This is all ultimately pointless because it's not like the video decoder checks the integrity of its own code or the CPU running it or the compiler that compiled it or that the OS it was tested against is actually running. (Reflections on trusting trust.) Nothing actually cares about secure boot or end-to-end code validation; Apple doesn't even include equipment on their mainboards to do this anymore. Meanwhile, if you're going to grab pixels to pirate video, that's easy: HDCP is broken, so just grab it at the link layer. The key you need is on Pastebin!
Consumer DRM has always been a hardware-selling maneuver as far as I can tell. "You need HDCP in order to watch this video." "I do? But HDCP is broken." "Just buy a new monitor anyway." The Management Engine sounds like a similar scheme. "You need an Intel Management Engine to watch this video." "I do?" "Yes, it's very convenient for us that you need to buy a new computer even though your current computer works fine otherwise."
Intel's just using Hollywood's fear of piracy to sell new computers, ignoring the fact that the pirates are still pirating movies without any problems. It's more funny than sad.
DRM has very little to do with piracy. Hollywood know perfectly well that DRM will not stop a determined pirate and a movie only has to be ripped once to be pirated indefinitely.
It's about control. It's about the studios always having a seat at the bargaining table when new products/devices are being floated. They fear becoming a commodity supplier.
> Intel's just using Hollywood's fear of piracy to sell new computers, ignoring the fact that the pirates are still pirating movies without any problems. It's more funny than sad.
And it's even more sad that the most computer illiterate, "honest" people are the most vulnerable to this strategy. People that want an honest way to watch movies have the most problems watching them.
My partner is an academic, a lecturer in film theory. She watches a lot of films, and needs to make a lot of short clips for her lectures, and to take a lot of screenshots for her papers.
This task is becoming increasingly difficult as time goes by. The most reliable method (for her skill level) is now to rip DVDs, removing various bits of protection, before playing the film using VLC on Windows and using VLC to take the screenshot. This is a pain, as she now uses a Mac primarily (as most academia seems to be doing so almost exclusively because it makes presentations easier - connecting to projectors turns out to be the killer feature).
For a lot of films though, she pauses a film and uses a camera directed at the TV. Or worse, she'll record the clip on a camera (using the camera's microphone).
Aside from things like Box of Broadcasts (which is for UK broadcast TV), there are few to no resources for academics to resort to for sources of film that will enable dissemination to students through materials and presentations. All clips are short (10-30s), papers feature only a few screenshots when published.
Regardless of the studio and technology company desire to lock things down and control distribution, there remains a very legal exception to their controls: education.
And of course, education has resorted to alternatives to these locks. There exists private torrent sites that are collections of obscure, international and predominantly non-Hollywood productions. Like torrent sites pre-Netflix, these are actually the most reliable sources of films that academics use for sources. Even when an academic owns a DVD (as nearly all do for future presentation and citation purposes), the torrents deliver files that the academic can use to create clips and screenshots.
As much as possible, I try and help my partner avoid such sites. They are good, but in the hard world of academia I'm not sure her career will survive trying to argue any form of legitimacy of downloading content for academic purposes for already owned DVDs.
There is a very real and present danger that copy protections will harm libraries and education. They already are.
The strangest part is that according to the law (fair use) she should be able to do that. This DRM is effectively creating its own "copyright law", just like Cory Doctorow has warned us before.
The whole copyright gang from MPAA to OS vendors and chip makers are using DRM to expand the reach of copyright law. And you can't just say "well I'll just break the DRM, since it's legal for me to take the screenshot" either. Because breaking DRM is illegal...So in order to exercise one of your rights you have to break another law.
The other downside is that you can't use custom software to fix up video. Netflix has a fairly poor player - more than one I've had to go torrent something I was trying to watch in Netflix due to one playback issue or another.
From brightness to subtitles, to frame positioning (shifting the whole playback area down to fit better on my wall when projecting very wide formats) - Netflix offers nothing. Even worse for audio, where I often pump center channel dialog and perform normalization.
