Vista is crippeled

Many of you who study security might now have heard about "A Cost Analysis of Windows Vista Content Protection" (this is the paper which included an "executive executive summary" which read "The Vista Content Protection specification could very well constitute the longest suicide note in history") made by Peter Gutmann.

This has been further explored in two podcasts about DRM on "Security Now!" (made by Steve Gibson and Leo Laporte).
The first podcast (66min) talks about the evolving history of DRM (digital restriction (rights) management).
It is followed up in the next podcast (50min) by talking about the content protection system in Windows Vista and includes an interview with Peter Gutmann.

After listening to these two podcasts you really get a feel for how insane the DRM now has become. As you are putting all this effort into trying to create a barrier between the user and his legally purchased content, a content that most users are just content watching. It is creating a cryptosystem where the user is both the receiver of the content and the attacker. An idea which is in it self flawed, but still the large content producer pour millions of dollars on it. While only making more pirates out of us ordinary people, as we desperately try to make our hardware work.

On the other hand I just love hearing about the crypto used, which includes AES, elliptic-curve cryptography and public-key encryption with off line revocation mechanisms. The effort put into this system is phenomenal and it is well thought out, but the goal that they are trying to achieve is crazy.

This post is based on 2 posts from boingboing.