Microsoft's 'Palladium' Privacy/DRM Scheme

Paradox Jack writes: "according to this article at MSNBC, Microsoft has an ambitious new plan called Palladium to rework computer and internet security. This includes changes in hardware, digital rights management (on all sides), and far more. Now, who thinks this will actually work and is for our own good?"

good and bad

[Apreche]

from the way it looks to me, this system will actually protect your priacy and provide a decent amount of security. However, it is uknown as to whether or not microsoft will be able to invade your privacy, since they make the system. Have to double check that EULA! As for digital rights management, I am just generally opposed to it, as are most of you ;-). And anyone who gives up their freedom for an illusion of security deserves neither (one of those founding father guys).
Remove the DRM and this looks ok to me.

Kuney quote....

[jeffy124]

This sounds like what States' Attorney Steve Kunney put into closing arguments this past week:

Somehow they know better than anyone else what's best for this PC ecosystem. What's good for Microsoft is therefore good for the economy, good for consumers and good for everybody else.

Whoa

[JohnA]

How long until only code signed by Microsoft will be allowed to run on the platform? It seeems that Microsoft is trying to implement a system that will enable them, once and for all, to charge console-like royalties to software developers.

Even if that is not the goal, I guarantee that only Microsoft signed drivers will be able to be installed, finally closing that pesky "sound card and CD-ROM emulation" fair use hole that is robbing the MPAA/RIAA of additional royalties.

This is NOT about making things better for the user. This is about removing the ability for the end user to make decisions about how her computer operates.

Re:Whoa

[SWroclawski]

I thought the same for many years, but unfortunately that slowly becomes less true.

Microsoft does not suddenly make large changes to the system, rather continually makes small ones, each time adding some "goodie" benefit to associate the change with. In the minds of the public, the two become associated. At the very least, the public does not rebell.

One example of this is Microsoft's signed driver code of Windows 2000. We all know that creating such a policy is wrong, and prevents third parties from entering the hardware market for machines running Microsoft operating systems, yet the public did not see this as a problem.

Similarly, the public has not rebelled against the situation with Windows XP and required registration (as well as mandatory reporting back of what software you have), rather they have either accepted it grugingly, tried to work around it (by use of packet filters and such), or (as Microsoft would like), simply see it as the cost of doing buisness.

The public is, from what I've seen, more like the surf class of olden times, miserable, but for all the evils of the king (Microsoft), this is a reliable leader and they trust it.

Getting these people over to Free operating systems will require a fundamental shift in thinking, one that emphasizes thier freedom. This cannot be a war of features (ie that a GNU/Linux system is better than Microsoft Windows), rather it must be an issue of what freedoms the Microsoft users have lost, and how we can replace the things they "need" from thier old system with equilivant Free utilities.

That is the best way to ensure that the strength of Free Software (and other movements who want to come along) remains strong at its base while still expanding, even if the progress is slow, slow growth of staunch supporters is healthier than fast growth of people comparing application features.

- Serge Wroclawski

I have a hunch....

[torgosan]

From the article:

"Though Microsoft does not claim a panacea, the system is designed to dramatically improve our ability to control and protect personal and corporate information."

Maybe this should actually read:

"Though Microsoft does not claim a panacea, the system is designed to dramatically improve THEIR ability to control and protect OUR personal and corporate information."

It's not trust - it's FAITH.

[standards]

The article says, "people will have to trust Microsoft".

Now ignoring all the heat that Microsoft gets around these parts, it's usually a bad idea to trust one entity:

- Hollywood trusted DVD encryption
- Stock holders trusted Enron and Tyco
- Investors trusted Merrill Lynch & Author Andersen
- Pinto owners trusted Ford

Obviously, even with the billions at risk, a trust to not screw up is more of a faith. A prayer. A hope.

The difference here is that even more people will be putting their faith that Microsoft will do the right thing morally, and that microsoft will not screw up. Will not screw up even once. Like they'll never release a Microsoft Bob again.

Unlikely.

Sadly, if Microsoft wants to pursue this effort, it really has to be open, and, dare I say it, well regulated with many legal protections for the consumer.

It's code-signing, not security

[Animats]

Palladium won't run unauthorized programs, so viruses can't trash protected parts of your system.

That's apparently the basic concept. Only "authorized programs" ("Genuine Microsoft") will run. That's where we are now with the XBox. Read up on how the XBox boots, and you'll see where Microsoft is going.

This isn't security. Real security would mean you could run anything in a jail with no risk of it getting out and hurting anything. That's what a secure OS is supposed to do.

And if the Genuine Microsoft code has a hole in it, attacks may still work. Microsoft might set up memory management so that only signed code can be in executable pages, but that only protects agains one class of attacks.

Re:It's code-signing, not security

[magic]

Exactly!

