Vista DRM Wrap-Up & Announcing "Securable"
Total Page:16
File Type:pdf, Size:1020Kb
Transcript of Episode #75 Vista DRM Wrap-Up and Announcing "SecurAble" Description: Following last week’s guest appearance by Peter Gutmann, Steve and Leo wrap up the topic of Vista’s new, deep, and pervasive Digital Rights Management (DRM) system. Steve also announces the completion and availability of his latest freeware: “SecurAble." High quality (64 kbps) mp3 audio file URL: http://media.GRC.com/sn/SN-075.mp3 Quarter size (16 kbps) mp3 audio file URL: http://media.GRC.com/sn/sn-075-lq.mp3 INTRO: Netcasts you love, from people you trust. This is TWiT. Leo Laporte: Bandwidth for Security Now! is provided by AOL Radio at AOL.com/podcasting. This is Security Now! with Steve Gibson, Episode 75 for January 18, 2007: Vista DRM. Security Now! is brought to you by Astaro, makers of the Astaro Security Gateway, on the web at www.astaro.com. Steve Gibson, laboring away at his lab of security at GRC.com, has come up with... Steve Gibson: My fortress of solitude. Leo: Your fortress of solitude has come up with yet another great application, SecurAble. We’re going to talk about that because it’s time, it’s time. But before we get to that, Steve, I don’t know, I hope a lot of people heard last week’s episode. And if you didn’t, I almost want to say pause the iPod and go back to 73 because... Steve: Oh, Leo, don’t almost say. Absolutely say it. Because I do want to continue on the topic a little bit more. I was sort of – I really wanted to give Peter a chance to explain things, and I really think he did. There were some points that I was sort of trying to slip in that I want to make sure got made because there is so much hysteria now. Even mainstream articles that I’m seeing are wrong about what they’re saying Vista DRM is. So absolutely, let’s assume that anyone listening to this has listened to last week’s interview with Peter because it was really fantastic. Leo: I think he made such a good case. I’ve read various critiques on the web and stuff. And in general I think they’ve completely missed his point. And just to recap, I think one of the most significant points is, well, you could say Hollywood required this, but nobody made Microsoft build this into all versions of Vista. And in the last analysis, that doesn’t seem like a very good decision. I think Linux, and I hope Apple, will say this should be separate. This should be in a box. And I think that’s why Apple did this Apple TV. It should be external to the computer. You shouldn’t hobble everyone with this premium content copy protection. Steve: And you might suggest, for example, that there would be a Vista Media Center Edition in the same way that we had that with XP. The reason it’s not feasible is that this stuff is literally down in the kernel. It required so much change to Vista that they weren’t practically able to do a Vista DRM. And actually that sort of brings up another point, too, is that as I’ve been reading again, I feel like for the fifth time, the Microsoft specs... Leo: I’m sure it takes five readings, to be honest with you. This stuff’s complicated. Steve: And there’s a lot of interaction among these components. But it’s another issue that’s more clear to me now is that what they’ve done is basically created a heavily DRM’d OS, that is, it’s not just for protecting HD. It may have been driven by their interest in doing that. But they make a point in some of their papers that there’s been a lot of DRM that’s had to be installed by third parties on prior versions of Windows because Windows didn’t itself have a deep enough native digital content management system to satisfy everyone. Well, that’s really been fixed in Vista. So they didn’t want to just have, for example, a media-laden version that had all this stuff. They really want Vista to be a digital rights management platform that other non- Hollywood, non-AACS HiDef video content users can now rely on for protecting whatever it is that they want to put DRM on. So it brings all that along, too. Leo: One of the things I guess we wanted to do in this episode is kind of circle back and talk about some of the things that we either didn’t raise in 73 or maybe weren’t completely clear. Steve: Exactly. And I have actually got in my head... Leo: Before we do that, can I just get the commercial out? Steve: Oh, yeah, please. Leo: All right. I hate to tease people. But I really do want to mention that Astaro is supporting this podcast because they’ve been so great. They’re back again this year, and they are a wonderful product which we can really stand behind. That’s kind of the reason that we were so glad to get them back for 2007. Steve: And they’re supporting Security Now!. Leo: Yeah, exactly. Steve asked me before we went on the air, now, we’re going to keep doing this for a while? I said, hey, as long as Astaro keeps paying for it, absolutely. This right now is the only TWiT podcast with a sponsor. And that makes you golden, Steve. So we thank Astaro, makes of the Astaro Security Gateway. I have one, and I am blown away by it. It’s great quality. I mean, the thing is rock solid. If you’re a small or medium business, and your network needs superior protection from spam, I mean, listen to what it does. This is one box. Looks like a router; about the size of a router. But it’s so much more. It does antispam, antivirus, content filtering. Of course it’s an industrial-strength firewall, so it protects against hackers. It has intrusion detection built in. It’s a complete VPN server. That’s what I’ve been using it for, which is fantastic. I mean, I use all of the features. And it’s all in one easy-to-use, high-performance appliance. Now, you can try it absolutely free in your business. Visit Astaro.com or call 877-4AS-TARO. Make sure if you do that that you mention that you heard it on Security Now!. And by the way, I also want to recommend it for noncommercial users. You can download the software for free. If you decide you like it, you can get all those additional subscription features like antispam and content filtering for a very low yearly cost, much less than you’re probably paying for the software versions of these programs. Astaro.com, and we thank them for their support. All right, I’m sorry, I didn’t mean to interrupt there. I just wanted to get that done. Let’s get back... Steve: No problem. Okay. I’m holding the “Output Content Protection and Windows Vista” document written by Microsoft in my hand. And before the show I went through, during my fifth reading of this thing, and just highlighted some sections that I want to read verbatim so that it’s sort of like on the record, and we can talk about these things. For example, in the introduction Microsoft says, and I’m just reading from their document, “We are working actively to ensure that a Windows Vista PC supports the needs of both consumers and content owners, and that it works seamlessly across a broad range of other devices, networks, and protocols. As we move towards the next evolution in the distribution and consumption of content, we are working on many fronts to create new experiences that drive the industry forward. This requires the ability to respect business rules across many dimensions, including content coming into a PC from cable, satellite, over the Internet, or on a physical media such as next- generation DVDs; management of the content on the PC, including providing a robust infrastructure that allows ISVs to add value without needing to worry about supporting DRM natively in their own applications; and respecting business rules as content leaves the PC. This paper talks about one aspect of the content protection work. It addresses increasing the security associated with video and audio rendering on the Windows Vista PC platform.” Leo: That’s the key is video and audio rendering. It doesn’t impact other stuff generally. Steve: Actually it does. And in some... Leo: I’m trying to put a good light on this sucker. Steve: I know. Well, no, but in some good ways. One of the things that I’ve been distressed about over the last two weeks and our two episodes is that many people are swearing off Vista. They’re saying, oh, I’m never going to go to that thing because I don’t want to be burdened with all this. I don’t want all of the scary things that Peter was talking about to be in the machine I own. I’m distressed because, as we have said in looking at Vista security previous to this, there are many good things that Vista is doing. I mean, Paul Thurrott has become a fan of Vista by using it.