Update on Driver Signing Bypass
I apologize for the lack of news, but after attending CUSEC, I had to spend my time on catching up the two weeks of school and work that I had missed, and exploiting Vista ended up going on the backburner, especially as I had to re-install VMWare 6.0 (which wasn’t being helpful with me) and a new Vista 64-bit image.
That being said, it turns out the code I’ve written does not work out of the box on a Vista RTM system. Although it can be effective when combined with a reboot, this doesn’t provide any advantage of any of the myriad other ways that this could be done (including booting with the disable integrity checks BCD option or the /TESTSIGN flag).
However, it does bypass DRM. As part of the Protected Media Path, (PMP), Windows Vista sets up a number of requirements for A/V software and drivers in order to ensure it complies with the demandes of the media companies. One of these features, which has been heavily criticized as being the actual reason behind driver signing, is that “some premium content may be unavailable” if test signing mode is used. Originally, I assumed that this meant that the kernel would set some sort of variable, but this didn’t make sense: once your unsigned driver could load, it could disable this check. After reading the PMP documentation however, it seems to me that the “feature” explained is more likely the cause of this warning on premium content.
This feature is the ability of the PMP to notify A/V applications that there are unsigned drivers on the system, as well as provide a list of unsigned drivers. The idea is that the application can either outright refuse to play content, or that it can scan for known anti-DRM drivers which might be attempting to hook onto the unencrypted stream. This leads me to believe that it’s up to applications, not the OS, to enforce this DRM check.
The great thing about the code I’ve written is that it does NOT use test signing mode and it does NOT load an unsigned driver into the system. Therefore, to any A/V application running, the system seems totally safe — when in fact, it’s not. Now, because I’m still booting with a special flag, it’s possible for Microsoft to patch the PMP and have it report that this flag is set, thereby disabling premium content. However, beause I already have kernel-mode code running at this point, I can disable this flag in memory, and PMP will never know that it was enabled. Again, Microsoft could fight this by caching the value, or obfuscating it somewhere inside PMP’s kernel-mode code, but as long as it’s in kernel-mode, and I’ve got code in kernel-mode, I can patch it.
To continue this game, Microsoft could then use Patchguard on the obfuscated value…but that would only mean that I can simply disable Patchguard using the numerous methods that Skywing documented in his latest paper.
In the end, the only way that PMP is going to work is with a Hypervisor, and even that will probably fail.
Unfortunately, with almost 0% use for the open source community (which can use test signing mode for their drivers), documenting my method and/or releasing a sample might be viewed as an anti-DRM tool, and defintely a DMCA violation. Although used on its own, this POC doesn’t do anything or go anywhere near the PMP (I don’t even have Protected Media, HDMI, HD-DVD, nor do I know where PMP lives or how someone can intercept decrypted steams), a particularly nasty group of lawyers could still somehow associate the DMCA to it, so I’m not going to take any chances.
It’s quite ironic — Microsoft claims driver signing is to fight malware and increase system stability, so if I get sued under DMCA, wouldn’t that be an admission that driver signing is a “anti-copyright infringment tool”?.
I’d really love to release this tool to the public though, so I will look into my options — perhaps emphasizing the research aspect of it and crippling the binary would be a safe way.
January 28th, 2007 at 2:24 am
You are Canadian right? The DMCA only applies in the US citizens.
http://cjournal.concordia.ca/journalarchives/2005-06/oct_27/005235.shtml
January 28th, 2007 at 5:00 am
if Microsoft will get after your arse, put the white neurotic cat on them… they don’t stand a chance . . .
January 28th, 2007 at 9:00 am
Alex Ionescu
Alex是ReactOS的设计者之一。以下是ReactOS网站上他的简介(http://www.reactos.org/wiki/index.php/Alex_Ionescu):
Early Life…
January 28th, 2007 at 2:36 pm
elendal1 beat me to it. We live in the new land of the free, uninfluenced by and DMCA or Patriot acts =P
January 28th, 2007 at 2:41 pm
I’m highly confident that given what driver signing means for PMP that MS did this for the sole purpose of DRM.
Reading through some MS material, it’s clear that their goal with DRM is to lock people onto windows just as iTunes has people on iPod. They want to ensure that if a users is going to want to play any type of media on a PC or laptop that it must be running Intel ziiv with MS windows vista.
January 29th, 2007 at 2:23 pm
MS Vista DRM kräkitud
Microsoft Vista sisse ehitatud mehhanism, mis keerab videotel kvaliteedi tuksi kui selle vaatamiseks kasutatakse MS poolt heaks kiitmata tarkvara ja riistvara tükke on lahti lammutatud.
January 29th, 2007 at 3:31 pm
Actually, aren’t you Romanian?
Anyways, great work on breaking down some of the rediculous nonsense that only hurts consumers and favours the rich money grubbing business types.
January 29th, 2007 at 3:56 pm
DRM en Vista: crackeado
¡Phew! Finalmente, alguien tiene detalles sobre cómo esquivarse las restricciones malignas de Windows Vista.
¿Cómo funciona la técnica? Es sencillo: evita las firmas digitales que son necesarias para instalar un controlador de dispositivos (p…
January 29th, 2007 at 4:25 pm
[...] I’m gonna cut right to the chase and give this stuff to y’all straight: security researcher Alex Ionescu has just published a claim on his blog that he has developed a means to bypass Window’s Vista’s “Protected Media Path” DRM scheme. Yes, this is the entrenched DRM scheme built into Vista’s very guts that I mentioned a little while ago as being irrelevant to anyone who simply avoids protected media. [...]
January 29th, 2007 at 4:30 pm
[...] And tonight, ladies and Gentlemen in our technobable corner we bring you the story of Alex Ionescu, who got “around” the Vista PMP (Protected Media Path) which is supposed to prevent you, honest consumer from playing your honestly purchased HDDVD on an “un-certified” computers. [...]
