How Microsoft and RSA plan to protect our sensitive data

Mention Microsoft and security in the same sentence and most people will scoff but these day’s it really a bit unfair… Windows security has come a long way (it still has a way to go too) but nevertheless, many of the customers that I deal with run third party solutions (often at great cost) rather than trust their data security to Microsoft.

Then there’s digital rights management (DRM) – we hear a lot about how DRM is applied to music and video downloads but little about the real practical use of this technology – making sure that only those who are entitled to see a particular item of data (for example medical records or financial details) are able to access it.  Microsoft has rights management services built into Windows as one of the many identity and access solutions but it seems to me that very few organisations use this capability.  Perhaps a few of the frequent and high profile Government data security mishaps would be mitigated if DRM was applied to their data…

Today, Microsoft and RSA – a well-respected security company, now absorbed into EMC – announced an expansion of their technology partnership.  Under the terms of this partnership, Microsoft will license the RSA Data Loss Prevention (DLP) classification engine in order to trigger policy-based controls over information.

Tom Corn, Vice President of Product Management and Marketing for RSA’s Data Security Group, explained that organisations have a requirement to share information without limiting accessibility – striking a balance between security and accessibility.  Slating existing point products as costly, complex and not addressing the problem he explained how:

  1. Protection is an end-to-end problem and the data moves around – existing products only acts at certain points in the data exchange.
  2. Infrastructure components lack visibility of the data sensitivity – context is required to classify data and take appropriate actions.
  3. Existing tools and controls lack identity awareness, making it difficult to tie protection to identity.
  4. Management – security policies often exist as binders on shelves and may be written by different groups within an organisation (e.g. security, or operations) leading to a disconnected approach.  All too often the management policies are infrastructure-centric (e.g. laptop security policy, Internet security policy) rather than information-centric (e.g. credit card data storage policy).

Meanwhile, John (JG) Chirapurath, Director of Identity and Security at Microsoft spoke about how Microsoft is licensing DLP to build it into products such as Exchange Server and Office SharePoint Server to provide content awareness, then providing identity awareness through components such as Active Directory Rights Management Services (AD RMS) to allow collaboration (which relies on knowledge of identity) whilst protecting intellectual property.  By “building in” and not “bolting on”, Microsoft believes that it can provide an end-to-end solution, supported with centralised management for information-centric policies for usage, protection and access.

Under the terms of the agreement, RSA will launch DLP v6.5 later this month with full integration to AD RMS and, as new versions of products come to market eventually the entire infrastructure will make use of the DLP technology.  Customers are able to protect their investment as the core engine and policy formats exist today and, as the core DLP technologies are adopted into the Microsoft platform, RSA will continue to develop complimentary products (e.g. advanced management consoles).

Microsoft were unwilling to disclose any further details of their roadmap for integrating the DLP product into their products but did comment that the claims-based identity platform codenamed Geneva (formerly Zermatt) is a key part of Microsoft’s identity strategy and that there would be clear advantages in using Windows CardSpace to unlock business to consumer (B2C) scenarios for data exchange.  There was also a hint that management would be possible from RSA’s products and from the Forefront integrated security system product (codenamed Stirling).

All in all, this is a positive step on the part of Microsoft and EMC/RSA.  What remains to be seen is how willing business and Government customers are to invest in protecting their data.  Right now we have a business problem and a technology solution but it seems to me there is an apparent lack of desire to implement the technology and supporting processes.  Let’s hope that by integrating technologies like DLP into the core IT infrastructure, our personal details can remain confidential as we increasingly collaborate online.

Why digital rights management is anti-consumer

I’ve had a few rants on this blog about why DRM-protected consumer goods (i.e. music and video) are A Bad Thing (e.g. here and here) but this comic from xkcd.com really makes a good point (which Walmart customers will appreciate – even if the company did later decide to keep the DRM servers running, how long can they be expected to do so for?):

Steal This Comic - from xkcd.com

(This comic is licensed under a Creative Commons Attribution-NonCommercial 2.5 License.)

7digitalFor UK downloaders looking for DRM-free music, I recommend 7digital (but have no affiliation with them).

Bye bye iTunes… hello 7digital

For the last few years, I’ve been using Apple iTunes to manage my music collection. I ripped all of my full length CDs to MP3 using iTunes (at the highest bitrate it allowed at the time – 192kpbs) although I still have about 500 CD singles to do and I now favour a higher bitrate (even if I can’t hear it, I’d like to know that the quality is there should I want to do something else with the media at a later date as technology progresses). Sam C. Lin carried out an interesting study comparing MP3 encoding with and the linear PCM recording used for CD audio.

