You may view the entire 25 page document from the professor at: http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.txt

The summary is basically the portions of the document I paired down to cover in my January 7th, 2007 broadcast on this topic. You can download the broadcast from the "Show Archives" portion of this website.

The summary/notes are below:

A Cost Analysis of Windows Vista Content Protection ===================================================

Professor Peter Gutmann, pgut001@cs.auckland.ac.nz Phd C.S. Deparment of C.S. University of Auckland, New Zealand. Focuses his research on the design and analysis of security techniques and systems. http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.txt Last updated 4 January 2007 Distributed under the Creative Commons license

NOTE: The author claims that there are about 4.2 million links to it, Google shows about around 30,000, but that may be because of Google's filtering rules.

Whether you use Windows Vista, Windows XP, Windows 95/98/Me, Mac OS X, Linux, FreeBSD, [OpenBSD], Solaris (on x86), or almost any other Operating System, Windows content protection will make your hardware more expensive, less reliable, more difficult to program for, more difficult to support, more vulnerable to hostile code, and with more compatibility problems. Because Windows dominates the market and device vendors are unlikely to design and manufacture two different versions of their products, non-Windows users will be paying for Windows Vista content-protection measures in products even if they never run Windows on them.

“I know from the Microsoft sources that contributed that many of them care deeply about providing the best possible audio/video user experience for Vista users and are quite distressed about having to spend time implementing large amounts of anti-functionality when it's already hard enough to get things running smoothly without the intentional crippling. “

Before you tune this out as just “Microsoft Bashing”. listen to what the author has to say in response: “1. This is just Microsoft-bashing.

It's bad-technology bashing. If this had been done by Linus Torvalds, Steve Jobs, Alan Cox, or Theo de Raadt, I'd have said the same thing about it. As far as I'm concerned computers are tools to get a job done and not a platform for religious wars, and if something's bad I'll say so regardless of who's doing it. Just for the record I run various versions of Windows on ... [counting] ... seven of my machines (the rest are a mixture of Linux, FreeBSD, and occasionally Solaris), so I'd be a rather unlikely Microsoft detractor if I have their software all over my machines.”

Definitions of terms: DRM

"Digital Rights Management" or "Digital Restrictions Management" or "Defective Recorded Media". Combine all three and you have a general idea of what DRM is.

HD

High definition, technically meaning video content of 1920 x 1080 (1080p) resolution, but more generally anything with better than generic TV-quality resolution. In their specs, Microsoft regard anything with more than 520K pixels or 800 x 600 resolution as premium content that needs to be downgraded before displaying it to the user.

HD-DVD

One of the proposed successors to DVDs, capable of storing HD content.

Executive Summary -----------------

Windows Vista includes an extensive reworking of core OS elements in order to provide content protection for so-called "premium content", typically HD (High Definition) data from Blu-Ray and HD-DVD sources. Providing this protection incurs considerable costs in terms of system performance, system stability, technical support overhead, and hardware and software cost. These issues affect not only users of Vista but the entire PC industry, since the effects of the protection measures extend to cover all hardware and software that will ever come into contact with Vista, even if it's not used directly with Vista (for example hardware in a Macintosh computer or on a Linux server). This document analyzes the cost involved in Vista's content protection, and the collateral damage that this incurs throughout the computer industry.

Executive Executive Summary ---------------------------

The Vista Content Protection specification could very well constitute the longest suicide note in history [Note A]. Note A: This comment was inspired by Sir Gerald Kaufman's similar comment about the British Labour Party's 1983 election manifesto, which resulted in Labour turning in its worst election results since its founding (it was so bad that Labour's opponents in the election reprinted and distributed it themselves. Maybe Apple could take a hint from this and use Microsoft's content-protection details in their advertising for OS X). At 44 pages, Microsoft's "Output Content Protection and Windows Vista" squeezes out Labour's 37-page manifesto to take the crown.

