Slashdot Mirror
Microsoft's 'Palladium' Privacy/DRM Scheme
Paradox Jack writes: "according to this article at MSNBC, Microsoft has an ambitious new plan called Palladium to rework computer and internet security. This includes changes in hardware, digital rights management (on all sides), and far more. Now, who thinks this will actually work and is for our own good?"
from the way it looks to me, this system will actually protect your priacy and provide a decent amount of security. However, it is uknown as to whether or not microsoft will be able to invade your privacy, since they make the system. Have to double check that EULA! As for digital rights management, I am just generally opposed to it, as are most of you ;-). And anyone who gives up their freedom for an illusion of security deserves neither (one of those founding father guys).
Remove the DRM and this looks ok to me.
The GeekNights podcast is going strong. Listen!
This sounds like what States' Attorney Steve Kunney put into closing arguments this past week:
Somehow they know better than anyone else what's best for this PC ecosystem. What's good for Microsoft is therefore good for the economy, good for consumers and good for everybody else.
The One Rule Of Chess You'll Ever Need: Don't play someone who carries a kit in their bookbag.
From the article: So far, the United States doesn't seem to have a problem, but less tolerant nations might insist on a "back door" that would allow it to wiretap and search people's data. There would be problems in implementing this, um, feature.
Microsoft has been releasing packages with these exact same features in them for years. With all the practice, I hardly believe that there would be problems in the implementation.
Kenneth Lay and Jeffrey Skilling announced an ambitious new technology that will protect investors from fraud. "Sure, everybody who wants to invest will have to buy our product first, but once they do, they'll be perfectly safe from all the, um, bad people who would otherwise take advantage of them", said Skilling.
I don't care if it's 90,000 hectares. That lake was not my doing.
"I firmly believe we will be shipping with bugs," says Paul England.
Even if that is not the goal, I guarantee that only Microsoft signed drivers will be able to be installed, finally closing that pesky "sound card and CD-ROM emulation" fair use hole that is robbing the MPAA/RIAA of additional royalties.
This is NOT about making things better for the user. This is about removing the ability for the end user to make decisions about how her computer operates.
By this they mean one of two things. Either it simply WONT run anything 'unauthorized' which brings up:
- will an independant developer have to jump through hoops to 'certify' every exe you compile to run on your own machine?
- will we have to go through another damn 'trusted' certifying agency a la SSL certs? Perhaps MS will be the last word?
Alternatively the OS might run things as long as the user tells the OS a particular binary is authorized. In this case I give it a good five minutes until some newbie tells the OS the latest email worm is an 'authorized' exe because they're looking to see that promised video of Brittany Spears some stranger w/ poor english apparently sent them out of the goodness of his heart.-j
Microsoft is also publishing the system's source code. "We are trying to be transparent in all this," says Allchin.
Uhhhh, did everybody else read that the same way I read it? I mean I know they arn't hostile to BSD style licences (heck they use BSD programs) but given the way they push security through obscurity using an open source model for this is like a glaring admission that closed source has some serious flaws.
I stole this Sig
"Though Microsoft does not claim a panacea, the system is designed to dramatically improve our ability to control and protect personal and corporate information."
Maybe this should actually read:
"Though Microsoft does not claim a panacea, the system is designed to dramatically improve THEIR ability to control and protect OUR personal and corporate information."
"If you put the federal government in charge of the Sahara Desert, in 5 years there'd be a shortage of sand". -Milton F.
Finnish Uber Hackers have released a workaround that requires only 10cm of scotch tape and a paper clip to bypass the incomming authentication protocol, thus allowing you to recieve any data.
-- The morphemes of your disquisition are ascertainable, but they have eschewed an ambit of transpicuous exposition.
The article says, "people will have to trust Microsoft".
Now ignoring all the heat that Microsoft gets around these parts, it's usually a bad idea to trust one entity:
- Hollywood trusted DVD encryption
- Stock holders trusted Enron and Tyco
- Investors trusted Merrill Lynch & Author Andersen
- Pinto owners trusted Ford
Obviously, even with the billions at risk, a trust to not screw up is more of a faith. A prayer. A hope.
The difference here is that even more people will be putting their faith that Microsoft will do the right thing morally, and that microsoft will not screw up. Will not screw up even once. Like they'll never release a Microsoft Bob again.
Unlikely.
Sadly, if Microsoft wants to pursue this effort, it really has to be open, and, dare I say it, well regulated with many legal protections for the consumer.
That's apparently the basic concept. Only "authorized programs" ("Genuine Microsoft") will run. That's where we are now with the XBox. Read up on how the XBox boots, and you'll see where Microsoft is going.
This isn't security. Real security would mean you could run anything in a jail with no risk of it getting out and hurting anything. That's what a secure OS is supposed to do.
And if the Genuine Microsoft code has a hole in it, attacks may still work. Microsoft might set up memory management so that only signed code can be in executable pages, but that only protects agains one class of attacks.
What are the bets on whether the interface for this hardware will be open? How likely will it be that the licensing board allows OSS software to be written for the hardware? With DeCSS, we've already seen that OS-neutral companies are unwilling to allow their content to be viewed in Linux. Microsoft, being not so OS-neutral, is likely to take this even further.
So, this involves a new piece of hardware.
How long does it take mod chips to become available for consoles? Not very long. How long do we think it'll take for mod chips to sidestep the hardware portion of palladium, and enable you to copy protected information, to come along?
Not very long.
Keep in mind that one of the problems right now with releasing music/movies/docs on the net is that it's all or nothing: either you release it and it essentially goes out free, or you do everything you can (including attacking the little guy) to keep it from going out at all.
DRM would mean media companies could actually enter the market with and then let consumers choose whether or not to support them. They'd learn pretty quick what people are willing to pay for.
Moreover, people would still be able to release things freely. It's like open sourcing software: those who choose this route are free to do so, and those who choose to close their sources are also free to try it. This wouldn't be the end of the transport mechanism that the internet provides -- the real revolution.
Chipmakers Intel and Advanced Micro Devices have signed on to produce special security chips that are integral to the system.
*snip*
Palladium is being offered to the studios and record labels as a way to distribute music and film with "digital rights management" (DRM). This could allow users to exercise "fair use" (like making personal copies of a CD) and publishers could at least start releasing works that cut a compromise between free and locked-down.
Great, let's go ahead and lay the groundwork for hardware level watermarking/rights management. There's no doubt in my mind that the MPAA/RIAA absolutely will jump on this first, quietly or blatantly. There won't even be time for 'fair use' or 'compromise' by the time this hits mainstream. I've never been much of a conspiracy theorist, but you think it's possible that the MPAA/RIAA are handing Microsoft some money to incorporate some of their desires into this security move? They'll *always* have the last move, not us.
This is a pretty surprising article, really... got some stuff I'd definitely want if they can make it work. Even more surprising to me is that they're publishing the source code for it.
:-p
One hurdle is getting people to trust Microsoft.
If Slashdot ever manages to say it's a good idea, they've won that war. Anyone think it'll happen?
Does no one else notice the irony in having the company responsible for 90% of the viruses, worms, back doors, and trojans - all due to poor planning on the part of MS executives and programmers - suggest that now they can fix it for all of us?
If I were a conspiracy buff I'd think that MS created the security problems so that they could point to the "insecure internet" and offer some solution that benefits only them.
That anyone, much less some "internet guru" takes this at face value illustrates that P.T. Barnum was right about suckers.
No one ever had to evacuate a city because the solar panels broke!
to take this article seriously?
It's easier to vandalize a Web site than to program a remote control.
Seems like a sensationalist piece intending to attract attention through misinformation rather than inform the reader.
