Vista 32 or 64 bit edition?

[bloodbob]

Well, if they're going to charge for it, that is really dirty. If Microsoft is going to force developers from doing this, they shouldn't force companies to pay for the service.

Alternatively you buy some certificate ( assumably it costs alot more then a single address SSL certificate ) which you can sign your own drivers with but there is no legal requirement for verisign or the other 2 choosen partners to give you a certificate.

 

[aaaaa00]

I don't really see how you can tell or not a driver is safe by who made it. Can you name a single vendor who has had perfect drivers?

It's not just about whether the driver is safe (although WHQL will test drivers it can't possibly catch all problems), it's about providing a legal identity for the creator of the driver.

A valid WHQL certificate ties the author to the driver with crytographically secure certainty, and prevents someone else from tampering with the package and inserting, say, a trojan.

If you really need a private self-built driver, you can generate your own test certificate FOR FREE using makecert, and you can test sign the driver yourself.

Your driver will not work on anyone else's system (unless they also enable test signing), and it will disable playback of any DRM protected content, but the self-signed driver will work on your own system just fine.

(This is how I test my drivers.)

Here's the white paper that explains everything:

http://www.microsoft.com/whdc/system/platform/64bit/kmsigning.mspx

 

[Blazkowicz]

Ah, but this disallows, say, the programmer of some random free download game from including kernel-level code that installs without the user's notice. Seems like it may make things a bit harder on spyware.

that wouldn't disallow a Star Force driver to be installed, as long as it got signed.
(star force comes with a free downloadable version of Trackmania).

that has me thinking, could there be a number of signed spyware eventually.
(not counting legit software almost as bad as spyware such as norton )

right, there might be some security interest afterall (though, I like more the DOS/win9x way of full control to the user, and I run NT 5.x on administrator - as most people anyway)

interesting precisions, aaaa00 (though I didn't bother downloading and reading the .doc file )

For Windows Vista and later versions of the Windows family of operating systems, kernel-mode software must have a digital signature to load on x64-based computer systems. Certain configurations of x86 systems will require kernel-mode software to have digital signatures in order to access next generation premium content depending on content protection policy. This paper describes how to manage the signing process for kernel-mode software for Windows Vista.

according to what they say it seems to be firstmost about DRM, and signed drivers might be required on 32bit windows afterall depending on the DRM you use.

 

[Geo]

One fatty G reputation point to anybody who can dig up a definitive statement about this "switch between 32 & 64 bit" issue. Thats an unmistakable statement straight from the horses mouth not "yeah I think they will/won't allow it because...".

I still haven't seen anything solid about this anywhere on the web. My free Business edition should be here within the next month or so and I don't want to install the 32 bit version if it kills my chance at free 64 bit later on.

http://download.microsoft.com/docum...lish_36d0fe99-75e4-4875-8153-889cf5105718.pdf <-- Home and Ultimate

http://download.microsoft.com/docum...lish_e59f6893-6b14-4262-964c-993ed16d138a.pdf <-- Business

Both include:

Alternative Versions. The software may include more than one version, such as 32-bit and
64-bit. You may use only one version at one time.

That says "switch all you like" to me. You may have an automated activation hassle (or not), but you should win the argument if they make one in the resulting phone call to reactivate.

 

[Colourless]

that wouldn't disallow a Star Force driver to be installed, as long as it got signed.
(star force comes with a free downloadable version of Trackmania).

that has me thinking, could there be a number of signed spyware eventually.
(not counting legit software almost as bad as spyware such as norton )

right, there might be some security interest afterall (though, I like more the DOS/win9x way of full control to the user, and I run NT 5.x on administrator - as most people anyway)

interesting precisions, aaaa00 (though I didn't bother downloading and reading the .doc file )



according to what they say it seems to be firstmost about DRM, and signed drivers might be required on 32bit windows afterall depending on the DRM you use.

If malware gets digitally signed, the signer should get their digital signature certificate revoked, and with the next windows update, the drivers will fail to load. There are very strict rules about code signing. From Verisign's code signing agreement under usage restrictions:

You are prohibited from using your Certificate ... (iii) to distribute malicious or harmful content of any kind including, but not limited to, content that would otherwise have the effect of inconveniencing the recipient of such content;

Certain DRM software may fail that as well... hmmm...

 

[bloodbob]

Your driver will not work on anyone else's system (unless they also enable test signing), and it will disable playback of any DRM protected content, but the self-signed driver will work on your own system just fine.

So DRM is the real reason So much for using my wii controller to my Blu-Ray software since either A) I can't use my wii since my drivers aren't signed by MS and my drivers aren't sign by an MS approved CA or B) the protected content be prevent from being played back.

