Microsoft Plans For Automatic Hobbling of "Pirated" Vista Systems

[David Farber <dave () farber net>]

Begin forwarded message:

From: Lauren Weinstein <lauren () vortex com>
Date: October 4, 2006 10:52:36 AM EDT
To: dave () farber net
Cc: lauren () vortex com
Subject: Microsoft Plans For Automatic Hobbling of "Pirated" Vista  
Systems



    Microsoft Plans For Automatic Hobbling of "Pirated" Vista Systems

          ( http://lauren.vortex.com/archive/000194.html )


Greetings.  Back in June when I first revealed the "phone home"
behavior of Microsoft's Windows XP "Genuine Advantage" (WGA)
anti-piracy system (thread starts at:
http://lauren.vortex.com/archive/000178.html ) a number of
people asked me a very provocative question.

To wit, did I believe that Microsoft would use such facilities to
actually *disable* XP systems that they felt might be pirated?

My answer at the time was that given the significant potential for
massive disruption of important applications, the certain intense
backlash, and the lawyers' litigation bonanza that would likely
result from such actions, it seemed that such a course would be an
extremely unwise move.

Well, that was XP.  Now comes Vista, the next generation of
Microsoft Windows.  And here's the executive summary, based on my
best information to date: With Windows Vista, MS is dramatically
escalating their anti-piracy methodology, and even more deeply
attaching users at the hip to MS' ongoing supervision.  The days of
simply buying Windows software go by the wayside -- from now on
Microsoft is your permanent "overseer" when it comes to computing
policies.

In particular, Vista will include technologies that can be used by
MS to drastically reduce the functionality of systems that they
believe to be pirated.  This restricted environment will give users
a choice between running Windows in its very limited "Safe Mode"
(apparently with networking disabled), or alternatively running a Web
browser that will exit automatically after each hour or so of usage.

If you want your full system functionality back after being tagged
as running a possibly pirated system, you will need to prove yourself
to Microsoft.

The implications are enormous.

This situation doesn't come to me as a complete surprise.  In the
months since my public discussions regarding WGA, I've been in
cordial communications with a key executive at Microsoft within their
anti-piracy unit.  During these conversations, I did my best --
unsuccessfully -- to dissuade them from taking this kind of course.
Unfortunately, my leverage with Microsoft is something akin to
sticking a small, blunt toothpick into Godzilla's big toe in an
attempt to get his attention.

MS' view -- as I understand it -- is that so long as people get
sufficient warning before their systems are hobbled (the hobble
plans include a 30-day cycle of escalating alerts before the actual
drastic capability downgrade is initiated), people will come to
accept this "new world order" for a new operating system.

That's interesting theory.  But the real world isn't such a tidy
place -- the WGA experience showed that dramatically.  Even if a
small percentage of systems are flagged as possible pirated systems,
on an absolute basis we're still talking about very large numbers of
systems and users.

We already know that an array of issues (please see my WGA thread
noted above for details) can cause false positives marking someone
as a possible pirate.  Microsoft asserts that they make it
relatively easy to demonstrate your lack of culpability if you
happen to end up with a non-authentic or pirated copy of Windows.
Even if we accept this for the sake of the argument, the hassles and
potential disruptions in these situations are extremely substantial.

Even worse, the specter of hackers possibly gaining control over
system hobbling mechanisms is straight out of the darkest scenes of
science fiction.  Low probability?  Couldn't happen?  Do you really
want to bet your computerized life on that?  What a challenge for
the hacking community!

As I've often noted, software piracy is indeed a major problem.  MS
is within their rights to implement reasonable means to control it.
But by any definition, their plan for active system hobbling is
unacceptable and beyond the pale.

A month's worth of warnings, or even six months or a year -- won't
ameliorate the negatives of this scheme.  Too many people ignore
such announcements.  They're bombarded with warnings already from
all sorts of software, and it's easy to assume that even repeated
ones are in error and don't really apply to them.  It's amazing what
people will just ignore and put up with when they believe that
they're in the right, or that it's really somebody else's problem in
the corporate hierarchy.

Then we have the issue of "embedded" systems.  Innumerable
applications, some of them in extremely important venues (government
operations, medical offices and hospitals, plus a practically endless
list of others) use Windows systems that are buried in boxes and
closets, configured in ways such that no human being would ever even
normally *see* the desktop warnings that would proceed an MS ordered
hobbling of an underlying Vista operating system.  In many such
cases, there'd be no indication of a problem until the application
just stopped working -- boom -- and wouldn't start up again normally.

Microsoft does suggest that most or all applications running as
Windows system services would probably in general not be hobbled
from normal operations (at least until a user chose to login to the
desktop "safe mode" option, then there may be networking issues --
this isn't entirely clear), since the primary target of this
"downgrading" mechanism appears to be the desktop and more typical
user applications.  But this does mean that an immense range and
number of applications would indeed be affected.

MS notes that there are two basic ways that a system might be
flagged as a possible pirate (exact policies for this to be tuned on
an ongoing basis).

First, a system that has had major hardware changes might trigger
the authentication alert and start the 30-day warning countdown to
the hobbled state (it should be mentioned that several highly promoted
but largely cosmetic new features in Vista are immediately disabled
once the warning sequence begins).

The second way to possibly find yourself marked as a pirate will be
related to connecting with various Microsoft Web sites either on an
automatically scheduled or a manual (e.g. Web browser) basis.  It is
through this vector that Microsoft would send the "begin hobbling
warning sequence" command to systems whose license keys had found
their way onto MS' suspected piracy database.  The set of Microsoft
sites enabled for this capability will likely start relatively small
(e.g., particular download and system validation sites) and expand
over time to a broader range of Microsoft download and update sites.

This second scenario suggests that embedded systems with Internet
connections that were permitted to contact Microsoft could be at
possible risk for hobbling, even if their hardware configurations
were left completely untouched for long periods.

In any case, the entire concept of significantly reducing the
functionality of running systems is saturated with risks.  Microsoft
notes that their products aren't supposed to be used for "critical"
types of applications.  That's a fine sentiment, but Microsoft has
succeeded all too well in getting developers to use their operating
systems in all manner of exceptionally important applications.
That's the reality.

Of course, just because Microsoft says that they *can* use such
drastic anti-piracy measures in any particular situation, doesn't
mean that they necessarily will, but can we really afford to take
that chance?  Even if you are the most 100% squeaky-clean human on
planet Earth, and would never even dream of running pirated
software, you may want to think twice (or more than twice) before
jumping into bed with Microsoft on this one.

And to Microsoft, I again urge you to reconsider this path.  By
pushing the anti-piracy envelope so far into dangerous territory,
you are ultimately undermining your own valid concerns about piracy,
and potentially damaging not only computer users, but yourselves as
well.  That doesn't help you, it doesn't help your customers, and it
does a grave disservice to the entire global community that works
directly or indirectly with your products.  Piracy is real, but you
can do so much better.

--Lauren--
Lauren Weinstein
lauren () vortex com or lauren () pfir org
Tel: +1 (818) 225-2800
http://www.pfir.org/lauren
Co-Founder, PFIR
   - People For Internet Responsibility - http://www.pfir.org
Co-Founder, IOIC
   - International Open Internet Coalition - http://www.ioic.net
Founder, CIFIC
   - California Initiative For Internet Privacy - http://www.cifip.org
Moderator, PRIVACY Forum - http://www.vortex.com
Member, ACM Committee on Computers and Public Policy
Lauren's Blog: http://lauren.vortex.com
DayThink: http://daythink.vortex.com





-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/