Perhaps it would raise the "barrier to entry" for breaking into systems, but once in I think the potential to cause havoc is even worse. Even if they do have some of it implemented in hardware, there will always be a piece of software code somewhere that sends/receives info from that hardware. So now instead of klez spamming you and everyone 6 levels removed from you, your computer starts telling everyone you're an untrusted entity and you cease to be able to interact with anyone (at least anyone with the same system, but assuming this would become pervasive) over the internet. It's not exactly identity theft, more like you now have a big neon sign floating above your head saying "I'm a crook" and whenever you look up to see what's there it disappears...they only way you can tell is asking someone else if its there or not.
Having read the article, I thought - finally, they came up with a justification that can be sold to consumers for DRM - privacy protection.
Having the same systems implementing the filtering of spam (unapproved senders), restricting forwarding (unapproved redistribution), and also cover DRM (again, unapproved redistribution) allows the whole scheme to be marketed as an anti-spam system.
The marketing on "fair use" really is about certain fair uses such as backups. No software is going to be able to figure out whether a transformative use of digital content will be fair or not -- what is the difference between creating a digital commentary on a video (fair) and a remarketing of it? (say in the Spanish language). Nothing that can be discerned by a computer program, I assure you.
Still, it is encouraging to see MS taking security seriously, even if for the reasons of extending the reach of corporate profiteering. Actually, I can't think of any other reason that would motivate MS to do it, but so it goes.
Good old WebElements has a little something to say about the biological reaction to palladium:
So the goal is "ensure ... privacy and intellectual property rights" - isn't that an oxymoron?
If you can hear/see it, you can copy it. But on one can know you're copying
it unless they invade your privacy. You cannot have it both ways.
Even if it means having to pay for overseas shipping, I'll never buy a peice of hardware designed to prevent copying of software. It's just too counter-intuitive a concept to spend that much money on. The ability to back up software in an unlimited manner is a fundamental property of hardware that I will not do without. I find it insulting that there is a presumption of guilt about being able to copy software, especially after discovering that some of my favorite software on CD has been lost due to use and age.
If this initiative begins to make it into the hardware market, I encourage all of you to explain what it means to anyone you know considering the purchase of hardware. Explain why being able to backup software is such an important aspect of hardware, and why it would be worth even paying more, if needed, to have this ability.
Thank you.
Ryan Fenton
Some System Warnings.
The requested download of Linux.iso is not allowed, no signature was found. Press any key to continue.
Please be patient while the computer is cleaned of all unsigned Multimedia files.
In further news: You will require new digital camera and scanner software that interacts with the "Passport Chip" to auto generate signatures. You just wont be able to save those unsigned pictures of your family reunion sent to you by your Aunt X.
Get a free ipod.
... at the top of the msnbc page the post links to, and you know Palladium won't make it.
4 guys posing for a picture, looking like they just broke into your house and liked what they saw.
Not for me, thank you indeed.
Blearf. Blearf, I say.
OK, who here wants to let Microsoft decide what is an authorized program and what isn't??? Obviously a user can't "self authorize" or that would defeat all of the protection. Sounds like Bill Gate's dream system to me.
I'm an American. I love this country and the freedoms that we used to have.
My Boss Pitched this same Idea to me.
Boss: It's a hardware solution to anti piracy.
Me: Yeah, But how does it work?
Boss: You put it in their computer.
Me: Yeah, But how does it work?
Boss: You get them to put it in by telling them it will make it more secure.
Me: Yeah, But how does it work?
Boss: At the Hardware Level.
Me: Yeah, But how does it work?
Boss: *Gets pissed off and mutters something about
me being an idiot for not understanding a simple idea.*
So it goes...
Microsoft knows what they're doing, and if this thing succeeds, you can forget about any non-Windows operating system being even remotely usable.
Microsoft holds a patent that describes a method by which hardware and software interoperate to guarantee "digital rights management" (aka fair use destruction and monopoly lock-in). The patent describes a mechanism in which there is a private/public key pair, with one half embedded in hardware (possibly the CPU). Only "authorized code" (aka Windows) can run in ring 0 (kernel space) on the CPU. Naturally, only Windows has the other half of the key.
This is probably how the Xbox prevents third-party operating systems from running, and it probably is why they originally applied for the patent. But it also has lots of uses in the monopoly business. This article describes how useful the patent could be in implementing the Hollings bill. Take it one step further and it's easy to envision a world in which this type of "protection" is not only mandated by law... but unimplementable by Linux hackers due to patent problems.
Hopefully, by the time this thing hits critical mass (if ever), Linux will be too firmly entrenched for the industry to allow it to be required. I think we're already there on the server side (1 out of 4 servers sold today ships with Linux, more if you include the ones they can't count). In another couple of years we'll be there on the desktop as well. But as they say, the price of freedom is eternal vigilance. Let's make sure we get heard.b
Tired of FB/Google censorship? Visit UNCENSORED!
Whaaaaa ? My website is secure, TYVM, it hasn't been defaced even once. Nobody ever stole my credit card number, and my personal info is well guarded. I have never have a single virus on my many computers. And none of my intellectual property was ever stolen.
So what the Hell is the problem ? People are taking advantage of your computer-illiteracy ? Then learn, or drop dead.
I see this whole Palladium thing as a solution to a manufactured problem. Oh-my-goodness people on the Internet are filthy script-kiddies cracking servers and spreading virii mainly because Microsoft can't code secure programs ! And they're stealing music and movies because the RIAA can't sell CDs and DVDs cheaper !
And then they say the solution should be another patch upon this ? Why couldn't they get it right first ? Why can't they fix what already exist ? Microsoft is running so far away from the very concept of QA they try to sell a solution to the problem they are the most responsible for in the first place !
I wish they'd just stop thinking for me, or rather stop thinking at all. Their reasoning is flawed from the begginning: I don't need to have it fixed for me, I took care of that myself already.
So I'll just go on and ignore this stupid thing. Nobody'll ever force me to use it.
I'm sure a MS's execs reply would be, "Of course you dont have to pay extra for a pc... [ you dont have to use a pc at all ]
Which might be just what I do -- move to mac.
I'm *really* sick of the adversarial attitude held by alot of companies latley -- "the customers are our enemies, we will dog them to do what *we* want." If you dont like this (and I sure dont), vote with your $$ and dont buy it.
Religion is a gateway psychosis. -- Dave Foley
According to the book "Hack Proofing you Network", client side security is fundementally flawed and will always eventually be broken.
The reason for this is that the person owns the client and if they can spend the time, they can over-ride any security implementation. Just look at the X-Box.
Interesting to note that none of the six bulletted features, all relating to users' control and users' trust relationships, require anything new or different from current PC platforms. Therefore the only reason for Intel & co. to be involved must relate to other parties trust and control.
To give a concrete example, a virtual machine like Python or Java can offer complete control over what an application can do with your identity and information and guarantee the integrity of your PC. No hardware support is required at all.
However, for other parties to trust your identity and control the use of their information requires a locked-down platform. Again, a VM-like system is a solution, but the VM's integrity must be guaranteed for them to trust it, hence the need for a tamper-proof, hardware-based solution.
Now, here's the interesting bit. Both open source and closed systems appear to be converging on the use of VMs, but for different reasons.
In the open source world, Java, Parrot and Mono/DotGNU are seen as simply practical solutions to portability problems, with security and other factors some way further down the list. For closed systems, security (meaning keeping the information closed) will soon be the priority, far surpassing the need to maintain cross-platform (i86, PPC, ARM etc.) builds cheaply.
Open source advocates should not respond by continuing to develop more monolithic and fundamentally insecure C binaries - this will just leave Linux exposed to criticisms from future security-related interests, such as corporate IT management. Instead, we should embrace systems that can guarantee security - the difference being that it is security on the user's terms, not the vendor's. In fact, a high-level VM (like Java's) is the ideal platform for open source because (thanks to decompilers and the semantic equivalence of bytecode and Java source) it is impossible to ship code that isn't open.