This document looks purely at the cost of the technical portions of Vista's content protection [Note B]. This document uses "cost" in the sense of "penalty", "damage", "harm", "injury" and "loss" rather than the more financial "expense", "outlay", and "price". A full financial analysis would require a top-to-bottom internal audit of the design, development, production, distribution, support, and legal costs for each vendor involved, something for which even the vendors themselves would have difficulty producing a precise figure.

in order to work, Vista's content protection must be able to violate the laws of physics, something that's unlikely to happen no matter how much the content industry wishes it were possible [Note C]. This conundrum is displayed over and over again in the Windows content-protection requirements, with manufacturers being given no hard-and-fast guidelines but instead being instructed that they need to display as much dedication as possible to the party line. The documentation is peppered with sentences like:

"It is recommended that a graphics manufacturer go beyond the strict letter of the specification and provide additional content-protection features, because this demonstrates their strong intent to protect premium content".

This is an exceedingly strange way to write technical specifications, but is dictated by the fact that what the spec is trying to achieve is fundamentally impossible.

In order for content to be displayed to users, it has to be copied numerous times. For example if you're reading this document on the web then it's been copied from the web server's disk drive to server memory, copied to the server's network buffers, copied across the Internet, copied to your PC's network buffers, copied into main memory, copied to your browser's disk cache, copied to the browser's rendering engine, copied to the render/screen cache, and finally copied to your screen. If you've printed it out to read, several further rounds of copying have occurred. Windows Vista's content protection (and DRM in general) assume that all of this copying can occur without any copying actually occurring, since the whole intent of DRM is to prevent copying. If you're not versed in DRM doublethink this concept gets quite tricky to explain, but in terms of quantum mechanics the content enters a superposition of simultaneously copied and uncopied states until a user collapses its wave function by observing the content (in physics this is called quantum indeterminacy or the observer's paradox). Depending on whether you follow the Copenhagen or many-worlds interpretation of quantum mechanics, things then either get weird or very weird. So in order for Windows Vista's content protection to work, it has to be able to violate the laws of physics and create numerous copies that are simultaneously not copies.

Disabling of Functionality --------------------------

Vista's content protection mechanism only allows protected content to be sent over interfaces that also have content-protection facilities built in. Currently the most common high-end audio output interface is S/PDIF (Sony/Philips Digital Interface Format). Since S/PDIF doesn't provide any content protection, Vista requires that it be disabled when playing protected content [Note E]. In other words if you've sunk a pile of money into a high-end audio setup fed from an S/PDIF digital output, you won't be able to use it with protected content.

Say you've just bought Pink Floyd's "The Dark Side of the Moon", released as a Super Audio CD (SACD) in its 30th anniversary edition in 2003, and you want to play it under Vista. Since the S/PDIF link to your amplifier/speakers is regarded as insecure, Vista disables it, and you end up hearing a performance by Marcel Marceau instead of Pink Floyd.

Similarly, component (YPbPr) video will be disabled by Vista's content protection, so the same applies to a high-end video setup fed from component video. What if you're lucky enough to have bought a video card that supports HDMI digital video with HDCP content-protection? There's a good chance that you'll have to go out and buy another video card that really does support HDCP, because until earlier this year no video card on the market actually supported it even if the vendor's advertising claimed that it did. As the site that first broke the story put it in their article "The Great HDCP Fiasco" (http://www.firingsquad.com/hardware/ati_nvidia_hdcp_support/) puts it:

"None of the AGP or PCI-E graphics cards that you can buy today support HDCP [...] If you've just spent $1000 on a pair of Radeon X1900 XT graphics cards expecting to be able to playback HD-DVD or Blu-Ray movies at 1920x1080 resolution in the future, you've just wasted your money [...] If you just spent $1500 on a pair of 7800GTX 512MB GPUs expecting to be able to play 1920x1080 HD-DVD or Blu-Ray movies in the future, you've just wasted your money".

