Coursey on Palladium

lrose writes "Check out this story over at ZDNet -- Microsoft is developing a secure operating system to be combined with hardware doing public key cryptography. The DRM aspect reminds me of something I read about an imaginary day in the not-too-distant future, where you can no longer install Linux on your own box because you don't have the necessary rights." Coursey's column is quite interesting, bringing a lot more of the backstory behind Palladium into public view. While geeks have been following and worrying about the TCPA, Microsoft has been working to spin the story with assorted columnists and journalists, so that when it broke it would be in the context that Steven Levy bought into hook, line and sinker: a scheme to protect you rather than one to prevent you from using your computer in unapproved ways.

too late

[WinDoze]

prevent you from using your computer in unapproved ways

I already have a wife to do this for me.

Re:too late

[Skevin]

Think a moment about your comment: Microsoft sets you up with an SO who will prevent you from using your computer in ways they do not like. Cool huh?

That would mean she not only prevents you from using Linux (or FreeBSD or whatever), but she also prevents you from associating with uncertain "undesirable influences" (aka friends) or even going to Defcon.
Furthermore, it couldn't possibly be cost effective for Microsoft. I just took a recent survey of hot-looking women in a local Starbuck's, asking, "Would you date me for a hundred bucks?" This response is always followed by a resounding "No!" or "Do I look like a cheap slut to you?" However, changing the dollar amount to one million dollars often elicits the phrase, "Hah hah, yeah, sure OK.... if you *did* have a million dollars." Therefore, we can conclude that a woman will date me^h^h a geek for one million dollars.
Let's assume it takes a geek 30 dates to reach SO status - that would translate to a $30 million girlfriend.
Now, let's look at Microsoft's emergency fund: $30 Billion. That's only enough to bribe 1000 unsuspecting women to carry on an ongoing semi-permenent relationship with us.

Then again, being Microsoft, they could make this cost effective by following their normal business strategy:
- One SO must be shared amongst several geeks. (Sloppy Sevenths, anyone?)
- You will never come home to the same girlfriend twice, because they keep swapping out with each other. The parent company informs you that they're simply upgrading you to MS Significant Other 4.0, whether you want to or not.
- Even if she is consistent, her presence is your home will present a serious security liability; she'll let anyone in.
- All her ports will be open to anyone who wants access.

Before long, she'll be replaced by MS Significant Other XP, who:
- Must call home the moment she arrives at your pad.
- Must call home again if you change your furniture or decor or bathroom reading.
- Becomes totally unresponsive to you if she can't call home.
- Reserves to right to tell you that your lifestyle is so improved that she wants more money.

(Come to think of it, I *did* date someone like that.)

Solomon

Interesting

[wiredog]

Other than Levy, I haven't seen anyone saying that Palladium is even likely to be a good thing. The best people seem to hope for it is that it won't be terrible, and that consumers will avoid it the way they did DIVX.

Which they can. If new systems come Palladium-enabled, don't buy them. Unless you're a hardcore gamer, what would you need an 8GHz system with 2gb ram and 1tb hard drive for anyway?

Re:Interesting

[bravehamster]

what would you need an 8GHz system with 2gb ram and 1tb hard drive for anyway?

3d porn?

Re:Interesting

[DoctorGrim]

Well eventually we're going to have to upgrade right? And even if you try and build your own computer, I thought there was something about AMD and Intel making deals with Microsoft to build this copyright stuff right into the chip? Then again, I could be wrong.

Re:Interesting

[aredubya74]

The problem with this thinking is that many American consumers remain entirely ignorant about what's under the hood as far as their OS is concerned. From Windows 3.11 to Windows XP, if it came on the PC, it was called "Windows", and it just sort of was there. Thus, if PC retailers buy in to Palladium, the vast majority of consumers will pick it up too. MS will get their cash, the [RI||MP]AA will get their DRM-based OS, and a lot of folks will get screwed in the process.

Rest assured, those of us that build our own systems will rely on Linux and non-DRM'ed Windows (if available). But for the masses, they take what they get, and they use it.

Re:Interesting

[Dalcius]

I thought there was something about AMD and Intel making deals with Microsoft to build this copyright stuff right into the chip?

You're right. That's the TCPA issue, and what scares me is that Senator Fritz from CA is trying to make this law.

I don't think it'll happen, but they're trying, which is why we must be vigilant.

Re:Interesting

[wiredog]

But that's what people said about the 'inevitable' success of DIVX! That American consumers cared not for the underlying tech, and would buy it if it was offered!

They didn't buy it.

Re:Interesting

[Jucius+Maximus]

"The problem with this thinking is that many American consumers remain entirely ignorant about what's under the hood as far as their OS is concerned. From Windows 3.11 to Windows XP, if it came on the PC, it was called "Windows", and it just sort of was there. Thus, if PC retailers buy in to Palladium, the vast majority of consumers will pick it up too. MS will get their cash, the [RI||MP]AA will get their DRM-based OS, and a lot of folks will get screwed in the process."

In the midst of all this, I can't help wondering about Apple. They just started their hardcore 'www.apple.com/switch' campaign with TV ads where people talk about how they switched away from their 'horrid little PCs.' Maybe the timing was not by accident. Perhaps they are trying to gain critical mass so they can facilitate a mass switch at the time they estimate Palladium hardware will appear in real machines.

The strategists at Apple must be following this news very closely -- they are probably working on their strategy right now. Rip/Mix/Burn is probably only the beginning. I expect that they will try to equate MacOS with Freedom while Windows == The Borg or something similar.

Yes, Steve Jobs is licking his lips right now. He and his team are laying the foundations right now in preparation for a possible mass exodus from windows, wanting to make sure Apple's arms are waiting and open and they have critical mass in users so popular opinion and word of mouth will divert former Windows users onto MacOS. (I certainly think that this is more likely than a mass exodus into Linux!)

I think that things are gonna get interesting.

Re:Interesting

[TheTrunkDr.]

You also had the choice when buying the DVD player at the time, if the only option when buying a new DVD player was DIVX, people would have bought it. We were also lucky we got away from it because it was a new and expensive technology and the people who were buying it were technophiles that knew what they were buying did the research, and knew what DIVX was all about. This isn't going to be the case with an already existing product (PC's). They're already cheap, and purchased by the masses who don't do the research don't know what they're buying or what it can really be used for. If you're in the market for a PC and don't really know what you want/need or what's available, you're going to end up with the latest windows. PC's don't have a small niche well informed market to insolate the users, the way DVD players did back in the day.

Re:Interesting

[sconeu]

Just a comment. Sen. Fritz is from Disney^H^H^H^H^H^HSouth Carolina.

Of course, Feinstein is also a whore for Disney, but at least Disney is in her state.

Re:Interesting

[Surlyboi]

3d porn?

Kinda gives a new meaning to "First Person Shooter" too...

Well, not really, now that I think about it...

Re:Interesting

[drix]

It's a safe bet that the majority of American consumers will always be ignorant of what's under the hood as far their OS is concerned. But that doesn't imply that they are ignorant of what their OS does for them. My Dad, who would be none the wiser if computers "under the hood" were constructed of gelatin and plywood, is nevertheless completely enamoured with his ability to download MP3s off of Kazaa (Lite, of course), rip CDs, and send cool songs to all his loving children. Right now I'm teaching him all about DivX. Take that away from him and he's going to be pissed, and, knowing my dad, you can be damned sure he's going to vote with his dollars for the non-DRM product. I'd say most novice users are the same way; in fact, I'd even go so far as to say that non-techie users are going to raise a lot more hell when MS takes away all their fun. I find that many of my nerd friends are rather apathetic when it comes to these control measures, since by and large they are easily circumvented if you know where to look. We all screamed bloody murder when XP "Product Activation" was introduced. But rather than boycotting the product, I have a feeling a lot of us just found out how to crack it (or, worse, caved in a activated), and went about our merry way.

Re:Interesting

[MrResistor]

He and his team are laying the foundations right now in preparation for a possible mass exodus from windows

I certainly hope so.

Palladium would be enough to finally push me over to Apple (for hardware, anyway). So far it's been my roll-your-own nature that's kept me on x86. I like to play with hardware, and Apple has always been reticent in that regard (for good reasons, which I understand, but I am not in that market).

However, If I'm forced to choose between building my own system and using Linux, I'll choose Linux. If that means I pay more for the hardware, so be it.

The x86 platform has been so successful precisely because it has been so open. It would be ironic if Lords of x86, wcich have derived so much wealth from that openness, were to kill it by trying to close it.

Re:Interesting

[VValdo]

But that's what people said about the 'inevitable' success of DIVX! That American consumers cared not for the underlying tech, and would buy it if it was offered!

I think the differences are:

1. There was a well-marketed alternative.
2. DVD was a new technology in general. It was not part of a migration path from older technology.
3. Microsoft was not behind DivX.

W

Re:Interesting

[CynicTheHedgehog]

I don't know of many people that buy computers without consenting someone they consider to be a little bit knowledgeable about them. I've been called on scores of times to determine what's a good deal, whether or not needs will be fulfilled, and what brands to look for or avoid. A lot of times I point people to Dell or Gateway, depending on their needs and budget, and for the most part they are happy. However, if Palladium comes to fruition I will tell them to avoid OEM boxes like the plague.

The same applies in the corporate atmosphere. If you're ever under pressure to put in a Palladium compliant server system, simply show the higher ups how many customers they will be shutting out and how much it will cost them in lost revenue, not to mention licensing fees for the software and hardware. That, and heaven forbid the hardware component be compromised by some disgruntled ex-employee in the future.

There may be a day when having a Palladium compliant box may be more beneficial than not having one, seeing as how content could conceivably be closed off to those who don't. Hopefully the people with the know-how will steer away those who don't know any better, and we can avoid that scenario.

Re:Interesting

[jaavaaguru]

If having DRM in the hardware and forcing the OS to comply will be law, why not make all precomipled linux distros fit in with this. If someone so wishes, they could check the source out of CVS and compile it with -DNODRM as an option and miss out on the crappy standard. That way Average Joe, who downloads pirated MP3's and doesn't know how to compile his own OS still won't be able to play them. Simple.

Re:Interesting

[MythosTraecer]

The x86 platform has been so successful precisely because it has been so open. It would be ironic if Lords of x86, wcich have derived so much wealth from that openness, were to kill it by trying to close it.

