Cinavia is one of the things that the “universal backdoor” of forced software updates is capable of imposing.
So, I noticed this new-ish form of DRM, called “Cinavia”.
It’s basically an audio watermark that can be embedded into the soundtrack of a movie in theatrical release, or on Blu Ray and DVD discs.
Yes, I said DVDs. It can be “backported” onto the DVD format without changing the specification, and Blu Ray players or playback software that recognizes the Cinavia DRM will recognize it.
DVD players, Blu Ray Players that have not been “updated” to recognize it (yet), and software that does not know what Cinavia is will just ignore it.
If the firmware/software does recognize what Cinavia is, and thinks that you’ve pirated the movie, it will let you get about 20 minutes into the movie file, and then it will either stop the movie or tell the device/software to forcibly disable all audio outputs. Don’t bother trying to remove it, as it is resilient to added noise, as well as popular audio compression codecs such as Ogg Vorbis, AAC, and MP3.
Right now, it seems that only some individual Windows software programs recognize Cinavia and comply with its order to cut the audio outputs, but eventually this could easily be made global through the Windows audio subsystem itself. If you try to use open source media player software, such as VLC or Media Player Classic on Windows, the audio subsystem could still detect Cinavia and comply with the request to disable the entire audio framework. I suspect that this is coming to Windows, and that when it does, it will be trivial for Microsoft to backport it to previous releases of Windows as a non-removable Windows “update”.
The real bitch of this is that they won’t even have to tell you that’s what it does. They have been known to lie and call things like this a high priority “security” or “reliability” update in the past, and then they can make it so that you can’t remove it later. (And even if you do, it will be in the next Service Pack or version of Windows, so you’ve just bought yourself a little time.)
It’s just as likely that Apple will do this as a global operating system “feature” as well at some point.
In fact, part of the reason for the War on Free (as in freedom) software is because they can’t reach into your computer and force it to do things like this when you run a Free Software operating system.
I have a feeling that in five or six years, after ancient crap such as Windows XP goes out of support, that “Secure Boot” will be fiddled with to remove the ability of the user to turn it off. From that point, when you buy a PC that runs Windows or Mac OS, that’s what you’re stuck with, DRM and all.
Where this Cinavia DRM is the worst at the present time is Blu Ray Disc players with firmware that supports it. Since regular firmware updates are essentially forced on the user to enable the new DRM keys that ship with new Blu Ray Discs, it’s probable that Cinavia will eventually be retroactively added onto your existing player, even if it does not know what Cinavia is right now.
There’s no real way to “refuse” firmware updates when you use a Blu Ray player. Either you apply them, or you start running into new discs that will refuse to play.
That’s what got me thinking about when Richard Stallman called Windows (and all proprietary software with automatic forced updates) a “universal backdoor”.
“This means that any malicious feature which is not in Windows today can be remotely installed tomorrow by Microsoft. So Windows is not just malware, it is a universal malware.” -Richard Stallman
Just replace “Windows” with “proprietary software/firmware” and “Microsoft” with any company that sells proprietary software/firmware or “consumer electronics” that utilize them, and you get to the root of malicious anti-features such as Cinavia.
So, the first thing that many people will do when they hear about malware like Cinavia, is to search to see what hardware is affected, but that is irrelevant now that the malware can be grafted onto systems that shipped without it.
The only way to avoid things like this is to only use Free (as in freedom) operating system software with Free (as in freedom) media playback software, and to avoid any computer hardware that comes about, which will not let you run it.
If you would like to read more about the Cinavia malware, Anandtech wrote a very detailed article, titled “Cinavia DRM: How I Learned to Stop Worrying and Love Blu-ray’s Self-Destruction“, which is very informative.
For kicks, I loaded up the Windows 8 “Consumer Preview” in VirtualBox.
I was expecting the usual. More crap that nobody asked for. More anti-competitive Microsoft tie-ins. More lock-in with Microsoft services. More EULA mess. More spyware. I found pretty much all of this.
