Slashdot Mirror
Blogger Objects To Accusations Surrounding Vista DRM
Technical Writing Geek writes "Self-described 'professional paranoid' Peter Gutmann of the University of Auckland has become the most widely quoted source of information on DRM and content protection in Windows Vista. The trouble is, according to ZDNet Blogger Ed Bott, Gutmann's work is riddled with factual errors, distortions, contradictions, and outright untruths. From the lengthy piece: 'As Gutmann would know if he actually understood how HD hardware works, Vista will indeed display HD content on this monitor over the D-Sub and component video outputs, which are capable of outputting 1080p and 1080i signals, respectively. In the future, a content provider might choose to constrict the output to these devices, but that decision would apply only to a specific piece of media, and it would have to be disclosed on the package, giving the buyer the opportunity to choose not to purchase it.'"
is that it lacks credibility. He quotes other blogs and manuals of equipment - and is light on actual technical details. No one outside of the core development team at Microsoft can claim any competence on the DRM implementation - and again, no one can predict when MS can choose to suddely implement hitherto unknown features via Service Packs or Auto Updates.
Considering that playing audio on Vista cripples the network and I/O badly, Guttman's assertions appear far more credible.
If you keep throwing chairs, one day you'll break windows....
-- Ed Avis ed@membled.com
...they tend to be wrong.
I don't see how listing 4 errors would constitute as a debunking of a paper, much the less when after a cursory glance the last one is patently not debunked. The blog is trying to debunk Gutmann when he says that the DRM system is overcomplicated and might cause problems. The blogger basically says computers are fast enough to handle the DRM and equates Gutmann saying "polling every 30ms" with executing a single cpu instruction every 30ms and concludes it's not taxing at all.
Of course the "play audio and don't expect your gigabit card to work fast" easily disproves his whole counterargument.
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
There are two sides to Microsoft. The business side and the technical side. The technical side is filled with people who want to build good things that are useful and enjoyable to use for many people (though it sometimes doesn't feel that way). The business side sells the technology to anyone and everyone, and makes promises that are too difficult to keep and in the process tarnishes Microsoft's reputation.
So what happens when Microsoft starts supporting industry standards is that the technical side gets it as right as they can while the sales side is selling clients the moon. All of a sudden, clients get their wildest dreams answered. In reality, that's not happening. But since MS has got that bad reputation, they make an easy target for anyone with an axe to grind. Small variances from the truth can be made with impunity for these complainers, because everyone already assumes the worst from MS.
By the type of comments I expect to see in this thread, most people have already made up their minds one way or another. Since this is Slashdot, they will obviously be negative towards Microsoft.
Are you late jumping on this boat or what? We've known about this since long before Vista launched. In fact, everything in this article was known. The exact same thing happens on a PS3 without an HDMI/HDCP TV as well.
It's just another instance of DRM harming the consumer and NOT harming pirates. Pirates will just strip the DRM and watch it however they please. Consumers will have to buy equipment that is certified, and if something changes in the future, they may have to buy more equipment. (They -may- be able to upgrade firmware, but that's not guaranteed.)
"If you make people think they're thinking, they'll love you; But if you really make them think, they'll hate you." - DM
Restrictions on displaying the content
"would have to be disclosed on the package, giving the buyer the opportunity to choose not to purchase it."
Yeah, right. Who's gonna read the box? After WalMart hands in all the returned crippleware to the distributors, you'll wish you never came up with such an idiotic scheme.
A bug with audio + network speeds (which, btw, Microsoft has admitted is a bug they're working on fixing) has nothing to do with spreading FUD as fact about Vista DRM tech.
This is not an ordinary bug, as in wrong implmentation in code / hardware of a technically sound architecture. The network stack in Vista uses 40% CPU time for simple file transfers - up from 15% in XP and 9% in Linux. This proves that the design deision to rewrite the BSD-stack was a flawed approach, and not a BUG
Secondly, it is not necessary to probe the audio hardware and software 30 times a second, as is done in Vista. That overload on system resources is again not a bug, it is DEFECTIVE BY DESIGN .
Unless Microsoft can demonstrate superior performance with Vista on identical hardware, users will conclude that DRM is such a burden on resources, and avoid using Vista as long as they practically can. This isn't FUD, it's FACT.
If you keep throwing chairs, one day you'll break windows....
Rubbish: "...giving the buyer the opportunity to choose not to purchase it."
This is no good when the manufacturers form a cartel and decide that all devices will be locked this way, or when the content industry forms and decides that content will only be available for devices locked this way.
