| Greetings.
Back in June when I first
revealed the "phone home" behavior of Microsoft's Windows XP "Genuine
Advantage" (WGA) anti-piracy system a number of people asked me a
very provocative question.
To wit,
did I believe that Microsoft would use such facilities to actually *disable*
XP systems that they felt might be pirated?
My answer
at the time was that given the significant potential for massive disruption
of important applications, the certain intense backlash, and the lawyers'
litigation bonanza that would likely result from such actions, it seemed
that such a course would be an extremely unwise move.
Well, that
was XP. Now comes Vista, the next generation of Microsoft Windows.
And here's the executive summary, based on my best information to date:
With Windows Vista, MS is dramatically escalating their anti-piracy methodology,
and even more deeply attaching users at the hip to MS' ongoing supervision.
The days of simply buying Windows software go by the wayside -- from now
on Microsoft is your permanent "overseer" when it comes to computing policies.
In particular,
Vista will include technologies that can be used by MS to drastically reduce
the functionality of systems that they believe to be pirated. This
restricted environment will give users a choice between running Windows
in its very limited "Safe Mode" (apparently with networking disabled),
or alternatively running a Web browser that will exit automatically after
each hour or so of usage.
If you want
your full system functionality back after being tagged as running a possibly
pirated system, you will need to prove yourself to Microsoft.
The implications
are enormous.
This situation
doesn't come to me as a complete surprise. In the months since my
public discussions regarding WGA, I've been in cordial communications with
a key executive at Microsoft within their anti-piracy unit. During
these conversations, I did my best --
unsuccessfully
-- to dissuade them from taking this kind of course. Unfortunately, my
leverage with Microsoft is something akin to sticking a small, blunt toothpick
into Godzilla's big toe in an attempt to get his attention.
MS' view
-- as I understand it -- is that so long as people get sufficient warning
before their systems are hobbled (the hobble plans include a 30-day cycle
of escalating alerts before the actual drastic capability downgrade is
initiated), people will come to accept this "new world order" for a new
operating system.
That's interesting
theory. But the real world isn't such a tidy place -- the WGA experience
showed that dramatically. Even if a small percentage of systems are
flagged as possible pirated systems, on an absolute basis we're still talking
about very large numbers of systems and users.
We already
know that an array of issues (please see my WGA thread noted above for
details) can cause false positives marking someone as a possible pirate.
Microsoft asserts that they make it relatively easy to demonstrate your
lack of culpability if you happen to end up with a non-authentic or pirated
copy of Windows.
Even if
we accept this for the sake of the argument, the hassles and potential
disruptions in these situations are extremely substantial.
Even worse,
the specter of hackers possibly gaining control over system hobbling mechanisms
is straight out of the darkest scenes of science fiction. Low probability?
Couldn't happen? Do you really want to bet your computerized life
on that? What a challenge for the hacking community!
As I've
often noted, software piracy is indeed a major problem. MS is within
their rights to implement reasonable means to control it. But by any definition,
their plan for active system hobbling is unacceptable and beyond the pale.
A month's
worth of warnings, or even six months or a year -- won't ameliorate the
negatives of this scheme. Too many people ignore such announcements.
They're bombarded with warnings already from all sorts of software, and
it's easy to assume that even repeated ones are in error and don't really
apply to them. It's amazing what people will just ignore and put
up with when they believe that they're in the right, or that it's really
somebody else's problem in the corporate hierarchy.
Then we
have the issue of "embedded" systems. Innumerable applications, some
of them in extremely important venues (government operations, medical offices
and hospitals, plus a practically endless list of others) use Windows systems
that are buried in boxes and closets, configured in ways such that no human
being would ever even normally *see* the desktop warnings that would precede
an MS ordered hobbling of an underlying Vista operating system. In
many such cases, there'd be no indication of a problem until the application
just stopped working -- boom -- and wouldn't start up again normally.
Microsoft
does suggest that most or all applications running as Windows system services
would probably in general not be hobbled from normal operations (at least
until a user chose to login to the desktop "safe mode" option, then there
may be networking issues -- this isn't entirely clear), since the primary
target of this "downgrading" mechanism appears to be the desktop and more
typical user applications. But this does mean that an immense range
and number of applications would indeed be affected.
MS notes
that there are two basic ways that a system might be flagged as a possible
pirate (exact policies for this to be tuned on an ongoing basis).
First, a
system that has had major hardware changes might trigger the authentication
alert and start the 30-day warning countdown to the hobbled state (it should
be mentioned that several highly promoted but largely cosmetic new features
in Vista are immediately disabled
once the
warning sequence begins).
The second
way to possibly find yourself marked as a pirate will be related to connecting
with various Microsoft Web sites either on an automatically scheduled or
a manual (e.g. Web browser) basis. It is through this vector that
Microsoft would send the "begin hobbling warning sequence" command to systems
whose license keys had found their way onto MS' suspected piracy database.
The set of Microsoft sites enabled for this capability will likely start
relatively small (e.g., particular download and system validation sites)
and expand over time to a broader range of Microsoft download and update
sites.
This second
scenario suggests that embedded systems with Internet connections that
were permitted to contact Microsoft could be at possible risk for hobbling,
even if their hardware configurations were left completely untouched for
long periods.
In any case,
the entire concept of significantly reducing the functionality of running
systems is saturated with risks. Microsoft notes that their products
aren't supposed to be used for "critical" types of applications.
That's a fine sentiment, but Microsoft has succeeded all too well in getting
developers to use their operating
systems
in all manner of exceptionally important applications. That's the reality.
Of course,
just because Microsoft says that they *can* use such drastic anti-piracy
measures in any particular situation, doesn't mean that they necessarily
will, but can we really afford to take that chance? Even if you are
the most 100% squeaky-clean human on planet Earth, and would never even
dream of running pirated
software,
you may want to think twice (or more than twice) before jumping into bed
with Microsoft on this one.
And to Microsoft,
I again urge you to reconsider this path. By pushing the anti-piracy
envelope so far into dangerous territory, you are ultimately undermining
your own valid concerns about piracy, and potentially damaging not only
computer users, but yourselves as well. That doesn't help you, it
doesn't help your customers, and it does a grave disservice to the entire
global community that works directly or indirectly with your products.
Piracy is real, but you can do so much better.
Lauren Weinstein
http://www.pfir.org/lauren
Co-Founder,
PFIR
- People For Internet Responsibility - http://www.pfir.org
Co-Founder,
IOIC
- International Open Internet Coalition - http://www.ioic.net
Founder,
CIFIP
- California Initiative For Internet Privacy - http://www.cifip.org
Moderator,
PRIVACY Forum - http://www.vortex.com
Member,
ACM Committee on Computers and Public Policy
Lauren's
Blog: http://lauren.vortex.com
DayThink:
http://daythink.vortex.com
original
posted here |
