Slashdot Mirror
Coursey on Palladium
lrose writes "Check out this story over at ZDNet -- Microsoft is developing a secure operating system to be combined with hardware doing public key cryptography. The DRM aspect reminds me of something I read about an imaginary day in the not-too-distant future, where you can no longer install Linux on your own box because you don't have the necessary rights." Coursey's column is quite interesting, bringing a lot more of the backstory behind Palladium into public view. While geeks have been following and worrying about the TCPA, Microsoft has been working to spin the story with assorted columnists and journalists, so that when it broke it would be in the context that Steven Levy bought into hook, line and sinker: a scheme to protect you rather than one to prevent you from using your computer in unapproved ways.
This might be a good use for those funds going to that new GeekPAC thing-- some kind of publicity or public service ads explaining what Palladium is and what it means to the consumer, so that when MS gets around to promoting this themselves & misleading consumers, they won't be so easily confused into just assuming it'll make sense once they've bought it.
I think the industry will reject palladium all by itself, to be honest, but sometimes it's best to squash these things before they get a chance to start.
The imaginary day in the not-too-distant future is described at the GNU web site.
Give this man a teddy-bear, he hit the target right on. What do you people think the purpose of the X-Box was in the first place? The X-Box is simply the first step. The X-Box + 1 will be none other than the MICROSOFT PC. DRM to the hilt, and only Windows can be run on it LEGALLY. And microsoft will push this over the 'traditional' PC...why? Because they can fulfil their dream of COMPLETE CONSOLIDATION.
Look at MS's plans for the X-Box + 1...a full PVR and DVD multimedia extravaganza! What a great way to sucker people into buying it...the public is already drooling for DVD's, why not offer an integrated PVR as well? It'll sell, and it'll sell very well, with the full backing and support of the alphabet-acronym media groups.
With all these Linux companies, why can there not be a Linux PC or at least one that is not built around this new security hardware? Just because some of the industry heavyweights are behind it does not mean that all air will be pushed out of the room. Consider purchasing chips from Motorola and putting together motherboards based on the specs that IBM release a couple years back. BeOS use to run on it's own Be Box which was all custom hardware.
I for one would be happy to have a Linux PC made by VA, AlienWare or even Dell if they produce good hardware which works well with Linux.
Besides, who needs the hardware to do the security work? Sure you can use cipher/cryptography acceleration in hardware, but you do not have to be dependent on it. What Microsoft will find is they put all this work into a system which is still insecure because they still have a front door with holes through it. How long before a macro shares your private key with everyone on your Outlook Express mailing list. And when there is a hole that is found, do I now have to install a firmware update? That does not sound reasonable.
This sounds like a joke, but Microsoft is known for making these mistakes. They even released the Nimba virus on their Korean distribution of their development suite.
So instead of complaining that Microsoft, Intel and AMD are going to ruin the world for Linux, go out and build a business on better hardware which does not lock you into Microsoft. A modern BeBox similar to an Apple G4 system would be quite welcome as a Linux or FreeBSD system on my desk.
Redhat and the new Linux partnerships should put their resources together and actually produce something, instead of more spin on Linux. Make something significant.
Brennan Stehling - http://brennan.offwhite.net/blog/
Even Mom and Pop PC shops are in on these shenangins (one of my old favorites is now becoming a 'technology consulting firm'). If Microsoft tells them to jump, you bet they'll follow..the same goes with small hardware makers like D-Link and Intel.
In a world of increasingly proprietary hardware, the only solution is buying from a company you can trust. I would suggest a Sun box or Mac for your next PC...or you'll probably have to do a lot of hacking just to get it to play MP3s.
(-1, Raw and Uncut is the only way to read)
I was surprised to see that somebody didn't pick up on Cringely remarks here, seeing as they support the enlightened opinion of skepticism of Microsoft, and document how Palladium is using Microsoft's security weaknesses as an excuse to make all internet technology closed proprietary Microsoft Technology.
A fairly damning read, and it lays it all out
The Microsoft solution to the problems caused by Microsoft is to give control of everything to Microsoft.
