Forgot your password?
typodupeerror
Upgrades Microsoft IT

Vista Security The 'Longest Suicide Note in History'? 467

Posted by ScuttleMonkey
from the /wrists dept.
rar42 writes "The Inquirer is reporting on an analysis of Vista by Peter Gutmann — a medical imaging specialist. This isn't the usual anti-Microsoft story — just a professional looking at what is going to happen to his computer if it is upgraded to Microsoft Vista. From the article: 'Windows Vista includes an extensive reworking of core OS elements in order to provide content protection for so-called "premium content", typically HD data from Blu-Ray and HD-DVD sources. Providing this protection incurs considerable costs in terms of system performance, system stability, technical support overhead, and hardware and software cost,' says Gutmann."
This discussion has been archived. No new comments can be posted.

Vista Security The 'Longest Suicide Note in History'?

Comments Filter:
  • by P(0)(!P(k)+P(k+1)) (1012109) <math.induction@gmail.com> on Monday December 25, 2006 @07:29PM (#17361912) Homepage Journal

    From TFA:

    If I do ever want to play back premium content, I'll wait a few years and then buy a $50 Chinese-made set-top player to do it, not a $1000 Windows PC. It's somewhat bizarre that I have to go to Communist China in order to find vendors who actually understand the consumer's needs.

    At first, I shared some cognitive dissonance with Gutman; China, however, is governed by Chinese and for Chinese: they're allowed to act in their own best interests.

    The U.S., on the other hand, is beholden to parasites and corporations; and compelled into an unnecessary decline.

    • by ravenshrike (808508) on Monday December 25, 2006 @07:39PM (#17361982)

      China, however, is governed by Chinese and for Chinese
      *cough* I think you meant by Chinese Corporations for Chinese Parasites who also happen to hold government positions.
      • by Anonymous Coward on Monday December 25, 2006 @07:46PM (#17362020)
        The U.S., on the other hand, is beholden to parasites and corporations
        *cough* I think you meant by Chinese Corporations for Chinese Parasites who also happen to hold government positions.
        Fixed that for you, you quoted the wrong part of his post.
    • Re: (Score:3, Insightful)

      by StrawberryFrog (67065)
      China, however, is governed by Chinese and for Chinese

      You meant to say: China, however, is governed by a few Chinese and for those Chinese.

      they're allowed to act in their own best interests.

      I'm not calling the Chinese government corrupt; I wouldn't know. But governing a county in your own best interest is generally neither good nor allowed, that is to say, it's illegal.

      The U.S., on the other hand, is ... not all that different?
    • Chinese DVD players (Score:5, Interesting)

      by tgibbs (83782) on Monday December 25, 2006 @09:58PM (#17362626)
      I currently have a Chinese-made upconverting DVD player. Chinese made because the US and Japanese manufacturers have knuckled under to the demands of the entertainment industry that no DVD player will output HD content over component video cables. (Now think for a moment just how mind-numbingly stupid this restriction is. Upconverting DVD players don't actually output video in true HD, because the movie isn't on the DVD in HD in the first place, and no process can add more information that was there to begin with. All an upconverting DVD player does is interpolate. An upconverted signal is the absolute last thing that any pirate could want, because it massively increases the amount of data required to copy the signal, without adding any information. So the entertainment industry, out of sheer ignorance has added a completely useless restriction that imposes considerable inconvenience on the consumer. Many older HD TV's only have component inputs, and even newer ones typically have only one HDMI or DVI input. And HDMI/DVI switchboxes are much more expensive than component ones. So consumers end up switching cables, shelling out extra money for switchboxes--or doing what I did, and buying a Chinese DVD player that is oriented toward the consumer instead of sucking up to the content industry.
    • Re: (Score:3, Insightful)

      by foniksonik (573572)
      you missed the point or corrupted for your own rant...

      What he's saying is that the Chinese vendor knows that all you want to do is play the stupid media on your screen. Why does anyone want to use a Personal (general purpose) Computer to play HD content or games or whatever when a dedicated device can do it better, cheaper and easier... the fact that he references a Chinese vendor is simply a matter of liklihood that the manfacturer of the device would be in China (pretty good odds) not a commentary on anyt
  • by Average_Joe_Sixpack (534373) on Monday December 25, 2006 @07:35PM (#17361952)
    You're not supposed to use a consumer grade OS for mission critical apps anyway. So if you went with a vendor that builds its apps on such an OS, then you are at fault.
    • by ceoyoyo (59147) on Monday December 25, 2006 @08:24PM (#17362182)
      Unfortunately there's very little choice. The systems that run medical scanners tend to run some form of UNIX, and you can buy a workstation for a couple hundred thousand that will do the same thing, or you can use the hospital's PACS web front end... which in most cases works pretty much exclusively with IE.
      • by Ears (71799) on Tuesday December 26, 2006 @03:00PM (#17368942) Homepage
        This is part of the subtext both of the original article, and of this most recent post, so I thought I'd share what I know about it. FWIW, I'm a radiologist--that is, an MD who interprets the results of imaging studies--and an informatics geek.

