Update on Vista Driver Signing Bypass

As you may already know,
Alex Ionescu's has found a way to bypass Windows Vista driver signing:
http://www.alex-ionescu.com/?p=24
- also called Vista's Protected Media Path DRM
(the Vista DRM that prevents you from watching "premium" content and HD material
on regular PC screens with non-HDCP inputs, like component, VGA, older HDMI TVs,
etc.)

Is this a fundamental Vista security breach?

EU XP user wrote:
> As you may already know,
> Alex Ionescu's has found a way to bypass Windows Vista driver signing:
> http://www.alex-ionescu.com/?p=24
> - also called Vista's Protected Media Path DRM
> (the Vista DRM that prevents you from watching "premium" content and
> HD material on regular PC screens with non-HDCP inputs, like
> component, VGA, older HDMI TVs, etc.)
>
> Is this a fundamental Vista security breach?

Depends who you ask. Would it make you feel less secure while running Vista?
Let's be honest here, the vast majority of people have seen their computer's
'trusted path' for playback of media suborned by companies like Sony more
than they have by the average hacker.

"Robert Moir" <robspamtrap@gmail.com> schreef in bericht
news:%23WHTwMMRHHA.412@TK2MSFTNGP02.phx.gbl...
> EU XP user wrote:
>> As you may already know,
>> Alex Ionescu's has found a way to bypass Windows Vista driver signing:
>> http://www.alex-ionescu.com/?p=24
>> - also called Vista's Protected Media Path DRM
>> (the Vista DRM that prevents you from watching "premium" content and
>> HD material on regular PC screens with non-HDCP inputs, like
>> component, VGA, older HDMI TVs, etc.)
>>
>> Is this a fundamental Vista security breach?
>
> Depends who you ask. Would it make you feel less secure while running Vista? Let's
> be honest here, the vast majority of people have seen their computer's 'trusted
> path' for playback of media suborned by companies like Sony more than they have by
> the average hacker.

You have a valid point - I guess you are referring to the Sony rootkit CDs :-)

That's a good way to put it Robert. It is a little hard to discern what Alex
is doing based on the post, but from what I can tell, I would say this does
not represent some fundamental security breach for the following reasons:
1. What he is doing can only be done by someone with admin privilege already
2. It does not give the user access to anything that he did not already have
access to

If the tool works the way he says all it does is lie to applications trying
to enforce the copy "protection" that the media companies made Microsoft put
in. Anyone who thinks that you can enforce any form of copy protection in
software must not have been paying attention for the past 30 years or so.
Copy protection in software has never worked, and never will work. Software,
by its very definition, runs in an environment that the person you are trying
to protect against - the rightful owner of a movie disk and assorted bad guys
trying to circumvent copyright laws - has full access to. Copy protection in
software is a waste of time. Any demonstration of that fact is only that - a
demonstration of how futile copy protection is, not any demonstration of
fundamental security flaws in whatever product contains the copy protection.

"Robert Moir" wrote:

> EU XP user wrote:
> > As you may already know,
> > Alex Ionescu's has found a way to bypass Windows Vista driver signing:
> > http://www.alex-ionescu.com/?p=24
> > - also called Vista's Protected Media Path DRM
> > (the Vista DRM that prevents you from watching "premium" content and
> > HD material on regular PC screens with non-HDCP inputs, like
> > component, VGA, older HDMI TVs, etc.)
> >
> > Is this a fundamental Vista security breach?
>
> Depends who you ask. Would it make you feel less secure while running Vista?
> Let's be honest here, the vast majority of people have seen their computer's
> 'trusted path' for playback of media suborned by companies like Sony more
> than they have by the average hacker.
>
>
>

The blog is pretty vague on how it works and he doesn't offer any proof.
What he says sounds plausible but until someone else confirms it, it's just
another unsubstantiated claim. We'll have to wait until he publishes some
code. In the blog he says it's not a real bypass of the signed driver
requirement but that it may accidently be a way around some of the DRM in
Vista. This isn't a security issue if that's the case. As for DRM it's only
a matter of time before it is broken. Software is not the solution to a
marketing problem.

--
Kerry Brown
Microsoft MVP - Shell/User
http://www.vistahelp.ca


"EU XP user" <invalid@123.invalid> wrote in message
news:%23fJEOPLRHHA.4756@TK2MSFTNGP03.phx.gbl...
> As you may already know,
> Alex Ionescu's has found a way to bypass Windows Vista driver signing:
> http://www.alex-ionescu.com/?p=24
> - also called Vista's Protected Media Path DRM
> (the Vista DRM that prevents you from watching "premium" content and HD
> material
> on regular PC screens with non-HDCP inputs, like component, VGA, older
> HDMI TVs, etc.)
>
> Is this a fundamental Vista security breach?
>
>