You know, I can't help but remember that IBM was once one of the "Lords of x86." Then, they tried to close the PC with MicroChannel Architecture, and because of that, they fell. Now, they can't keep their PC business going for any length of time. I can only hope history repeats itself here.

Re:Interesting

[JWW]

That's all fine and good until they arrest you for having source code that even has no DRM options in in.

Oh wait, arresting you wouldn't mean much. But arresting Linus would.

Don't think that those bastards that like to call themselves congress aren't going to do something like this.

Re:Interesting

[Anarchofascist]

I think that things are gonna get interesting.

Better than getting totalitarian, I guess.

Re:Interesting

[Anarchofascist]

But for the masses, they take what they get, and they use it.

The masses are hard to educate, but as a herd they can be scared pretty easily.

Don't bother trying to explain, just say "todays computers will be made illegal" or "you can't play MP3s on computers in the future". If questioned how this can be, try starting with "I'm a computer expert, trust me." As a computer nerd, the temptation is always to explain how things work first, and allow the audience to use their brains to work it out for themselves.

Joe doesn't think that way.

Re:Interesting

[ink]

This isn't going to be the case with an already existing product (PC's). They're already cheap, and purchased by the masses who don't do the research don't know what they're buying or what it can really be used for. If you're in the market for a PC and don't really know what you want/need or what's available, you're going to end up with the latest windows. PC's don't have a small niche well informed market to insolate the users, the way DVD players did back in the day.

But their Macintosh-using friends (c'mon, everyone knows at least one of them) will be constantly singing praises such as "_my_ computer doesn't tell me that those media files are protected". The same will be true for guru PC users; you know, cousin "Joe" who disseminates advice to everyone will tell people to avoid certain computers like the plauge. The DRM machines may very well be established, and Dell (Gateway, HP, blah) may very well exclusivly sell DRM boxes -- but the small guys won't and the savvy buyers won't, and those people have a bunch of influence.

Re:Interesting

[krmt]

Sure, the Mac will be one way out, but most people won't be willing to switch. Linux may be really ready for everyone by that point (I think it's ready for most people, but not everyone yet). But for those who want to run windows and are scared to learn something new, they won't have any options. Remember, the decoding hardware will be on the CPU itself, not some add-on IC or something in the motherboard. You're not going to be able to avoid the hardware in a clone PC, and the only way to get around it potentially is to run software that ignores it. Windows will not ignore it.

Linux had better be fully ready for the desktop by that point.

Re:Interesting

[kcbrown]

Remember, the decoding hardware will be on the CPU itself, not some add-on IC or something in the motherboard. You're not going to be able to avoid the hardware in a clone PC, and the only way to get around it potentially is to run software that ignores it.

You won't be able to run software that ignores it.

Just think: who exactly will be in control of the root certificates? I can almost guarantee it won't be anyone who likes Linux.

The biggest danger I see here is that TCPA compliant hardware will eventually refuse to load anything that isn't signed directly or indirectly by one or more of the root certificates. Oh, sure, the spec right now may call for the ability to load untrusted code, with the caveat that such untrusted code won't be able to view DRM-protected files, but come on -- how long do you really think it'll be before the spec is "improved" to remove that annoying feature?

Re:Interesting

[kcbrown]

But their Macintosh-using friends (c'mon, everyone knows at least one of them) will be constantly singing praises such as "_my_ computer doesn't tell me that those media files are protected".

Which is why you can bet something like S.2048 will pass at roughly the same time ... then people with Macs won't be able to say that.

Re:Interesting

[iankerickson]

But their Macintosh-using friends (c'mon, everyone knows at least one of them) will be constantly singing praises such as "_my_ computer doesn't tell me that those media files are protected".

No. You're right that Mac users will take DRM as an opportunity for a little evangelism. But Microsoft's plan is to lobby Congress, probably under the veil of another media group (like RIAA), to mandate that all computers sold in the US will required hardware and software compliance with DRM. It would not be impossible, in this new era under UCITA, for them to attempt a retroactive mandate, where even the computer you currently own has to get a PCI/ISA card and a OS "upgrade" to add DRM compliance, especially if you make it illegal to connect to the internet without DRM compliant gear. The Information Super Highway Patrol will pull you over and make you recite the ASCII character set backwards or get a knock on the door from your local jurisdiction officials for a little "inspection" with all kinds of probably cause. Of course it's a stupid idea for all kinds of good reasons, but that's never stopped lobbyists or ambitious politicians in the past.

Re:Interesting

[ink]

But Microsoft's plan is to lobby Congress, probably under the veil of another media group (like RIAA), to mandate that all computers sold in the US will required hardware and software compliance with DRM. It would not be impossible, in this new era under UCITA, for them to attempt a retroactive mandate, where even the computer you currently own has to get a PCI/ISA card and a OS "upgrade" to add DRM compliance, especially if you make it illegal to connect to the internet without DRM compliant gear. The Information Super Highway Patrol will pull you over and make you recite the ASCII character set backwards or get a knock on the door from your local jurisdiction officials for a little "inspection" with all kinds of probably cause. Of course it's a stupid idea for all kinds of good reasons, but that's never stopped lobbyists or ambitious politicians in the past.

Perhaps you are correct, but you must admit that it _would_ require governmental mandates in order for Palladium to come off "successfully". Look at how long it's taken WIPO to permiate the world's governments (many still haven't ratified it!); by the time another 10 years have passed since mandated DRM (they haven't even started yet) ripping video will be as common as ripping audio is today. People will take for granted that they can record digital television to their hard disks without breaking the law.

I just don't see it happening. We still have to be on the lookout for schills like Senator Hollings, but we were hardly lacking support in opposition to his whoring legislation (I even read an op-ed piece in Sound+Vision decrying the rights of digital artists!). In short: people won't put up with this, people are not all ignorant boobs, and people ultimately control the government -- despite what the government would have you believe.

Re:Interesting

[pi+radians]

given Microsoft's investment in the company?

What investment? The one from five years ago, which Microsoft no longer has? Apple (last month actually, is when the agreement ended) is once again free from MS's "grip".

Apple has already shown what they think of DRM. They put stickers on their MP3 players not to steal music. They will always do as little as possible.

Add on Card

[nairnr]

I think it would make more sense if such a hardware crypto device would be viewed as such -- a device. The computer is not "self aware", If you were to install another OS on it, and it didn't have a driver for it then you won't be able to take advantage of the device. Just as if you have a video card that supports 3D acceleration but you don't have the proper driver. You can still view stuff but can't take advantage of the extra functions.

Re:Add on Card

[Dimensio]

The problem there is that some people might not use those devices and then Microsoft and "content owners" would not be able to control those computers.

Re:Add on Card

[subgeek]

someone posted a reply faster than me, but i already wrote all this so here it is.

the question isn't about being able to use linux. it is about being able to connect to things through linux. if your OS does not use the TCPA device it can still use the rest of the computer. but if in order to get access to media files you need something from that device, you cannot use those media files. this is not limited to media / content, but could conceivably be used to authenticate anything. software patches, websites, webstores, email, etc could all potentially be infected with palladium.

where linux loses is that it is built from source. only binaries will be signed, and signing will likely cost money. it isn't really that difficult to understand.

since not so many people use Linux in proportion to Windows users, the minority is screwed if the majority is tricked into accepting this "great" technology. islands of linux users will probably survive, but they will be segragated from the other 91% of PC owners running Windows.

so yes, you can still use Linux if Palladium gets broad implementation. but you won't be able to use it for all of the same things you can now.

there doesn't need to be a great use for Palladium itself in order for it to be widely implemented. all there needs to be is some "great new" form of content that is only available in a Palladium limited, er i mean enhanced, format.

...and Cringeley

[Otter]

Not worth a story of its own, but Robert Cringeley brags in this week's column that Palladium is the Microsoft attempt to replace TCP/IP that he was predicting a year ago.

Re:...and Cringeley

[jht]

I don't think he predicted this exact scheme, but he was spot-on about the general idea, I think.

Remember, IE wasn't the "standard" until one day we all woke up and Netscape's market share had vanished thanks to bundling. If MS makes every Windows client behave just a little bit differently from the norm and pushes it out there, one day we'll wake up and the entire Internet will be a MS-only world.

It's the same with hardware. When your software drives over 90% of the desktops in the world, if you build software that is symbiotic with validated "trusted" hardware the hardware vendors will design for it. Your typical motherboard vendor could care less if Linux runs or not - they want the portion of the market that runs Windows. They'll do what it takes to get that vaunted Windows seal on their box.

done already isn't it?

[Bazman]

On the X-box? You can only run signed programs. Modifying the X-box is a circumvention of a device that's illegal under the DMCA. All Microsoft has to do is port Office and IE to the X-box and voila. Dump Windows and get the masses using X-boxen for their secure and safe computing needs....

Baz

Re:done already isn't it?

[rnturn]

See this link. Or are you the grammar Nazi?

Re:done already isn't it?

[gilroy]

Blockquoth the poster:

X-BOXES The plural of box is boxes, not boxen.

Well, according to The New Hacker's Dictionary, we have

boxen /bok'sn/ pl.n. [very common; by analogy with VAXen] Fanciful plural of box often encountered in the phrase `Unix boxen', used to describe commodity Unix hardware. The connotation is that any two Unix boxen are interchangeable.

So depending on your geek level, the plural of "box" is "boxen". :)

Re:done already isn't it?

[gol64738]

i disagree. in order for your comment to be correct, one would have to say, 'XBox boxen'. otherwise, one could say Xboxes or possibly even XBoxs.

life on the net in 2004

[Jucius+Maximus]

"The DRM aspect reminds me of something I read about an imaginary day in the not-too-distant future, where you can no longer install Linux on your own box because you don't have the necessary rights."

That would be this article linked to from slashdot some weeks ago. It is beginning to sound like the voice of prophecy.

Nice on-line FAQ for TCPA/Palladium

[Jabroni54]

Snipped from an e-mail at work.....

TCPA / Palladium Frequently Asked Questions

Version 0.1 26 June 2002
Ross Anderson

1. What are TCPA and Palladium?

TCPA stands for the Trusted Computing Platform Alliance (TCPA), an initiative led by Intel. Their website is here. Their stated goal is `a new computing platform for the next century that will provide for improved trust in the PC platform.' Palladium appears to be a Microsoft version which will be rolled out in future versions of Windows, will build on TCPA hardware, and will add some extra features. The Palladium announcement appears to have been provoked by a paper I presented on the security issues relating to open source and free software at a conference on Open Source Software Economics in Toulouse on the 20th June. This paper criticised TCPA as anticompetitive. This has been amply confirmed by new revelations over the past few days.