Until today, all of my digital downloads have come from the iTunes Store (DRM-free where the record companies allow it). Unfortunately the record companies don’t like Apple’s market dominance and the DRM-free iTunes Plus catalogue is still very limited.

Whilst indie music fans have DRM-free alternatives like eMusic, for my more mainstream tastes I’ve been waiting for Amazon to bring their digital download service to the UK but then, frustrated by the 30 second clips of various mixes on iTunes of “Paddy’s Revenge” by Steve Mac (sampling the Penguin Café Orchestra), I decided to Google a little and found an alternative download site – 7digital. 7digital logoNot only did 7digital sample a different section of the track (allowing me to decide which mix I would like) but it offers MP3 downloads at up to 320kbps and a big discount if I buy all the mixes together (just like when I used to buy CD singles). Furthermore, 7digital has just become the first European music site to offer DRM-free downloads from all four of the big music publishers.

Within a few minutes, my shopping basket included a couple more individual tracks that I’ve been thinking of getting – “Love Is Noise” by The Verve and “Sex on Fire” by Kings of Leon (I did stop short of buying Katy Perry‘s “I Kissed a Girl” though). Then I saw that 7digital had a section for music from TV Ads and I got browsing… a few minutes later I’d also picked up “She’s So Lovely” by Scouting for Girls.

I still don’t buy albums in digital format as I’d like a physical media backup and, to be perfectly honest, knocking a pound off the retail price is not a big enough discount – it’s not as if the artists get paid a bigger share and the distribution costs must be almost nothing – but then I saw that 7digital had albums on sale at £2, £3 (and even free). It’s not just obscure stuff that’s reduced either – I could buy “Yours Truly, Angry Mob” by Kaiser Chiefs in 320kbps MP3 format for £4.99 (although I chose to buy just the tracks I wanted) but not all albums are that cheap as their earlier album “Employment” was £7.99 (so, pretty much on a par with the supermarkets, Amazon.co.uk and Play.com).

To checkout, I needed to create an account but I could pay by card, PayPal or text message and, once my payment had been processed, I could download my tracks individually or as a zip file (even change format for tracks that had multiple formats available at the same price) and those tracks are still available for me to download again at a later date (via a feature called my locker).

7digital locker

After downloading, I simply dragged the MP3 files to iTunes, switched to my “Recently Added” playlist, selected the new tracks and added them to the “Purchased” playlist. As should be expected, all tracks were supplied complete with album art and other metadata.

So what does this tell me?

  1. iTunes is easy – that’s why I’ve been buying tracks there for the last few years. But, now that DRM is no longer an issue, downloading tracks from somewhere else is just one extra step (after importing them into iTunes they can be synced with my iPhone/iPod).
  2. It is possible to get better quality downloads (legally) and better pricing if you shop around. Maybe not everyone will have the same catalogue but 7digital has a major advantage through its arrangements with all four major music publishers.

What should it tell the music industry?

  1. People will still pay for DRM-free music, at the right price.
  2. People like me, who are too old to spend Saturday afternoons hanging around HMV (anyway, I have a family these days) will still buy music if you make it easy enough – maybe not in the quantities I used to but it’s worth noting that I spent money this afternoon that I wouldn’t have done if there wasn’t a legal download option.

I’ll still use iTunes to manage my music and video library but I don’t see any reason for me to go back to the iTunes store now… regardless of what the the new “Genius” sidebar in iTunes 8.0 tells me (I hate Apple’s use of that word!) – from now on, it’s 7digital all the way for me.

Apple iTunes 8, showing recently added tracks and the genius sidebar

Microsoft infrastructure architecture considerations: part 5 (security)

Continuing the series of posts on the architectural considerations for designing a predominantly-Microsoft IT infrastructure, based on the MCS Talks: Enterprise Infrastructure series, in this post I’ll look at some of the infrastructure architecture considerations relating to security.

The main security challenges which organisations are facing today include: management of access rights; provisioning and de-provisioning (with various groups of users – internal, partners and external); protecting the network boundaries (as there is a greater level of collaboration between organisations); and controlling access to confidential data.

Most organisations today need some level of integration with partners and the traditional approach has been one of:

  • NT Trusts (rarely used externally) – not granular enough.
  • Shadow accounts with matching usernames and passwords – difficult to administer.
  • Proxy accounts shared by multiple users – with no accountability and a consequential lack of security.

Federated rights management is a key piece of the “cloud computing” model and allows for two organisations to trust one another (cf. an NT trust) but without the associated overheads – and with some granularity. The federated trust is loosely coupled – meaning that there is no need for a direct mapping between users and resources – instead an account federation server exists on one side of the trust and a resource federation server exists on the other.