January 29th, 2007 at 4:44 pm
[...] fonte: http://www.alex-ionescu.com [...]
January 29th, 2007 at 5:16 pm
[...] There is very little reason for you to “upgrade” (sick euphemism, at best) to Vista since it is defective by design. However, in interesting news, the upcoming DRM — which prevents you from doing many tasks — has been cracked by a Romanian. [...]
January 29th, 2007 at 5:24 pm
Mulţumim, Alex! Şi noroc!
January 29th, 2007 at 5:37 pm
Microsoft is a corporation and a corporation can not reach parity with a living soul. Trouble is, when they drag you into court they presume (and you do not rebut it, so it stands) that you are the surety for the corporation named ALEX IONESCU.
Folks, this corruption, is so wide, so deep and so tall, there is no way to clean it up, no way at all.
Hava lookit http://www.detaxcanada.org/cmlawintro.htm
(a long read but worth it).
January 29th, 2007 at 6:53 pm
[...] It sounds like we may have another name to add to the pantheon of anti-DRM digital freedom fighters: Alex Ionescu, who’s claiming his driver signing bypass method allows end users to bypass Vista’s Protected Media Path DRM (the junky stuff that prevents you from watching “premium” content and HD material on non-HDCP outputs, like component, VGA, older HDMI TVs, etc.) Using Alex’s technique (which has yet to be released to the general public, for fear of going the way of our man Viodentia), no unsigned drivers are loaded in the process, thereby convincing the media applications that are scanning for anti-DRM “badware” that everything’s peachy, go ahead and output that signal even though it may be through the analog hole. We’ll all be waiting, Alex, for you to move to Sealand so you can release the hack, we’ve got a lot of HD DVD and Blu-ray movies to watch, and not a lot of patience for HDCP-carrying gear. [...]
January 29th, 2007 at 7:04 pm
[...] It sounds like we may have another name to add to the pantheon of anti-DRM digital freedom fighters: Alex Ionescu, who’s claiming his driver signing bypass method allows end users to bypass Vista’s Protected Media Path DRM (the junky stuff that prevents you from watching “premium” content and HD material on non-HDCP outputs, like component, VGA, older HDMI TVs, etc.) Using Alex’s technique (which has yet to be released to the general public, for fear of going the way of our man Viodentia), no unsigned drivers are loaded in the process, thereby convincing the media applications that are scanning for anti-DRM “badware” that everything’s peachy, go ahead and output that signal even though it may be through the analog hole. We’ll all be waiting, Alex, for you to move to Sealand so you can release the hack, we’ve got a lot of HD DVD and Blu-ray movies to watch, and not a lot of patience for HDCP-carrying gear. [...]
January 29th, 2007 at 7:05 pm
[...] It sounds like we may have another name to add to the pantheon of anti-DRM digital freedom fighters: Alex Ionescu, who’s claiming his driver signing bypass method allows end users to bypass Vista’s Protected Media Path DRM (the junky stuff that prevents you from watching “premium” content and HD material on non-HDCP outputs, like component, VGA, older HDMI TVs, etc.) Using Alex’s technique (which has yet to be released to the general public, for fear of going the way of our man Viodentia), no unsigned drivers are loaded in the process, thereby convincing the media applications that are scanning for anti-DRM “badware” that everything’s peachy, go ahead and output that signal even though it may be through the analog hole. We’ll all be waiting, Alex, for you to move to Sealand so you can release the hack, we’ve got a lot of HD DVD and Blu-ray movies to watch, and not a lot of patience for HDCP-carrying gear. [...]
January 29th, 2007 at 7:48 pm
[...] It sounds like we may have another name to add to the pantheon of anti-DRM digital freedom fighters: Alex Ionescu, who’s claiming his driver signing bypass method allows end users to bypass Vista’s Protected Media Path DRM (the junky stuff that prevents you from watching “premium” content and HD material on non-HDCP outputs, like component, VGA, older HDMI TVs, etc.) Using Alex’s technique (which has yet to be released to the general public, for fear of going the way of our man Viodentia), no unsigned drivers are loaded in the process, thereby convincing the media applications that are scanning for anti-DRM “badware” that everything’s peachy, go ahead and output that signal even though it may be through the analog hole. We’ll all be waiting, Alex, for you to move to Sealand so you can release the hack, we’ve got a lot of HD DVD and Blu-ray movies to watch, and not a lot of patience for HDCP-carrying gear. [...]
January 29th, 2007 at 8:24 pm
[...] read more | digg story [...]
January 29th, 2007 at 8:49 pm
Vista PMP Already Cracked?
Update on Driver
Signing Bypass (Alex Ionescu’s Blog) (Via
Engadget)| Alex Ionescu appears…
January 29th, 2007 at 9:01 pm
[...] Vista’s DRM is probably it’s most controversial ‘feature’. It reduces the functionality, and increases the cost of your computer, as I have posted here. Now comes news that one day before Vista is released to the public, its DRM and Protected Media Path (PMP) have been cracked. That being said, it turns out the code I’ve written does not work out of the box on a Vista RTM system. Although it can be effective when combined with a reboot… However, it does bypass DRM… The great thing about the code I’ve written is that it does NOT use test signing mode and it does NOT load an unsigned driver into the system. Therefore, to any A/V application running, the system seems totally safe — when in fact, it’s not. [...]
January 29th, 2007 at 9:06 pm
[...] read more | digg story Bookmark to: [...]
January 29th, 2007 at 9:08 pm
[...] read more | digg story [...]