For the rest:

TCPA/Palladium FAQ

Re:Nice on-line FAQ for TCPA/Palladium

[rnturn]

Ross Anderson's paper should be required reading. But then that's just my HO.

Just what is so untrustworthy of the PC platform? NOTHING! The platform itself is just fine for what it is supposed to be. It's the software that makes it untrustworthy. Or the people managing that software (who allow breaches through social engineering to occur). So adding a new bit of hardware is going to protect us from irresponsible people?

IBM's computers are not considered untrustworthy. Is it because of special security hardware? NO. It's because the operating systems are written with security in mind from the beginning and not bolted on afterwards. Similarly, other platforms have been considered trustworthy without requiring custom PKI hardware. Wasn't it a system running VMS that resisted all attempts to crack it at the last Defcon? No special security hardware is part of an Alphaserver.

Why has security, all of a sudden, become a hardware problem. Well, Microsoft tries to paint the PC platform as insecure and untrustworthy in an attempt to divert attention from the fact that it's been their software that has been the reason for all the security breaches. The hardware vendors go along with this because of the lure of future CPU and systems sales. IMO, the purpose of Palladium (and TCPA) is to solve an economic problem for some software and hardware vendors.

Remember, Microsoft decided that the best way to deal with the security problems with their software was to hire a lawyer to be their chief security honcho and not someone with extensive credentials in computer security. Rather telling, eh?

When They OutLaw Free Operating Systems

[0-9a-zA-Z_.+!*'()123]

Only Outlaws Will Have {Free|Net|Open}BSD/Linux.

imaginary day

[morningstar8]

The imaginary day in the not-too-distant future is described at the GNU web site.

Trusted Computing

[gowen]

Remember, Trusted Computing means that large corporations get to trust your hardware because they don't trust you...

Inability to install linux

[zapf]

Where in this article, or the previous articles, does it say that the hardware would not let alternative operating systems be installed? Will only operating systems that use the key embedded into the hardware be "allowed" to install? And if so, how the hell can they accomplish this? It seems like if you can install linux or an older version of windows without using the public/private key stuff then it isn't as much the horrible linux-killing initiative some make it out to be. I'm not trying to troll, flamebait, etc., I'm just curious.

Re:Inability to install linux

[elmegil]

Cringley's article (referenced in a couple other responses) notes that the encryption will have to apply to the networks stack as well, in order to be effective. Which he says will effectively transition us from TCP/IP to Palladium/P and make it difficult if not impossible for Linux and others who do not/cannot affort do license the stack from M$ out in the cold on the internet.

Whether this is a reasonable belief, I leave as an exercise to the reader. I am not going to endorse or refute it here.

Re:Inability to install linux

[medcalf]

Because this project includes changing the computer hardware to include a PKI chip, it is possible to design the hardware such that it will not boot at all without a Palladium-enabled OS. It is possible to design the hardware such that all of the data on the hard drive is encrypted (transparently, in the background) and even removing the hard drive to a non-Palladium computer won't get you the data. Indeed, moving the hard drive to a different Palladium computer won't get you the data.

Re:Inability to install linux

[rnturn]

``So, it is possible that GPL software could get authorization to run on this platform,...''

But... remember that Microsoft has a patent applied for (awarded?) for an operating system with DRM built-in. What are the odds that they'll let a competitor sell or distribute a similar product? IMHO, slim to nil.

Re:Inability to install linux

[Yankovic]

No. You will be able to install Linux. It is unlikely, however, that Linux will support this feature. You're not required to use the feature, even in Windows, unless the creator of the content requires it.

Re:Inability to install linux

[gillbates]

An easy way to kill Linux would be to create a hardware BIOS that detected the OS installed and refused to boot if it wasn't Palladium Windows.

Think this is impossible/implausible? Compaq did this very thing a few years ago with their midrange server and Windows NT - if you didn't use Compaq's version of Windows NT, the BIOS would hang the machine. This was intentional, as you could buy Windows NT from Microsoft at the time for less than Compaq was selling it.

But another insidious way to get Linux users is for Microsoft to make a deal with computer manufacturers that requires the computer makers to install a small part of the Palladium Windows into the BIOS. This way, if you don't agree to the Microsoft EULA, your hardware won't boot any OS.

Palladium will die

[Jucius+Maximus]

Palladium will die because it forces every company aside from Microsoft to be reliant on MSFT for public key certification to their code will be 'trusted' on Palladium equipped systems. MSFT can charge whatever they want and engage in all preferential pricing and authorsations and delay the consequences for decades through appealing lawsuits and the like.

The industry knows this and it will turn every company out there except perhaps AMD and Intel who would make the chips against MSFT. No company wants to be dependent on a competitor (especially MSFT) for having their software be seen as 'authorised' on systems in their target market. Even two years from now, ballmer and friends will not be strong enough to fight every other software company in the world united against them. Palladium will die, and MSFT will be pulled down with it if they cling to it strongly enough.

Re:Palladium will die

[W.+Justice+Black]

Even two years from now, ballmer and friends will not be strong enough to fight every other software company in the world united against them.

Or they will. While $40B (that MSFT has in the bank) might not be enough to buy EVERY software outfit out there, it would certainly be enough to munch up all but maybe the top five other vendors. That, or they could merge with, say, AMD after a couple of years of pseudo-merged operations (aka "partnerships").

Just because you're paranoid doesn't mean they aren't out to get you :-)

Another John Gilmore quote

[splorf]

Be very glad that your PC is insecure--it means that after you buy it, you can break into it and install whatever software you want. What YOU want, not what Sony or Warner or AOL wants.
--John Gilmore (quoted in Ross Anderson, Security Engineering p. 413)

Looks like Microsoft wants to fix that and make sure you can't control your own computer. That which is not forbidden will be compulsory.

NAZIWARE

[Yohahn]

I agree with one of the "talkbacks" to the article.

The name associated with this type of hardware/software shuold be called NAZIWARE.

The justification is the potential that it has for controlling the masses. (Just like the Nazi's did)

Promote the term. It would be a PR fiasco.

Re:NAZIWARE

[Wattsman]

Interesting idea, but according to Goodwin's Law, the first party in a discussion to mention "Hitler" or "Nazi" has lost the discussion.
I wonder if the law should be updated to include "terrorist"?

Re:NAZIWARE

[American+AC+in+Paris]

The name associated with this type of hardware/software shuold be called NAZIWARE.

...

Promote the term. It would be a PR fiasco.

Yeah. Just like the term "tree-huggers" has sooo damaged environmental groups, right? And remember all the flak feminist groups took for that ever-so-clever "Femi-Nazis" quip?

Please.

There are clever, catchy phrases that can seriously damage a group's reputation, and there are trite, sensationalist phrases that make the accusers look like a bunch of freakin' nutjobs.

Which direction do you think the term "Naziware" leans?

If you're going to fight this battle from a PR angle, at least try to come up with something slightly more clever than "Naziware".

Re:NAZIWARE

[drinkypoo]

The "Nazi" thing is totally played out. Rush Limbaugh ruined it. Besides, when you start calling people nazis when they are not nazis, you are dismissed as a reactionary.

Re:NAZIWARE

[anti-snot]

"Slaveware" would probably be more apt. It has all of the connotations, with none of the reactionary bs associated with it. And it fits.

Re:NAZIWARE

[1010011010]

How about:

Slaveware
Prisonware
Totalitarianware
Authori tarianware
BigBrotherWare
Controlware

...Beware!

Re:NAZIWARE

[Yohahn]

I think my only defense is my clairification for invoking the use of the term NAZI.

I'm not calling Microsoft Nazi's I'm calling the software/hardware arrangement NAZIWARE because it has the potential to do that kind of damage and it can control how the masses communicate.

I don't like name calling in public discourse, but the fact is that it is used. Despite the nay-sayers in this thread, it works to get peoples attention/interest.

In my opinion this problem has potential to do great damage; however, it is not given the proper attention by the average person.

I thought a bit before I posted and asked, "Do I want to be in recorded media somewhere calling something NAZI-ish?" It's not something I take lightly. I concluded that I thought the potential problem was great enough to warrent it.

In short, saying that using the word NAZI disqualifies your opinion is as bad as calling NAZI at people all the time. Indiscriminate judgement.

If you are going to use the word NAZI you have to be clear in your reasoning. That's the only way it has real meaning.

Re:NAZIWARE

[Yohahn]

I called no person a nazi

Re:NAZIWARE

[Yohahn]

I don't know where you live.. but where I live, those sorts of phrases were used alot to promote group think against those groups. It worked.

It's easy to respond to name calling when you are in a group. But there is quite an affect when you are more in the minority.

Language is a powerful thing.. be careful how you use it.

Re:NAZIWARE

[Yohahn]

Ok this is rediculous. This thread's top post just got a "-1 flaimbait", probably because it had the term NAZI in it.

How much self-censoring do people do?

I think this thread has had quite a good discussion.

The ANTI-NAZI's are facists. Sigh.

Re:NAZIWARE

[Yohahn]

have gotten another -1...
I really don't care about karma, but the whole self-censorship thing is rediculous.

I have a feeling that moderators don't always get the proper context of a comment ( or perhaps the meta-moderators don't )

The mention of the word "NAZI" does not a moderation justify.

and thats why macs failed

[Edmund+Blackadder]

Even though mac os was usually better than dos and windows, Mac's monopoly on hardware caused the computers to be expensive and new hardware features to be slowly adopted.

If Microsoft goes that route i think they will soon become as relevant as apple.

Who needs what they give us?

[Offwhite98]

With all these Linux companies, why can there not be a Linux PC or at least one that is not built around this new security hardware? Just because some of the industry heavyweights are behind it does not mean that all air will be pushed out of the room. Consider purchasing chips from Motorola and putting together motherboards based on the specs that IBM release a couple years back. BeOS use to run on it's own Be Box which was all custom hardware.

I for one would be happy to have a Linux PC made by VA, AlienWare or even Dell if they produce good hardware which works well with Linux.