As information is shared with customers and partners traditional location-based methods of controlling information (firewalls, access control lists and encryption) have become ineffective. Users e-mail documents back and forth, paper copies are created as documents are printed, online data storage has become available and portable data storage devices have become less expensive and more common with increasing capacities. This makes it difficult to set a consistent policy for information management and then to manage and audit access. It’s almost inevitable that there will be some information loss or leakage.

(Digital) rights management is one solution – most people are familiar with DRM on music and video files from the Internet and the same principles may be applied to IT infrastructure. Making use of 128-bit encryption together with policies for access and usage rights, rights management provides persistent protection to control access across the information lifecycle. Policies are embedded within the document (e.g. for the ability to print, view, edit, or forward a document – or even for it’s expiration) and access is only provided to trusted identities. It seems strange to me that we are all so used to the protection of assets with perceived worth to consumers but that commercial and government documentation is so often left unsecured.

Of course, security should be all-pervasive, and this post has just scratched the surface looking at a couple of challenges faces by organisations as the network boundaries are eroded by increased collaboration. In the next post of this series, I’ll take a look at some of the infrastructure architecture considerations for providing high availability solutions.

Freeing digital downloads from the shackles of the BBC iPlayer

I’ve written before about my concerns with the BBC iPlayer but nevertheless, it is the only legal way to download BBC programming to my computer that I am aware of. Since I wrote that post, iPlayer has been improved to include streaming content for unsupported platforms but that doesn’t allow for offline viewing (catching up on TV episodes on the train, for example).

Well, there is a workaround and, as I figure that I am a BBC licence fee-payer and the content has been downloaded legally, converting it to watch it on another device is at least morally acceptable – even if the BBC may not agree. After all, it’s not as if I’m sharing the resulting files with other people. Based on my initial tests, it seems to work well – at least with the version of Windows Media Player that my iPlayer machine is using (v11.0.5721.5230).

All it involves is taking one copy of Windows XP, with a working BBC iPlayer installation, and running a couple of utilities to identify the keys to the Windows Media Player and remove the DRM from the .WMV files that make up the iPlayer content (by default, this is held at %allusersprofile%\Documents\My Deliveries\iplayer_live). The resulting file(s) should play in Windows Media Player without DRM restrictions – and, critically, will also play back on Windows Vista or MacOS X (using the Windows Media Components for QuickTime).

Why I will be remastering my childrens’ DVDs

There’s been much discussion of the UK’s archaic copyright laws as I’ve questioned the need for DRM and written about ripping DVDs and converting between multimedia formats. I’ve also criticised the BBC for it’s substandard iPlayer service (even if it does now stream content it still doesn’t allow offline playback on all platforms and, when it does, the DRM on the offline content is overly-restrictive). Well, here’s another example of DRM madness brought to me by the BBC – this time it’s a menu system on a legally purchased DVD.

My children don’t watch a lot of television, but there is one programme, In The Night Garden…, that is almost guaranteed to attract my three-year-old’s attention for a full 30 minutes (believe me, that is an achievement) and also provides a fair amount of delight for my one-year-old (I have to confess that I enjoy it too). It’s a very gentle programme, perfect for a spot of post-lunchtime relaxation, or for winding down before stories and bed. So, there we were, trying to calm down an overtired and slightly poorly little boy who was desperate to see Igglepiggle in the Night Garden and who doesn’t understand the idea of a TV schedule, when we decided that the DVD we had bought the boys for Christmas would be better used right away (and at least give us the chance to prepare a meal for the little people before a sleep).

On went the TV and the DVD player, in went the disc, I pressed the play button and was greeted with 2 and a quarter minutes of loud, high energy trailers for other childrens’ programming from the BBC. I tried to skip the trailers and to go straight to the menu but all attempts were greeted with a message that said “operation currently prohibited by the disc”. Now I can understand making me watch the legal notices, but forcing me to watch the trailers (on a DVD intended for children) is wrong. So I will be ripping the programmes from that DVD and re-recording them to disc without the menus, trailers, or anything else. In effect, BBC Worldwide is forcing me to break the copyright on a DVD that I have legally purchased – just to avoid the advertising.

I would complain to BBC Worldwide, but they only publish a postal address (no e-mail) for contact, so I can’t be bothered. And writing to Points of View won’t help either! In the meantime, I’ll leave my complaint on the Internet for any other prospective childrens’ DVD purchasers to consider…

BBC iPlayer: seems to work well on Windows XP but what about the rest of us?

