Friday, May 26. 2006
Output Content Protection (DRM) and Windows Vista
Every year Microsoft holds a conference known as Windows Hardware Engineering Conference (WinHEC). Microsoft uses this conference to let hardware vendors know what to expect from Windows in regard to hardware. All of the major computer vendors and manufacturers attend this event and use the information gathered to make plans for the next year as to what to build. Obviously this conference is not the only factor taken into account when deciding what hardware to sell, but considering Window's massive market share in the PC world it is extremely important. For its part, Microsoft is very forthcoming with information during these conferences because billions of dollars are at stake. If there is not appropriate hardware for Windows to operate on, then both the PC vendors and Microsoft lose out.
This year's conference took place this week, May 22-24, in Seattle, Washington. In advance of the conference Microsoft released the hardware specifications needed to run their new operating system known as Windows Vista. There are dozens of new features in Vista, but unlike all previous versions of Windows not all features will work on all hardware. Microsoft is currently using the terminology "Vista Experience" to describe what features will be available to users and the "experience" depends on how "good" your computer hardware is. In general there are two categories of hardware when it comes to Vista: Capable and Premium.
Vista capable PCs will have a modern processor operating at a minimum of 800 megahertz that uses the x86 (32-bit) or x64 (64-bit) instruction set. The graphics card will be DirectX 9 capable with sufficient memory and processing power to display 800x600 pixel resolution. The PC must have at least 512MB of memory and a hard disk drive with 15GB of free storage space. Finally the system must have an optical drive that is either a CD-ROM or a DVD. A Vista premium PC will have at least a 1000 megahertz processor with 1GB of memory. Both configurations require an optical drive — CD for Capable and DVD for Premium. However, the video card specifications caught our attention. The premium experience calls for a Windows Aero Capable video card.
Windows Aero is a new graphical user interface that Microsoft developed to make things prettier and provide greater options to programmers. Most people that have seen this GUI remark at how similar it is to Apple's OSX interface. There are five things that Microsoft lists as requirements for a GPU to be Aero capable.
There are two pieces of information from this list that you should wonder about: Memory and WDDM. Adequate memory is pretty easy. Pick the resolution you want to run and here are the memory requirements:
These numbers are pretty straightforward and should let you know that you will have to have a decent video card to run Vista. This is because Microsoft decided to put in quite a few special effects with Aero that require GPU instead of CPU power to work.
A WDDM driver is a bit more complicated. There are many reasons that drivers in Vista are going to be different than other Windows, but it boils down to Microsoft completely reworking the window manager and window rendering subsystem. In one way this is a good thing. It should help prevent non-responsive applications from locking up the entire system and causing reboot situations. However, as with all things we report on DRM Blog, there is DRM lurking just under the surface. In this instance the DRM's name is Output Protection Management (OPM).
Its amazing how complicated things seem when you use acronyms instead of the actual words to describe something. OPM is an umbrella term that includes PVP, PAP, PVP-UAB, SAP, and PUMA. No problem right?
Now you should see that all these acronyms actually are all under the umbrella term DRM. I will not go into detail about these technologies, but will simply point out that they will all affect your "Vista Experience" if you do not have compatible hardware.
It seems that Microsoft left a little information out with their published specifications. If you want your new Vista PC to partake in "premium content" then you must have a video card and driver combination that is PVP-OPM and PVP-UAB certified. At the 2005 WinHCE Microsoft handed out an interesting document that describes OPM in all its incarnations and what a video card vendor must do to be certified.
To get a certificate, a graphics card or GPU manufacturer will first have to sign a legal document (read contract) that specifies that the hardware or driver in question meets all of the specifications laid out in the "Compliance Rules" document. This compliance document is part of this legal contract. As it turns out, there is no testing done by Microsoft. It's an an honor system backed by a legal contract. "Content protection is about links in a chain" with each member of the PC industry being responsible "to protect premium content, to ensure that the content industry will trust its content to the PC". If a "valid report of content leakage occurs" then Microsoft will have no option but to "revoke the driver's ability to play high-level premium content". Microsoft claims that this is in the best interest for for hardware vendors and driver developers as this revocation process will "protect against actions that a content provider might take" if a leakage occurs.
