Will Microsoft Code-Checking Plans Cripple the GPL?

Infonaut was one of many readers to point out that "Thomas C. Green at The Register seems to think Microsoft is after far more than the 'ubiquitous security' they're pitching to the mainstream press. In this lengthy article, he contends that Microsoft's latest plans are in many ways an attempt to kill Linux by rendering GPL'ed software unusable. Yep, that's freedom to innovate, I'd say."

Where did you say you wanted to go today?

[paiute]

Sorry, you can't get there from here.

Thomas, are you there ?

[forged]

I wonder is Thomas C. Green is one of the many IT analysts also reading Slashdot on a regular basis.

Thomas, if so, can you reply to this so that we may ask you questions in this forum ?

Re:Thomas, are you there ?

[dcvulture]

sure, cheers.

tcg

Re:Thomas, are you there ?

[zangdesign]

What is your evidence? You seem to have taken the Microsoft/Linux conflict to a ridiculous extreme in the article.

Having read it, I'm of the opinion that you're being needlessly alarmist. Too many sites run on Apache to suddenly have Microsoft or anyone else lock them out of users PC's.

Re:Thomas, are you there ?

[tomhudson]

At's even more trivial to defeat the whole thing - after all, once you've bootstrapped a modern os, you don't need the bios anymore.

Put a patch in the os (isn't open source great - you can't do that with closed source) that intercepts all bios calls, and gives back the response you want to give.

Next, we'd see patches for flashing the rom to disable the mobo code - again no problemo!

The only people who wouldn't be able to accept this solution are proprietary os loosers^H^H^H^H^H^H^H^Huseres.

This way, you can even imitate another user and pc by copying their hash key - talk about yet another gaping security hole.

Now you won't even have to root their box to own them

I guess this is Bill Gates latest insecurity model

Micro$oft - you fix it, they break it in the next version!

Re:Thomas, are you there ?

[tomhudson]

See the thread a few days ago on emulation - anything that can be done in hardware can be done in software.

1.Intercept the bios calls, and return whatever you want, including "signed" data. Or return nothing. Or return values you've sniffed from someone else's box.

2. Back up your bios first, then look through the bin file (doing this on 2 mobos with the same bios, and running a diff will give you the bios key)

3. If sites don't allow people in who aren't authenticated, this means that, eventually, as authentication becomes all-pervasive, unauthenicated users will become "invisible". Once nobody will be able to see them, and nobody's checking for them anymore, they'll be able to roam the net free of constraints.

Also, we could run the data stream through a firewall that could strip out any key data, or replace it with whatever we want.

There are also privacy concerns that would require that the ID be able to be changed, or deleted. You can be sure that the NSA, etc., will insist on a back door for their "trusted users". How long before someone else finds it?

If you don't think people will be able to do this, check out how many are using hacked satellite TV cards.

Re:Thomas, are you there ?

[Phill+Hugo]

A question isn't really relevent here, a single GPL bootloader (no doubt a patched lilo :) will be all that is necessary to disable and circumvent (or in the tone of this 'announcement', "authorise" any software and thus the linux kernel and user space stuff. A similar panic reaction; over hype fuss was made over the serial numbers in pentium chips.

Bah.

[EvilNight]

Don't worry about Microsoft. They're on their way to being a footnote. I chuckle that they think that when forced to choose between MS and GPL, people will go with MS. That's not a safe assumption to make... not a safe one at all.

Just keep coding. Millions of happy hackers > politics and license agreements.

Re:Bah.

[Quarters]

AMD and Intel are onboard because corporations are amoral. The decision to make these chips isn't one of "We like MS, MS is good, let's help MS." The reason they are onboard is because they have a legal obligation to fiduciary responsibility towards their shareholders. In a nutshell that means that if there is a way for the corporation to further its profits in a manner that jives with their business plan they must do it. To not do so could open them up to a shareholder lawsuit for not protecting their interests.

Re:Bah.

[JWW]

Yeah, you could pray. But remember AMD labeled their latest chip with an XP.

Re:Bah.

[rseuhs]

MS-marketing: "Hey, wanna be mentioned in our press-release?"
AMD/Intel-marketing: "Yeah, sure."

Oh and to fuel the flame-fest:

Bill Gates early 90's: "Internet will never be popular"
Bill Gates early 00's: "Linux will never be popular"

Re:Bah.

[sehryan]

Yeah, but the early 90s comment is out of context. He says the internet will never be popular...then he realizes he is wrong, turns the company around on a dime, and now they are a dominant force concerning the internet.

So don't count them out of the linux market just yet.

Re:Bah.

[rseuhs]

I can't hear it anymore.

What Internet are you talking about?

http, ftp, nntp, smtp, tcp, udp, ip, html - everything from Microsoft, right?

Face it: proprietary MSN failed. And it's not because Microsoft didn't try.

Re:Bah.

[JordanH]

• He says the internet will never be popular...then he realizes he is wrong, turns the company around on a dime, and now they are a dominant force concerning the internet.

I welcome the day that MS becomes a dominant force concerning Linux. It would imply that Linux World Domination was achieved.

The Sky Isn't Falling Yet

[colmore]

The general thrust of the article is that under the new security system, GPL programs will not be able to be "trusted" by MS' hardware/software security system, so GPL based systems (like Apache web servers) will become unusable with mainstream computers.

I doubt this will happen.

Because, frankly, the invisible success of opensource is too widespread. I haven't looked at server statistics recently, but a significant percentage of webservers run on some manner of opensource program. Microsoft isn't going to be able to force half of the web servers in the world to switch over, and if people know that buying this new board from MS/Intel (which has few tangible benefits) will render half of the internet unusable, nobody is going to go for it. I'm not even beginning to think about the various governments that have begun to standardize around Linux, the opensource core of Apple's OS X, etc. etc.

Frankly opensource is too big. If Microsoft renders its systems incompatible with the GPL, then it will be Microsoft, and not the OS community, that suffers.

I say, let 'em try.

Re:The Sky Isn't Falling Yet

[colmore]

Also, supposed "journalism" that uses phrases like "Windoze" and "Microsoft's Mark of the Beast" cannot be trusted for accurate, unbiased information. The guy has an interesting opinion, but it's just that: an opinion.

Re:The Sky Isn't Falling Yet

[mad_goldfish]

You do have to consider that unless we can get out and tell people, most are going to think, 'Oh, website X is broken, I'll go to Y instead.' rather than 'Oh, Windows is broken, let's use Linux/Mac/PalmOS instead'.

I don't think Linux has reached critical mass yet, but I hope there will be enough incumbants on old Windows systems as well as everyone on the new systems for the new Windows market to be ignored by the web hosts.

Re:The Sky Isn't Falling Yet

[GigsVT]

Need I break out browser market share statistics from 1996?

We need to fight every battle as if it is our last, things change too fast in the IT world to trust things like market share.

Re:The Sky Isn't Falling Yet

[JimDabell]

There must be a way of using in-house software by self-signing it. Can't people wanting to use GPL software just do the same?

Re:The Sky Isn't Falling Yet

[colmore]

I imagine this will be an optional security feature, too.

Since they can't have instant 100% deployment, people will have to be able to turn off the "security" to view a lot of content. If we could somehow setup a big public webserver where rejected traffic is relocated, we could inform people that "1, they should turn that crap off and 2, Microsoft is doing some *VERY* dirty business here and 3, Isn't it time they cut those corporate puppet strings from their arms" it could be a huge PR boon for the OS community.

Re:The Sky Isn't Falling Yet

[Zathrus]

In-house is irrelevant. That's not what this is marketed/designed toward. What MS is attempting to solve here is "how can I trust party X out there? How do I even know that party X is party X? And how can I trust party X not to share my private information with party Y?"

It is, at least on the surface, a noble goal. There's still a lot of people out there that aren't willing to do transactions over the net due to security concerns. And even those of us who do use the net to do transactions know that there's pretty much nothing we can do about step 3 above -- if someone decides to share my personal data (be it my name, my address, my credit card numbers, or my social security number), there's pretty much no way in hell for me to ever track it back to them.

The problem is, these are tough nuts to crack. That's why they haven't been fully completed yet. Microsoft is taking the stance that the only way to do it is to have a centralized authority, hardware encryption, and trusted systems. The problem with this is that it must be closed source. You cannot open the source up, nor can you allow people to "self-sign" -- doing so just means that Joe Cracker can say "yeah, I'm trusted - give me your info" and the system will. Because it's designed that way.

Of course, there are a plethora of other issues here... privacy advocates will immediately scream about a centralized database of ALL the private information. Think the credit bureaus are bad? You haven't seen anything yet. And, afterall, we're talking about Microsoft here -- they don't exactly have the greatest history when it comes to security. And this isn't the kind of thing you can release and patch up later. It must be virtually air tight from the very beginning, or else you won't be able to guarantee the system as a whole (good luck patching that security hole on the embedded card reader over there!).

Re:The Sky Isn't Falling Yet

[serps]

Frankly opensource is too big. If Microsoft renders its systems incompatible with the GPL, then it will be Microsoft, and not the OS community, that suffers.

I say, let 'em try.

You think? I believe you're not looking at the bigger picture. The open source movement is a t a point where big business is starting to take it seriously. What Longhorn attepts to do is is dump linux from the desktop, because all the client progams will barf when they don't see MS-certified keys when they install. That's only half the story, though. You need those killer applications otherwise people will just install some other OS, and you've lost your leverage with the OEMshardware makers, and your momentum stops.

The other half is the network services. What if your online bank rejected non-WindowsDRM compliant Operating Systems? What if all the websites you wanted to go to required Passport, or conversely if those websites HAD to run .NET-compatible OSes in order to be accessed by WindowsDRM machines? Microsoft doesn't own the web, but if they make their own proprietary internetworking system (*cough*.NET*cough*) then they've won half the war. They can afford to play nice and let .NET become really popular before introducing "optional" security settings, then embrace and extend to taste. They need critical mass in both the server and the client to win the war, but they only need to break Linux's interoperability with Windows to relegate Linux into a niche market - an OS which doesn't "work" with the new Net.

Re:The Sky Isn't Falling Yet

[ajs]

This article talks about Web browsers, but how much would you like to bet that the first battleground for this technology will be MS' attempts to eradicate "untrusted" file servers on corporate networks.

Samba should be very concerned about this!

Re:The Sky Isn't Falling Yet

[colmore]

Heh, here's the link I wanted to put with the parent:

this page from this amazingly funny comic from this amazingly funny website

Re:The Sky Isn't Falling Yet

[Zathrus]

It's like the regional protection with DVDs. If given a choice, many consumers will rather buy a crappy "region free" DVD player than a high-end player that doesn't allow japanes/european/us disks.

Apples to oranges here.

People buy "crappy DVD players" that happen to have region free hacks because they're cheap, not because they're region free. 99% of the US market couldn't care less about non-region 1 DVDs.

It is, however, unfortunate that there are few (if any) current high end DVD players that can be made region free. Putting a $99 DVD player on a $3000 HDTV is an injustice to the TV. And a fair number of the people in the $5000+ range for TVs are also in that 1% that does care about region-free capabilities. Of course, the high end DVD player manufacturers can't actually put in region free codes lest they be gutted by the DVD consortium -- and they're a lot easier to gut than a company like Apex.

I'm sure there are some region free high-end DVD players out there... anyone want to point some out?

Re:The Sky Isn't Falling Yet

[colmore]

Corporations' purchases are at least partly reviewed by IT professionals who will instantly pick up on this.

"Wait, so if I put one of these boards in a terminal, we have to setup a new $60,000 file server, hmmm... thanks but no thanks"

Re:The Sky Isn't Falling Yet

[oyenstikker]

"They would actually need to have a monopoly on everything, not just the desktop, for this to succeed."

Just like they would need to have a monopoly on everything to force the computer retailers to ship all computers with Windows preloaded?

Re:The Sky Isn't Falling Yet

[Tim+C]

Not if the code wants to access any part of the system that deals with DRM. If it were possible to create self-signed code that interfaced with DRM components, then it would be possible to circumvent any access controls and get at the raw data.

The only way to enforce DRM policies would be to require some sort of licencing/certification process for companies and developers that want to be able to write such code. That way the high cost would effectively prevent people from committing copyright infringement in that way.

At some level, self-signed code must be regarded as being (potentially) untrustworthy, and so refused access. It's just a question of where the designers decide to draw the line. You can bet, though, that it'll be this side of enabling people to access data that the system thinks they shoudn't. This will help stamp-out copyright infringement and home-grown/open source media players...

Cheers,

Tim

Re:The Sky Isn't Falling Yet

[Sun+Tzu]

I think his point was that the GPL is undermined by the fact that you can't modify your system under such a scheme -- and still participate in the 'commons'. That, effectively, makes your GPL'd system unusable if modified.

But, replace the word 'unusable' in your first paragraph with 'unmodifiable' and I think it represents the general thrust of the article more accurately.

OTOH, I hope (and believe) that you're right on your later point -- Microsoft won't succeed on this one.

Re:The Sky Isn't Falling Yet

[rseuhs]

Not only Open-Source is too big, their own installed base is too big, too.

The majority of users still use Win98, a 4 year old OS - which is only a minor step up of Win95, a 7 year old OS. (And Win95 is also still used by over 10% of users.)

So if we extrapolate this figures:

If MS starts this scheme in 2 years, it will take another 7 years until 90% of their users have it (and that's still not enough because 10% is still too much to lose).

And because Linux is starting to make inroads (Governments of South-Korea, Germany, France, Israel and many other organizations are getting Linux on desktops) it will be too late for them in a couple of years anyway. Even if Linux only captures 10% within the next 5 years, this is enough to make such schemes fail.

I don't even have to talk about the server-side because you already did.

So, yes I agree, let them try.

This will be the next Hailstorm.

Re:The Sky Isn't Falling Yet

[colmore]

For that to be a relevant comparason, the entire OS community would have to stop putting out meaningful updates and upgrades, make no feature additions ever, decide to scrap their codebase, and refuse to acknowledge that competition is occuring.

Netscape died by their own hand. I wonder at what point the execs said "oh well we can retire on AOL money anyway, who cares?"

Re:The Sky Isn't Falling Yet

[nehril]

FYI: there is NO source for accurate, unbiased information. All information you receive from others (especially from journalists) is inherently biased in some way. Consider that even "accurate" information is still subject to selection and "errors of omission." given that this is the case, it is your job as an intelligent reader to find the bias and extract what useful information you can.

the worst sources are the ones that seem to be "fair," because they tend to make you less alert to the bias that inevitably exists.

Re:The Sky Isn't Falling Yet

[Saint+Fnordius]

The sky may not be falling, but it also fits in with vilefying emulators and their ilk, as Microsoft really *is* running scared. Now that Intel and IBM are working so closely with Linux, and Apple maneuvering itself to becoming the developer's platform of choice, Microsoft sees its comfortable monopoly under attack.

Microsoft is paranoid about becoming irrelevant, about anybody doing to them what they did to IBM. They aren't truly innovative, and they know it. It even shows with this re-hashing of Intel's unique identifier plan as a way to lock out the competition. The wierd thing is, this comes just as experts (even from Microsoft itself!) are debunking technological security schemes!

Another thing I noticed is that this whole "Palladium" is still speculative vaporware. It's as if Microsoft wants *us* to define it with our hopes and fears, or as if they heard of another meme and wanted to claim that they thought of it first.

So maybe the sky *is* falling...from Microsoft's point of view.

Re:The Sky Isn't Falling Yet

[Billly+Gates]

If the server can't serve then its not a server but a door stop. Website owners will switch if its required because it wouldn't be a server anymore otherwise. Fortunately I do not believe Microsoft will block non IIS servers outright just yet for the reasons you described earlier. But I do believe their plans will susceed if they do it in steps.

My guess is regular websites will work just fine with the first version of the new crippled windows.net/hardware combo. Alot of older apps will not run with full security enabled anyway so it will function like a typical wintel box. The only difference is that you can not install Linux and you will have to activate all ms products and not just XP. The next edition will display a pop-up warning box saying that this website is hosting on an insecure or untrust-worthy platform. Would you like to continue? Microsoft will tell everyone about this during the beta and release candidate stage and then go to all the fortune 1,000 companies and scare oops I mean convince them to switch. Older apps will also display this message but will still run. When it comes to picking the safer bet and chosing a solution based on compatibility the CIO's will all gladly hand over their wallets over then lose most of their customers. Why do you think NT is so popular?

I bet the third edition will block non IIS sites like slashdot completely and by then MS can do this because IIS will spike to %70-90 of the market due to corporate fear of adopting a non palidrum compatable technology. Remember that even webhosting companies are bussinesses and do not want to piss off their users or webmasters. After this last stage Linux, macs, unix boxen, will all become part of computer history and RMS will end up using a typewriter after his ancient pentiumIII running a 10 year old kernel finally breaks down. Picturing abunch of hackers using ancient computers found in the trash with 15 year kernels really frightens me. My guess is it will take just as long as the third scenario to become a reality as it took the as long to switch Windows95 users to WindowsXP. It will be a slow and gradual death.

I do not mean to sound sarcastic or overly down but only a monopoly can pull this off and Microsoft's own stock is laughably over valued and they need to grow %50 a year. This palidrome solution will kill piracy and give them more revenue from ever software company in existance paying royalities to be palidrome compliant. MMMmm money.

With the MPAA and the RIAA as well as the BSA, and yes even intel, it surely will not fail. Intel would love to have every man, women and child to throw out there pc's just to upgrade to the next version of Windows or run a later version of Word. This is why intel and OEMS like HP nearly creamed in their pants when they heard of palidrome. Literally HP is funding this as well as Microsoft. Sick.

Re:The Sky Isn't Falling Yet

[colmore]

The internet wouldn't have changed if netscape had tried.

Nobody trying to make any money on the web will render their services incompatible with user's browsers. Especially if you think about how many corporate surfers (lunchbreak ebay time... why isn't it working?) are using non-Palladium machines to connect. It doesn't matter what's on your desk, it matters what's in the network closet.

I really believe that Microsoft is flushing money down the toilet, or perhaps appeasing investors by saying "ignore those reports of poor security, look at what we're going to do"

They'll need something like a 95% installed base before they can make this into anything other than a "check here to not see this warning again" feature, and that won't happen for at least 5 years, many more if the current slowdown in hardware purchasing is more than a temporary snag (hint: it is, what widely used apps make full use of even two year old systems?)

the hardware upgrade cycle is rapidly moving away from the old 2.5 year average, and that alone will kill any chance of this thing working.

Re:The Sky Isn't Falling Yet

[colmore]

Yes, but we're talking about much more than OSes here, think about how many corporate sites run custom scripts and apps.

Big Biz does NOT want to update their codebase. The Airlines still use traffic control software written in the mid-70s. It is expensive to update custom software.

Secondly, I see a far more likely response to Microsoft's threat of "this site is not safe to visit, tell them to upgrade to IIS" is a massive class-action lawsuit. This tactic amounts to nothing more than a protection racket, and CEOs (once things are explained to them in baby words by IT) won't stand for it.

Regardless, it IS a threat, but only if we roll over and take it. We've got several years to fight this thing, are we men or are we netscape?

Re:The Sky Isn't Falling Yet

[Zathrus]

So what happens if your trusty(trusted?) laptop is stolen and used by an unethical individual

You use secure passwords, right?

Yeah... I know. Scenarios like this tend to fall through the cracks -- either because they don't think about them or because they're "too hard".

Or what if a corporation sells off all it's old palladium systems after an upgrade

That's easier. Let's repeat the mantra - licenses are not transferable.

Go ahead and sell that hardware -- but you can't sell the software! Oh no! That's not yours, you didn't buy it, you just licensed it!

And, in actuality, that works fine for the corporate world where you usually have support contracts. But if the company sold the hardware (with software still installed) to an individual... well, that's another matter. Presumably the company would de-register the IDs prior to selling, but that's another assumption.

Clearly even a closed, proprietary system has holes big enough to drive a truck through. But to some extent it won't matter -- holes like these aren't going to show up immediately, and by the time they do the system may have already been adopted and in too widespread of use to remove.

Re:The Sky Isn't Falling Yet

[JWW]

People are actually very fed up with the upgrade cycle for PC's. You are already seeing the results in the continuing downturn for the PC makers. There is no need to upgrade. By telling users they need a whole new system to upgrade every year you will see a large consumer revolt.

But, I keep hoping that there will be consumer revolts in other areas. Sometime they happen, sometimes they don't. This one really needs to cause a revolt, or the consumer will find themselves (at least in the electronic sense) in chains.

Re:The Sky Isn't Falling Yet

[Mwongozi]

I'm sure there are some region free high-end DVD players out there... anyone want to point some out?

Techtronics (A UK company, but ship abroad) take DVD players, high-end or otherwise, chip them to be multi-region (and usually disable Macrovision too), and then resell them.