A few weeks back, I started to listen to one of my favourite podcasts – BBC Radio 4’s The Now Show, only to be greeted with:

“We’re sorry that The Now Show podcast isn’t available for this series. The podcast was part of a trial, which has now come to an end; however you can still listen to the programme for seven days after broadcast, via the Radio 4 website.”

The clip then continued by advertising other BBC Radio 4 podcasts – obviously not “part of a trial which has now come to an end”. This annoys me tremendously – the BBC is a fine broadcaster but as as it dumbs down its main news programmes and airs more and more tabloid TV (leave that to ITV please), I’m not sure that my license fee is being well spent (that’s how the BBC is funded – from the sale of it’s programmes, and from a mandatory annual fee for all UK households and businesses with a device that’s capable of receiving a TV signal – even if it only receives subscription services like satellite or cable TV). You see, the BBC has spent millions developing a new service called iPlayer (it’s a pity they couldn’t have spent a few more pounds registering the iplayer.com domain) which will allow registered users (as long as they have a UK-registered IP address) to download programmes from the Internet. On the face of it, that sounds good, except that it’s been bogged down by DRM and that’s limited the availability of the service.

A few months back, Microsoft UK’s James O’Neill and I were engaged in an online (and face-to-face) debate about the need (or not) for digital rights management (DRM). James’ argument is that content providers have a right to protect their copyrighted material, that Windows Media codecs are available or Mac users and that Linux users would never allow a Microsoft product (i.e. a Linux port of Windows Media Player) on their system. My argument is that piracy would be insignificant if an easy to use digital media system could be created which works regardless of the device and operating system and with media at a price for which people would be happy to pay without a moment’s thought – that Microsoft Windows Media, Apple FairPlay and competing technologies should be made to work together – just as Mark James proposes in his call for open standards in digital rights management. Instead, the BBC (following the path set by a rival broadcaster, Channel 4) have provided a service which will only work on a subset of Windows PCs.

I recently saw a trailer for a BBC series called Mountain which was advertised as “coming soon” but I missed the first couple of episodes. Realising this, I thought that this would be an opportunity to try out the iPlayer service but if I’m going to give up the comfort of my living room to watch TV on the computer, I want to do it with my computer that’s hooked up to a decent display – that will be the Mac then. Not with iPlayer – it’s Windows only (so much for the accessibility which BBC services should maintain). Not to worry, I have a decent Windows PC too… oops, that runs Vista… iPlayer only works with Windows XP, Windows Media Player 10 and Internet Explorer 6 (or later) with JavaScript, ActiveX and cookies enabled. Now, looking at the statistics for this site, Windows XP users only account for about 60% of my visitors (even if they prefer to use another browser, they will have IE6 installed). Sure, my readers are highly technical (and hence more likely to try something other than the norm) but so will those who are interested in watching TV across the Internet – at least in 2007 (I expect things to change over the next couple of years) – so the BBC has instantly excluded 40% of it’s potential audience (even more if their IP addresses don’t appear to be served from the UK). Furthermore, for a service that was supposed to have launched a fortnight ago, it’s still carrying a beta label and signup is a painfully slow process. In fact a BBC representative wrote on an iPlayer support forum:

“We have chosen initially not to market or publish widely the availability of the service as we wanted to see what the initial demand would be – and interest so far has been extremely strong.”

Hmm… I read a press release announcing that the service would be launched on 27th July 2007 (which was subsequently picked up by many newspapers and websites) – I think that is both marketing and publishing the availability of the service. So what’s all this beta nonsense about then? It seems that the BBC’s Press Office is not talking to the BBC’s iPlayer people…

Once I set up a Windows XP PC and got my login details for the iPlayer service (after a wait of several hours… suggesting a level of manual intervention in the process), I found that they didn’t do much for me. The BBC’s own advice is to save the iPlayer login on the computer (if I’ve saved my login details in a cookie, what’s the point in having a login?) and then before I could download any content I had to register for a separate bbc.co.uk account (which seems to require more personal details than I would like to give away). At least that was an immediate process (even if the first few usernames I tried were taken) and I was finally able to download my programme.

BBC iPlayer - downloading

Download speeds were good (in the region of 2Mbps), although the reference to the number of sources from which I was downloading alerted me to that fact that this is a peer-to-peer service (the BBC uses VeriSign’s Kontiki delivery management system) – in which case am I giving up some of my bandwidth for the BBC to distribute its content to others? (Oh the irony of a DRM-protected service using P2P for distribution!) More to the point, what effect will that have on my bandwidth usage if I’m limited by my ISP, or if they implement network controls to limit access to the service?

