The Ed Bott Report

Ed Bott
Home / News & Blogs / The Ed Bott Report

Everything you've read about Vista DRM is wrong (Part 1)

By | September 16, 2007, 4:29pm PDT

Summary: Self-described “professional paranoid” Peter Gutmann of the University of Auckland has become the most widely quoted source of information on DRM and content protection in Windows Vista. The trouble is, Gutmann’s work is riddled with factual errors, distortions, contradictions, and outright untruths, and his conclusions are equally wrong. In this three-part series, I’ll show you why Gutmann’s outrageous and inflamatory arguments don’t stand up to close scrutiny.

Last month, I wrote about the FUD surrounding Windows Vista and DRM. The FUDmaster is Peter Gutmann, a New Zealand researcher who wrote a paper last December that made a series of outrageous and inflammatory claims about Windows Vista. Since then, Gutmann has expanded the paper to more than four times its original size. The current version available on Gutmann’s website clocks in at more than 26,000 words, making it longer than some recent works of fiction.

And length isn’t the only thing Gutmann’s paper has in common with the average pulp novel. Gutmann’s work is riddled with factual errors, mistaken assumptions and unproven assertions, distortions, contradictions, misquotes, and outright untruths. In short, it’s a work of fiction all on its own.

Gutmann is a clever writer, and he’s able to string together nouns, verbs, technical terms, and acronyms in ways that sound persuasive. In this three-part series (look for Part 2 and Part 3 later this week), I’m going to dig deep into Gutmann’s work and show you just where he got it wrong.

I’ve been working on this story for months. Part of the problem is that Gutmann’s paper is a rambling, sloppy, disorganized mess, and nine months of additions have made it even more difficult to pick out the serious arguments from the scare stories and snark. Gutmann’s favorite technique is to string together anecdotes he’s plucked from magazines and websites, juxtapose those stories with sentences from presentations by Microsoft engineers and developers, and then speculate on the implications, often with wildly incorrect results. And worst of all, Gutmann appears to believe everything he reads—as long as he can fit it into his anti-Microsoft world view.

The other part of the problem is Gutmann’s lack of hands-on experience with modern consumer electronics gear and with Windows Vista itself, which shows in nearly every sentence he writes. I’ve done extensive hands-on testing and have personally seen Vista do things that Gutmann says are impossible. Rather than write 26,000 words of my own, I’m going to pick out more than a dozen substantive errors in Gutmann’s piece and explain why they’re wrong.

With that introduction out of the way, let’s get started.

Next –>

More from “The Ed Bott Report”

Topics

Monitor, Digital-rights Management, Driver, Microsoft Windows Vista, Microsoft Windows, Video, Microsoft Corp., FUDmaster, Peter Gutmann, Ed Bott

Ed Bott is an award-winning technology writer with more than two decades' experience writing for mainstream media outlets and online publications.

Disclosure

Ed Bott

Ed Bott is a freelance technical journalist and book author. All work that Ed does is on a contractual basis.

Since 1994, Ed has written more than 25 books about Microsoft Windows and Office. Along with various co-authors, Ed is completely responsible for the content of the books he writes. As a key part of his contractual relationship with publishers, he gives them permission to print and distribute the content he writes and to pay him a royalty based on the actual sales of those books. Ed's books are currently distributed by Que Publishing (a division of Pearson Education) and by Microsoft Press.

On occasion, Ed accepts consulting assignments. In recent years, he has worked as an expert witness in cases where his experience and knowledge of Microsoft and Microsoft Windows have been useful. In each such case, his compensation is on an hourly basis, and he is hired as a witness, not an advocate.

Ed does not own stock or have any other financial interest in Microsoft or any other software company. He owns 500 shares of stock in EMC Corporation, which was purchased before the company's acquisition of VMWare. In addition, he owns 350 shares of stock in Intel Corporation, purchased more than two years ago. All stocks are held in retirement accounts for long-term growth.

Ed does not accept gifts from companies he covers. All hardware products he writes about are purchased with his own funds or are review units covered under formal loan agreements and are returned after the review is complete.

Biography

Ed Bott

Ed Bott is an award-winning technology writer with more than two decades' experience writing for mainstream media outlets and online publications. He's served as editor of the U.S. edition of PC Computing and managing editor of PC World; both publications had monthly paid circulation in excess of 1 million during his tenure. He is the author of more than 25 books on Microsoft Windows and Office, including the recently released Windows 7 Inside Out.

