Slashdot Mirror

If they later get complaints to the contrary they can of course take the photo back down (after taking the proper time to investigate the complaint and ensure that it is legitimate). After all, how could they tell that the photo was posted illegally?

By "after taking the proper time to investigate" do you mean giving everyone, their brother, sister, cat, dog and grandma a chance to mirror it, convert it into art and write it into poetry to allow ensure that it's protected under Amendment 1?

Why science fiction, why not science fact? How about a book like "One, Two, Three... Infinity" by George Gamow? Or anything written by Martin Gardner? How about Innumeracy by John Allen Paulos? Or Max Born wrote a book, "Einstein's Theory of Relativity", which explains relativity in great detail with nothing more than pre-algebra. Or for the computer nerds, the obligatory recommendation is "Godel Escher Bach, an Eternal Golden Braid" by Douglas Hofstadter.

I have never understood the point of fiction, except as pure entertainment. Non-fiction is where the good stuff is. If it really has to be fiction, try Flatland by Edwin Abbott.

What the TPM does do is support remote attestation so that a computer user can tell the computer to prove to a remote party what software it is running (if the software that's running also supports being proven in a way that the remote party understands). Then the remote party can make its own decision about whether the software is good or bad, and what it wants to do about that.

This sounds innocuous in a certain sense. We have learned to mistrust the notion of a single centralized entity that decides what we can and can't do. TCG is not that entity, and TCG is not chartering that entity; instead, we have an unlimited number of entities that potentially make their own decisions, on various scales, about what we can and can't do in particular contexts, small and large. (We don't know yet which of those entities will turn out to have enough power to set which kinds of policies, or how the network externalities will shake out. Some entities with a lot of power, like Microsoft, can try to delegate some of their power, but there are plenty of technical and business obstacles to be worked out on both sides of that sort of delegation.)

What the TPM does do is support remote attestation so that a computer user can tell the computer to prove to a remote party what software it is running (if the software that's running also supports being proven in a way that the remote party understands). Then the remote party can make its own decision about whether the software is good or bad, and what it wants to do about that. The user could also choose not to offer any proof at all; however, although the user has the right to remain silent, the user's silence can and will be used against her. Not offering proof is, of necessity, the functional equivalent of offering proof of the most unacceptable and contrary-to-policy facts imaginable.

That does offer an avenue for a lot of control over you via your computer -- if someone else controls a resource that you need, there is a prospect of conditioning your access to that resource upon the provision of proof that you're running software that the resource controller considers "good". Not TCG, but the individual entities that you deal with: a bank, an entertainment company, an employer, an ISP. Furthermore, each of them could have its own independent definition of what "good" means, because there is no central signing or certifying authority. It is logically quite possible that one entity might refuse to talk to you if you're running configuration A instead of B, whereas another entity would refuse to talk to you if you're running B instead of A. (This is trivially true if each entity gave you a bootable CD and said "you can only communicate with us while you're running from our CD" -- with a TPM and the appropriate software, they can actually tell, and you probably can't fool them.)

The ISP scenario is the point at which the most pervasive possible control could be exercised. TCG has already developed a specification called Trusted Network Connect which is based on the idea that you can be forbidden to connect to a network unless you're running a software configuration that the nework operator approves. This is designed for use in corporations, most of which are accustomed to having a high (but imperfect) degree of control over the software running on their employees' PCs. Of course, the technology is more general, and, as TCG told me, there is nothing to stop it from being used by the People's Republic of China, or by a commercial ISP.

Imposing this requirement on a general population has a very high cost; for one thing, it mea

In June 2002, Microsoft released information regarding its new "Palladium" initiative. Palladium is a system that combines software and hardware controls to create a "trusted" computing platform. In doing so, it would establish an unprecedented level of control over users and their computers.

Palladium could place Microsoft as the gatekeeper of identification and authentication. Additionally, systems embedded in both software and hardware would control access to content, thereby creating ubiquitous Digital Rights Management schemes that can track users and control use of media. Microsoft expects to have elements of the system in place by 2004.