It's sad how advanced the tech is compared to how limited our use is. (For instance, it's technically trivial, but usably difficult to add Rifftrax (MST3K reborn) to a movie on Netflix.)
Edit: The really nasty part is that this technology in general isn't bad. I love TPMs, for instance. Gives me a fairly easy way to get relatively strong security, say, to store my disk encryption keys, without memorizing a passphrase. Trusted computing can allow the user to remain in control. But slipping in DRM gets people understandably upset.
OTOH, I can't find details on exactly how this video stuff works. Wikipedia points at the GPU part, making it seem like it's just the same HDCP-kinda stuff that's been around for a while. (Annoying, but ultimately a decision of your kernel to enable. As in, media isn't encrypted at the source to some Intel key.)
Trusted computing can allow the user to remain in control.
Only as long as it's really the user the computer is trusting, and not some other entity. Personally, I don't really like TPMs or any of the other "safe computing" technology. In theory (and this is what everyone usually refers to when they advocate it) they can help the user, but in practice they're almost always being used to do the opposite and the path to freedom is insecurity (e.g. jailbreaking, running homebrew software, etc.) As the saying goes, "in theory, there's no difference between theory and practice; in practice, there is."
OTOH, I can't find details on exactly how this video stuff works
That's sort of the point of DRM in general - you're not supposed to know how it works, because then you would be in a much better position to break it. It's no surprise that the details would be kept secret, and other security technologies are likely being used for this purpose - e.g. DRM'd PDFs.
Are chips with this feature sold in consumer devices? I'm planning to buy a new computer soon. How can I avoid or boycott the chips in question? Or can the feature be definitively disabled through the BIOS?
If I buy a computer, then I want to own it completely and not have arbitrary DRM bullshit remove capabilities. If I wish to take a screenshot of copyright content and share it with friends (fair use), then I should be able to do that, and I will be seriously pissed if my own machine gets in the way.
Does anyone know which chips include this feature, and/or whether it can be disabled?
All Intel chips since 2010 or so have the management engine. There's a reason why the "reclaim your freedom" notebook is still a Lenovo X60.
Some of them come with larger firmware (5MB, making up vPro and AMT), others with the smaller one (1.5MB) that merely does the DRM stuff, but all of them have the full hardware access detailled in the article.
AMD is clean on the chipset side until kaveri/kabini. After that, they come with a "platform security processor".
I think the GPU has some DRM features (mostly concerned with adding Macrovision noise to the output signal), but I'm not into GPUs very much.
Contemporary ARM stuff mostly comes with TrustZone, which can typically be used for DRM as well. AMD adopted the TrustZone model for their current CPUs, too.
Since Protected A/V Path and similar DRM systems require OS cooperation, the easiest way to stay clear of them is to use Open Source media players, on an Open Source OS.
If you want to avoid supporting proponents of such hardware assisted DRM systems, plain ARM systems that ship without fixed operating system (eg. the cuBox series, rPI & follow ups) are your best bet.
I believe this is part of "vPro" in intel marketing speak. Yes, many consumer CPUs have it. Intel provides pretty good feature lists by CPU if you want to avoid it:
Just a note on the discourse: the point "I own it, I should be able to use it the way I want" feels like not really effective (as a rhetoric) in many part of the western world and in many social circles. I really feel for example in France it would be easily brushed off using analogy to construction permits or driver licenses, or just put the person in some crazy-libertarian box ("the kind that want to print firearms at home").
There might be ways of framing the issue that fit better in a socio-democrat context (Europe, etc.).
Ideas?
The angle to take is that media is sold misleadingly. When I buy a DVD / Bluray I am paying for a physical disc and a licence to use the contents of the disc. That licence is restrictive and restricts my rights more than law. Thus, I am not allowed to extract a short extract to use in an educational setting (fair dealings; fair use). Packaging and marketing of DVD / Bluray is unclear about this and gives the impression that you are "buying a movie", not buying some plastic and a licence.