        Images are created on whatever imaging device--CT scanner, MR scanner, ultrasound machine, digital X-ray machine--and manipulated by the device's controlling system to do simple annotations, reformatting, etc. This is typically a Unix-based system running custom software designed and maintained by the device's vendor. The images are not usually interpreted on these systems.

        From there, the images are sent to the PACS (Picutre Archiving and Communication System) [wikipedia.org], which is just a gigantic central image database. These also tend to be Unix-based systems.

        There tend to be two front-ends for looking at images in the PACS database. The first is the radiologist's interface, which is a high-end video workstation dedicated to showing medical images with the greatest possible fidelity. Most systems I've seen are Windows-based (Windows 2000, in our case) and run software which was built by the the imaging system vendors in the late 1990's. Much is made of the "lossless" nature of the images which are displayed; for example, when you log into such a machine, you're warned about how "This is a medical device" and that you shouldn't mess with it. Much is also made of "diagnostic-quality monitors" and high-end video cards to drive the monitors. This is an artifact from the early days of digital imaging interpretation in radiology, when there was a great deal of concern about whether the quality of the digital images would be adequate for us to figure out what was going on in Grandma's chest X-ray if we weren't looking at a piece of acetate. Most of these concerns have died away, as the differences in resolution and dynamic range turned out to be relatively minor and the added conveniences of being able to manipulate the images digitally turned out to be huge. For example, the new LCDs I seen being put on PACS workstations are off-the-shelf Dell 22-inchers, as far as I can tell.

        Finally, there are "non-diagnostic" interfaces to the PACS images, which do tend to be web-based. These are so non-radiologist doctors can look at the images, too. Some are IE-based, and use an ActiveX control to display the images, and some use a Java applet. These are displayed with lossy compression (since someone might want to look at them from off-site via a VPN), and officially are not allowed to be used for interpretation. And in fact, I wouldn't want to; it's a lot harder to see subtle things on them than on a full-blown PACS workstation. Part of that is just the interface (it's hard to use those stupid ActiveX/applet things) and part of it is crummy/mis-configured monitors, but I suppose compression artifacts could also play a role.

        So, to review: you go see your doctor, Dr. Smith, in her office, and she orders a chest X-ray for you because you're coughing and have a fever. You come to the hospital, and the nice technologist takes frontal and lateral view of your chest on the digital X-ray machine. He then goes back to the X-ray control room, and sees that the images are pretty good, and so he sticks your name on them, and a marker of the date/time and his name, and so on, and then sends them to the hospital's PACS system. I (the radiologist) am working at my PACS workstation, going through the long list of all of the CT scans, MR scans, and X-rays taken in the hospital. I get to your chest X-ray and look at it; I don't seen any sign of pneumonia, so I write a report (the subject of a whole different set of informatics) that basically says "Clear lungs" and that gets entered into your electronic medical record. Then, Dr. Smith back in her office can see your X-ray via her Web-based interface. If she wonders about something she sees, she can call me up and say, "What's that stuff at the left ape
    • Re: (Score:3, Interesting)

      by Mike McCune (18136)
      Venders build mission critical apps on Windows all the time. It is easier to use what you know than the best tool for the job.

      http://www.securityfocus.com/news/6767 [securityfocus.com]

      The worst case I ever saw in person was at an assisted living facility. Their pull chains (that the residents pull when they are in trouble) was being monitored by a PC running Windows 95 (this was in 2006).

      >You're not supposed to use a consumer grade OS for mission critical apps anyway. So if you went with a vendor that >builds its apps on
      • by jcr (53032)
        The worst case I ever saw in person was at an assisted living facility. Their pull chains (that the residents pull when they are in trouble) was being monitored by a PC running Windows 95 (this was in 2006).

        Wow.. That's a negligence suit waiting to happen.

        -jcr

    • by Cassini2 (956052) on Monday December 25, 2006 @08:45PM (#17362266)
      Many industrial and medical applications run on Windows. You forget that Windows NT was advertised as a high-security C3 operating system. Many applications were ported on this advertising. Some of the lock-down permissions in Windows NT were pretty draconian, and worked really well.

      With Windows Vista, Microsoft appears to be completely abandoning any pretense of high-reliability.

      Many industrial and medical applications have fairly high reliability requirements. Using commodity software and hardware has some cost and reliability advantages. It is easy to source replacement parts, and implement hardware redundancy. Being able to easily obtain replacement hardware is a big advantage if downtime costs are large.

      The problem is that Microsoft appears to have abandoned the high-reliability sector. Windows XP has a continuous stream of rolling updates for both XP and the Anti-Virus packages. The result is that your high-reliability application can stop working for no apparent reason. From all indications, Windows Vista will make this worse.