January 29th, 2007 at 9:17 pm
[...] It sounds like we may have another name to add to the pantheon of anti-DRM digital freedom fighters: Alex Ionescu, who’s claiming his driver signing bypass method allows end users to bypass Vista’s Protected Media Path DRM (the junky stuff that prevents you from watching “premium” content and HD material on non-HDCP outputs, like component, VGA, older HDMI TVs, etc.) Using Alex’s technique (which has yet to be released to the general public, for fear of going the way of our man Viodentia), no unsigned drivers are loaded in the process, thereby convincing the media applications that are scanning for anti-DRM “badware” that everything’s peachy, go ahead and output that signal even though it may be through the analog hole. We’ll all be waiting, Alex, for you to move to Sealand so you can release the hack, we’ve got a lot of HD DVD and Blu-ray movies to watch, and not a lot of patience for HDCP-carrying gear. [...]
January 29th, 2007 at 9:17 pm
[...] It sounds like we may have another name to add to the pantheon of anti-DRM digital freedom fighters: Alex Ionescu, who’s claiming his driver signing bypass method allows end users to bypass Vista’s Protected Media Path DRM (the junky stuff that prevents you from watching “premium” content and HD material on non-HDCP outputs, like component, VGA, older HDMI TVs, etc.) Using Alex’s technique (which has yet to be released to the general public, for fear of going the way of our man Viodentia), no unsigned drivers are loaded in the process, thereby convincing the media applications that are scanning for anti-DRM “badware” that everything’s peachy, go ahead and output that signal even though it may be through the analog hole. We’ll all be waiting, Alex, for you to move to Sealand so you can release the hack, we’ve got a lot of HD DVD and Blu-ray movies to watch, and not a lot of patience for HDCP-carrying gear. [...]
January 29th, 2007 at 9:29 pm
[...] It sounds like we may have another name to add to the pantheon of anti-DRM digital freedom fighters: Alex Ionescu, who’s claiming his driver signing bypass method allows end users to bypass Vista’s Protected Media Path DRM (the junky stuff that prevents you from watching “premium” content and HD material on non-HDCP outputs, like component, VGA, older HDMI TVs, etc.) Using Alex’s technique (which has yet to be released to the general public, for fear of going the way of our man Viodentia), no unsigned drivers are loaded in the process, thereby convincing the media applications that are scanning for anti-DRM “badware” that everything’s peachy, go ahead and output that signal even though it may be through the analog hole. We’ll all be waiting, Alex, for you to move to Sealand so you can release the hack, we’ve got a lot of HD DVD and Blu-ray movies to watch, and not a lot of patience for HDCP-carrying gear. [...]
January 29th, 2007 at 9:43 pm
[...] Alex Ionescu, un investigador de seguridad en Montreal, ha publicado detalles acerca de cómo saltarse el sistema DRM de Windows Vista y poder obtener una copia a plena resolución, no encriptada y en alta definición de cualquier contenido originalmente sujeto a las restricciones impuestas por el sistema operativo. Aunque no ha publicado todavía el código fuente de su crack, por temor a las responsabilidades en que podría incurrir en función de la DMCA, lo publicado deja evidencia suficiente acerca del procedimiento utilizado. La idea es evitar las firmas digitales requeridas para la instalación de dispositivos, e inyectar un código que permita el desvío de la salida de señal a algún otro dispositivo, o a un archivo, generando una copia limpia (nunca mejor dicho lo de “limpia”). Pero Alex, de hecho, ha conseguido incluso saltarse la protección sin necesidad de inyectar el driver adicional, haciendo que el sistema parezca seguro a todos los efectos, cuando en realidad ya no lo es. [...]
January 29th, 2007 at 10:24 pm
[...] This time, it’s Windows Vista’s DRM scheme. [...]
January 29th, 2007 at 10:27 pm
Windows Vista DRM Cracked
Security researcher and ReactOS developer Alex Ionescu has successfully cracked Vista’s Protected Meda Path and bypassed Vista’s DRM.
January 29th, 2007 at 11:22 pm
[...] It appears that Alex Ionescu cracked the Vista DRM. At least he claims that he did. History likes to repeat itself… This will likely be like DeCSS all over again. DRM is just a flawed idea. [...]
January 29th, 2007 at 11:55 pm
Alex Ionescu’s Blog » Update on Driver Signing Bypass
I apologize for the lack of news, but after attending CUSEC, I had to spend my time on catching up the two weeks of school and work that I had missed, and exploiting Vista ended up going on the backburner, especially as I had to re-install VMWare 6.0 (…
January 30th, 2007 at 12:09 am
[...] That didn’t take long, Bill is thought to be visiting the Jon Stewart Daily Show tonight to brag about the security of Vista and a student living in Montreal has already cracked the DRM and PMP while still in his first year of obtaining a bachelor’s degree in software engineering. Seems the degree is just to put another feather in his cap, he’s been chopping through kernel layers since his teens and is a major player for the ReactOS. [...]
January 30th, 2007 at 12:44 am
You must be Romanian, right? One of my dearest friends lives in Bucharest
January 30th, 2007 at 1:52 am
[...] Vista DRM lollitati ära - Update on Driver Signing Bypass (Alex Ionescu´s Blog) [...]
January 30th, 2007 at 3:32 am
Vista DRM Already Hacked?
Vista hasn’t been out for more than 24 hours and yet rumors are spreading that it’s already been hacked. Alex lonescu claims he’s hacked Vista’s Protected Media Path, a DRM that’s designed to degrade the playback quality of HD…
January 30th, 2007 at 4:18 am
[...] Alex Ionescu, one of the folks behind ReactOS, writes on his blog that he’s pretty much cracked Vista’s DRM. woot! Why not stop this DRM thingy and spend the money on optimization instead? Let’s face it; DRM is useless and so are all the various copy-protections known to man at this point. They never work as they’re intended to and they never will. As said many times before: as long as you can listen to and view the actual content - you can copy it. That’s the way it’s always been and it will stay this way. You can DRM this and HDCP that all you want but the harder you try, the harder it will eventually be cracked. [...]
January 30th, 2007 at 4:22 am
[...] Update on Driver Signing Bypass [via Electronista] [...]
January 30th, 2007 at 4:44 am
Bakvg frbi Vistas DRM existerar
Alex Ionescu har hittat en bakvg frbi Vistas DRM-skydd. Detta innebr fri uppspelning, utan alla begrnsningar systemet levereras med.