Usually, I thought the answer was to remove the sdource of the problem, not to strengthen it.
2002-06-29 01:24:55 Cringely On Palladium (articles,news) (rejected)
"It is a greater offense to steal men's labor, than their clothes"
I believe that "that story [the poster] read somewhere" was Richard Stallman's "dystopian short story" The Right To Read. I'd recommend giving it a gander, as it appears RMS was remarkable prescient: his story was published five years ago in the Communications of the ACM.
[
Uh... if you don't want this Palladium, and other up-and-coming tools of the devil, why not stick with what you have? The frenzy of the switch from Win3.1 is over - mostly. I actually know some people who still use it. It works. I think - and hope - the public has discovered that buying the Latest Version doesn't necessarily help anything, and can be a royal pain in the ass. I believe we're reaching a point where consumers will demand that these Wonderful New Versions are worth their time and energy. Perhaps they won't be spoon-fed whatever crap MS spits out.
My 2 cents.
"Would it kill you to put down the toilet seat?" -- Maya Angelou
A DIVX disc didn't had any additional content not available on a regular DVD. Maybe a DIVX-only title here and there, but nothing that will make you buy a DIVX, just so you could get something extra.
But Palladium does offer something: if you want to run new, Palladiumised software, you'd have to install a supported OS. You might get a discount if you use your Palladium-wallet(TM) to buy stuff online.
You will lose some privacy and freedom, but most users won't care, since they'll get some glitter in return. Look at WinXP: (almost) nobody cares about the activation.
However, I don't think Palladium will be mandatory. Intel and AMD does not care which OS you run: all they care is that you use their chips to run it. And if their boards will be restricted to running only Paladium-authenticated software, I'll just pay a bit more to get another machine - Linux is supported on many platforms.
Same goes for big online retailers: they'll have an SSL site and Paladium site, to get all the sales they can.
However, you'd probably need Paladium-certified OS to run a Paladium-certified site, thus we might see lots more of Windows based servers (I guess Intel and AMD would like that too, as they could sell more chips).
Unless, people will care for their privact all of a sudden. This might happen: after all, in theory, hell might freeze.
In the midst of all this, I can't help wondering about Apple. They just started their hardcore 'www.apple.com/switch' campaign with TV ads where people talk about how they switched away from their 'horrid little PCs.' Maybe the timing was not by accident. Perhaps they are trying to gain critical mass so they can facilitate a mass switch at the time they estimate Palladium hardware will appear in real machines.
The strategists at Apple must be following this news very closely -- they are probably working on their strategy right now. Rip/Mix/Burn is probably only the beginning. I expect that they will try to equate MacOS with Freedom while Windows == The Borg or something similar.
Yes, Steve Jobs is licking his lips right now. He and his team are laying the foundations right now in preparation for a possible mass exodus from windows, wanting to make sure Apple's arms are waiting and open and they have critical mass in users so popular opinion and word of mouth will divert former Windows users onto MacOS. (I certainly think that this is more likely than a mass exodus into Linux!)
I think that things are gonna get interesting.
someone posted a reply faster than me, but i already wrote all this so here it is.
the question isn't about being able to use linux. it is about being able to connect to things through linux. if your OS does not use the TCPA device it can still use the rest of the computer. but if in order to get access to media files you need something from that device, you cannot use those media files. this is not limited to media / content, but could conceivably be used to authenticate anything. software patches, websites, webstores, email, etc could all potentially be infected with palladium.
where linux loses is that it is built from source. only binaries will be signed, and signing will likely cost money. it isn't really that difficult to understand.
since not so many people use Linux in proportion to Windows users, the minority is screwed if the majority is tricked into accepting this "great" technology. islands of linux users will probably survive, but they will be segragated from the other 91% of PC owners running Windows.
so yes, you can still use Linux if Palladium gets broad implementation. but you won't be able to use it for all of the same things you can now.
there doesn't need to be a great use for Palladium itself in order for it to be widely implemented. all there needs to be is some "great new" form of content that is only available in a Palladium limited, er i mean enhanced, format.
you probably shouldn't have read this.