There's a lot of positive spin for Open Source to be gained from this development, but the first thing to recognize is the critical importance of VMs (preferably a single "anointed" VM) to the viability of Linux platform.
I worry that an unholy alliance is going to form between the entertainment/media industry, the software industry and "national security" interests to push computers into becoming closed systems that can only play games and run software approved by a relatively small number of large organizations.
These restrictions would be justified on the baisis of national security as a way to:
1) prevent sinister interests from finding and exploiting weaknesses (security through obscurity)
2) prevent sinister interests from launching distributed attacks against such weaknesses.
3) provide a "secure" backdoor for use in monitoring sinister interests.
All of which would serve the entertainment and software industries desire to control who gets to view media, and how.
If I remember my greek mythology correctly, the Palladium was supposedly used to protect the city of Troy. As long as the statue was there, the city would be safe.
The Palladium was eventually stolen and afterwards the city of Troy fell.
I don't know about you, but isn't it ironic that Microsoft names their next security product in reference to this same Palladium?
In other words, MS will be offering a semblance of what *Linux and *BSD already offer, except with the addition of DRM to violate our fair use rights and enslave us to the RIAA/MPAA.
How much is the RIAA/MPAA funding this behind the scenes?
This is really little more than a giant smoke screen to interweave DRM into the very fabric of all software.
Also, why would anyone use this over what *Linux and *BSD offer? Linux and BSD already great security and stability, but they don't shove DRM down your throat. Furthermore, Linux and BSD will also be able to take advantage of these new "security-class chips".
Finally, consider the source. When has MS ever given anyone a good reason to trust them? MS saying they'll help us is sort of like Jack The Ripper saying he's a protector of prostitutes.
social sciences can never use experience to verify their statemen
This is so laughably stupid it's amazing. Do they not know about screen capture? Or - if that's disabled - digital cameras? I can just imagine the whistleblower at a future Merrill Lynch taking a picture of a future Henruy Blodget's "it's a piece of shit" email and sending it to the press - while the IT manager is shocked and dismayed that Microsoft's "secure email" failed so spectacularly.
sulli
RTFJ.
This article just lost all credibility.
That's what the whole MS antitrust lawsuit is all about. The government wants more control over MS code, they want to have control over technology, they want to supervise everything, and they want to take away control from the consumers.
I've come to realize that every Microsoft's new announcments have something to do with the lawsuit. Despicable.
The anti-trust lawsuit won't be dropped until MS becomes the governments puppet.
I was aghast at the article and I shouldn't've been. It's on MSNBC and is intrinsically unable to cast Microsoft into anything but godlike form.
... oh, wait, the common man is not a production house. Suddenly that "our" becomes "their".
... the fiasco that occurred such that we don't have encrypted phones everywhere today. The gov wanted free, backdoor access and the industry (and consumers) knew that it would be selling unsecure products therefore. The consumers didn't want pervasive phone encryption that wasn't secure from the gov; and the consumers simply don't want pervasive Internet security that doesn't allow Libertine file sharing.
... what, is AOL, Hotmail and other such services going to deny members outgoing mailing privileges? Obviously not.
Obviously, MS is trying to link concepts of "your security and privacy" with "intellectual property rights" in the consumer's mind, and there's simply no functional reason to do so other than bowing to the big IP producers in Hollywood. (The article says "[Microsoft researchers] quickly understood that the problems of intellectual property were linked to problems of security and privacy"; I'm sure that the consumer's security and privacy were obstacles to controlling the IP that flowed through their computer.) I don't know if this bowing thing is due to fear of litigation ("our clients allege that Microsoft willfully constructed and distributed an operating system that allowed easy violations of copyrights") or simply from being paid off in some manner like partnerships; perhaps both.
But, statements like "cries for a safeguard" and "easier to vandalize a Web site than to program a remote control" places the article firmly in the ranks of propaganda.
"[T]he system is designed to dramatically improve our ability to control and protect personal and corporate information"? Who's "our"? I'm sure the system will make give you incredible control over that movie, song or book you made
The IP industrials have their own controls, and when they've implemented them (various forms of copy protection) the consumer mass has either raised an uproar or produced a crack. That alone shows the lifecycle of control (plan, implement, ruckus/crack, retreat/pointlessness) and thus that controls are a pointless exercise. The point is further made even if an end-run is made around the consumer by embedding controls into the OS. Despite MS's near monopoly position, MacOS and Linux are viable alternatives to MS Windows, and I've seen people make the switch when sufficiently motivated. Does MS expect the people on college campuses (who are doing a large fraction of the file sharing) -- with all their computer-saavy and access to IT skills -- to just sit in their dorm rooms and offices and let some ACCESS DENIED message blink in front of their faces when they try to fetch or open the latest sn0g, pr0n, m0vie or w4r3z?
The privacy solutions raised in the article aren't anything that can't be made with software right now. We could encrypt all our outgoing packets right now; every email could be encrypted, and every file put up on FTP and Web sites. Why isn't that kind of security pervasive? I think that answer is more along the lines of "we [the people] don't want it" rather than "encryption software isn't pervasive". I am reminded of the Clipper chip
There's more outrageous propaganda: the system "[c]ans spam". Oh, puh-leeez. The age-old problem of mailbox access will still be there; we can stop spam now with restricted mailbox access, but we just don't do that since a restricted mailbox is a big problem against receiving mail in general. So perhaps this Palladium plan will address outgoing verification, so
This further piece is even funnier: the system "[s]afeguards privacy", so "it's possible not only to seal data on your own computer, but also to send it out to "agents" who can distribute just the discreet pieces you want released to the proper people." Ah, built-in file sharing, and until somebody logs on, downloads and then blabs, Hollywood isn't going to know.
Finally, the last laugh: "[c]ontrols your information after you send it". This must mean the end of cut-n-paste from a window; either that, or you will need Microsoft Visual Implants {tm} so that encrypted data will be emitted from a screen pattern and then safely reconstructed into an image upon your retina.
Sorry to degrade into sarcasm, but the article -- and the Palladium system -- really deserves my scorn. You can keep reading past the article's last laugh but it is just more smoke and mirrors.
[also misbehaves on Kuro5hin as Peahippo]
Good thing the rest of us have Linux! If Microsoft suceeds in doing this a vibrant underground market will spring up to supply hardware for PC's without Palladium. Only the ignorant will buy into this scheme.
Stability isn't the same thing as security. I have exactly the same problem running a binary on Linux as I do on Windows - integrity isn't guaranteed (uncontrolled pointers...), rights can only be given at a very coarse level (run as root, write anything in this directory...) and so forth.
Windows is about to fix this with Dotnet. Palladium will just be icing on the cake for the DRM crowd. Meanwhile, precisely nothing equivalent is happening on what we refer to as the Linux platform, only in assorted addons (Java, Dotnet, Parrot etc.) which are semi-integrated at best.
Wasn't Microsoft found guilty of Criminally breaking federal anti-trust law?
Or maybe I'm confused?
Let's take a look at these new innovations:
So MS is going to claim it invented encryption and checksumming in 2002. Most Windows users get viruses via email scripts, which aren't programs. So this won't cut down on viruses (why would MS want to when they can claim that the virus writers are just getting savvyer and that you need to buy a more secure system to stay one step ahead). I've seen the "unsolicited mail you might want to see." Hotmail calls them newsletters and prevents you from blocking them. Bull$hit. No company is going to spend the money to store, manage and distribute your information if they aren't getting paid or reading your information. If you're already talking to the lender, why can't you give them the information yourself... or are people really too lazy to write down their name, address and phone number? Yeah, it's funny how people didn't buy into DRM the first time around, kinda like pay-per-view DVDs. But if we sugar-coat it and convince consumers that they can benefit from DRM (after all, a reader of a protected Word document can't copy its contents down while he has access to it and redistribute it later), they will accept it, the music industry will turn to us for DRM-formatted CDs and MS will control the audio CD format. Great. The future of the PC redefined by a paintball arena manager. Because terrorists and hackers keep welding antenna-laden black boxes to my keyboard and monitor. Now that's innovative... convincing consumers that someone is trying to wiretap their watches so they will pay more to hardware-encrypt data between the crystal and LCD. With the current U.S. push to chip away at privacy rights in the name of preventing terrorism, the FBI/the CIA/Ashcroft would be speaking out against this if it really protected the individual's privacy. Please note that this is a Newsweek article, not an MSNBC article. Newsweek's parent, The Washington Post Company, cut a deal with Microsoft about two years ago in which MSNBC would publish Newsweek.com in a more cost-effective way than the WashPostCo could.Whether you want to trust Newsweek's articles about Microsoft any more than you would trust a MSNBC article about Microsoft is up to you.