January 30th, 2007 at 4:56 am
[...] It sounds like we may have another name to add to the pantheon of anti-DRM digital freedom fighters: Alex Ionescu, who’s claiming his driver signing bypass method allows end users to bypass Vista’s Protected Media Path DRM (the junky stuff that prevents you from watching “premium” content and HD material on non-HDCP outputs, like component, VGA, older HDMI TVs, etc.) Using Alex’s technique (which has yet to be released to the general public, for fear of going the way of our man Viodentia), no unsigned drivers are loaded in the process, thereby convincing the media applications that are scanning for anti-DRM “badware” that everything’s peachy, go ahead and output that signal even though it may be through the analog hole. We’ll all be waiting, Alex, for you to move to Sealand so you can release the hack, we’ve got a lot of HD DVD and Blu-ray movies to watch, and not a lot of patience for HDCP-carrying gear. [...]
January 30th, 2007 at 5:02 am
[...] Y para muestra un botn, el mismo da que se publica Vista se anuncia que sus DRM han sido crackeados (ms detalles), igualito a lo que sucedi con el Zune. Tambin Bill Gates dej por ah alguna perlita. A buen entendedor… [...]
January 30th, 2007 at 6:15 am
The vista kernel protection can be cracked as long as the hardware can’t provide the required means of protection. If the software that loads the vista kernel is not trusted, then the kernel can’t be secured. With the use of a TPM chip, or the integration of this technology into the cpu or the motherboard, the vista kernel can be sure that nobody tampered with its boot process and the result is a trusted platform. Limiting content playback to trusted platforms results in a secure drm solution that can only be breaked by extracting the hardware keys or by breaking the aes128 encryption that protects the content. The microsoft xbox360 system contains the encryption/tpm system in the cpu’s cache, so even the system memory is encrypted. This stops any software and most hardware based attacks. Intel plans to add this ‘feature’ to all of its future products aimed to be vista compatbile.
January 30th, 2007 at 6:44 am
[...] Der kanadischer Programmierer Alex Ionescu behauptet in seinem Blog, dass es ihm gelungen sei, das DRM-System von Windows Vista zu umgehen. Genauer gesagt, hebelte er das Modell signierter Treiber des Protected Media Path aus. Zu Deutsch: Wenn eine Komponente des Rechners einen DRM-Standard nicht untersttzt, so verweigert Vista die Wiedergabe (Protected Media Path). Z.B. muss der digitale Monitor die gngige DVD-Verschlsselung beherrschen, sonst spielt Vista den Film nicht in voller HD-Qualitt ab. Andernfalls knnte der Anwender am digitalen Ausgang mitschneiden. [...]
January 30th, 2007 at 6:47 am
Alex, when you and I were hacking VB to smithereens on PSC, I never imagined I’d one day read of your exploits on the Inquirer.net… congrats! -Paul.
January 30th, 2007 at 7:18 am
Das ging ja schnell
Kaum draußen und schon wurde eins der wesentlichen "Features" von Windows Vista gehackt. Alex Ionescu hat bei Arbeiten für ReactOS (Windows ohne Microsoft) wohl mehr oder weniger aus Versehen einen Weg gefunden, den "Protected Media Pat
January 30th, 2007 at 7:56 am
DRM do Vista crackado
O hacker Alex Ionescu conseguiu derrotar a proteco DRM usada no Windows Vista. Assim, vai ser possvel ver no Windows contedos no permitidos - sobretudo faixas de udio e filmes piratas.
January 30th, 2007 at 8:44 am
[...] Security researcher and ReactOS developer Alex Ionescu has successfully cracked Vista’s Protected Meda Path and bypassed Vista’s DRM.read more | digg story [...]
January 30th, 2007 at 8:59 am
Il DRM di Vista stato crackato
Il famoso ricercatore Alex Ionescu afferma di aver crackato con successo Protected Media Path, il DRM pi discusso integrato nel nuovo Windows Vista. Il DRM in questione stato progettato per ridurre la qualit audio e video dei filmati eseguiti su hw
January 30th, 2007 at 9:20 am
[...] …launches today. There are plenty of reasons not to upgrade, but if you’re worried about the ability of M$ to stop you watching things you’ve paid for at their whim, fret no more, the DRM controls of Vista have just been successfully (and as far as I can determine, permanently) bypassed: which just goes to show that there’s no point spending money on digital protection when you should be spending it on better marketing strategies. From another direction though, there’s a lot of hidden legalese in the EULA (End-User License Agreement) that is making some lawyers rather concerned. [...]
January 30th, 2007 at 9:51 am
[...] xmen bitch Security researcher and ReactOS developer Alex Ionescu has successfully cracked Vista’s Protected Meda Path and bypassed Vista’s DRM. xmen cyclopse sunglassesread more | digg story [...]
January 30th, 2007 at 10:04 am
[...] Kurz nach dem offiziellen Verkaufsstart des neuen Betriebssystems Windows Vista ist Vistas Protected Media Path bereits geknackt. Wie Gulli berichtet, hat Alex Ionescu einen Vista-DRM-Hack entwickelt, der die Aktivierung des Protected Media Path unbemerkt verhindert und dem Betriebssystem ein unverändertes System vorgaukelt. Der Hack selbst wurde noch nicht veröffentlicht. [...]
January 30th, 2007 at 10:32 am
[...] Oh, and the PMP (Yes, pronounced like that)- the Protected Media Pipeline. Already cracked by Alex Ionescu- see here. It’s designed to stop you accessing protected content by preventing you from being able to record it out. It does things like turning off unsecure outputs and monitoring what is viewing it. From Wikipedia: The Protected Environment in which DRM content is played contains the media components that play DRM content, so the application only needs to provide remote control (Play, Rewind, Pause, and so on), rather than having to handle unprotected content data. The Protected Environment also provides all the necessary support for Microsoft-approved (”signed”) third-party software modules to be added. It provides a “wall” against outside copying, where within the walls, content can be processed without making the content available to unapproved software. [...]