Disclaimer: opinion follows. Notice sig.
Once businesses change over to a Linux desktop to avoid subscription licensing fees, software lock-in, and improve interoperability (read: open standards), people will learn Linux. They will see how fast, easy, stable and simple it is to use for normal applications.
*Note: before you debate me on these points, please take the time to use a RH 7.x system with Ximian GNOME - install and usage really is simple for the avg. joe. At least it is for my family and friends.
Once employees see this, they'll want Linux at home. And the Linux desktop market will develop, much like it did with Windows in the early 90's. Wal-Mart and Fry's already sell lower-end Linux based PCs. I've heard speculation for a long time that the retailers would never sell a Linux box until a market developed.
Honestly, I don't see a feasible market at the moment, besides selling to Linux junkies like myself. Over about 95% of all desktops today are running Windows, a few percent are Macs, and even fewer (desktops, mind you, not total boxen) run Linux. Even so, Wal-Mart, a very large company, is investing in a tiny sliver of the desktop market.
Maybe they're willing to take a greater risk than many of us thought? Maybe their ITs have more insight into the future of the desktop than many of us thought? I can't find any other reason than those -- if anyone has any ideas, please say so.
One thought is that Macs are still around and don't have but a few percent. Although this is comparable to Linux, Linux is new and there is no guarantee of returned money on an investment. Mac junkies have been around for quite some time, and have continued to purchase Macs.
In either case, two years ago, I didn't think Linux was for anyone but developers. Now my mom can use it, and she's not even average when it comes to computer literacy. Linux has come so far in the last 2 years that I don't see how it can't go further. The user and developer bases are growing, and it looks like Linux is here to stay.
Stability and options have been here. Features (e.g. virtual desktops) have been here. Openness and freedom have been here. Ease of use is becoming more common, and the user base is growing. The only thing this Linux junkie sees missing is application/file-type support, but that is coming as well, and quickly.
I forsee Linux busting into the desktop market and becoming a serious contender within two years. Of course it will take time for a large change, but I think it's coming.
~Dalcius
Rome wasn't burnt in a day.
Yeah, but the DIVX rental scheme was obvious that it would cost more, not to mention counter-intuitive.
MS, I'm sure, won't do either of these with Palladium.
Always remember the city of Troy eventually fell, ironically thanks to a trojan horse.
Hate me!
Step 1: create some virtual machine (in VBasic,
for example)
Step 2: port Linux to that virtual machine...
But will it be worth it?
I'm assuming that by "commodity PC" you mean a standard x86 machine onto which you can install a non-MS x86 OS.
If the chips/BIOS are set up in such a way as to literally prevent the installation of a non-MS OS onto the bare machine, then there will be enough market demand for machines without this restriction that the market will fork. I'm not claiming that it will fork half-and-half, just that there will be enough demand in the world to create a market. The market may be too small or politically sensitive for the likes of Dell or HPAQ, but some Asian manufacturer(s) could make a good living off that market.
More likely, the existence of the extra crypto hardware can be accommodated by new designs in Linux/*BSD/etc. and might actually become quite useful to a user with complete personal control over its capabilities.
"Those who have never entered upon scientific pursuits know not a tithe of the poetry by which they are surrounded."
Yes, FUD is what we would call this story if it had come from the "enemy" (like the RIAA writing a story about a future without music or arts, because pirating has made it impossible to produce music for a living). Typical Stallman stuff. The truth, as always, will lie somewhere in the middle.
And yes, we should be ever vigilant about how our rights are possibly infringed by such technology, and Stallman does fight for a worthy cause. But personally I think the cause would be better of with the likes of him and their shrill protests.
If construction was anything like programming, an incorrectly fitted lock would bring down the entire building...
The choice between GPL-style and MS-style will be all the more pronounced when the dirty details of this plan become apparant to the people of the world. So while the US is mired in content totalitarianism, the world, in greater part, will continue to use the open methods of computer hardware/software evolution.
Your next computer may be built in bulgaria and secretly shipped to you inside a gutted bread maker..
_KhlER3L
install and usage really is simple for the avg. joe.