Besides, who needs the hardware to do the security work? Sure you can use cipher/cryptography acceleration in hardware, but you do not have to be dependent on it. What Microsoft will find is they put all this work into a system which is still insecure because they still have a front door with holes through it. How long before a macro shares your private key with everyone on your Outlook Express mailing list. And when there is a hole that is found, do I now have to install a firmware update? That does not sound reasonable.

This sounds like a joke, but Microsoft is known for making these mistakes. They even released the Nimba virus on their Korean distribution of their development suite.

So instead of complaining that Microsoft, Intel and AMD are going to ruin the world for Linux, go out and build a business on better hardware which does not lock you into Microsoft. A modern BeBox similar to an Apple G4 system would be quite welcome as a Linux or FreeBSD system on my desk.

Redhat and the new Linux partnerships should put their resources together and actually produce something, instead of more spin on Linux. Make something significant.

Inevitable death of commodity PC

[Gizzmonic]

We're seeing the death of the commodity PC. There's just no money in it anymore, so Microsoft is coming up with this "secure" OS and strictly regulated approach to hardware in order to squeeze some more dough out. We've already seen Dell and Hpaq going down the tubes (relying on stuff like tying contracts to Dellnet, 24 hour tech support, etc to make money).

Even Mom and Pop PC shops are in on these shenangins (one of my old favorites is now becoming a 'technology consulting firm'). If Microsoft tells them to jump, you bet they'll follow..the same goes with small hardware makers like D-Link and Intel.

In a world of increasingly proprietary hardware, the only solution is buying from a company you can trust. I would suggest a Sun box or Mac for your next PC...or you'll probably have to do a lot of hacking just to get it to play MP3s.

Re:Inevitable death of commodity PC

[vegetablespork]

In a world of increasingly proprietary hardware, the only solution is buying from a company you can trust.

And (barring their joining the TCPA at some later date) that appears to be Apple at the moment.

Re:Inevitable death of commodity PC

[Citizen+of+Earth]

We're seeing the death of the commodity PC. There's just no money in it anymore, so Microsoft is coming up with this "secure" OS and strictly regulated approach to hardware in order to squeeze some more dough out.

"Commodity" generally means that there isn't much profit in an industry.

Also, RDRAM is an example of an attempted hardware hijacking of the industry (by Intel & Rambus) to de-commoditize PCs and reclaim profits on selling them. It didn't quite work out as planned.

Re:Inevitable death of commodity PC

[prisoner]

I don't think it's a bad as that. Dell, et.al., are trying to expand their revenue base (diversify if you like). Same reason GE didn't stop with making light bulbs. I do the same thing in my consulting business. Most of my customers that I do maintenance/consulting work for also use my web hosting service. It's not that I'm dying for cash, I'm trying to setup a recurring revenue stream and recurring revenue is a "good thing". No different than these guys. Well, a bit smaller scale....:)

Re:Inevitable death of commodity PC

[sedawkgrep]

Right now the market appears to be stagnating some, sure.

At some point though, probably not too far down the line, another revolution in computing will happen whereby we are more interactive with our machines. This might entail more accurate voice-recognition software, LAN/WAN seamless audio/video conferencing, who knows what.

When that happens, the rush for more storage and faster speeds will resume.

In the meantime gaming requirements will continue to push the clock cycles slowly up.

sedawkgrep

More Bad Patents.

[Picass0]

But then some smart reporters--including Michael Cherry of Directions on Microsoft (a frequent radio guest of mine) and Newsweek's Steven Levy--discovered that Microsoft had filed for a patent on an operating system with built-in digital rights management features.

Um, where in the hell does this leave everyone else? Microsoft is asking motherboard makers to include public-key crypo on the board, and Palladium by law is the only OS able to talk to the mb?

Can you say monopoly, boys and girls?

Anyone who buys into this crap should be given free knee pads.

Re:More Bad Patents.

[homer_ca]

Microsoft is asking motherboard makers to include public-key crypo on the board

Just one thing. All the motherboard makers are in Taiwan and also sell to Asian and European markets. It's possible the RIAA, MPAA, MSFT, et al have the political clout to force TCPA and Palladium on the US market, but what country in their right mind would willingly cede control to Microsoft of the crypto keys that let their computers run? I predict a healthy supply of gray-market import motherboards.

PK Crypto

[jea6]

One concern I have about widespread distributions of current technology cryptography would be reliance on crypto that is based on difficult (and theoretically complex) calculations. If the only thing that keeps public crypto safe is, for example, the difficuly of factoring, it's safe to say that advances in technology will likely render that difficulty less implausible and more accessible. As Avi said (paraphrase): I want it secret until man is no longer capable of doing evil.

Naturally, this is not an argument for an anti-crypto position. It is merely a caution for overreliance on the secure technologies of today.

I believe...

[Apreche]

Okay, here's a hypothetical situation. There is a company selling televisions (computers). And they like certaint television stations (operating systems). If I made a great television that had all kinds of fancy features, but it was biased towards certaint television stations in some way. or it did not function when VCRs of another brand were attatched to it. And this information was in the fine print and not made obvious when I purchased the television. Is that not illegal in some way?

Now if they make an operating system that is very secure, and has all kinds of fancy features. But it will not function properly depending on what I want to do with it, or it will not allow me to do what I want with it, even though it's mine. Isn't that equally illegal?

If it's not, it should be.

Fair use laws anyone?

[PierceLabs]

Last time I checked you couldn't circumvent fair use. By building a device that prevents fair use, this Trusted Computing group is creating a device that by its very nature defies the very statutes that the Supreme Court has said are legal!

Specifically there are limits to Copyrights in the following scenarios:

LIMITATIONS ON THE EXCLUSIVE RIGHTS
The copyright owner's exclusive rights are subject to a number of exceptions and limitations that give others the right to make limited use of a copyrighted work. Major exceptions and limitations are outlined in this section.

Ideas
Copyright protects only against the unauthorized taking of a protected work's "expression." It does not extend to the work's ideas, procedures, processes, systems, methods of operation, concepts, principles, or discoveries.

Facts
A work's facts are not protected by copyright, even if the author spent large amounts of time, effort, and money discovering those facts. Copyright protects originality, not effort or "sweat of the brow."

Independent Creation
A copyright owner has no recourse against another person who, working independently, creates an exact duplicate of the copyrighted work. The independent creation of a similar work or even an exact duplicate does not violate any of the copyright owner's exclusive rights.

Fair Use
The "fair use" of a copyrighted work, including use for purposes such as criticism, comment, news reporting, teaching, scholarship, or research, is not an infringement of copyright. Copyright owners are, by law, deemed to consent to fair use of their works by others.

The Copyright Act does not define fair use. Instead, whether a use is fair use is determined by balancing these factors:

* The purpose and character of the use.
* The nature of the copyrighted work.
* The amount and substantiality of the portion used in relation to the copyrighted work as a whole.
* The effect of the use on the potential market for, or value of, the copyrighted work.

But nothing in this specification speaks of how you will still be able to maintain your fair use rights. If they build it, people should proactively sue them because its a rights violation for it to exist at all.

Re:Fair use laws anyone?

[rhombic]

Fair use only prevents them from giving you legal grief for using the technology. Nowhere does the law say that they have to make excercising your fair use convenient.

It's like car stereos: Ford can't prevent me from swapping out the junk stereo they put in my car with a nice non-ford model, but if they don't put a DIN opening in the dash, it's gonne be really inconveniet for me to do so. Nobody says they have to make it easy, just that they can't sue you.

Re:Fair use laws anyone?

[Target+Drone]

Last time I checked you couldn't circumvent fair use.

IANAL but I believe fair use only applies to copyrighted works that you have purchased. Software is licensed. I believe Hollywood also considers DVDs to be software because it has a small amount of scripting on it. This means that you have to abide by the terms you and the owner of the copyright agreed to, what ever they may be. Unfortunately in the real world millions of people don't get an opportunity to negotiate the EULA (or even see it) before they purchase the product.

Re:Fair use laws anyone?

[Sloppy]

But nothing in this specification speaks of how you will still be able to maintain your fair use rights. If they build it, people should proactively sue them because its a rights violation for it to exist at all.

If you're going to do that, then you better start with creating "fair use rights" because no such thing exists, as far as the law knows.

That might be a good idea. But there's no way in hell that Congress is going to pass anything that creates fair use rights, when thay haven't even bothered to repeal DMCA. They've already taken a stand, and it's on the other side.

Re:Fair use laws anyone?

[seaan]

The topic of fair use has come up in DMCA prosecutions a fair amount. The courts have already ruled that the DMCA fair-use provision does not apply to anything (another way of saying it was a worthless provision).

At least two judges are on record saying that publishers are under no obligation to "facilitate" fair-use. In the DeCSS case it was suggested people could use VHS recordings instead of DVD to obtain fair-use rights (a truly clueless opinion, given the fact that (a) much material does not appear on VHS, and (b) the VHS tapes now have technology that prevents fair-use too). Another judge suggested that people could use a camera to take multiple still shots from a movie (forget who, it was a recent case).

This issue is the primary cause of Digital Consumer . They are trying to get fair-use protected (from laws that steal them away) and enforced (from judges like the above that don't see a proactive need to protect these rights). Given the way special interests have stolen rights and property from the public in the last 10 years, I think this is a very necessary action.

One of my biggest upcoming concerns is the fact that DRM protections won't expire when the object enters the public domain. Given the length of today's copyright terms, I guess this is only of interest to far sighted people. The same types of judges who think fair-use does not need any protection are sure to ignore the fact that material only released under DRM protection expiration will never enter the public domain unless copyright holders/publishers are forced to place it there.

Re:Cringely weighs in...

[Alien54]

Cringley has a slightly self-congratulatory comment on Palladium too.

I was surprised to see that somebody didn't pick up on Cringely remarks here, seeing as they support the enlightened opinion of skepticism of Microsoft, and document how Palladium is using Microsoft's security weaknesses as an excuse to make all internet technology closed proprietary Microsoft Technology.

A fairly damning read, and it lays it all out

The Microsoft solution to the problems caused by Microsoft is to give control of everything to Microsoft.

Usually, I thought the answer was to remove the sdource of the problem, not to strengthen it.

2002-06-29 01:24:55 Cringely On Palladium (articles,news) (rejected)

In other news today...

[Noryungi]

I still think it won't work.