January 30th, 2007 at 10:43 am
[...] El autor, Alex Ionescu, ha revelado detalles técnicos de su proeza. El “hack” que ha desarrollado le permite reveritr el sistema de tecnología anti-copia de Windos y conseguir un vídeo de alta definición, desencriptado y a pantalla completa. [...]
January 30th, 2007 at 12:12 pm
[...] 原作者的文 在 Update on Driver Signing Bypass 這篇。 [...]
January 30th, 2007 at 12:17 pm
[...] O programador Alex Ionescu revelou no ltimo domingo (28/01) que possvel burlar a limitao imposta na execuo de drivers no-assinados no Windows Vista. A quebra torna possvel, por meio do uso de drivers especiais, a cpia do contedo de adio e vdeo que passa pela memria do computador. A limitao faz parte do conjunto de protees antipirataria do novo sistem da Microsoft. [...]
January 30th, 2007 at 12:41 pm
[...] linkage [...]
January 30th, 2007 at 1:13 pm
DRM of Vista broken?
This was not unexpected, but this made my day: Alex Ionescu writes in his blog, that he is able to break the digital rights management of vista. He was able to deactivate driver signing and thus he can inject a driver that circumvents the copyright protec
January 30th, 2007 at 1:23 pm
[...] DRM/asinine license terms cracked (fuck you M$) [...]
January 30th, 2007 at 2:22 pm
[...] Vista DRM Cracked! [...]
January 30th, 2007 at 2:34 pm
Windows Vista stato crackato
L’esperto di informatica rumeno-canadese Alex Ionescu riuscito a crackare Windows Vista, il giorno stesso del lancio su scala mondiale del nuovo sistema operativo Microsoft.
January 30th, 2007 at 4:02 pm
[...] Hello Mr. Bill Gates. Hello M$ Romania. Please read this “Security researcher Alex Ionescu claims to have successfully bypassed the much discussed DRM protection in Windows Vista, called ‘Protected Media Path’ (PMP), which is designed to seriously degrade the playback quality of any video and audio running on systems with hardware components not explicitly approved by Microsoft. The bypass of the DRM protection was in turn performed by breaking the Driver Signing / PatchGuard protection in the new operating system. Alex is now quite nervous about what an army of lawyers backed by draconian copyright laws could do to him if he released the details, but he claims to be currently looking into the details of safely releasing his details about this at the moment though.” [...]
January 30th, 2007 at 4:19 pm
Will man Windows Vista wirklich haben?
Einerseits hat Microsoft bereits neun Updates für Vista veröffentlicht, drei davon als wichtig gekennzeichnet, andererseits scheint bereits das DRM von Vista geknackt worden zu sein. Die eine Meldung spricht gegen Vista, die andere dafür :->
January 30th, 2007 at 5:13 pm
[...] Hoje o Windows Vista foi lançado oficialmente, mas antes mesmo de ser lançado, um programador do Canadá chamado Alex Ionescu, afirmou em seu blog no último domingo dia 28/01 que conseguiu quebrar a tão polêmica proteção DRM do Windows Vista. [...]
January 30th, 2007 at 5:40 pm
[...] Posted by Rodney.Campbell at January 31st, 2007 Vista DRM Cracked by Security Researcher? [...]
January 30th, 2007 at 9:56 pm
[...] Más información en los enlaces que os ofrecemos a continuación: Artículo en el Blog de Alex Ionescu Artículo en Error500.net [...]
January 31st, 2007 at 1:28 am
[...] In seinem Weblog berichtet jetzt der kanadische Softwareentwickler Alex Ionescu - einer der Prgrammierer der quelloffenen Windows-Alternative ReactOS - , dass er eine Methode gefunden habe, die es ihm ermöglichen würde, das DRM-System der 64-Bit-Version von Vista auszuhebeln. [...]
January 31st, 2007 at 2:24 am
[...] Vía, vía. Más información: Alex Ionescu [...]
January 31st, 2007 at 4:59 am
希望作者继续努力,我们都等着用呢…
微软vista不堪一击,迟早攻破,仅是时间问题…
January 31st, 2007 at 5:41 am
po jie de hao kuai ya!
http://www.sitelive.cn/bbs
January 31st, 2007 at 5:51 am
VistaのDRMがもうハック?
発売から2日も経ってないのに、もうVistaハックの噂ですよ。 アレックス・ロネ…
January 31st, 2007 at 5:59 am
[...] Nheres dazu gibts hier. [...]
January 31st, 2007 at 8:59 am
[...] Según anota en su blog, Alex Ionescu ha conseguido saltar la protección DRM de Windows Vista. La técnica utilizada consiste en evitar las firmas requeridas cuando se instala un dispositivo, añadiendo durante el proceso una porción de código que altere el proceso. Pudiendo disponer de todas las características del sistema, sin que el DRM realice su trabajo. Está claro que era cuestión de tiempo, a ver si en Redmond (y muchos otros sitios) se enteran de que no se les puede poner puertas al campo. [...]
January 31st, 2007 at 10:06 am
[...] Več o zadevi si lahko preberete na njegovem blogu. [...]
January 31st, 2007 at 12:24 pm
[...] Posteado el Enero 31st, 2007 por Ernes. Categorias: Varias. El mismo día que se comercializa Windows Vista se anuncia que las protecciones DRM que incluye han sido crackeadas. Alex Ionesco, un investigador canadiense especializado en seguridad informática afirma haber superado las protecciones DRM de la última versión del sistema operativo de Microsoft. Ionesco asegura haber conseguido burlar los sistemas de protección que incluye Vista, y reproducir vídeo en alta definición en dispositivos hardware no aprobados por Microsoft y que no verifican las reglas de DRM. [...]
