Gutmann: "I'm going to ignore" questions about Vista FUD

Gutmann: "I'm going to ignore" questions about Vista FUD

Summary: If you're waiting for Peter Gutmann to reply to my questions or those of my ZDNet colleague George Ou about his confusing, contradictory, and inflammatory Windows Vista "research," I've got some bad news. In a note on his website, Gutmann says he "doesn't have the time" to back up his theories with actual facts. Anyone want to take bets on how many publications that unquestioningly picked up his original FUD will publish follow-up stories?

SHARE:
TOPICS: Windows, Microsoft
164

If you're waiting for Peter Gutmann to reply to my questions or those of my ZDNet colleague George Ou about his confusing, contradictory, and inflammatory Windows Vista "research," I've got some bad news. A note posted by the New Zealand encryption researcher sometime in the last 24 hours (it wasn't there at 5:15AM PDT yesterday) says fuggedaboutit:

Unlike George, ZDNet isn't paying me to do this stuff and I really have better things to do with my time so I'm going to pretty much ignore it, I just added this note in case people had seen one of his rants and were wondering what the story was.

The irony is rich, of course. Gutmann had the time to write more than 7,000 words on the subject last December, add another 3,000 words in January, many of them dripping with sarcasm. He had the time to add another 14,000 words in the intervening months. When Microsoft prepared a response, he had the time to compare them to Nazis and violent street criminals. The organizers of the Usenix Security Symposium invited Gutmann to speak at their event in Northern California Boston last week, and he had the time to prepare 132 PowerPoint slides; then he had the time to fly halfway around the world to give that talk. He's had the time to update the notes at the top of his website at least three times this week alone.

But a couple of bloggers point out the ridiculous errors in his column and ask for some explanations, and he "has better things to do with his time"?

Maybe they do things differently in the Southern Hemisphere, but where I come from, that's called "slinking away with your tail between your legs."

I hope every publication that picked up this ludicrous story will run a follow-up noting the complete collapse of Gutmann's claims.

Topics: Windows, Microsoft

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

164 comments
Log in or register to join the discussion
  • Where are the real scientists?

    What we need from Gutmann is some real empirical evidence of what he claims. Actual experimentation with mesurable results. But I guess "getting his hands dirty" with CPUs, power supplies and all those strange contraptions we call computers is really below him now that he's been elevated into the world's intellectual elite. The great scientists of old must be rolling in their grave! Science is all about measurable facts and not some crazy theory. I could argue all night about how I think Steve Jobs is in fact the devil incarnate secretly plotting to take over the world one Iphone at a time... but that's just a theory ;)
    MisterGilles
    • There is very little

      actual science these days. Most of it is Aristotlean philosophy: Make an observation, form an hypothesis, argue your position. The one who makes the most persuasive argument is correct.

      The revolutionary part of the scientific method wasn't observe, hypothesize or conclude, it was experiment.
      frgough
  • These claims sounded good

    before Vista released. Now, under the harsh light of reality, they fade like the morning dew.

    Unbelievable. I agree with his general dislike of the DRM and anti-piracy tools in Vista, but let's be honest with the facts.
    mtgarden
    • DRM must die !

      enough said on that. But it's still no excuse for scientific laziness !
      MisterGilles
      • I dont understand...

        Is the document is a review of Microsoft's Spec (FROM Microsoft) and one of Ed's big items is from an article not written by Peter, but a reporter and from looking at the statement, it looks like the reporter condensed 2 or 3 sentences to one, and made it sound like something Peter said. If you read Peter's article he does not say this. And now he is leaving out some the story again, Peter was planning on posting his slides when he got back home, but ZDNet bloggers couldnt be patient and wait and George made the statement
        "Peter Gutmann has posted a slam at the top of his ?research? paper that I didn?t wait for his slides. I find it funny that he has time to write a paragraph slamming me but he doesn?t have time to post the slides and he doesn?t have time to post any data to support his theories. So far he?s only asked others to provide data since he hasn?t touched Vista yet.]"

        Well I dont know if that is a slam, it sounds like the truth,
        maybe George his slides were not with him and were on his system at home(It's easy to download a document from the web modify it and upload it back) however if dont have the slides with you, it's tough to upload them. Ed I find you and Georges blogging on this subject extremely poor

        And I dont blame Peter for not posting (I am disappointed) since you (ED and George) just fling FUD about everything he sez anyway.
        mrlinux
        • All we want is proof that Gutman

          tested his hypothesis. Since others have tested them and since Gutmann has had six months to test them, Gutmann needs to make some public comments.

          I'm not saying that Gutmann was completely wrong, but I would rather trust someone who tested the claims than someone who won't do so.

          Furthermore, his approach to argumentation forces me to question his analysis. If he must resort to sarcasm, name-calling, and generalizations, then I take everything he says as suspect. And this isn't just with this particular instance; it's my approach to life. Even when I agree with the conclusions of the speaker, these types of argumentation make me cringe and re-evaluate what I thought correct.