      Recently, I have been looking harder and harder at Linux. Linux offers a much more stable platform, and I can customize the installation to make it much more difficult to corrupt. The issue is that such a high software investment has been placed in specialized Windows solutions, that it is difficult to port everything to another operating system overnight.
      • Re: (Score:3, Interesting)

        by AceJohnny (253840)
        If you want reliability, go Sun. That's their field.

        I just the other day got a Redhat Linux Quad Opteron with 4gigs of RAM crash under me. RAM was full, OK, but swap wasn't. What's worse, the logs had stopped filling a week before. The Sun server was happily chugging along with 2+ *years* uptime under similar loads.

        Now realize that Sun doesn't give you high speed, no-siree. The reason I had stuff running on the Linux box was that it was easily 5 times faster than the Sun station.

        Hey, Sun servers are fabled
        • Re: (Score:3, Insightful)

          by twiddlingbits (707452)
          If your Sun system has been up 2+ years it is at least 3 chip generations old and comparing that to your new Linux box is unfair. Try running Linux on a SUN Quad Opteron and I bet you'll find it kicks ass. They have some awesome benchmarks with Solaris 10 x86 and Linux on the Opterons.
  • Dupe from Friday (Score:5, Informative)

    by ahecht (567934) on Monday December 25, 2006 @07:36PM (#17361958) Homepage
    • by SpaceLifeForm (228190) on Monday December 25, 2006 @07:53PM (#17362050)
      In this case, dupes are a good thing.

      This attack on your freedoms needs to become widely known.

      If they dupe this every other day until next June, it is good.
      • by tygerstripes (832644) on Monday December 25, 2006 @08:38PM (#17362240)
        If they dupe this every other day until next June, it is good.

        If? You must be new here. Welcome to Slashdot.
      • by NitsujTPU (19263)
        Yawn

        Not really. Sounding like a broken record harping a point over and over again is unlikely to sway anyone, particularly business customers who are going to purchase Vista because they're supposed to and home customers who will get it because it came with their machine. All of the other groups out there either tuned into their particular camps out of a nearly religious conviction or our of an active decision process. Those who actually make a well thought-out decision only need to be told once.
    • Re: (Score:2, Interesting)

      /signed

      Mod parent up.

      Mod story -1 redundant.

      Mod me -1 offtopic.

      Mod yourself Merry Christmas.

      TLF
    • Re:Dupe from Friday (Score:4, Interesting)

      by quentin_quayle (868719) <quentin_quayle@@@yahoo...com> on Monday December 25, 2006 @09:19PM (#17362426)
      I don't mind that it's a dupe. However, it is mis-titled.

      It's not about Vista security. It's about Vista DRM.

      The difference is that security is about the owner of the hardware establishing and protecting his control over it, while DRM is about a party A trying to claim some control over hardware belonging to another party B, on grounds that some pattern of bytes which A or a third party owns is currently instantiated, or might at some time be instantiated on B's hardware. When used for DRM, the term "security" becomes a meretricious euphemism designed to mislead an audience about who is securing what from whom.
      • by aussie_a (778472)
        It sounds to me like DRM infringes on my security. Therefore anything about DRM is most definitely about security.
  • Priorities (Score:3, Informative)

    by bigberk (547360) <bigberk@users.pc9.org> on Monday December 25, 2006 @07:37PM (#17361960)
    For the kinds of purposes I'm interested in (research, science) this will make workers question the priorities of the operating system they are using. Is the priority to have maximum flexibility, performance, compatibility and extensibility (*nix) or to have maximum convenience for consumers (Windows).

    Without a doubt, Windows is still the most convenient platform for consumers. But the priority behind the design is not purely performance and flexibility, but protecting content and other commercial interests.

    We sure know the priority isn't security either
    • by MouseR (3264)
      Without a doubt, Windows is still the most convenient platform for consumers

      *humf* *cough* *cough* bleargh!!!!! *puke*

      Nice trolling.
    • by kfg (145172) on Monday December 25, 2006 @08:19PM (#17362162)
      Without a doubt, Windows is still the most convenient platform for consumers. But the priority behind the design is not purely performance and flexibility, but protecting content and other commercial interests.

      Houston; we have doublethink.

      KFG
    • Re:Priorities (Score:5, Insightful)

      by diegocgteleline.es (653730) on Monday December 25, 2006 @08:22PM (#17362176)
      We sure know the priority isn't security either

      In fact, if they only wasted the half of the time they wasted in DRM in security improvements...

      I mean, if you read the DRM protection [microsoft.com] work...they completely redid everything that could break DRM, they break compatibility, they're even planning systems that need to re-do the hardware to require encryption on the *system*bus* just to keep hardware hackers from stealing contents at that place and hence making the DRM useless.....

      If they had wasted all those efforts in improving security...vista would be the most secure consumer os available

      • Re:Priorities (Score:5, Insightful)

        by zCyl (14362) on Monday December 25, 2006 @09:19PM (#17362430)
        I mean, if you read the DRM protection work...they completely redid everything that could break DRM, they break compatibility, they're even planning systems that need to re-do the hardware to require encryption on the *system*bus* just to keep hardware hackers from stealing contents at that place and hence making the DRM useless.....

