A True Blue White Christmas

Amazingly we have had a white Christmas here in Australia, with NSW, Victoria and Tasmania all getting snow on peaks, much to the relief of the firefighters and residents up there who can have a bit of a break from worrying about the encroaching bushfires.

Trail Head (Geraty's) at Lake Mountain, Victoria.

That’s Lake Mountain in Victoria at midday today (25th December 2006).

Here in Melbourne we had a white Christmas of a different sort, lots of hail (though sadly it rapidly turned to rain). The storms brought another present, Mount Dandenong had over 47mm of rain from midnight to around midday today (other areas got similar amounts too).

Happy holidays everyone!

Microsoft Vista Content Protection – Inflating the Price of a Computer Near You

Peter Gutmann, crypto geek and author of “Everything you never wanted to know about PKI but have been forced to find out“, has written an analysis of the long-delayed Microsoft’s “Vista Content Protection” specification (( Warning, plain text document, may cause culture shock to the Flash Generation due to high signal to noise ratio and lack of pretty pictures )).

The Vista Content Protection specification could very well constitute the longest suicide note in history.

Peter has drawn on a heap of sources (both public and private) to work out the implications of Microsoft wanting to make the content providers dreams come true and going to extreme lengths to try and stop a few people tampering with “premium content”. The results are going to be more unreliable systems with large processing overheads and less functionality.

Since S/PDIF doesn’t provide any content protection, Vista requires that it be disabled when playing protected content. In other words if you’ve invested a pile of money into a high-end audio setup fed from a digital output, you won’t be able to use it with protected content. Similarly, component (YPbPr) video will be disabled by Vista’s content protection, so the same applies to a high-end video setup fed from component video.

Echo cancellation will be another victim of Vista as the required feedback system will not be permitted, instead it’ll degrade the quality to stop the potential for capturing “premium content” and the legitimate users will just have to cope. This sort of audio and video degradation will occur whenever the system believes it is playing “premium content”, even if you’re doing something else important:

What makes this particularly entertaining is the fact that the downgrading/disabling is dynamic, so if the premium-content signal is intermittent or varies (for example music that fades out), various outputs and output quality will fade in and out, or turn on and off, in sync. Normally this behaviour would be a trigger for reinstalling device drivers or even a warranty return of the affected hardware, but in this case it’s just a signal that everything is functioning as intended.

It appears the user will have no control over this, if someone manages to introduce something that Vista believes is “premium content” (and we all know how bad Microsoft are at getting things right) then the constrictors will kick in, downgrading the signal and then upgrading it to the required spec but with loss in quality. This pretty much rules Vista out for use in hospital imaging systems, astronomy or anywhere else where lossy compression is verboten. This is going to be a nightmare for the hardware vendors:

Amusingly, the Vista content protection docs say that it’ll be left to graphics chip manufacturers to differentiate their product based on (deliberately degraded) video quality. This seems a bit like breaking the legs of Olympic athletes and then rating them based on how fast they can hobble on crutches.

This is also going to have serious ramifications for developers of drivers for open source operating systems like Linux, FreeBSD, etc as Vista will introduce a requirement called Hardware Functionality Scan (HFS for short) where the driver interrogates a device and gets it to attest it is legitimate (and not a software phantom). This, of course, is being done through security through obscurity and, as Peter says:

In order for this to work, the spec requires that the operational details of the device be kept confidential. Obviously anyone who knows enough about the workings of a device to operate it and to write a third-party driver for it (for example one for an open-source OS, or in general just any non-Windows OS) will also know enough to fake the HFS process. The only way to protect the HFS process therefore is to not release any technical details on the device beyond a minimum required for web site reviews and comparison with other products.

In return the hardware will be monitored for odd things happening (unexpected voltage changes, etc) and the drive can set so called “tilt switches” to let the O/S know that something bad might be happening, which will be real fun for Vista users when the virus writers figure out how to trip these from software. The hardware is also going to have to support video decompression as the CPU won’t be allowed to do that due to its vulnerable nature, which is going to constrain the codecs that “premium content” will use. This is already an issue:

This is particularly troubling for the high-quality digital cinema (D-Cinema) specification, which uses Motion JPEG2000 (MJ2K) because standard MPEG and equivalents don’t provide sufficient image quality. Since JPEG2000 uses wavelet-based compression rather than MPEG’s DCT-based compression, and wavelet-based compression isn’t on the hardware codec list, it’s not possible to play back D-Cinema premium content (the moribund Ogg Tarkin codec also used wavelet-based compression). Because *all* D-Cinema content will (presumably) be premium content, the result is no playback at all until the hardware support appears in PCs at some indeterminate point in the future.

