UPDATED. See bottom of post.

Peter Gutmann wrote an exhaustive summary of the copy protection measures that are built into Windows Vista. In it, he makes a few key points that are worthy of note (actually, he makes a lot more, but the paper is really long, so we’ll keep it short here). The Windows Vista team responded (cough) to his assertions and others out there on their blog.

I’m not going to go through their blog point by point, but understand one thing. NOTHING they wrote in their blog post refutes anything Gutmann said. Instead, they’ve oversimplified his arguments and then dismissed them.

For example, they talk about open source drivers and unified drivers for graphics hardware and how difficult that would be with Microsoft’s new guidelines. Gutmann says that it would be impossible to do drivers for HD on open source, and he also says that it would be infeasible for companies to make unified drivers because if they’re revoked by the DRM mechanism, it would effectively revoke the content playback abilities for all the cards supported by the driver.

Microsoft’s response?

Will it mean that there will no longer be unified graphics drivers?

The Windows Vista content protection requirements for graphics drivers will not lead to movement away from unified drivers. In fact, all graphics drivers shipped with Windows Vista are unified drivers.

In other words, “we’re not going to answer that.” Gutmann’s point had nothing to do with the existence of unified drivers. His point was that they’d no longer be practical given the fact that the driver is disabled when it’s revoked and if any card uses that driver, it too will be revoked. In other words, Gutmann was right.

Do things such as HFS (Hardware Functionality Scan) affect the ability of the open-source community to write a driver?

No. HFS uses additional chip characteristics other than those needed to write a driver. HFS requirements should not prevent the disclosure of all the information needed to write drivers.

In other words, unless they have those hardware specs, they can’t develop fully functional drivers. Gutmann was right.

Gutmann also asserts that content can disable hardware like SPDIF (Digital Audio) and Component Video. Microsoft’s response:

What about S/PDIF audio connections?

Windows Vista does not require S/PDIF to be turned off, but Windows Vista continues to support the ability to turn it off for certain content — a capability that has been present on the Windows platform for many years. Additionally, in order to support the requirements of some types of content, Windows Vista supports the ability to constrain the quality of the audio component of that content. Similar to image constraint for video, this quality constraint only applies to the audio from content whose policy requires the constraint, not to any other audio being played concurrently on the system. As a practical matter, these audio restrictions are not widely used today.

Will Component (YPbPr) video outputs be disabled by Windows Vista’s content protection?

Similar to S/PDIF, Windows Vista does not require component video outputs to be disabled, but rather enables the enforcement of the usage policy set by content owners or service providers, including with respect to output restrictions and image constraint.

In other words, Gutmann was right.

Gutmann also notes that there are tilt bits that reset the graphics / sound subsystem if something the system deems fishy is detected. He also believes that these bits can be triggered inadvertently cause problems. Microsoft’s response?

Will the ’tilt bit’ mechanism cause problems even when the driver is not under attack from a hacker, e.g., when there are voltage spikes?

It is pure speculation to say that things like voltage fluctuations might cause a driver to think it is under attack from a hacker. It is up to a graphics IHV to determine what they regard as an attack. Even if such an event did cause playback to stop, the user could just press ‘play’ again and carry on watching the movie (after the driver has re-initialized, which takes about a second). Again, it is important to note that this could only occur in the case of watching the highest-grade premium content, such as HD-DVD or Blu-Ray. In practice I doubt it would ever actually happen.

Highest grade premium content? Euphemism for Blu Ray or HD-DVD, which is the whole point of all this copy protection anyway, isn’t it? Microsoft’s response amounts to “it’s pure speculation, but it could happen” and “I doubt this would ever happen.” Well, I’m sure Microsoft doubted Internet Explorer would be an open door for spyware, malware, and viruses but it did. The problem is that when you start leaving all these things up to software, you effectively assume that the software is bug-free for a perfect experience. That’s a big assumption and it has never proven correct ever in the history of software. In other words, Gutmann was right.

Gutmann finally asserts that the copy protection which is polling hardware at 30ms (digital outputs) and 150ms (analog outputs) using AES 128 bit encryption will hog CPU cycles whether or not you’re playing premium content. Gutmann claims that reports have filed in that indicate that whether or not the content is “premium” content, there have been problems (see above linked report). As Leo Laporte correctly noted, Vista is “insanely paranoid.” Microsoft’s response?

Will Windows Vista content protection features increase CPU resource consumption?

Yes. However, the use of additional CPU cycles is inevitable, as the PC provides consumers with additional functionality. Windows Vista’s content protection features were developed to carefully balance the need to provide robust protection from commercial content while still enabling great new experiences such as HD-DVD or Blu-Ray playback.

In other words, Gutmann was right.

Basically, Microsoft’s rebuttal is a complete confirmation of the main points of Gutmann’s piece. If you want to throw Vista on your computer, feel free. It’s a cool operating system with some nice features and nice enhancements over XP. Sure it’s not without its problems, but it’ll be an overall good experience if you have the right hardware.

That being said, don’t buy Microsoft’s line of crap. Vista is locked down to the nth degree. Vista includes all kinds of mechanisms that cozy up to Hollywood. Vista also has no qualms about disabling hardware in your system if it doesn’t think you’re on the up and up. Oh, and it steals your CPU cycles because it’s insanely paranoid.

And don’t forget the marvelous WGA. That ain’t goin’ anywhere either, folks.

Microsoft thinks you’re automatically a criminal and treats you accordingly.

If that’s what you want for an OS, go for it man. I ain’t stoppin’ ya.

I highly recommend, however, that if you’re in the market for a new PC, grab a new Dell Dimension N Series (with no operating system) and put Ubuntu on it.

If you’re ready to ditch the PC platform altogether, get a Mac.

Either way, think twice about Vista. If someone called me a criminal and then treated me that way, I’d probably not want to patronize them… But that’s just me.

Update: Gutmann savages the Microsoft blog entry in a complete and profound way, most of it done with their own words. It’s a brilliant work of art and one that requires reading, particularly if you’re a died-in-the-wool Microsoft apologist. Face it folks, Gutmann is right, and Vista’s going to be problematic on many levels for many people.

Technorati Tags: dell, microsoft, apple, windows, mac, osx, ubuntu, gutmann, security, drm