"Legend has it that the safety of the city depended on that icon's preservation."
There'll be an Odysseus out there somewhere.
Warning: this article may contain humor, sarcasm, parody, and perhaps even irony. Read at your own risk.
From the article: It's easier to vandalize a Web site than to program a remote control.
Translation: The author of the article has done neither. If you are an editor, this is one of those phrases that tip you off that the author is willing to say anything to make the article more interesting to the average reader, even if it is entirely invented. Further translation: It's time to fire Steven Levy, the author.
This article, I'm guessing, was paid for by Waggener Edstrom (wagged.com, as in "the tail wagged the dog"), Microsoft's PR company.
Notice that they are already preparing you for the reality of Microsoft's efforts: "I firmly believe we will be shipping with bugs," says Paul England.
The article says, One hurdle is getting people to trust Microsoft. Here are more than 200 pages in which the U.S. government said that Microsoft could not be trusted: U.S. Justice Department complaints against Microsoft.
Will we begin trusting people who have abundantly proven that they cannot be trusted, and have been convicted of breaking the law? Will the government let Jeffrey Dahmer or Charles Manson free? Will an adversarial, self-destructive company suddenly become charitable?
"Apple. Computing with no boundaries" Seriously, Jobs and Co. are probably drooling at the thought of this going forward and mucking up everyone's attempt to use their PC's for what they have become accustomed to, not to mention the added cost involved that will level the price playing field even more. Once the genie is out of the bottle, there's NO WAY to squeeze it back in. The growth of Napster alternatives since the RIAA shutdown shows this clearly, and an alternative OS that allows people to have what they are used to will suddenly look really, really good. Good Lord, the confusion this would bring to a client/server environment running different OS's is mind-boggling.
"Only two things are infinite, the universe and human stupidity, and I'm not sure about the former."
Microsoft, Apple, the MPAA and the RIAA are the Inner Party. Their secret goal is absolute power. Power is not a means, but an end.
The Inner Party, if not stopped soon, will take over the entire world. The next thing you know, Digital Rights Management will be present in every part of life.
Upon birth, your DNA, along with biometric scans of every part of your body will be encrypted and stored in two places: In a huge central government computer, located in the Ministry of Love, and in nano-sized implants located throughout your body, implanted upon birth. These implants will contain every piece of known information about you: Police records, medical records, bank records. The implants will also have a Global Positioning System, among other "convenient" features. A history of every location you've been to since birth will be stored, for investigation purposes. Your pulse, blood pressure, and other values will constantly be read and stored as well, for both medical and investigative purposes. Huge computers will constantly perform consistency checks and automated investigations of every person in the world every so often. If any patterns are present in any of your records or positioning coordinates that suggest any kind of abnormal activity, you'll be snatched off by the Thought Police and taken directly to Room 101.
Soon, they will know your every move, your every transaction, your every thought. It'll be like Johnny Mnemonic meets 1984 and the Biblical Antichrist all in one, And Microsoft will be at the helm of this innovative technology.
Ooooooooh well. I need to get another Negra Modelo, while I still can.
I wonder how many windows users STILL have not installed the Root Certificates Update Patch on their machines?
I installed the root cert patch on my laptop's Windows 98 OS. Within two days, the laptop's hard disk failed. I bought a new hard drive. I installed Windows. I installed the root cert patch. The new hard disk failed two days later. I sent the second hard drive in and got a third hard drive. I installed Windows. I did not install the root certificates update patch.
Will I retire or break 10K?
This may be M$ last hurrah.
They have obviously lost touch with reality. Maybe they've been listening to their lawyers.
For all Bill Gate's money, his entire wealth has been based on reducing over-head. Not even production costs. OVER-HEAD. The guy doen't have a clue.
CIO are talking to Linux vendors. HP is advertising Linux machines. IBM is gung-ho on Linux. Governments are refusing to consider closed-source.
M$ now has a competitor. M$ is DOOMED. Its not IF, its now just UNTIL.
Like the insane drift towards higher production costs that can break a studio if the audience using what ever brain cells remain in its media-addled pates decides NOT to make its way to the latest budget-&-ball-busting cinematographic turkey, in lemming-like waves throwing bills from its wallets at the bubble-gum chewing minimum-wage earners at the Odeon as patrons hurtle over the cliff, or simply slip and slide in the darkened meat-locker on the oozed-out-through-the-bottom-of-the-bag pop-corn topping to smash their skulls on the arm-rest mounted "bucket-O-Coke" holders.
Like Josip Brox Tito's insistence to the firing squad that his people loved him and his wife. Followed by eleven shots from the twelve rifles.
If Bill Gates went out holding a lamp and shining it into the faces of every stranger he encountered, he would have a longer road to tread in the search for anyone who has not been burnt in someway or another and still trusted M$, than that walked by Diogenes in his search for an honest man (There is no record that Diogenes ever bothered to even head towards Redmond.)
MSBPodcast.com The opinions expressed here are my own. If you don't like 'em... Think up your own stuff.
It's absurd to think that such a huge company that has control of such a huge share of the market with software that has such huge security concerns, can come up with something that actually *is* secure. If this takes hold, all I can say is that the OEM's will be getting my business, NOT Dell, HP, or any of the other major players that are going to incorporate this nonsense into hardware.
Just the same, I especially liked this passage:
Controls your information after you send it . Palladium is being offered to the studios and record labels as a way to distribute music and film with "digital rights management" (DRM). This could allow users to exercise "fair use" (like making personal copies of a CD) and publishers could at least start releasing works that cut a compromise between free and locked-down. But a more interesting possibility is that Palladium could help introduce DRM to business and just plain people. "It's a funny thing," says Bill Gates. "We came at this thinking about music, but then we realized that e-mail and documents were far more interesting domains." For instance, Palladium might allow you to send out e-mail so that no one (or only certain people) can copy it or forward it to others. Or you could create Word documents that could be read only in the next week. In all cases, it would be the user, not Microsoft, who sets these policies.
I started reading, and I thought..."it's obvious where this guy is heading - protect the commercial interests, screw the consumer." Then I read a little further, and noticed Bubba's comments on 'ordinary people' - but does it mention that nasty P-word (Privacy)???? No way. It talks about being able to place constraints on EMAIL! Oh happy day! And guess what...this isn't about ordinary people, because ordinary people usually don't have any reason to put such constraints on their e-mail...but corporate executives *cough*gates*cough* certainly do.
Overall, I think this whole thing is a crock, being masqueraded as something we need. Even if we do need it, I'd argue that the last person we need it from is Billy.
This article smells like a trial balloon. "We'll invite in a reporter to say nice things about us and see what public response we get." We need to make it clear that putting Microsoft-designed security/DRM hardware in our boxes is not an option and will never be.
I really liked this comment from the article:
An endless roster of security holes allows cyber-thieves to fill up their buffers with credit-card numbers and corporate secrets.
As "neat" as it would be if my Apache logs indicated someone was trying to do a buffer overflow on me using credit card numbers, I think some poor Newsweek reporter got nailed by buzzword overload and just started spewing gibberish.