Lovely.

Re:The Sky Isn't Falling Yet

[SerpentMage]

Actually In-House is not irrelevant. In fact in-house is the largest part of the pie. MS is popular because in-house developers can use their applications to build vertical apps.

But this does raise an interesting issue. I think MS is trying to do a contain the fire type strategy. Consumer is their cash cow and they are protecting it. Because on the server side this certainly would not fly. Can you imagine having to have corporations sign their own apps (NOT!)

If these assessements are correct then LINUX is actually making headways into the desktop. Who would have known!

Re:The Sky Isn't Falling Yet

[Peter+Harris]

I doubt it too.

Let's take the internet first. To make the internet useless to Linux browsers, a significant proportion of websites would have to refuse to serve pages to them. But most of the servers out there are not Windows machines. Will Apache start enforcing invasive identity checks? Uh, I guess not.

But what about file formats that are only readable using Palladium DRM-controlled hardware decryption? Not HTML, text, PDF, MP3, ogg (both Vorbis and Theora), JPEG, PNG, or practically any other file that is any use.

OK, so the internet (or at least the vast majority of it - for all practical purposes the only bits that matter) will still be here.

Now the hardware. Would you buy a more expensive motherboard that lets you do less? Only if you buy a bundled PC+Windows. A huge market, to be sure, but not the whole market.

And now Wal-Mart is selling OS-less PCs, do you think they'll include (A) a cheap motherboard, or (B) a more expensive one? Answers on a postcard to W Gates, Redmond.

Applications then - GPL software not running on Windows is not such a tragedy. If I can't use the software I want on Windows, I won't use Windows. If a company has 500 OpenOffice users and they have the choice of upgrading from WindowsXP to WindowsFU, but that means they have to fork out for 500 copies of OfficeFU, what's the motivation to upgrade?

What about the on-line services that keep track of all your private information for you? You won't be able to use them from Linux. But do you use them now? Do you WANT to use them?

It's not so much that open source is too big. It's just that it's too robust, diverse and slippery to be attacked successfully with such a clumsy weapon.

Re:The Sky Isn't Falling Yet

[colmore]

There's a difference between a free client that comes with the OS that comes with the Dell, and a $100,000 upgrade for every server in the company.

This is a problem that will be dealt with on the server level, and corporate customers, while certainly not beyond being sold by MS' bullshit, are far less sheeplike than their customers. Especially when we're dealing with tons of money.

Also, another factor that I hadn't considered. If a formerly Linux based webservice has to make the switch to IIS, they will likely have to replace or retrain their entire IT department, which in many cases, could be almost the entire company. People cost much more than software, and MS may well be offering struggling e-businesses little more than a chance to go bankrupt.

Re:The Sky Isn't Falling Yet

[WEFUNK]

Need I break out browser market share statistics from 1996?

Not sure which point you're trying to make. Since 1996 the previousy dominant browser (Netscape) has been completely toppled by the "upstart" (IE).

Is Open Source the "upstart" this time, or is Microsoft (vs. Apache etc.), or are you just trying to show that Microsoft is a ruthless and successful competitor?

Browsers were an easy target for Microsoft: relatively simple applications, growing market, and they were already a user interface powerhouse. The same can't be said about security - sure they have lot's of money and brainpower to throw at it, but they've had these resources for years and still churn out crappy results.

Also, hardware solutions will require significant buy-in from hardware vendors - already cautious (and often outspoken) about being beholden to Microsoft. Again, Microsoft could use their cash reserves to enter this market themselves but they really don't know it, they would destroy the backward compatibility they build each new generation on (the lock-in effect that creates barriers to new competition), and hardware margins (a la XBox) would so severely alter their profit model that their stock multiple would be cut to absolute smithereens.

Such a strategy sounds like a last resort to salvage a sinking ship. If that's really the case (that they're going to take this course of action), I think we've underestimated how much of a threat they consider Open Source to be and just how uncertain their near-term future may be.

Re:The Sky Isn't Falling Yet

[swb]

Can you imagine having to have corporations sign their own apps (NOT!)

This does make some sense -- we get applications all the time from parent/sibling entities. Naturally we trust them because we're part of the same overarching business entity, but should we?

It might also have value for internal security if the signing mechanism allowed for hierachical keys and a true cryptographic system. As an added layer of security an application or data might be completely encrypted unless your machine/key decrypted it.

I think it might appeal to some IT organizations which have third-party security concerns (defense, healthcare) but I think it might also just seem like a lot more baggage than necessary to other IT organizations for whom security is a more secondary concern.

Re:The Sky Isn't Falling Yet

[NutscrapeSucks]

What MS is attempting to solve here is "how can I trust party X out there? How do I even know that party X is party X? And how can I trust party X not to share my private information with party Y?"

The classic application of "trusted systems" of the sort you describe are used in security-sensitive government systems. Places where you have to avoid mixing your "secret" and "top secret" information with your e-mail.

In-house is irrelevant. That's not what this is marketed/designed toward.

The Newsweek article the other day reported that MS is planning on marketing this stuff first to government, second to corporations, and finally to consumers. It could be a real win for the first two. For consumers, it had better provide something beyond just prohbiting you from copying MP3s.

Re:The Sky Isn't Falling Yet

[colmore]

Yes, it's important to read the author's bias. And with this guy, it's clear that you're getting nothing but pure 100% pro-Linux opinion. Reading about an MS product here is like reading about a new Kernel release on MSNBC.

Everyone is biased, but some more than others. By refusing to even spell the competition correctly, he's doing nothing but hurting his point. How seriously would you take an article that says "Linsucks" or something like that. He's killed any chance he has at making an impact by preaching to the choir.

Re:The Sky Isn't Falling Yet

[colmore]

Funny, immediately after you posted that I changed my sig (no good reason, just wanted to)

But yes, Neutral Milk Hotel's "In the Aeroplane Over the Sea" is the most increadible album of all time.

Re:The Sky Isn't Falling Yet

[Nygard]

Another thing I noticed is that this whole "Palladium" is still speculative vaporware. It's as if Microsoft wants *us* to define it with our hopes and fears, or as if they heard of another meme and wanted to claim that they thought of it first.

That's a very good point. I think that's exactly what they did with .Net. They announced a bunch of vague stuff a few years ago and listened closely to whatever dreams people projected onto the formless name. Then they built that, or at least relabeled other things to fulfill the half-expressed wishes that they got back from the community.

It's like marketing by sonar. Send out a flat ping, and see what shape it takes when it reflects off of the industry.

Re:The Sky Isn't Falling Yet

[StevenMaurer]

What if your online bank rejected non-WindowsDRM compliant Operating Systems?

I'd change banks. More imporantly, most non-techies who run older Windows operating systems that don't have this "WindowsDRM" built in would do the same thing. The online bank, having done some marketing due diligance beforehand, would know this and not even attempt such a silly restriction.

What a lot of people don't realize is that even without Open Source, Microsoft is presently loosing one of its greatest assets - the implicit channel from PC turnover. At one time, they could just foist any old technology into the market by including it as part of the latest OS, and counting on the high rate of PC turnover to cause its widespread adoption. Now, due to the fact that hardware is not obsolete the second you bought it, people just don't upgrade like they used to.

Twenty years from now, online banks and other net vendors will likely still have a significant percentage of end users who have twenty-year-old machines. Even if they had absolutely no qualms about placing their entire business at the mercy of Microsoft (which has built a track record of competing with their "customers"), there is no incentive for them to cut out such a significant portion of their customer base.

Re:The Sky Isn't Falling Yet

[leandrod]

under the new security system, GPL programs will not be able to be "trusted" by MS' hardware/software security system, so GPL based systems (like Apache web servers) will become unusable

First, Apache is not GPL’d.

Second, the guy mentioned (GNU) GPL as an instance of copyleft. MPL and GNU LGPL would be other affected licenses examples.

Third, the difference between merely free (or the Marketspeak ‘Open Source’) and free and copylefted software in this issue is that it affects copylefted software more drastically. Because with free, non-copylefted software like Apache, a company like Covalent can – and actually already does – take the free code and release proprietary, DRM-compliant binaries. Incidentally, that would kill most of the incentive to develop Apache as viable competition to MS IIS, but Microsoft will try hard to cover the fact in Congressional hearings and media events.

It would still possible to take GNU GPL code and generate supported, DRM-compliant binary distributions – too bad one wouldn’t be able to use the source code he earned by getting the binary to compile a DRM-compliant version customized to his needs. It is this restriction which would all but kill GNU GPL’d software.

Re:The Sky Isn't Falling Yet

[Christianfreak]

for ms-loving companies that don't have the budget of ebay it might not be worth it to go against ms's plans without prodding. who knows.

Those are the companies that will win it for us if something like this happens. They don't have the money to "upgrade" to MS and all its wonderful lisensing practices. Its the Ebays that we have to worry about because thats where most people go and that's the people with the money to roll with whatever MS wants.

Re:The Sky Isn't Falling Yet

[markmoss]

Microsoft is taking the stance that the only way to do it is to have a centralized authority, hardware encryption, and trusted systems. The problem with this is that it must be closed source. Wrong. Since you send the same programs to everyone, you have to assume that eventually all weaknesses in them will be found and exploited. To maintain a secure system, you must depend not on obscurity in the methods, but on keys, which are secrets that are different for different people, and which are changed frequently.

The problem is that properly handling keys becomes a vast PITA. Each person has to get their own set of keys and distribute the public part of them to everyone they deal with. Then you've got to periodically change your keys and re-distribute the public keys. And somehow the recipients have to verify the new keys really came from you. It's such a PITA that pretty soon 90% of users are taking shortcuts that will open their system up.

For an example - in a venue where people were much more professional and security conscious than the average user - in WWII, the Germans had a coding machine, Enigma, that was almost but not quite unbreakable with the technology of that time. Cracking it did take long enough that if the entire Wermacht had stuck to the proper procedures, codes would have been changed before they were cracked and any messages we did finally decode would have been far out of date. Where the process was controlled by anal Prussian officers, (the Army especially) it really was that hard to crack the code. But many of the Luftwaffe and Nazi operators fell into bad habits, so they were cracked easily. Then the codebreakers would look for messages that were passed to and re-transmitted by other departments, and used those known messages as a wedge to crack the other departmental codes. We couldn't prevent surprises entirely, since all codes would be changed in preparation for operations like the Battle of the Bulge, but most of the time we had a lot better idea of what the Germans were planning than they had of our plans.

Re:The Sky Isn't Falling Yet

[MrResistor]

What MS is attempting to solve here is "how can I trust party X out there? How do I even know that party X is party X? And how can I trust party X not to share my private information with party Y?"

The vast majority of users don't care. If they did we wouldn't have all these virii running around, because people would actually think before they opened email attachments.

Some admins care (not all, unfortunately), and they should know enough to be wary of trusting their security solely to an MS solution.

Re:The Sky Isn't Falling Yet

[at_18]

For example flipdog.com, a really cool jobsearch tool, doesn't support mozilla/netscape's browser and because they have faulty code from an old version of dreamweaver (so turning it in to bugzilla doesn't work) mozilla won't work (ironically it's only two lines of javascript that need to be changed!).

You can use a filtering proxy to change those javascript lines on the fly. On Windows, the Proxomitron is really good. It's mainly an ad-removing proxy, but can search&replace for any string you want inside html pages.

Re:The Sky Isn't Falling Yet

[colmore]

That's a much more apt and dangerous comparason, but it can be argued that Word beat WordPerfect with features. (WordPerfect isn't really very good software, and back before I knew that I was supposed to hate Microsoft, I really did prefer Word ;-) )

Though you also have to remember: Microsoft got people to switch over from WordPerfect by having great compatibility with the WP format. They made the transition painless. Here, they're doing just the opposite.

Re:The Sky Isn't Falling Yet

[Lonath]

FYI: there is NO source for accurate, unbiased information.

Why should I believe you? You sound like you have an "agenda". :P

But seriously. I live in the Washington DC area, and this is why I read the Washington Post and the Washington Times. It's quite enlightening reading about the same things with two drastically different biases.

Re:The Sky Isn't Falling Yet

[nagora]

And with this guy, it's clear that you're getting nothing but pure 100% pro-Linux opinion

Tom is pro-linux but the article lays out his thinking is a reasonable, logical way. What part of that chain of logic do you feel is invalidated by mis-spelling Microsoft?

One flaw in your argument is that "fair" means never deciding anything. If I weigh up the OS options and say "This one is a trap to suck money out of me and this one isn't but is harder to use" what exactly is your problem with that?

Having made an informed choice is not automatically the same as being biased.

TWW

Re:The Sky Isn't Falling Yet

[David+Gerard]

People buy "crappy DVD players" that happen to have region free hacks because they're cheap, not because they're region free. 99% of the US market couldn't care less about non-region 1 DVDs.

Whereas outside region 1, being region-hackable is a major marketing point for a DVD player. Even if they're probably not allowed to say so out loud in the ad. The general citizenry consider region-encoding a PITA not to be tolerated. So they don't.

Re:The Sky Isn't Falling Yet

[Junior+J.+Junior+III]

One thing to keep in mind is that MS is only able to keep its monopoly through the forced-upgrade cycle if it preserves interoperability.

If they suddenly cut off 90% of the user base who doesn't adapt right away from even being able to connect to a webserver, it could result in a fragmentation of both the marketplace and the internet -- you might have a "trusted" MS-only network competing with the established anarchic net that we're used to. This smaller "trusted" network would have a hard time competing unless there was substantial compromise for the sake of interoperability with the established net.

Who will 'force them'??

[Clansman]

People, ie my Dad, will use whatever comes on their pc which will be sold with a sticker saying 'more secure web security in this box'.

He will use online vendors that support the new web security etc in this box.

The vendors will use windows servers because they help deliver that security.

Vendors will only use linux boxes if they can do the same thing as the market leader. This has always been true with linux, even in markets where ms was not the leader.

Re:Who will 'force them'??

[CynicTheHedgehog]

So? How does this affect you? Honestly, Microsoft can never "kill" open source because it's open. It's always there for you to use, modify, and redistribute. So what are you all worried about?

Keep coding, use what you want to (that's the great thing about open source), and let the rest of the world be.

This isn't a pissing contest. It's subversive passive aggression.

Re:Who will 'force them'??

[vidarh]

Well, if your new PC refused to run binaries that weren't authenticated, that would pretty much kill open source if the authentication process was difficult enough. But it would also never catch on.

Re:Who will 'force them'??

[SomeoneGotMyNick]

I doubt this is an assumption that ALL future PC hardware will be Palladium enhanced. I'm certainly not going to buy such hardware. I'll nurse my Duron till the chip breaks down to sand before I upgrade.

Re:Who will 'force them'??

[vidarh]

They don't need to get all. They need to get many enough that they can issue a new version that refuse to talk to machines without this new "security" feature. If you suddenly find yourself unable to connect to, e-mail, retrieve web pages or exchange files with, say 70% or 80% of all machines out there, your computer would suddenly be quite a bit less useful.

Be very afraid of Microsoft.

But as I said, I don't think they'll succeed, exactly because enough people ARE afraid enough of Microsoft to fight things like this.

Re:Who will 'force them'??

[CynicTheHedgehog]

Whoops. I just re-read the article and I realized I missed that part. Pretty slimy, but hey, even if Intel and AMD get in the game there's still Apple, IBM, and Sun to mess with. I know that IBM and Sun won't go easily, and considering the popularity of their hardware and software on the server side I think that Microsoft may end up castrating itself, especially in the corporate arena where Linux and open source software are gaining momentum. And who can say what will be in place in 5 years, when the system is complete? Hell 5 years ago nobody knew what Linux was. If current trends continue (both in terms of software improvement and adoption), Microsoft is either going to have to make concessions for GPL stuff or just give it up.

Re:Who will 'force them'??

[rseuhs]

If your new PC refuded to run unauthenticated binaries, that would pretty much kill Windows.

Let me explain:

IMO, the only thing that keeps Windows going is that people have so much software lying around that they have a hard time switching.

Now if the first PCs with this limitation come to the market that force you to replace all your software many would just switch to Linux because your software will become worthless sooner or later if you stay on Windows.

And if Microsoft is stupid enough to enforce Palladium in their OS, Wine/Linux will have BETTER WINDOWS COMPATIBILITY than Windows itself.

Re:Who will 'force them'??

[Tim+C]

Of course you can live with it - until it breaks.

Then what do you replace it with?

That's not even considering all of the software that you won't be able to run, some of which you might actually need.

Cheers,

Tim

Re:Who will 'force them'??

[vidarh]

You don't get it. Of course they won't make new PCs refuse to run unauthenticated binaries right away. That would of course kill them.

The "safer" way for Microsoft, is to make their next version of Windows warn you whenever you try to do something "unsafe". Imagine if each time you connect to a webserver not running this security stuff, you get a window saying that you are connecting to an insecure site and that you should ask the site operator to upgrade to a secure system.

Then give users the option of blocking unsafe sites permanently.

Then after somewhere around 70-80% of all systems are "secure" they issue an upgrade that make your machine refuse to deal with unsafe data by default, hiding an option deep down in Windows to allow it. Possibly allowing you to "self authenticate" old applications.

After a while, you then make the authentication mandatory.

This has the possibility of working, if they aren't met with solid opposition from the start, and if they have the sense to do it gradually enough to not alienate too many people.

Keep in mind that Windows is based on obsoleting things. There's so much old software that stops working between versions of Windows, that that argument simply don't hold - your Windows software WILL become worthless sooner or later, but people still stick with it.

And as for switching to Linux, you might not have that option, as the entire point about Palladium was that it is mean to be enforced in hardware via alliances with Intel and AMD (for now).

Microsoft may be evil, but they aren't stupid... People can't afford to take the risk of discounting their ideas.

Re:Who will 'force them'??

[vidarh]

That doesn't matter. The majority of websites are tested so that they work with IE. If IE changes to give a massive security warning whenever you connect to a non-Windows website, a lot of them WILL switch.

And if Windows starts blocking network connections to "insecure" (that is, non-Palladium enabled) websites, then most of them WILL switch, or disappear.

Re:Who will 'force them'??

[extrasolar]

"As long as Windows is the primary gaming platform of x86, Linux will never become the dominant home OS."

Come on. Most people don't give a fsck about games or the latest version of flight simulator.

Most people don't buy computers to play games. They buy gaming consoles to play games. They buy computers to do that four letter word that begins with a "W" and ends with an "ork".

Re:Who will 'force them'??

[WolfDeusEx]

I see one problem, and that is that microsoft don't have domiance in the server market. So imagine that you are a simple windows user that surfs the web. You will get soon get pissed of with you new windows when it keeps telling you that nearly every website is inscure even those that say they are. I.e using SSL

Re:Who will 'force them'??

[rseuhs]

You don't get it.

Oh really?

Of course they won't make new PCs refuse to run unauthenticated binaries right away. That would of course kill them. The "safer" way for Microsoft, is to make their next version of Windows warn you whenever you try to do something "unsafe". Imagine if each time you connect to a webserver not running this security stuff, you get a window saying that you are connecting to an insecure site and that you should ask the site operator to upgrade to a secure system.

I imagine lots of pissed users and lots of suspicious users and lots of users who have lost their confidence that the next Windows will allow them to pirate.

A message like this can be translated to: "Microsoft is watching you" - Thing is, people don't like to be watched when they download warez, mp3s, porn and divx-movies.

People will avoid any system that has sub-par mp3/porn/divx/warez capabilities and will switch to something else (*gasp* Linux) if Windows loses these capabilities or gives hints that the next version will lose them.

And as for switching to Linux, you might not have that option, as the entire point about Palladium was that it is mean to be enforced in hardware via alliances with Intel and AMD (for now).

Linux runs the majority of servers, so Intel and AMD will support Linux, no matter what Microsoft sais.

Microsoft may be evil, but they aren't stupid...

LOL. Yeah, that's why I see Hailstorm-websites all over the web. And Bill Gates surely didn't say anything stupid when he claimed "Internet will never be popular [and will get killed by proprietary MSN]". Or look at XBox which is the most innefficient and expensive gaming system on the planet. Microsoft is the only one losing huge amounts of money, yet they are at last position compared to Gamecube and PS2.

Face it: Microsoft is probably the most incompetent company in IT. The only thing that gets them going is endless backwards-compatibility with their x86-desktop domination. (which dates back to 1981)

People can't afford to take the risk of discounting their ideas.

Wrong, people should start discounting their ideas.

Microsoft marketing works like this:

"We will release product xy next year"

Then people LIKE YOU come around and scream "the sky is falling!", "Microsoft is evil", "boycott this product, it will destroy competition!"

