Everything you've read about Vista DRM is wrong (Part 1)

Self-described "professional paranoid" Peter Gutmann of the University of Auckland has become the most widely quoted source of information on DRM and content protection in Windows Vista. The trouble is, Gutmann's work is riddled with factual errors, distortions, contradictions, and outright untruths, and his conclusions are equally wrong. In this three-part series, I'll show you why Gutmann's outrageous and inflamatory arguments don't stand up to close scrutiny.

Last month, I wrote about the FUD surrounding Windows Vista and DRM. The FUDmaster is Peter Gutmann, a New Zealand researcher who wrote a paper last December that made a series of outrageous and inflammatory claims about Windows Vista. Since then, Gutmann has expanded the paper to more than four times its original size. The current version available on Gutmann's website clocks in at more than 26,000 words, making it longer than some recent works of fiction.

And length isn't the only thing Gutmann's paper has in common with the average pulp novel. Gutmann's work is riddled with factual errors, mistaken assumptions and unproven assertions, distortions, contradictions, misquotes, and outright untruths. In short, it's a work of fiction all on its own.

Gutmann is a clever writer, and he's able to string together nouns, verbs, technical terms, and acronyms in ways that sound persuasive. In this three-part series (look for Part 2 and Part 3 later this week), I'm going to dig deep into Gutmann's work and show you just where he got it wrong.

I've been working on this story for months. Part of the problem is that Gutmann's paper is a rambling, sloppy, disorganized mess, and nine months of additions have made it even more difficult to pick out the serious arguments from the scare stories and snark. Gutmann's favorite technique is to string together anecdotes he's plucked from magazines and websites, juxtapose those stories with sentences from presentations by Microsoft engineers and developers, and then speculate on the implications, often with wildly incorrect results. And worst of all, Gutmann appears to believe everything he reads—as long as he can fit it into his anti-Microsoft world view.

The other part of the problem is Gutmann's lack of hands-on experience with modern consumer electronics gear and with Windows Vista itself, which shows in nearly every sentence he writes. I've done extensive hands-on testing and have personally seen Vista do things that Gutmann says are impossible. Rather than write 26,000 words of my own, I'm going to pick out more than a dozen substantive errors in Gutmann's piece and explain why they're wrong.

With that introduction out of the way, let's get started.

Next -->


In his role as self-appointed consumer advocate, Gutmann seems determined to tell you and me about products we shouldn't buy. Like Samsung's big LCD monitors:

One of the big news items at the 2007 Consumer Electronics Show (CES 2007), the world's premier event for consumer high-tech, was Samsung's 1920×1200 HD-capable 27" LCD monitor, the Syncmaster 275T [...] The only problem with this amazing HD monitor is that Vista won't display HD content on it because it doesn't consider any of its many input connectors (DVI-D, 15-pin D-Sub, S-Video, and component video, but no HDMI with HDCP) secure enough. So you can do almost anything with this HD monitor except view HD content on it. [emphasis added]

Wrong! Because Gutmann has no hands-on experience with this technology, he doesn't realize that DVI-D is indeed a fully compatible HDCP output. You can use a DVI-to-HDMI cable or a simple DVI-to-HDMI adapter. This monitor meets all the Windows Vista logo requirements for full playback of all high-definition digital media, protected and unprotected. Here's the information on this exact monitor, taken directly from Samsung's Australia site, right in PG's backyard:


In addition, as Gutmann would know if he actually understood how HD hardware works, Vista will indeed display HD content on this monitor over the D-Sub and component video outputs, which are capable of outputting 1080p and 1080i signals, respectively. In the future, a content provider might choose to constrict the output to these devices, but that decision would apply only to a specific piece of media, and it would have to be disclosed on the package, giving the buyer the opportunity to choose not to purchase it.

Gutmann has more snark for another Samsung product:

If you have even more money to burn, you can go for the largest (conventional) computer monitor made, the Samsung's stupidly large (for a computer monitor) 46? SyncMaster 460PN. Again though, Vista won't display HD content on it, turning your $4,000 purchase into a still-image picture frame... [emphasis added]

The link he provides is dead, but through the magic of Google I found the 460PN specs at Samsung's Australian website. Hmmm. Wonder what's in the downloadable brochure? Ah. It says this monitor is:

"...suitable in any area where information needs to be delivered quickly and efficiently. For example, airports, hotels, shopping malls, executive offices, corporate lobbies, network control rooms, video conferencing..."