So this will stifle the innovation in video codecs, no hardware support then no undegraded playback. This will probably rule out the use of Vista for high-def Access Grid videoconferencing. Add in on top of all this the requirements to support hardware encryption between components and all the patent licenses that are needed for this and you’ve got a recipe for disaster.

For those of us lucky enough to not be under the thumb of the Redmond monopoly this will either mean a ramp up in hardware costs across the board, or (less likely) the hardware vendors will start to sell two streams of hardware, one “Vista Certified” and costing more and another which isn’t and costs less (possibly being older hardware predating these crazy requirements).


Dysfunctional Techno-habits

New Scientist has a nice little article called “Just can’t get e-nough” about habitual problems some people get from using the Internet.

The web in particular has opened up a host of opportunities for overindulgence. Take Wikipedia. Updating the entries – something anyone can do – has become almost a way of life for some. There are more than 2400 “Wikipedians”, p 36 – you know where to look it up if you don’t know what it means – who have edited more than 4000 pages each (“see Confessions of a Wikipediholic”, below). “It’s clearly like crack for some people,” says Dan Cosley at Cornell University in New York, who has studied how websites such as Wikipedia foster a community. To committed Wikipedians, he says, the site is more than a useful information resource; it’s the embodiment of an ideology of free information for all.

Favourite terms – crackberry and cheesepodder (( someone who goes hunting for those cheesy old numbers for their iPod )) . 🙂

Detentions in Iraq

Two Americans get picked up in a raid on a dodgy security company in Iraq, both are innocent and one has been working as an FBI informer, which is why the raid happens. They then spend months in custody before finally getting released.

Nathan Ertel, the American held with Vance, brought away military records that shed further light on the detention camp and its secretive tribunals. Those records include a legal memorandum explicitly denying detainees the right to a lawyer at detention hearings to determine whether they should be released or held indefinitely, perhaps for prosecution.

Donald Vance made a very good point:

While we were detained, we wrote a letter to the camp commandant stating that the same democratic ideals we are trying to instill in the fledgling democratic country of Iraq, from simple due process to the Magna Carta, we are absolutely, positively refusing to follow ourselves.

Another case of “do what I say, not what I do”. 🙁

Flying fun

Just chatted to a friend of mine who’s in Singapore airport at the moment, when I asked him how the flight was he said:

when they tell the flight attendants to tighten their seatbelts you know you’re in for a rough ride!


An Amusing Collection of Quotes

From Shelley about IE7:

Writing Learning JavaScript and now Adding Ajax, as well as creating web page applications such as my photo popup has led me to an epiphany: Microsoft really doesn’t want us to use IE. No, I’m not being facetious–the company would probably prefer that people move to another browser.

(Those looking for an alternative might want to try Firefox)

Shelley also mentions how she has to test with IE6 now, using a Virtual PC image:

According to the IE weblog, this VPC image will only function until April 1st, 2007, but I think the April Fool’s joke is getting people to reserve both memory and disc space–as well as having to go through Microsoft’s validation process–just to test against a browser. What happens after April, then? Are all the Windows 2000 installations going away? There will be no need to test for IE6?

But there seems to be a problem with those images, as Paul Morriss found out, Microsoft seems to think they’re dodgy knock-offs, even though they came from them originally:

Just for fun I then decided to upgrade IE on the Virtual PC to IE7. When it got to verifying whether the copy of Windows on the Virtual PC was genuine it concluded it wasn’t.

He’s got a screenshot as proof..

Then, as a final funny thought, this worked example from Sterling W. “Chip” Camden derived from a theory by Shelley that “Every spec should be written like it was going to be read by VB developers.”:

See Dick and Jane play tag.
See Dick forget his namespace prefix.
See Jane throw an exception.
Run, Dick, run!