The BBC website had given me the impression (obviously misguided) that programmes would be available for download up to 7 days after broadcast and then to view for a further 30 days. Apparently that’s not so, as the 30 day clock seems to start ticking at broadcast time (not download time), so my programme actually had 23 days left for me to watch it. BBC iPlayer - expiry Furthermore, it seems that once I start to watch a programme I only have 7 days to watch it before it expires. Those timescales seem pretty tight (there are no such limits with other time shifting technologies, whether I use a simple video cassette recorder or something more complex) and it’s this inflexibility that makes me so critical of DRM.

The content itself is pretty good quality – at least the episode of Click that I used to test the service (not to be confused with the streamed version available from the BBC website) looked fine in full screen mode on a standard 1024×768 laptop display although, somewhat annoyingly, a BBC News 24 ticker was visible on the bottom of the screen throughout the programme (that shouldn’t be a problem for most programmes). Also, despite advertising itself as a 30-minute programme, this particular episode turned out to be the short (just under 12 minute) version. Actually, once you find a PC that meets the iPlayer specifications, the service is pretty good. I just think that the BBC should cast it’s net a little further and include Macintosh and Linux users in its online audience.

A call for open standards in digital rights management

Digital rights management (DRM) is a big issue right now. Content creators have a natural desire to protect their intellectual property and consumers want easy access to music, video, and other online content.

The most popular portable media player is the Apple iPod, by far the most successful digital music device to date. Although an iPod can play ordinary MP3 files, its success is closely linked to iTunes’ ease of use. iTunes is a closed system built around an online store with (mostly) DRM-protected tracks using a system called FairPlay that is only compatible with the iTunes player or with an iPod.

Another option is to use a device that carries the PlaysForSure logo. These devices use a different DRM scheme – Windows Media – this time backed by Microsoft and its partners. Somewhat bizarrely, Microsoft has also launched its own Zune player using another version of Windows Media DRM – one that’s incompatible with PlaysForSure.

There is a third way to access digital media – users can download or otherwise obtain DRM-free tracks and play them on any player that supports their chosen file format. To many, that sounds chaotic. Letting people download content without the protection of DRM! Surely piracy will rule and the copyright holders will lose revenue.

But will they? Home taping has been commonplace for years but there was always a quality issue. Once the development of digital music technologies allowed perfect copies to be made at home the record companies hid behind non-standard copy prevention schemes (culminating in the Sony rootkit fiasco) and DRM-protected online music. Now video content creators are following suit, with the BBC and Channel 4 both releasing DRM-protected content that will only play on some Windows PCs. At least the BBC does eventually plan to release a system that is compatible with Windows Vista and Macintosh computers but for now, the iPlayer and 4 on Demand are for Windows XP users only.

It needn’t be this way as incompatible DRM schemes restrict consumer choice and are totally unnecessary. Independent artists have already proved the model can work by releasing tracks without DRM. And after the Apple CEO, Steve Jobs, published his Thoughts on Music article in February 2006, EMI made its catalogue available, DRM-free, via iTunes, for a 25% premium.

I suspect that the rest of the major record companies are waiting to see what happens to EMI’s sales and whether there is a rise in piracy of EMI tracks; which in my opinion is unlikely. The record companies want to see a return to the 1990s boom in CD sales but that was an artificial phenomenon as music lovers re-purchased their favourite analogue (LP) records in a digital (Compact Disc) format. The way to increase music sales now is to remove the barriers online content purchase.

  • The first of these is cost. Most people seem happy to pay under a pound for a track but expect album prices to be lower (matching the CDs that can be bought in supermarkets and elsewhere for around £9). Interestingly though, there is anecdotal evidence that if the price of a download was reduced and set at around $0.25 (instead of the current $0.99), then people would actually download more songs and the record companies would make more money.
  • Another barrier to sales is ease of use and portability. If I buy a CD (still the benchmark for music sales today), then I only buy it once regardless of the brand of player that I use. Similarly, if I buy digital music or video from one store why should I have to buy it again if I change to another system?

One of the reasons that iTunes is so popular is that it’s very easy to use – the purchase process is streamlined and the synchronisation is seamless. It also locks consumers into one platform and restricts choice. Microsoft’s DRM schemes do the same. And obtaining pirated content on the Internet requires a level of technical knowledge not possessed by many.

If an open standard for DRM could be created, compatible with both FairPlay and Windows Media (PlaysForSure and Zune), it would allow content owners to retain control over their intellectual property without restricting consumer choice.

[This post originally appeared on the Seriosoft blog, under the pseudonym Mark James.]