Maybe stress that the computer is a creative tool and should not have artificial limits put in place? Compare this to a hammer and imagine that one weekend you wanted to finish that cupboard you're building in your garage, but your hammer starts throwing exceptions because your nails are not Apple iNails or otherwise MAFIAA-certified ones. "How dare you buy generic nails in a mom&pop shop around the corner?"
General-purpose computer is a tool that should be able to execute arbitrary code its users want to. I think Cory Doctorow summed it up the best: http://boingboing.net/2012/08/23/civilwar.html.
For me in France and Germany the correct angle is that if you do not control your computer, some big crazy American corp do, and can and will do whatever they want with your content, which usually means make money with it.
I'm not sure either. But at least in by country the leftish parties seem the most interested in protecting consumer rights, which might be a way to go. The libertarians seem more worried about protecting the company's "intellectual property" and include management engines in "their own" products.
To use it "the way I want" is much smaller priority as to be able to dictate who uses my private property, for what purpose, and when. DRM violates each of those, and as rhetoric goes, the only law we should need is private property laws.
A driver license allow me to drive legally on the public road. It do not grant anyone else to repossess my car, instruct it to not run if someone else is behind the wheel, dictate who might repair or or what parts it will accept.
> the point "I own it, I should be able to use it the way I want" feels like not really effective (as a rhetoric) in many part of the western world and in many social circles. I really feel for example in France
I really think that's a complete strawman. People in France (or Europe in general) very much feel like "this is my computer, I use it any way I want". Personally I think even more so than Americans, because usually consumer protection from corporate scheming is better in Europe.
BTW libertarians would be a-ok with corporations defining how your computer works, that's entrepreneurial freedom, after all.
This is what I call bullshit job - zero value for humankind created, tons of human hours wasted. (I would even say negative value since security holes will be found if not already in this microcontroller firmware)
I stumbled upon this PAVP thing in an old Thinkpad just last week. My first thought after reading about it was basically this. Somewhere, some very talented software developers probably spent years working on this obscure, essentially useless thing.
Years ago, I remember trying to screenshot video on a Microsoft XP box. When I tried to paste the screenshot inside any image editing program, the video region would remain blank. If I correctly positioned the image editor window over the window with the video source, the video would show through this region, but the video remained positionally fixed to the screen. I cannot remember if this happened for all video sources though. Could this have been caused by DRM?
It was because of how HW accelerated video decoding worked. You would specify the coordinates of a rectangle on the screen where to play the video. Then you'd display a rectangle of a certain color (#010000, I believe), to be used as a mask.
The window manager could show windows on top of the video, and the masking would work even though the video decoding HW knew nothing about window management and vice versa.
I only hope is that as bullshit like this becomes more and more prominent, people will become more and more educated in what is acceptable and what is not (since it will bite them more and more). Eventually, public opinion would shift into more and more negative outlook on corporations who practice such things.
Offenders' influence would then decline and people will become smarter, everyone wins.
The best part is that it is only a matter of time until the IME is cracked and root kits come with bits that you will never be able to clean without getting a whole new computer. Did you know the IME can send and recieve IP without the host processor ever seeing it? It's the ultimate way to own a machine.
I would assume the larger purpose of IME is actually exactly as a platform for persistent undetectable system compromise. Purpose built for TAO? As conspiracy theories go it's hard to explain the existence and full capabilities of IME in this decade without some NSA involvement.
What I don't really understand is how this could be used to stop piracy. Sure, you could stop recording on a machine with Intel Management Engine, but wouldn't pirates simply use a computer without Intel Management Engine to rip media?
Unless the media becomes impossible to consume without Intel Management Engine (sounds unlikely, how would you explain that to customers), how does it prevent anything?
> the media becomes impossible to consume without Intel Management Engine
That's why Intel management keeps greenlighting this project. Intel thinks that it if it can convince content producers to distribute media as blobs encrypted with Intel's public key (and maybe, say, Samsung's or Apple's), then we can transition to a world where consumer video files do work on most consumer hardware, but can't be decrypted outside the protected media path and ripped.
There's no reason this scheme can't work. OEMs and content producers just haven't been able to cooperate well enough to piece it together yet. Once they do, game over, except for the analog hole.