(The two devices mentioned above are the premium supposedly-HDCP-enabled cards made by the two major graphics chipset manufacturers ATI and nVidia). ATI was later subject to a class-action lawsuit by its customers over this deception. As late as August of this year, when Sony announced its Blu-Ray drive for PCs, it had to face the embarrassing fact that its Blu-Ray drive couldn't actually play Blu-Ray disks in HD format (First Blu-ray disc drive won't play Blu-ray movies):

uote from CNET.com.au article: "Since there are currently no PCs for sale offering graphics chips that support HDCP, this isn't yet possible".

In order to appropriately protect content, Vista will probably have to disable any special device features that it can't directly control. which in practice is the vast majority of them

ASIO support is standard for newer C-Media hardware, see for example http://www.cmedia.com.tw/?q=en/PCI/CMI8788. Since this bypasses Windows' audio handling, it would probably have to be disabled, which is problematic because audiophiles and professional musicians require ASIO support specifically because of its much higher quality than the standard Windows channels.

Indirect Disabling of Functionality -----------------------------------

As well as overt disabling of functionality, there's also covert disabling of functionality. For example PC voice communications.

The requirement to disable audio and video output plays havoc with standard system operations,

the downgrading/disabling is dynamic, so if the premium-content signal is intermittent or varies (for example music that fades out), various outputs and output quality will fade in and out, or turn on and off, in sync. Normally this behaviour would be a trigger for reinstalling device drivers or even a warranty return of the affected hardware, but in this case it's just a signal that everything is functioning as intended.

ecreased Playback Quality --------------------------

Alongside the all-or-nothing approach of disabling output, Vista requires that any interface that provides high-quality output degrade the signal quality that passes through it if premium content is present. This is done through a "constrictor" that downgrades the signal to a much lower-quality one, then up- scales it again back to the original spec, but with a significant loss in quality. So if you're using an expensive new LCD display fed from a high- quality DVI signal on your video card and there's protected content present, the picture you're going to see will be, as the spec puts it, "slightly fuzzy", a bit like a 10-year-old CRT monitor that you picked up for $2 at a yard sale [Note F]. As an example of an experience that's likely to become commonplace once more "premium content" is rolled out, Roger Strong reports from Canada that "I've just had my first experience with HD content being blocked. I purchased an HP Media Center PC with a built-in HD DVD player, together with a 24" high definition 1920 x 1200 HP flat panel display (HP LP2465). They even included an HD movie, The Bourne Supremacy. Sure enough, the movie won't play because while the video card supports HDCP content protection, the monitor doesn't. (It plays if I connect an old 14" VGA CRT using a DVI-to-VGA connector)". "muslix64" tells a similar tale: "when I disable my HD monitor, I can watch the movie, on my old VGA screen, but, what is the point of having a HD monitor and not being able to watch a HD movie on it". muslix64 was so upset at not being able to play his legitimately-purchased movies on his legitimately-purchased monitor attached to his legitimately-purchased player that he broke the AACS protection just to be able to see his own movies, see Note C above. MENTION the current status of HD-DVD/Blu-ray decryption, and how, though it may be hacked now, the next revision will have a blacklist that updates their player to no longer be able to play those keys in that dvd, and that down the road as dvd companies come and go, your valid hd-dvd/blu-ray may no longer work, since the media industry doesn't think you have the right to “own” their media, only “borrow/lease” it.

The same deliberate degrading of playback quality applies to audio, with the audio being downgraded to sound (from the spec) "fuzzy with less detail" [Note G]. The question of how content producers other than the major studios who can afford expensive custom equipment are supposed to create and manipulate high-definition content has been raised by a number of readers. For example one contributor who works with people in the content industry comments that "I have seen [smaller content producers] going from just recording weddings and the like, to ones that have gone all the way to make a full featured movie. They have gone through problems like where to edit HD material, which cameras to use, which format, etc. Their decisions have been based on availability of equipment to make their projects, not really costs". It has been suggested that the large content producers are quite happy with this situation, since it prevents any competition from more innovative, creative, and agile newcomers.