Talkback Most Recent of 372 Talkback(s)

  • Some questions and comments
    But if you just want your driver to load under Windows Vista x64, you can take care of business in a matter of seconds, by using your own certificate to digitally sign it, a process called Kernel Mode Code Signing (KMCS).
    ...
    Anyone can get a software publishing certificate from the independent certification companies listed here, none of which is owned or controlled by Microsoft. I found a suitable certificate for $229.


    Not that I still do, but back in Uni, I created my own drivers for various equipment, not the least of which was a serial port controller for a solar hot water system. In Vista, would I have to pay for a certificate to load a driver I created? (i.e. I just want to load my unsigned, unofficial, completely hacked up XYZ controller)

    For all of his arguments about degraded output and hardware (non HDCP over DVI), or poor early implementations of HDMI (i.e. customers don't know their HDCP is not compliant), you are right, as you have found out, few of the content companies are using the controls they have built in. As you have said, there is the ICT flag, and other controls the content companies COULD use. Your testing showed that the HD disk played through PowerDVD was not using the optional Vista functions (but they could, will they?)

    One of Peter's biggest flaws was simply that he assumed the content companies WOULD use them, they won't yet, I have said, about all this new HD DRM, etc, the content companies will fall all over themselves to play nice until critical mass. They don't want to disenfranchise the new market, but once mature, they will probably (my prediction), activate once the amount affected are in the minority.

    We will see the relative merit of the analysis down the road, when (if?) the content companies activate. They may not, as much as they wish DRM is effective, they may be forced to give up the pipe dream to sell content, or they may miscalculate the backlash.

    From the Blu-Ray FAQ, one of the more contentious of my issues is the potential to mandate internet connectivity for monitoring.

    No, you will not need an Internet connection for basic playback of Blu-ray movies.

    Maybe you can get an answer. Blu-Ray, for this and other reasons, is a non option because they will not answer this question.

    What is basic playback, and will it always include full 1080p without an internet connection? I will require it in black and white, written down for all to see, that forever, a Blu-Ray device will NOT require an internet connection for 1080p without other penalties (like 14 minute FBI warning, or I have to watch 48 previews unless the player can connect to the "opt-out" preview server, etc). IMO, they won't answer this because internet revocation and update is critical to BD plus.

    The Blu-Ray part is a tangent, but is relevant to how they could change the rules in the future.

    I will be interested in how you counter one chapter that is, starkly true, namely Increased hardware costs.

    http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.html#hardware

    HDCP, certification, driver development, it all costs money, and we know who pays for it in the end.

    TripleII
    ZDNet Gravatar
    TripleII-21189418044173169409978279405827
    16th Sep 2007
  • Large screen Samsug question
    The issue to be answered is not if Vista can drive a huge Samsung monitor with HD content but if it can drive it with DRM protected HD content. Showing a computer generated airline times board is not showing the latest movie with DRM crippling it.

    I get the feeling you're as misleading and evasive on your defense as the originating article is.
    ZDNet Gravatar
    shoktai@...
    16th Sep 2007

  • ZDNet Blogger

    Two Samsung monitors
    The first fully supports HDCP and thus will play back any content fed to it by Windows Vista.

    The second was not designed as an entertainment system. It was specifically designed for use in public places, with content generated by a business or organization. So complaining that it doesn't support HDCP is sort of beside the point. Do you expect to watch a Blu-ray movie in an airport waiting room or the lobby of a business?

    (And anyway, that screen could play back a copy-protected disk. Just use the analog inputs.)
    ZDNet Gravatar
    Ed Bott
    17th Sep 2007
  • Monitor upgrades: just another cost of Vista
    Come on, this is just silly. You're telling people that they should (a) buy a new, special-purpose monitor that's DRM-compliant, or (b) just use a non HDCP-compliant monitor in analog mode? I don't find either of those "solutions" to be remotely acceptable (anyone who has an LCD with both analog and digital inputs can see the difference in clarity at a given resolution, all else being equal). Not to mention, there is still the looming potential that Microsoft will throw those bits that will prevent the analog outputs on a video card from even working when DRM-crippled content is being played. That would leave only the first option, which is to continue the Vista equipment upgrade binge.

    Perhaps you don't seem to understand exactly what HDCP does-- it's not that you're just going to get the slightly fuzzier, less-vivid image when going analog...the quality is down-sampled 50% to non-HD levels for non-HDCP-compliant devices. Completely unacceptable if the content is legal, but it's just that the user hasn't forked over more money to buy a brand-new display and HDCP-compliant media pipeline!