This scheme also has the side effect of creating a "moat" around existing OEMs. Sure, a new player can begin fabricating new CPUs, but existing media files won't be encrypted for these CPUs. It is literally a conspiracy against the public.
More importantly, why would software be required to engage in all activity by piping through such a hardware interface. I would expect that open source alternatives and virtualization could easily bypass its necessity.
At first glance, dumping the contents of any source media, or capturing network streams properly, should readily provide the raw, unencrypted content data, which is then decoded by an application that has been implemented without use of those particular hardware features.
What about graphic cards from Nvidia/AMD? What about the ARM CPUs from various vendors like Apple, AppliedMicro, Atmel, Broadcom, Freescale Semiconductor, Nvidia, NXP, Qualcomm, Samsung Electronics, ST Microelectronics and Texas Instruments?
I don't know much about HDMI, but couldn't I just run the video/movie in fullscreen and then capture the output from the HDMI and save the raw output to a disk?
Yes, HDCP has been broken for a long time and even if it wasn't, you could still capture the LVDS signal that drives the LCD panel itself.
But the problem is that those are very high-speed signals(1920x1080 24bpp at 60FPS is around 350MB/s+) that require suitable hardware to capture, basically uncompressed video, and recompression would introduce more artifacts than the original. That's why pirates don't usually go this route; the result is only slightly better than pointing a good camera at the screen.
[+] [-] jrockway|11 years ago|reply
Consumer DRM has always been a hardware-selling maneuver as far as I can tell. "You need HDCP in order to watch this video." "I do? But HDCP is broken." "Just buy a new monitor anyway." The Management Engine sounds like a similar scheme. "You need an Intel Management Engine to watch this video." "I do?" "Yes, it's very convenient for us that you need to buy a new computer even though your current computer works fine otherwise."
Intel's just using Hollywood's fear of piracy to sell new computers, ignoring the fact that the pirates are still pirating movies without any problems. It's more funny than sad.
[+] [-] ris|11 years ago|reply
DRM has very little to do with piracy. Hollywood know perfectly well that DRM will not stop a determined pirate and a movie only has to be ripped once to be pirated indefinitely.
It's about control. It's about the studios always having a seat at the bargaining table when new products/devices are being floated. They fear becoming a commodity supplier.
[+] [-] stingraycharles|11 years ago|reply
And it's even more sad that the most computer illiterate, "honest" people are the most vulnerable to this strategy. People that want an honest way to watch movies have the most problems watching them.
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] lelandbatey|11 years ago|reply
Does anyone have any resources for capturing HDMI, stripping HDCP and recording on a computer?
[+] [-] higherpurpose|11 years ago|reply
[+] [-] fit2rule|11 years ago|reply
[+] [-] buro9|11 years ago|reply
This task is becoming increasingly difficult as time goes by. The most reliable method (for her skill level) is now to rip DVDs, removing various bits of protection, before playing the film using VLC on Windows and using VLC to take the screenshot. This is a pain, as she now uses a Mac primarily (as most academia seems to be doing so almost exclusively because it makes presentations easier - connecting to projectors turns out to be the killer feature).
For a lot of films though, she pauses a film and uses a camera directed at the TV. Or worse, she'll record the clip on a camera (using the camera's microphone).
Aside from things like Box of Broadcasts (which is for UK broadcast TV), there are few to no resources for academics to resort to for sources of film that will enable dissemination to students through materials and presentations. All clips are short (10-30s), papers feature only a few screenshots when published.
Regardless of the studio and technology company desire to lock things down and control distribution, there remains a very legal exception to their controls: education.
And of course, education has resorted to alternatives to these locks. There exists private torrent sites that are collections of obscure, international and predominantly non-Hollywood productions. Like torrent sites pre-Netflix, these are actually the most reliable sources of films that academics use for sources. Even when an academic owns a DVD (as nearly all do for future presentation and citation purposes), the torrents deliver files that the academic can use to create clips and screenshots.