To Joe Average this all sounds like "Product xy will become the standard and all alternatives will become unsupported." -> Joe buys product xy. I wonder how many people have bought a XBox because they thought it would become "the standard" which was told so often all over the net. It's amazing how XBox sales figures dropped after it became clear that PS2 won't be dethrowned. Even in the USA XBox fell behind Gamecube.

Nobody likes to be a mayrtyr, people like you are Microsoft's greatest marketing asset. Actually they don't have to do much marketing, people like you do it for them.

I'm very thankful for Microsoft releasing the XBox, because it will fail so badly that Microsoft will lose their standard-setting image. (Microsoft had many blunders in the past like Windows/Alpha, MS Bob, Hailstorm, etc. But XBox will be first the average customer will know about) In the post-XBox era, Microsoft will have to actually deliver something more than a press release to convince people of future standards.

Re:Who will 'force them'??

[vidarh]

Yes, you will get pissed of. But who will you complain to? If Microsoft does their homework, ordinary users will complain to the webmasters, not to them.

Perhaps going straight to a warning for all sites will be too tough. Start with a "This site is insecure" symbol in the status bar". Then warn all site owners about what will happen later. A large chunk will start looking at it - at the very least the people operating Windows web servers.

Now, if they then do introduce the warning, users will certainly notice that they don't appear for all sites, which will make it even more likely that they will complain to the webmaster (or just stop using the site), than to Microsoft.

Re:Who will 'force them'??

[vidarh]

LOL. Yeah, that's why I see Hailstorm-websites all over the web. And Bill Gates surely didn't say anything stupid when he claimed "Internet will never be popular [and will get killed by proprietary MSN]". Or look at XBox which is the most innefficient and expensive gaming system on the planet. Microsoft is the only one losing huge amounts of money, yet they are at last position compared to Gamecube and PS2.

Face it: Microsoft is probably the most incompetent company in IT. The only thing that gets them going is endless backwards-compatibility with their x86-desktop domination. (which dates back to 1981)

If Microsoft is the most incompetent company in IT, then how come they have 40 billion USD in the bank, and by market cap is still the largest company in the world?

They may not be doing stuff that you and I think is good, but calling a company that has managed to grow from nothing to the largest company in the world in the timespan Microsoft has "the most incompetent company in IT" is ridiculous.

Wrong, people should start discounting their ideas.

Microsoft marketing works like this:

"We will release product xy next year"

Then people LIKE YOU come around and scream "the sky is falling!", "Microsoft is evil", "boycott this product, it will destroy competition!"

And thanks to people LIKE ME, Microsoft doesn't always succeed with their most outrageous ideas, because people are made aware that Microsoft isn't looking out for their interests, but are trying their best to screw them.

Nobody likes to be a mayrtyr, people like you are Microsoft's greatest marketing asset. Actually they don't have to do much marketing, people like you do it for them.

That's bullshit. People telling consumers that what Microsoft does will infringe on their freedoms and take away their options is not good marketing for Microsoft. What is much better for Microsoft are people like you trying to discount the concerns by saying it won't be a problem. That leave people open to believe Microsofts marketing, because they see no vocal opposition.

I'm very thankful for Microsoft releasing the XBox, because it will fail so badly that Microsoft will lose their standard-setting image. (Microsoft had many blunders in the past like Windows/Alpha, MS Bob, Hailstorm, etc. But XBox will be first the average customer will know about) In the post-XBox era, Microsoft will have to actually deliver something more than a press release to convince people of future standards.

As for XBox etc. Microsoft has had tons of mediocre performing products and services, and has sunk hundreds of millions into failed ventures before, including a series of dot-coms. Some of them were quite high profile failures. X-Box won't be the first, and unlikely the last.

Microsoft doesn't set standards by press release. Microsoft sets standards by buying out key players, by leveraging their monopoly situation (hence the findings of facts in the anti-trust trial, showing that they did break the law), by sinking millions or billions into marketing and sales of products that will never turn a profit (Internet Explorer, anyone?), or that will only turn a profit after years of losses.

As much as I despise Microsoft, I think you're naive if you think Microsoft is incompetent, and I think you're naive if you think Microsoft will fail. They may end up losing their hegemony on OS front some day, but the OS is only a small share of their profits, and a decreasing one at that.

What you're seeing these days are Microsoft frantically trying their hand at everything they can to gain foothold in new niches: Mobile devices, PVRs, set-top boxes, gaming consoles, media companies, travel, trust services, transaction handling and more.

I don't think Microsoft particularly worry if they EVER make a profit on XBox. Regardless of whether they make a profit, it will strengthen their brand as a viable source of electronics devices or appliances, and may allow them easier entries into other, related markets - this is the kind of integration of products and marketing that Microsoft is best at (and much better at than they are at technical innovation).

Even so, I doubt XBox will flop if Microsoft really care about it. Microsoft make enough money to give the damn thing away for free, and still stay in the black. They can easily destroy the console market and crush both Sony and Nintendo in a price war if they see the game console market as important enough to justify it - 40 billion USD could cover quite an amount of free XBox units.

What is more likely though, is that XBox will do ok, but not magnificently well, and Microsoft won't sink too much in it, just as with WebTV and Ultimate TV, and they'll use it primarily as a learning experience, and wait for their major cash expenditure until a) they know the market, and b) they have weakened their opponents more by fear, uncertainty and doubt (by the very threat of a massive Microsoft war campain against their competitors).

Re:Who will 'force them'??

[rseuhs]

If Microsoft is the most incompetent company in IT, then how come they have 40 billion USD in the bank, and by market cap is still the largest company in the world?

I knew that would come.

They have the DOS/Windows-domination that gets them bilions of $ per year. It's natural that you become lazy, incompetent and ignorant when you get so much money "automatically". In the 70's and early 80's they were not like that, but right now, they are.

And thanks to people LIKE ME, Microsoft doesn't always succeed with their most outrageous ideas, because people are made aware that Microsoft isn't looking out for their interests, but are trying their best to screw them.

You are funny. You really think that anybody believes that MS is looking for their interests. People are not that dumb. Get off your high horse.

That's bullshit. People telling consumers that what Microsoft does will infringe on their freedoms and take away their options is not good marketing for Microsoft.

That depends on what freedom. If it's freedom to choose competition, it's the best marketing Microsoft can get. People like choosing from multiple vendors, yes, but they don't like being left in the cold with an unsupported product. So when you convince somebody that product xy will monopolize the market, it's a *PRO* argument to buy it. Even if the customer would like competition. (It's a prisoner's dilemma)

What is much better for Microsoft are people like you trying to discount the concerns by saying it won't be a problem. That leave people open to believe Microsofts marketing, because they see no vocal opposition.

I'm not saying "it won't be a problem when you use it", I'm saying "it will be irrelevant and not become a standard". Big difference.

Microsoft has had tons of mediocre performing products and services, and has sunk hundreds of millions into failed ventures before, including a series of dot-coms. Some of them were quite high profile failures. X-Box won't be the first, and unlikely the last.

But it will be the first one visible by the public. All other failures are usually known only by IT-experts, but XBox will be a failure EVERYBODY will know about.

Even so, I doubt XBox will flop if Microsoft really care about it. Microsoft make enough money to give the damn thing away for free, and still stay in the black. They can easily destroy the console market and crush both Sony and Nintendo in a price war if they see the game console market as important enough to justify it - 40 billion USD could cover quite an amount of free XBox units.

Translation: Don't buy from Microsoft competitors. Their products are doomed, you will end up with an unsupported product. Buy an XBox, it will stay around forever.

You did it again. You might hate Microsoft, but Microsoft loves people like you because of the FUD you spread about non-Microsoft products. Ever heard of self-fullfilling prophecy?

You know what FUD is, right?
Fear about no more games, Uncertainity about the platform being available, Doubt about the company being able to compete with the allmighty Microsoft empire. People give shit about morals. They don't care about the point you are trying to make, they only see the FUD you spread about non-MS products.

And the best thing is that Microsoft doesn't even have to pay you.

Fact remains that
- They can't give away XBox because it's hardware.
- Even if it were available for free, people would still prefer the PS2 because it has more, cheaper and better games
- The PS3 is coming and will take away the only thing going for the XBox (technical advances in the 2 years it came out after the PS2). And MS can't release a new console every 2 years because that would piss off customers even more. So when the PS3 comes and XBox hasn't reached more marketshare than PS2, the game is over.

So, no, Microsoft can't destroy the console market. PS2 sales didn't even slow down during the XBox release and XBox is essentially dead in Japan (They will sell the 250000 units they wanted to sell in the first month in the first YEAR) and dying in Europe.

Microsoft makes more losses per unit than expected and sells less units than expected. XBox has failed against PS2 and PS2/3 is threatening the low-end Home Windows-PC.

Re:Who will 'force them'??

[MrResistor]

No, kids buy gaming consoles to play games. I'll bet you can't name 5 people over 30 who own their own gaming console.

Adults buy computers for games and email, and use that four letter word to justify the cost.

Re:Who will 'force them'??

[MadAhab]

It's worth pointing out that this is one of those times it's a good thing the USA isn't the entire world. The rest of the world is unlikely to settle for this kind of overt domination.

Then again, the US, an allegedly democratic country, just decided to un-democratize internet broadcasting by legislating rules so that no one can challenge the current market leaders. And people are taking it, because they don't realize what they've lost. FUCK THE RIAA. Hillary Rosen is a cunt.

Re:Who will 'force them'??

[MrResistor]

So in other words:

Everyone will have this autentication code, a number which marks all of their interactions with the rest of the world, and no one will be able to buy or sell unless they have this mark^H^H^H^Hauthentication code.

Where have I heard this before?

Re:Who will 'force them'??

[Jeppe+Salvesen]

The "this software is dangerous" warning does not cut it. There needs to be a sandbox of some kind, to prevent a worm or something worse but not yet created from wreaking havoc.

Re:Who will 'force them'??

[MrResistor]

More than 90% of folks use Windows for the desktop

This can change. I'm doing my part by refusing to install pirated copies of MS software when I build computers for people. If they want Windows and MS Office, they'll have to buy it or find it and install it themselves. I firmly believe that the popularity of MS software among home users is due to the ease of finding pirated copies. I inform them of the available options and how they compare with the MS software they're used to using and let them make that choice.

Before anyone flames me with the typical whining about how Linux is "too hard" for the average user to understand, let alone configure, let me point out that these are machines that I am building by hand. I install the OS, I install the software packages, I do the configuration, and I come to their house to set it up and help get them started with the basics of using their new machine. For me, Linux is actually easier on the install end. I use SuSE Pro, and the tools they give me to manage the process far excede anything Windows has to offer. No CD shuffle, no endless reboot cycle, no searching for drivers, because its all right there on my bootable DVD. On the users end it rarely makes a difference, it'll take them just as much time to get going in Windows as it will in KDE.

NFS (forgot new name)

You mean SMB, which is now called CIFS. NFS has always been a *nix thing, and SMB was created to give non-*nix OS' similar functionality.

If your boss sends you a Word Doc that you can't open, what can you do?

Well, I would tell my boss to quit sending me this crap at home, where I use Linux. If he really wants me to work at home, and he'd have to be willing to pay me extra for it, then he needs to provide me with a system and software to do that. At work I use whatever I'm given, so that sort of issue should never come up. At home, though, he's interfering with my time with my family, and I'm sure as hell not going to bend over backwards to facilitate that. If he wants some of that time, he's going to have to bend over backwards to make it painless for me.

Re:Who will 'force them'??

[vidarh]

They have the DOS/Windows-domination that gets them bilions of $ per year. It's natural that you become lazy, incompetent and ignorant when you get so much money "automatically". In the 70's and early 80's they were not like that, but right now, they are.

Windows isn't Microsofts main income stream. Microsofts revenue base is getting very diverse, but their largest single revenue stream is from Office, not Windows. Even if Microsofts stopped getting a single cent per Windows installation tomorrow they would still make a profit.

You are funny. You really think that anybody believes that MS is looking for their interests. People are not that dumb. Get off your high horse.

I don't believe that anybody believe that, I know that a lot of people believe that. Stop being naive, and read up on brand recognition and attitudes towards Microsoft - they are one of the most popular companies in the US, and has a huge following of consumers that see Microsoft as a company that is the embodiment of the American dream. That you and I don't like them won't change that fact.

That depends on what freedom. If it's freedom to choose competition, it's the best marketing Microsoft can get. People like choosing from multiple vendors, yes, but they don't like being left in the cold with an unsupported product. So when you convince somebody that product xy will monopolize the market, it's a *PRO* argument to buy it. Even if the customer would like competition. (It's a prisoner's dilemma)

I agree that if you convince somebody that it's choose Microsoft, or lose out, then yes that is good for Microsoft. However what I am saying is completely different. What I am saying is that if you choose Microsoft you will lose choice and you will lose personal freedoms and you will lose privacy, and that if you don't choose Microsoft you will help ensure that they are unable to pull this off.

I'm not saying "it won't be a problem when you use it", I'm saying "it will be irrelevant and not become a standard". Big difference.

You are still pretending that people don't have to worry about it, and people should - it will fail if people worry about it and dislike it enough to actively choose not to support it. If people don't care, then Microsoft WILL get the market penetration they need for this, because they'll be able to put it in every single version of Windows that goes out to consumers.

But it will be the first one visible by the public. All other failures are usually known only by IT-experts, but XBox will be a failure EVERYBODY will know about.

What makes you believe that? How will it be a highly visible failure compared to all their other failures? If there's one thing all their other failures should have taught you, is that nobody cares as long as Microsoft keeps being one of the most profitable companies in the world.

Translation: Don't buy from Microsoft competitors. Their products are doomed, you will end up with an unsupported product. Buy an XBox, it will stay around forever.

No. Translation: If you really believe that Microsoft care enough about XBox to want to own the console market that they are willing to spend billions on it, then they will own it, however the comparatively small amount they are spending on it indicates that they don't currently see it as a big focus, so you have no reason to not buy from competitors yet. However, if Microsoft does reasonably well now, they WILL be willing to pour more money in XBox or its descendants in the future. In other words: If you actively oppose Microsoft now, by choosing a competitor instead, there's a greater chance that you will still have a choice in five years time.

You did it again. You might hate Microsoft, but Microsoft loves people like you because of the FUD you spread about non-Microsoft products. Ever heard of self-fullfilling prophecy?

You obviously still don't understand what I am saying (or you don't understand what a self-fullfilling prophecy is), or you would have realized that this is the opposite of a self-fullfilling prophecy. If I had been saying that Microsoft is doomed to win, so lets all just forget about their competitors, then that would have been a self fullfilling prophecy. However what I'm saying is that to ensure that Microsoft lose, you must fight them every step of the way, because the consequences you'll suffer if you allow them to win will be bad for all of us. You know what FUD is, right? Fear about no more games, Uncertainity about the platform being available, Doubt about the company being able to compete with the allmighty Microsoft empire. People give shit about morals. They don't care about the point you are trying to make, they only see the FUD you spread about non-MS products.

I don't spread FUD about non-MS products. However neither do I try to convince people that if they just pretend that MS isn't a threat they'll go away. Face reality and stop being so naive: The IT industry is in the sorry state it is exactly because so many companies believed that Microsoft wouldn't be a threat to them.

The number of companies that have been driven out of business because they thought that THEY would be able to compete with Microsoft just because their product is better is staggering. You don't fight Microsoft just with a better product, you need to counter their marketing, counter their FUD, counter their illegal monopolistic activities, fight them in court and in general fight them on all fronts.

Fact remains that - They can't give away XBox because it's hardware.

Since when did it become impossible to give hardware away? Funny, I've received hardware for free as part of promotions more than once in the past (though nothing as expensive as a games console, granted).

If Microsoft thought it worth the money, of course they could. Besides, they could give it away with the purchase of X number of games, say 2-3, thereby instantly offsetting part of their loss.

There are two reasons why they aren't currently doing this: 1) They don't want to commit that kind of money, because XBox isn't that important to them at this stage. 2) People who are willing to pay are likely more willing to pay for games, thus they are much more likely to make money on these people in the long term.

- Even if it were available for free, people would still prefer the PS2 because it has more, cheaper and better games

Some people would prefer the PS2, sure. However who cares about the hardcore gamers, if millions of people who never otherwise would have bothered to get any game console suddenly get an XBox? Game publishers care almost exclusively about volume. Thats why the PS2 is currently better served. If Microsoft changed that, then the game situation would change quickly.

Besides, if Microsoft were ready to really push XBox, what would a few billion to buy a few of the major game publishers and can PS2 and Gamecube ports be to them?

- The PS3 is coming and will take away the only thing going for the XBox (technical advances in the 2 years it came out after the PS2). And MS can't release a new console every 2 years because that would piss off customers even more. So when the PS3 comes and XBox hasn't reached more marketshare than PS2, the game is over.

You only demonstrate that you don't know the console market. No company has managed to maintain dominance for extended periods of time - dominance has shifted back and forth between multiple players so many time it's getting ridiculous. But if anyone knows how to milk customers through expensive upgrade cycles, it is Microsoft. After all, that is how they've managed to grow this big in the first place.

So, no, Microsoft can't destroy the console market. PS2 sales didn't even slow down during the XBox release and XBox is essentially dead in Japan (They will sell the 250000 units they wanted to sell in the first month in the first YEAR) and dying in Europe.

Your logic doesn't hold. You are saying that because XBox hasn't made much of an impact, Microsoft can't destry the console market, but you are blatantly ignoring what I said: That Microsoft don't care about the console market, because if they did they would have spent real money on it, and followed their usual tactics: Aquisitions, agressive price cuts on key products to establish a market hold, and bullying OEMs.

Microsoft makes more losses per unit than expected and sells less units than expected. XBox has failed against PS2 and PS2/3 is threatening the low-end Home Windows-PC.

So? Microsoft is still losing so little on XBox in total that they could sustain XBox indefinently AND ramp up investment in it just from interest payments on their cash holdings.

To sum up: Alerting people to the threat that Microsoft is is not providing marketing for Microsoft any more than claiming that saying people need to fight to overthrow a dictator would be providing marketing for that dictator.

Do you seriously think that people shouldn't fight out of fear for making people capitulate? Because that is the most obviously self fulfilling prophecy of all.

Re:Who will 'force them'??

[vidarh]

Of course it doesn't stop anything. But it would be a way to push adoptation without making it too painful for the users - if they make it too painful for the users, they won't accept it. At the same time, if they make it painful for people not to adopt it, many will. They can do that by ensuring that major internet sites that don't adopt it for instance will be met with a deluge of complaints from users.

Re:Who will 'force them'??

[MrResistor]

Well, my wife doesn't know anything about computers and doesn't want to. She leaves the cumputer stuff to me and doesn't question my decisions in that area. So long as she can get her email, read the few sites she visits, and occasionally print something, she's perfectly happy. Similarly, I leave home decorating to her and don't question her decisions in that area, and as long as she doesn't mess with my desk or put my guitars somewhere I can't get to them easily, I'm happy. This arrangement works out pretty well for both of us, as I expect slight variations would for most married couples. Chances are, if your SO knows enough about computers to be a part of that decision making process, they should know enough to understand the issues involved without your having to bring up pr0n, mp3 and divx will likely suffice.

Re:Who will 'force them'??

[extrasolar]

Hey, if you consider the web a game, then you win. People do buy computers to surf the web.

But I am tired of the "games move the industry forward" nonsense.

Re:Who will 'force them'??

[MrResistor]

And regarding what system you use at work: I bring my laptop (w/Linux) to work for my personal use. I have had an office supplied PC in the past, but we're able to install Linux there if we choose. Why not, you're the only one using the computer, right? =)

Unfortunately I'm rarely given that choice. The last company I worked for let me build a linux fileserver for them, and as far as I know they're still using it happily, but Linux was not a viable option for the desktop there. Our main function was 3d CAD, an area where Linux is sorely lacking, and a switch to Linux/Pro-E would have been more expensive than Win2k/SolidWorks, even if we were starting from scratch.

I haven't gone past RH 7.1, but a RH 7.1 w/Ximian Gnome system I'd say is in fact easier to use than Windows. Especially for updating and installing programs (Red Carpet). Install, IMO, is very easy as well - even custom isn't difficult. And remember, the slight learning curve with this system matches that of any new windows user, at least IMO

SuSE has been really easy since 7.1, when YaST2 and YOU got 'finished', but 6.3 (the previous release I tried) was like pulling teeth, at least for a newbie like me. I think most of the major distros pulled the install/upgrade thing together at around the same time. I really wonder about these people that keep saying "Linux is to hard for the average user". I look at my Linux desktop and think, "If this is too hard, how the hell are they able to use Windows?"

Re:Who will 'force them'??

[rseuhs]

In other words: If you actively oppose Microsoft now, by choosing a competitor instead, there's a greater chance that you will still have a choice in five years time.

One customumer alone can't change things, so *NO* there isn't a greater chance.