        The message is clear. They believe their monopoly can be best maintained by catering to producers, rather than to consumers. Consumer choice is not driving that market.
        • Re:Priorities (Score:5, Insightful)

          by Dunbal (464142) on Monday December 25, 2006 @09:59PM (#17362628)
          Consumer choice is not driving that market.

                Consumer choice never drives the market in a monopoly situation. You get what I feel like producing, and you pay what I feel like charging. If you don't like it, tough.
        • Re:Priorities (Score:5, Interesting)

          by Deathlizard (115856) on Monday December 25, 2006 @10:36PM (#17362800) Homepage Journal
          The message is clear. They believe their monopoly can be best maintained by catering to producers, rather than to consumers. Consumer choice is not driving that market.

          And it's going to hurt them. probably long term and big time.

          Zune is a failure vs Ipod because consumers don't want to deal with DRM everytime they want to listen to something, especially when there are hundreds if not thousands of music players that will play non DRM files. Including the Ipod.

          Vista will fail for similar reasons. Business is happy with XP and will support it until Microsoft doesn't, and maybe adopt Linux after that. Consumers will only upgrade when they buy a new PC, and will stay around even after support is killed. if Apple starts opening their mouth about vista DRM screwing their music experience, they might just buy a Mac next time. Hell I don't know why Apple hasn't done a "Buy a Mac and get an Ipod Free" deal as of yet. It would definitely get a mac in the door faster.

          It's looking the same way for office2007 business wise. I know we look at it and say to ourselves "training nightmare". I'm sure we're not the only ones saying that especially since our business is Higher education. I can only imagine what a commercial business is saying.

          Apple and Microsoft had the power. They had the power to give both AA's the finger and work directly with the artists. They had the power to ignore them completely and let the users rip until the cows come home. They had the power to screw these Hi-def DVD formats until they relaxed the standards to work with existing hardware and software. Unfortunately, Apple seems to be giving the RIAA the finger while somewhat bowing down to the MPAA's HD lockdown Schemes, and MS is asking both AA's which lower cheek to kiss in a futile attempt to gain some more exclusive content that Apple's going to get anyway because their the market leader. Even then, all MS is really going to get in the end is more demands from the AA's when they could have easily just stayed the course they were going and force the AA's to conform to the digital age or die.

          If there is any time for Apple and Linux to start pushing themselves, now's the time.
    • Re: (Score:3, Informative)

      by donaldm (919619)
      If you need a home computer or laptop for research/science you definitely don't need MS Windows unless you have lots of money to legitimately pay for licenses for proprietary software (yes there is is freeware) and if you are a scientist or engineer your data is still effectively owned by Microsoft and/or Vendors who push proprietary solutions. This is definitely not what a professional person wants.

      The reason why "MS Windows is still the most convenient platform for consumers" is it is installed on the PC
  • by eschasi (252157) on Monday December 25, 2006 @07:38PM (#17361970)
    This writeup would be more useful if the author could maintain even a marginal pretense of objectivity. His constant use of loaded images ("grenade", "suicide note", "violate the laws of physics") works against him, and this butter-wouldn't-melt-in-his-mouth gem actually gave me a sad laugh when seen in context with his full note:
    This document looks purely at the cost of the technical portions of Vista's content protection. The political issues (under the heading of DRM) have been examined in exhaustive detail elsewhere and won't be commented on further...
    By "elsewhere" he must mean "in other sentences in this document." His facts, which he rarely backs up, are extremely suspect given his inability to separate his prejudices from his presentation. Considered as a persuasive essay, I'd give it a D. Which is not to say that I like DRM. It sucks, and Vista may become an unparalleled disaster because of it. But the author is far more adept at scoring points than he is at making his points persuasive.
    • by aralin (107264) on Monday December 25, 2006 @08:05PM (#17362088)
      You know this is a problem when dealing with Microsoft. You come into the process as objective person without prejudice to them and then you study the subject. If you study in a sufficient detail, you will become so enraged by what they are doing and that you are now hopelessly prejudiced against Microsoft. Look at the judge Jackson in the Microsoft trial. That is a person who's living depends on being objective and he got so pissed off by studying Microsoft practices that even he was not able to keep being perceived as impartial and so his ruling got thrown out by court of higher instance.

      The most sad part is that Microsoft is abusing this by pointing to every such study as prejudiced and often rightly so. But what is the general public to do now? You either have experts that study the matter and become prejudiced or you have those with only superficial knowledge who can keep the illusion of objectivity but more often than not they do not know enough about the matter. Often to the point to believe studies paid by Microsoft as being a source of objective information. And if you want to keep the illusion of objectivity you need to cite those and it just seems wrong to me.