Then the free market can no longer express what the people want.
Please help publicise swpat.org - the software patents wiki
I find it highly unlikely that they can fix this. After all, if they could, why ship with the reduced performance in the first place - remember, the network performance reduction was put on place intentionally as a hack to get around other flaws. Also, let's not forget that they also worked on WinFS for years, and still failed to deliver. Finally, Microsoft has a reputation of saying anything to help drive sales; in other words, they could be lying.
Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
[...] users will conclude that DRM is such a burden on resources, and avoid using Vista as long as they practically can. This isn't FUD, it's FACT.
You give too much credit to users.
No, users won't avoid using Vista because of performance or DRM issues, because Vista comes/will come preinstalled with their shiny new computer that, being faster than their old computer, will mask the relative lack of performance Vista has compared to XP. As for DRM, many will be pissed, sure, but they won't go through the hassle of crying foul on this because most of them aren't as educated as we are to know how much they are being screwed and abused, so they will think that's just how things are supposed to be and cope.
The fact that Vista will come preinstalled on new computers also means that, for the very few that won't be willing to take all the bullshit, they will have to buy a new copy of Windows XP - which won't be in the market for too long now, so that means that when XP stops being sold, they will be faced with the decision of either migrating to another OS (OSX or Linux) or bearing with Vista. Again, guess what the majority of that (already small percentage of people who won't accept MS's and media industry's bullshit) people will do? Hint: What they are more used to / more confortable with?
It means that it has been designed to actually limit performance for no technical reasons at all. Precisely what they have done here, with DRM.
c++;
"In the future, a content provider might choose to constrict the output to these devices, but that decision would apply only to a specific piece of media, and it would have to be disclosed on the package, giving the buyer the opportunity to choose not to purchase it." Says who? Software doesn't have its EULA on the outside of the box, why would this stuff?
So that's a yes then. In the event that special content gets displayed on Vista there is a DRM subsystem all ready and waiting to restrict it.
He's also debunking silly things like stupidly large monitors, and he fills an entire page with it:
Well no, but it is a daft size for the vast majority of people, as indicated when he wrote 'computer monitor'. You devoted a whole page to this?
Regarding code signing:
Again, he uses an incredible sleight of hand here. He doesn't deny that certificate signing is required, and talks about buying a certificate, which he notes are not controlled by Microsoft but are listed on Microsoft's site:
Bottom line, ergo, you have to have a signed driver for use in the kernel one way or the other. He doesn't deny that at all, and it's an incredible piece of trying to tell us that the emperor is actually wearing clothes.
Notice that he doesn't tell us what content he has tested here, nor does he deny that there is a DRM subsystem in Vista preventing playback on certain outputs given certain content.
I don't know what kind of a rebuttal this is supposed to be, but you don't need HDMI for gaming as Microsoft has stated. However, Microsoft have not ruled out providing a HDMI pack which inevitably would include content protection for certain kinds of content. He doesn't deny this.
He doesn't deny anything here, but merely tells us that a modern PC can handle all this.
Depends on how you word it ;-). Why does Vista need to 'check the integrity of the vi
So, rather than dismissing claims of Vistas dystopian DRM-landscape they just make ad hominem attacks on mr Gutmann and his work. Right. Now move along , nothing to see here, especially if you're using Vista. :-)
Also, the article summary attacks Guttman for claiming that HD can't be played over an analog port. Both are wrong here. DRMed HD can currently be played over an analog port because few discs enable the ICT (Image Constraint Token), but it's just a matter of time before the ICT starts getting flipped on and analog outputs start going to half resolution. I've heard rumors that some cable systems enable ICT for all cable content already.
Um, how is this MS' fault though? By building a system to conform to specifications? If you want to blame somebody, blame the studios.
Let's get something straight regarding consumers. They are stupid. You know it, I know it, hell, even they know it. Saying that it will be on the "media" and that consumers will have a choice to buy it is sycophantic at the least, and dishonest if you examine it closer.
An excellent for-instance is the "secur-disc" technology that prevents copying. Go look at one of these boxes in Best-Buy. You will discover that "secur-disc" will prevent unauthorized copy of your copyrighted data to keep you safe! They don't mention that the average joe doesn't copyright or protect his DVD's. Nor do they mention that secur-disk invalidates the point of purchasing a dvd "Burner" - to copy DVD's, rip media, etc.