Two more reasons:

• The EU still has a pending monopoly investigation on MS
• Some EU institutions may not appreciate Palladium. For instance: would you trust Microsoft with the security of your armed forces if you were, say, the Swedish (neutral country) governement?

You have to remember that this is the same company that used the ominous variable "NSA_KEY" in some of its security software... ;)

Not that I believe the NSA was responsible of this particular blunder... =)

Another reason to go to Apple and OS X

[burgburgburg]

I didn't see Apple or Motorola listed at all in the list of "partners" involved at trying to foist this plan on the world.

Seems another reason to switch

"That story you read somewhere"

[cananian]

I believe that "that story [the poster] read somewhere" was Richard Stallman's "dystopian short story" The Right To Read. I'd recommend giving it a gander, as it appears RMS was remarkable prescient: his story was published five years ago in the Communications of the ACM.

So what? Go to non-WinTel hardware

[rhombic]

Kinda makes mac hardware with yellow dog or OS X seem like an attractive prospect, huh?

Re:Failure to market

[scott1853]

Actually I would think that there are some motherboard manufacturers out there that would give us a nice little BIOS switch to turn it on and off. Hell, my last Gigabyte board came with a Windows utility to overclock it (never worked but it was a nice try).

Other hardware vendors aren't going to incorporated that code into non-updatable hardware chips. It'll either be software or the chips will be flashable. In either case somebody will hack it.

Mandatory Upgrades?

[simetra]

Uh... if you don't want this Palladium, and other up-and-coming tools of the devil, why not stick with what you have? The frenzy of the switch from Win3.1 is over - mostly. I actually know some people who still use it. It works. I think - and hope - the public has discovered that buying the Latest Version doesn't necessarily help anything, and can be a royal pain in the ass. I believe we're reaching a point where consumers will demand that these Wonderful New Versions are worth their time and energy. Perhaps they won't be spoon-fed whatever crap MS spits out.

My 2 cents.

Re:Mandatory Upgrades?

[Salsaman]

If that was the case, then why would anybody be using WinXP ? They'd all be sticking with 95/98.

Think about how and why people have 'upgraded' to XP.

But what if...

[ShaunDon]

Alright, it's simple, we DON'T have to upgrade to Palladium... but Microsoft has a way of incorporating *just enough* (except in the case of ME) incremental improvements to make it worth our while. What if this is the watershed Windows platforms that finally delivers on all its promises? Across the board, including security? I'm afraid far too many people, people who even ordinarily would know better, might be enticed by that. But seriously. This definitely warrants a serious grass-roots counter-PR campaign. I'm certainly game. *grin*
ShaunDon
"I swear I way more than half-believe it when I say that somewhere love and justice shines" - The Weakerthans

As long as my current batch of machines run...

[night_flyer]

I dont care. I will NOT switch to their new scheme, just as I will NOT upgrade to XP. Win2k and Win98SE do the job just fine. I have enough games to keep my entertained for years. If it ever gets to the point where I "have" to get a new game machine, Ill get a console.

Microsoft Patent

[Target+Drone]

Here's a link to the patent mentioned in the article. For those that just want the jist of it here's the abstract.

A digital rights management operating system protects rights-managed data, such as downloaded content, from access by untrusted programs while the data is loaded into memory or on a page file as a result of the execution of a trusted application that accesses the memory. To protect the rights-managed data resident in memory, the digital rights management operating system refuses to load an untrusted program into memory while the trusted application is executing or removes the data from memory before loading the untrusted program. If the untrusted program executes at the operating system level, such as a debugger, the digital rights management operating system renounces a trusted identity created for it by the computer processor when the computer was booted. To protect the rights-managed data on the page file, the digital rights management operating system prohibits raw access to the page file, or erases the data from the page file before allowing such access. Alternatively, the digital rights management operating system can encrypt the rights-managed data prior to writing it to the page file. The digital rights management operating system also limits the functions the user can perform on the rights-managed data and the trusted application, and can provide a trusted clock used in place of the standard computer clock.

Re:Microsoft Patent

[netik]

1. Aim Video Camera at Screen.

2. Press Record.

3. Digitize Video.

4. Put video on Internet.

Why bother with DRM? It's a waste of time and the proverbial cat is out of the bag.

Even David Coursey?!

[jejones]

It's actually pretty amazing to see such a MS toady as David Coursey (his column on "My Dinner with Bill" is useful either for laughter or antiperistalsis, depending on how you feel at the time) coming out with a column like this. Does anyone questioning Palladium have the kind of public forum that Levy has with Newsweek, though?

Re:What about Sony?

>The difference here is that Sony != Microsoft, and therefore doesn't get as much bad press here.

And Sony's box doesn't use Digitally Signed executables.

Rather, they just check the disc for authenticity through a corrupted TOC and such.

There's a big difference between the two, and that's why hacks for the PS/2 were available immediately, starting with serial number 1 (the first 1000 PS2s came with some utility disc that, if swapped with a burnt copy of a game at the right time, would allow you to play the CDR).

it's not a technical issue -- it'd just be illegal

[MenTaLguY]

And of course because Linux coders are such fucking morons, they could never ever be able to program a boot loader to work within the hardware system.

Not legally, no. Microsoft holds patents on the methods necessary to do this.

Linux and the desktop front

[Dalcius]

Disclaimer: opinion follows. Notice sig.

Once businesses change over to a Linux desktop to avoid subscription licensing fees, software lock-in, and improve interoperability (read: open standards), people will learn Linux. They will see how fast, easy, stable and simple it is to use for normal applications.
*Note: before you debate me on these points, please take the time to use a RH 7.x system with Ximian GNOME - install and usage really is simple for the avg. joe. At least it is for my family and friends.

Once employees see this, they'll want Linux at home. And the Linux desktop market will develop, much like it did with Windows in the early 90's. Wal-Mart and Fry's already sell lower-end Linux based PCs. I've heard speculation for a long time that the retailers would never sell a Linux box until a market developed.

Honestly, I don't see a feasible market at the moment, besides selling to Linux junkies like myself. Over about 95% of all desktops today are running Windows, a few percent are Macs, and even fewer (desktops, mind you, not total boxen) run Linux. Even so, Wal-Mart, a very large company, is investing in a tiny sliver of the desktop market.

Maybe they're willing to take a greater risk than many of us thought? Maybe their ITs have more insight into the future of the desktop than many of us thought? I can't find any other reason than those -- if anyone has any ideas, please say so.

One thought is that Macs are still around and don't have but a few percent. Although this is comparable to Linux, Linux is new and there is no guarantee of returned money on an investment. Mac junkies have been around for quite some time, and have continued to purchase Macs.

In either case, two years ago, I didn't think Linux was for anyone but developers. Now my mom can use it, and she's not even average when it comes to computer literacy. Linux has come so far in the last 2 years that I don't see how it can't go further. The user and developer bases are growing, and it looks like Linux is here to stay.

Stability and options have been here. Features (e.g. virtual desktops) have been here. Openness and freedom have been here. Ease of use is becoming more common, and the user base is growing. The only thing this Linux junkie sees missing is application/file-type support, but that is coming as well, and quickly.

I forsee Linux busting into the desktop market and becoming a serious contender within two years. Of course it will take time for a large change, but I think it's coming.

Re:Linux and the desktop front

[darien]

Maybe they're willing to take a greater risk than many of us thought? Maybe their ITs have more insight into the future of the desktop than many of us thought? I can't find any other reason than those -- if anyone has any ideas, please say so.

Afraid I think the answer is simply that they can sell them cheaper without Windows. They know that 99% of the people who buy these computers will immediately take them home and install Windows on them; but Wal-Mart can hardly be held reponsible for that. After all, they're selling complete, working systems, and can hardly be blamed if people decide to run pirate software on them.

So I'm afraid I think Wal-Mart's support for Lindows is mostly just a way to cut costs by evading the MS tax. Even so, it still helps Linux gain mindshare and credibility.

Re:Linux and the desktop front

[Lysander+Luddite]

Another "Linux will take over the desktop in the future" piece. How redundant.

Believe me, companies desire to control their workers through computer access will trump any supposed benefits of "open" Linux and standards. With all the legacy applications and documents in MS and other proprietary formats most businesses will not risk switching over. Maybe in a few years an open source Office app will read MS formats, but the way IP law and copyrights are going (as well as looking at history) I'm not counting on it.

If you think home users will flock to Linux while business sticks with Windows TCPA, I think you'l be in for a rude shock. Most people's home computer uses what they use at work, for a variety of reasons. I don't see that changing anytime soon.

Finally, you might be interested in reading Ross Anderson's piece about how TCPA will render GPL moot. Essentially, TCPA vendors will balkanize the computyer environment even further. That balkanization is inevitable unless business users don't use TCPA.

You can't separate business and home users. Where business goes, the home user will inevitably go.

Re:Linux and the desktop front

[MrResistor]

before you debate me on these points, please take the time to use a RH 7.x system with Ximian GNOME - install and usage really is simple for the avg. joe.

I totally agree, but I wanted to point out that the same is true for SuSE 7.x and 8.x, and I've heard that Mandrake 8.x is very good as well. KDE3 is quite usable as well, and so far I consider it a significant improvement on KDE2, which I also liked.

I'm not trying to start a distro/desktop flamewar or anything, I just want to point out that Linux in general has reached the point where it is quite usable by the average person. The installs of the current offerings from any of the major commercial distros can be handled by anyone with even moderate knowledge of computers. In fact, since drivers and apps are included in the distros, installation is actually far simpler than with Windows.

My annecdotal evidence to back up this claim: I've done about 10 installs of SuSE Linux (7.1, 7.3, and 8.0) in the last year, and about 15 installs of Windows 2000 in that same time. On average, a full up-to-date install of Windows takes me about 4 times as long as an equivalent Linux install (2 hours v. 30 minutes). Most of that time difference is CD shuffling and rebooting. Especially irritating are the MS updates, many of which have to be installed individually, requiring a reboot and then a return to the update site for the rest, which may or may not have to be installed individually. This is not user friendly, and it certainly does nothing to encourage the average user to keep their system up-to-date. One might even suggest that this lack of a truelly user-frindly update system encourages the proliferation of the unsecured systems that periodically flood the internet with the windows-virus-of-the-month.