Professor Ross Anderson has written an extensive FAQ on the Palladium system. Seth Schoen of EFF has published a detailed summary of a meeting about Palladium.

Known Elements of the Palladium System

• The system purports to stop viruses by preventing the running of malicious programs.
• The system will store personal data within an encrypted folder.
• The system will depend on hardware that has either a digital signature or a tracking number.
• The system will filter spam.
• The system has a personal information sharing agent called "My Man."
• The system will incorporate Digital Rights Management technologies for media files of all types (music, documents, e-mail communications). Additionally, the system purports to transmit data within the computer via encrypted paths.

In June 2002, Microsoft released information regarding its new "Palladium" initiative. Palladium is a system that combines software and hardware controls to create a "trusted" computing platform. In doing so, it would establish an unprecedented level of control over users and their computers.

Palladium could place Microsoft as the gatekeeper of identification and authentication. Additionally, systems embedded in both software and hardware would control access to content, thereby creating ubiquitous Digital Rights Management schemes that can track users and control use of media. Microsoft expects to have elements of the system in place by 2004.

Professor Ross Anderson has written an extensive FAQ on the Palladium system. Seth Schoen of EFF has published a detailed summary of a meeting about Palladium.

Known Elements of the Palladium System

• The system purports to stop viruses by preventing the running of malicious programs.
• The system will store personal data within an encrypted folder.
• The system will depend on hardware that has either a digital signature or a tracking number.
• The system will filter spam.
• The system has a personal information sharing agent called "My Man."
• The system will incorporate Digital Rights Management technologies for media files of all types (music, documents, e-mail communications). Additionally, the system purports to transmit data within the computer via encrypted paths.

Here you can see a photo of Seth Schoen receiving a letter from the MPAA lawyers after revealing he's the author of the DeCSS haiku:

Clicky-clicky

(Also, my advice to him, now that he's publicly admitted to be an 3v1l hax0r, is to shave his beard as soon as possible. Unfortunate mistakes can happen so quickly these days ...)

Q: Is "Palladium" Microsoft's implementation of the Trusted Computing Platform Alliance (TCPA) specification?

A: No, "Palladium" is not an implementation of TCPA spec. The two projects do share some features, such as attestation and sealed storage, but they have fundamentally different architectures. (To learn more about the TCPA's approach, you can download a copy of version 1.1 of its spec from its Web site, http://www.trustedcomputing.org/.)

Make sure you say 'hi' to Seth when you are in line all night for tickets ;-)

Actually that is not correct. Palladium is not just the software implementation of the TCPA spec. Both TCPA and Palladium refer to trusted systems that require both hardware and software support, but they are distinct systems. The biggest difference is in the boot process- TCPA takes over at start up and will only go into trusted mode if the OS is signed and verified. Palladium is not involved in the boot process at all- it is enabled later and essentially runs parallel to the OS kernel to secure the memory and resources of an application. This wasn't clear until recently, so a lot of people have this misconception.

http://www.microsoft.com/technet/treeview/default. asp?url=/technet/security/news/PallFAQ2.asp
http://vitanuova.loyalty.org/2002-07-05.html

Hmm...I remember reading somewhere that Palladium allows you to run unsigned code.

I also remember hearing somewhere that states that Palladium could be used for media control, also.

The only thing I would be afraid of is the next version of Windows will require Palladium coupled hardware. According to a Slashdot poll, that affects nearly half of the users of this site, assuming they would want to upgrade.

Credits to this man.

Contrary to the rediuclous amount of conspiracy theorists, MS has publically stated that it is creating DRM as an OPTION for it's customers. We can argue if this breaks the entire concept of DRM, but that's not the point. Read the facts here instead of spouting off speculations.

That article was mostly speculation short on technical details but long on Micro$oft bashing.

Being a geek I got more mileage out of reading the technical details on palladium by a member of the EFF (Seth Schoen) who was at a presentation and TCPA and Palladium: Sony Inside an article on kuro5hin by a former Microserf.


Disclaimer:The opinions expressed in this post are mine and do not reflect the opinions, thoughts, strategies or plans of my employer.