    The reality of the situation is that most LCD displays manufactured over the past 5 years, even if they support HD resolution and digital inputs, are not HDCP DRM-compliant. If the resolution, size, and other basic specifications are equivalent between two displays, the extra costs associated with these "entertainment system" displays' decoder circuitry and such (or the otherwise unnecessary purchase of a brand-new display) are a cost of DRM. And since Microsoft champions DRM with Windows Vista, that's just another cost of Vista if you want to use your Vista media center to its fullest potential.
    ZDNet Gravatar
    pyrr
    18th Sep 2007
  • (addendum)
    Oh, and your statement about HDCP being "fully compatible" with DVI-D, that's not entirely accurate.

    Devices with only DVI-D connectors can be made in compliance with HDCP, such that they will work through the DVI-D port with an HDMI adapter (an extra consumer cost), but simply having a DVI-D connector doesn't mean that a device is compatible with HDCP. Attempting to connect a non-HDCP-certified device to a HDCP-protected stream with an adapter will result in an output failure. I find that a rather interesting definition of "fully compatible". The long and short of it is, unless the whole media pipeline, from the optical pickup in the DVD drive to the pixels on the display, is 100% locked-down HDCP compliant, users will be lucky to get even half-resolution playback on their devices. The point is completely moot if content is unprotected and the media pipeline, whether a computer OS or a Blu-Ray DVD player, doesn't treat it as such. But the second media is treated as protected, that's when things cease to be truly "fully-compatible", and all the HDMI to DVI-D adapters in the world are useless.
    ZDNet Gravatar
    pyrr
    18th Sep 2007

  • ZDNet Blogger

    Look at the picture
    You need to read what I wrote in context. I wasn't making a statement about all monitors, I was talking about this specific example. That's why I posted the picture that shows the specs of this particular monitor, which has a DVI-D output with HDCP support.

    Please compare to what Gutmann wrote, where he says NO DVI input will support Vista HD output:

    "Vista won?t display HD content on it because it doesn?t consider any of its many input connectors (DVI-D, 15-pin D-Sub, S-Video, and component video, but no HDMI with HDCP) secure enough..."

    That is complete crap. He believes that only HDMI can support HDCP. If he actually understood what he was talking about he could never have written that.
    ZDNet Gravatar
    Ed Bott
    18th Sep 2007
  • The bigger picture...
    So this is really just a nitpick? Gutmann may be guilty of not researching the specific examples he uses for his position thoroughly-enough, and while that makes him look a bit foolish, it doesn't invalidate the point he was trying to make, which is that the lack of HDCP-compliance in otherwise perfectly good displays shouldn't be the only factor that forces end users to upgrade to more expensive displays for the sake of the DRM lockdown. We (tech folks with half a brain) KNOW he's a bit over the top on some of his points, but we can also see that he raises valid concerns. By attacking him on the accuracy of minutiae, you might "win" the battle, but "win" too many of them, and you just lose credibility because they're just not the sorts of things that gut his main arguments.

    Side-stepping around Gutmann's valid concerns (in this case, good monitors being force-obsoleted) doesn't do anything to address what we really want to know. And what we want to know (I speak for myself anyway) is if Vista is such a locked-down mess that it's hopeless for someone who doesn't have bottomless pockets, or if the FUD is going to be as unwarranted and unfounded in the Real World (tm) as the FUD that was creeping-up in regards to the Linux pedigree for the past two years. As of Part 2, I really am not seeing your rebuttals as anything that makes me feel *better* about the DRM burdens Vista totes around. This is the forest to which I refer.
    ZDNet Gravatar
    pyrr
    18th Sep 2007

  • ZDNet Blogger

    Nothing is "force-obsoleted"
    HDCP support is a requirement of the content. Vista doesn't change that. If you buy a non-HDCP monitor and upgrade to Windows Vista, you will be able to do everything you can do today, with no exceptions. You will not be able to play back media such as a Blu-ray or HD DVD disk that requires HDCP hardware on digital outputs. But you wouldn't have been able to play that back on XP or on a Mac or on a Linux box or with your Toshiba HD DVD player or your Sony Blu-ray drive either. All that Vista adds is platform support that gives you the choice to install a third-party app that uses this platform to play back that content. It's an addition, not a subtraction. And it's completely optional on your part.
    ZDNet Gravatar
    Ed Bott
    26th Sep 2007
  • While Peter was wrong about the DVI HDCP support...
    He may have gotten the idea from the output protection doc
    since it list DVI with VGA and TV-out (2 of 3 are known not to allow protected content to display @ full Resolution).