You just spread FUD, which does translate into:"Don't buy from Microsoft competitors. Their products are doomed, you will end up with an unsupported product. Buy an XBox, it will stay around forever."

Nobody wants to risk their money "so there's a greater chance that you will still have a choice in five years time", they will buy a product where they are *SURE* it's supported in five years. Thankfully, that's PS2 and NOT XBox which will be discontinued before PS3 or soon after PS3-launch.

However what I'm saying is that to ensure that Microsoft lose, you must fight them every step of the way, because the consequences you'll suffer if you allow them to win will be bad for all of us.

I know damn well what you *WANT* to say. You want to say "let's start a collective effort to mantain competition". Sorry to tell you, but collective efforts just don't work, everybody will do what is good for himself, not what is good for the collective. By claiming that such a collective effort is needed you imply that without it, the products are doomed -> don't buy competitor's products.

The IT industry is in the sorry state it is exactly because so many companies believed that Microsoft wouldn't be a threat to them. You don't fight Microsoft just with a better product, you need to counter their marketing, counter their FUD, counter their illegal monopolistic activities, fight them in court and in general fight them on all fronts.

Exactly, you need to counter their FUD.

Tell people the truth, that XBox is losing them billions, that it will never make money for Microsoft and that it's likely that it will be dropped without warning and they will be left out in the cold without any support just like the poor souls who bought in Windows/Alpha and Hailstorm.

What you do, is hype up XBox. I say it again: PEOPLE DON'T CARE ABOUT MORALS. They will buy the winning product. Period. If you make them believe that XBox will win, they will buy XBox.

Since when did it become impossible to give hardware away? Funny, I've received hardware for free as part of promotions more than once in the past (though nothing as expensive as a games console, granted).

A XBox costs 350$, if you give it away, you give it to a lot of people who will never buy any games, so you waste it completely. For example if we assume that 1/4 of XBox receivers actually use it and buy games (I would certainly get one and let it collect dust - and lots of others too, so 1/4 is probably very optimistic) - so to reach an effective penetration like PS2 will have the end of the year, they would have to give away 40 million * 4 = 160 million, which would cost them 160m * 350$ = 56 billions.

They would waste all their money just to get on par with PS2. That will just not happen. Also their stock price would go down and Bill Gates valuable stock would become worthless.

You only demonstrate that you don't know the console market.

Anybody claiming the XBox to be a success does so. Everybody thinking XBox live will be a success, does so. (Broadband-only -> doomed, too few have broadband and those who do have all computers which are better for online-gaming.)

Funny, actually I've speaken to MSFT-shareholders and they have come up with exactly the same arguments like you: That MSFT is sooo strong, that they can push around competition and that they know what they are doing. Yes, MSFT is proud of being able to bully other companies.

No company has managed to maintain dominance for extended periods of time - dominance has shifted back and forth between multiple players so many time it's getting ridiculous.

You want to know why? Because so far nobody included backward-compatibility. Just like Microsoft currently has the lock on desktop-software, Sony has it on consoles and Nintendo has it on portable consoles.

That Microsoft don't care about the console market, because if they did they would have spent real money on it, and followed their usual tactics: Aquisitions, agressive price cuts on key products to establish a market hold, and bullying OEMs.

Well, they were willing to spend 30 billion to purchase Nintendo, did you forget that? They can't bully OEMs in consoles, how should that work?

Oh and everybody seems to forget that their first console (WinCE on Dreamcast) was a huge failure, too.

To sum up: Alerting people to the threat that Microsoft is is not providing marketing for Microsoft any more than claiming that saying people need to fight to overthrow a dictator would be providing marketing for that dictator.

All revolutions had a positive goal, like "We will win, we can make it, we will change it for the better", not "the dictator will win anyway, and a lot of us will die for nothing."

Revolutions were won by LEADERS and not whiners.

If you want to help Linux, tell people about Linux-success-stories, not about Microsoft success-stories.

Tell them that XBox is doomed because it is doomed. Tell Webdesigners that Mozilla will become an unavoidable browser because 30 million AOL customers and 50 million future PS3 users will use it. Never mind those who like it's features. Tell them that resistance against Microsoft is NOT futile because so far Microsoft has failed every time trying to destroy the Internet (proprietary MSN, Hailstorm). Tell them that Microsoft is trapped in their own stock-option house of cards. Tell Microsoft shareholders that Microsoft has a worse P/E than a savings book.

But, yes, your talk like "Microsoft has soooooo much money in the bank, they are sooo powerful, competing against MSFT is soo hard" and your refusal to accept any Microsoft-failure does lead to capitulation.

Do you seriously think that people shouldn't fight out of fear for making people capitulate?

No, and I already said so.

It's just that you are fighting in the wrong direction.

Re:Who will 'force them'??

[Arandir]

I read the article, and my conclusion is that it is low grade scare-mongering aimed at geeks to absorbed with technology to understand the way the real world works.

You can take any action by [insert opponent here] and construct a worst case scenario that would cause you grandmother to keel over. The media does this all the time. And it works. Put the right spin on it and the frightened public will vote for anything.

So let's try it. Suppose Microsoft decided to drop support for Windows 98 and 2000. The scare-mongering conclusion: this will force millions of Windows users to upgrade to XP, giving untold extra billions to Bill Gates, allowing him to buy off Peruvian, Finnish, and German politicians (since he has already bought every US politician). Suddenly Linux is banned in those countries just like it is in the US. But wait! Billy Boy still has five billion left over. Now he bribes people to turn in Linux users. You can't trust your neighbors anymore. You could get turned in and go to jail for wearing a Slashdot shirt. All because Microsoft dropped support for Win98/2K.

Ludicrous of course. But no more ludicrous than the conclusion of this article. Yes, there could be serious repercussions to Palladium. Yes, the public needs to be informed about it. But no, the sky isn't falling and Linux/BSD/Apple/Sun/IBM aren't going to die because of it.

Re:Who will 'force them'??

[vidarh]

And who will buy these machines if they can't communicate with any Windows desktops or servers, and can't run Windows?

Re:Who will 'force them'??

[vidarh]

One customumer alone can't change things, so *NO* there isn't a greater chance.

"One voter alone can't change things, so there's no point in voting - not voting won't change anything" would be another version of what you're saying.

You just spread FUD, which does translate into:"Don't buy from Microsoft competitors. Their products are doomed, you will end up with an unsupported product. Buy an XBox, it will stay around forever."

I'm starting to seriously wonder about your capability to parse and understand English. What I've said is: Don't buy from Microsoft. If you do buy from Microsoft you'll end up with abridged liberties and reduced personal choice, because in that case Microsoft will succeed.

If you absolutely want to interpret that as the complete opposite, then feel free to do so, but don't claim that's what I'm saying. If you want to capitulate to Microsoft, fine, but don't complain when people are trying to reduce their influence.

I know damn well what you *WANT* to say. You want to say "let's start a collective effort to mantain competition". Sorry to tell you, but collective efforts just don't work, everybody will do what is good for himself, not what is good for the collective. By claiming that such a collective effort is needed you imply that without it, the products are doomed -> don't buy competitor's products.

You don't know anything about what I want to say. Apparently you don't even understand what I do say. I have not said anything any collective effort to maintain competition. What I've said is that it is important to make people aware of the consequences of buying Microsoft products: They will reduce competition, they will reduce their personal freedoms, they will reduce choice.

Tell people the truth, that XBox is losing them billions, that it will never make money for Microsoft and that it's likely that it will be dropped without warning and they will be left out in the cold without any support just like the poor souls who bought in Windows/Alpha and Hailstorm.

What you do, is hype up XBox. I say it again: PEOPLE DON'T CARE ABOUT MORALS. They will buy the winning product. Period. If you make them believe that XBox will win, they will buy XBox.

I have not said that XBox will win. If you believe that is what I've said, you either can't read, or want to misinterpret what I'm saying.

What I've said is that if Microsoft cared about XBox, and wanted to put all its weigth behind it, then they would have no problems crushing the console market, and making XBox win. First of all there's no basis for interpreting that as a good thing for XBox buyers, as it would give Microsoft the power to increase prices on games.

However there's also no evidence that Microsoft see XBox as important enough for this. Where are their billion dollar ad campaigns? Why aren't they cutting prices dramatically? Why aren't they buying game publishers and making them cut PS2 and Nintendo games? Answer: XBox isn't important to them.

So yes, I agree with you, XBox will likely not be a big success. I doubt Microsoft will leave it behind, and I think that long term it might even be profitable for them. But the REASON I believe it won't be a big success is because (as I've pointed out many times already), they don't particularly care. XBox is a test for them. A way of learning how the game console market works.

For game console users, the time to get worried now, but whenever Microsoft starts feeling confident that they know how to push into the market in the cheapest way possible.

Funny, actually I've speaken to MSFT-shareholders and they have come up with exactly the same arguments like you: That MSFT is sooo strong, that they can push around competition and that they know what they are doing. Yes, MSFT is proud of being able to bully other companies.

However my argument is a completely different one: Microsoft is strong enough to own the game console markets if they want to. So why don't they? Because they DON'T want to at the moment. They can do it, but they're not stupid - they won't do it unless they know they'll make money of it, otherwise what would the point be?

So while MSFT shareholders may delude themselves into thinking that Microsoft will pour enough money into XBox to make it control the market, I'm saying that the fact that Microsoft clearly aren't pouring enough money into XBox to make it control the market shows that they don't see XBox as important enough to spend that kind of money at. At least not now.

The lessons is: Never fear Microsofts first attempt at anything. Like Windows 1.0 or Hailstorm, their first iterations are ways of testing the market, of learning what to spend the big bucks on. But you should be concerned once they try again.

They can't bully OEMs in consoles, how should that work?

Thretening to give extremely favorable treatment to competitors of companies to cooperate with Sony or Nintenty would do nicely... How do you think Microsoft managed to get OEMs to buy into per-CPU licensing of Windows in the early 90's?

All revolutions had a positive goal, like "We will win, we can make it, we will change it for the better", not "the dictator will win anyway, and a lot of us will die for nothing."

All revolutions had a positive goal set on a backdrop of the serious consequence of not winning: "If we don't win, we'll keep getting arrested, killed or tortured by the regime". That is a much more accurate analogy to what I'm saying. I'm not saying Microsoft will win long term. I'm saying if we don't fight, Microsoft will win by default and we'll all suffer for it.

Revolutions were won by LEADERS and not whiners.

They are won by people who see that the alternative to accepting the status quo is to fight, and not pretend that the problem is smaller than it is.

If you want to help Linux, tell people about Linux-success-stories, not about Microsoft success-stories.

So instead of telling people that Microsoft is a threat, I should tell them that ooh, Linux is making such great progress? The end result of that is making people complacent, instead of fighting back. I love using Linux - I've been using it daily since 1994. I've never had a Microsoft OS installed on any machines I own or use on a daily basis.

But I'm not naive enough to believe that Microsoft isn't a threat that needs to be countered. You don't win a war by pretending the enemy isn't particularly dangerous to avoid scaring people.

But, yes, your talk like "Microsoft has soooooo much money in the bank, they are sooo powerful, competing against MSFT is soo hard" and your refusal to accept any Microsoft-failure does lead to capitulation.

No, I talk like Microsoft is a serious threat to free competition, so they need to be fought, not ignored. And their 30 billion USD in the bank DOES make them a serious threat.

Re:Who will 'force them'??

[rseuhs]

What I've said is: Don't buy from Microsoft. If you do buy from Microsoft you'll end up with abridged liberties and reduced personal choice, because in that case Microsoft will succeed.

I have not said that XBox will win. If you believe that is what I've said, you either can't read, or want to misinterpret what I'm saying.

How can the first paragraph be not interpretet as claim that XBox will win?

Essentially, you say: "If you buy XBox, it will win"

Because one customer is irrelevant, this essentially means "XBox will probably win" which is exactly what Micrsoft wanted to be the public's opinion (and failed, thankfully).

So instead of telling people that Microsoft is a threat, I should tell them that ooh, Linux is making such great progress?

Exactly, what's wrong with that?

"Company xy employed Linux and saved xy thousand $, it could work for you, too." is much more effective than "Fight Microsoft to protect your freedom."

And it's true, too. No other OS has established itself so fast on servers and embedded systems. You really think that happened because somebody wanted to fight Microsoft? You are wrong. It happened because Linux is a good product, that's the *ONLY* reason. If you want to help Linux adoption, convince people that Linux is a good product, not that Microsoft is an evil company. People don't care about Microsoft's evilness - they only care if the MSFT's evilness is personally and DIRECTLY affecting them by disturbing them downloading mp3s for example.

The end result of that is making people complacent, instead of fighting back.

Wrong, wrong, wrong.

If people are convinced that Linux will win, they will look into it right now because they don't want to be left behind. They will get curious about what's so successful.

Ten users actually using and supporting (buy bying distros, helping other Linux users or even only by generating non-IE hits on webpages) Linux are worth more than a thousand using IE on Windows whining about how evil and scary Micrsoft is.

No, I talk like Microsoft is a serious threat to free competition, so they need to be fought, not ignored. And their 30 billion USD in the bank DOES make them a serious threat.

MSFT is a software company. If people start to ignore them (= not buy their products) they will start making losses.

One of the principles of good marketing is not to talk about competitor's products (MSFT's). Instead talk about our own solutions.

You don't win a war by pretending the enemy isn't particularly dangerous to avoid scaring people.

This is software, and it works fundamentally different than "a war". Ignorance is the WORST what can happen to software. Yes, you read that right: Ignorance is much worse for a product than "fighting against it".

Re:Who will 'force them'??

[vidarh]

One has nothing to do with the other. Competence in IT means the ability to build good products (in this case, software).

Competence in any industry is the ability to sell products. Nothing else matters to a publicly listed company, or they are not honoring their responsibilities to the shareholders.

Not quite true. Ever heard of FUD?

Microsoft doesn't use FUD to set standards. They use FUD primarily to cause uncertainty in the market place, not to set standards. Uncertainty help them sell products, sure. But it's only a small part of their arsenal to maintain their monopoly position.

Microsoft does not and will not ever sell Internet Explorer. To do so would be idiotic. Internet Explorer is Microsoft's Trojan Horse into the web-services, online vertical markets.

My point exactly: Microsoft are ready to spend millions on a loss leader to break into a market, and maintain that loss leader over an extended period of time.

As I said above, they will soon give the OS away for free. They are moving their whole business away from shrinkwrap software. Which is great! Their software sucked anyway.

We seem to mostly agree on Microsofts strategy here. Microsoft is ready to take tremendous losses in order to expand the parts of their business that they see the most future income in, and you may be right that their OS will be one of the areas they'll soon see as a good loss leader.

I disagree. I believe Microsoft are positioning themselves to take the online gaming market. First they get lots of X-Boxes out there. That creates a platform. Once there is a platform to sell to, game developers build games for it. It is actually easier to sell games on the platform with the least games available, as long as it's a good game.

You say you disagree, but then you reinforce my point: Microsoft don't care if they lose money on the XBox. The gaming console market isn't at stake. If Microsoft keeps losing money on the XBox (as in the hardware platform) it doesn't matter, because that's not where they'll be making their money. But I also think that they're not particularly concerned about the XBox platform at the moment. It's a trial run for them in many ways. It allows them to get customer feedback and test the market. The time to start getting concerned is if they release a new version and start pumping larger amounts of money into it. (For instance to corner the online gaming market).

And once you have totally taken that market, you can start earning a profit on the box again.

That's a good point, and one of the reasons why it's important to ensure that Microsoft don't get a monopoly in this market too. People may think it's safe to bet on what they see as a likely winner, but they'll likely lose more if there is one winner that ends up dominating the market.

While this is true, it won't happen. The lowest they would sell the box at is cost. They cannot go below break-even. Why? Because it is vitally important for Microsoft to keep their stock price going up. Their recent tiff with the SEC shows how paranoid they were about earnings reports. They do this for three reasons.

You are wrong. They are already selling the box far below cost. Reportedly they are losing as much as 150 USD per XBox sold, some think it may be even more.

But you are also right, it is critical for Microsoft to keep their share price going up.

However they haven't managed that for a long time. So far they've been able to blame the market, but if they fail to rise dramatically when the market starts recovering they'll be in deep trouble.

Yeah, I'm sure Sony are quaking in their boots.

They'd be stupid if they aren't quaking in their boots at the thought of going up against a company with way more cash, a dramatic hold on large parts of the IT industry and the highest market cap in the world.

whats the big deal?

[night_flyer]

Those that "know" wont use longhorn, and will still be able to use the software.

Those that dont, probably wouldnt use the software in the firstplace.

Me? Im sticking with 98se and w2k.

Re:whats the big deal?

[Gopher971]

The problem will lie in transactions online. If you cannot buy that new cd you wanted because you are not "trusted" by a Palladium system you will be forced to go to a shop to buy it or buy a palladium compliant system.

Re:whats the big deal?

[night_flyer]

I buy my stuff in person 95% of the time anyway. CDs come from a pawn shop. Things I cant buy in person, I call up the store and order that way. still no problem...

wrecking common standards

[sbuckhopper]

In other words, what MS is attempting to do here is the same thing they've done all along.

1. Take a perfectly good command standard.
2. Bastardize it for their own use.
3. Make it not-backwards compatible.

However this time they really win the game if they're succesfull. This is because if they can really implement this, they actually don't have to do the work of bastardizing the standard interfaces, they've inherintly done it.

What they're trying to do is make it so that a common interface is a MicroSoft interface from the start.

How many antitrust lawsuites do they want brought against them? I guess $30B can buy a lot of lawyers.

Well after all...

[o'reor]

Not everybody is using Hotmail or MSN. Alternative solutions to MS Passport or "Palladium" exist, supported by big brands such as Sun, Oracle and so on. Why would everybody suddenly turn to an all-M$ solution ? Besides, that "Palladium" thing is still a long way down the road : no release before 2006 AFAIK. Right now, there are plenty of governments and organizations that are considering migrating part or all of their administration to Linux or other open-source based solutions, one of the main reasons being (surprise !) the openness of those products and the availability of the source code.

This means that they have weighed in all the involved costs (migration, maintenance, training and so on), and they are not likely to go backwards to a proprietary M$ solution in 5 years (which would involve another heap of money for training, data migration, etc.)

Since M$ is not going to release any major rework of its flagship OS for the next 5 years or so, I see a chance for Linux and other free software OSes to dramatically increase their respective user bases in the meantime. And if the users turn out to be major organizations / administrations / companies, they will be in a position to negociate an open-source (or at least, much less restrictive) alternative to M$ Palladium from the contents providers / secured businesses they might have to deal with.

Just my 0.02 euros anyway...

Re:Well after all...

[SomeoneGotMyNick]

Exactly!!!

Us US citizens should be aware that while we mostly think the rest of the world has to catch up to us as far as computer use goes, they're already doing that. They are making the crucial decisions that will establish standards for themselves. A lot of them are looking at non-MS alternatives now that they can afford to do so.

Before you know it, the US will need to catch up with the rest of the world's computer standards. My money is on OSS.

MS decides to get into the meat packing business.

[MongooseCN]

In other news MS has decided to get into the meat packing business. Their first products will be Gnu and Penguin burgers. Rumor has Bill Gates himself helps butchers the animals and is under investigation by the ASPCA.

My prediction:

[Lonath]

It's simple:

• MS will coerce chipmakers into putting circuits on ALL of their chips that require software running on those chips to carry out patented processes. (Note that the terms of the licenses will state that the companies can only make these chips if ALL chips have these patented circuits.)
  
  
• They will then license the ability to use these patented processes in software to companies who make approved/trusted software.
  
  
• Any guesses on whether Linux and GPLed software will get this permission.?
  
  
• Any guesses on whether or not the terms MS gives to software developers will be nice or not?
  

I really hope that this doesn't happen, but I can see them trying. My hope is that the chipmakers balk at some point, or at least one of them does for each of the necessary parts.

This article is poorly written

[rseuhs]

First of all, it's not at all about the GPL. MS may want to lock out everything non-Windows, but that would include the BSDs and BeOS or OS/2 if they were alive. (none are under the GPL)

Then, people just don't want this. They did not ask for it, they will not pay for it and they will not buy it. It does not add any value to the product.

Then, Linux will adapt fast enough. If this really affects internet-applications, then it wouldn't be viable without Linux, Linux runs the majority of Webservers, remember?

I dismiss this thing as "Microsoft strategy of the week". It's the next Hailstorm.

Re:This article is poorly written

[dcavanaugh]

There are many ways for this "M$ strategy of the week" to fail. So many, in fact, that it's just a matter of waiting to see what kills it. Considering the overwhelming rejection of Hailstorm, we can expect to see Palladium buried in the cyber-cemetary, between Hailstorm and the CueCats.

Their installed base will work against them

[tkrotchko]

I think its a chicken or egg problem.