Maybe next cyber-theves should start using the text of MSNBC articles on buffers.
Quick, somebody register Project Odysseus at Sourceforge!
- Have a picture
Exactly what I was thinking. MS Windows has a whole bunch of security flaws (and perhaps security woes, that aren't necessarily flaws yet), so what do we do? We plan on making everybody else change so that MS Windows can do whatever it wants, but this doesn't make any sense because Windows will still continue to suck. Every single problem they listed is simply a problem in software design. The hardware has nothing to do with any of those problems. Sure, you could go ahead and design a whole bunch of hardware to solve some of those problems, but what is the point when you could do it at 1% of the cost, but in software? The whole article (if you could call it that, sounded more like a MS PR release) sounded like a bunch of MS FUD trying to get the general public to believe that the reason computers have problems is because the hardware is poorly designed. I see it as just another way for MS to get ahead in a field that it is already #1 in (maybe not for long though). How much do you wanna bet that MS, et al would not release any of the specifications for this new 'technology', siting security fears, to anyone else (the public, third party companies, etc) in order to edge out the little guys who develop great alternatives (open source and closed source)? This whole thing looks like just a way to get other large corporations to join in on MS's monopoly so that they can form an oligopoly and not look so incriminating (although I'm sure time would tell even that, if it isn't too late and the United States of MicroSoft (USMS) haven't already formed a large army). Why else would billions of dollar be spent to disrupt a market in which a couple million could be spent by MS to fix 90% of the security problems?
I don't know about you, but I'm stocking up on hardware and software NOW. As the article said, future improvements aren't going to be about speed but "security" (read: copy restriction at the cost of improved speed). This means that what we should do now is get the fast and free computers before they are no longer available. This stuff might become very expensive and rare -- available in places like the ghettos in 1984. Get two or three parts of everything. Maybe some LUGs can start "freedom hardware pools" where we will change out parts as the break.
One thing is certain: digital rights management has momentum, and is gaining more and more of it. The increased profitability of corrupt corporations and corrupt governments are at stake, and the fall of Napster is the first sign that the Internet is not government-proof.
-- Ken Kinder ken@_nospam_kenkinder.com http://kenkinder.com/
How quickly we forget that they gave themselves that ability by EULA The XP EULA states 'You acknowledge and agree that Microsoft may automatically check the version of the Product and/or its components that you are utilizing and may provide upgrades or fixes to the Product that will be automatically downloaded to your Workstation Computer.' To do this they must be able to read your files at will. What kind of privacy is that? That's M$'s stated policy and that's what you can expect.
Encrypting data between the keyboard and the monitor is good only for tin foil hat types and making sure that Other OS are deprived of hardware. Hollings might like this crap but the rest of us just won't buy it. How much more bloated and useless can M$ get? All of this junk to replace user accounts, file permissions and there means of actually insuring security and privacy.
It's reassuring to read that 45% of computers are built by small shops that have no incentive to follow M$ down. To paraphrase Bones, "It's dead, Jim."
DMCA, Hollings, Palladium. What might have sounded like paranoia is now common sense.
...the one issue I have with DRM is that, once it is in place, publishers can and will use it to take away rights that we currently enjoy. Just like Macrovision restricts our right to make copies for our own private use, and region coding prevents free traficking of goods.
"Piracy" is wrong any way you slice it, I welcome measures that will put a stop to it. I also welcome technology that gives the consumer more choice, like the options of downloading a movie for viewing once at $3 or downloading it for $15 for unlimited viewing. But I will oppose any measure that will take away rights that I already have, in the name of opposing piracy.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
From the article:
Let's hope that in setting the policies for its use, we keep in mind the key attribute of the woman embodied in the first Palladium. Athena was the goddess of wisdom.
Let us also not forget that Athena fought against the Trojans, so perhaps the statues of wisdom was on the Trojan side, but the incarnation of wisdom was on the greek side
An aside: Why does my sristwatch need security?
I'd do something interesting, but my server can't handle a slashdotting.
I haven't read their actual proposal, but my psychic abilities tell me it is going to look something like this:
1) Microsoft is trustworthy (we will treat this as an definition, so it must be true).
2) All things must go through Microsoft and use Microsoft's (closed) protocols (after all, MS is defined as trustworthy, anything that relies on outside sources and don't go through MS must be evil).
3) Pass legislation to make copying illegal (this should stop all illicit copying: it works for the MPAA and the RIAA).
4) All computer systems, if they can't run MS protocols, need to be replaced with computer systems that can. If they are running anything other than Windows XP, this needs to be fixed. (MUST be using MS products, remember?)
5) MS is trustworthy (see #1 for the proof).
Integrate Keynote and LaTeX
There are two ways to do that: by banning any software not directly trusted by Microsoft, or by passing the data around encrypted until it reaches the screen (and, of course, trusting that the screen's private key will never be discovered). I'm not sure which is scarier, but I honestly don't think even Microsoft has the power to accomplish either.
And they claim this: "Eventually, commercial pitches ... can be stopped before they hit your inbox--while unsolicited mail that you might want to see can arrive if it has credentials that meet your standards." There is no way to allow email from strangers without also allowing commercial email from strangers. It's possible to reject all unsigned email (and thus, at least, know who is sending you spam). All hail the death of anonymity.
And last, it pains me to see that "security" has stopped meaning "protecting your computer and data from attackers" and now instead means "protecting your computer and data from you." A computer that enforces DRM isn't more secure. More authoritarian, more expensive, and more likely to let me watch DVDs, but not by any means more secure.
Everyone with the resources files for patents not only in the US, but also Japan, Europe, etc... I bet that if you look it up you'll find that the MSFT DRM patent is in process in every major economic market in the world.
If you looked closely at the article you'll notice that it is actually credited to Newsweek.
A well-crafted lie appears unquestionable - Dama Mahaleo
Yup there already is a secure OS that provides great strides in privacy as well. You don't need any special hardware to run it, and it doesn't cost you anything. It doesn't include any DRM garbage and it's called Open BSD.
Duris MUD - The best pkill MUD. Ever.
It's a brilliant name. They're talking about supplying a Palladium to a Troy, which will thereby prevent things like "Trojan horses" from bringing about the downfall of that Troy. The Palladium provided security. Microsoft wants to supply a Palladium. Jumping Jesus on a pogo stick, man, this isn't that hard to fathom.
If I may, I'd like to thank my grade school teachers for their emphasis on reading comprehension and critical thinking skills.
They also realized that if they wanted to foil hackers and intruders, at least part of the system had to be embedded in silicon, not software. This made their task incredibly daunting.
So there you have it. They believe that security through obscurity will be sufficient if that obscurity is in the hardware, buried under a layer of ceramic or epoxy. In other words, using hidden encryption keys in the hardware so that the key exchange won't be accessible via software tools. And the only way this can work is if everybody upgrades all their hardware at once. Fat chance! I'm all for cryptographically secure hardware--but only if I am the one setting the keys, not some secret industry / government consortium. DRM is absolutely not possible with obscurity and therefore is our enemy.
What to do about this?
1.) Don't buy or support M$ software. That means being choosy about employers too.
2.) Implement excellent free software solutions that will be inherently incompatible with any nonsense M$ pushes. The more people satisfied with Linux/BSD, the more people that will refuse this rubbish.
3.) Don't buy any hardware that supports any standards they dream up.
4.) Come up with our own open hardware/software security model. Be innovative. Find a way to make security and encryption easy for the average user.
5.) Spread the word to the non-tech folks. Use propaganda if needed--fight fire with fire.
From the article:
... Early opinion makers are giving them the benefit of the doubt.
One hurdle is getting people to trust Microsoft
Why? Why on Earth, after all that's happened, would anyone give Microsoft the benefit of the doubt? Fool me once, shame on you. Fool me twice, shame on me. Fool me a dozen times, I must be a fucking idiot.