January 31st, 2007 at 1:09 pm
[...] Secondo quanto si legge nel suo blog, Alex evidenzia come Vista abbia messo a punto una serie di software complementari e di driver per venire incontro alle esigenze dei produttori di media e periferiche. [...]
January 31st, 2007 at 1:25 pm
Z! - News: Mittwoch, 31.01.2007
Moderator: Timon Royer
Themen:
PDF soll ISO-Standard werden
Erste Wii-Modchips verfügbar
ZDF stellt Krimiserie vor TV-Ausstrahlung online
Vista-Upgrade verlangt funktionierendes Windows-System
DRM von Vista angeblich ausgehebelt
ISDN-Flatrate
January 31st, 2007 at 1:31 pm
[...] Buenas noticias para nuestros amigos de Redmond: La protección DRM de Windows Vista ha sido crackeada por un hacker llamado Alex Lonescu. [...]
January 31st, 2007 at 3:42 pm
[...] It looks (though I haven’t personally confirmed) that Vista’s DRM has already been cracked. Brilliant! [...]
January 31st, 2007 at 6:13 pm
[...] It sounds like we may have another name to add to the pantheon of anti-DRM digital freedom fighters: Alex Ionescu, who’s claiming his driver signing bypass method allows end users to bypass Vista’s Protected Media Path DRM (the junky stuff that prevents you from watching “premium” content and HD material on non-HDCP outputs, like component, VGA, older HDMI TVs, etc.) Using Alex’s technique (which has yet to be released to the general public, for fear of going the way of our man Viodentia), no unsigned drivers are loaded in the process, thereby convincing the media applications that are scanning for anti-DRM “badware” that everything’s peachy, go ahead and output that signal even though it may be through the analog hole. We’ll all be waiting, Alex, for you to move to Sealand so you can release the hack, we’ve got a lot of HD DVD and Blu-ray movies to watch, and not a lot of patience for HDCP-carrying gear. [...]
January 31st, 2007 at 7:11 pm
[...] Blog do Alex Ionescu [...]
January 31st, 2007 at 9:18 pm
Programador quebra recurso de DRM do Windows Vista
Parece que a DRM (Digital Rights Management) que é impositória está indo por água abaixo. O que é DRM?
January 31st, 2007 at 10:36 pm
EFF - miniLinks for 2007-01-30.
February 1st, 2007 at 2:35 am
[...] E che dire per la sicurezza? Zio Bill ne fa un elemento portante di Vista, e non c’è dubbio che parecchie falle siano state turate. Vista sar certamente più sicuro (o meglio, meno insicuro) di XP. Ma nei circuiti della criminalit organizzata c’è gi chi vanta e vende exploit per Vista. Ed è recentissima la notizia che i sistemi anticopia di Vista sono gi stati bucati in parte da Alex Ionescu. Per non parlare del fatto che gi si prevede un Service Pack “di elevato impatto” entro fine 2007, come dice Punto Informatico. [...]
February 1st, 2007 at 4:03 am
How not to be a Microsoft Student Ambassador
February 1st, 2007 at 8:50 am
[...] Update on Driver Signing Bypass February 1, 2007 at 3:59 pm | In Uncategorized | http://www.alex-ionescu.com/?p=24 [...]
February 1st, 2007 at 9:49 am
[...] Bereits 24 Stunden nach dem offiziellen Verkaufsbeginn von Vista ans Fußvolk hat Alex Ionescu verlautet, er habe den Protected Media Path geknackt, das Vista-DRM, das die Wiedergabequalität von HD-Video verschlechtern soll, wenn es an Nicht-HDCP-Ausgänge und andere Hardware-Komponenten gespielt wird, die nicht von Microsoft abgesegnet sind. Details nennt Ionescu allerdings nicht, da er verständlicherweise Angst vor den MS-Anwälten hat. Warten wir also ab, bis aus irgend einer dunklen Ecke des Internets mehr Informationen auftauchen. [...]
February 1st, 2007 at 12:53 pm
[...] Writing in his bog, he said that Windows Vista sets up a number of requirements for audio-visual software and drivers in order to ensure it complies with the demands of the media companies. [...]
February 1st, 2007 at 1:31 pm
[...] 3. விஸ்டாவின் மாபெரும் மேம்பாடு என்று அதன் Digital Rights Management (DRM) சங்கேதம் பற்றி மைக்ரோஸாஃப்ட் மார்தட்டிக் கொண்டிருக்கிறது. நேற்று இங்கே கனடாவின் கன்கார்டியா பல்கலைக்கழத்தில் (மாந்ட்ரியால்) அலெக்ஸ் இயனெஸ்கு என்ற மாணவரால் இந்த DRM சங்கேதம் தகர்க்கப்பட்டிருக்கிறது. விஸ்டா அதன் பல பயன்பாடுகளுக்கு இந்த சங்கேதத்தை முழுவதுமாகச் சார்ந்திருக்கிறது. உதாரணமாக, மைக்ரோஸாஃப்டால் அங்கீகரிக்கப்படாத ஒரு கிராஃபிக்ஸ் கார்டை நிறுவினால் உடனே டி.ஆர்.எம் தலையிட்டு விஸ்டாவின் முக்கிய கண்கவர் செயற்பாடுகளை நிறுத்திவிடும். (அதாவது இப்படி செயற்பாட்டை நிறுத்துவதன் மூலம் நீங்கள் மைக்ரோஸாஃப்ட் கைகாட்டும் வன்கலனை மட்டுமே வாங்கமுடியும்). நேரடியாகக் காசுகொடுத்து வாங்காத பாடல் உங்கள் கணினியில் இருந்தால் அதைப் பாடவைக்க முடியாது. However, it does bypass DRM. As part of the Protected Media Path, (PMP), Windows Vista sets up a number of requirements for A/V software and drivers in order to ensure it complies with the demandes of the media companies. One of these features, which has been heavily criticized as being the actual reason behind driver signing, is that “some premium content may be unavailable” if test signing mode is used. Originally, I assumed that this meant that the kernel would set some sort of variable, but this didn’t make sense: once your unsigned driver could load, it could disable this check. After reading the PMP documentation however, it seems to me that the “feature” explained is more likely the cause of this warning on premium content. [...]