It even includes a picture of a suggested application:

Samsung large screen monitor in operation

So, this is "stupidly large (for a computer monitor)"? Not if you're planning to install it in an airport or an office lobby, which is its intended use. In fact, when you dig into the specs you see that the biggest selling point of this monitor is its compatibility with large networks (such as those used in airports), where it's necessary to display up-to-date information on many screens that can be seen from a distance by crowds. And yes, Windows Vista will display HD content on it.

Next -->


One of Gutmann's more inflammatory assertions is that Microsoft has assumed complete control over all drivers used in 64-bit versions of Windows Vista, and they can use this power to crush companies that don't play ball with them. Here's how he puts it:

...64-bit versions of Vista (which will be displacing the 32-bit versions within the next few years as everyone moves to 64-bit platforms) will only load drivers signed by Microsoft [...] This means that no drivers that potentially threaten premium content can be loaded. A downside of this is that an enormous mass of third-party drivers that haven't passed through Microsoft's approval process can't be used under 64-bit Vista, and because of the time and money involved in the approval process may never end up running under Vista.

That sounds awful, doesn't it? If you own a hardware company you are completely at Microsoft's mercy, and if they decide not to approve your drivers, or just delay their approval, you'll starve to death.

Too bad Gutmann is completely wrong. He is confusing digital signatures with the Windows Logo process administered by Microsoft's Windows Hardware Quality Labs (WHQL). Yes, if you want to attach the Microsoft logo to your product and its drivers, and have the option of delivering those drivers via Windows Update, then you have to send your code to WHQL and have it tested and approved. [Update: As a commenter points out below, Microsoft doesn't actually perform the tests. The device maker/driver developer does that task and sends the results to Microsoft for approval under the logo program. Correction noted.] But if you just want your driver to load under Windows Vista x64, you can take care of business in a matter of seconds, by using your own certificate to digitally sign it, a process called Kernel Mode Code Signing (KMCS). You can do so without ever talking to anyone at Microsoft, and you can distribute your driver anyway you want, again, with no Microsoft approval required. Anyone can get a software publishing certificate from the independent certification companies listed here, none of which is owned or controlled by Microsoft. I found a suitable certificate for $229.

In fact, Gutmann is either being lazy or disingenuous, because the facts are in the same document he linked to in the statement above, entitled "Digital Signatures for Kernel Modules on Systems Running Windows Vista":

For any kernel-mode component that is not already signed, publishers must obtain a software publishing certificate (SPC) and use the SPC to sign all 64-bit kernel-mode software that runs on x64-based computer systems running Windows Vista. This includes kernel-mode services software [...] KMCS that uses an SPC provides identifiability of the publisher of a kernel module loading into Windows Vista. KMCS does not provide any level of certification of functionality or reliability of the kernel module. If drivers do not qualify for the Windows logo or the logo is not one of the product requirements, the publisher can create a catalog file for the driver package and sign it with the publisher’s SPC. [emphasis added]

From "Code Signing for Protected Media Components in Windows Vista":

[T]he following signing methods are accepted for kernel-mode modules:

  • Signed through the WHQL testing program as part of a driver package submission. For further information, see the WHQL Web site, which is listed in "Resources" at the end of this paper.
  • Signed by the vendor, by using the KMCS process. This process uses the vendor’s code-signing certificate together with the cross certificate. [emphasis added]

Bottom line: Gutmann is wrong.

Next -->


With no testing of his own, Gutmann has decided that certain combinations of hardware won't work. For example, he says if you use an HDMI cable to connect your Vista PC's video card to a TV and try to play the audio from an HD DVD or Blu-ray disc over a separate digital audio connection, you'll be shut out:

Vista's content protection mechanism only allows protected content to be sent over interfaces that also have content-protection facilities built in. Currently the most common high-end audio output interface is S/PDIF (Sony/Philips Digital Interface Format). Most newer audio cards, for example, feature TOSlink digital optical output for high-quality sound reproduction, and even the latest crop of motherboards with integrated audio provide at least coax (and often optical) digital output. Since S/PDIF doesn't provide any content protection, Vista requires that it be disabled when playing protected content. In other words if you've sunk a pile of money into a high-end audio setup fed from an S/PDIF digital output, you won't be able to use it with protected content. Instead of hearing premium high-definition audio, you get treated to premium high-definition silence.

This is completely, unequivocally wrong. I've tested multiple systems, using HDMI, DVI, and analog outputs for video and TOSLink and coax connections for digital audio. There's no problem playing back HD video and listening to the accompanying audio over this type of connection. So what is Gutmann talking about?