Installation of a Windows or Mac software package is *nothing* like on a Linux box. Flame me if you will, I just don't know what to call this expectation on the part of Linux jocks -egoism, chauvinism- but downloading and manually building a package and its dependencies, sometimes rebuilding the kernel. It's just not the same as an installshield-type GUI installer, and I won't apologize for it.
Debian comes closer on this -this is my daily system. Even though I love it, I could never, ever expect family members or non-tech friends to support their own system. If they lived under the same roof, yes, of course. But to hand somebody a CD and say, go ahead, you can replace your Windows installation, is just silly. Your typical non-tech won't make it past disk partitioning unaided.
Take, f'rinstance, video formats. Yes, there is a package now for viewing AVIs under Linux. But to get it working is another matter. And compare Mac TCP/IP versus Linux -a single, simple dialog box versus the commandline (yes, I know various distros have dialogs too, but they mostly suck, and I'm talking about Linux common denominators here.)
In order for Linux to "rule" the desktop (as many hope it will), there needs to be the same simplicity in setup, maintenance and use as its competition- MacOS and Windows. Otherwise, Linux will never get more marketshare.
Big Daddy, Johnny, Burp, Aunt Zelda, Scott, Slurp, Big Momma
...if you want to see where this is all heading.
There was an article on CNN the other day about mom and pop auto repair shops not being able to diagnose and/or repair newer cars because all the info is locked down. Even if you do lay out the big $$ for the diagnostic equipment so you can get the diagnostic data, in a lot of cases the doc for the data is not available.
Same goes for would-be hotrodders and shadetree mechanics. The hood could just as well be bolted on, there's little you can do or change without causing serious problems in some other system. Most auto engine control systems go into 'limp home' mode if you mess with them or try to fake any of the inputs.
All this seems to be doing is rasing the bar on s/w development costs, which will by definition cut out the little guys, and reduce the competition, which will reduce the progress in the long run. If this keeps up, you can say goodbye to 'mom and pop' software development.
That's all fine and good until they arrest you for having source code that even has no DRM options in in.
Oh wait, arresting you wouldn't mean much. But arresting Linus would.
Don't think that those bastards that like to call themselves congress aren't going to do something like this.
Maybe I haven't had enough caffeine today, but what's to prevent someone from using software emulation for the hardware functions in Palladium? Wouldn't this allow the security and authenticity checks (and DRM) to be circumvented?
The problem is that a PC is a general purpose computing platform. It's not a DVD player, or a CD player or even an email station. It's anything the software makes it. And it has lots of free CPU cycles these days for things like emulation. If the software never invokes the CPU functions or uses a software protocol stack instead of the hardware stacks, you can do anything you want.
You can hack the firmware (like what's been done to DVD players), you can even patch the CPU with hacked microcode. If you can't, then you need to upgrade your hardware when Palladium 1.1 comes out. And 1.2, and...
Why not simply prove that the design is faulty before it gets out of the gate?
Can You Say Linux? I Knew That You Could.
But their Macintosh-using friends (c'mon, everyone knows at least one of them) will be constantly singing praises such as "_my_ computer doesn't tell me that those media files are protected". The same will be true for guru PC users; you know, cousin "Joe" who disseminates advice to everyone will tell people to avoid certain computers like the plauge. The DRM machines may very well be established, and Dell (Gateway, HP, blah) may very well exclusivly sell DRM boxes -- but the small guys won't and the savvy buyers won't, and those people have a bunch of influence.
The wheel is turning, but the hamster is dead.
You won't be able to run software that ignores it.
Just think: who exactly will be in control of the root certificates? I can almost guarantee it won't be anyone who likes Linux.
The biggest danger I see here is that TCPA compliant hardware will eventually refuse to load anything that isn't signed directly or indirectly by one or more of the root certificates. Oh, sure, the spec right now may call for the ability to load untrusted code, with the caveat that such untrusted code won't be able to view DRM-protected files, but come on -- how long do you really think it'll be before the spec is "improved" to remove that annoying feature?
Use 'slashdot stuff' in the subject line in any email you send me if you want to get past the spam filter.