The technology was not put there to protect the consumer. The technology was not put there to simply "sit" and not be used. It was put there because hardware and media companies are demanding it. What is the alternative if you want a DVD and the only versions that have been released have this technology on them? You have none, aside from simply not watching the movie.
To go one step further, the average consumer doesn't read those labels, any more than the average consumer reads a Eula, or reads the FBI warning at the beginning of a DVD. You could claim that it is the consumers fault if they are not informed. I would beg to differ. In this day in age, everything from buying a Turkey sandwich at the local gas station to purchasing a game online has so many licensing agreements, privacy policy sign-offs, warnings, and other various "messages" that no one in public will ever look at them. We are so deluged with the warnings, messages, and reminders that we tune them out the same way we do commericals on TV - you simply have no choice.
Finally, nine consumers out of 10 don't know HDMI from component to DVI. They expect to be able to purchase a TV system and get a great picture - or purchase a computer and watch their movie. They aren't going to understand that if that particular media has a particular label on it then they need a specific DVD-rom drive, cable, monitor/lcd, etc for the anti-copying quality degradation to be prevented.
They need to do the smart thing. Ignore Vista. Stop buying movies and CD's. Stop going to the movies. Teach these people that they don't own you - it's the other way around.
Microsoft has the clout.
The "OWN" the desktop. They could have told the studios what to go do with themselves.
Microsoft added this DRM crap because they want to. They want to use this crap for their own agenda. They want to abuse the end users the same way.
It's like Satan making a deal with Hades.
A Pirate and a Puritan look the same on a balance sheet.
Just like how Tivo used to have a 30 second skip button. Then it was disabled, but don't worry you can always enter the "secret code" to make it work again. Until they removed that functionality as well.
Just like how DVD producers *could* disable skip and menu buttons before letting you get to the disc menu, but don't worry, they won't do that except for things like copyright legal notices. Until some DVDs started forcing you to sit through all the previews on the disc, even if they're years out of date.
Just like how income tax was a temporary measure to fund the war, don't worry, they'll never make it permanent. Until now when we have taxes withheld automatically and the only argument seems to be should that amount go up slightly or down slightly.
Power to control is always argued in terms of slight increases for temporary times or only mild inconvenience, but eventually once it is in place and the sheep are used to it, it inevitably is used for that which we feared. I should point out I'm NOT trying to equate Vista DRM with government erosion of rights, those are rather different in scope and morality. However examples of restriction-creep abound, I merely pointed out 3 to illustrate my point.
-- I'm not a pessimist, I'm a realist. It's not my fault that life sucks so much. --
Took'em long enough to get started with the counter-FUD astroturfing.
Am I badmouthing our fine friends in redmond? Well, it's a bit more complex, even if I admit I really don't think of them as "friends".
You see, from not reading the article but having read Gutmann's writing —including RISKs digests—, I would agree with his "professional paranoid" qualification, and he isn't so much as bashing as imagining the possible consequences of this fine technology. And as anyone who regularly works with software should know, if it can break, it will for someone, somewhere.
So it does behoove us to be aware of the worst case consequences. We can insist the damage is solely restricted to "bad content" or "evildoers" or whatever, but that is wishful thinking of a very bad kind. Such blanket assessments are on the same level as deciding that the mere indication you are driving 2km/h over the speed limit warrants an intervention by some black box, like shutting down your motor. Too bad it didn't factor in other circumstances, like you're busy taking over a lorry driving downhill and you need your motor to slow down again, too. Sure, far-fetched. Also already proposed as a good idea by politicians. And enough to get you killed if it does happen to be you.
The problem is that for such widely impacting technology you cannot possibly factor in all possible circumstances—something all software security officers and release engineers know only too well. So the question isn't "Is it likely to happen?" but actually a few quite different questions: "Can it conceivably happen?", "What are the consequences?" and "What are the guarantees to make them not happen?". From my reading, the first is a "yes", the second very conceivably bad enough not to want them to happen in eg. medical applications, and the third... no answer.
No amount of handwaving and accusations of bashing should be excuses to discard the objections. If "but you are just bashing" is the argument, it is itself worse than bashing.
The issues are real and need to be addressed, by anyone who insists on using complex limiting technology, for any to-be-limited victim technology. I for one would be much happier without the artificial limiting at all. We don't need to have someone's greed kills others in need, even if by the remotest of proxies.
defective by design ... doesn't that imply that the designers chose a defective design on purpose?
I'm quite prepared to agree that M$ can't design a good piece of X to save their Y, but I'd have to know the individual designers to be able to claim that they designed something like video streaming in such a broken fashion on purpose.
