Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's 'Palladium' Privacy/DRM Scheme

Posted by timothy on from the ambitious-like-ceasar dept.

Paradox Jack writes: "according to this article at MSNBC, Microsoft has an ambitious new plan called Palladium to rework computer and internet security. This includes changes in hardware, digital rights management (on all sides), and far more. Now, who thinks this will actually work and is for our own good?"

9 of 521 comments (clear)

  1. Kuney quote.... by jeffy124 · · Score: 5, Insightful

    This sounds like what States' Attorney Steve Kunney put into closing arguments this past week:

    Somehow they know better than anyone else what's best for this PC ecosystem. What's good for Microsoft is therefore good for the economy, good for consumers and good for everybody else.

    --
    The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
  2. I have a hunch.... by torgosan · · Score: 5, Insightful
    From the article:

    "Though Microsoft does not claim a panacea, the system is designed to dramatically improve our ability to control and protect personal and corporate information."

    Maybe this should actually read:

    "Though Microsoft does not claim a panacea, the system is designed to dramatically improve THEIR ability to control and protect OUR personal and corporate information."

    --
    "If you put the federal government in charge of the Sahara Desert, in 5 years there'd be a shortage of sand". -Milton F.
  3. It's not trust - it's FAITH. by standards · · Score: 5, Insightful

    The article says, "people will have to trust Microsoft".

    Now ignoring all the heat that Microsoft gets around these parts, it's usually a bad idea to trust one entity:

    - Hollywood trusted DVD encryption
    - Stock holders trusted Enron and Tyco
    - Investors trusted Merrill Lynch & Author Andersen
    - Pinto owners trusted Ford

    Obviously, even with the billions at risk, a trust to not screw up is more of a faith. A prayer. A hope.

    The difference here is that even more people will be putting their faith that Microsoft will do the right thing morally, and that microsoft will not screw up. Will not screw up even once. Like they'll never release a Microsoft Bob again.

    Unlikely.

    Sadly, if Microsoft wants to pursue this effort, it really has to be open, and, dare I say it, well regulated with many legal protections for the consumer.

  4. It's code-signing, not security by Animats · · Score: 5, Insightful
    Palladium won't run unauthorized programs, so viruses can't trash protected parts of your system.

    That's apparently the basic concept. Only "authorized programs" ("Genuine Microsoft") will run. That's where we are now with the XBox. Read up on how the XBox boots, and you'll see where Microsoft is going.

    This isn't security. Real security would mean you could run anything in a jail with no risk of it getting out and hurting anything. That's what a secure OS is supposed to do.

    And if the Genuine Microsoft code has a hole in it, attacks may still work. Microsoft might set up memory management so that only signed code can be in executable pages, but that only protects agains one class of attacks.

    1. Re:It's code-signing, not security by magic · · Score: 5, Insightful
      Exactly!


      We're already approaching the point for web apps where you can't run something that Microsoft or VeriSign doesn't like-- IE puts up a dialog telling your user that your program is nasty and evil if it isn't signed by a certificate that can be traced back to one of these two sources. It's easy to get these companies to "like" you-- pay them a lot of money (a few thousand a year) and don't make a competing product. I'm not being sarcastic. These are the terms of the agreement for getting them to sign your certificates (i.e. public keys). At least IE still gives you the choice of running the program, even though a naive user might be scared off.



      Public key architectures don't really rest on who the user trusts; users are uneducated about the system. They really rest on who the OS maker trusts because the OS is set up to say "the user trusts anything signed by these default root certificates".



      A Palladium based system will just be another step in this direction. It will prevent developers and artists from distributing their work unless they pay the Microsoft tax and it will allow Microsoft to decide what applications, music, etc. get distributed.


      What if MS gets sued and is forced to revoke the certificate for a movie because it isn't appropriate for minors? Or the certificate for a website because it contains secret Scientologist information?


      As a software developer, it has gotten consistently harder to develop and distribute small, independent apps for PC's. Under this system, how will small developers or ones that Microsoft doesn't like because they directly compete (e.g. Netscape, Napster, Borland) make products?