The document goes on to say that the compliance rules also have a "Content Industry Agreement" for video hardware robustness and that certification can only be given to manufacturers who meet those rules. There could be several reasons for the content industry to require a certain amount of robustness in video hardware. However, the only logical one is that it will take a lot of horsepower to down sample high-definition video and audio on the fly. This is linked to the HDCP protection flag that we discussed in our last article.
Once again the consumer is the one paying for DRM and most people will never know about it. But the fun does not stop there. "If you are a graphics chip manufacturer", it is your responsibility as one of the trusted links in the PC chain to make sure that you are not selling your chips to any rogue elements who are going to make "hacker-friendly graphics boards". Logically, according to Microsoft, the easiest way to do this is to ensure that your GPU performs encryption in the chip itself. Apparently, it is also important that both the driver certificate and the private key both be "obfuscated". In fact, Microsoft has come up with an obfuscation tool that they use for their Certified Output Protection Protocol (COPP). It is assumed that the driver makers will use this same tool when obfuscating their key.
If this makes no sense to you, don't worry. The simple answer is that this is all part of Microsoft's Trustworthy Computing effort. If you look up the meaning of trustworthy computing you will find marketing terms such as security, privacy, reliability, and best business practices. Don't believe the hype. It just means that all the DRM now has a pretty ribbon wrapped around it with a good name. The only trust taking place here is between very large companies that want to sell you content, hardware, and software that violates your privacy, artificially inflates prices, and makes it illegal for you to tinker with.
Author - Jimmy Palmer
This year's conference took place this week, May 22-24, in Seattle, Washington. In advance of the conference Microsoft released the hardware specifications needed to run their new operating system known as Windows Vista. There are dozens of new features in Vista, but unlike all previous versions of Windows not all features will work on all hardware. Microsoft is currently using the terminology "Vista Experience" to describe what features will be available to users and the "experience" depends on how "good" your computer hardware is. In general there are two categories of hardware when it comes to Vista: Capable and Premium.
Vista capable PCs will have a modern processor operating at a minimum of 800 megahertz that uses the x86 (32-bit) or x64 (64-bit) instruction set. The graphics card will be DirectX 9 capable with sufficient memory and processing power to display 800x600 pixel resolution. The PC must have at least 512MB of memory and a hard disk drive with 15GB of free storage space. Finally the system must have an optical drive that is either a CD-ROM or a DVD. A Vista premium PC will have at least a 1000 megahertz processor with 1GB of memory. Both configurations require an optical drive — CD for Capable and DVD for Premium. However, the video card specifications caught our attention. The premium experience calls for a Windows Aero Capable video card.
Windows Aero is a new graphical user interface that Microsoft developed to make things prettier and provide greater options to programmers. Most people that have seen this GUI remark at how similar it is to Apple's OSX interface. There are five things that Microsoft lists as requirements for a GPU to be Aero capable.
- DirectX 9-class GPU
- A Windows Display Driver Model (WDDM) driver
- Pixel Shader 2.0 support in the hardware
- 32 bits per pixel GPU
- Adequate memory
There are two pieces of information from this list that you should wonder about: Memory and WDDM. Adequate memory is pretty easy. Pick the resolution you want to run and here are the memory requirements:
- 480,000 - 1,310,720 pixels = 800x600 - 1280x1024 = 64MB minimum memory
- up to 2,304,000 pixels = up to 1900x1200 = 128MB minimum memory
- over 2,304,000 pixels = over 1900x1200 = 256MB minimum memory
These numbers are pretty straightforward and should let you know that you will have to have a decent video card to run Vista. This is because Microsoft decided to put in quite a few special effects with Aero that require GPU instead of CPU power to work.