The Microsoft specs say that only display devices with more than 520K pixels will have their images degraded, but conveniently omit to mention that this resolution, roughly 800 x 600, covers pretty much every output device that will ever be used with Vista. The absolute minimum requirement for Vista Basic are listed as 800 x 600 resolution (and an 800MHz Pentium III CPU with 512MB of RAM, which seems, well, "wildly optimistic" is one term that springs to mind). However that won't get you the Vista Aero interface, which makes it more or less pointless to go to Vista instead of XP (even XP on an 800MHz PIII isn't the snappiest OS). The minimum requirements for running Aero on a Vista Premium PC are "a DX9 GPU, 128 MB of VRAM, Pixel Shader 2.0, and minimum resolution 1024x768x32", and for Aero Glass it's even higher than that. In addition the minimum resolution supported by a standard LCD panel is 1024 x 768 for a 15" LCD, and to get 800 x 600 you'd have to go back to a 10-year-old 14" CRT monitor or something similar. So in practice the 520K pixel requirement means that everything will fall into the degraded-image category.

Beyond the obvious playback-quality implications of deliberately degraded output, this measure can have serious repercussions in applications where high-quality reproduction of content is vital. For example the field of medical imaging either bans outright or strongly frowns on any form of lossy compression because artifacts introduced by the compression process can cause mis-diagnoses and in extreme cases even become life-threatening.

Elimination of Open-source Hardware Support

Explain how those who purchase x-boxes have been supporting this development over the years, this has been the primary purpose of the xbox, profitability and dominating the gaming industry was secondary to developing hardware impacting DRM that would attempt to destroy the growing foothold of open-source products like Linux, BSD, Open Office, etc.

In order to prevent the creation of hardware emulators of protected output devices, Vista requires a Hardware Functionality Scan (HFS) that can be used to uniquely fingerprint a hardware device to ensure that it's (probably) genuine.

In order for this to work, the spec requires that the operational details of the device be kept confidential. Obviously anyone who knows enough about the workings of a device to operate it and to write a third-party driver for it (for example one for an open-source OS, or in general just any non-Windows OS) will also know enough to fake the HFS process. The only way to protect the HFS process therefore is to not release any technical details on the device beyond a minimum required for web site reviews and comparison with other products.

This potential "closing" of the PC's historically open platform is an extremely worrying trend. A quarter of a century ago, IBM made the momentous decision to make their PC an open platform by publishing complete hardware details and allowing anyone to compete on the open market. Many small companies, the traditional garage startup, got their start through this. This openness is what created the PC industry, and the reason why most homes (rather than just a few offices, as had been the case until then) have one or more PCs sitting in a corner somewhere. This seems to be a return to the bad old days of 25 years ago when only privileged insiders were able to participate.

Elimination of Unified Drivers ------------------------------

The HFS process has another cost involved with it. Most hardware vendors have (thankfully) moved to unified driver models instead of the plethora of individual drivers that abounded some years ago. Since HFS requires unique identification and handling of not just each device type (for example each graphics chip) but each variant of each device type (for example each stepping of each graphics chip) to handle the situation where a problem is found with one variation of a device, it's no longer possible to create one-size-fits-all drivers for an entire range of devices like the current Catalyst/Detonator/ForceWare drivers. Every little variation of every device type out there must now be individually accommodated in custom code in order for the HFS process to be fully effective.

Denial-of-Service via Driver Revocation ---------------------------------------

Once a weakness is found in a particular driver or device, that driver will have its signature revoked by Microsoft, which means that it will cease to function.

What this means is that a report of a compromise of a particular driver or device will cause all support for that device worldwide to be turned off until a fix can be found

“Their lawyers must have been asleep when they let themselves get painted into this particular corner - the first time a revocation takes out a hospital, foreign government department, air traffic control system, or whatever, they've guaranteed themselves a front-row seat in court proceedings for the rest of their natural lives.”

If it's an older device for which the vendor isn't interested in rewriting their drivers (and in the fast-moving hardware market most devices enter "legacy" status within a year or two of their replacement models becoming available), all devices of that type worldwide become permanently unusable

Windows' anti-piracy component, WGA, is tied to system hardware components.

