Protected Media Path

From Wikipedia, the free encyclopedia

This article is part of the
Windows Vista series.
New features
Overview
Technical and core system
Security and safety
Management and administration
Removed features
Other articles
Editions and pricing
Development history
Criticism
List of Windows Vista topics

The Protected Media Path is a set of technologies creating a "Protected Environment", first included in Microsoft's Windows Vista operating system, that are used to enforce digital rights management (or DRM) protections on content. Its subsets are Protected Video Path (PVP) and Protected User Mode Audio (PUMA).

Contents

[edit] Overview

The Protected Environment in which DRM content is played contains the media components that play DRM content, so the application only needs to provide remote control (Play, Rewind, Pause, and so on), rather than having to handle unprotected content data. The Protected Environment also provides all the necessary support for Microsoft-approved ("signed") third-party software modules to be added. It provides a “wall” against outside copying, where within the walls, content can be processed without making the content available to unapproved software.

In order to prevent users from copying DRM content, Windows Vista provides process isolation and continually monitors what kernel-mode software is loaded. If an unverified component is detected, then Vista will stop playing DRM content, rather than risk having the content copied. The Protected Environment is implemented completely in software, so software-based attacks such as patching the Windows kernel are possible.

These restrictions concern the various outputs from the PC. For DRM content, digital outputs such as Digital Visual Interface (DVI) and High-Definition Multimedia Interface (HDMI) will have High-bandwidth Digital Content Protection (HDCP) enabled, to prevent someone recording the digital stream. Even analog TV-style outputs typically require some restrictions, provided by mechanisms such as Macrovision and CGMS-A. These restrictions only apply to DRM-restricted content, such as HD DVD or Blu-ray that are encrypted with AACS, and also apply in Windows XP using supported playback applications[1] [2]. User's standard unprotected content will not be faced with these restrictions. Some output types such as S/PDIF (Sony/Philips Digital Interchange Format) typically don’t have a suitable DRM scheme available, so these need to be reliably turned off if the content so specifies.

In Vista, the robust control of PC video outputs is provided by PVP-OPM, which is essentially the next generation of Certified Output Protection Protocol (COPP) introduced in Windows XP. However, rather than being a software application programming interface, PVP-OPM operates with the Windows media components in the Protected Environment.

Additionally, PVP-UAB (Protected Video Path - User-Accessible Bus) is used to encrypt video and audio data as it passes over the PCI-Express bus, to prevent it from being intercepted and copied on the way to the graphics card. It is complementary to PVP Output Protection Management.

[edit] Hacked?

During January 2007, the kernel developer for the ReactOS, Alex Ionescu, announced that he had found a method that allows end users to bypass Vista’s Protected Media Path. This would allow digital content to be played on equipment that does not implement DRM security measures (like rescaling of video resolutions and disabling analog audio outputs). However, he did not release any sourcecode for fear of a Microsoft lawsuit with regards to a possible violation of the DMCA.[3] On March 6th 2007, Microsoft responded after internal testing, that the described method would not work. [4]

[edit] See also

[edit] References