TheFrood
If you say "I'll probably get modded down for this..." then I will mod you down.
Microsoft have finally realised that there are free (beer and speech) alternatives that do 95% of the things that Windows does, and mostly at least as good as Windows does them.
We thought they'd struggle. We thought they'd adapt. I think they've actually decided to follow through on one of their antitrust assertions, that the best price point for Windows is $800. Yes, $800. Sure, they said, they'd lose a lot of customers, but they'd retain a lot of customers - those who didn't have a choice, they noted - and they make more money out of them.
This is along those lines. In even three years time, anybody still using Windows will be doing it because they don't know that they can switch, because they're not allowed to switch, or because they absolutely cannot switch. It's a captive market, pretty much by definition, because it's free to switch. So they can turn the screw. They can squeeze and squeeze and squeeze. They can lock people in harder than they we can imagine, all the time cranking up the dollar cost in obfuscated software-as-a-service licensing, and raising the cost to leave them (because all of your data becomes unreadable).
Does it sound insane? The tighter they close their fist, the more star systems - er, customers - will slip through their fingers? So what? Whenever one leaves, pass the cost onto the rest. And keep doing it. The beauty of this system is that if you have one customer left who can't afford to switch, the arithmetic works! This isn't hyperbole: what if that last customer is the US government in some form? Say, the military. How much is it worth to the DoD to keep renewing the licenses for Windows For Warfare? How much is it worth for them to hush up how insane it was to allow themselves to get tied in to proprietary software, when the dangers were clear?
But it won't even come to that, because enough businesses are already locked into the mindset that they can't give up Microsoft. My own employer's IS department won't even trial Star/OpenOffice. It fills them with primal fear to consider moving away from MS Office, ever. To suggest to them that we could trial non-Microsoft OS's would be anathema. Hell, it's not their money they're spending, and nobody ever got fired for buying Microsoft (nee IBM).
So, sure, pile it on, Microsoft. The nightmare scenario is, of course, hardware that will only respond to Microsoft's patented security systems, but there are enough generic non-PC devices out there using the same hardware (I develop them) that even the most corrupt and insular legislator would have to listen to the storm of protest that would erupt if Microsoft OS was made mandatory in desktops, servers, embedded systems, set top boxes, PDA's, MP3 players, cellphones, desktop 'phones for that matter (and no, I am not joking about this last one - I develop VOIP 'phones that have an OS, versioned software loads, even a web browser).
This looks horrid, but I don't believe that even Microsoft can railroad it through on the hardware side, and without that, it only effects those people who can't or won't switch from Microsoft. I pity those people, but there'll be fewer of them every year, so eventually we won't even be tortured by their piteous wails as Microsoft gouge deeper and deeper. My only worry is that most of the final holdouts will be spending my tax dollars, so Microsoft will get my money anyway.
If you were blocking sigs, you wouldn't have to read this.
Well, I guess Palladium is better than Microsofts *previous* privacy policy, "Pandamonium"
Strangely, a google search fails to turn this up, or indeed much else on Microsoft's wonderfully transparent new idea. The idea that they've already agreed (transparently?) with Intel and AMD, so don't tell me this is a brand new project.
As with all verbal promises, this one's not even worth the paper it's not written on. How high is the Cynic-O-Meter reading here? I'm betting by "publishing" they mean "making viewing of representative samples of the source available under strictly limited and NDA'd conditions to selected high level purchasers in government, industry, and, hell, even some of those long haired hippy academics. But not the pinko ones, obviously."
The rest of this is article is just blurb, but this, if true, would shake Microsoft to its very foundations. Want to bet it later gets dismissed as a misquote? I'll even venture that "transparency" replaces "trustworthy" as Microsoft's meaningless-blurb-word-of-the-moment. Hell, they might even go as far as trying to assimilate "freedom" for their cause.
If you were blocking sigs, you wouldn't have to read this.
An endless roster of security holes allows cyber-thieves to fill up their buffers with credit-card numbers and corporate secrets. It's easier to vandalize a Web site than to program a remote control.
.
.
Just makes you want to stay in bed in the morning, huh? What a big, bad, nasty world.
Computer security is enough of a worry that the software colossus Microsoft views it as a threat to its continued success: thus the apocalyptic Bill Gates memo in January calling for a "Trustworthy Computing" jihad.
Hello, FBI? I would like to report some crazy dude with funny lookin' glasses screaming and moaning about a Jihad. Yeah, he keeps muttering stuff about world domination, and how everyone is out to get him. Yes, his name is b-i-l-l. .
What Gates did not specifically mention was Microsoft's hyperambitious long-range plan to literally change the architecture of PCs in order to address the concerns of security
As opposed to hyperactive, which is how his mother describes him.
"This isn't just about solving problems, but expanding new realms of possibilities in the way people live and work with computers," says product manager Mario Juarez.
Someone let a typo through. The word is 'limiting,' not 'expanding.'
"We have to ship 100 million of these before it really makes a difference," says Microsoft vice president Will Poole.
Linux, BSD, and OS X anyone? Now, more than ever!
Tells you who you're dealing with--and what they're doing. Palladium is all about deciding what's trustworthy.
Trustworthy: RIAA, MPAA, Microsoft, FBI, Intel.
Untrustworthy: Your Mom, anything with the letters GPL in it, your cat Skittles, you. .
The system uses high-level encryption to "seal" data so that snoops and thieves are thwarted.
Snoop and thief meaning the end user.
Palladium won't run unauthorized programs, so viruses can't trash protected parts of your system.
Like that pesky GPL virus. That one gives me the shivers.
Eventually, commercial pitches for recycled printer cartridges and barnyard porn can be stopped before they hit your inbox--while unsolicited mail that you might want to see can arrive if it has credentials that meet your standards.
Like reminders to renew your MS software subscription.
Microsofties have nicknamed these services "My Man."
In my neighborhood we call him "The Man." Damn fool is always keepin' us down.
In all cases, it would be the user, not Microsoft, who sets these policies.
Of course, your system would come with preset Microsoft friendly defaults. And just to be sure that everything is working correctly, upgrades will reset those defaults.
Intel originally turned down the idea before eventually embracing it.
See, I told you that truck loads of money can make a difference in the world.
By then the special security chips will be rolling out of the fabs, and the computer makers--salivating at an opportunity to sell more boxes--will have motherboards to accommodate them.
Of course, the initial developments will cause a temporary rise in costs. Over the long term costs will drop. Unless they don't.
Don't mind those stuffy looking men colluding behind the curtain.
"We don't blink at the thought of putting Palladium on your Palm... on the telephone, on your wristwatch," says software architect Brian Willman.
We also don't blink at anticompetitive licensing agreements.
but less tolerant nations might insist on a "back door" that would allow it to wiretap and search people's data.
I just love getting screwed through my "back door."
"I firmly believe we will be shipping with bugs," says Paul England.
After all, they have a reputation to uphold.
When Microsoft manages to get Palladium in our computers, the effects could indeed be profound.
Yeah, about as profound as a game of Pong.
The middle mind speaks!
MS Bob - No explanation requred.
USS Yorktown - 'nuff said.
IIS - A webserver so holy it could put the Pope out of commission.
Hotmail acquisition - Couln't get it to work for a while without existing open-source software.
MSN.com - For a while didn't allow any non-MS browsers to access the site.
Windows ME - short lived.
Permissions of Win2k and XP - Was it supposed to work?
.NET - cracked before it was released.
Palladium *new*
Does anyone else find it strange MSNBC is always bashing MS? Perhaps something's going on we don't know about.
This is the Internet. You can say "fuck" here. - AC
Take another look at the criticisms being voiced. The issue is whether this really has anything to do with security, or more to do with providing an architecture to lock out competitors and control, or eliminate, fair use rights.