If you're going to talk to people get your facts straight. You will see here, that Microsoft is not the enemy in this matter. Read down a bit and you'll see that MS's stance is to let the consumer choose, not to force DRM down your throats. You act like they're going to ban "insecure" MP3's or something. Talk to people about the DMCA, the MPAA, the RIAA, and most importantly about the legal bribary (soft money, etc.) that allows crap like the DMCA to get passed.

*sigh*

The TCPA has repeatedly said that the standard will be open for anybody to freely use. We all know that Microsoft has some patents that relate to DRM and palladium, but they have specifically said that the other operating systems will be able to make use of the standard. This includes how to make use of the TPM and use the encryption keys in it when entering a trusted mode. Any OS will be able to use the TPM.

And I'm still trying to figure out how you interpreted the line of the FAQ that said "the owner runs whatever OS or applications they want" to mean that you can only run what Microsoft wants you to run.

The fact is the TCPA standard is very open and it does not prevent you from running Linux. IBM's TCPA compliant Thinkpads have been on the market for over a year and plenty of people install Linux on them. The hardware is already out there and you can run Linux on it- I don't see how you can argue with that.

You might want to read these notes on Palladium and how it relates to TCPA from Seth Schoen. They are also very informative:
http://vitanuova.loyalty.org/2002-07-05.html

When Microsoft came to talk to us about Palladium, Seth took some notes and did this write up.

• Microsoft does not have the desire or means to control any information which is input into a computer via a means beyond the scope of DRM or Palladium (in unencrypted formats such as MP3), and intends to continue supporting such formats.
• Microsoft employees have a broad variety of opinions on legal and technical issues related to copyright enforcement. The company's position is that the use of DRM should be purely voluntary (in the sense in which the industry uses that term; they do not have a public position that the DMCA's anticircumvention provisions need to be modified).
• Microsoft assumed as a design criterion for Palladium that existing versions of Windows should be able to run on a Palladium PC, as should existing Windows applications, as should existing non-Windows operating systems like Linux. There is no attempt to stop people from booting whatever code they currently use or may write in the future. In addition, the hardware trust features can potentially be used by specially-adapted software, regardless of what operating system is running. It is possible to imagine that a Palladium-hardware-aware version of Linux could be created and could make full use of Palladium's hardware features in order to achieve trust comparable to the Windows implementation. Microsoft is only writing an implementation for Windows, but plans to publish all the technical details.
• Microsoft's nub, including its source code, will be published for review by anyone who wants to examine it, in order to allow all of Microsoft's claims about its security properties to be verified. There is no part of Palladium's design or code which needs to be kept secret, although each SCP will contain secret cryptographic keys loaded at the time of its manufacture. Microsoft will encourage non-Microsoft people to read and discuss its nub. You will also be able to create your own nub, except that changing the nub will (as discussed above) prevent previously-sealed data from being decrypted.

Apparently Microsoft met with the EFF to discuss Palladium. Mr. Schoen wrote up his notes from the meeting.

His notes are more technical in nature and he doesn't make much in the way idle speculation, so they tend to disagree with much of the reporting that's shown up on slashdot.

My conpiracy theory: MS will keep changing this MS-Partioning every so often, thus forcing us (the linux community) to spend time/effort in black box re-engineering. At some point we will hit a DCMA wall with the 'encrypeted data' partiions/folders/files. I just took a class on W2K (not my choice) and this new MS-P has incentives to switch by making some new 'features' only valid with dynamic disks using NTFS (deliberatly disabled my MS?). AFAIK linux still only has read ability for NTFS. Other 'features' of MS-P are raid (0,1,5), plus spanning (take various chunks from same or different drive, and make a drive out of them) 'letterless (C:,D:)' partition mounting (like unix)

All of this added to the fact that you can encrypt and compress a individual drive/folder/file. The encryption would be a problem just for the fact that MS seems to be behind DCMA enforcement. The method involves public/private w/key retrival from 3rd party (aka back door) BTW: Anyone remember MS vs. Stacker?

BTW: partition type 42 was for linux swap/DR-DOS partitions (according to the link) coincidence huh? This smacks of WinBIOS type of attack

Sorry but was my time too rant and rave