The setup process was much like Windows 7 up to a point, except there are now three entire pages full of toggle switches where the user must agree to sacrifice their privacy to use Windows 8 fully, in addition to a EULA written in legalese that goes on forever, which nobody who isn’t a lawyer will fully understand. If they don’t, then there will be huge swaths of missing features. (And since it is proprietary software, you absolutely cannot trust anything it says or does, so the choice is misleading anyway.)
As Dr. Richard Stallman has said, Windows is malicious software. Their privacy policies open up the user to all kinds of abuse for simply agreeing with the EULAs (which are mandatory if you wish to use Windows), and in the EULA you agree that Microsoft can slip in updates or change the EULA at any point in the future. So, if there is something malicious that Windows currently does not do, then it would be very easy for them to slip that into an update and push it out tomorrow.
They’ve done this sort of thing before, countless times. Anyone remember how “Windows Genuine Annoyance” wasn’t originally part of Windows XP?
Anyone remember when Windows XP and Vista would simply lock you out of your computer and forbid you access to anything even if the software was legally licensed and Microsoft just happened to screw up?
Idiot Exploiter being in Windows 98 without an uninstaller got Microsoft some DOJ attention, but it’s literally EVERYWHERE in Windows 8, and it’s more malicious than ever.
Here’s what you agree to send to Microsoft now to get a fully functional copy of Windows 8 if you take the default settings (Some of these have been a requirement of various Microsoft apps and Windows in the past, some are new. This is in addition to anything mandated by their EULA, so you can’t opt out of all of it even if you tried):
Every site you visit in Internet Explorer.
Everything you download with Internet Explorer.
Every URL you click on in an application from the Windows store, regardless what browser it opens in.
Every web resource that an application loads.
Every application you have installed on your computer, regardless of where it came from.
Your EXACT location. (Via IP geolocation or GPS coordinates.) when you use an app that uses this feature. Note: GPS coordinates are accurate to within a few inches.
Crash data for any application that has a problem, including a memory dump. (Those can include personal information like passwords, site login data, your bank account information, truly any information the app had in memory when it crashed.)
Which parts of Windows Help you have read, and what URLs you clicked on in that.
You agree that they can force application updates on you, silently, even to install malicious features,even if you didn’t want the update.
You agree that they can update Windows, including for the purpose of stuffing in more malicious features, even if you didn’t want the update.
Applications can use your name, account picture, location data, and various Windows Live features, as you.
Perhaps most disturbing at all, the Windows Store and many of the applications that come with Windows that can’t be removed, like their messenger program that censors its users and spies on what they say, require you to sign up with a Microsoft Account (which is, I guess what they’re calling Passport these days), and to fully utilize the software store, you have to link a major credit card/debit card to your account and agree to anything Microsoft or apps you use try to charge to it.
You agree in the EULA that Windows can update things like their Windows Media Digital Restrictions Malware and you won’t try to stop it.
The US DMCA makes it illegal to try to break their Digital Restrictions Malware, even if it’s because it fucked up and you’re just trying to use the content you “bought”. Or because Microsoft’s latest DRM’d music store flops and they take down their license renewal server. Happens.
If you use any of Microsoft’s “Cloud” features, you agree explicitly that they can share your information with advertisers or the federal, state, or local government units with or without a valid search warrant, and you also agree that you hold Microsoft harmless if they fuck up and delete your data. So don’t upload anything expecting to ever get it back out. But, these are problems with most cloud services, which is why you shouldn’t use them.
We live in an age where the government doesn’t even need warrants because people tell them everything they want to know, willingly. How many criminal cases has the government been able to make out of data that Microsoft, Amazon, Google, and Facebook have turned over? We might never know.
These reasons, and many more are why it’s time to consider making the move to Free and Open Source software. There’s no 20 page EULAs, no “activation”, no spyware, fewer headaches, and no bullshit.