If a particular piece of hardware is deactivated (even just temporarily while waiting for an updated driver to work around a content leak) and you swap in a different video card or sound card to avoid the problem, you risk triggering Windows' anti-piracy measures, landing you in even more hot water.

MY NOTE (not from Professor): AND ALL OF THE PROTECTION CAN EASILY BE BYPASSED WITH AN HDML TO DVI “AMPLIFIER”, WHICH IS AN EASILY AVAILABLE AND INEXPENSIVE PIECE OF HARDWARE. SO ALL THIS HASSLE FOR ATTEMPTED DRM IS WORTHLESS. WORSE THAN WORTHLESS BECAUSE OF ALL THE PROBLEMS IT CAUSES.

BUT Since this is a rogue device, it can be revoked... along with hundreds of thousands or even millions of other consumer devices that use the same chip.

"Vista will [...] revoke any driver that is found to be leaking premium content [...] if the same driver is used for all the manufacturer's chip designs, then a revocation would cause all that company's products to need a new driver")

by publishing the device key, the attacker can cause general mayhem by forcing device revocation. On the other hand by publishing the title key the attacker can release the content in an untraceable manner, since it's not known which device key was used to leak the title key. In addition since there's no way to un-publish the title key (encrypted content + title key = unencrypted content), at that point it's game over for the content).

Decreased System Reliability ----------------------------

Vista's content protection requires that devices (hardware and software drivers) set so-called "tilt bits" if they detect anything unusual. For example if there are unusual voltage fluctuations, maybe some jitter on bus signals, a slightly funny return code from a function call, a device register that doesn't contain quite the value that was expected, or anything similar, a tilt bit gets set. Such occurrences aren't too uncommon in a typical computer. For example starting up or plugging in a bus-powered device may cause a small glitch in power supply voltages, or drivers may not quite manage device state as precisely as they think. Previously this was no problem - the system was designed with a bit of resilience, and things will function as normal. In other words small variances in performance are a normal part of system functioning. Furthermore, the degree of variance can differ widely across systems, with some handling large changes in system parameters and others only small ones. One very obvious way to observe this is what happens when a bunch of PCs get hit by a momentary power outage. Effects will vary from powering down, to various types of crash, to nothing at all, all triggered by exactly the same external event.

With the introduction of tilt bits, all of this designed-in resilience is gone. Every little (normally unnoticeable) glitch is suddenly surfaced because it could be a sign of a hack attack, with the required reaction being that "Windows Vista will initiate a full reset of the graphics subsystem, so everything will restart".

With the number of easily-accessible grenade pins that Vista's content protection provides, any piece of malware that decides to pull a few of them will cause considerable damage. The homeland security implications of this seem quite serious, since a tiny, easily-hidden piece of malware would be enough to render a machine unusable, while the very nature of Vista's content protection would make it almost impossible to determine why the denial-of-service is occurring. Furthermore, the malware authors, who are taking advantage of "content-protection" features, would be protected by the DMCA against any attempts to reverse-engineer or disable the content-protection "features" that they're abusing.

Non-US governments are already nervous enough about using a US-supplied operating system without having this remote DoS capability built into the operating system.

Consider a warship operating in a combat zone and equipped with Vista PCs for management of the vessel's critical functions which does nothing more wrong that to suffer a severe jolt from a near miss, scrambling the bus just enough to activate the tilt bits (without causing any other real damage). In one famous incident in September 1997, Windows NT managed to disable the Aegis missile cruiser USS Yorktown ("NT Leaves Navy "Smart Ship" dead in the water", Government Computer News, 13 July 1998). Now Windows Vista can do the same thing via a by-design feature of the OS [Note L]. This ... would make the use of Vista PCs unacceptable for any applications that have any hint of unusual environmental conditions such as high altitude, wide environmental variations, shock, and so on.