Microsoft's insecurity woes have little to do with encrypting signals between your keyboard/monitor and the computer. Signed code also misses the issue. The problem is that Microsoft has a long history of bad implementation and flawed architectural design. Environments that will remain flawed even as Microsoft moves on to their next Big Thing.
This casts further doubt on Microsoft's intentions and even ABILITY to provide a secure architecture. This is not entirely a technical issue. This has as much to do with Microsoft's culture and focus as it has to do with their engineer's abilities. There has to be a fundimental shift within Microsoft such as changing the focus on last-minute features at the cost of debugging. And that is a challenge for even a company as nimble as Microsoft.
Bah, total lack of ethics. I'd say you lack ethics for accusing Microsoft of every little fantasy of yours.
Microsoft and other companies in the tech community have spoken out against the SSSCA. Primarily because most everybody realizes that it would put a huge damper on new sales.
But that doesn't mean they are stupid. If it does pass, they want to be in a position to provide hardware and software which will support it. Otherwise they have nothing to sell themselves, and that is assured to put a damper on sales.
Repackaged and preprocessed, the sequel to "Hailstorm: All Your Info are Belong to Us" is proving to be another attempt to control every users personal information by leveraging a desktop monopoly.
At least one can hope this one is as transparent as the first.
Who the hell needs insecure, buggy boxes that ONLY run Windows? The "only runs Windows" is in the article. As for insecure, remember that M$ has proven its inability to protect it's own proprietary information. Their proprietary DRM scheme as embodied in WPA is so weak that it ONLY inconveniences the honest end user who wouldn't think of going to a cr4cKs/w4r3z site to get the key needed so he can use his own legally acquired software.
Who the hell needs DRM whose only purpose is to keep the "pigopoly" at MPAA/RIAA happy?
Where the hell does anybody get the idea that Microsoft DESERVES another chance?
Tech Public Policy stuff
Correct me if I'm wrong here, but how can a system propose to supply DRM and privacy. The key to effective DRM is knowing who has a certain piece of something and how they are allowed to use it. This of course requires identity. Privacy on the other hand has the main goal of avoiding knowledge of who you are and what you are doing. That lack of identification is what allows services like Limewire, Kaazza, and others to thrive (well maybe not thrive but you understand). I don't see how one system can proport to support both of these goals at the same time and accomplish both.
THIS SPACE FOR RENT
This is a prime example why the OS portion of MS should be broken off as a seperate company. If the people who control this process are selling software that needs to have permissions enabled in order to run, and they are competing with others, there is a clear conflict of interest. If we create two companies, let's say Windows and Microsoft, then there is more ensured fairness. The windows company will ensure that the largest number of people have access to the approval process in order to please their stockholders. As it stands now, keeping compteitors to all of the MS products out of the loop has a very nice ring to it.
THIS SPACE FOR RENT
I make no claim that this is intentional on Microsoft's part, but this is what just happened on my computer (dual-boot Debian Linux/WinXP), but I found it interesting.
I just installed WinXP to replace Win 98 (too many crashes when I boot to Winblows to play games). Afterwards, I was trying to install OpenOffice. I tried to download OpenOffice several times from several of the different mirrors, and was unable to. It would download 99% of the way and then stop. Finally, I decided to download Mozilla (which would have been my next step anyway), and after I installed it, I used it to download OpenOffice, without any problems.
While I have no indication that this is intentional on Microsoft's part, I find it spooky that I was unable to use IE to download OpenOffice, a potential major competitor to one of MS's most profitable programs. Though I doubt this was intentional now, I can easily envision a future where MS will refuse to certify or allow any competing or especially !Open Source! programs to run on their DRM computers.
I also am afraid that we will be forced into DRM. Microsoft will continue in its tradition of embrace and extend, by making DRM enabled computers able to receive files from both DRM and non-DRM computers, but unable to send files to DRM computers.
BAM. Suddenly MS now controls DRM for all machines used in the US. Not only does this mean control of information, but it could also wipe out all other OSes since only Windows would be Palladium compliant. On top of this MS would then get royalties from hardware companies, which would be... hmm... ALL OF THEM.
Sure this may sound a bit scary, but it is highly possible. Now, picture this:
A few years down the track after Palladium is adopted. DRM would be in everything, from CD players to high end digital projection systems in theatres. Using Palladium, MS could decided it doesn't want to certify RIAA and MPAA content. It could effectively hold both to ransom. Now, not only has MS got control of machines, but it would then have control over content as well. The ability to decided what bands CDs can be played and what movies get made.
So sit back in your Microsoft Certified Chair (tm) while you read the Microsoft Certified Slashdot(tm) on your Microsoft Certified DRM Compliant Computer(tm) while you drink your Microsoft Certified Beer(tm). Welcome to the Microsoft Certified World(tm). Where do you want to go today?* (*notwithstanding anywhere you want to go will be controlled by us, therefore you will only go where we will tell you to go.)
I've had this problem with IE multiple times - it's some sort of bug in their http support. And it happens to anything - I was unable to download the Visual Studio Service Pack, Gentoo Linux, and a couple game demos, along with an IE patch. It does seem to go away in Moz though, but Moz has enough problems with HTTP of its own (like the pipelining features).
using namespace slashdot;
troll::post();
However, it is uknown as to whether or not microsoft will be able to invade your privacy, since they make the system. Have to double check that EULA!
Palladium will be the first MS product without an EULA because they'll have already taken those rights out of the Constitution. How else can they implement this?
...am I going to trust a company that's broken the law on numerous occasions, probably put money into the hands of politicians and accepted such from the entertainment industry...
Just about every major company in the US does all of those things. Of course, you could be a hermit, but I doubt it...
Maybe you should respond to the main point of his post instead of lambasting him for being a Windows developer (considering that most developers are Windows developers, seeing as it has 90-something percent market share).
Microsoft and other companies in the tech community have spoken out against the SSSCA. Primarily because most everybody realizes that it would put a huge damper on new sales.
If true, that statement puts a rather large hole in your Microsoft conspiracy theory.
The EU doesn't allow software patents, as a rule. There are some exceptions, but in general...
Female Prison Rape in NY
I mean, come on! Where's the track record? Why can't Microsoft deliver a good, secure OS before making a ham-handed attempt at 'Palladium' ??
Sometimes I wonder if the 'soft' in 'Microsoft' comes from the softness of their brains...
Does it justify it? Maybe not. But anyone bemoaning the fact that Microsoft does that is being hypocritical, 'cause they almost invariably deal with dozens of other companies that are just as bad or worse - without complaint.
Do not be deceived.
This is not about giving the consumer freedom. It is about controlling all facets of a consumer's computing life.
In order to achieve the power and control (which leads to money) that Microsoft relentlessly pursues, they need the cooperation of hardware manufacturers. Otherwise, if features we did not desire were implemented, we would simply go to Linux. We would have a choice. Choice is good for the consumer, but that takes away their power. Your ability to go somewhere else takes away from their ability to control you and the world. But if the hardware itself is designed to run their software and conform to their plan, it would be extremely difficult for the consumer to have any choice. There aren't too many hardware manufacturers. Software is easy and cheap to design and share. Hardware fabrication plants are extremely complex and expensive to design and run.
After they have gotten the hardware manufacturers to go along with their plan, the next step would be to get the politicians to support their cause and draft laws that would require "trustworthy" computing. In a post-September 11 world, with the political and media hype about terrorism and security, that would be very easy to accomplish.
We cannot afford to be ignorant. This really is about choice, freedom, and ultimately, livelihood. These are the things at risk. What they want is the ability to control our lives for their ulterior motives.
I'm sorry to say this but many of the strategies employed by Microsoft remind me of the Nazi's.