Big companies have proven time and time again that they are not to be trusted with your information. Why do people agree to give them more and more of it all the time in light of this abuse?
If you need a starting point in learning about Free and Open Source software, what it is, and more reasons you should be replacing your proprietary software with it, here’s some places to read up about it.
In short, there’s probably a suitable free and open source replacement for almost everything you use, even for operating systems such as Ubuntu and Fedora, office suites such as LibreOffice and Caligra Suite, even replacements for Photoshop, like The Gimp. Of course that’s just naming a few.
Switch now, and you will not only have the peace of mind that nobody is using your computer against you or effectively leasing your own computer out to you, or using your software to censor or spy on you, but also that they can’t rack up fraudulent credit card transactions from an app that is targeted to your children which sells them pretend apples and hay to feed imaginary animals with.
One Apple customer was recently in the news, horrified, that his seven year old daughter managed to rack up the equivalent of about $350 US dollars to his credit card, which Apple simply allowed to go through. If you think Microsoft will be treating customers any better, I would suggest that you’re in for a painful life lesson.
One more disturbing trend….
Each version of Windows comes in yet more “editions”. “Edition” is just a nice way of saying they cripple it a bit more and a bit more to segment the market and create price points. This is something else you never see in Free and Open Source Software, because it would be pointless. Nevertheless, Microsoft has decided that Windows 8 will not play a DVD or Blu Ray without the “Media Pack”, which will be an additional fee.
How much? They declined to say. For reference, adding DVD playback to Windows Media Player in Windows XP cost $25, and adding Blu Ray support to Windows has typically meant a MONTHLY RECURRING SUBSCRIPTION fee because it requires downloading the new content restriction keys every month, so if you stop paying, your discs stop playing. Isn’t that cute?
Benjamin Mako Hill wrote about this deliberate software crippling in an essay about Windows NT 4. He called the disabled features anti-features. The point he made, quite concisely, was that if you pay Microsoft for anything other than the most expensive version, you’re literally paying them to remove features from your software. He also made a list with more examples of products with antifeatures.
There’s much more detail I could go into, but this is yet another wake up call that you deserve Freedom, and Free Software gives you the Freedom you deserve. The Free Software Foundation defines “Free” (as in freedom!) Software as giving the user these four freedoms.
- The freedom to run the program, for any purpose (freedom 0).
- The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1). Access to the source code is a precondition for this.
- The freedom to redistribute copies so you can help your neighbor (freedom 2).
- The freedom to distribute copies of your modified versions to others (freedom 3). By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.
In short, you are free to study, modify, redistribute, and use the software, for any purpose, and you are never “under surveillance” by it or unable to help your friend by sharing the software with him or her.
Microsoft and Apple both have something in common; they try to make the user overlook all of the things they have to sacrifice just to use their software, by making it pretty on the surface. That pretty surface is only skin deep, and underneath it, the internals of the system are as bug-ridden and as DRM-encumbered as ever. Just because you paid for a license doesn’t mean they can’t come back later and terminate it, for any or for no reason, without a refund.
What’s most disturbing, above and beyond anything else I’ve talked about, is when the software is so tied to the hardware that the hardware is useless without their software (such as Windows on ARM or the iPad). What do you do if they throw you out? I guess you have a really expensive door stop. (Did someone say, Plasma Active? Yes, you should use Plasma Active.)
Windows 8 gives you a choice. You can keep surrendering more of your freedom to Microsoft and other malicious software companies every year, or you can get off their slippery slope right now.
Microsoft censors Windows Live users. Gives free speech a treatment that would make any tyrant dictator proud.
You’ll have to wait until May to see Sacha Baron Cohen’s new movie, The Dictator, but in the mean time, Sweaty Ballmer wants to show us how being a petty tyrant is done.
When the user enters a link and it’s to a site that Microsoft doesn’t like, Microsoft’s new approach is to block it at their server and report back to the user that the site is “dangerous”.
