineered private key, certs on your soft drm.
It is feasible in the following way to make a soft drm. Step1. Get yourself a software controlled key signed by the hw manufacturers. Either: 1a. extract an already signed one out of the DRM hardware on your machine by hardware hacking. 1b. find an insider at the manufacturing plant to sign a key actually in the control of software; 1c. obtains the CA key used to do the signing (probably rather hard, obviously they'll be trying to keep that one secure in tamper resistant hardware with no key export function). Step2. share the key, or setup a service to falsely authenticate pure software DRM as hardware DRM with your key. Now to stop you sharing this key directly or making a p2p DRM auth server, they have to revoke the key. I believe their revocation model is a bit weak from what I read of the specs a while back. They have a kind of challenge: - to avoid criticism of privacy invasion, they have to make the thing anonymous (or at least pseudonymous with lots of pseudonyms) - however you can't blacklist a truly anonymous challenge-response. (There was a protocol from Ernie Brickell with this kind of problem.) Depending on what the final details are therefore their revocation model might be weak.
(so seems happy futur, something you buy and use but don't own ?)
Yes. It is outrageous for the RIAA/MPAA and hardware companies to be trying to foist this stuff on people. The other way is to find a buffer overflow or such in one of these privileged signed drivers and then you can inject code/or bypass DRM restrictions in pure software. They might at some point giving you signed AND encrypted drivers so you can't even reverse-engineer them, but I would say you have a right to know and control what is running on your machine. Another even more powerful buffer overflow would be one in the supervisor / mini-OS that is hosting the Trusted Agents in ring -1. Adam
participants (6)
-
Adam Back -
DiSToAGe -
Eugen Leitl -
Justin -
sunder -
Tyler Durden