February 1st, 2007 at 3:31 pm
[...] Items of the week: YouTube videos by Fingersmoran (Chad) Defeating Windows Vista’s DRM (Marc) Macro images from 4chan.org (Roxanne) CBC Radio 3 (Colin) [...]
February 1st, 2007 at 3:39 pm
[...] Alex Ionescu’s Blog » Update on Driver Signing Bypass (tags: Windows Vista) [...]
February 2nd, 2007 at 7:40 am
http://chauvesouris.wordpress.com/2007/02/02/on-ne-peut-pas-rater-la-sortie-de-vista-ms-3/
On ne peut pas rater la sortie de Vista (MS ~) (3)
Pour continuer en beauté sur Vista, je ne saurais que vous conseiller de lire l’excellent article de Peter Gutmann, pgut001@cs.auckland.ac.nz. Analyse du coût de la protection de contenu de Windows Vista. Pour faire simple, les contenus de première qualité (films Haute Définition, Super Audio CD, etc) ne doivent pas être fournis à des périphériques (carte audio, carte graphique, Téléviseur, etc) qui ne vous interdisent pas
[...]
February 2nd, 2007 at 7:43 am
[...] El mismo día que se comercializa Windows Vista se anuncia que las protecciones DRM que incluye han sido crackeadas…Alex Ionesco, un investigador canadiense especializado en seguridad informática afirma haber superado las protecciones DRM de la última versión del sistema operativo de Microsoft. Ionesco asegura haber conseguido burlar los sistemas de protección que incluye Vista, y reproducir vídeo en alta definición en dispositivos hardware no aprobados por Microsoft y que no verifican las reglas de DRM. [...]
February 3rd, 2007 at 1:03 pm
[...] http://www.alex-ionescu.com/?p=24 Incoherencias parecidas: [...]
February 4th, 2007 at 5:09 pm
[...] Posted by Rodney.Campbell at February 5th, 2007 Windows Vista has barely been released, and already the driver signing on the 64 bit version has been circumvented. The 64 bit version only permits signed drivers in an attempt to enforce that every driver fully implements the Protected Media Path that was incorporated into Vista at the behest of the major media conglomerates (and at the cost of the consumers who now have to live with less stable/proven - drivers need to be re-engineered which takes time and money - drivers for crucial system components). [...]
February 5th, 2007 at 3:54 pm
[...] Оригинальный текст (engl) здесь: Update on Driver Signing Bypass [...]
February 6th, 2007 at 4:39 am
[...] Onderzoeker claimt kraak beveiliging Vista-drm February 6, 2007 on 10:48 am | In Security | Beveiligingsonderzoeker Alex Ionescu beweert het rechtenbeheer van Windows Vista te kunnen passeren. Uit angst voor de wetgeving in de VS houdt hij de bewijzen geheim. De expert beschrijft op zijn blog in algemene termen hoe de aanval verloopt, zonder dit met code te onderbouwen. [...]
February 6th, 2007 at 7:20 pm
[...] as it means their high definition digital masters are much harder to steal (provided you ignore this report by security researcher Alex [...]
February 8th, 2007 at 7:18 am
[...] Read | Permalink | Email this | Comments [...]
February 9th, 2007 at 2:42 pm
[...] and “licensed” hardware. Oh, and the DRM has already been hacked ( http://www.alex-ionescu.com/?p=24) so the pirates will not be slowed down at all, just the paying customers. All this comes at a time [...]
February 18th, 2007 at 9:24 am
[...] Alex Ionescu’s Thoughts (a developer for the free and open source ReactOS, Windows clone): http://www.alex-ionescu.com/?p=24 [...]
February 18th, 2007 at 10:03 am
[...] Alex Ionescu’s Thoughts (a developer for the free and open source ReactOS, Windows clone): http://www.alex-ionescu.com/?p=24 [...]
February 25th, 2007 at 3:29 am
[...] are still things that it could do without turning into a global advertisement for Microsoft’s flawed DRM [...]
February 28th, 2007 at 7:06 am
[...] ומיקרוסופט אף פעם לא לומדים. DRM וסף (ראשון?) של ויסטה היום פוצח, ולמרות שאפילו ללא פירסום קוד, זה הישג. בכל מקרה אם [...]
March 21st, 2007 at 3:10 pm
[...] 0. http://www.alex-ionescu.com/?p=24 1. [...]
March 27th, 2007 at 1:21 am
[...] the reverse engineering prodigy who came into limelight when news spread that he found a way to bypass the Microsoft Vista DRM, had interviews with 3 of the world’s top software companies - Microsoft, Google and Apple - [...]
April 1st, 2007 at 2:54 am
[...] in HD quality on your computer. The first, which dates back to January this year was described by Alex Ionescu in his own [...]
April 1st, 2007 at 9:30 am
[...] in HD quality on your computer. The first, which dates back to January this year was described by Alex Ionescu in his own blog. This feature is the ability of the PMP to notify A/V applications that there are [...]
April 2nd, 2007 at 5:09 pm
[...] de alta definición en tu ordenador. Lo primero, que viene desde Enero de este año fue descrito por Alex Ionescu en su propio blog.Esta característica es la habilidad de que un dispositivo de medios portable [...]
April 10th, 2007 at 9:22 am
[...] am not sure if I fully understood the whole buzz of the new Microsoft bang. Firstly, there was the woooed Vista DRM that was cracked the very same day it was released (also in Slashdot). Then there was buzz about how unsafe it was and the thousand security patches [...]
April 13th, 2007 at 12:23 pm
Vista PMP Already Cracked?