As much as possible, I try and help my partner avoid such sites. They are good, but in the hard world of academia I'm not sure her career will survive trying to argue any form of legitimacy of downloading content for academic purposes for already owned DVDs.
There is a very real and present danger that copy protections will harm libraries and education. They already are.
[+] [-] higherpurpose|11 years ago|reply
The whole copyright gang from MPAA to OS vendors and chip makers are using DRM to expand the reach of copyright law. And you can't just say "well I'll just break the DRM, since it's legal for me to take the screenshot" either. Because breaking DRM is illegal...So in order to exercise one of your rights you have to break another law.
[+] [-] juliangregorian|11 years ago|reply
[+] [-] MichaelGG|11 years ago|reply
It's sad how advanced the tech is compared to how limited our use is. (For instance, it's technically trivial, but usably difficult to add Rifftrax (MST3K reborn) to a movie on Netflix.)
Edit: The really nasty part is that this technology in general isn't bad. I love TPMs, for instance. Gives me a fairly easy way to get relatively strong security, say, to store my disk encryption keys, without memorizing a passphrase. Trusted computing can allow the user to remain in control. But slipping in DRM gets people understandably upset.
OTOH, I can't find details on exactly how this video stuff works. Wikipedia points at the GPU part, making it seem like it's just the same HDCP-kinda stuff that's been around for a while. (Annoying, but ultimately a decision of your kernel to enable. As in, media isn't encrypted at the source to some Intel key.)
[+] [-] userbinator|11 years ago|reply
Only as long as it's really the user the computer is trusting, and not some other entity. Personally, I don't really like TPMs or any of the other "safe computing" technology. In theory (and this is what everyone usually refers to when they advocate it) they can help the user, but in practice they're almost always being used to do the opposite and the path to freedom is insecurity (e.g. jailbreaking, running homebrew software, etc.) As the saying goes, "in theory, there's no difference between theory and practice; in practice, there is."
OTOH, I can't find details on exactly how this video stuff works
That's sort of the point of DRM in general - you're not supposed to know how it works, because then you would be in a much better position to break it. It's no surprise that the details would be kept secret, and other security technologies are likely being used for this purpose - e.g. DRM'd PDFs.
[+] [-] Pyxl101|11 years ago|reply
If I buy a computer, then I want to own it completely and not have arbitrary DRM bullshit remove capabilities. If I wish to take a screenshot of copyright content and share it with friends (fair use), then I should be able to do that, and I will be seriously pissed if my own machine gets in the way.
Does anyone know which chips include this feature, and/or whether it can be disabled?
[+] [-] pgeorgi|11 years ago|reply
Some of them come with larger firmware (5MB, making up vPro and AMT), others with the smaller one (1.5MB) that merely does the DRM stuff, but all of them have the full hardware access detailled in the article.
AMD is clean on the chipset side until kaveri/kabini. After that, they come with a "platform security processor". I think the GPU has some DRM features (mostly concerned with adding Macrovision noise to the output signal), but I'm not into GPUs very much.
Contemporary ARM stuff mostly comes with TrustZone, which can typically be used for DRM as well. AMD adopted the TrustZone model for their current CPUs, too.
Since Protected A/V Path and similar DRM systems require OS cooperation, the easiest way to stay clear of them is to use Open Source media players, on an Open Source OS.
If you want to avoid supporting proponents of such hardware assisted DRM systems, plain ARM systems that ship without fixed operating system (eg. the cuBox series, rPI & follow ups) are your best bet.
[+] [-] redstripe|11 years ago|reply
e.g.
http://ark.intel.com/search/advanced?s=t&FamilyText=4th%20Ge...
[+] [-] juliendorra|11 years ago|reply
[+] [-] DanBC|11 years ago|reply
The angle to take is that media is sold misleadingly. When I buy a DVD / Bluray I am paying for a physical disc and a licence to use the contents of the disc. That licence is restrictive and restricts my rights more than law. Thus, I am not allowed to extract a short extract to use in an educational setting (fair dealings; fair use). Packaging and marketing of DVD / Bluray is unclear about this and gives the impression that you are "buying a movie", not buying some plastic and a licence.