      Sometimes you are just not supposed to be objective. Some topics do not invite that form of discussion. Is the Earth flat? I don't think anybody expects you to present the supporting opinion in equal length. Did holocaust happen? Again, not really a question in need of giving equal space to both sides. So why 'Is Microsoft crooked and do they intentionally cripple their product to harm consumer and competition?' needs any more discussion even after it was affirmed by Findings of Fact published by a federal judge? The matter of do they or don't they has long been settled. At this point the only question should be: "How exactly are they trying to cheat this time?"
      • I don't disagree with your very good point about how difficult it is to stay objective when judging Microsoft. Be careful though: you seem to be blurring the distinction between objective judgment and balanced review. A balanced review will attempt to present things from both sides, whether the observer believes the facts to be balanced or not, the purpose being to allow readers/viewers to make objective (or subjective - that's their call) judgments of their own. Such a review needs to be objective in itsel
      • Re: (Score:3, Insightful)

        by elgatozorbas (783538)

        Sometimes you are just not supposed to be objective.

        Why not?

        Some topics do not invite that form of discussion. Is the Earth flat? I don't think anybody expects you to present the supporting opinion in equal length. Did holocaust happen? Again, not really a question in need of giving equal space to both sides. So why 'Is Microsoft crooked and do they intentionally cripple their product to harm consumer and competition?' needs any more discussion...

        Disclaimer: I don't want to choose sides here. But apar

    • by KNicolson (147698)
      I had the same feelings too reading that story.
      violate the laws of physics
      Where is this outlined? I didn't see anything in the body of the article to suggest why this is so.
      • by OECD (639690)

        Where is this outlined? I didn't see anything in the body of the article to suggest why this is so.

        It wasn't highlited, but I think what he meant was that the same performance was expected despite the increased overhead.

        Or something like that.

      • by Grym (725290) *

        Where is this outlined? I didn't see anything in the body of the article to suggest why this is so.

        This part of his paper is using phrases from the larger debate about content protection and "Digital Rights Management" (DRM) in general. If you don't follow this stuff avidly, I can see why you might feel like this statement of his is hyperbole.

        However, it is not. Fundamentally, DRM and content protection is impossible. Simply because no matter how the super-encrypted, SSL-delivered, digitally-signed c

    • by Cassini2 (956052) on Monday December 25, 2006 @09:16PM (#17362406)
      It is quite difficult to work in industries were Windows Vista might be used, and not wind up with a pretty mean-spirited anti-Microsoft argument. Typically the train of reasoning goes like this:

      1. Power plant uses Windows PC's to monitor "x".
      2. If "x" can't be monitored, we shut the power plant down. This is "fail-safe".
      3. If enough power plants shut down, then we have to shut down the power grid. Shutting down the power grid affects the entire east-coast. When the power grid is shut-down, we automatically shut down all power plants. This is a fail-safe response. After the power grid is shutdown, it takes a few days to restart things.
      4. If we shut down the grid, then several people will die (via indirect sequences of events). At a minimum, many people will be placed in high-risk situations, and large numbers will be inconvenienced.

      What would it take to shutdown a network of identical Windows PC's making up a power system? A piece of malware, a rogue anti-virus update, etc. It really wouldn't take all that much to wipe out the power grid for the east coast. A series of inept coincidences could potentially succeed.

      As a Professional Engineer, a person who is supposed to be able to advise companies on this stuff, it is extremely difficult to avoid sounding excessively alarmist. I work on industrial applications that are supposed to be fairly high-reliability. It is very difficult to keep Windows PCs isolated from the outside world. If you don't isolate the PC's, then you are vulnerable to Windows service-packs and Windows Anti-Virus software shutting down your production line. How do you even explain the problem to people? Everyone uses a Windows PC, and a Windows PC could never hurt them, right?

      What do I recommend? I don't know the answer. Mostly, I try not to think about it too much. With the large amounts of specialized Windows software, it is difficult to think of any easy fixes.
  • by Anonymous Coward
    Nobody ever asked for Vista. Nobody wants it. I'm tired of MS trying to ram it down our throats.

    Did you know DirectX 10 will only be released under Vista? Even if you have the latest and greatest G-card and a fast system, sorry, if you run XP you'll be stuck with DirectX 9. There's no technical reason for this. It's just that MS wants you to 'retrograde' to Vista.

    How about someone do a web site reselling old XP licenses? eBay refused to do this because MS asked them not too. How about someone will some guts
    • Re: (Score:2, Interesting)

      by nacturation (646836)

      Nobody ever asked for Vista. Nobody wants it. I'm tired of MS trying to ram it down our throats.

      Well if nobody wants it then it's not going to sell very well and your alleged problem solve itself. Then everybody who didn't ask for Vista can move along and have Linux rammed down their throats which nobody asked for either.

      How about someone do a web site reselling old XP licenses?

      Why would you do that? Nobody asked for XP either. How about we all go back to having Desqview on DOS 3.3? Ah, those were the days.