If there were no PC's, this scheme might work because there is no "untrusted" installed base.

But since there are already billions of PCs out there already that can't or won't work with this scheme, they it can't be adopted because a merchant or web site owner would risk locking out huge portions of their customers.

This reminds me of the whole Passport authentication scheme that had everyone in an uproar last year. In the end it amounted to NOTHING because it never had critical mass.

I agree with most of the analysis, I just don't think anyone has enough control over the computing ecosphere to make this work.

Re:ARE WE SURPRISD?!?

[purpledinoz]

Why does everyone always assume that all of Microsoft's actions have a sinister undertone in them? I admit, I will look at these new security measures by MS with scrutiny, but I will give them the benefit of the doubt.

on x86

[oyenstikker]

This will not kill Linux. This will Linux on x86 (or whatever platform Windows runs on). I can't imagine that Apple will go along with this. So if all the die-hard Linux users start buying Apple computers instead, the hardware vendors and retailers will feel it (they may only feel it slightly, but slightly is still money).

Bonus: If we're all using Apple hardware, we're dealing with a MUCH smaller set of hardware; less driver searching. Maybe Apple would even be helpful in writing the drivers?

Make fighting them a business

[jmu1]

Here is an idea... make a business out of fighting Microsoft. Grab all the Free Software you can... pay developers to improve it... package it and sell it. Then, you can charge for service/training etc. Show folks how much they will really save. Don't rely on other's opinions, sit down and do the numbers yourself. Then, show how well you'll be able to communicate with all that other Free Software that everyone will use. Show them that Big Brother is watching, and that they own your life if you choose to use their software. There is a market folks... I know I'm going to get in the game, you should too!

Re:Make fighting them a business

[brassman]

I just registered ms666.com. See you on the ramparts!

This is going to cause problems...

[spagma]

The reason I say this, is that I do technical support for a local ISP, we have both Unix and W2K webservers on our system and a couple thousand customers that don't know the difference. I would say that most people wont even know they are getting these boards whent they purchase a new machine. Then they will be calling me up to find out why they cant view their favorite webpages. The answer, "Your hardware is restricting your access to the site" is just going to blow right over their head, they are not going to understand why. They are just going to be pissed at us for not being able to help them, probably switch to AOL or something before they find out the real problem, but by then it is way to late. They will just deal with it. Complacency is the name of the game, this is the same reason why companies offer rebates, because a good portion of the customers are not going to bother doing anything about it. Sure some will, or try to return their hardware, but most will not, they will assume it is the new standard and everyone else will have to change to meet it. After all, their stuff is brand new, how could it be wrong?

interesting article. but...

[kipple]

you have a chip ON THE mobo that tells you if you can run an application. what if you're disconnected from any network? the chip must have some key that, applied to the application, will make it usable. Or will decrypt the application. Or will act as a general key to allow the cpu to run some code.

Still, it is something you have ON YOUR MOTHERBOARD. Like the CSS key... it's there, it will be just a matter of time before those evil linux users will find a way to bypass it, fake it, and run whatever they want. Bringing havoc on the pristine, certified, public-key signed microsoft world. Like a cancer...

....or at least I hope so. I have much more trust in a 15-years old linux north-european user, than in any chunk of Microsoft Engineers that live in their golden world, without Windows (hah! pun!) on the outside world.

However, this palladium-thing looks like the whole .NET thing. Just marketing hypes, nothing else. We've all seen what .NET has become... bugs even before it was launched. Palladium is just a way to scare vendors which would like to try linux.

Those guys at Microsoft are just playing the scary-announcement thing: to scare people before they make the next move. Then make them wait, then provide them a lot of useless marketing, then -before they will realize it- they have been embraced. And the empire extends itself.

Whops! sorry folks, I don't believe a word of this palladium thing until I see a working chip, and I see that it works better than current systems. THEN we can start talking about that, and hacking it. Unless the new DMCA won't make it illegal and punisheable by death ;)

cheers.

Re:interesting article. but...

[mikeee]

Unless the new DMCA won't make it illegal and punisheable by death

Ding! The existing DMCA makes this illegal. Since Palladium provides DRM (by attempting to provide a 'trusted' client, ie one that obeys MS and not its owner), subverting it is a DMCA violation. Do not pass Go, do not collect $200.

Now, arguably, the interoperabality/reverse-engineering clauses of the DMCA clear you here, but if those meant anything the whole DMCA becomes mostly a non-op anyway, so the courts appear to be just ignoring them.

Re:interesting article. but...

[Beliskner]

I don't believe a word of this palladium thing until I see a working chip, and I see that it works better than current systems. THEN we can start talking about that, and hacking it.

By then it will be too late. As kerberos has shown, it's possible to come up with a pretty much unhackable system. It's possible to use a kerberos/SSH-type mechanism in every chip on the board to encrypt all transmissions on every bus. To hack that every linux user will need an ion-beam in their garage.

If you seriously think anything can be hacked, then show me an exploit in the current release of MIT kerberos that is a fatal flaw which is unpatchable and valid forever more.

Re:interesting article. but...

[kipple]

so how do they manage the fact that a computer can be put offline? Do they expect that all computers must be online to run their apps? It's ok to me, if they're going to pay for my broadband line...
Seriously, though: IF the key is inside the computer, it can be taken. If not, something won't work.
I guess...

Re:interesting article. but...

[kipple]

wait wait - I know that as long as the keys are stored on different locations and cannot be accessed they are safe. But you didn't read my point - what about DISCONNECTED machines?

Re:interesting article. but...

[mjh]

you have a chip ON THE mobo that tells you if you can run an application. what if you're disconnected from any network? the chip must have some key that, applied to the application, will make it usable. Or will decrypt the application. Or will act as a general key to allow the cpu to run some code.

Ok, but this will be done by installing a certificate (i.e. a signed public key) into the mobo, not a secret key? The certificate will be used to verify that Red Hat (for example) has signed the binary that was distributed. Nothing secret is needed to accomplish this verification. The secret is stored in Red Hat's secret key (stored at red hat) and in the root level secret key (stored, presumably at Microsoft).

So what happens is that Red Hat attaches the cert that they used to sign the app to the app. The mobo cert can verify that it's a red hat cert because the root cert is installed on the mobo. Then the mobo uses the red hat cert to verify that the app has been signed by red hat. No secret keys required. Only publically available knowledge required.

If you're able to break this, then you've broken all public/private key encryption under whatever algorithm was in use.

This is very different from CSS because CSS tries to encrypt (hide) the content. With CSS a huge number of people need to be able to see that content: legitimate customers, none of which have their own private key. So somehow the customer needs to be able to get access to a secret key to see the data. So CSS put a secret key into every DVD player, so that customers could see the data.

But with this, they're not trying to hide anything. They're trying to verify that the data (in this case a computer program) hasn't been altered. Doing that securely does not require wide distribution of a secret key. It requires wide distribution of a certificate (i.e. a public key) but so what? It's a public key. As long as the software provider has a cert signed by microsoft and as long as microsoft keeps their secret key secret, this is going to be very difficult to break.

I think this is very scary, and I think it's quite clever. It basically makes the problem of exercising the GPL the equivalant of cracking public/private key encryption. And that doesn't even mention the amount of power than Microsoft can impose through forced upgrades? Certificates expire. Microsoft can impose that all software providers certificates will expire every year, or 6 months or whatever. At which point, the software will no longer verify correctly. Which means you need to go back to your provider to get an upgrade with a new certificate! You thought forced upgrades were bad before? And what happens if Red Hat decides to divulge their secret key so that the GPL can continue to be exercised? Or if they make it easy to get signed apps? Well then Microsoft simply decides *not* to issue them a new certificate when their current one expires.

This is clever in a very sinister way... unless I'm missing something.

Re:interesting article. but...

[mjh]

No. They do store something on the mobo. But it's a public key. The fact that you can get to it is irrelevant. So you'll still be able to use your apps offline. You have a public key with you when you're offline. But you still can't crack the verification process. You need access to the private key to do that. And you don't have it.

The key difference between CSS and this thing is that CSS was trying to hide something. This is trying to verify signatures. In CSS, to unhide the thing you need access to something secret. In this, you need access to nothing secret. CSS is insecure because they have to distribute that secret thing to everyone who wants to watch a DVD. Paladium is secure becase the secrets are kept secret.

This is going to be much more difficult to break than CSS.

Re:interesting article. but...

[kipple]

interesting explanation. maybe I missed something... I need to further search around and see. I still feel there's something missing here, something that we're missing.

For example, the access to the chip must be controlled by the cpu. There has to be a way to tell the cpu not to check the public certificate (like a JMP, to be clear), or to ignore the response (again, I don't know anything about assembler code, but still you can make the cpu jump a certain part of the code, even if you had to inject it in real-time). I doubt that the binaries will be encrypted.

It's like reading an e-mail that is signed but the signature is wrong. You can read it anyway, it's up to you to believe it or not. Couldn't the same thing be made for CPUs? After all, it's your cpu...

Ok I'll go study it. Thanks for pointing me that, I appreciated a lot.

Re:interesting article. but...

[Asprin]

you have a chip ON THE mobo that tells you if you can run an application. what if you're disconnected from any network? the chip must have some key that, applied to the application, will make it usable. Or will decrypt the application. Or will act as a general key to allow the cpu to run some code.

This is one of the things about recent MS strategy that most bothers me. I believe one of their goals is to turn your PC into something that cannot function without a live internet connection. I'm not sure if it's because they can't monitor/control something they aren't connected to, or if it's because they honestly believe that *we* believe our computers are useless without the internet connection. I don't really care which it is, it's the encapsulated attitude that *they* are going to decide how I use *my* PC that bothers me.

Re:interesting article. but...

[hoggy]

Still, it is something you have ON YOUR MOTHERBOARD. Like the CSS key... it's there, it will be just a matter of time before those evil linux users will find a way to bypass it, fake it, and run whatever they want. Bringing havoc on the pristine, certified, public-key signed microsoft world. Like a cancer...

....or at least I hope so. I have much more trust in a 15-years old linux north-european user, than in any chunk of Microsoft Engineers that live in their golden world, without Windows (hah! pun!) on the outside world.

It largely doesn't matter if it gets broken, because it will be illegal to do so thanks to the DMCA. They won't be able to stop l33t hax0rs breaking it and telling each other the details over IRC, but they will be able to pull down any websites that publish the details or a program that circumvents the chip.

You might be able to find somewhere online the CSS key and source code necessary to play DVDs on Linux, but all the while the key and code is illegal you won't find a distribution touching it with a barge pole and if a distribution doesn't pick it up then the vast majority of possible users will never see it.

Hence there will never be an official open source operating system that can talk to the Palladium chip, as to do so would mean publishing the details of its operation. And if it's not an official distribution then it doesn't matter as it will never have any widespread use.

Ignorant FUD

[NearlyHeadless]

The article begins

Yesterday, as we all know, Microsoft fed an 'exclusive' story about its new 'Palladium' DRM/PKI Trust Machine to Newsweek hack Steven Levy (a guy who writes without irony of "high-level encryption"), presumably because they trusted him not to grasp the technology well enough to question it seriously.

This is the Steven Levy who has been writing about computers for two decades now, whose books include:

• Crypto : how the code rebels beat the government--saving privacy in the digital age
  
• Insanely great : the life and times of Macintosh, the computer that changed everything
  
• Hackers : heroes of the computer revolution
  

Obviously, with titles like these, he must be an ignorant Microsoft toady. On the other hand, Thomas C Greene, who has never spoken with anybody involved with the project, knows everything about it and what it is really about.

Re:Ignorant FUD

[Angst+Badger]

This is the Steven Levy who has been writing about computers for two decades now, whose books include...

...a bunch of sensationalistic crap written for people whose industry credentials amount to having thought about what it might be like to be a programmer.

Crikey, didn't you ever go to high school? Not only is it possible to write about something you don't know about, if your audience is equally ignorant, you can get high marks for it.

Ding! Thanks for playing!

Re:Ignorant FUD

[poot_rootbeer]

• 
  
• Crypto : how the code rebels beat the government--saving privacy in the digital age
  
• Insanely great : the life and times of Macintosh, the computer that changed everything
  
• Hackers : heroes of the computer revolution
  

Obviously, with titles like these, he must be an ignorant Microsoft toady.

Sounds more to me like a wanna-be Wired contributing editor who thinks computers are a RILLY RILLY KEWL social movement, but couldn't care less about the underlying technologies.

That's IMO of course.

Re:ARE WE SURPRISD?!?

[smd4985]

You are right - this is NO surprise. So what can we do about it? Well, first of all, we need to get some hackers trained in the letters of the law. I'm a open source developer, and I'm hoping to go to law school next year. Our cause has less of a chance if we don't have well trained technologists who can analyze issues from a JDs perspective. MS has a ton of money to hire lawyers to attack us directly or indirectly, and we need smart people trained to counter that.

/. Readers Are Not paranoid......

[quakeaddict]

.....its just that everyone is out to get them.

Two Operating Systems, Both alike on desktops

[scorp1us]

Given Apache's penetration, and Linux's adoption, what is to say that Linux can't provide all that Microsoft can. I mean, what Microsoft would get is a "Microsoft Network" of computers (incedentally all running .NET) What this OS would tell you is: "No, you can't burn these MP3s, No you can't view that content." Meanwhile the opensource half of the world will have *SOME* DRM capability, which will probably be something like "allow all." Now which OS are you going to pick? The one where the Media Mongers and Monolists control, or the free and open one?

This is just another nail in the coffin for Micrsoft, by Microsoft.

Dirty Trick but I can't blame them

[div_2n]

I think we would all agree this could potentially be a very dirty trick. I may disagree through and through with their plan and approach, but I can't totally blame them. Think about their perspective--

-Linux market share is gaining in every direction which means their market share is at extreme risk of dwindling.
-There is no one company to compete with and/or buy out to remove the threat.
-Even if they were able to keep Linux OS market share at bay, it will still continue to improve because the core development team can and will always exist.

When faced with an enemy they can't beat with their usual tactics, their last resort might just be to try something like this. Attacking from the back door could be their last hope at maintaining their dominance. Make no mistake about it, that is what they have to do in order to keep their identity.

It seems to me that Microsoft has realized the inevitability of software--it eventually reaches a point of commodity and finality. There is only so much you can do with a word processor to make it better. After that you are only complicating it. As the OSS alternatives quickly approach this state, there is no need to use the expensive version anymore.

Regardless of their initial intentions, it might be safe to say that if MS sees GPL and Linux suffering from this endeavor, they will try all the harder to push it. Be wary of any company that has everything to lose and plenty of resources to try and keep it.

Palladium is all about sales

[standards]

Let's be honest here - Microsoft has trouble on it's horizon.

Microsoft has sold a lot of Windows 95 and Windows 98. And sad to say, these so-called "operating systems" are good enough for my mom and dad (and sister and grandfather and girlfriend and boss).

Now what? What is Microsoft releasing that would convince my family to upgrade their PCs? To be honest, nothing but hardware failure will convince them to do that. They're happy with their 5 year old PCs, and such longevity is sure to hit Microsoft's bottom line.

The answer? A new security scheme that makes it impossible to run new programs on old hardware. A scheme that also negatively impacts unauthorized vendors (including "open source"). And a scheme that forces users to upgrade on a period basis just so programs will work.

Let's be honest - microsoft has some of the best business people in the world. And they're smart. They recognize this issue and plan to leverage it for profit.... not for innovation or customer experience.

The answer? Disable Outlook - in my opinion, Outlook is the biggest computer security issue ever. It's a nice email client (in general terms), but the security issues have been out of control.

Re:Palladium is all about sales

[tshak]

The answer? Disable Outlook

Seriously, I've been running Win2K since SP1 without security or stupid virus/worm issues. I don't even run a virus shield - I just run a web-based scan once every couple months when I'm bored. My box has also been extremely stable (especially considering my "Consumer Beta" VIA chipset). The secret? No MS Office, no MS Outlook. I still use IE most of the time (and Opera sometimes), and I use IIS (localhost only), Sql Server developers addition, and VS.NET. Just stay away from Office and Outlook, and run the IIS Lock Down utility that essentially does what you should have done in the first place (eg: not made sample code publically accessible).

Why this FUD won't fly....

[MeNeXT]

First which business would adopt this and cut out valid revenue from late adopters? The early adopters will just bomb. I know quite a few companies that are still running Win95 and most are on 98 hardly any are on ME or XP.

The only value to this anouncement that I see is that it will slow down the adoption of open source. People will question the logic of converting existing systems from Window$ due to fear that they would have to switch back when this is finally implemented.

Stop adding to this fear!!! Only stupid people would adopt/buy this technology. Granted that there are many that are stupid but quite frankly I'd say that that would be under 10%

Not a problem

[scoile]

Tomas Greene's article is as much FUD as anything else.

Microsoft has to get their technology onto the chip before anything else happens. Do you really think Intel and AMD are looking to get rid of the Linux market? Do you think IBM is going to let Microsoft kill the Linux market?

Second, any DRM support would be built into the kernel (probably as a module) or a library. Applications would call the kernel or library functions to perform rights verification. So, only the kernel (or kernel module, or library) would need "certification", not each application.

Third, there is and always will be a huge need for custom software for in-house applications. There's no way anyone is going to be able to require every company in the world to certify every one of their in-house applications. Therefore, there will still have to be non-certified, unprotected (or differently protected) channels.

Digital rights management will primarily affect applications that specifically request rights verification from the OS. Applications that don't request verification won't use it and won't be affected by it. Plenty of applications and network services will be happy to communicate with each other without DRM.

If anything, strict (cumbersome) DRM may actually drive more people to open source software. When people are getting nickled-and-dimed by every piece of software they use and every piece of media they review, they'll look for other options.

Re:popularity

[rseuhs]

Also, seeing how many (1/3 I believe) webservers run Apache,

It's more the other way around, 1/3 are NOT running Apache:

May 2002 stats

DRM Comments

[ansible]

Ya know, the more big media (and big biz in general) talk about DRM (essentially copy prevention), the less interested I become.

Occasionally, big media has come out with some real gems (like LotR:FotR), but frankly, most of it is crap. I used to listen to the radio for music, but I'm not too impressed by most of that either. Now all I listen to is NPR and an independent dance music station.

They can go and use all the technological means to protect their product (as opposed to art). As long as a few of us can still communicate together, I can keep using free software. As long as people still know how to sing and play, I'll still have music to listen to.

Maybe I'll still go to a movie in a theater once in a while, but I'm just about finished with big media. The more effort they spend to protect their products, the less significant it becomes as art.

Re:DRM Comments

[zulux]

Hear Hear!

A life without $BIG-MEDIA, is like a life without McDonalds.

Crappy Life:
Disney
Coke
Britney Spears
Track House
Organised Religion

Good Life;
Family Videos
Good Red Wine
Local Jazz Joint
Old Rickety Home
Walk In The Park

To me, the crappyest photos taken by my friends and family are worth more that the masterpeices in any photo-calender. Same way with just about anything.

I'm not worried...it will flop

[LordKronos]

Im not the slightest bit worried about it. It wont happen in that way. Its just paranoia. Remember back long before XP came out, and everyone was talking about how horrible XP was going to be because it was going to only allow you to run digitally signed applications? Didnt happen, and it wont. The average joe user wants to run fun little $5 and $10 games and apps that they download (think card games, personal diaries, system utilities, etc). They want to run these cute little freeware screen savers that friends email to them. Its not going to fly.

The article talks about digitally signing everything, all purchase transactions, etc. Again, it wont happen. People want to provide as little identification as possible when they are browsing porn sites, and face it...porn is pretty darn popular. So at the very least, you are going to have to leave open some holes for certain things to happen. But once you leave a hole open in your ship, there isnt much you can do to stop if from sinking. One hole is all virus writers and spammers need to get the nasty stuff through.

And doesn't anyone at Microsoft remember what happened when Intel put a simple processor serial number in their CPUs? People bitched up a storm about it. And that wasnt even a personal identifier (it identified your CPU...and if you changed CPUs nobody would know). Now they are talking about something that would identify you personally? Not gonna happen.

And another thing, did Microsoft even collaborate with anyone on this? I know they have agreements from Intel and AMD to manfacture chips, but as far as I can tell from everything I read, Microsoft has masterminded this whole thing on their own. Ignoring for the moment the fact that I dont think consumers will adopt the idea, I dont think Microsoft could be successful in addressing all the necessary issues on their own. Even if 50 of the top companies got together and tried to come up with something like this, it would still be extremely difficult for them to come up with something robust, secure, and that addresses all future possibilities. If Microsoft is masterminding this on their own, its going to be a million times more difficult to do so.