Get a Mac? Maybe, but Windows Vista offers a more complete package than you might think

I’ll freely admit that I have been critical of Windows Vista at times and I’ll stand by my comments published in Computer Weekly last November – Windows XP will remain in mainstream use for quite some time. Having said that, I can’t see Mac OS X or Linux taking the corporate desktop by storm and the move to Vista is inevitable, just not really a priority for many organisations right now.

Taking off my corporate hat one evening last week, I made the trip to Microsoft’s UK headquarters in Reading for an event entitled “Vista after hours”. Hosted by James Senior and Matt McSpirit it was a demo-heavy and PowerPoint-light tour of some of the features in Windows Vista that we can make use of when we’re not working. Not being a gamer and having bought a Mac last year, I’ve never really paid attention to Microsoft’s digital home experience but I was, quite frankly, blown away by what I saw.

The first portion of the evening looked at some of the out-of-the-box functionality in Windows Vista, covering topics like search, drilling down by searching within results, using metadata to tag objects, live previews and saving search queries for later recall as well as network diagnosis and repair. Nothing mind-blowing there but well-executed all the same. Other topics covered included the use of:

  • Windows Photo Gallery (which includes support for the major, unprocessed, raw mode formats as well as more common, compressed, JPEG images) to perform simple photo edits and even to restore to the original image (cf. a photographic negative).
  • Windows Movie Maker to produce movies up to 1080p.
  • Windows DVD Maker to produce DVD menus with support for both NTSC and PAL as well as 4:3 and 16:9 aspect ratios.
  • Windows Media Player to organise media in many ways (stack/sort by genre, year, songs, album, artist, rating, recently added, etc.) and share that media.

Apple Macintosh users will think “yeah, I have iPhoto, iMovie, iDVD and iTunes to do all that” and they would be correct but Apple says (or at least implies in its advertising) that it’s hard to do these things on a PC – with Vista it’s just not… which moves me on to backup – not provided (at least in GUI form) by the current Mac OS X release (only with a .Mac subscription) and much improved in Windows Vista. “Ah yes, but Leopard will include Time Machine!”, say the Mac users – Windows has had included the volume shadow copy service (VSS/VSC) since Windows XP and Windows Backup includes support for multiple file versions right now as well as both standard disk-based backups and snapshots to virtual hard disk (.VHD) images, which can then be used as a restore point or mounted in Virtual PC/Virtual Server as a non-bootable disk. Now that does sound good to me and I’m sure there must be a way to make the .VHD bootable for physical to virtual (P2V) and virtual to physical (V2P) migrations… maybe that’s something to have a play with another day.

Regardless of all the new Vista functionality, for me, the most interesting part of the first session was Windows Home Server. I’m a registered beta user for this product but must confess I haven’t got around to installing it yet. Well, I will – in fact I’m downloading the April CTP as I write this. Based on Windows 2003 Small Business Server, it provides a centralised console for management of and access to information stored at home. Microsoft claim that it has low hardware requirements – just a large hard disk – I guess low hardware requirements is a subjective term (and I figure that my idea of low hardware requirements and Microsoft’s may differ somewhat), nevertheless it offers the opportunity to secure data (home computer backup and restore, including scheduling), provide centralised storage (a single storage pool, broken out as shared storage, PC backups, operating system and free space), monitor network health (i.e. identify unsafe machines on the network), provide remote access (via an HTTPS connection to a defined web address) and stream media, all controlled through a central console. Because the product is aimed at consumers, ease of use will be key to its success and it includes some nice touches like scheduled backups and automatic router configuration for remote access. Each client computer requires a connection pack in order to allow Home Server to manage it (including associating account information for secuirity purposes) and, in response to one of my questions, Microsoft confirmed that there will be support for non-Windows clents (e.g. Mac OS X 10.5 and even Linux). Unfortunately, product pricing has not yet been released and early indications are that this will be an OEM-only product; that will be a great shame for many users who would like to put an old PC to use as a home server.

Another area covered in the first session was parental controls – not really something that I worry about right now but maybe I will over the next few years as my children start to use computers. Windows Vista includes the ability for parents to monotor their child’s activities including websites, applications, e-mail, instant messages and media. Web filters can be used to prevent access to certain content with an HTTP 450 response, including a link for a parent to approve and unblock access to the content as well as time limits on access (providing a warning before forcing a logout). Similarly, certain games can be blocked for younger users of the family PC. The volume and diversity of the questions at the event would indicate that Vista’s parental controls are fairly simplistic and will not be suitable for all (for example, time limits are on computer access as a whole and not for a particular application, so it’s not possible to allow a child access to the computer to complete their homework but to limit games to a certain period in the evening and at weekends).