    • by Anonymous Coward on Monday December 25, 2006 @08:18PM (#17362158)
      Here's an interesting tidbit from the WINE folks [winehq.org]:

      Direct3D10, which will ship with Windows Vista in a few months, doesn't seem to be a large cause for concern. At first glance it appears to be more of an evolutionary change rather than revolutionary. New shader support will be needed, but extending ours once OpenGL supports it should be pretty easy. Stefan mentioned Microsoft is currently offering a lot of incentives for Windows developers who develop D3D10-only games since they'll only be usable on Vista - there's no plan to backport D3D10 to XP. Dan Kegel asked if that means we should port Wine's forthcoming D3D10 implementation to Windows, which would be relatively easy when we switch to WGL.
      • ...but from the PR standpoint, it's a WIN. I'm all for discouraging Windows use, but I'm also one for personal
        choice. And if it means someone has to give people crutches in the short-term to score points in the long run
        so be it.
  • by Anonymous Coward on Monday December 25, 2006 @07:41PM (#17361994)
    Microsoft was legally forced to remove version numbers from Windows as the software they ship was technically no longer improved.
  • by RAMMS+EIN (578166) on Monday December 25, 2006 @07:44PM (#17362002) Homepage Journal
    ``This isn't the usual anti-Microsoft story just a professional looking at what is going to happen to his computer if it is upgraded to Microsoft Vista.''

    Doesn't any professional investigation of Vista inevitably end up being an anti-Microsoft story?

    (Just kidding. I actually think Microsoft put a lot of good things in Vista - although I'm not convinced it's a good product, and I'm definitely not dying to use it)
    • by cheekyboy (598084) on Monday December 25, 2006 @09:13PM (#17362398) Homepage Journal
      Look at linux... its not like we have Linux 3.0 and Linux 4.0 where nothing old works.

      Its still linux. 8 year old stuff still compiles mostly, its fluid.

      If windows was so great, it would stay at one version XP forever, with unlimited updates forever, SP4 SP21. etc...
      Just because they are forced by marketing to make a new version is admiting its core is crap and needs a rewrite.

      They could just as easily update/replace portions of XP gradually, six monthly. And make sure each other component isnt
      too tied to others. ie WMP shouldnt need IE7 or something else... it should be detect and use if available.

      This whole idea of , lets stop current dev and all new dev is placed into a new 'version' edition is total marketing crap, and
      old school stuff of the 80s. Modern complex systems should never have a major rebuild, its always small step updates, like real
      biological evolution.

      OSX is basically the same, but again its articially versionized because of just new components added, and the silly side effects like
      newly compiled made software not working on old OSX's even if they use no new features, thats my biggest pet pieve of OSX. Sometimes
      its only the result of the installer package, not the code it self which would work fine. If X library is less than version Y, then dont use
      those features.

      Btw does apple make the old OS10.1 and 10.2 upgrades from 10.0 FREE NOW? what about any one left in 10.2 land, do they get a free 10.3 upgrade
      once 10.4 is widely installed? Having too many versions installed out there should be a worry for them, they should allow all 10.3 machines to upgrade
      for free. It would surely be cheaper to have no support for pre 10.3 if you provide free upgrades.

      • by dspisak (257340) on Tuesday December 26, 2006 @11:53AM (#17367068)
        "8 year old stuff still compiles mostly, its fluid."

        Uhm, so is Linux the bedrock of computing or is it the agile warrior able to adapt to its changing foes? I'm a bit confused.

        I don't know what 8 year old code you think would still compile against todays Linux. Between major changes from the pre 2.0 kernel days to now I can think of plenty of code that would break.

        And then you've got your personal best friend in the world, a new version of glibc just around the corner to break things once in a while, but thats not Linux per se since Linux is just a kernel. But its all of the FOSS/FSF software that makes a Linux DISTRO.

        Now show me a piece of 8 year old code that will compile on a current distro without barfing or having its ./configure script changed and I might begin to see your point. But I doubt your argument holds true for enough pieces of FOSS software to be truly relevant.
  • by Grym (725290) * on Monday December 25, 2006 @07:45PM (#17362012)

    Here's a link [auckland.ac.nz] to the actual paper referenced in the article.

    I would post the entire paper, but it's too large. Here are some notable excerpts:

    However, one important point that must be kept in mind when reading this document is that in order to work, Vista's content protection must be able to violate the laws of physics, something that's unlikely to happen no matter how much the content industry wishes it were possible. This conundrum is displayed over and over again in the Windows content-protection specs, with manufacturers being given no hard- and-fast guidelines but instead being instructed that they need to display as much dedication as possible to the party line. The documentation is peppered with sentences like: "It is recommended that a graphics manufacturer go beyond the strict letter of the specification and provide additional content-protection features, because this demonstrates their strong intent to protect premium content". This is an exceedingly strange way to write technical specifications, but is dictated by the fact that what the spec is trying to achieve is fundamentally impossible. Readers should keep this requirement to display appropriate levels of dedication in mind when reading the following analysis.

