Busting the FUD about Vista's DRM

Encryption researcher Peter Gutmann of New Zealand says the content protection built into Windows Vista is creating headaches for people trying to view high-definition content they've created. Trouble is, Gutmann doesn't appear to have actually used the OS he's so intent on tearing down. I've got five questions I hope he'll answer when he gets back to his office.

Is it bad reporting, bad research, or something worse?

That’s the question I asked myself when I read this NetworkWorld account of Peter Gutmann’s presentation at the Usenix Security Symposium last week. Gutmann is a researcher in the Department of Computer Science at the University of Auckland in New Zealand who specializes in encryption (on his home page, he describes himself as a Professional Paranoid).

Gutmann generated a lot of heat last December with the publication of a paper that called Windows Vista’s Content Protection scheme “the longest suicide note in history.” He updated it in April, mostly to call his critics names, and he updated it yet again yesterday with a top-of-the-page slam at my ZDNet colleague George Ou, who took exception with some of Gutmann’s claims yesterday (see Claim that Vista DRM causes full CPU load and global warming debunked!).

Gutmann has a flair for melodramatic language and headline-grabbing phrases, but his theoretical arguments against Vista’s video subsystem fall apart quickly when they make contact with the real world. Based on Jon Brodkin’s story for NetworkWorld, it appears that Gutmann’s presentation at the Usenix conference was simply a rehash of his earlier claims about Vista and DRM. Specifically, according to Brodkin, Gutmann said:

While Microsoft’s intent is to protect commercial content, home movies are increasingly being shot in high definition, Gutmann said. Many users are finding they can’t play any content if it’s considered “premium.”

“This is not commercial HD content being blocked, this is the users’ own content,” Gutmann said. “The more premium content you have, the more output is disabled.”

I had to read that passage several times to make sure I understood what I was reading, because it directly contradicts my experience with Windows Vista and high-definition content. In fact, it does not appear to be supported by any real-world experience.

So maybe he was misquoted. I wrote to the Usenix Publications Director, Jane-Ellen Long, and asked if she could provide me a copy of Gutmann’s slides. She responded within minutes:

I'm sorry to say Peter hasn't yet given us his slides. You might write to him directly. If you do, could you add that jane-ellen would love to get the slides...

According to the note at the top of Gutmann’s page, he’ll post the slides on his website when he gets back to New Zealand. (And send your slides to Jane-Ellen, too. She needs them to put the proceedings together.) When you do get around to updating your site, Peter, can you please answer these questions as well?

Where’s the demo? I was disappointed to read that your Usenix presentation consisted of 132 PowerPoint slides. You’d think by this point you could actually have put together a video clip or even a live demo of the issues you’re talking about. Have you actually seen the issues you describe, or is this discussion completely theoretical?

Where’s your research? I have seen nothing in any of your writing to indicate that you’ve actually performed experiments using Windows Vista to confirm the theoretical arguments you make. In fact, in an April update to the original paper from last December, responding to Microsoft’s critique of your complaints, you wrote: "Can others confirm this? I don't run Vista yet, but if this is true..." The final release of Vista has been available for more than nine months, and HDCP-compatible video cards are available at a wide range of price points, including sub-US$50 models. So it shouldn’t be a burden to actually test this stuff.

Earlier this year, I sat down to write an analysis of the original paper. I literally lost count of the number of gross errors that are easily fact-checked. Here’s a typical example:

Gutmann: “The exact nature of this Media Foundation Protected Pipeline is somewhat mysterious, the executable image is mfpmp.exe but there's no file of that name present in Vista which implies it's being generated on the fly by another executable.” [emphasis added]

Oh really? I just clicked the Start button on this PC running Windows Vista Business, typed mfpmp, and instantly found this file in the Windows\System32 folder:


Oops. And I’m sorry to say that’s not the only forehead-slapping mistake in the original paper.

Where are the complaints from real live users? The original paper from last December included links to some early reviews, complaining about stuttering and dropped frames in audio and video playback. As it turns out, those problems had nothing to do with DRM and everything to do with immature drivers. The NetworkWorld report of your talk says “users are seeing status codes that say ‘graphics OPM resolution too high’” and quotes you as calling this “probably the most bizarre status code ever.” Well, I hang out regularly in a couple of forums with other digital media fanatics (The Green Button, AVS Forum, and microsoft.public.windows.mediacenter, to name just three) and I can’t find a single report of this error or anything remotely like it. In fact, most of the problems people are reporting have to do with connecting consumer electronics gear, which has nothing to do with Windows, Microsoft, or DRM.

Meanwhile, in the snippet I quoted at the beginning of this post, you say that many users are finding they can’t play back home movies shot in high-definition. I don’t have an HD video camera, but Brandon LeBlanc does. he shoots all his movies for the Windows Vista Experience blog in HD (1080i) using a Sony HDR-HC3 HDV Handycam, edits them in Windows Vista, and says he has never experienced a problem viewing them on his 42” HDTV.

I’ve scoured the newsgroups and forums to find complaints from real people of this issue and have come up empty.

How come I can do things you say are impossible? Your original paper says “In fact so far no-one has been able to identify any Windows system that will actually play HD content in HD quality.” Are you kidding? My sub-$500 Dell PC running Windows Vista outputs superb, glitch-free surround sound and glorious high-definition video at full 1080i and 720p resolutions on a Sony 50–inch HDTV display. A dozen PC makers sell systems at all price levels with full HD support. They weren’t on sale in December because Vista hadn’t been released to the consumer market yet. But they’re available now. Maybe you could update your paper with that news.

Here in the real world, my Vista Media Center PC is set to record the NBC Nightly News in HD every weekday evening. The NetworkWorld report of your talk says you’re worried that the extra power demands of HD playback are going to contribute to global warming. A few minutes ago, I played back last night’s broadcast and checked Vista’s Performance and Reliability Monitor. You’ll be relieved to know that it was using, on average, less than 15% of the low-end AMD CPU. the system is running so cool and quiet that I couldn’t hear its internal fan until I put my ear right next to it.

Will you please stop calling your critics names? In the update to your original paper, you compare Microsoft employees to Nazi war criminals (“we were only following orders”), with a specific link to the Wikipedia article on the Nuremberg defense, and to a criminal defendant with “six previous violent crime convictions on his record.” I’ve resisted the urge to call you names or to speculate on your motives for conducting this research. I hope you’ll give me the same respect.

I’ve lost count of the number of times I’ve written about Vista and had someone post a link to Peter Gutmann’s original paper in rthe Talkback section. The trouble is, all those theoretical predictions are turning out to be woefully inaccurate as time passes and the hardware ecosystem grows. The reality is that Vista handles HD content and high-quality audio very well indeed when you use current drivers and hardware. And if you don’t like DRM, don’t use it. Despite the alarming rhetoric, Vista’s DRM is an option. If you don’t use HD DVD or Blu-Ray drives or CableCARD devices, you’ll never have to deal with DRM. And if you do choose to use one of those technologies, I predict they’ll work just fine out here in the real world. End of story.