      -m

  5. Windows and Hardware by interiot · · Score: 5, Insightful
    There will also be components that encrypt information as it moves from keyboard to computer (to prevent someone from wiretapping or altering what you type) and from computer to screen (to prevent someone from generating a phony output to your monitor that can trick you into OKing something you hadn't intended to).

    What are the bets on whether the interface for this hardware will be open? How likely will it be that the licensing board allows OSS software to be written for the hardware? With DeCSS, we've already seen that OS-neutral companies are unwilling to allow their content to be viewed in Linux. Microsoft, being not so OS-neutral, is likely to take this even further.

  6. Oh! The irony!! by SwedishChef · · Score: 5, Insightful

    Does no one else notice the irony in having the company responsible for 90% of the viruses, worms, back doors, and trojans - all due to poor planning on the part of MS executives and programmers - suggest that now they can fix it for all of us?

    If I were a conspiracy buff I'd think that MS created the security problems so that they could point to the "insecure internet" and offer some solution that benefits only them.

    That anyone, much less some "internet guru" takes this at face value illustrates that P.T. Barnum was right about suckers.

    --
    No one ever had to evacuate a city because the solar panels broke!
  7. Why this should SCARE us all BIGTIME. by IGnatius+T+Foobar · · Score: 5, Insightful

    Microsoft knows what they're doing, and if this thing succeeds, you can forget about any non-Windows operating system being even remotely usable.

    Microsoft holds a patent that describes a method by which hardware and software interoperate to guarantee "digital rights management" (aka fair use destruction and monopoly lock-in). The patent describes a mechanism in which there is a private/public key pair, with one half embedded in hardware (possibly the CPU). Only "authorized code" (aka Windows) can run in ring 0 (kernel space) on the CPU. Naturally, only Windows has the other half of the key.

    This is probably how the Xbox prevents third-party operating systems from running, and it probably is why they originally applied for the patent. But it also has lots of uses in the monopoly business. This article describes how useful the patent could be in implementing the Hollings bill. Take it one step further and it's easy to envision a world in which this type of "protection" is not only mandated by law... but unimplementable by Linux hackers due to patent problems.

    Hopefully, by the time this thing hits critical mass (if ever), Linux will be too firmly entrenched for the industry to allow it to be required. I think we're already there on the server side (1 out of 4 servers sold today ships with Linux, more if you include the ones they can't count). In another couple of years we'll be there on the desktop as well. But as they say, the price of freedom is eternal vigilance. Let's make sure we get heard.b

    --
    Tired of FB/Google censorship? Visit UNCENSORED!
  8. Re:Whoa by SWroclawski · · Score: 5, Insightful

    I thought the same for many years, but unfortunately that slowly becomes less true.

    Microsoft does not suddenly make large changes to the system, rather continually makes small ones, each time adding some "goodie" benefit to associate the change with. In the minds of the public, the two become associated. At the very least, the public does not rebell.

    One example of this is Microsoft's signed driver code of Windows 2000. We all know that creating such a policy is wrong, and prevents third parties from entering the hardware market for machines running Microsoft operating systems, yet the public did not see this as a problem.

    Similarly, the public has not rebelled against the situation with Windows XP and required registration (as well as mandatory reporting back of what software you have), rather they have either accepted it grugingly, tried to work around it (by use of packet filters and such), or (as Microsoft would like), simply see it as the cost of doing buisness.

    The public is, from what I've seen, more like the surf class of olden times, miserable, but for all the evils of the king (Microsoft), this is a reliable leader and they trust it.

    Getting these people over to Free operating systems will require a fundamental shift in thinking, one that emphasizes thier freedom. This cannot be a war of features (ie that a GNU/Linux system is better than Microsoft Windows), rather it must be an issue of what freedoms the Microsoft users have lost, and how we can replace the things they "need" from thier old system with equilivant Free utilities.

    That is the best way to ensure that the strength of Free Software (and other movements who want to come along) remains strong at its base while still expanding, even if the progress is slow, slow growth of staunch supporters is healthier than fast growth of people comparing application features.

    - Serge Wroclawski