With SuSE, by contrast, I have no need to find the driver CDs for my hardware (when will vendors learn to put actual meaningful labels on their driver disks?) since the drivers are included on my install disk and the hardware is autodetected. I have no need to find and install all the apps that actually make my machine useful, since they are all included. I have no need to reboot my machine for every driver or app installed, since they are all installed with the base package. And when it's all installed, a few clicks of the mouse gets all of my installed packages updated.

By all accounts, a similarly painless experience is available from all the other major Linux vendors.

In either case, two years ago, I didn't think Linux was for anyone but developers. Now my mom can use it, and she's not even average when it comes to computer literacy. Linux has come so far in the last 2 years that I don't see how it can't go further. The user and developer bases are growing, and it looks like Linux is here to stay.

Stability and options have been here. Features (e.g. virtual desktops) have been here. Openness and freedom have been here. Ease of use is becoming more common, and the user base is growing. The only thing this Linux junkie sees missing is application/file-type support, but that is coming as well, and quickly.

I forsee Linux busting into the desktop market and becoming a serious contender within two years. Of course it will take time for a large change, but I think it's coming.

I couldn't have said it better myself. I expect to have about half of my immediate family (including in-laws) using Linux at least part time by the end of summer. So far, no problem, and if they can use it anybody can ;P

Re:Linux and the desktop front

[Lysander+Luddite]

"Thanks for the troll."

No problem. I'm tired of seeing "Linux will be able to do everything and rule the desktop in just x years" posts to EVERY freeking article. The fact that your post is currently at "5" makes it even more infuriating.

"Even disregarding Wine or VMWare, I can open Docs, MS Works files, Excel spreadsheets, powerpoint documents, etc. What is your argument?"

Most businesses won't risk ANY chance of losing access to those formats. Why risk losing access to a document containing your project that costs $500K if you only need to spend $500 to guarantee access? And it's not only MS Office documents. What about AutoCAD, 3d Studio Max or other Windows only software? Does Linux have some open source apps that can open those proprietary formats? Did you ever use CoreldDRAW's import EPS format during the 80s or 90s?

"You can't separate business and home users. Where business goes, the home user will inevitably go

How redundant. Just what I said."

Yes, but I don't believe that somehow business will switch over to Linux because it is "fast, easy, stable and simple it is to use for normal applications." If that was true Windows would never have become as big as it is. We'd be using OS/2, AmigaOS or something else. The "Windows is good enough" factor comes into play.

I firmly believe that business will flock to TCPA because of the control it gives them over their workers, their documents and information, and the perceived benefits such a system gives the boss.

What good are the benefits you mention (stability, options, openness and freedom) if Windows already is perceived to have that? The business user also gets the advantage of controlling information access, which as many lawyers, HR personnel and management types will argue can be of more worth than the equipment it inhabits.

Anderson argues that the Intel PC is commoditized now. Linux is trying to commoditize the OS. MS and Intel try to reverse that trend by offering something unique and of value to those who will pay for it (business). I think that is a logical and very likely successful strategy. People are willing to pay for something they think will benefit them. TCPA is being spun as something of value to business. I believe business will believe it is worth paying for more than using Linux. If Anderson's scenario is true then businesses that use Linux will be locked out from participating. Will that then push them into TCPA's arms or will those features of stability and "freedom" still hold out? I'm sceptical.

Re:Linux and the desktop front

[Lysander+Luddite]

See my other reply. Yes, I believe that business' control over their workers and system trumps any benefits of open formats.

Formats could be open in TCPA but the TCPA system will still control access.

Re:Linux and the desktop front

[Ian+Bicking]

I was reading another comment about how Palladium was a response to the commoditization of computers... your bringing up Walmart makes me think of the other way to battle commoditization: vertical integration.

Walmart sells a ton of commodities -- things that are effectively unbranded and rather generic. Its suppliers don't make a ton of money, I imagine, but Walmart does because of their processes. Walmart is actually pretty good for the consumer, even if it is lousy for the producer. And I think Walmart is the perfect advocate for the commoditization of computers.

Politics makes strange bedfellows, but I feel like Walmart really can do the right thing every so often -- I was impressed with their recent challenge to Visa.

Re:Linux and the desktop front

[Lysander+Luddite]

I'll keep it short this time.

Point about Corel:
Support for standards does not guarantee it will work.

Corporate Control:
People have accepted it so far and I see no signs of it receding, especially in a job environment like the one today.

Content/Document Management Systems try to do the same thing in assigning document permissions. They tend to fail because of the pesky ID thing, but if that can be handled by a combo of hardware/software then who knows?

Freedom/Control:
People seem to be giving up a lot of freedom willingly both in the workplace and without. I'm cynical when it comes to people in groups.

Re:Linux and the desktop front

[Frank+T.+Lofaro+Jr.]

If the CBDTPA (S 2048) passes, and Palladium becomes the "certified security technology", it will be illegal to sell PCs or PC hardware which are capable of running Linux.

Linux on the desktop won't happen if it is illegal.

Re:Linux and the desktop front

[MrResistor]

I've just got to admire Red Carpet. I'm commenting on this because some folks haven't tried it. =P In Red Carpet, first select a related channel to what you want (e.g. RH Linux 7.3), it'll show you what you can update, what is available to install, and what you can remove. Full information on the package (description, version, size, etc) is available at one click. Simply check those packages you wish to update/install/remove and click a button. It does the rest. No rebooting. Nothing. If that isn't easy to use, I don't know what is.

SuSE's YOU (YaST Online Update) is pretty much the same. I prefer to use it in manual mode, since I like to know exactly what is happening on my system, but I modify the suggestions it makes rarely enough that I could use it in automatic mode a save myself 2 or 3 clicks.

Is this very new hardware, or uncommon, or am I missing something? Wouldn't Win2K come with these drivers?

In my experience Win2k includes drivers for Soundblaster-16, Trident video cards, generic winmodems, and HP laser printers. Other than that, you have to get them from the vendor. It comes with an assload of drivers, but not for hardware anyone actually seems to be using.

My personal system, which is fairly representative of the systems I've dealt with, has: Athlon, AMD 750 chipset, GeForce2, Soundblaster Live, cheap NIC, USB optical mouse, CD-RW, DVD, 2 HDDs. The one thing I had to go out and find drivers for was my printer, a Lexmark z53 (which I bought specifically because Lexmark supports it's inkjets on Linux).

Surprisingly, NICs have been the component I've had the most trouble with in Win2k. I expect to have to download drivers for my video card and soundcard (even though it's 4 years old), but given that Win2k is such an improvement on the networking front you'd expect better support for NICs.

I love Linux's remote admin utilities: you can fix problems on your Aunt's computer in Pango Pango. =D
It looks like I might be doing an install for a friend's home box (not very computer literate), and any problems that come up will most likely only require a few commands. =)

I set up a Linux file server for my old company (from which I was laid off, but no hard feelings). It's headless (no monitor, keyboard, mouse, everything done over ssh), and I was laid off the day after I brought it online. I've only recieved one call in 6 months, which was samba's createmode acting funny (nobody had access to files created by the boss). I sent the front office chick (who is responsible for documentation control, purchasing, shipping and recieving, and probably more that I don't know about. Small company, very smart chick, though not particularly computer oriented) an email telling her how to chmod the whole shared directory using putty (which I installed on the shared directory). A kludge for sure, but I haven't had a chance to stop by and fix the samba config.

My point is, though, that even Aunt Tilly can ssh to a server and enter chmod -R 777 /dir if she happens to have the instructions written down somewhere. And even if she has to do it every day it really not a big deal if that's all she ever has to do to it. Even if you don't have remote access, support is still significantly easier with Linux.

Re:Linux and the desktop front

[rseuhs]

Most businesses won't risk ANY chance of losing access to those formats. Why risk losing access to a document containing your project that costs $500K if you only need to spend $500 to guarantee access?

This point is so moot, it's no longer funny. Office doesn't guarantee access at all. Every new Office-version means new formats and all the problems that come with them. Because there is no easy way to figure out the version of a .doc, .xls or .ppt, matters become even worse.

Hell, I had documents that were "broken" for Office97 and 2K, and could only be read by StarOffice. I had .docs created by Word97 that were messed up in Word97 on another computer.

If you think the Windows-world is perfect, you live in a dream-world. Windows/Office is a horrible environment to work in, the only thing that keeps people using it is the delusion that there are no alternatives. (Just look at your pathetic, uninformed post.)

And if you really need Office you can also use Crossover-Office to run it on Linux (and: yes, the installation is very easy and it's usable and very stable)

And it's not only MS Office documents. What about AutoCAD, 3d Studio Max or other Windows only software?

At least here you got a point. But there are lots of CAD-software on Linux, and lately every major 3D-software (except 3D-studio - yikes) seems to have been ported to Linux. Maya, for example. Shrek was created on Linux, StarWars2 was created on Linux.

EU knows what Microsoft is up to!

[DaneelGiskard]

According to this article (sorry, german only) the EU knows exactly what Microsoft is up to with Palladium and they do want to work against it!

Here is a translation using Google.

Quotable Commentary

[tarsi210]

From the: Quotes-to-cringe-by dept.

MICROSOFT PROMISES--and I believe that they're serious--that users will control their own personal information.

Since when? Since when do people trust M$, the company that has time-and-again said that software is secure when it's not, that they provide customer support when they don't, that they're not trying to be a monopoly when they are, that they're not strong-arming 3rd party manufacturers when Craig Barrett is clearly wincing? If the EULA doesn't scare you yet, you aren't paying attention.

But how this plays in the real world, where users often have very little power, remains to be seen.

Ah, maybe in your little world of sheeple, but folks like me give ourselves power through OSes that don't patronize.

Microsoft has one key factor in its favor: the growing realization among its customers that we must do something, and that tomorrow's digital devices--and I'm talking much more than PCs here--need the trustworthiness that Microsoft claims Palladium will offer.

I think he's missing the boat on this one. Users don't give a rats banana about trust, or they wouldn't be using passwords like "mypassword" when checking Hotmail. They simply don't care about that. What they care about is the *big*bad*unknown* screwing up their ability to email, type letters to their friends, and have cybersex on AIM. If their OS provides that, they're fine. Trust is marketing B$ for "we're gonna cuddle you like a foster parent and shield you from the big bad world."

But is the world ready to trust Microsoft on something it has such a hard time explaining? and implementing, and supporting, and documenting, and....

Holy smoke-n-mirrors, Batman.

if you can run some Turing-compatible code..