Lets look at the GPL for inspiration

[fishbot]

A quote from the GPL:

"6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License." (emphasis added)

As there is no specific mention that the GPL applies only to source (it applies to computer programs, including binaries and object code, as specified in section 3), one can only take this to mean that forcing it to comply with Palladium would be imposing further restriction on the users ability to excercise the rights given to them by the GPL. This is itself breaking the GPL.

Just something for the GNU friendly legal types to chew on :)

Re:Lets look at the GPL for inspiration

[Have+Blue]

The GPL is not a law, it is a license between the author of some code and its user. A 3rd party is not bound by any of its limitations.

Time enough

[heikkile]

This longhorned stuff isn't scheduled to come out in a few years. In todays market M$ might be able to pull off a trick like this, but if OS systems gain a decent market share on the desktop, M$ will have a much harder time forcing them all to switch. Even more so if some governments around the world get around passing laws that require OS stuff to be used in their administrations and/or multinational corporations realize that M$ is competing with them, and forbid the use of its products..

Palladium and Interpreted Languages...

One way around the signed binaries problem is to move to an interpreted or byte-compiled language. Once you've got a signed java, python, or (gasp!) tcl interpreter loaded, you can run whatever you want.

Now sound or video hardware that looks for signatures, that's another, harder problem

-- ac at work

one bad assumptions that i see...

[Hooya]

is that everyone is connected to the internet all the time.

How the heck are you going to validate (thru 'Da Man') when you can't talk to da man?

besides, if people are foolish enough to spend more money to get a crippled version of what they have now, they deserve it. me, i still have my old trusty 640x480 monochrome display laptop for just such times.

Re:*sigh*

[CaffeineAddict2001]

and worst of all, people bitch about bitching.

Scripting and in-house development

[juliao]

I understand that Microsoft would very much like computer to only run microsoft-sanctioned code, and that one way to achieve this is by only allowing approved and digitally signed binaries to run.

The question is whether the customers will buy this. As far as companies go, what would such a move imply? Provisions must certainly be made to allow companies to keep running their own in-house code. And as for small independent development companies, they must sign their code as well. Who defines what can run on the computer? Who issues the signing certificates?

If this system does not allow companies to write and run their own scripts and programs, it's never going to fly. Remember, most of the world's software is still custom development...

Like palladium systems can be trusted!

[mekkab]

I still agree with the parent comment-

there will be enough on line sellers who don't trust what MSFT is shovelling. They will not move to palladium systems. In addition, larger on line sellers will have a palladium and a non-palladium site. Given that there are corners of the population that aren't Open Source advocates who are simply content to use what computer they have while it still works (i.e. my parents) they wouldn't dare alienate potential customers.

Also, this gives more work for internet programmers! We/they now have to develop sites that will seamlessly test what you have and send you to the appropriate site!

Or palladium may just be the next microsoft Bob.

A problem of information mangagement

[Bookwyrm]

This sort of technology is very interesting, conceptually, though given Microsoft's track record, it is questionable if they will come out with a decent implementation.

There does not seem to be much difference between being able to say "Only this certain person can play this music file in certain circumstances and not share it with anyone else" and "Only this organization can use this personal information I gave them in certain circumstances and not share this information with any other organization." The problems with DRM as currently proposed is that it is too one-sided, biased towards businesses, and a bit too specific.

In an ideal world, something like Palladium would be a step towards information management -- making sure a certain piece of information only goes to the people it is supposed to go to and no one else, that it is only valid for the length of time it is valid (either by life span or the ability to revoke), and that is trackable (just how many organizations out there do have copies of your credit information or home address, etc.) Right now, our information management capabilities compared to ability to acquire information seem pretty primitive. A real information management solution is probably a decade or so away at least, as it would require people to rethink how they handle their information and develop new processes/habits to do so.

Unfortunately, most people will probably look at this as a DRM attempt (which in Microsoft's case, this may very well be) and reject the entire concept of such technologies. This could very well be a problem in the longer run -- if we are in the information age, where information is our tools and our reality, then having the ability to manage and track our tools and reality will be a crucial technology.

This is not to say such a system would ever be perfect or uncrackable, but even though a firewall is not a perfect solution, it is still useful to have. Oddly, such a technology would probably completely fail in a DRM situation in the future because for most people they probably would not care if a music file was authentically signed/certified or not -- but it gets much more interesting for issues of business email/contracts, financial transactions, medical records, etc. If you could apply DRM-type technologies to the personal information you submit to other parties such that it would limit that information to only being read by those parties, then that could, potentially, be an interesting issue. (i.e. A person gets denied a loan/medical insurance -- demands to see why. The business claims that the information on the person indicates he's a bad risk. Person asks to see the certification on the information, since he never gave that information to the business. The business only has uncertified information on the person -- all the DRM-style information stripped out. Scenario: Either another organization stripped off the privacy/DRM on the information and passed it to the company, or the information is invalid. Being able to track/challenge such information could make things more interesting.) Again, such a system would never be bullet-proof, but it could add some value if done properly.

If information is the next economy, then information management tools will be the next banking technology, so to speak. They will undoubtedly arrive in some form.

No need to invoke conspiracy here.

[Observer]

The GPL issue is irrelevant here, I think: this smells like the standard Windows{tm) business model: leverage dominance on the desktop to grow a profitable new market in which non-MS solutions will be at a competitive disadvantage, whether they involve the GPL or not. (There are of course laws on the books intended to restrain this sort of corporate behaviour, but unfortunately they seem to have been declared inoperative of late by the DoJ.)

Just because 'GPL BAD!' has been high on the company's (im-)propaganda hymn-sheet for the last few months doesn't mean that everything announced during that time has been constructed specifically to advance that agenda.

And whether or not this scheme will fly is another matter entirely: the resistance from other large businesses to Passport's original intent of giving MS the lion's share of authenticated e-commerce gives grounds for hope.

Why the anti-trust suit is important

[Ibag]

Microsoft has enough money and enough clout that something like this getting implemented is a real possiblity. Switching over to a different OS might be feasable for some people, but for the vast majority of users, it is not. If palladium is implemented and microsoft does succeed with it, what will happen?

Since we will lose alot of interoperability, the computing world will be split into microsoft and non-microsoft which end up roughly indipendent from eachother. As I see it, there are three possibilities depending upon how deeply the hardware manufacturers and government get invoved. Either those who use microsoft are cut off from those who don't use microsoft, those who use x86 are forced to use microsoft (or at least their authentication system), or it becomes illegal not to use the system and everybody is forced into microsoft's death grip. None of these possibilities are very appealing.

The only way things won't completely suck is if this is never implemented, but if they have as much industry support (and presure from the bill formerly known as SSSCA) as I think they do, then the outlook doesn't look good. That is why microsoft's power should be limited, why they should be punished, and why they need to be monitored to prevent them from doing things that are anti-competitive (even if not overtly so). That is why I hope that, in the end, MS recieves at least a slap on the wrist from the antitrust suit, if not something slightly more meaningful. Of course, with Bush in the white house, I have serious doubts...if only more people realized that just because something is good for a big company doesn't mean that it is neccesarily the best thing for the economy or the citizens of the country...*sigh*

End of software development too!

[pongo000]

The author of the linked article states that even with GPL'd source code, the binaries you build would not work because they aren't certified. How, then, would a developer develop anything if they can't run binaries? Or would all binaries run under the same cert on a particular machine? This whole scheme seems to be simply unworkable.

Not just an OSS problem

[NumberSyx]

This could also cause problems with Windows Shareware and Freeware programs. How much is it going to cost to get a binary certified ? How many Shareware programers will be able to afford it ? Why would a Freeware programer pay for certification when he gives the program away for free ? Who will be in charge of certification ? Microsoft ? Wouldn't that be conflict of interest, in that they would have the ablity to deny a competitor, say Eudora, entry into the market, by denying them certification or pricing certification out of reach.

Talk about polarizing the opposition...

[smittyoneeach]

This certification scheme will rip the guts out of the GPL. That is, the minute I begin tinkering with my software, my ability to interface with the Great PKI in the Sky will be broken.

The resulting hue and cry wouldn't be good for ol' Mr. Softy.
This scenario would be such a blatant anti-trust violation that even the Justice Department couldn't sit idly by. You would

See a legal onslaught against it in the courts.

See an illegal, group hackfest to reverse engineer it. Faced with such unethical Big-Brother-ism, otherwise ethical IT people would feel perfectly happy about slinging a pebble or twa at the forehead of Goliath.
One hopes that cooler heads prevail in Redmond, and a stable operating point is reached between the Open- and Close- Source worlds. Both thoughts have merit, and a place in the economy (no apologies to RMS), and extreme 'solutions' help no one.

Re:The time has come....

[colmore]

It's struck me before that what we need is a "rootless" Linux distro.

One of the main obstacles toward using Linux is installing software. Whenever I try to get my friends to switch over to Linux, and I'm talking about experienced computer users with Unix experience, the inevitable huge stumbling block is "well how do I install anything?"

What Desktop Linux needs is a semi-protected mode (no login) similar to the priveledges of the default Windows user, you can change settings, install software, view the whole directory structure, but you can't change anything that would cripple the system to the point where "click here to restore default settings" (another option we need) wouldn't fix everything.

Linux software should be as easy as download to the desktop -> click to install. Right now the learning curve of linux has been pushed back only a few steps, it's easy to setup a default config, and use the web and email and anything setup by the distro, but you still have to learn all sorts of crazy convoluted things to do anything beyond that. The difficulty of a task shouldn't be greater than the task's complexity.

Once that is done, someone needs to write a book/series of visible articles entitled "So, you're tired of paying Microsoft $100 per year"

Very polite...

[crath]

That's gotta be the most polite request to cease and desist that I've ever read.

AP bashes Palladium on CNN.com *Today*!

[SloppyElvis]

I submitted this link to a CNN article before reading the /. front page today, and given its "Popular Press" status, I'm sure it won't make it through the Slashdot editors. However, it seems the popular media has taken an anti-Palladium stance for now, perhaps to cool the flames of this article.

1. Given the reliance on hardware encryption, Palladium requires everybody to buy a new computer to use it.
2. Given that an encryption system that can stand up against attack through time has never been accomplished in history, the MS plan has little chance for truly ensuring "private data".
3. Given that the United States government want to be able to look at your data because you might be a terrorist (or just an enemy of the state), "private data" opposes Big Brother, and is therefore not likely to give any *real* privacy at all (unless you just have blind trust in the govenment ;P).

The good news is, I don't think the 'commons' are buying into Palladium, at least not yet. Besides, real paranoids don't use Windoze.

Re:AP bashes Palladium on CNN.com *Today*!

[SloppyElvis]

The strong arguments made in the Register article are completely lost on AP/CNN.

Hah! That's a real surprise!

Not remotely possible

[Fiver-rah]

He describes a scenario in which only certified binaries will execute on an operating system. Uh ... how on earth is this even remotely possible? And who would put up with it? Let's say that I'm just learning computer science. And I write a standard "Hello World" program, and compile it. Now, there's an uncertified binary. And, hypothetically, it won't run on my hardware.

If no binary can run without certification by some outside agent, it follows that users can't write programs and run them without getting them certified (If they could, there'd be no worries about Open Source). Good god. Can you imagine what that is going to do to my debugging efforts?

This scenario is not going to happen. Because even mostly clueless M$-running people will listen if you say, "Hey, you realize that if you run Palladium-based architecture, your darling children won't be able to use their computer for some very important learning purposes."

Re:Not remotely possible

[mikeee]

Unsigned code will run. Unsigned drivers/modules will not, and unsigned OS kernals won't boot.

One could target holes in the OS itself, and workaround this way...

Re:Not remotely possible

[Alsee]

only certified binaries will execute on an operating system.

You can run anything you want, it's just that the hardware cripples itself if the code isn't signed by Microsoft. In the Microsoft DRM-OS patent this self-crippling process is reffered to as renouncing or revoking the trusted identity. If you so much as open another window with a program that hasn't been signed by M$ your system lobotimizes itself. If you have an un-signed driver your system will always be crippled.

-

Make themselves irrelevent

[d3xt3r]

I think this is another step in the wrong direction for MSFT. However, I am glad to see it happening because the more aggressively they attack free software (and non-MS software in general), the more quickly they postion themselves to be irrelevent.

Think about this in conjuction with their plans to make Longhorn debut in 2006 as a radically new OS. Do you know what "radically" new says to me? It says completely incompatible. And not simply with Unix/Linux/et al, but with former Microsoft products as well.

Bear with me for a minute.... let's say for a minute that Longhorn is to Windows XP what Mac OS X is to OS 9 - a complete rewrite, completely incompatible, and arguably 100 times better. But adoption is slow. People are entrenched in thier current OS of choice, OS 9 or even 8 for some. So when Microsoft prepares to move the masses to their radically new OS in late 2006, a great deal of segmentation will occur.

Now let's pretend that Linux is ready for the masses (on the desktop) by 2006, and it has a stronghold in the server market. Now you're looking at two paths (at least for corporate types): 1. Continue to allow MS to shove upgrades down your throat and keep following the Windows donkey cart. Further, subject yourself to the new DRM of Longhorn and face issues of your free software and possbily other commercial software (IE Oracle and other DBMS) not working correctly. 2. Switch to Linux or maybe Macs. When companies are forced off Win 2k/XP and forced onto Longhorn via MSFT, we'll see how many are willing to comply. Continuing to use XP/2k may not be an option, but ditching MS entirely may be a reality in 4 years.

I know it took a long time to get to my point but it's a complex issue. Far more complex even than I have portrayed above. But seriously, I think MS is going down a road to making themselves irrelevant. However, never count out the power or marketing! What MS lacks in software reliablity they make up for with a powerful marketing department and an unfortunate following of corporate weenies.

Cripple it? I thought it was heaven?

[Kjella]

At least that's what I've heard said every time that "If only Windows made a 100% pirate-proof OS, the users would flock to Linux en masse". Well here it is. Tied in with M$ big database of what data you're allowed to see (trust me, it's about their control over you, not your control over the computer),

I'm sure pirating it won't do much good because you need to connect to the big database(tm) to do/see/hear anything useful, and with hardware crypto maybe the crackers will have some trouble too.

IMO it'll go one of two ways, either there'll be free (as in stolen beer) content and noone will bother with the crlpplecontent (alot like today), or there'll be just cripplecontent and people will basicly say "screw you", stick wiht their old windows or change to linux.

Either way I don't think it'll be a hit.

Kjella

Oh yes it is. You're just not looking far enough.

[hoggy]

If MS starts this scheme in 2 years, it will take another 7 years until 90% of their users have it (and that's still not enough because 10% is still too much to lose).

Microsoft can afford to take the long view. The biggest driving force of Palladium/Longhorn will be the DRM technology. People want to consume media and the media companies will require rights management. The media companies can also afford to take the long view. They only need to keep crushing P2P upstarts through sheer weight until the laws and technology to support DRM are widespread.

If only "trusted" apps running on a "trusted" operating system can play music and video, then people will buy those. Remember the vast majority of people aren't interested in their rights - and before anyone starts, I didn't see any groundswell of ordinary people defeating the DMCA.

There is no "Linux" to defeat this. There are only distributions. The big commercial distros are the ones that will end up on ordinary people's desktops and they can either play along or not play - it'll be that simple. When it comes to pleasing shareholders I can guarantee that they will chose to play along.

You just can't afford to be complacent on this issue. This is the biggest failing of the Open Source movement - there is no movement, just a bunch of people writing open source software. This works fine when there's no threat to the freedom, but when there is there's no organisation.

The closest thing free software has ever had to a movement with principles and goals is the Free Software Foundation - and look at how ridiculed RMS has become.

People like sitting on their butts and whining a lot more than they like actively campaigning.

Re:Who will 'force them'?? (mod parent down)

[colmore]

you didn't read the article, did you?

Re:How many steps is too many steps?

[kipple]

you know what...? yes, it might be a real issue. And somehow it can be a good thing if that happens. By the time palladium will become established, gnu/linux and the other 'free' (as in speech) operating systems will be at the same time rock stable and full of applications to suit almost all needs. It will never be eradicated away.

Probably, IF the whole palladium thing is real, the IT world will become like "users who USE their computer" and "users who don't know what a computer is (and use palladium)". Which would be a great way to avoid all those clueless boring users out there, begging for more colorful icons on their GNU/linux desktop.

the open source will never be completely eradicated. Even in the worst case scenario, if the US government will make open source illegal because it won't comply with DRM, there will be plenty of places on Earth that will support it.

So I'm not that worried about that - yes, it may be a risk, but I think there are bigger risks around right now (talking about the Patriot Act, or if you want to stay in the software world the patenting issues....)

cheers.

Like DVD region locking?

[SailFly]

Embedded security into a hardware device to restrict its use? Sounds similar to me.

I wonder how many firmware/BIOS patches will show up that disable or fool the hardware device like how you can disable region locking in your DVD drive -- not that I would ever condone such behavior :)

Switch!

[psicE]

There's a computer available, that doesn't use AMD or Intel products, so it's immune from Palladium.

It's got a 500MHz processor, PGX64 graphics accelerator, 128MB of memory, a 20 GB 7200 HD, Ethernet, floppy, 48X CD, smart card reader, and... Solaris 8 Pre-loaded? All for $995. (Yes, that's a SPARC processor).

To me, it looks perfect. We get a high-speed 64-bit RISC processor, really the only RISC architecture that hasn't morphed into Itanium (poor Alpha); we get reasonable basic specs, and just about everything short of the proc/mobo can be upgraded with standard parts from Pricewatch; and finally, because Freedom is of the utmost concern, any version of Debian that you can run on x86, you can run just as well on Sparc.

And if that isn't enough, if you absolutely *need* to run Windows applications for some reason, in addition to using Bochs, there's another option. If you don't mind keeping Solaris on your computer alongside Linux, you can even buy a $500 PC-within-a-PC card, with a 733-MHz non-Intel x86 processor; because it lets you run Windows and Solaris apps side-by-side, it's essentially a perfect cross between VMware and Wine.

Don't know about you, but my next computer's a Sun.

I do wonder what Microsoft would think if large numbers of people did this. On the one hand, they might love it; if all the Linux users bolt to SPARC, then Microsoft is left with 99.999% control of their platform, complete control for computer built in the last 3 years, and the power to make hardware manufacturers do whatever they say. On the other hand, it means that their Windows-is-better-than-Linux arguments now have to account for the fact that Linux is running Sparc, and it becomes that much harder to get Linux users to switch back. :D

And for us, it means that the ugliest and slowest port of Linux, that for x86, is all but gone; and most time will be spent developing one of the cleanest, SPARC.

Re:Switch!

[psicE]

The reason the G4 has reached 700MHz is because Apple, feeling megahertz-envy, decided to jack up the G4's pipeline. The original G4 was only 4-stage, and could therefore get no faster than 500 MHz at a reasonable price. The new one has a 7-stage pipeline, allowing for faster clockspeed but not much better performance.

Graphics? Just as good as Sun's for most purposes; and if you're buying a computer to play games made by Microsoft and Vivendi, then you might as well just sell out and use Palladium. CD-RW? The Sun lacks, but $100 will buy you a Plextor, much faster than the Mac's, that you can throw in. 1394, USB, 802.11b? Present on the Sun, or if not easily expandable via PCI. Monitor? If CRTs are your thing, fine, but I want an LCD, which I can buy for the Sun for $350. Lots of 3rd party apps? More for Solaris.

But that's not the point. After all, for only $1600, you can get a computer that's truly competitive with the Sun, in the form of a tower G4. With its 40GB HD, CD-RW, and 256MB of memory, making the Sun up to spec would make their prices match.

More importantly is the company itself. Apple has staked its future on OS X; FreeBSD-based at the core, but proprietary all the way up. Sun, on the other hand, has essentially staked their future on open source. They have put an unprecedented amount of work into Linux and Linux software. In the end, if Linux users bolted to another platform, which company would I trust more to support us and give us the products we want? Sun, by a mile.

Re:This won't fly

[Beliskner]

How long has MS been in court with the Feds? Haven't they been *convicted* of obtaining a monopoly through illegal business practices? Isn't the European Union investigating them? Don't Russian government/military agencies use a lot of Linux and other GPLed software? Don't the Germans use a lot of Linux?
IMO, if they try to lock *any* software out of this scheme, they'll be busted by the Feds and completely dropped by other countries fasters than they can write their shitty, bug-ridden, insecure code!

With Bush in power, if they can drill for oil in Alaska and the Arctic, then you're damn right Micro$oft can get away with this. If Bush gives $100million aid to Russia and friends to not rock Micro$oft's boat, then you can bet they'll just sit back and smile.

I don't see the licence breaker here...

[Kjella]

You don't impose anything on the user. "requires Palladium-enabled PC" would be right up there with "requires Windows(c)(r)(tm)". It's a system requirement, not a licence requirement. You're required to provide a compatible environment yourself.