    Vista's content protection mechanism only allows protected content to be sent over interfaces that also have content-protection facilities built in... Since S/PDIF doesn't provide any content protection, Vista requires that it be disabled when playing protected content. In other words if you've invested a pile of money into a high-end audio setup fed from a digital output, you won't be able to use it with protected content. Similarly, component (YPbPr) video will be disabled by Vista's content protection, so the same applies to a high-end video setup fed from component video.

    Alongside the all-or-nothing approach of disabling output, Vista requires that any interface that provides high-quality output degrade the signal quality that passes through it. This is done through a "constrictor" that downgrades the signal to a much lower-quality one, then up-scales it again back to the original spec, but with a significant loss in quality... Amusingly, the Vista content protection docs say that it'll be left to graphics chip manufacturers to differentiate their product based on (deliberately degraded) video quality. This seems a bit like breaking the legs of Olympic athletes and then rating them based on how fast they can hobble on crutches.

    Vista's content protection requires that devices (hardware and software drivers) set so-called "tilt bits" if they detect anything unusual. For example if there are unusual voltage fluctuations, maybe some jitter on bus signals, a slightly funny return code from a function call, a device register that doesn't contain quite the value that was expected, or anything similar, a tilt bit gets set. Such occurrences aren't too uncommon in a typical computer (for example starting up or plugging in a bus-powered device may cause a small glitch in power supply voltages, or drivers may not quite manage device state as precisely as they think). Previously this was no problem - the system was designed with a bit of resilience, and things will function as normal... With the introduction of tilt bits, all of this designed-in resilience is gone. Every little (normally unnoticeable) glitch is suddenly surfaced because it could be a sign of a hack attack. The effect that this will have on system reliability should require no further explanation. Content-protection "features" like tilt bits also have worrying denial-of- service (DoS) implications. It's probably a good thing that modern malware is created by programmers with the commercial interests of the phishing and spam industries in mind rather than just creating as much havoc as possible

    • by Lisandro (799651)
      Vista's content protection requires that devices (hardware and software drivers) set so-called "tilt bits" if they detect anything unusual. For example if there are unusual voltage fluctuations, maybe some jitter on bus signals, a slightly funny return code from a function call, a device register that doesn't contain quite the value that was expected, or anything similar, a tilt bit gets set.

      This is the first time i've seen this mentioned, is it true? If it is, and it's actually enforced by Vista (somehow f
  • by The Monster (227884) on Monday December 25, 2006 @07:47PM (#17362022) Homepage
    From TFA:
    "Peter Gutmann's report describes the pernicious DRM built into Vista and required by MS for approval of hardware and drivers," said INQ reader Brad Steffler, MD, who brought the report to our attention. "As a physician who uses PCs for image review before I perform surgery, this situation is intolerable. It is also intolerable for me as a medical school professor as I will have to switch to a MAC or a Linux PC. These draconian dicta just might kill the PC as we know it."
    Gutmann is a CompSci guy who has been a biggie in the crypto community since about forever. You'd think an 'editor' would know that. Alas, Slashdot has people with the title, who don't do a job that deserves it.
  • by perry (7046) on Monday December 25, 2006 @07:57PM (#17362066)
    Peter is a security guy. He's written widely used crypto software. He is not a medical imaging specialist. Where did /. get the idea that he's a medical imaging specialist???
    • Re: (Score:3, Informative)

      by Pinky3 (22411)
      From a quote in the Inquirer article. ",,,INQ reader Brad Steffler, MD, who brought the report to our attention. 'As a physician who uses PCs for image review before I perform surgery, this situation is intolerable.' "

      OK, so the submitter couldn't distiguish the quote from the INQ submitter from the subject of the article, but at least he didn't make the whole thing up.

      Al
  • by Anonymous Coward on Monday December 25, 2006 @08:04PM (#17362082)
    The tone of the article and analysis is very slanted, but the one basic statement that cannot be argued with is the following:

    "...spend time implementing large amounts of anti-functionality when it's already hard enough to get things running smoothly without the intentional crippling."
    The days of PCs as a general purpose, low cost, programmable machine are done if content protection at the hardware level becomes reality. Things *barely* works as it stands, you can't add all this complexity and intentional obfuscation and think it will continue to work.
  • by farker haiku (883529) on Monday December 25, 2006 @08:16PM (#17362144) Journal
    fta: Disclaimer
    Any opinions expressed on this page are not in fact mine but were forced on me at gunpoint by the University of Auckland.


    He a shill! :)
  • Peter who? (Score:5, Funny)

    by pedantic bore (740196) on Monday December 25, 2006 @08:34PM (#17362220)
    No matter how good a medical imaging specialist Peter Gutmann happens to be, I think I'm going to wait for some security experts to weigh in on Vista issues before I jump to any conclusions.

