Please support our Tech Talk advertiser:
Featured Entry 
Feb 3rd, 2007, 8:19 am
Microsoft Vista has, in the few days that it has been on general release, managed to avoid the embarrassment of anyone poking major holes in its security from the perspective of protection of consumer PC integrity at least. However, everything is not so sweet when it comes to those media companies looking for Vista, and in particular the Protected Media Path (PMP) it uses to ensure that protected content cannot be played back on hardware not certified so to do.
The problem being that security researcher Alex Ionescu, while on a workaround for the PatchGuard 64-bit driver signing in Vista, stumbled upon code that effectively bypasses PMP entirely and so means that anyone using it could play back protected HD-DVD content on uncertified computers. Sure, Microsoft can and probably will issue a patch to fix the error. But according to Ionescu it will be a very short term fix because he insists that the patch itself can then be bypassed using similar methods as he employed originally.
Fortunately for Microsoft, Ionescu has decided against releasing the code for now as he has no desire to violate the DMCA, which it would if seen as being an anti-DRM tool. The bad news is that he is apparently investigating if there are ways around this by crippling the binary and putting the emphasis on the security research side of things.
Or at least he might be if he still had a blog to publish his research to. At the time of writing his blog returns an error message stating that “Account for domain www.alex-ionescu.com has been suspended” although the reasons for this remain unclear. I would like to think it is purely a coincidence, maybe a payment oversight, maybe a bandwidth problem caused by the amount of traffic flowing in that direction as a result of the Vista DRM crack story breaking. But a combination of the conspiracy theorist in me with a journalistic distrust of coincidence, means I suspect something more sinister is at play here.
My emails to Alex have gone unanswered for now, but then again it is the weekend and we don’t all live our lives online. Maybe someone who knows Alex can contact him and update us all in the course of the next day or two? In the meantime it may be worth keeping an eye on his old blog and the ReactOS Wiki.
The problem being that security researcher Alex Ionescu, while on a workaround for the PatchGuard 64-bit driver signing in Vista, stumbled upon code that effectively bypasses PMP entirely and so means that anyone using it could play back protected HD-DVD content on uncertified computers. Sure, Microsoft can and probably will issue a patch to fix the error. But according to Ionescu it will be a very short term fix because he insists that the patch itself can then be bypassed using similar methods as he employed originally.
Fortunately for Microsoft, Ionescu has decided against releasing the code for now as he has no desire to violate the DMCA, which it would if seen as being an anti-DRM tool. The bad news is that he is apparently investigating if there are ways around this by crippling the binary and putting the emphasis on the security research side of things.
Or at least he might be if he still had a blog to publish his research to. At the time of writing his blog returns an error message stating that “Account for domain www.alex-ionescu.com has been suspended” although the reasons for this remain unclear. I would like to think it is purely a coincidence, maybe a payment oversight, maybe a bandwidth problem caused by the amount of traffic flowing in that direction as a result of the Vista DRM crack story breaking. But a combination of the conspiracy theorist in me with a journalistic distrust of coincidence, means I suspect something more sinister is at play here.
My emails to Alex have gone unanswered for now, but then again it is the weekend and we don’t all live our lives online. Maybe someone who knows Alex can contact him and update us all in the course of the next day or two? In the meantime it may be worth keeping an eye on his old blog and the ReactOS Wiki.
This blog entry was written by Davey Winder, staff writer aka happygeek. It has received 6,204 views, 3 comments, and 71 linkbacks. 2 voters have rated this entry an average of 5 out of 5 stars. It was promoted to featured status Feb 3rd, 2007.
•
•
•
•
advertising apple blog browser business copyright crime daniweb data development drm email facebook firefox gaming google hacking hardware ibm internet iphone ipod law linux malware microsoft mobile mozilla mp3 news office open source operating privacy research search security software spam survey technology trojan uk virus vista web windows xp yahoo youtube
All Recent Tags Comments (Newest First)
happygeek | He's The Daddy | Feb 3rd, 2007
happygeek | He's The Daddy | Feb 3rd, 2007
The email address I sent to was not, obviously, at the domain that has been suspended but rather at his ReactOS mailbox. Double Doh! 
As mentioned in the posting, Ionescu did not publish his code nor enough detail for anyone to be able to duplicate it. He published the fact that he had managed to stumble across a way to bypass the Vista DRM protection, and explained how this was possible. That is something that is not in violation of the law, and indeed he showed responsibility in not puclishing the code itself.
As mentioned in the posting, Ionescu did not publish his code nor enough detail for anyone to be able to duplicate it. He published the fact that he had managed to stumble across a way to bypass the Vista DRM protection, and explained how this was possible. That is something that is not in violation of the law, and indeed he showed responsibility in not puclishing the code itself.
jwenting | duckman | Feb 3rd, 2007
•
•
•
•
if his domain is inactive emails to that domain won't be delivered, DOH!
If he published content that's in violation of the law (which cracks certainly would be, whichever excuse he uses to publish them) his hosting provider may well have pulled the plug, wouldn't be the first time.
If he published content that's in violation of the law (which cracks certainly would be, whichever excuse he uses to publish them) his hosting provider may well have pulled the plug, wouldn't be the first time.
Post Comment
•
•
•
•
Only community members can start a blog or comment on blog entries. You must register or log in to contribute.
•
•
•
•
•
•
•
•
DaniWeb Tech Talk Marketplace
Related Blog Entries
- It's True -- Some People Want You Kept in the Dark (16 Hours Ago)
- Virtual physios to soothe stroke recovery (1 Day Ago)
- AMDS Gloomy Future. (1 Day Ago)
- iPhone Girl is so not fired (2 Days Ago)
- ASA bites Apple over misleading iPhone ads (2 Days Ago)
- Don't Allow Security Breaches to Rip Your Britches (3 Days Ago)
- Internet Speed Tests Provide Misleading Results (4 Days Ago)
- Microsoft's Photosynth Will Fail (4 Days Ago)
- Swedes test faultless iPhone 3G and surprisingly find no faults (4 Days Ago)
- Redhat and Fedora Servers breached (5 Days Ago)
Related Forum Threads
- Vista Crack Means Big Trouble (Windows Vista)
- Vista (Windows Vista)
- Phishing alert (Geeks' Lounge)