We're already approaching the point for web apps where you can't run something that Microsoft or VeriSign doesn't like-- IE puts up a dialog telling your user that your program is nasty and evil if it isn't signed by a certificate that can be traced back to one of these two sources. It's easy to get these companies to "like" you-- pay them a lot of money (a few thousand a year) and don't make a competing product. I'm not being sarcastic. These are the terms of the agreement for getting them to sign your certificates (i.e. public keys). At least IE still gives you the choice of running the program, even though a naive user might be scared off.

Public key architectures don't really rest on who the user trusts; users are uneducated about the system. They really rest on who the OS maker trusts because the OS is set up to say "the user trusts anything signed by these default root certificates".

A Palladium based system will just be another step in this direction. It will prevent developers and artists from distributing their work unless they pay the Microsoft tax and it will allow Microsoft to decide what applications, music, etc. get distributed.

What if MS gets sued and is forced to revoke the certificate for a movie because it isn't appropriate for minors? Or the certificate for a website because it contains secret Scientologist information?

As a software developer, it has gotten consistently harder to develop and distribute small, independent apps for PC's. Under this system, how will small developers or ones that Microsoft doesn't like because they directly compete (e.g. Netscape, Napster, Borland) make products?

-m

Windows and Hardware

[interiot]

There will also be components that encrypt information as it moves from keyboard to computer (to prevent someone from wiretapping or altering what you type) and from computer to screen (to prevent someone from generating a phony output to your monitor that can trick you into OKing something you hadn't intended to).

What are the bets on whether the interface for this hardware will be open? How likely will it be that the licensing board allows OSS software to be written for the hardware? With DeCSS, we've already seen that OS-neutral companies are unwilling to allow their content to be viewed in Linux. Microsoft, being not so OS-neutral, is likely to take this even further.

Oh! The irony!!

[SwedishChef]

Does no one else notice the irony in having the company responsible for 90% of the viruses, worms, back doors, and trojans - all due to poor planning on the part of MS executives and programmers - suggest that now they can fix it for all of us?

If I were a conspiracy buff I'd think that MS created the security problems so that they could point to the "insecure internet" and offer some solution that benefits only them.

That anyone, much less some "internet guru" takes this at face value illustrates that P.T. Barnum was right about suckers.

Why this should SCARE us all BIGTIME.

[IGnatius+T+Foobar]

Microsoft knows what they're doing, and if this thing succeeds, you can forget about any non-Windows operating system being even remotely usable.

Microsoft holds a patent that describes a method by which hardware and software interoperate to guarantee "digital rights management" (aka fair use destruction and monopoly lock-in). The patent describes a mechanism in which there is a private/public key pair, with one half embedded in hardware (possibly the CPU). Only "authorized code" (aka Windows) can run in ring 0 (kernel space) on the CPU. Naturally, only Windows has the other half of the key.

This is probably how the Xbox prevents third-party operating systems from running, and it probably is why they originally applied for the patent. But it also has lots of uses in the monopoly business. This article describes how useful the patent could be in implementing the Hollings bill. Take it one step further and it's easy to envision a world in which this type of "protection" is not only mandated by law... but unimplementable by Linux hackers due to patent problems.

Hopefully, by the time this thing hits critical mass (if ever), Linux will be too firmly entrenched for the industry to allow it to be required. I think we're already there on the server side (1 out of 4 servers sold today ships with Linux, more if you include the ones they can't count). In another couple of years we'll be there on the desktop as well. But as they say, the price of freedom is eternal vigilance. Let's make sure we get heard.b

Re:Whaaaaa???

[John+Hasler]

They said they are publishing the source, not that they intend to allow anyone to do anything with it.
"Publishing" probably means allowing a few "experts" who are willing to jump through hoops and sign ferocious NDAs to "look but not touch".
Most likely what they "publish" won't be what they compile from anyway.

Re:What an ironic Subject!

[_Sprocket_]

People on /. rejoice when bugs are found in Microsoft's code. Then they complain that MS should do something about this, and fix it. Then MS takes steps to do something about it, and address security. Then people on /. complain that MS is trying to do something about security...

Take another look at the criticisms being voiced. The issue is whether this really has anything to do with security, or more to do with providing an architecture to lock out competitors and control, or eliminate, fair use rights.

Microsoft's insecurity woes have little to do with encrypting signals between your keyboard/monitor and the computer. Signed code also misses the issue. The problem is that Microsoft has a long history of bad implementation and flawed architectural design. Environments that will remain flawed even as Microsoft moves on to their next Big Thing.

This casts further doubt on Microsoft's intentions and even ABILITY to provide a secure architecture. This is not entirely a technical issue. This has as much to do with Microsoft's culture and focus as it has to do with their engineer's abilities. There has to be a fundimental shift within Microsoft such as changing the focus on last-minute features at the cost of debugging. And that is a challenge for even a company as nimble as Microsoft.