Certain DRM software may fail that as well... hmmm...

I hardly doubt they would actually invoke that against something like starforce.

 

[Gnerma]

That says "switch all you like" to me.

Thanks Geo. I did actually notice this clause in the Vista license recently but neglected to post here about it. I interpret it the same way you do but we'll see how it works in practice eh? One reppy 2U although not one of the "fatty" variety due to me finding it myself beforehand

 

[aaaaa00]

So DRM is the real reason So much for using my wii controller to my Blu-Ray software since either A) I can't use my wii since my drivers aren't signed by MS and my drivers aren't sign by an MS approved CA or B) the protected content be prevent from being played back.

Well duh DRM is part of the reason. If you don't enforce signed drivers, then anyone can just break your DRM, and there's no way to legally prove who opened the hole and sue them out of existance.

Another reason you enforce signed code is so if a driver is loaded that later turns out to be malware you know who to track down and send lawyers to.

And another reason is so when you install a driver package you downloaded off the web, you know that vendor xyz compiled it, and no one else has tampered with the binary to insert a trojan or a rootkit or whatever.

And the final reason you enforce signed code is so that if you load a driver that is buggy, you can positively identify which driver caused it, and who created it, so you can contact them to report a bug.

---

If you hate DRM, then don't buy Blu-Ray discs. If Vista didn't attempt to enforce protection, then there wouldn't be any legal Blu Ray playback at all.

If you don't care about DRM protected material, then self-sign your drivers, and all is good.

Why is this a problem?

I hardly doubt they would actually invoke that against something like starforce.

Unless you can prove Starforce opened up a security hole or caused massive crashes of large numbers of machines, I'd imagine it's unlikely they will get their certificate revoked. Microsoft can't willy-nilly revoke people's certificates, otherwise I'd suspect they'd themselves get sued for something like anti-trust -- there would have to be strong proof that MS could make a legal case that the driver was malicious.

Then again, just the threat of revoking their certificate might cause people like Starforce to behave better in the future.

I certainly think that Sony's rootkit driver (for example) would get its certificate revoked given the bad press it was receiving and the fact that it was added to MS's own antispyware program -- but XP didn't enforce mandatory signatures, so revoking a signature wasn't an option back then.

 

[Dresden]

BUMP-

I'm approaching the same dilemma as the OP. I'm considering buying Vista, running a Q6600, but don't know whether or not to buy 32 or 64 bit. I game. Heavily. So, with that in mind, which OS would be a smarter buy for me? I was thinking 32 bit merely for driver's and compatibility's sake.

 

[KimB]

BUMP-

I'm approaching the same dilemma as the OP. I'm considering buying Vista, running a Q6600, but don't know whether or not to buy 32 or 64 bit. I game. Heavily. So, with that in mind, which OS would be a smarter buy for me? I was thinking 32 bit merely for driver's and compatibility's sake.

Depends upon how long you plan on keeping the OS. Remember that 32-bit Vista will start running into limitations at anything above 2GB. There will be a performance drop in 64-bit for most applications, though it won't be that big, and should decrease with time, eventually becoming a performance boost.

I don't think the driver issue will be significant, as it's typically only esoteric hardware that isn't supported. If you have, say, a TV card or some other peripheral not directly related to the central functioning of your PC, it'd probably be a good idea to see whether or not 64-bit Vista drivers are available.

I've already benefited from 64-bit Vista on my home machine in The Witcher, as due to some memory leak bug, the system requires absurd amounts of memory while the game is running (and the game itself is no slouch on memory usage either). So the game will simply crash in 32-bit Windows pretty frequently, but doesn't seem to in 64-bit with a large swap file.

Personally, I think if your largest concern is gaming, sticking with XP would probably be a good idea until your system is ready to really take advantage of 64-bit (e.g. when you feel like the move to 4GB of RAM would be warranted).

 

[Albuquerque]

I don't understand all of this "performance detriment" that people continually jabber about in Vista.

I'm quite convinced that nobody believes ME when I say there isn't shit amount of difference, but maybe you'll believe someone else?

THAT review is nearing six months old, and even then the performance difference was tiny. Drivers were the vast majority of the problem for performance issues, and those are all but solved by now. It gets even better when you're talking about multiple-GPU systems, as it seems Vista is getting all of the attention for CrossFire and SLI improvement.

Here's their summary of the entire article, and again -- this is six months ago:

Considering all this, we’d recommend our readers opt for the 64-bit version of Vista if you’ve got a 64-bit CPU. It runs just as fast in games with the added advantage that it’s more secure and can address considerably more memory (4GB max in 32-bit Vista versus 128GB in 64-bit Vista Ultimate).