  • by ConfusedSelfHating (1000521) on Monday December 25, 2006 @08:40PM (#17362244)

    The record and film industry do not want new technologies to be available to the public. They will fight bitterly until the last, until the new medium is forced on them. And then they will make money on it. Think of home video. The film industry brought the VCR manufacturers all the way to the Supreme Court until they lost. Now the film industry makes significantly more money in home video sales than in the theatres. Technology must be imposed non-consentually on the content providers. The manufacturers need to release their products regardless of the complaints of the content providers.

    I don't know why Microsoft is bending over for the media companies. They should just publically state that any mandated copy protection will hurt the ability of corporations to develop their own proprietary software. I'm sure there is at least a dozen companies which will gladly provide written statements about how the copy protection hurts their business. Microsoft then gives the media companies the middle finger. Pirates rape the media companies in innovative ways by releasing the content in manners not approved by the owners. The media companies are forced to create new media delivery methods to match consumer demands. This increases their revenues which were stagnant because of media executives who couldn't innovate their way out of a paper bag. The consumer benefits from new options in the market. Everyone benefits from the rape.

    I don't believe piracy for profit should be legal. However, I don't believe that non-profit piracy is that bad. Many people would never purchase the movie or television show. Many people later purchase the legal version of the pirated product. For example, let's say a Slashdot reader named Jim missed out on the first 8 episodes of Heroes. He had heard it was a really good show, but didn't want to watch number nine first. Let's say that Jim downloaded the episodes in non-approved manner and watched them. Now Jim is a loyal Heroes watcher. Or let's say that Jim downloads technical books, finds which ones he likes and then purchases them online. Does Jim contribute to the media companies bottom line or does he hurt the media companies bottom line?

    • I don't know why Microsoft is bending over for the media companies.

      Isn't it obvious ? Microsoft markets their OS to the movie/music companies as being the only system secure enough for them to release their content in. In turn, the movie/music companies only release their content to play back under Windows. A nice little win-win situation all round (except for the poor consumer, who loses twice...)

    • MS are inserting themselves in the stream because they want to be the pimp of all media. they will shutout non-microsoft obedient hardware vendors as well as stopping use of VMs, alternative OSs and legacy multimedia I/O such as spdif and composite video

      Watch for iPod Vista compatibility 'problems' to start surfacing for the benefit of Zune. The other big thing this DRM play will also try to do is to reintroduce protected CDs or to make it more difficult to play/rip unencumbered CDs.

      MS want the cartel-on-ca
    • You don't get it (Score:3, Insightful)

      by njdj (458173)

      I don't know why Microsoft is bending over for the media companies.

      They're not. Microsoft has a monopoly. They can tell anyone to get lost.

      But "compliance" with "requirements" of the RIAA and MPAA is perfect cover for their real game plan, which is to eliminate Open Source (Linux, etc). If Microsoft simply pressured hardware manufacturers (video cards etc) never to release specs, and also to spend billions making it impossible to reverse-engineer their programming specs, just to stop programmers from de

  • I'm new here but... (Score:5, Informative)

    by monoqlith (610041) on Monday December 25, 2006 @08:40PM (#17362246)
    Could someone please like, read....something before they post a summary? I found no indication that Gutmann is a medical imaging specialist from his web page or report. He's a computer scientist who specializes in compression and encryption, which actually makes him a little bit qualified to perform a professional review of the new operating system.

    The only thing remotely medicine related here is a quote from 'Brad Steffler MD.', a surgeon who claims that Microsoft's restrictive DRM methodologies make it more difficult for him to do his job.
  • Sounds like a good case for a anti-trust trial in europe :-)
  • ...and sudenly Linux is the new gamers OS.
  • by RobertLTux (260313) <robert&laurencemartin,org> on Monday December 25, 2006 @09:22PM (#17362432)
    http://www.microsoft.com/about/legal/useterms/defa ult.aspx [microsoft.com]
    this is a microsoft hosted page that you can pull up any EULA you want (MS products only of course)

    Microsoft requires the right to DISABLE YOUR COMPUTER if it fails a validation check (WGA BOFH style anyone?)
  • A lot of assertions about what will happen, but specific examples and evidence are few and far between. Without harder facts that demonstrate the effects he claims, the author's claims are no more believable as those of "Intelligent Design".
  • or, you could... (Score:3, Insightful)

    by Kaenneth (82978) on Tuesday December 26, 2006 @01:23AM (#17363650) Homepage Journal
    use Vista, but not DRM content...

    Is there anything limiting the use of high quality, non-DRM'd media?

    Mainly, I think it's a question of complance with laws like the DMCA, and not getting sued. if the RIAA sues hundreds/thousands of individuals for large amounts of money, do you think MS wants to have to defend a case that they 'aided' copyright violations?

    I find it hard to, in the same breath, fault Microsoft for violation of the law for extending their markets, and fault them for not disreguarding the laws reguarding others IP.

    Imagine what would happen to the market for iTunes purchases if Windows had the built in ability to crack iTunes content protection...

Are we running light with overbyte?

Working...