Here is an overview of the "content protection" features that Windows Vista is going to incorporate. The phrase "Defective By Design" has never been so apt.
Some of it is ridiculous:
For example communications between user-mode and kernel-mode components are authenticated with OMAC message authentication-code tags, at considerable cost to both ends of the connection.
So data going between the software playing the video and the video card's driver has to be cryptographically signed - that's going to be great for performance. On a related note:
In order to prevent active attacks, device drivers are required to poll the underlying hardware ever 30ms to ensure that everything appears kosher. This means that even with nothing else happening in the system, a mass of assorted
drivers has to wake up thirty times a second just to ensure that... nothing continues to happen. In addition to this polling, further device-specific polling is also done, for example Vista polls video devices on each video frame displayed in order to check that all of the grenade pins (tilt bits) are still as they should be.
This waking up will prevent the CPU from being able to enter a sleep state properly (the HLT instruction in modern CPUs is used for this) so battery life on the laptops will take a hit. The CPU is quite likely not to be idle too often though, with all this encryption going on. In fact, later in the document it describes how video cards will more than likely have to have dedicated hardware video codecs for MPEG and Windows Media formats in order to compensate.
On-board graphics create an additional problem in that blocks of precious content will end up stored in system memory, from where they could be paged to disk. In order to avoid this, Vista tags such pages with a special protection bit indicating that they need to be encrypted before being paged out and decrypted again after being paged in.
Swap space on disk is slow enough as it is. There is really no need to make it even worse. Oh wait, it gets better:
Vista doesn't provide any other pagefile encryption, and will quite happily page banking PINs, credit card details, private, personal data, and other sensitive information, in plaintext. The content-protection requirements make it fairly clear that in Microsoft's eyes a frame of premium content is worth more than (say) a user's medical records or their banking PIN.
Nice.
0 responses to “More reasons to avoid Vista”
Leave a Reply