There is no pro-fuctional purpose in probing the audio and/or video hardware 30 times per second. The only reason it is done is because the order came down from on high that DRM Shall Be Implemented and that system performance Shall Be Sacrificed in the attempt to enforce the DRM.
DRM's sole purpose is to reduce the functionality of the computer, and probing the audio and/or video hardware 30 times per second is done for the sole reason of attempting to actively combat the owner of the computer if he attempts to get the computer to function in his desired manner.
So yeah, it's defective by design. They deliberately chose a design that places an extra load on system performance to ensure that system functionality remains diminished.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Well, actually, he doesn't need to prove it. Nomatter what the DVD were set to, what laptop, what software or what the current moonphase was.
DRM, nomatter why, prevented this user to play an (according to him) legit DVD. It doesn't matter whether the laptop were purchased and configured in China, and the CD purchased in France. (Say, a Chinese studying in France, bringing his laptop with him) It's fully legit, but the very notion of DRM (specifically locking content to regions) prevented this user from viewing the film he claims to have purchased fair and square.
The problem here is not that it is not POSSIBLE to watch the DVD given the right circumstances. The problem is the DRM gives a worsened user experience. It's intended to prevent users from doing what they want, and it's always going to fail both ways.
Please correct me if my 22 years of machine code programming have me in the wrong, but if a CPU runs at 2.0ghz, doesn't that set the upper limit at uhm (counts on fingers) 2 billion instructions per second ? Double it for dual-core. That would be the maximum, and not all instructions complete in a single cycle. Throw in some fetch latency and memory delays, with a healthy dose of I/O spinlocks and pathetic high-level interpreted code, and those 2 billion ops whittle down to maybe 500-700 million actual operations assuming a typical home-user mix of applications.
See the thing with computers, they're reeeeally fast in their own mind. It's in dealing with the outside world (hardware) that things slow down to a crawl. Polling a graphics or sound device 30 times per second, over an already-congested system bus, might not take your system down, but that doesn't mean it's not a huge waste of performance, effort and mindshare.
Heck, remember a while back when people had 200-300mhz systems, and they added a crappy WinModem to the mix which chewed up every last cycle to process a puny little 16khz signal. Just the same, a small polling loop running at 30hz, times every piece of "trusted" hardware in your system, might not add up to much on paper, but in practice it is an undesirable blip in the timing loop, serving only to appease the dirty bastards whose business model has long been obsolete.
-Billco, Fnarg.com
"if you do you probably have to run legal risks downloading it"
.00000000001 percent?
Right - like anybody cares. Of all the RIAA suits, what percentage of downloaders are affected?
The point is you only need ONE GENIUS with the right equipment (which, being a genius, he already owns) to rip or strip DRM out of ANYTHING.
Once that one copy is made and put up on the Net ANYWHERE, if it is at all interesting to any significant number of people it will be EVERYWHERE in a matter of days or weeks. It may indeed be hard to find, but that depends on how bad you want it. I've spent quite some time looking for ebooks I wanted on the Net. If I don't find them now, I'll find them later when they've spread a little farther through the Net.
None of this "well, they can make it harder" crap matters. The cost/benefit is simply not there for the consumer. It might be there for the media producer, if he can prove that the problems the DRM cause the consumers do not cause him to lose sales or handle complaints greater than the cost of the DRM. But the consumer is still harmed.
It's fundamentally an anti-customer practice to treat all customers like they are criminals. Most companies in most industries assume a certain degree of fraudulent behavior in their customers and adjust their prices to deal with it without reflecting on the other consumers (despite the fact that the other consumers are paying more because of it.) This is the correct approach. Attempting to restrict the customer's behavior a priori up front is just stupid. It causes problems for the legit customers and does little to restrict the truly fraudulent customers.
"Trusted TCPA" systems WILL be either hacked or bypassed. Anybody with the right tools and physical access to the device - our GENIUS has both - will succeed sooner or later. And there will be a market for PCs without all that crap, manufactured by underground shops in Pakistan, if no where else. And that will be what our GENIUS will use if he has to.
Also, keep in mind that many of these crackers aren't in it for the money, they're in it to see if they can do it and for the egoboo of doing it. Which means it doesn't matter to them if they can crack it in a day, a month or a year. What matters is that they will keep trying until they do. Which means "cost/benefit" isn't even in the equation.
And once they have, it's over.
Give it up. It's a hopeless endeavor.
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!