Don't think it'll fly. However, you can demand the source (unless supplied), disable the Palladium crap and compile it yourself. Which presumably means you won't get it signed, and it won't run. But you're still free to copy, distribute and modify it, which is all the licence requires.

It's very much like your right to fair use. You got them, but there's no law saying it must be easy. Or should I say used to be? DMCA makes it a crime to actually exercise that right, not to mention expanding copyright to infinity (No, you can't break a DRM scheme legally even after the copyright has expired because it'll be protecting other, newer works still under copyright.)

Kjella

Nothing to worry about...

[gillbates]

Microsoft cannot implement this without going out of business, or losing a substantial amount of the desktop PC market to Linux.

Here's why:

1. Microsoft's dominance in the PC market has been fueled by the fact that their software has been backward compatible; existing desktop users have always found it easier to upgrade Windows than switch to Linux.
2. The appeal of Windows for the average user is that it is compatible with almost all of the hardware and software available today. Take away this compatibility, and there will be little reason for the average desktop user to adopt it.
3. Many businesses, including mine, depend on the backward compatibility of Windows to run many of our mission critical applications. We don't even have the source code for some of these, so switching to a Paladium Windows(TM) isn't even an option. Even in the cases for which we do have source code, we would still be forced to use Linux because Paladium Windows (TM) wouldn't run our unsigned code.

Paladium is pure speculation by Microsoft. They cannot afford to release this to the public, because they would lose their monopoly on desktop operating systems if they did.

Free Equivalent - Public Trust Clearinghouse

[Bob9113]

What is the free equivalent to this? I propose the following:

Microsoft is banking on the fact that companies will trust it to authenticate good software because they trust the Microsoft reputation. Historically, Open Source has developed its trustworthy reputation by banking on actual users who state that the software is trustworthy.

So here is a Free alternative to Palladium - a public trust clearinghouse. Much as DCC authenticates spam, and the GPG repositories authenticate public keys, a public trust clearinghouse could be an expression of the corporate trust of software.

As an example, imagine giving each member of the Wilshire 5000 a number of votes equal to 10000 minus their position in the Wilshire 5000 (IE, the biggest company gets the most votes). Each can submit any mix of those votes to the "trust this software" and "don't trust this software" bins, and can move them as the wish. New software would have very few votes. Established software would have many votes. The decision to trust could be based on both the number of votes and the percentage of positive votes.

Yes, I think using the Wilshire 5000 is a requirement, because corporations don't trust the general public with business decisions any more than you and I trust Joe Six-pack with firewall settings.

The question then is how to incentivize corporations to participate. Perhaps a license requiring that those 5000 companies submit a certain number of votes per month to be allowed to access the trust repository... just spitballing.

Regardless of how it is done, I think Microsoft has hit on a genuine chink in the O/S armour - it does not have any officially responsible party. Coming up with a way to state authoritatively to business that version 3.142 of SuperDaemon is trustworthy would go a long way to countering Palladium if it catches on. And frankly, I would be far more likely to trust 5000 parties who are objective on average than to trust the manufacturer of the software.

Software management

[IamTheRealMike]

You have a good point about software management, and one that I'm always banging on about. There are several projects in place to try and fix these issues, but it's a big issue to fix. I'd say a year or so before we start to see an impact.

Until then, the solution is NOT to have a "rootless" box. There's nothing inherantly difficult about switching to root to install software, especially if it's just a cute little dialog box that asks for the root password. The problems from software management come from a lack of standards and decent packaging software - not unix security.

Development tools?

[Bazzargh]

Correct me if I'm wrong - but dont all the arguments about the impossibility of working with GPL'd software on DRM systems also apply to anyone developing *any* code on such systems?

ie - if you want to test the code you just compiled because you are a legitimate developer, you must have some way to do so? (Arguments that it will only run on your own machine are weak. That won't stop distros like gentoo from working, nor is it good enough to work in dev shops where you be compile for a test team). This may suggest that M$ will charge more for developer licenses, on unrestricted platforms?

Secondly - if you can build a VM that runs on a DRM system, but doesnt require signed bytecode, then you can run anything you want anyway? And is Linux not just a big VM when it comes down to it (for everyone except the kernel developers)

My point is, if there is no way to develop code in small cycles, MS will find this a very hard sell to software houses and IT depts of corporates.

It seems to me that the only way this can work is if the system 'can' run untrusted or self-signed code, but will not run signed code unless DRM lets it. None of this prevents GPLd code working.

-Baz

Quality of life.

[Jennifer+E.+Elaan]

Actually, corporatized industrialization has lowered the quality of life for humans. Starting with the beginnings of the industrial age, where women and children were being forced to work in terrible conditions, to now, when the average work day has not decreased at all (and increased in a lot of professions). In fact, now we have the problem of North American excesses lowering the quality of life elsewhere in the world, especially in developing countries that can get more money from selling their crops as cattle feed in the US than from selling it to their populace. Guess which they choose?

And, to top it all off, in the past 30 years or so, incidences of stress-related mental illness has increased by something like 500% (I forget which study I read that in, but anyway).

And what do we have to show for it? Do we have more time to spend with our friends and families? No, all we have is a few new toys (although, as a geek myself, I have to admit that they are fun toys). If we see an average person working one day a week and making enough money to support themselves and their families, then that would be a massive improvement in quality of life.

In fact, we have seen the opposite; the two-income family is so common that it has become difficult to be one-income anymore. The quality of life has decreased enough that the average two-income family now lives about the same as an average one-income family in the 1920's.

Remember, those who do not understand history are doomed to repeat it.

Re:Quality of life.

[Dr.+Awktagon]

two points, all imho of course:

1) Nobody is forcing us to work more than the amount necessary to survive. There's no reason why you couldn't get (for example) a part-time job and have a comfortable existence. If more people wanted part-time jobs, it would be more common and acceptable in our society. (i.e., people wouldn't say, hey that guy's lazy, he's wasting himself, selling himself short, etc.)

The problem is, as you say, North American excess and competitive impulses. People feel they have to work more than the next guy so they can buy things they don't need.

2) Mental illness has always been a big issue. But only lately has much of it even been considered "illness". Our understanding of mental illness has broadened considerable. I'd bet that your figure of 500% would apply to diagnoses, not the actually incidents of mental illness. This is what I've read.

What's great about this world is that you can choose your destiny. Nobody forces you to work 10+ hours a day.

I much prefer the problems of today than the problems of the past...

Re:Quality of life.

[markmoss]

Starting with the beginnings of the industrial age, where women and children were being forced to work in terrible conditions, as opposed to the wonderful conditions on medieval farms, where since most peasants couldn't afford an ox they'd hitch their wife to the plow, medical care was unavailable to the poor (90% of the population) and downright hazardous to the rich, the population was kept in balance by starvation if plague and warfare didn't kill enough, and even the upper classes ate so poorly as to average almost a foot shorter than today.

the average work day has not decreased at all (and increased in a lot of professions. It depends on how you count all the "work" time I spend on /. ;-)

developing countries that can get more money from selling their crops as cattle feed in the US. Really? I thought most third-world farmers couldn't afford to ship their crops to the ports or the cities (whether for sale locally as food, or to ship overseas) - maybe because most of the foreign aid went into Swiss bank accounts rather than things like roadbuilding, or tractors and fertilizer to make the food farms more efficient. Or their government pressures them to grow cash crops for export (to get more hard money for those Swiss bank accounts) rather than food. Agricultural subsidies in most first-world countries do screw their own consumer/taxpayers as well as third world farmers, but the bigger problem is with the third world governments.

in the past 30 years or so, [Diagnoses] of stress-related mental illness has increased by something like 500%. Maybe now doctors call it "mental illness", where 30 years ago they'd just say "take a vacation". Unfortunately, that doesn't mean they are better at diagnosing mental illness, but rather that they've better learned how to phrase it so as to get the medical insurance to pay. And to whatever extent there is a real increase in stress: It may be hard for you kids to believe this, but 30 years ago the industrialized countries were already fully industrialized and had been for 50-100 years. Maybe "Republicanization" is causing increased stress to US workers, or maybe it's that 4-6 months a year we work just to pay the goddammed taxes, but if stress was due to industrialization, it would have peaked long ago.

And do you think medieval peasants, Roman slaves, Egyptian peasants in 3,000 BC, or any other lower classes in the old days were free from stress? No, they _died_ instead of just getting a little squirrelly.

the two-income family is so common that it has become difficult to be one-income anymore. (1) It's quite possible to raise a family on a single moderate income. Mennonites do it all the time. They just don't buy toys, fashionable clothes, prepared foods, etc. And, because my wife can't hold a job for more than a week before she starts telling the boss how to run it, I raised two children on my one paycheck - and for the first 8 years, it was the tiny paycheck of an enlisted serviceman. Just don't think you've got to buy everything they show you on TV.

2) A pre-industrial farmwife worked much, much harder than a modern working mother. Yes, I know it's hard to get home from 9 or 10 hours of work, toss dinner in the microwave, run the vacuum around the floor, get the kids ready for bed, and toss the clothes in the washing machine. Try cooking food from scratch on a wood fire, washing those clothes by hand. and cleaning the carpets by taking them out to the clothesline and beating them. If you can't afford to hire help, you'll soon be happy to go back to a dirt floor and greatly lower your expectations of personal cleanliness - even if you don't have anything better to do all day.

(3) You don't know how the average one-income family lived in the 1920's. You only see the top 10%. For the rest, no refrigerator, no car, electricity and running water optional, and generally the wife was working outside the house too as much as childbearing and care allowed.

working one day a week and making enough money to support themselves and their families. Scale your lifestyle back to that of Abraham Lincoln's parents, and it ought to be possible. If not, it's because of the ridiculous tax burden we have allowed our local, state, and federal governments to impose. I do know people who support themselves on less than 1 day a week work, but they get their wages in untaxed cash and the cardboard crates they live in have so far escaped the notice of the tax assessors...

Re:Quality of life.

[Jennifer+E.+Elaan]

Wow, there have been a lot of good replies to this, so I'm just replying to myself instead of each directly. I wasn't trying to say that industrialization was lowering standard of living, I was trying to say that CORPORATIZED industrialization did.

I personally specialize in automation systems (although I'm still mainly a student), so I certanly don't believe that we should go back to being Amish. What I AM trying to say is that the industrialization has mainly helped the people with the most control over the process, which, despite what we would like to think on slashdot, is not us (although we do get paid a good salary so we won't complain about being used like this).

My ideal system would involve less central control of the industrialized capabilities, but more use of technological methods overall.

Oh, and the issue of mental health is actually quite real. The perception that it is a difference in diagnostic criteria is actually backwards. Evaluated using 1950's standards, something like 60% of children today have an anxeity disorder. Other diagnostic areas (which are non-stress related) have only seen a modest increase (less than 50%).

And I would personally love to see some of this easy money that I'm hearing about here. I live in a small apartment with my SO. One and a half incomes isn't enough to support us (my point above), and I seem to be having some trouble locating a tech job anywhere around here. And our problem is not due to expenditure, of which food is our primary one. The world is not a sunny place for those who are not working in good jobs.

Re:Quality of life.

[leereyno]

I'd just like to point out that most of the two income families you mention are up to their eyeballs in debt. The reason they're having to work so hard is because they were stupid and spent money they didn't have by using credit cards, bank loans, etc.

After taxes my yearly income is 24k a year, and nearly 2/3 of that is disposable income. The reason is that I don't waste my money. I live in a house with three other people and we split the rent. I have more room for less money than if I had a single apartment for myself. We have a big pool in the backyard too. I ride my bike to work instead of driving. I do have a car, but I drive it maybe once or twice a week and I only pay liability insurance on it. Because I watch my money very carefully I can pretty much buy whatever I want. Now mind you I don't go out and waste money on toys and bullshit. If I buy something I have a good reason for doing so. I have that which I need and much of what I want, and I have money in the bank. So when I hear about how Mr. and Mrs. John Q. Public have it so hard I can't have much sympathy. Either they didn't do what they needed to when they were younger to ensure they made enough money, or they're so irresponsible with their finances that they're wasting the money they do have paying interest.

I see other people whose thirst for things drives them to dig themselves a very deep hole of debt. As far as I'm concerned they're complete idiots. If I want a new car, and a nice new car for that matter, I'll save money for a few months, put down enough of a down payment that the car is worth more than I owe my credit union, and then pay the rest off within a year. Right now I have almost $15,000 in the bank. If I wanted to I could easily go buy a car worth my yearly (post tax) income and have it paid for within a year.

I'm sure as I grow older my condiitions will change. I'll marry (I sure hope so at least), have children, and in general incur greater expenses in the course of living. I'll also be making more money, and while I might not be able to continue to live off 1/3 of my income, I'll certainly not get to the point where I'm spending more than I make, especially if my future wife works also.

Of all the subjects that children are never taught in school, basic economics is surely one of the most sorely missed. Of course I can't really blame society for the actions of individuals though. It is their responsibility to see to it that they understand how to handle their money. Education would make that easier, but ultimately it is the responsibility of each of us to handle our own business.

As for the rest of what you said, I absolutely agree. Of course I wonder how much of that stress related mental illness is the result of working too hard to pay off your debt.

Lee

Re:The time has come....

[paradesign]

or, look at how OSX handles this issue. If an aplication being installed requires root privledges it requires a preset root password. There is no need to run root, it runs it for you with the password. As for complexity, on OSX there are drag and drop installations off of disk images, and there are double click installers. So easy my mother could do it, and she cannot even get on the internet on our gateway/win98!

the other issue i see is installing from source. unless you can make this a double click graphical process, people wont do it. its as simple as that.

i think what linux needs is something to complete this equation...

Aqua enables Unix like...
XXXX enables Linux.

just look at what Aqua and OSX are doing for Unix, theyre getting real people(pun intended) to use it, after it being around for decades.

that and users dont want to hear about kernals or CLIs or anything remotely tech related. they want to poke at pretty buttons and make things 'magicly' happen.

Never going to be a problem

[tony_gardner]

Look, lets not get our knickers in a knot. It may happen, but it's never going to be the only, or even a high-level verification method. Obviously not, it's embedded in hardware.

Anyone with half a brain can tell you that an identification code embedded in hardware is going to be cracked, and in short order. What happens to Charlie consumer when he finds that his version of Word no longer works because some cracker has a hold of his unique identifier? Or that his personal information is subject to manipulation by a cracker, or that microsoft is giving away his credit card number to anyone who can spoof his identity?

It's a common failing of software manufacurers to think that new hardware can solve problems that software cannot (CF pretty much every dongle ever made) Just let MS run with the ball until they realise that the same thing can be done in software at a fraction of the cost.

In addition, I think it would die in Anitrust. Imagine buying a car, that could only be refuelled at with BP petrol, but not being told about it at point of sale. Just wait until those computers start being returned, because they won't play nice with my operating system of choice, and watch Intel turn on a dime.

Re:The time has come....

[memoryhole]

You should take a look at the way Apple has done the permission setup in MacOS X. The root user is disabled by default, and on top of that there are "Admin" users - which have permissions to install applications, apply system upgrades, and change hardware configurations/preferences (including network and anything else you'd want to be able to do).

Re:The time has come....

[Technician]

One of the main obstacles toward using Linux is installing software. Whenever I try to get my friends to switch over to Linux, and I'm talking about experienced computer users with Unix experience, the inevitable huge stumbling block is "well how do I install anything?"

What Desktop Linux needs is a semi-protected mode (no login) similar to the priveledges of the default Windows

Umm, check out the Lindows machines WalMart is selling. Check out the DL/autoinstall website with the one click install of programs.

It's here, however, I don't want any machine that my kid can one click install a root kit on my machine. Some of us run a more secure distro for a reason.

Ask around.. Who do you know that runs linux and managed to click on something that infected their machine? Windows macro viruses don't run on Linux. It's incompatible and I like it that way.

Re:How many steps is too many steps?

[JWW]

A couple of more ominous things.

Sure open source would go on but I would like to have the operating system on my machine be legal. I'm already pissed about having to use and "illegal" DVD player on my Linux PC to legally view _my_ DVD's.

Also Microsoft had patented DRM-OS, which means that if not-DRM-OS's are against the law, anyone who wants to sell Linux, and probably Linus and other kernel developers would have to pay roalties to MS. This would be super-evil.

I agree with your point about software patentents, it just happens to be tied in fairly directly with Microsoft's current diabolical plans for palladium.

The Real Reason: DRM Gatekeeper

[Airline_Sickness_Bag]

THe real reason why Microsoft is doing this is they want to be the DRM gatekeeper. All digital media will end up going through them, and they will come up with new standards and schemes to get a percentage on all of this information. Look at the new Mpeg 4 standard - they are planning to charge for the data stream. It's where MS wants to go today.

Killing Linux and the GPL is an added benefit.

-asb

Re:An idea

[Peter+Harris]

Not yet, but give them time to fuck this up and their stock will be a lot cheaper.

Re:Oh yes it is. You're just not looking far enoug

[hoggy]

Linux will replace Windows just like the open PC-platform replaced Apple and Amiga.

I'm not going to hold my breath on that one. Especially since Apple has a substantially higher percentage of the desktop market than Linux and Apple has apparently been "replaced".

Wait, there is no "and" in this sentence. People want to consume media, their interest end after that. They don't want to pay ridiculous amounts for subscriptions and fees.

This is foolish in the extreme. People pay ridiculous subscriptions and fees everytime they buy a CD, a DVD, or a player for either of those media. It is because of this that P2P scares the media industry so badly. They currently make vast profits out of people who don't realise that they are being ripped off. They will do - and already are doing - anything to protect that.

The media companies have already managed to come up with a film format that only their approved players can play (DVD) and make it illegal for you to reverse engineer your own (DMCA). Just how stupid do you have to be to think that they won't do the same for music and broadcast video.

Well, and I demand a million $ from you.

The difference is that you clearly don't have a monopoly over anything of value to me, nor the ability to buy a law to compel me to give you anything. This is not the case for the MPAA or the RIAA.

Microsoft will win because they know which side their bread is buttered on. If they help the MPAA and the RIAA then they'll get their massive financial and political support. That's why Microsoft care about digital rights management. If Microsoft can deliver 90% of the desktop market to the MPAA and the RIAA then they will happily hand Microsoft a monopoly right to the media.

Sometimes you don't get what you demand. Especially when you make unrealistic requirements.

My point is that to most people the demands don't appear unrealistic. Like I say, most people don't give a damn that they're getting screwed. And of the few that do give a damn, the majority of them can't think of anything to do but whine on Slashdot.

So far I haven't seen anything to suggest that the future I suggest here won't come to pass. The DMCA became law and no legal challenges to it have succeeded yet, the RIAA just killed independant Internet radio, the MPAA have pretty much successfully killed the open source DVD player, the MPLA are suggesting a fee structure for MPEG4 that will kill independant video streaming, Sony are bringing out computer-proof CDs, various attempts by the Senator for Disney to install DRM into hard drives and onto motherboards, ...

Sorry, exactly when is Linux or the open source movement going to change anything?

Re:How many steps is too many steps?

[HiThere]

One step is too many. If I saw any way I'd give Microsoft the corporate death penalty right now.

That said, this is probably a trial balloon. They're probably just floating it to see what kind of reaction they get. Expect them to keep this up until they've desensitized people. Then they'll try it for real.

Think of this as son-of-hailstorm. Or perhaps the Bride of Hailstorm. To which I can say "They deserve to be dead. All of them in that house."

This is unfair, of course. Frankenstein's monster was well meaning.

Re:Oh yes it is. You're just not looking far enoug

[rseuhs]

I'm not going to hold my breath on that one. Especially since Apple has a substantially higher percentage of the desktop market than Linux and Apple has apparently been "replaced".

Well, in Europe Linux already overtook Apple by a large margin. On many German sites, people browsing with Linux already make up 10% or more.

I still don't get it why Walmart is selling their Linux-PCs exclusively in the weakest Linux-market on the planet (USA)

This is foolish in the extreme. People pay ridiculous subscriptions and fees everytime they buy a CD, a DVD, or a player for either of those media.

What? DVDs and CDs are popular because there is absolutely NO subscription involved. Because you "OWN" the movie/music (yes I do know that it's just a license in court).

Every scheme that takes away ownership from the user has failed so far, I don't think that a scheme that takes away ownership of the PC (which is even more severe) will succeed. Yes ownership includes the "doing what the hell I want with it" - factor.

It is because of this that P2P scares the media industry so badly. They currently make vast profits out of people who don't realise that they are being ripped off. They will do - and already are doing - anything to protect that.

... and continue failing ...

The media companies have already managed to come up with a film format that only their approved players can play (DVD) and make it illegal for you to reverse engineer your own (DMCA). Just how stupid do you have to be to think that they won't do the same for music and broadcast video.

How stupid do you have to be to think people care about what's illegal?