          So simply put: if Gutmann won't give evidence that backs up his claims, then he doesn't deserve any credit or support. End of story.
          mtgarden
          • I have 2 issues....

            1) Peter was reviewing a spec that Microsoft released and it was done in December prior to GA of the code.
            Reviewing a Software Specification release from a Vendor
            requires testing.


            2) Some of what you what evidence of stuff, of where he tested this, comes right out of the Microsoft Spec.
            Example,
            From George
            "Gutmann not only failed to test any of his theories with real-world experiments, but he didn?t even bother to come up with a good postulation by doing the basic math on what 20 CPU clocks per byte means on a modern CPU."


            The above statement is not one of Peters theories it's one of Microsoft's.
            From the spec:
            "The problem with regular AES is that it takes about 20 CPU clocks to encrypt each byte. This is OK for compressed or semi-compressed video, but for the multiple HD uncompressed case, it is too much even for a 2006 processor. A dual HD uncompressed stream with potential sub-picture information can be up to 250 MBytes/sec."



            Note: I dont agree totally with Peter, but if you are going to report stuff, how about trying to do some basic research (Reading the DOCs), This is directed @ Ed and George.
            mrlinux
          • Vista was released in November

            When this was first published, the RTM code had been out for nearly two months. Release candidates had been publicly available for four months or more. And since the commercial/retail release, Gutmann has written 14,000 more words.

            This isn't about a spec, it's about a product, one that is widely available.
            Ed Bott
          • November was for Business not General for everyone

            ....
            mrlinux
          • It was widely available

            The consumer versions of Vista (Home Basic, Home Preium, Ultimate) were released in November 2006. They just were not made available for retail sale.

            Anyone with a TechNet or MSDN account could download it.

            But that is irrelevant. You keep talking about the spec. Last time I looked, custoers actually buy the software, install it on a computer, and use it. The behavior of the software is what we're talking about.
            Ed Bott
          • That brings up all the other problems with his claims.

            At what stage would anyone with a home computer be dealing with 2 raw encrypted HD streams? Video editiing? I don't think so. This is all based on Gutmann's obviously garbage claim that even your home movies go through AES.

            As this isn't true, your Premiere Elements HD Holiday videos will [u]not[/u] suffer any performance issues as a result of the DRM.as it isn't switched on and therefore uses [u]zero[/u] CPU cycles.
            odubtaig
          • No where does Peter Claim what you posted...

            "This is all based on Gutmann's obviously garbage claim that even your home movies go through AES."
            mrlinux
          • Really?

            So when he claims that even personal 'unprotected' HD video will be downscaled without HDCP compliant hardware (which means AES capability) what magical secondary mechanism that no-one else seems to know about [i]is[/i] causing this effect? I mean, given that this only happens when AES is [u]required[/u] for full resolution playback.
            odubtaig
          • Then please apply that same logic

            To pretty much any of George's "theories." He is big on rant, big on "creative accounting" with regard to facts/data etc, and very very small about reality.
            zkiwi
          • Glad you articulated and emphsized

            Guttman's theories. Nice job!! I could care less how you feel about George, but to hear you describe Gutman in the same breath was a refreshing change from your usual stance against ms no matter how much it rips apart your credibility.
            xuniL_z
          • What makes you think I was including

            Anything to do with my views on his theory?
            zkiwi
          • It was the way

            you framed your reply. no question, would hold up in court.
            xuniL_z
          • Message has been deleted.

            The_Nutty_Zealot
        • asking for empirical date is not spreading FUD

          nuff said! While I do not always agree with Ed and George, the fact that they are calling on Gutmann to show some proof is far from spreading FUD. It's called scientific rigor or common sense.

          PowerPoing Slides are not going to proove anything. Unless they show measured data that has been peer reviewed. Anything else from Gutmann is a simple theory and IS IN FACT FUD.
          MisterGilles
          • Asking for Data is not a bad thing...

            but making false claims, such as the ones that have been made are wrong. Such as the one George makes
            "Gutmann postulated that the encryption required by Vista DRM means that it will drive CPU utilization ?full steam? and he cites the fact that AES takes about 20 CPU clocks to encrypt each byte. Gutmann not only failed to test any of his theories with real-world experiments, but he didn?t even bother to come up with a good postulation by doing the basic math on what 20 CPU clocks per byte means on a modern CPU. "

            Well Peter didnt need to do testing since this was a quote from the Microsoft document that George didnt read.

            http://www.microsoft.com/whdc/device/stream/output_protect.mspx
            From Microsoft
            "The problem with regular AES is that it takes about 20 CPU clocks to encrypt each byte. This is OK for compressed or semi-compressed video, but for the multiple HD uncompressed case, it is too much even for a 2006 processor. A dual HD uncompressed stream with potential sub-picture information can be up to 250 MBytes/sec."
            mrlinux