[WetCat]

Step 1: create some virtual machine (in VBasic,
for example)
Step 2: port Linux to that virtual machine...
But will it be worth it?

Don't worry, kids.

[ceswiedler]

It's inevitable that computers will become appliances. Anything which is marketed to, designed for, and used by the masses will eventually become simple and easy to use, and probably a commodity unless one company holds a monopoly on its production. The original Apple was the first step; this is merely another.

But that doesn't mean computers won't exist to hack on for amateurs. Did the CD eliminate HAM radio, or the amateur musician? Does an electronics geek bemoan the fact that he can't put together his own DVD player, or does he spend his time doing more interesting things? When computers become appliances, they will become boring.

It also doesn't mean that professional computing will go this way. To use the same analogy: do you think a radio broadcasting station uses an off-the shelf CD player? Do you think they go to Best Buy, see the low-end consumer hardware sold there, and say "Damn, I need something better, more customizable, but I guess I just can't buy it anywhere." Professionals will use professional products, and that means many things: high quality, no frills, and expensive. Microsoft will NOT be able to convince any computer professional to use this "Palladium" crap for a server. They won't even try. They will probably have a server OS which can serve Palladium-enabled content; but that won't be the only option, unless it's so good that it's all professionals want.

The readers of Slashdot are all amateur computing enthusiasts, and many of them are computer professionals as well. We may end up using a commodity computer appliance, just like the rest of the world; but our Linux boxes will always be around to hack on.

Re:Don't worry, kids.

[Shadow2097]

Microsoft will NOT be able to convince any computer professional to use this "Palladium" crap for a server. They won't even try.

Just like they were never able to convince any companies to use that crap IIS server, right?
Until we get better trained and more experienced Sys/Network Admins in the work force, MS servers will remain a player in the field.

Kneejerk response

[burgburgburg]

Let's see: Apple creates an OS based on Open Source software which they have continued to contribute to (Darwin)

Microsoft steals OS components from non-GPL sources and never admits it (TCP stack from BSD)

Apple develops software to assist you in ripping your CDs, mixing them to your liking and burning them onto new CDs or DVDs (iTunes)

Microsoft "patches" software while changing the EULA to allow them to automatically shut off ANY software you might be running that they feel violates their interpretation of DRM (Media Player)

Hardly seems like parallel tracks to me.

Ask Steve Jobs...

[nbvb]

Just another reason to use an Apple. Love it, hate it, or otherwise, at least Apple isn't trampling your rights.

--NBVB

Jobs also stressed that the iPod and iTunes did not include any built-in digital rights management (DRM) features. "Piracy is not a technology issue; it's a behavior issue," he said, noting that every security scheme based on technology and secrets has so far been defeated.

Many Linux Boxes are old Intel Machines

[javacowboy]

The DRM aspect reminds me of something I read about an imaginary day in the not-too-distant future, where you can no longer install Linux on your own box because you don't have the necessary rights.

Correct me if I'm wrong, but don't a great deal of Linux servers run on old hardware? If this is true, then the impact of Palladium wouldn't be a total disaster for Linux. It would not be favourable, by any means, but not a total disaster.

Smaller companies that run Linux servers on old hardware would not be forced to make the changeover, at least not for several years. Unless you're a large company that needs the latest technology, you could get away with not upgrading to a Palladium machine.

Re:Will it fail like DIVX?

[rnturn]

``You will lose some privacy and freedom, but most users won't care, since they'll get some glitter in return. Look at WinXP: (almost) nobody cares about the activation.''

Give it a little more time. I don't think that many XP users have gotten to the point where they've attempted to add or change the hardware on their PC and triggered the XP `you must reactivate' process. Once that starts to happen, I bet you'll hear more users begin squawking.

No death of commodity PCs

[GCP]

I'm assuming that by "commodity PC" you mean a standard x86 machine onto which you can install a non-MS x86 OS.

If the chips/BIOS are set up in such a way as to literally prevent the installation of a non-MS OS onto the bare machine, then there will be enough market demand for machines without this restriction that the market will fork. I'm not claiming that it will fork half-and-half, just that there will be enough demand in the world to create a market. The market may be too small or politically sensitive for the likes of Dell or HPAQ, but some Asian manufacturer(s) could make a good living off that market.

More likely, the existence of the extra crypto hardware can be accommodated by new designs in Linux/*BSD/etc. and might actually become quite useful to a user with complete personal control over its capabilities.

Re:No death of commodity PCs

[Russ+Steffen]

then there will be enough market demand for machines without this restriction that the market will fork

Unless, of course, Sen. Fritz Hollings (D-Disney) is successful in his quest to make such machines illegal.

Bah

[Rogerborg]

Coursey is an obvious troll with a long term pro-Microsoft agenda. I wouldn't worry about him influencing anyone: his "Bill is good, Bill is wise" mantra is so blatant that even the most casual reader should be able to spot it.

Indeed, if he'd written anything other than glowing praise for Palladium, I'd be shocked. This is just advocacy trolling by the numbers.

Re:Bah

[Chris+Johnson]

True, which is why it's so interesting that the actual Coursey editorial was on the 'no way' side.

You should read what's being linked to sometimes- it's especially interesting when people act against type. Coursey publically rejecting this stuff is news of a sort: maybe he's not going to say a blessed thing Slashbots haven't known for years, but the fact that it's him saying it is VERY interesting.

And there may be people who wouldn't listen to a Slashbot in 1000 years who'll do a doubletake seeing Coursey, 'one of us', reject this stuff.

Why is there not a campaign against this yet?

[illerd]

Or maybe I just haven't seen one yet.

Remeber the Anti-DIVX campaign a few years back? That worked perfectly. DIVX (the DVD player, not the codec) was dead before it ever hit the shelves. Why is there not a www.fuckpalladium.com yet? or maybe www.getoutofmycomputer.com. There's no shortage of MS haters out there. This ball should get itself rolling.

All of this seems the same as DIVX - some company telling you what you can and can't do with shit you've already bought. People won't stand for it as long as someone gives it to them straight. All that you need to tell them is "Palladium won't let you burn CD's" and you'll have a backlash on your hands. Even the least tech-savvy users will understand what that means. If I had the time and resources i'd register www.nopalladium.com, but I don't. If everybody puts a link to www.fuckdrm.com on their website, people will get the idea and this will die on the vine like DIVX and the PSN.

Re:Why is there not a campaign against this yet?

[ProfMoriarty]

While I agree that we should organize some intellegent information WHY this is bad for you (so Joe Consumer could understand it), it may be too early to do that ...

The reason is simple ... if we let Microsoft develop this for a few years ... they spend resources and yes, marketing that this is good for you. BUT, they have committed to something and are more pressured (by the shareholders) into following through.

Now ... if we re-spin this information now, while it's sketchy at best, then we give Microsoft information to change the most attacked position, and develop a better product.

As Sun Tzu has taught: "Test them to find out where they are sufficient and where they are lacking". I think that Microsoft is currently doing just this.

FUD

[JaredOfEuropa]

Yes, FUD is what we would call this story if it had come from the "enemy" (like the RIAA writing a story about a future without music or arts, because pirating has made it impossible to produce music for a living). Typical Stallman stuff. The truth, as always, will lie somewhere in the middle.

And yes, we should be ever vigilant about how our rights are possibly infringed by such technology, and Stallman does fight for a worthy cause. But personally I think the cause would be better of with the likes of him and their shrill protests.

Re:FUD

[Maul]

The story might be along the lines of being FUD-like, but the fact remains that Stallman's vision of the future in that story is much closer to being reality than a world without music or art.

Take a look at the potential abuse of this new DRM system Microsoft is proposing as well as legislation proposed by Senator Hollings.

It seems that the ultimate goal of Microsoft is nothing short of total control and ownership of your PC and all the data on it. It is also quite frightening that this DRM version seems to fit quite perfectly as a potential standard if bills like Holling's are actually passed into law.

It is easy to forsee that a bill very similar to Holling's is eventually passed, and then Microsoft uses its monopoly position and money to force its own DRM scheme as the standard. All of a sudden, Linux, MacOS, BSD, Solaris, etc. are illegal. All of a sudden it is illegal to build your own PC, or get a PC that is made without DRM hardware.

All of a sudden, Microsoft literally owns the internet, your PC, your TV, your VCR, your stereo, your DVD player, video game console, and your personal data... and is 100% backed up by our corrupt government in doing so.

Re:FUD

[fferreres]

FUD is not bad. If there's something to be feared upon, and that comes with hughe risks (uncertainty) for the socities and civil liberties, then it's good FUD.

If it's just plain normal FUD to keep market share using huge marketing expenses without any real binding with the truth, then it's bad FUD.

It's not like we are talking Microsoft good, Linux good. We are talking about our RIGHTS here. They are taking them away from us, and RMS has figured it out way before it has happened. Now that it's actually happening, not only you don't recognize it's true but claim RMS predictions where FUD.

Well, to tell you the truth, I think that the reason we still have a lot of rights is because of people like RMS. They are a few, and everybody else gets the benefits. And then magically one they the become "idiots", "zeolots" and other names because we _think_ it's all come to what it'is now for free, and that it will always remain that way.

"The truth, as always, will lie somewhere in the middle."

That's thanks to the RMSs of the world and not because of some "natural balance" law.

I don't think so

[GCP]

Your typical motherboard vendor could care less if Linux runs or not - they want the portion of the market that runs Windows.

That's not how markets work. Not everyone dreams of being yet another competitor in the most crowded market segment. If there is a demand for motherboards that allow you to install a non-MS OS, there will be manufacturers who will gladly target this less-crowded segment.

And lest you worry about Intel building the restriction right into the CPU upstream so the motherboard mfrs downstream don't even have a choice, remember that Intel wants to break free of the MS monopoly grip, not to enforce it.

Microsoft in the War Against Terrorism

[extrasolar]

Anyone want to guess how long until the word "terrorism" gets in somewhere?

Another terrorist attack or two, and Americans will be begging for this stuff. Hopefull that won't happen.

I was at first reluctant into saying this technology is all bad. Its easy to get into an anti-Microsoft jihad.

But this technology is all bad.

I can't believe that MSN article, I really can't. Its a silly spin on this technology that isn't going to last. Here's some stuff from the MSN article on what this stuff is going to do:

"Tells you who you're dealing with--and what they're doing. Palladium is all about deciding what's trustworthy. It not only lets your computer know that you're you , but also can limit what arrives (and runs on) your computer, verifying where it comes from and who created it."