If session one had whetted my appetite for Vista, session two (Vista: Extended) blew my mind and by the time I went home, I was buzzing…

I first heard of Windows SideShow as a way to access certain content with a secondary display, e.g. to provide information about urgent e-mails and upcoming appointments on the lid of a laptop computer but it actually offers far more than this – in fact, the potential for SideShow devices is huge. Connectivity can be provided by USB, Wi-Fi, Bluetooth – Windows doesn’t care – and the home automation possibilities are endless. I can really see the day when my fridge includes capabilities for ordering groceries via a SideShow display in the door. There is at least one website devoted to SideShow devices but James Senior demonstrated a laptop bag with a built-in SideShow controller including a cache for media playback. Typically used to expose information from a Windows Sidebar gadget, SideShow devices will wake up a sleeping computer to synchrosise content then put it back to sleep and can be secured with a PIN or even erased when logged off. Access is controlled within the Windows Control Panel and there is an emulator available to simulate SideShow devices.

As elegant as Apple Front Row is, for once Microsoft outshines the competition with Windows Media Center

Next up was Windows Media Center. Unlike with the Windows XP Media Center and Tablet PC editions, Microsoft no longer provides a separate SKU for this functionality, although it is not enabled in all Vista product editions. Media Center is a full-screen application that offers a complete home media hub – sort of like Apple Front Row but with support for TV tuners to include personal video recorder (PVR) functionality. As elegant as Apple Front Row is, for once Microsoft outshines the competition with Windows Media Center – multiple TV tuners can be installed (e.g. to pause live TV, or to record two items at once, as well as the elctronic programme guide (EPG), controls, etc. being displayed as an overlay on the currently playing content. As with Windows Media Player, visualisations are provided and in theory it ought to be possible to remote control a Media Center PC via Windows Home Server and set up a recording remotely. Individual programs, or whole series, can be recorded and many TV tuners include DVB-T (digital terrestrial) support (i.e. Freeview), with other devices such as satellite and cable TV decoders needing a kludge with a remote infra-red controller (a limitation of Sky/Virgin Media network access rather than with Windows). Other functionality includes RSS support as well as integration with Windows Live Messenger and some basic parental controls (not as extensive as elsewhere in Windows Vista but nevertheless allowing a PIN to be set on certain recordings).

The event was also my first opportunity to look at a Zune. It may be a rather half-hearted attempt at producing a media player (no podcast support and, crucially, no support for Microsoft’s own PlaysForSure initiative) but in terms of form-factor it actually looks pretty good – and it includes functionality that’s missing from current iPods like a radio. If only Apple could produce an iPod with a similarly-sized widescreen display (not the iPhone) then I’d be more than happy. It also seems logical to me that as soon as iTunes is DRM-free then the iTunes/iPod monopoly will be broken as we should be able to use music purchased from the largest online music store (iTunes) on the world’s favourite portable media player (iPod) together with Windows Media Center… anyway, I digress…

I mentioned earlier that I’m not a gamer. Even so, the Xbox 360‘s ability to integrate with Windows PCs is an impressive component of the Microsoft’s digital home experience arsenal. With its dashboard interface based around a system of “blades”, the Xbox 360 is more than just a games machine:

As well as the Xbox 360 Core and Xbox 360 Pro (chrome) systems Microsoft has launched the Xbox 360 Elite in the United States – a black version with a 120GB hard disk and HDMI connectivity, although it’s not yet available here in the UK (and there are also some limited edition Yellow Xbox 360s to commemorate the Simpsons movie).

Finally, Microsoft demostrated Games for Windows Livebringing the XBox 360 Live experience to Windows Vista-based PC gaming. With an Xbox 360 wireless gaming receiver for Windows, Vista PC gamers can even use an Xbox 360 wireless controller (and not just for gaming – James Senior demonstrated using it to navigate Windows Live maps, including the 3D and bird’s eye views). Not all games that are available for both PCs and the Xbox will offer the cross-platform live experience; however the first one that will is called Shadowrun (and is due for release on 1 June 2007) bringing two of the largest gaming platforms together and providing a seamless user experience (marred only by the marketing decision to have two types of account – silver for PC-PC interaction and gold for PC-XBox).