So far they seem to do it with The Pirate Bay, which probably hosts and serves less malware and spyware than Microsoft itself (source source source) or sites that aren’t being blocked by them, such as CNET Download.com which delivers crapware bundles with legitimate software.
Since the censorship of links is done at the server level, it means that (not shockingly), Microsoft is monitoring, logging, and spying on everything you say or do while connected to their chat service. It also means that users of alternative messenger software which doesn’t come bundled with the ability to display malicious advertisements like Microsoft’s official client does will not escape the Microsoft server spying on them and kicking back any links that Microsoft doesn’t like. If Microsoft can’t keep their own software and websites from installing malicious software onto Windows PCs, they shouldn’t be blocking anyone else under that excuse.
The penalty for being caught doing any of this is the worst kind of censorship that Microsoft can impose on their users, total account deletion. Some choice excerpts from the EULA for Microsoft’s instant messaging service.
” In particular, we may access or disclose information about you, including the content of your communications”
“We may cancel or suspend your service and your access to the Windows Live ID network at any time without notice and for any reason.”
In addition, the terms point to a separate obnoxious Code of Conduct with such gems as:
“You will not use any form of automated device or computer program that enables the submission of postings without the express written consent of Microsoft Corporation.”
Among other things, you agree that you won’t post links on how to bypass the security of computer software or break DRM, piracy, “pornography” (which even the Supreme Court has been unable to define, but thank god we have Microsoft as the arbiter of all things wholesome), and of course you are responsible for anything that malicious Windows software decides to do once it has taken over your computer and starts spamming all your friends. (which is bound to happen sooner or later considering you’re using Windows).
Of course, Microsoft includes the clause that lets them delete your account for no reason at all, so really anything you do can (at their whim) be grounds for suspending or deleting your account.
Bottom line: Microsoft is malicious and abusive and anyone who bothers to read their burdensome, obnoxious, and dangerously open-ended and one-sided policies and licensing agreements would have already known this.
If anything, this should serve as another wake up call to ditch Microsoft and their abusive policies and a reminder that if you think Microsoft can be trusted, you’re living in a dream world.
I read The Heise Online regularly and I thought I would quote some of their articles where I don’t feel like being comment moderated on their own site.
Windows Firewall? O RLY?
Something that allows programs to whitelist themselves or any inbound or outbound port traffic without notifying the user is not a firewall, it is a practical joke, on the user.
The article mentions that people behind router or modem equipment might be safe, but doesn’t mention this is because that equipment typically runs Linux or Wind River Systems VXWorks as its firmware and has a real iptables-based firewall that sometimes protects Windows users from Windows.
On the other hand, I guess Port Nuking is back. So much for Windows 7 being more secure than Windows 95. This time they even tell you Windows has a Firewall. Nothing like being wined and dined before you get fucked I guess.
Four million computers globally, which the article doesn’t mention, all run Windows, have been compromised with malware that changes the DNS servers that Windows uses and redirects them to malicious fakes.
The US FBI has taken over the fake DNS servers and is now quietly hijacking all four million victims of the original botnet, essentially turning it into US government malware. This lets them slip past what’s left of the Fourth Amendment protections against illegal search and seizure, and essentially keylog the websites that those four million Windows users try to access. And, last but not least, nothing stops them from monkeying around and forging DNS entries like the original Windows malware authors were doing.
Moving further on, into Microsoft’s patent racket operations. You might remember that Foxconn, a global manufacturer of PC and Mac motherboards (sometimes sold under different brand names), was conspiring with Microsoft a few years ago to break non-Windows operating systems with corrupt ACPI implementations in the board’s BIOS firmware. As a reward for carrying water for Microsoft in their Corrupt PC BIOS Initiative , Foxconn ended up being named as a defendant in Microsoft’s patent-racketeering lawsuit against e-reader maker Barnes & Noble.
Loyalty to Microsoft simply means that they’ll save you for last I guess.