[+] [-] TeMPOraL|11 years ago|reply
General-purpose computer is a tool that should be able to execute arbitrary code its users want to. I think Cory Doctorow summed it up the best: http://boingboing.net/2012/08/23/civilwar.html.
[+] [-] gbog|11 years ago|reply
[+] [-] thomasahle|11 years ago|reply
[+] [-] belorn|11 years ago|reply
A driver license allow me to drive legally on the public road. It do not grant anyone else to repossess my car, instruct it to not run if someone else is behind the wheel, dictate who might repair or or what parts it will accept.
[+] [-] iSnow|11 years ago|reply
I really think that's a complete strawman. People in France (or Europe in general) very much feel like "this is my computer, I use it any way I want". Personally I think even more so than Americans, because usually consumer protection from corporate scheming is better in Europe.
BTW libertarians would be a-ok with corporations defining how your computer works, that's entrepreneurial freedom, after all.
[+] [-] hippich|11 years ago|reply
[+] [-] tacoman|11 years ago|reply
[+] [-] dmm|11 years ago|reply
https://www.crowdsupply.com/purism/librem-laptop
[+] [-] jsdir|11 years ago|reply
[+] [-] geon|11 years ago|reply
The window manager could show windows on top of the video, and the masking would work even though the video decoding HW knew nothing about window management and vice versa.
[+] [-] akx|11 years ago|reply
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] dghughes|11 years ago|reply
It's as bizarre to me as if US car corporations dictated I could only use premium fuel from Shell and monitored it in real-time.
[+] [-] gear54rus|11 years ago|reply
Offenders' influence would then decline and people will become smarter, everyone wins.
[+] [-] jandrese|11 years ago|reply
[+] [-] zaroth|11 years ago|reply
[+] [-] based2|11 years ago|reply
https://news.ycombinator.com/item?id=8813029
[+] [-] rando289|11 years ago|reply
[+] [-] danshapiro|11 years ago|reply
https://twitter.com/rosyna/status/550702351703875584
[+] [-] Drakim|11 years ago|reply
Unless the media becomes impossible to consume without Intel Management Engine (sounds unlikely, how would you explain that to customers), how does it prevent anything?
[+] [-] rewqfdsa|11 years ago|reply
That's why Intel management keeps greenlighting this project. Intel thinks that it if it can convince content producers to distribute media as blobs encrypted with Intel's public key (and maybe, say, Samsung's or Apple's), then we can transition to a world where consumer video files do work on most consumer hardware, but can't be decrypted outside the protected media path and ripped.
There's no reason this scheme can't work. OEMs and content producers just haven't been able to cooperate well enough to piece it together yet. Once they do, game over, except for the analog hole.
This scheme also has the side effect of creating a "moat" around existing OEMs. Sure, a new player can begin fabricating new CPUs, but existing media files won't be encrypted for these CPUs. It is literally a conspiracy against the public.
[+] [-] thatone|11 years ago|reply
At first glance, dumping the contents of any source media, or capturing network streams properly, should readily provide the raw, unencrypted content data, which is then decoded by an application that has been implemented without use of those particular hardware features.
Am I being naive?
[+] [-] knweiss|11 years ago|reply
[+] [-] unknown|11 years ago|reply
[deleted]
[+] [-] frik|11 years ago|reply
Do they have similar DRM features too?
[+] [-] eeZi|11 years ago|reply
It even has an embedded Java runtime.
[+] [-] psk|11 years ago|reply
[+] [-] userbinator|11 years ago|reply
But the problem is that those are very high-speed signals(1920x1080 24bpp at 60FPS is around 350MB/s+) that require suitable hardware to capture, basically uncompressed video, and recompression would introduce more artifacts than the original. That's why pirates don't usually go this route; the result is only slightly better than pointing a good camera at the screen.
[+] [-] michaelbuddy|11 years ago|reply
[+] [-] markdown|11 years ago|reply
[deleted]
[+] [-] yzzxy|11 years ago|reply