Update on Driver Signing Bypass (Alex Ionescu’s Blog) ( Via Engadget )| Alex Ionescu appears to have
April 20th, 2007 at 9:56 am
[...] Que el mismo dia que se comerciliza Vista sea hackeado su DRM [...]
May 7th, 2007 at 8:01 am
[...] and stop the pirates. If so, I hate to inform you that Vista’s security measures were hacked the same day Vista was released. This hack has not been made public, but it shows that once again, the only people affected by the [...]
June 23rd, 2007 at 6:26 pm
[...] Via Blog | Alex Ionescu [...]
July 19th, 2007 at 9:29 pm
[...] Vista DRM subverted - “If I get sued under DMCA, wouldn’t that be an admission that driver s… Researcher Alex Ionesco’s hack bypasses Vista’s anti-copying technology and allows for full-res, unencrypted high-def video streams. As long as it’s in kernel-mode, and I’ve got code in kernel-mode, I can patch it. [...]
August 23rd, 2007 at 5:43 am
[...] die FuZo berichtet wurde das digitale Rechtemanagement (DRM) in Vista angeblich bereits von Alex Ionescu, einem Mitentwickler des Betriebssystemes ReactOS, umgangen. [...]
September 27th, 2007 at 2:22 am
[...] then there’s the spectre of the technology getting cracked. In fact, Alex Ionescu has found a potential way to fool the Protected Media Path (called Protected Video Path in a ComputerWorld Security article) [...]
October 27th, 2007 at 1:28 am
[...] Artículo en el Blog de Alex Ionescu Artículo en Error500.net [...]
December 14th, 2007 at 11:48 am
Review: Windows XP
I have finally decided to take the plunge. Last night I upgraded my Vista desktop machine to Windows
December 16th, 2007 at 12:05 pm
[...] Σε κάθε περίπτωση, η υποστήριξη του DRM στα Vista δεν δούλευε ούτως ή άλλως σωστά, μόλις αυτά [...]
December 16th, 2007 at 12:41 pm
[...] and refuse to assume that its loyal customers are criminals. In any case, the DRM built into Vista was broken shortly after its release anyway. Conclusion To be honest there is only one conclusion to be made; [...]
December 17th, 2007 at 5:05 am
The Advantages of Upgrading From Vista To XP
I have finally decided to take the plunge. Last night I upgraded my Vista desktop machine to Windows
December 23rd, 2007 at 8:48 pm
[...] Gadgets, Household - Gizmodo wrote an interesting post today on Alex Ionescuâs Blog » Update on Driver Signing BypassHere’s a quick excerpt114 Responses to “Update on Driver Signing Bypass … einer der Prgrammierer der quelloffenen Windows-Alternative … on 31 Jan 2007 at 5:59 am 68. marderh.blog » Windows Vista DRM … [...]
January 1st, 2008 at 5:30 am
[...] Terminally Incoherent wrote an interesting post today on Alex Ionescuâs Blog » Update on Driver Signing BypassHere’s a quick excerpt … is with a Hypervisor, and even that will probably fail. … 118 Responses to “Update on Driver Signing Bypass … on 31 Jan 2007 at 5:59 am 68. marderh.blog » Windows Vista DRM … [...]
January 3rd, 2008 at 1:35 pm
[...] and refuse to assume that its loyal customers are criminals. In any case, the DRM built into Vista was broken shortly after its release [...]
January 4th, 2008 at 10:16 am
[...] Vista Forums wrote an interesting post today on Comment on Update on Driver Signing Bypass by Windows Update Fail »Here’s a quick excerpt[…] Terminally Incoherent wrote an interesting post today on Alex Ionescuâ… [...]
January 25th, 2008 at 2:44 pm
What we are forgetting is one simple thing.
It doesnt matter whether or not DRM and what Microsoft’s Unsigned Driver Installation policy
is.
Whether or not they are GOOD or BAD.
Those are MOOT issues, because the fact is
what matters is CHOICE. And when one person
takes your CHOICE away they have become your dictator.
Socialism isnt bad per say, Communisim however was,
and the difference was CHOICE.
If I want to run an unsigned driver and run the risk
of someone totally screwing up my Vista installation, it should be MY OPTION to do so.
That is freedom.
It does NOT matter what YOUR OPINION is.
It is MY PERSONAL CHOICE. Get it? Freedom,
liberty, the democratic way?
Don’t give in to fascist regiems. Yes you can
agree that their policy is good, fine. But
dont take away MY - CHOICE, to ignore it.
Thank you.
January 25th, 2008 at 2:50 pm
What you are forgetting is CHOICE.
Doesnt matter if its good or bad policy.
They take away your choice and they RULE you.
If I want to run unsigned drivers and screw
up my Vista installation, I should have the CHOICE.
Dont follow the facist regiems.
Socialism with a Choice is not a bad thing,
Communism didnt give you a Choice thats
why it was bad and failed.
March 10th, 2008 at 5:38 am
[...] your friends CD/DVD collection and viola, way better quality then the crap you get on the iTMS too.read more | digg [...]
April 5th, 2008 at 1:58 pm
[...] read more | digg story [...]
November 2nd, 2008 at 3:23 pm
[...] and refuse to assume that its loyal customers are criminals. In any case, the DRM built into Vista was broken shortly after its release [...]
December 13th, 2008 at 1:32 am
[...] could force your customers to get friendly with hackers to bypass signing more completely - well, until M$ releases a patch around [...]
May 19th, 2009 at 10:52 am
Since when is MS the IP cop?? Let the media companies deal with their own IP problems so that small developers and businesses can develop for Windows without going through hoops and hurdles (and oodles of money) to create drivers/software that, as of now, require testing and signing. This is a huge loss to the computer industry. I like Windows, don’t get me wrong, but if this trend continues, I think we’ll start to see people moving more to open sorce (read Linux), making Linux a truly viable platform–even for small business (more so than it is now….).