    "2 PVP-OPM: Protected Video Path ? Output Protection Management
    This section examines PVP-OPM and related output content protection initiatives.
    PVP-OPM is an important part of what is needed to make the PC safer for premium content, by trying to ensure that the various outputs from the PC?such as DVI, VGA, TV-out, and so on?are properly controlled or protected (or both controlled and protected) in accordance with the content?s policy. PVP-OPM is designed to meet the requirements of HD-DVDs and Blu-Ray DVDs and of 5C DTCP. "
    ZDNet Gravatar
    mrOSX
    19th Sep 2007
  • Sorry Ed
    You did write "Everything" do you wish to back off on your ambiguous "Everything you?ve ever read....." I read what you wrote below. by your own definition that is also wrong!? T.A.C.S. Ed. It is, just to paraphrase you, "sloppy, disorganized messy"
    "You need to read what I wrote in context. I wasn't making a statement about all monitors; I was talking about this specific example. That's why I posted the picture that shows the specs of this particular monitor, which has a DVI-D output with HDCP support.

    NB semi colon after monitors


    Please compare to what Gutmann wrote, where he says NO DVI input will support Vista HD output:"
    ZDNet Gravatar
    On Site PC
    10th Oct 2007

  • ZDNet Blogger

    Huh?
    I have absolutely no idea what you're talking about.
    ZDNet Gravatar
    Ed Bott
    11th Oct 2007
  • Irrelevant
    You missed the point. Most people don't need it spelled out, but since you do, I'll make it plain.

    His argument is invalid because his example uses hardware he has never used, and attempts to apply it to an application it isn't designed for. It is a display monitor, just like planar medical displays (which are HD, and grayscale), it's meant for commercial use in applications like airports, bars, restaraunts, hotels, etc for displaying data. It is NOT a home theatre.
    ZDNet Gravatar
    Spiritusindomit@...
    1st Nov 2007
  • Should small projects pay $230 for a certificate too?
    "'A downside of this is that an enormous mass of third-party drivers that haven???t passed through Microsoft???s approval process can???t be used under 64-bit Vista, and because of the time and money involved in the approval process may never end up running under Vista.'

    If you own a hardware company you are completely at Microsoft???s mercy, and if they decide not to approve your drivers, or just delay their approval, you???ll starve to death."

    I in no way defend the rest of the paper, but this isn't how I read this point. Personally, I feel I should be able to load any third-party drivers without requiring the author to shell out a few hundred bucks for a certificate, especially if the authors don't have many resources. For example, there's a driver that is part of a freeware program for overclocking my video card (RivaTuner). I'm currently tweaking my new computer, I don't like the fact that I have to restart and disable the requirement every time I want to load that driver again. This artificial restriction makes me angry every time I forget upon restart, and one of these advanced-tweaking applications crashes because it couldn't load its driver.

    There's a way to get around this problem if the authors get lucky - RivaTuner used some different site's certificate. But Rivatuner is pretty much one guy's freeware project, not some for-profit company. This guy shouldn't be asked to pay hundreds of dollars to sign his driver - there has to be a better way.
    ZDNet Gravatar
    AySz88
    16th Sep 2007
  • It's a one time signing certificate for unlimited code signing
    It's a onetime signing certificate that allows you to produce unlimited amount of code for distribution under Windows Vista x64. Anyone distributing software for an OS kernel should have one of these certificates just so that we know where the driver is coming from. It beats the hell out of forcing the consumer to manually check MD5 checksums and that?s not something normal people will tolerate anyways.

    The certificate is just a way of certifying the software producer and while I may not agree with how PKI is done in general, code signing is THAT important because you?re modifying people?s kernels.
    ZDNet Gravatar
    georgeou
    16th Sep 2007
  • Certificates are a very bad idea
    You say a mere $200-300 certificate for developing drivers is no big deal, but what about modified drivers, or other independent projects? This basically kills open-source drivers for Vista, not that Microsoft would ever want such a thing to begin with.

    Well, at least due to the insignificant marketshare of Vista x64, it doesn't really matter yet. But if this is going to be Microsoft's future policy, it's another one of many reasons why it is time to start looking for alternatives.
    ZDNet Gravatar
    shoktai@...
    17th Sep 2007
View More Comments

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity

Blog Roll

Blog Archive

White Papers, Webcasts, & Resources