Vista DRM Precludes Virtualization?

Conspiracy theorists may link Microsoft Corp.'s abrupt decision late Tuesday not to remove restrictions on consumers virtualizing its Vista operating system to a Department of Justice agreement announced the same day or to a desire to jerk Intel Mac users around.

But the actual reason may be found in three little letters: DRM.

Vista's new digital rights management features enable movies or music files to be password-protected or made accessible only to authorized users for opening, viewing or changing.

Whether most users would call DRM a feature, however, is questionable. A close cousin to DRM technology, known as Windows Rights Management Services (which in turn is part of a larger category of technologies called Enterprise Digital Rights Management, or ERM), can help business users password-protect key documents and files, or assign the ability to open them only to trusted co-workers. But DRM's main purpose seems to be to help the Warner Bros. and Sony Musics of the world keep consumers from sharing movies and music. The entertainment industry claims that almost all blocked sharing is illegal; digital rights watchdogs argue that legitimate consumer uses are also blocked by such technology.

DRM is capable of blocking both overt piracy -- distributing movies via BitTorrent and other peer-to-peer networks -- as well as other common scenarios that most consumers do not consider piracy, such as moving legally acquired music files from their desktop PCs to their notebook computers.

"It's like when you batten down the hatches on a ship in a storm," said Aram Sinnreich, an analyst at Radar Research in Los Angeles. "Vista wants to batten down every software or multimedia bit so that they don't go somewhere the creator doesn't want it to go."

Versions out of control?

The problem is that virtualization, by accident, appears to break most of Vista's DRM and antipiracy schemes.

Virtualization software -- think VMware Inc.'s VMplayer, Microsoft's Virtual PC or Parallels Inc.'s Parallels Desktop -- allow computer users to boot one operating system but run a second one as a "guest" at the same time.

That can allow a user who has booted Windows Vista to load XP-only applications in a guest XP operating system, also known as a virtual machine (VM). Or it can let a user with an Intel Mac boot up the OS X operating system but also run Windows Vista or XP applications at the same time.

Microsoft's original plan was to announce on Tuesday changes to the contracts, known as End User Licensing Agreements (EULA), for its Vista Home Basic and Home Premium editions. Those changes would permit buyers who use those editions to create VMs. The change was purely to the EULA; there is no technical limitation preventing knowledgeable users from virtualizing retail versions of Home Basic or Home Premium.

Microsoft only allows full retail versions of Vista Business or Vista Ultimate (as well as Vista Enterprise for big corporations) to run as virtual guests of a host PC. Vista Business and Ultimate cost $299 and $399, respectively. The simple change in Microsoft's license for the two cheaper editions -- Home Basic Edition and Home Premium Edition cost $199 and $239, respectively -- would have saved customers at least $60 and up to $200.

In addition, Microsoft planned to permit the use of DRM, IRM (Information Rights Management) and Vista's storage encryption technology, BitLocker, in a VM for any version of Vista.

Besides boosting flagging perceptions of Microsoft's overall virtualization strategy, the move would have made Vista virtualization much more attractive to a key and growing segment -- Intel Mac owners who want to run Windows software.

But at the last moment, Microsoft did a 360. Its explanation was terse: "Microsoft has reassessed the Windows virtualization policy and decided that we will maintain the original policy announced last Fall," said a spokesman in an e-mailed statement.

A perfect picture (of cross-purposes)

When a user creates a VM, the virtualization software takes a snapshot of the PC's hardware and then creates an exact copy of how that works in memory, according to DeGroot.

This ability to perfectly simulate the way the original PC ran (albeit more slowly than the original) is why VMs are such a useful tool. But a VM, once created, can be copied hundreds or thousands of times and ported over to radically different PCs without triggering the antipiracy and DRM schemes of most software or multimedia files, including Vista's. Those schemes raise red flags only if they realize they've been moved to another computer, DeGroot said.

Analysts say what probably happened behind the scenes is that Microsoft or one of its media partners decided at the last moment that encouraging consumers to use virtualization would, at least symbolically, be at odds with its attempts to enforce DRM.

"Microsoft doesn't want the music labels, TV networks and movie studios to come back to them and say that you are enabling this ability to move content around," said Mike McGuire, an analyst at Gartner Inc.

Microsoft has more at stake than other high-tech firms, McGuire said, what with its partnerships with NBC, its Xbox gaming platform, its Media Center PCs and even its Zune music player.

"It's a very fine line that Redmond has to walk," McGuire said. "They have to answer to these companies if they want to have any hope of making the PC and their software the de facto usage model for multimedia."

The problem is that even if Microsoft -- and U.S. law -- insist it is still illegal to use virtualization to enable the sharing of software or movies or music, its antipiracy technology is powerless to stop it.

"It's absurd to expect that something demanded by a EULA is followed when technology and common practice permit otherwise," Sinnreich said. "Microsoft is banking on ongoing consumer naivete and goodwill. There will be a backlash against DRM in some not-so-distant future."

Would anyone have bothered?

Will encouraging consumer virtualization result in a major uptick in piracy? Not anytime soon, say analysts.

One of the main obstacles is the massive size of VMs. Because they include the operating system, the simulated hardware, as well as the software and/or multimedia files, VMs can easily run in the tens of gigabytes, making them hard to exchange over the Internet. But DeGroot says that problem can be partly overcome with .zip and compression tools -- some, ironically, even supplied by Microsoft itself.

"It's the kind of idea that is out there among the enthusiast community for file sharing and remixing, but it's not part of the standard arsenal for the average college student," Sinnreich said.

Gartner's McGuire agrees: "Unless virtualization is more convenient and reliable than P2P, then no one is going to go to the trouble."

This story, "Vista DRM Precludes Virtualization?" was originally published by Computerworld.

To comment on this article and other PCWorld content, visit our Facebook page or our Twitter feed.
Related:
Shop Tech Products at Amazon