You can get almost any movie on the net you can get in stores. Correction: You can get A LOT MORE movies on the net than you can get in stores. That's a fact.

Sorry, exactly when is Linux or the open source movement going to change anything?

Well, Opensource made it possible that you can spread your "Microsoft will win - FUD" here. Because if it were not for Linux, Apache and BSD, we would all run proprietary MSN connections and only big corporations could afford going online with webpages. (Big corps don't like discussion, so there would simply be no such thing as slashdot.)

Opensource has already destroyed Microsoft's plans. Microsoft is fighting a losing battle.

Don't make this work

[phpdeb]

A message to all open source, or any, developers out there, "Do not make this work. Do not try and hack a Linux solution to make this work. Make sure your stuff doesn't work with this new system. Make sure your site doesn't work with these whacked mobos. Do not allow Microsoft to succeed."

If we hack out a solution that will kinda sorta allow Linux to function in this system of stupidity, we will be forced to deal with it for ever. The best way to fight this latest attack is to make users uncomfortable. Don't allow your apps to run on systems that MS has locked down. People will quickly get pissed when they can't get to their favorite pron site or whatever.

Urgency of Desktop Linux

[bwt]

"First they laugh at you, then they ignore you, then they fight you, then you win." -- Ghandi

We're coming to the climax of phase three.

This whole thing just points out the absolute urgency to get "Desktop Linux" to a point where your mother would use it.

It will take MS a long time to implement Palladium because it is so ambitious. Minimum of three years: 1 for hardware to be available, another for MS to have shippable software, another for large scale deployment. In the time that it takes for them to get to that level, Linux MUST achieve at least 25% market share of new desktop OS sales. If this can be achieved, then Palladium won't matter because the monopoly will be broken enough to assure that other solutions survive.

I believe this is an achievable goal in an achievable timeframe. Some of the key gaps that have to be close to get there are:
1) OpenOffice has to improve and offer comparable MS Office compatibility to what Microsoft offers when they upgrade. (current progress: B+)
2) There has to be a robust set of games available on Linux (current progress: D)
3) Mozilla has to be clearly superiour to IE (current progress: B)
4) The LSB standard has to be widely and uniformly implemented so that software installations are turnkey for compelte boneheads (current progress: B)
5) MS Outlook has to have an equal among open source competitors (current progress: C)
6) More vendors need to offer Linux pre-installed machines. (current progress: C-)

Another thing that would help is that proprietary software vendors have to steer towards cross platform languages (java, delphi, etc) so that their niche market products run on Linux as soon as they run on windows.

Re:Oh yes it is. You're just not looking far enoug

[hoggy]

How stupid do you have to be to think people care about what's illegal?

You can get almost any movie on the net you can get in stores. Correction: You can get A LOT MORE movies on the net than you can get in stores. That's a fact.

As with most Slashdot weenies, you're confusing yourself with "people". Most people buy CDs and DVDs. Any system that has looked like it might reach too many people has been ruthlessly destroyed (Napster, AudioGalaxy, Kazaa, DeCSS, net radio, ...).

Well, Opensource made it possible that you can spread your "Microsoft will win - FUD" here. Because if it were not for Linux, Apache and BSD, we would all run proprietary MSN connections and only big corporations could afford going online with webpages.

No, you're confusing "free beer" with "free speech". The value in open source is in the fact that the source is open, not that it's cheap. OSDN could easily purchase Sun, IBM, or HP boxen bundled with free application servers. The cost of the bandwidth, hardware, and support easily dwarfs the proprietry software costs anyway.

Open source does not enable Slashdot. Slashdot enables open source. It would be hypocritical if Slashdot ran on Microsoft software, but it wouldn't stop it being a forum for the free software community.

You have to snap out of your complacency. Freedom isn't something that you can sit around and wait for, it's something you have to fight for.

Re:Oh yes it is. You're just not looking far enoug

[rseuhs]

As with most Slashdot weenies, you're confusing yourself with "people". Most people buy CDs and DVDs. Any system that has looked like it might reach too many people has been ruthlessly destroyed (Napster, AudioGalaxy, Kazaa, DeCSS, net radio, ...).

... and every system that included "pay-per-view" or subscription was not accepted by the market. Which was my main point (which you didn't quote - oh how I love selective quoting)

No, you're confusing "free beer" with "free speech".

Huh? OpenSource enabled the Internet, it would be impossible without it. That was my point. Maybe you should answer to my point instead of switching topics.

You have to snap out of your complacency. Freedom isn't something that you can sit around and wait for, it's something you have to fight for.

Yes. But helping Microsoft by sprewing FUD ("Microsoft has 40$ in cash and can destroy Sony and Nintendo - whohooo") is a bit counter-productive, don't you think?

Steven Levy and FUD

[Erris]

Steven Levy also wrote, "The Day the World Crashes" about the y2k bug. There are many who will never forgive him for that.

Can you show me anything that demonstrates the first technical understanding?

Newsweek is prolefeed. You are an offtopic troll.

Paladium includes DRM chip on board. We can be sure that such a thing will make any machine with it into an appliance. That's fine, but it's not a computer. Hopefully someone will continue to make computers that work.

Palladium Performance

[4of12]

I saw the press release in Newsweek. Oops, I mean article.

They got one thing right, that there was considerable doubt and uncertainty that people would jump at the chance to own a chance to truly be owned.

The thing that occurs to me, however, is that a lot of software is going to take a performance hit has it does PKI work, encrypting data, checking keys over the network, etc.

That, and the complexity of software will needs increase. As if current software is so trivial and simple that two five year olds could debug all the problems in IE within an afternoon.

No, there's a word that describes Palladium.

That word is "Bob".

Users who don't upgrade will be infected

[EccentricAnomaly]

If MS makes sure every pre-Palladium windows is buggy and full of security holes, then users will have to upgrade to get a usable system. The shear entropy of all of the viruses out there will make any old version of windows unusable after MS drops support.

Re:Oh yes it is. You're just not looking far enoug

[hoggy]

... and every system that included "pay-per-view" or subscription was not accepted by the market. Which was my main point

That depends on who is doing the paying. The demand on pay-per-listen is what just killed independant Internet radio and I didn't see anyone storming the gates with torches and pitchforks. People will just switch to listening to the "approved" streams of the corporations that own the media.

Huh? OpenSource enabled the Internet, it would be impossible without it. That was my point. Maybe you should answer to my point instead of switching topics.

I'm sorry, if that was your point you didn't make it very well since you wrote:

Because if it were not for Linux, Apache and BSD, we would all run proprietary MSN connections and only big corporations could afford going online with webpages.

which appears to clearly indicate that you believe Slashdot uses open source out of monetary concerns.

Yes. But helping Microsoft by sprewing FUD [...] is a bit counter-productive, don't you think?

I don't believe that I am helping Microsoft, but I do believe that people who dismiss concerns about the power they wield with empty statements like "Linux will replace Windows" are helping them. You are encouraging people to sit back and wait. By then it will be too late to repair the damage.

Open source is anathema to control freaks. Therefore they won't ever aid it. The media companies can only control the media with proprietary formats, protocols, encryption, and rights management. There's only one company capable of delivering that scale of proprietary system to them.

Like I said, Microsoft will win because of the MPAA and the RIAA. The only way to stop them winning is to stop the MPAA and the RIAA from controlling the distribution of media. Linux won't beat Windows because it's better or because it's free. Open source can only thrive in a free environment. We need to protect our freedom first. The DMCA exists because not enough people cared about their freedom to stop it.

Re:Oh yes it is. You're just not looking far enoug

[hoggy]

If they do "play along" and support Palladium they can, pardon my French, go fuck themselves. Who cares? That is the wonderful thing about freedom, you don't need to save them and they don't need to listen to you. They are free to give away their freedoms left and right in exchange for a few shiny gadgets, and we (meaning anyone who values their freedom more than they value the latest pop single) are free to use, modify, develop, and play with open source and its derivatives.

Gah! I don't seem to be getting my point across very clearly. Let me try again:

Consider DVDs and the DMCA. As we have already seen it is now illegal in the US to write an open source program that can decode, and thus play, DVDs (DeCSS). If it is illegal to write a particular program then the noo-sphere (as ESR would call it) has been contracted ever-so-slightly. Yes, you are free to continue to play in the remaining space, but you have lost some freedom. Similarly it will be illegal to write free software that circumvents Palladium and any other DRM madness that the media companies come up with.

In small increments we are slowly giving up freedom. You can say "who cares! I didn't want to listen to the Spiderman soundtrack anyway" (which has been copy-protected by Sony so that it can't be played in a computer and ripped to mp3), but as a community we have lost something. If you don't defend other people's freedom then you will slowly lose your own.

To make my point another, more controversial, way: RJS wants Linux to be called "GNU/Linux" not to boost his own ego, but to recognise the freedom that the Free Software Foundation has fought so long for. Remember the FSF isn't Stallman, it's everyone who has ever contributed to the GNU project. They have collectively increased the space of our noosphere with tools, documentation, licenses, political lobbying, legal action and support, etc.

Complacency is the rot that eats away freedom.

But then again, I've always been too lazy and self-occupied to consider Victory a pre-condition for Freedom.

*sigh*

How open source can deal with this

[Animats]

The right answer to this is for the open source community to put security into UNIX/Linux that can confine hostile code. You should be able to open any executable content from a browser without risk. This is what FreeBSD jails and LOMAC are for. But browsers need to be compatible with such things.

The basic idea is that you need to be able to run executable code under OS-enforced restrictions that are similar to the restrictions on Java applets. A legitimate Active-X control, for example, needs to talk to its window, its site, and the instance of the rendering engine for the current page. That's a jail-type application. FreeBSD has this now, but browsers don't use it.

The LOMAC system is more general. It's like Perl tainting, for the whole OS. You can download some application from the Internet, but it can't do anything to data that didn't come from the Internet. Games, for example, fit well into this model.

Rather than whining about Microsoft's sign-everything approach, the Linux community needs to develop security technologies like these that provide real security. This is better than what Microsoft is proposing. And most of the hard work is already done. The main task is to get the browser people to use it.

This makes a lot of sense for the Mozilla project to do, making them a superior alternative to IE. But their code base may be too big to try this easily. The process architecture of the browser, at the "who talks to what" level, needs to be redesigned with security in mind. Basically, the rendering engine for each page needs to be in a separate process with limited privileges. This has impacts on many browser features, although the main rendering task isn't impacted much.

Think of it as a firewall inside the browser.

Re:The time has come....

[colmore]

"Some of us run a more secure distro for a reason."

I'm not saying this is what *I* want, but security = hassle for most people, and I think some sort of middle ground could be achieved, where the default user could install things that don't require root privelidges (Quake 3, Mozilla, etc. etc.) and you'd need a separate root password (which the installer would prompt for) for things like kernel, glibc, or KDE upgrades.

Re:All CPUs?

[Lonath]

I don't know if they'll succeed, but I expect them to try. If they can get Intel and AMD to go along with it, they take Linux out of a large part of the market. I expect at that point the rest of the market would expand in response...but that's another issue.

Re:Apple

[Lonath]

I still think they'll try it. They might not ever get the chips produced, but they will at least go into backroom negotations with major chipmakers and try to do this. They might even be able to sneak some of this past before people notice it. They probably won't get all of the manufacturers, but they will get some.

Microsoft is losing it

[g4dget]

Look at just some of the things they are trying to put into the OS:

• probabilistic expert systems and user assistance (think "paper clip")
• the file system as a database
• a VM and runtime to unify all programming languages
• all data contained in its own data vault
• etc.

Every idea, however hare brained, that some computer science researcher has come up with, gets put into Windows because it's almost the only place where you can put it.

But without being tested, alone and in combination, in the market, nobody knows whether any of these ideas help or hurt. Microsoft is stumbling along like the central committee of the old USSR, trying to plan for the next ten years. They are going to be no more successful in terms of results: their systems are already far from what a free market would produce, and it will only get orders of magnitude worse. The only question is whether, like the USSR, Microsoft will be able to hold on to their power through coercion and eventually fall apart in a great crash, or whether they split up voluntarily and operate in a free market before then.

Trusted apps?

[El+Camino+SS]

If only "trusted" apps running on a "trusted" operating system can play music and video, then people will buy those.

What are you talking about. Most people get all of their media from MS-untrusted apps like kazaa, gnucleus, or limewire. There are damn few trusted media content providers out there now.

As a general rule, the longer a technology is out, the cheaper and more ubiquitous it is, and the more chance of variety. Basic economics. Economic models go towards more variety, not away from it. Reagardless of what MS does.

No one is going to get me to ever buy another MS based OS. I run 98se AND I am never ever buying anything from them again.

Matter of fact, the only reason that I am even on 98se is that I want to play games. After that point changes... I'm getting a distro.

Things have changed

[nagora]

A lot of people are saying "remember the Pentium ID" or "remember Clipper" etc as evidence that this isn't going to happen.

Well, folks, something happened on the 11th of September that changed the rules here. It was on TV so you've probably heard about it.

"Why of course the people don't want war ... It is the leaders who determine the policy and it is always a simple matter to drag the people along... all you have to do is tell them they are being attacked and denounce the pacifists for lack of patriotism and exposing the country to danger. It works the same in any country."

Hermann Goering said that and I think we can all agree that he had some insight on the issue. It applies to more than "hot" war and to more than just governments' propaganda.

TWW

AMD already working on similar device

[lapey]

http://www.extremetech.com/article2/0,3973,282114, 00.asp

"However, the AMD-Wave whitepaper also postulates the need for multiple protection schemes, something that Microsoft's limited public statements have not addressed."

looks like AMD had this idea 2 years ago,

Lapey

Re:Alarmist no!

[zangdesign]

Yeah, evidence. It's that thing that some people like to have that proves that someone is up to something BEFORE we convict them.

And yes, you're right - the remedy for past criminal behavior probably won't take this into account because they haven't committed done anything wrong as far as Palladium is concerned.

Re:Oh yes it is. You're just not looking far enoug

[LarsG]

What? DVDs and CDs are popular because there is absolutely NO subscription involved. Because you "OWN" the movie/music (yes I do know that it's just a license in court).

Just a nitpick - that's not entirely true.

When you buy a physical object like a book or a record, you own it. If I take your book without your permission, it is theft.

However, the material in a book or record is copyrighted and the copyright holder has certain exclusive rights regarding what you can do with that content. For example, making copies of the book and selling those copies on the sidewalk would be copyright infringement.

Also, it is not "just a license" in court. You have not signed a contract that tells you what you can and can't do with the content. It is copyright law - and not a license - that set down the rules regarding how you can make use of the content.

(With software, it is a bit different. Also, with click-through licensing becoming more prevalent for online shopping we're bound to see more copyrighted works 'sold' by license in the future. It is still unclear how the courts will rule regarding how legally binding such non-negotiable contracts are, but I digress.)

Control Freaks

[Selanit]

Open source is anathema to control freaks. Therefore they won't ever aid it.

Ha! I'm a control freak -- and I adore Linux. It lets me control my box right down to the level of individual bits!

There are two kinds of control freaks -- those who seek to control others, and those who seek to control themselves. The latter are those people who compulsively arrange their sock drawers. The former are those who compulsively arrange other people's sock drawers.

Is Bill Gates a control freak? Seems pretty likely. Is he the kind who compulsively regulates his own behavior? I don't know. I do know, however, that he (and his company) do seem pretty compulsive about wanting to regulate my behavior, particularly with regard to my computer. And that's scary; a computer is a hell of a lot more personal than a sock drawer. My sock drawer contain bits of cloth that I encase my feet in. My computer contains my financial records, my phone numbers and address, my schoolwork -- in short, all of my most private personal information. Controlling my computer is a short step away from controlling me, and is therefore completely unacceptable.

Doomed to Failure

[justin.warren]

Based on the descriptions given in the original article and the Reg article, I think this scheme is doomed to fail because of the very architecture it employs... unless M$ simultaneously use their monopoly position as leverage to get it installed, their relationship with chipmakers to get it on the latest and greatest mobos and their marketing skill to spin the hell out of it and convince the clueless that it's a great idea. It will still take a phased approach over at least a 5 year timeframe.

Even then, there are numerous flaws in the idea, IMHO, simply based on the way Jo Public uses her PC. Check out my more lengthy response to this article here.

Re:Words and Meaning.

[alizard]

It is intended to protect Microsoft and the members of the MPAA and RIAA.

So Fucking What?

[ikekrull]

Personally, I get by just fine without Windows. I don't don't run any version on Windows on my machines, or any Microsoft applications, with the exception of IE 5 which came bundled with MacOS X, and has long since been dumped in favour of Mozilla.

I don't understand why people are so upset over this. It's a free country where i live, and MS should be free to implement whatever stupid scheme they feel like.

It doesn't matter to me because I have chosen to invest the time and effort into finding myself a workable alternative precisely because i don't like the way MS operates.

That doesn't mean they don't have the right to operate, within the boundarys set be law and common decency, as they see fit.

The majority of the posts i see on this topic are bleating about how terrible this is and how motherboard manufacturers will only sell palladium-equipped motherboards, making it impossible to do certain things.

Well, This reminds me of Slot-1 from Intel, widely hailed as the death of AMD, when really it was the move that saved AMD, forcing their adoption of a different architecture, and bringing a real alternative to Intel on the desktop.

Or Rambus, which was widely hailed as the death-knell for the SD-RAM industry, when RDRAM was basically expensive, proprietary rubbish that put a huge dent in Intel's P4 strategy, again allowing AMD a big window leading to further inroads into Intel's desktop CPU domination.

Plus, there is the ridiculous irony that the only reason Microsoft is so successful is because of the minimal-to-non-existant anti-piracy measures implemented in all versions of windows up till XP.

People use Windows because they can happily warez the copy of Office their friend bought with ease and impunity. Take that away, and Windows is not nearly so attractive to Joe User.

In fact, it will likely drastically lower the gap between PC and Mac prices, making the Mac's higher hardware cost insignificant in comparison to the huge wad of dough you have to spend on apps anyway.. And since the Mac doesn't have palladium, well, you get the picture.

Linux exists in it's own little world of free/open source software, has got this far despite M$ and Apple, and doesn't seem to being going away any time soon due to soaring, unprecedented popularity never before seen from a non-commercial OS, and I really don't see how this affects it. You want GPL apps, and you can't get them on Windows - What do you do?

From the posts i've been reading, it seems that most people just go 'waaaaaaahhhhhh bad, bad M$', instead of taking a step off the slippery M$ slope , using one of the several capable alternative OSes, and ignoring this latest floating turd 'Palladium' in the constant stream of raw sewage that has been flowing out of Redmond for over ten years now.

Re:The time has come....

[AaronW]

This sounds like my experience with SuSE Linux 8.0 and KDE 3.0. If I click on a .rpm file in konqueror, krpm pops up and allows me to install the new software. Before allowing the install, it requests the root password. In this way, I do not need to log in as root to install new software.

Of course something along the lines of InstallShield would make installing new software easier and more flexible.

-Aaron

Not going to happen, here's why.

[zerofoo]

Hailstorm failed for one BIG reason: No one in their right mind trusts Microsoft with security sensitive data. Corporations from AmEx to the average joe consumer didn't buy the claim that Microsoft would protect all this confidential data.

Now, we are to trust Microsoft to develop an all encompasing security platform? How do those bone-heads at Microsoft Marketing/Engineering think anyone at all will buy into this?

It takes a very long time to build security into your products, and an even longer time to build trust with customers. Microsoft has not done either, and this security platform will fail without the support of hardware vendors, software vendors, and people like you and me.

-ted

Re:Apples and Oranges

[Zathrus]

On the other side of the atlantic ocean, however, "region free" is a *major* sales feature found in many advertisements.

Wow... ok, I'm not at all surprised with the desire for hackable DVD players outside the US/Canada -- by and large everyone else gets the short end of the stick (particularly regions 5 and 6, and 4 to a large extent). I am surprised that it's openly advertised. I guess the MPAA is too busy trying to pass inane laws here to go look at Europe/Asia... or they just don't have the pull there that they do here (much more likely).

Every once in awhile I hear about a region 2 release that I'd be interested in. Usually a TV show -- syndication rights in the US make releasing stuff on DVD a nightmare -- some shows require agreements from up to 4 different studios. But it's not such a big deal to me to bother looking into modding one of my DVD players.

A major point of difference wrt. copy protection in general however, is that the Palladium thing isn't primarily targetted agains copyright violation

Well... if you look at the history of Longhorn the first things MS was saying were copyright oriented. In particular music and video oriented. They're just spinning it now.

Re:Oh yes it is. You're just not looking far enoug

[Rakarra]

Because if it were not for Linux, Apache and BSD, we would all run proprietary MSN connections and only big corporations could afford going online with webpages.

Actually AOL had far more to do with the failure of MSN than Linux did.