"One World, One Web, One Program"
- Microsoft Promo Ad
"Ein Volk, Ein Reich, Ein Fuhrer"
- Adolf Hitler
A word is enough for the wise.
Those two words pretty well sums it up. In all serious though, it's going to suck ass when we have to buy mod chips for our PCs.
Maskirovka
One-way hash functions: In a nutshell, a one-way hash function is a function that takes a variable-length string of input data and returns a fixed-length string (the hash) that represents it. Due to the mathematics involved, it is computationally infeasible to derive a different input string that will evaluate to the same hash. The same input data always produces the same hash.
Symmetric (a.k.a. "secret key") Cryptography: Basically, you take two inputs, the "plaintext" and the "key", and you feed them through an algorithm to get the output ("ciphertext") that looks like jibberish (a process called "encryption"). You can then take the ciphertext and the same key, feed them through the inverse algorithm, and get the original plaintext (a process called "decryption").
Asymmetric (a.k.a. "public key") Cryptography: It's just like symmetric cryptography, except instead of using the same key for both encryption and decryption, you use two different but related keys -- one for encryption and one for decryption. You call one of these keys "private" and you never let anyone see it. You call the other key "public" and you distribute it to everyone.
Other people can encrypt data using your public key, and that data can only be decrypted using your private key. The other thing you can do is encrypt data using your private key, so that it can only be decrypted using your public key.
But what use is that, you say? Well, you can encrypt the hash of the program you're signing using your private key, and distribute the resulting cyphertext with your program. If other people want to verify that your program is authentic, they can compute their own hash of your program, and then decrypt the cyphertext of the hash you computed. If both hashes are the same, then your program is verified, because only someone with your private key could have generated that cyphertext.
This is how all digital signature systems work.
For more information (especially if I confused you), see An Introduction to Cryptography (PDF), which explains it much better that I can.
It's not like we're going to end up having a choice here. If Microsoft tries to do this and people start jumping ship to Linux or Mac (assuming Apple doesn't follow suit), then Microsoft and the *AAs will go to Washington and demand legislation to mandate DRM in every OS (and Fritz is already chomping at the bit to get something like this passed). And you can bet that they'll get open source outlawed in the process. After all, what's the use of having DRM if someone can have access to the source and just remove it?
It's not enough to bash in heads, you've got to bash in minds. - Captain Hammer
OEM?s are wimps. Remember when the athlon first came out and asus denied it even had an athlon motherboard because they were scared of the big bad intel? Or how compaq killed the alpha because they did not want to frighten intel so they signed a contract in exchange for cheaper prices for pentiums in there consumer desktop divisions?
.net my services will finally take off. After all you agreed to use it didn't you? If you don?t agree to it USE A TYPEWRITTER will be Microsofts attitude. This is why ms wants drm so bad. Sure it will prohibit piracy but it will also insure their renting schemes and license hikes at the hardware level. Very, very dangerous in my opinion. My guess is the 2nd version of Windows.net will not run without drm enabled hardware. This would make the OEM's cream in their pants. Microsoft always lets the OEMS do their dirty work and this is probably MS's latest scheme. Sadly, I guess 5 years from now we will all be running linux on slow and expensive macs. This will be our only choice for a cost effective linux platform. We need to write our representatives because the linux marketshare won?t make a difference with the oems and yes it will go through. If Microsoft and the OEMs are for it then their is no stopping it. With or without linux.
Like it or not consumers want to buy the latest and greatest versions of Windows and intel chips for the cheapest prices. Consumers who need a newer pc will not invest thousands of dollars for yesterdays software. They want to be on the edge of the upgrade curve for their investment. An oem can't sell pc's without the latest version of Windows or else they will go bankrupt. Linux only makes up %2 or %3 of their sales. Most use it for servers anway so they wont care. If I were Michael Dell I would discontinue linux immediately and sell these drm cripples pc's before compaq or gateway do to outcompete them. If I didn't do this I could lose my job and bankrupt my company. Its sad but true. This is how OS/2 lost. It was beginning to get popular right before Windows95 came out. Then out of nowhere it vanished. Even IBM sold out due to fear from Microsoft after they invested billions into it. It was a waste but their pc division would of went belly up if they didn't cave in.
The only thing we can do to stop this is to email and snail mail your elected official and explain to them what your opinions are and also explain how it could physically cripple the whole IT industry. This is worse then the anti-trust violation of the bundling of IE. Much, much worse at a whole different scale. At least with the internet explorer case, consumers benefited by having a zero cost browser. This new scheme offers no benefits besides to lock consumers into agreeing to buy only microsoft operating systems with dracionian eula's attached to them that will prohibit fair use. Who knows, maybe
http://saveie6.com/
... at the time that the ``Trustworthy Computing'' initiative was announced that it was all just another marketing ploy. Sure looks like the people who were thinking that were right on the money.
CUR ALLOC 20195.....5804M
However, a band of smart geeks (erm Greeks) found a back door into the city, disabled the protection mechanism thus leaving the city wide open to attack.
The community complains loudly about companies that want to forcefully restrict liberty for users and developers alike. But has the community come forth with its own proposal?
How do we implement rights management for the independent author? How do we support code signing for the independent programmer? I should have an Open system that allows me to produce my documents, write my code, distribute what I want, and have everything appropriately signed by me.
Are we up to this? Are we able to propose alternates? Instead of just saying "no", shouldn't we be constructive and say "this is how to do it"?
I'm willing and able to work towards this, altough it's not something I can/want to do alone. Any takers? Let me know.
free the mallocs!
They can talk about adding all the new gimmicks they want but they still have to convince the buying public to upgrade from their older versions that don't have these "features," and their monopoly power ain't what it used to be. They should perhaps spend a little time studying those Windows XP sales figures.
Seriously, I use Windows 2000 and there are a few new features in Windows XP that might be worth the upgrade. But I'll be damned if I'm going to get their software if I have to deal with their new registration BS, especially when there is currently verey little that NT 5.1 can do that NT 5.0 can't.
It won't matter if MS releases the source because most likely a lot of this will be patented. Probably all owned by Microsoft no doubt--or they'll start buying all the companies that have these patents if not. Open source projects can't affort to pay patent fees (assuming M$ gives out licenses), and any for profit software company will be crushed by the monopoly if they are perceived as 'competition.' The US government has really dropped the ball with their anti-trust lawsuit--hopefully some other countries will step in...
This is part of the reason that I think that these attempts at DRM systems are really an attempt to control all communications by a few big corporations. Think about it--patents will give MS and some of the big chip manufacturers almost exclusive control in the computer and networking environments. The keys to create and release content will most likely be held by the big media companies--'content' meaning all video, still image, and audio data...and probably text. The future of communications (the telephone, document transfer, music, motion pictures) will all be digial and accessed by the internet. Therefore anyone wanting to communicate over long distances (as we do with the telephone now) or send a message to a large group of people (such as your own original song, or a usenet like post) will have to:
They could reject anyone whose opinions they don't agree with. The future doesn't look very good at all if they succeed...
I'm not sure why everyone gets so scared of this patent anywhere. The moment the patent prevents a competitor from entering the digital rights management market, the patent will be dropped faster then the DoJ could say anti-trust.
Not really. Microsoft doesn't want the SSSCA forced upon them where the terms are out of their control. A program that they control is another matter.
here
And I'd say you lack ethics for accusing me of that when it's flat-out wrong.
Interesting, because you have no proof or evidence to suggest that I am wrong, or to even support your claims. Both my explanation and yours rely up supposition. However, whereas mine provides a very likely rational, yours relies on conspiracies and fantasies in order to support it, which makes mine much more logically plausible.
It isn't ethical to make up stories and lies about people just because you don't like them.
I also note, from your Web site, that you're a Windows developer, which may be the reason why you're so fast to jump in and deny Microsoft's rather transparent strategy.
Nice cheap shot. What does it say about you that your personal web site responds with a 404 error?