A WDDM driver is a bit more complicated. There are many reasons that drivers in Vista are going to be different than other Windows, but it boils down to Microsoft completely reworking the window manager and window rendering subsystem. In one way this is a good thing. It should help prevent non-responsive applications from locking up the entire system and causing reboot situations. However, as with all things we report on DRM Blog, there is DRM lurking just under the surface. In this instance the DRM's name is Output Protection Management (OPM).
Its amazing how complicated things seem when you use acronyms instead of the actual words to describe something. OPM is an umbrella term that includes PVP, PAP, PVP-UAB, SAP, and PUMA. No problem right?
- PVP - Protected Video Path
- PAP - Protected Audio Path
- PVP-UAB - PVP User-Accessible Bus
- SAP - Secure Audio Path
- PUMA - Protected User Mode Audio
Now you should see that all these acronyms actually are all under the umbrella term DRM. I will not go into detail about these technologies, but will simply point out that they will all affect your "Vista Experience" if you do not have compatible hardware.
It seems that Microsoft left a little information out with their published specifications. If you want your new Vista PC to partake in "premium content" then you must have a video card and driver combination that is PVP-OPM and PVP-UAB certified. At the 2005 WinHCE Microsoft handed out an interesting document that describes OPM in all its incarnations and what a video card vendor must do to be certified.
To get a certificate, a graphics card or GPU manufacturer will first have to sign a legal document (read contract) that specifies that the hardware or driver in question meets all of the specifications laid out in the "Compliance Rules" document. This compliance document is part of this legal contract. As it turns out, there is no testing done by Microsoft. It's an an honor system backed by a legal contract. "Content protection is about links in a chain" with each member of the PC industry being responsible "to protect premium content, to ensure that the content industry will trust its content to the PC". If a "valid report of content leakage occurs" then Microsoft will have no option but to "revoke the driver's ability to play high-level premium content". Microsoft claims that this is in the best interest for for hardware vendors and driver developers as this revocation process will "protect against actions that a content provider might take" if a leakage occurs.
The document goes on to say that the compliance rules also have a "Content Industry Agreement" for video hardware robustness and that certification can only be given to manufacturers who meet those rules. There could be several reasons for the content industry to require a certain amount of robustness in video hardware. However, the only logical one is that it will take a lot of horsepower to down sample high-definition video and audio on the fly. This is linked to the HDCP protection flag that we discussed in our last article.
Once again the consumer is the one paying for DRM and most people will never know about it. But the fun does not stop there. "If you are a graphics chip manufacturer", it is your responsibility as one of the trusted links in the PC chain to make sure that you are not selling your chips to any rogue elements who are going to make "hacker-friendly graphics boards". Logically, according to Microsoft, the easiest way to do this is to ensure that your GPU performs encryption in the chip itself. Apparently, it is also important that both the driver certificate and the private key both be "obfuscated". In fact, Microsoft has come up with an obfuscation tool that they use for their Certified Output Protection Protocol (COPP). It is assumed that the driver makers will use this same tool when obfuscating their key.
If this makes no sense to you, don't worry. The simple answer is that this is all part of Microsoft's Trustworthy Computing effort. If you look up the meaning of trustworthy computing you will find marketing terms such as security, privacy, reliability, and best business practices. Don't believe the hype. It just means that all the DRM now has a pretty ribbon wrapped around it with a good name. The only trust taking place here is between very large companies that want to sell you content, hardware, and software that violates your privacy, artificially inflates prices, and makes it illegal for you to tinker with.
Author - Jimmy Palmer
Comments
I just came accoss this blog. What scares me the most is that someday it will be on all the hardware and it will be illegal for Linux hackers to write drivers, because it will be a cercumvention of copyright protection.
XP is definetely the last Windows OS I'll ever use. We need Linux to be taught in schools and universities, so that Microsoft will start thinking b/f stripping us of our basic rights!
#2
Natt on Jul 8 2006, 23:05
The author has not allowed comments to this entry