Increased Hardware Costs ------------------------

"Cannot go to market until it works to specification... potentially more respins of hardware" -- ATI.

"This increases motherboard design costs, increases lead times, and reduces OEM configuration flexibility. This cost is passed on to purchasers of multimedia PCs and may delay availability of high-performance platforms" -- ATI.

...the content industry, ...dictates design requirements to hardware manufacturers....

"The evidence [of security] must be presented to Hollywood and other content owners, and they must agree that it provides the required level of security. Written proof from at least three of the major Hollywood studios is required"

Disney, MGM, and 20th Century-Fox to give the go-ahead. ... computer design is being dictated not by electronic design rules, physical layout requirements, and thermal issues, but by the wishes of the content industry.

Vista's content-protection requirements eliminate this one-size-fits-all design,--- o everything has to be custom- designed ..

This extends beyond simple board design all the way down to chip design.

"We've taken on more legal costs in copyright protection in the last six to eight months than we have in any previous engagement. Each legal contract sets a new precedent, and each new one builds on the previous one" -- ATI.

Protecting all of this precious premium content requires a lot of additional technology. Unfortunately much of this is owned by third parties and requires additional licensing.

This [is a] ... a nightmare for device vendors, for whom it's already enough of a task getting fully functional drivers deployed without having to deal with adding stealth-virus-like technology on top of the basic driver functionality.

disallowing features such as driver debugging facilities in shipping drivers. Most Windows XP users will at one time or another have encountered a Windows crash message indicating that some application that they were using has terminated unexpectedly, and would they like to send debugging information to Microsoft to help fix the problem.

Since this debugging functionality could leak content or content security information, it can no longer be used with audio or video components, considerably complicating vendors' driver support and software enhancement processes (the ATI product manager referenced in the "Sources" section lists these additional testing and support costs as "potentially the highest cost of all").

Unnecessary CPU Resource Consumption ------------------------------------

"Since [encryption] uses CPU cycles, an OEM may have to bump the speed grade on the CPU to maintain equivalent multimedia performance. This cost is passed on to purchasers of multimedia PCs" -- ATI.

In order to prevent tampering with in-system communications, all communication flows have to be encrypted and/or authenticated.

device drivers are required to poll the underlying hardware every 30ms to ensure that everything appears kosher. This means that even with nothing else happening in the system, a mass of assorted drivers has to wake up thirty times a second just to ensure that... nothing continues to happen.

Vista polls video devices on each video frame displayed in order to check that all of the grenade pins (tilt bits) are still as they should be. We already have multiple reports from Vista reviewers of playback problems with video and audio content, with video frames dropped and audio stuttering even on high-end systems.

looking at a block diagram of Vista's Media Interoperability Gateway (MIG). Of the eleven components that make up the MIG, only two (the audio and video decoders) are actually used to render content. The remaining nine are used to apply content-protection measures.

Vista tags such pages with a special protection bit indicating that they need to be encrypted before being paged out and decrypted again after being paged in. Vista doesn't provide any other pagefile encryption, and will quite happily page banking PINs, credit card details, private, personal data, and other sensitive information, in plaintext. The content-protection requirements make it fairly clear that in Microsoft's eyes a frame of premium content is worth more than (say) a user's medical records or their banking PIN

there isn't sufficient CPU power available to both decompress the video and encrypt the resulting uncompressed data stream to the video card.

This is particularly troubling for the high-quality digital cinema (D-Cinema) specification,

Because all D-Cinema content will (presumably) be premium content, the result is no playback at all until the hardware support appears in PCs at some indeterminate point in the future.

The high-end graphics and audio market are dominated entirely by gamers, who will do anything to gain the tiniest bit of extra performance,

I wonder how this market segment will react to knowing that their top-of-the-line hardware is being hamstrung by all of the content-protection "features" that Vista hogties it with?

Unnecessary Device Resource Consumption ---------------------------------------

"Compliance rules require [content] to be encrypted. This requires additional encryption/decryption logic thus adding to VPU costs. This cost is passed on to all consumers" -- ATI.