I think they said exactly what I've been saying for about as long. My Vista64 Ultimate ties or exceeds my gaming performance in Xp32 in nearly every game I have to test. So, for the folks still drinking the purple haterade, get real.

 

[Dresden]

Personally, I think if your largest concern is gaming, sticking with XP would probably be a good idea until your system is ready to really take advantage of 64-bit (e.g. when you feel like the move to 4GB of RAM would be warranted).

I've been "running" 4 gb of DDR2 for a year now. So, 32 bit Vista doesn't support anything over 2gb?

 

[KimB]

I've been "running" 4 gb of DDR2 for a year now. So, 32 bit Vista doesn't support anything over 2gb?

Well, it supports 4GB. But you won't get full use of it.

Here are the basic issues:
1. No single process can make use of more than 2GB of RAM. This is a hard limit for all 32-bit processes. 64-bit Windows may increase this limit to 4GB for individual processes, but I'm not certain.
2. By default, only 2GB of memory are available to all applications together. The other 2GB are reserved for kernel use, for such things as the hard drive cache. The memory available for program use can be increased to 3GB.

If you're already running 4GB, then, I'd just go ahead and take the plunge. It's unlikely you'll have many significant issues (no more than any other OS switch, at least). If you ever do any demanding multitasking, the move to 64-bit should be especially beneficial.

 

[Dresden]

Well, it supports 4GB. But you won't get full use of it.

Here are the basic issues:
1. No single process can make use of more than 2GB of RAM. This is a hard limit for all 32-bit processes. 64-bit Windows may increase this limit to 4GB for individual processes, but I'm not certain.
2. By default, only 2GB of memory are available to all applications together. The other 2GB are reserved for kernel use, for such things as the hard drive cache. The memory available for program use can be increased to 3GB.

If you're already running 4GB, then, I'd just go ahead and take the plunge. It's unlikely you'll have many significant issues (no more than any other OS switch, at least). If you ever do any demanding multitasking, the move to 64-bit should be especially beneficial.

Interesting. Would it make more sense to buy the boxed set with both OS' or just go straight for 64 bit?

 

[Freak'n Big Panda]

If you check to see how much ram is reported by the system you'll see that you are missing a bunch due to the fact that a 32bit OS can only address 4GB of ram and a good portion of that has to be reserved for memory mapped access.

 

[Freak'n Big Panda]

Well, it supports 4GB. But you won't get full use of it.

Here are the basic issues:
1. No single process can make use of more than 2GB of RAM. This is a hard limit for all 32-bit processes. 64-bit Windows may increase this limit to 4GB for individual processes, but I'm not certain.
2. By default, only 2GB of memory are available to all applications together. The other 2GB are reserved for kernel use, for such things as the hard drive cache. The memory available for program use can be increased to 3GB.

If you're already running 4GB, then, I'd just go ahead and take the plunge. It's unlikely you'll have many significant issues (no more than any other OS switch, at least). If you ever do any demanding multitasking, the move to 64-bit should be especially beneficial.

Hm I was under the impression that the issue with 4GB was that with a 32bit operating system you can only address 4GB of memory and a large portion of that memory has to be used for memory mapped IO for the video card's VRAM.

For more info: http://support.microsoft.com/kb/929605

 

[Malo]

Interesting. Would it make more sense to buy the boxed set with both OS' or just go straight for 64 bit?

Vista Ultimate comes with both. If you get the Premium 32bit, you can order the 64bit DVD online on the Microsoft site for only the cost of postage.

 

[Richard]

Vista Ultimate comes with both. If you get the Premium 32bit, you can order the 64bit DVD online on the Microsoft site for only the cost of postage.

Right. Btw, that only works for retail versions IIRC. So if you get an OEM version with a piece of decoy hardware I don't know if you can order the 64-bit version from MS.

Hm I was under the impression that the issue with 4GB was that with a 32bit operating system you can only address 4GB of memory and a large portion of that memory has to be used for memory mapped IO for the video card's VRAM.

For more info: http://support.microsoft.com/kb/929605

That's another issue. Chalnoth is mentioning the one that's most pressing.

 

[Dresden]

Vista Ultimate comes with both. If you get the Premium 32bit, you can order the 64bit DVD online on the Microsoft site for only the cost of postage.

I checked newegg today and it appears they only sell individual OEM versions, instead of the boxed 32 and 64 bit versions, unless I'm mistaken. I know for a fact, however, Staples sells the boxed 32 and 64 bit Ultimate package. Honestly, from what I've been hearing, it's beginning to make more sense to buy Vista 64. At worst case, I could simply reinstall XP.

 

[Malo]

Yeah I think your both right, the option for alternative media is only for Retail versions from some of the wording on the order site.