BT et C

Friday, February 02, 2007

SPP

I'm going back to the abbreviations for awhile, 'cause they're fun.

Microsoft's "Software Protection Platform" -- the culmination of years of expanding windows-validation schemes -- is an incredible achivement on many levels. (Note: I have not used Vista and hope never to do so. Here is my source)

  • Misnomer of Orwellian proportions: "Platform" is just a word that one attaches to an application to make it sound bigger, so I'll ignore it. You might initially assume that the 'platform' is protecting your software, but This is not the case. Software is the subject of the protection, not the object, and it is protecting something else (from you). That something else, of course, is Microsoft. But you have to think on it a bit before that becomes apparent. Brilliant.
  • Undermine, chapter 1: Farbeit from me to give anyone ideas, but it seems that SPP present a fascinating attack vector. This is an application that is designed to make the machine unusable. Formerly the only such system on most machines was the power button. When Windows gets the idea (from SPP, or from __________?) that this is an unpaid-for copy, it goes into "reduced functionality" mode, and then goes downhill from there. I would love to hear a competent security research discuss the tradeoff between this obviously-gaping hole versus UAC and the other security buttresses that have been built in.
  • Undermine, chapter 2: The irony of it all, of course, is that SPP, like all DRM schemes, only needs to be cracked once -- at which time the major players in the software "piracy" industry will continue on their merry way. The number of pirated copies of Windows might slide a bit before picking up where it left off. The false positives -- and the support for angry customers that ensues -- will almost certainly wipe out any extra revenues from licenses purchased as a result of SPP.
The last irony is that I personally wish SPP would work, and flawlessly. I wish no one on the planet could possibly use Microsoft's "intellectual property" without paying them. The reason should be clear: the vast majority of people using illicit copies of Windows can't afford to buy it, and would thus switch to a free alternative.

0 Comments:

Post a Comment

<< Home