He continues:

Similarly, component (YPbPr) video will be disabled by Vista's content protection, so the same applies to a high-end video setup fed from component video. In fact even the most basic composite video out (a.k.a. “TV-out” on video cards) is disabled, at least by nVidia's drivers:

“This feature is no longer supported due to the new Protected Video Path Output Content Protection (PVP-OPM) in Windows Vista.”.

A quick Google search leads to numerous online forums containing howls of outrage at this Windows “feature”, and an iTWire review recommends against nVidia-based media center PCs altogether because of it.

Today, any commercially available Blu-ray or HD DVD player will play back just fine over a component connection. Arguably the most popular HD DVD player, Microsoft's Xbox 360 drive, which also works on a Windows PC, has only component connections, in fact. [Update: A reader points out via e-mail that the Xbox 360 drive has only USB connections. When used as originally designed, plugged into an Xbox 360 made before mid-2007, it has to use the component video outputs on the Xbox 360. When plugged into a PC's USB port, it outputs to whatever video port is available.]

As for the supposed disabling of composite outputs, Gutmann is laughably wrong. If you actually follow the links in that piece, you'll discover that they have nothing to do with the point Gutmann is trying to make. The "howls of outrage" were over Nvidia's decision to drop support for a feature called Full Screen Video Mirror, which allows enthusiasts with a dual-display setup to automatically play video on a TV while they continue to work at the Windows desktop on the other monitor. It has nothing to do with disabling the composite out connector.

And despite the fact that Nvidia appears to blame Windows Vista's new output protections for this change, there is no evidence that that's true. In fact, in one of the links that Gutmann so thoughtfully provides, a forum participant points to the equivalent feature in ATI's current product line, called Theater mode, which works just fine under Vista.

Next -->


Gutmann spins a terrifying scenario to suggest that Vista's video driver architecture is outrageously overcomplicated:

In order to prevent active attacks, device drivers are required to poll the underlying hardware every 30ms for digital outputs and every 150 ms for analog ones to ensure that everything appears kosher. This means that even with nothing else happening in the system, a mass of assorted drivers has to wake up thirty times a second just to ensure that… nothing continues to happen ... In addition to this polling, further device-specific polling is also done, for example Vista polls video devices on each video frame displayed in order to check that all of the grenade pins (tilt bits) are still as they should be. We already have multiple reports from Vista reviewers of playback problems with video and audio content, with video frames dropped and audio stuttering even on high-end systems [Note I]. Time will tell whether this problem is due to immature drivers or has been caused by the overhead imposed by Vista's content protection mechanisms interfering with playback.

Wow, polling the underlying hardware every 30 ms? What a taxing demand on a modern PC! That's more than 30 separate instructions operations that have to be processed every single second! That will impose a tremendous drag on performance, won't it?

Oh. Wait. I just looked it up. An entry-level dual-core CPU running at 2.0 GHz or higher (the target for most video playback applications) can typically process a minimum of 14 billion instructions per second. A quad-core Intel Core 2 Extreme CPU (which is expensive today but will be an entry-level part in two years) can deal with nearly 60 billion instructions per second. Even a four-year-old Pentium 4 can handle around 10 billion instructions per second. Even an additional 30 million instructions per second (allowing for one million instructions per operation) would only affect a tiny fraction (well under 1%) of the CPU's processing power.

The reality, stripped of Gutmann's inflammatory language, is this: Vista's playback architecture checks the integrity of the video subsystem as part of the process of sending each video frame to the display. If there's a problem with the video subsystem, you'll know about it right away and be able to troubleshoot it. There, that's not nearly as scary, is it?

And Gutmann's examples assume that this polling happens all the time, as soon as you turn on a Windows PC. That's ridiculous. The only time this activity occurs is if you're playing back premium content using a software player that exercises this feature. If you choose not to play back premium content, you'll never be affected.

By the way, Gutmann's Note I reads, in full:

Some insider comments indicate that it'll be mid-2007 at least before Vista's non-Microsoft graphics and sound drivers are finished enough to be stable and reliable. Vendors were still frantically rushing to get drivers ready in time for Vista's release (they didn't even make it onto the RTM media and will have to be downloaded after the install), but even those have been described as 'beta-quality at best'. Now that Vista is publicly available, you can use Google to find all the problem reports arising from not-quite-ready-yet drivers.

Well, we're way past mid-2007, and the consensus is indeed that those early reports of dropped frames and video stuttering had everything to do with half-baked drivers and nothing to do with content protection. (I can testify to that firsthand.) Gutmann has added nearly 14,000 words to his report since writing the original paper but strangely hasn't updated this part.

Coming up in Part 2: What Peter Gutmann doesn't know about the PC hardware market.

Show Comments