At the end of all this, the question remains: Why is Microsoft going to this much trouble? Ask most people what they picture when you use the term "premium-content media player" and they'll respond with "A PVR" or "A DVD player" and not "A Windows PC". So why go to this much effort to try and turn the PC into something that it's not?

In July 2006, Cory Doctorow published an analysis of the anti-competitive nature of Apple's iTunes copy-restriction system ("Apple's Copy Protection Isn't Just Bad For Consumers, It's Bad For Business", Cory Doctorow, Information Week, 31 July 2006). The only reason I can imagine why Microsoft would put its programmers, device vendors, third-party developers, and ultimately its customers, through this much pain is because once this copy protection is entrenched, Microsoft will completely own the distribution channel. In the same way that Apple has managed to acquire a monopolistic lock-in on their music distribution channel

in the same way that Apple has already dictated terms back to the music industry: Play by Apple's rules, or we won't carry your content.

The onerous nature of Vista's content protection also provides a perverse incentive to remove the protection measures from the content, since for many consumers that'll be the only way that they can enjoy their legally-acquired content without Vista's DRM getting in the way. This is already illustrated in the "Quotes" and "Footnotes" sections, where the people bypassing HD-DVD protection measures aren't hardcore video pirates but ordinary consumers who can't even play their own legitimately-acquired content. The sheer obnoxiousness of Vista's content protection may end up being the biggest incentive to piracy yet created. Perhaps Hollywood should heed the advice given in one of their most famous productions: "The more you tighten your grip, the more systems will slip through your fingers".

The worst thing about all of this is that there's no escape. Hardware manufacturers will have to drink the kool-aid (and the reference to mass suicide here is deliberate [Note N]) in order to work with Vista: "There is no requirement to sign the [content-protection] license; but without a certificate, no premium content will be passed to the driver". Of course as a device manufacturer you can choose to opt out, if you don't mind your device only ever being able to display low-quality, fuzzy, blurry video and audio when premium content is present, while your competitors don't have this (artificially-created) problem.

As a user, there is simply no escape. Whether you use Windows Vista, Windows XP, Windows 95, Linux, FreeBSD, [OpenBSD], OS X, Solaris (on x86), or almost any other OS, Windows content protection will make your hardware more expensive, less reliable, more difficult to program for, more difficult to support, more vulnerable to hostile code, and with more compatibility problems. Because Windows dominates the market and device vendors are unlikely to design and manufacture two different versions of their products, non-Windows users will be paying for Windows Vista content-protection measures in products even if they never run Windows on them.

Here's an offer to Microsoft: If we, the consumers, promise to never, ever, ever buy a single HD-DVD or Blu-Ray disc containing any precious premium content [Note O], will you in exchange withhold this poison from the computer industry? Please?

I know from the Microsoft sources that contributed that many of them care deeply about providing the best possible audio/video user experience for Vista users and are quite distressed about having to spend time implementing large amounts of anti-functionality when it's already hard enough to get things running smoothly without the intentional crippling.

1. This is just Microsoft-bashing.

It's bad-technology bashing. If this had been done by Linus Torvalds, Steve Jobs, Alan Cox, or Theo de Raadt, I'd have said the same thing about it. As far as I'm concerned computers are tools to get a job done and not a platform for religious wars, and if something's bad I'll say so regardless of who's doing it. Just for the record I run various versions of Windows on ... [counting] ... seven of my machines (the rest are a mixture of Linux, FreeBSD, and occasionally Solaris), so I'd be a rather unlikely Microsoft detractor if I have their software all over my machines.

"Vista will [...] revoke any driver that is found to be leaking premium content [...] if the same driver is used for all the manufacturer's chip designs, then a revocation would cause all that company's products to need a new driver"),

Their lawyers must have been asleep when they let themselves get painted into this particular corner - the first time a revocation takes out a hospital, foreign government department, air traffic control system, or whatever, they've guaranteed themselves a front-row seat in court proceedings for the rest of their natural lives.