Apple’s Get a Mac campaign draws on far too many half truths that will only become apparent to users after they have made the decision to switch… and then found out that the grass is not all green on the other side

So, after all this, would I choose a Mac or a Windows PC? (or a Linux PC?) Well, like so many comparisons, it’s just not that simple. I love my Mac, but Apple’s Get a Mac campaign draws on far too many half truths that will only become apparent to users after they have made the decision to switch, splashed out on the (admittedly rather nice) Apple hardware and then found out that the grass is not all green on the other side. In addition, Apple’s decision to delay the next release of OS X whilst they try to enter the mobile phone market makes me question how committed to the Macintosh platform they really are. Linux is good for techies and, if you can support yourself, it has the potential to be free of charge. If you do need support though, some Linux distros can be more expensive than Windows. So what about Windows, still dominant and almost universally despised by anyone who realises that there is a choice? Actually, Windows Vista is rather good. It may still have far too much legacy code for my liking (which is bound to affect security and stability) but it’s nowhere near as bad as the competition would have us thinking… in fact it hasn’t been bad since everything moved over to the NT codebase and, complicated though the product versions may be, Windows Vista includes alternatives to the iLife suite shipped with a new Macs as well as a superior media hub. Add the Xbox integration and Windows SideShow into the mix and the Microsoft digital home experience is excellent. Consumers really shouldn’t write off Windows Vista just yet.

Could this be the beginning of the end for DRM?

My friend Alex thinks that DRM is a good thing (he believes that it’s the only way that content producers can protect their investments). I disagree with Alex on this and agree with Robert Nyman’s argument as to why using DRM to protect content is fundamentally flawed. Consequently I was very pleased to hear that EMI’s digital catalogue will be available at Apple’s iTunes Store from next month, DRM-free and at a higher bitrate.

EMI is not the largest of the music publishers but it is one of the big four. Whilst it’s easy to see the attraction of this deal for Apple (who have been facing some legal challenges in Europe over interoperability between iTunes and other vendor’s media players), it remains to be seen what it means for EMI (apart from a 25%-30% increase in digital revenues for each DRM-free track sold via iTunes). It could actually increase legal digital music downloads and I’m sure Sony BMG, Universal and Warner will be watching to see what the effect is before they make a similar move; it’s also worth noting that 13,000 independent labels already sell DRM-free content via eMusic (albeit at at lower bitrate and using the MP3 file format).

The EMI deal will also allow iTunes users to pay £0.20/€0.30/$0.30 to upgrade the music that they have already purchased – it may be money for old rope from the point of view of Apple and EMI but it’s also attractively priced (and it allows the record labels to increase the price of music sold via iTunes – something which they have wanted to do for while now). Digital music sales may only represent a 10% share of the worldwide market for music but are expected to grow to reach 25% of earnings by 2010 (although the recording industry is still fantasising about matching digital revenues to the decline in CD sales – a market phenomenon brought about by music collectors replacing portions of their vinyl collections with “digitally remastered” CDs and unlikely to be repeated for todays new media formats).

Personally, I’m pleased about this deal for another reason. Until now, there has been little incentive for me to buy albums online (even with the recent addition of the complete my album feature). I buy single tracks online (I stopped buying CD singles a few years ago) but have become increasing frustrated as certain tracks are only available if I buy the whole album (note to greedy record companies – this strategy actually drives people to seek out illegal downloads – if I was so inclined then I could download the tracks that I want from The Devil Wears Prada soundtrack via BitTorrent as they are not available to me on iTunes unless I buy the whole album).

At present, if I buy a CD (from the supermarket, play.com or elsewhere) then I have the DRM-free media and can rip it for playback on my iPod – alternatively I could pay Apple for inferior-quality DRM-protected content but from next month, I can buy 256kbps AAC-encoded albums, without DRM, for about the same price as a CD (and for the same price as the existing 128mbps AAC files with DRM) and, because the whole iTunes experience is so simple, I probably will. This is what Apple and EMI are banking on; however it will also make me more aware of which label I am purchasing tracks from (at the moment I neither know, nor care).

Incidentally, I recently heard that teenagers and young adults are the section of society most likely to copy CDs and use peer-to-peer networks to share files. That’s nothing new. The technology may have changed but I started recording chart shows to listen to music when I was about 12. If I hunt around in the loft, garage, or somewhere similar, I’ll probably find a box of cassette tape copies of friends’ albums from when I was a teenager and my time at Uni’. Only once I started to work for a living could I finally afford to buy CDs (and I bought a lot of CDs over the following 10 years or so, right up until just before I got married, at which time my money started to be spent on “sensible” things, like a huge mortgage…). So what’s changed? Nothing really, illegal file sharing is just the modern equivalent of the high speed dubbing that we did on our twin cassette decks 20 years ago – the only difference is that today’s technology allows a perfect digital copy and most of us have stood next to too many speaker stacks at gigs to notice the difference in quality anyway!