We already have this, its called Public Key Encryption or alternatively Symmetric Encryption. Free Software users already have GNU Privacy Guard at our disposal.

Of course, the downside of this technology is that it isn't too useful over the internet without creating a rather large web of trust -- a very difficult task. I'd like to know how Palladium would rectify this?

"Protects information. The system uses high-level encryption to 'seal' data so that snoops and thieves are thwarted. It also can protect the integrity of documents so that they can't be altered without your knowledge."

First, we already have high-level encryption. And most anti-virus programs 'innoculate' your files anyway. This only sounds like Microsoft is targeting the anti-virus next -- by integrating them into the operating system.

"Stops viruses and worms. Palladium won't run unauthorized programs, so viruses can't trash protected parts of your system."

I haven't used Windows since Windows 95, but I know Unix-like systems have had multi-user security since practically forever. Its heavily suggested to new users to set up their own accounts on their system to use. "protected parts" os a Unix-like system is whatever root owns, which is quite a lot.

"Cans spam. Eventually, commercial pitches for recycled printer cartridges and barnyard porn can be stopped before they hit your inbox--while unsolicited mail that you might want to see can arrive if it has credentials that meet your standards."

So basically digital signatures for real this time...

"Safeguards privacy. With Palladium, it's possible not only to seal data on your own computer, but also to send it out to 'agents' who can distribute just the discreet pieces you want released to the proper people. Microsofties have nicknamed these services 'My Man.' If you apply for a loan, you'd say to the lender, 'Get my details from My Man,' which, upon your authorization, would then provide your bank information, etc. Best part: Da Man can't read the information himself, and neither can a hacker who breaks into his system."

This may sound interesting, depending on how its implemented. But what can this Palladium technology offer that a sane encryption policy can't? And whats going to prevent users from screwing up the security?

(side note: "My Man" sounds really funny)

"Controls your information after you send it. Palladium is being offered to the studios and record labels as a way to distribute music and film with 'digital rights management' (DRM). This could allow users to exercise 'fair use' (like making personal copies of a CD) and publishers could at least start releasing works that cut a compromise between free and locked-down. But a more interesting possibility is that Palladium could help introduce DRM to business and just plain people. 'It's a funny thing,' says Bill Gates. 'We came at this thinking about music, but then we realized that e-mail and documents were far more interesting domains.' For instance, Palladium might allow you to send out e-mail so that no one (or only certain people) can copy it or forward it to others. Or you could create Word documents that could be read only in the next week. In all cases, it would be the user, not Microsoft, who sets these policies."

And we're back to digital rights management. Does anyone know how to implement what they say with the Word document with the technology we have now? It almost sounds like an Actually Useful Feature. "This email will self-destruct," kind of thing.

But really, this thing is about enforcing what some people consider an unconstitutionally unlimited copyright system. Not to mention what kind of havoc would be caused if trademarks were decided to be under the umbrella of digital rights.

One thing the Coursey article confirmed is that Microsoft does have a patent on this technology -- it seems logical they would license this under the CIFS (no GPL or copyleft) pretty much excluding free software from implementing this.

Because this stuff was leaked so early, there is still time (they are saying like four or five years) for someone to build up a response to this. Or it will simply flop because the market won't like it. Or what I think is likely is that DVDs will only be allowed to play on Palladium-approved machines. Then we'll have a mix of Palladium and non-Palladium machines, one with a superset of the features of the other.

Which one will Mr. and Mrs. Ignorant want to buy for their son?

Re:Microsoft in the War Against Terrorism

[extrasolar]

We already know that the al-Qaeda people are rather smart.

Wouldn't you think they already use cryptography?

Re:Inevitable? I think not...

[RobertAG]

The current market favors commodity hardware. Should AMD/Intel try to make their motherboard proprietary, two things could happen:

1. Anti-trust lawsuit
2. Relegation of the new design to a niche.

The problem with making ANY commodity a non-commodity is that you attach some extra value to it, real or imagined. You also become a niche player of sorts. Apple, in keeping itself proprietary, turned itself into a niche producer. There are makers of coffee, water, soda-pop, etc that managed to uncommoditize these things and made good money, but only as niche players (you don't, for example, shower with bottled water).

Besides, with operating systems like Linux already ported to a variety of processors, how long would it be until some other company tries to create a commodity PC to replace the Paladium stuff? The original IBM PC freed people from using mini/mainframe computers, after all. Eventually, history will repeat itself.

Even if a proprietary hardware design DOESN'T appear, what's to stop people from running virtual machines ON TOP of the "secure" hardware/software? VMWARE comes to mind immediately. Maybe you can start mini VMWARE-like environment to play MP3's or watch movies. For good measure, this mini-environment could also store your files, effectively locking them away from the "prying eyes" of the paladium-enabled OS. Paladium will add more complexity to an already complex and powerful machine. Such complexity will demand more speed. More speed means you'll be able to run virtual machines more seemlessly.

In the end, I think, users will be able to do what they want.

Installation vs. Usage - Mac 10 Windows 7, Linux 1

[schmaltz]

install and usage really is simple for the avg. joe.

Installation of a Windows or Mac software package is *nothing* like on a Linux box. Flame me if you will, I just don't know what to call this expectation on the part of Linux jocks -egoism, chauvinism- but downloading and manually building a package and its dependencies, sometimes rebuilding the kernel. It's just not the same as an installshield-type GUI installer, and I won't apologize for it.

Debian comes closer on this -this is my daily system. Even though I love it, I could never, ever expect family members or non-tech friends to support their own system. If they lived under the same roof, yes, of course. But to hand somebody a CD and say, go ahead, you can replace your Windows installation, is just silly. Your typical non-tech won't make it past disk partitioning unaided.

Take, f'rinstance, video formats. Yes, there is a package now for viewing AVIs under Linux. But to get it working is another matter. And compare Mac TCP/IP versus Linux -a single, simple dialog box versus the commandline (yes, I know various distros have dialogs too, but they mostly suck, and I'm talking about Linux common denominators here.)

In order for Linux to "rule" the desktop (as many hope it will), there needs to be the same simplicity in setup, maintenance and use as its competition- MacOS and Windows. Otherwise, Linux will never get more marketshare.

... for the next century

[jc42]

> ... Their stated goal is `a new computing platform for the next century ...

Doesn't this make their intent clear? The next century starts in either the year 2100 or 2101, depending on your theory of century boundaries.

So this is the most extreme vaporware yet: It won't be functional for about 98 years.

Godwin's Law is a JOKE

[FreeUser]

Interesting idea, but according to Goodwin's Law, the first party in a discussion to mention "Hitler" or "Nazi" has lost the discussion.

Godwins Law is a joke.

Seriously, it was a tounge in cheek joke about USENET flames of its day. It was never considered by its creator to be an actual, accurate commentary on internet speech, much less some deeply wise insight into the human psyche, and certainly not as a new "rule" of debate.

In other words, Godwins Law was never intended to be used as relative newcomers to the net have come to use it today: to make the most potent lessons of modern history offlimits to any discussion that might benefit from contemplating those lessons, not least of which is a discussion of technology that is designed to excersize draconian prior restraint on how and perhaps even when people can use their own property, within their own home, by a large, convicted monopolist.

NAZIWARE is the most appropriate term I've heard for Palladium/DRM since this entire debate began a few months ago. We should not dismiss it because of some misguided references to a tired old joke being bandied about as though they were some kind of deep Internet Wisdom.

Re:hardware cryptography

[ivan256]

The chip should have your unique key stored inside it in hardware and the key should not be accessible to outside software

My understanding of what I've read so far is that this is a public key technique, and Microsoft will sign apps with their private key. Each machine wouldn't have a unique key. If the hardware developers are smart (and they probably are) the public key will be loaded by software into the rights management hardware at boot time.

Hardware developers aren't going to hand microsoft the entire PC software industry. They're going to create a general purpose solution in order to protect their other lucrative markets for these chips (read: embedded solutions that don't run windows). Even if they tried to do otherwise, you'd quickly start to see motherboards with sockets already on board for the mod chip :)

No! Godwin's Law is not that at all!

[Perianwyr+Stormcrow]

Godwin's Law states that as any discussion gets longer, the probability of a comparison involving Nazis or Hitler approaches one.

Essentially, any time you get a bunch of people together, talking about any subject, chances are that the conversation will wander to the point that someone compares something to Nazis. This happens for two reasons:

1) The Nazis made such a massive impact on the 20th century that you'll end up seeing some comparison eventually.

2) If you get pissed off, you generally go fishing for the worst insult that you can get, and calling someone a Nazi generally does it.

I'd expand this law to include "fascist" as well. People generally mean Nazi when they say fascist, and including that would probably make the law more closely match most discussions.

Re:Installation vs. Usage - Mac 10 Windows 7, Linu

[Dalcius]

but downloading and manually building a package and its dependencies, sometimes rebuilding the kernel. It's just not the same as an installshield-type GUI installer, and I won't apologize for it.

Notice my comment about Ximian -- utilities such as Red Carpet and up2date negate the need to do things by hand. True, there is less of an application base for these, but they are coming along quite nicely considering they're both relatively new.

And as far as installation and distrib., I should have been more explicit: Red Hat. Even the custom install is hardly difficult for someone who knows computing basics, especially given the help in the sidebar.

Take, f'rinstance, video formats. Yes, there is a package now for viewing AVIs under Linux. But to get it working is another matter.
Like I said, there are plenty of issues with file formats. While doc, xls, ppt, mpg, mp3, etc. etc. etc. are all supported, there are a few important ones missing -- I concur with you, my most sought after file formats are movie formats. Here is something I'm looking forward to become standard.

In order for Linux to "rule" the desktop (as many hope it will), there needs to be the same simplicity in setup, maintenance and use as its competition
Repeating myself:
Setup - RH Linux is just as simple as Windows on a "Workstation" install, not much more difficult on custom.
Maintenance - This is a problem in some areas. Groups like Ximian are working on it -- their new configuration panel (forgot the name -- similar to MS Control Panel) is nice, IMO, and getting better.
Use - Again, this area needs work in the area of common applications, but things such as Evolution, AbiWord, OpenOffice, GnuCash, etc. are making a lot of headway here.

Re:Criminals and Microsoft.

[hyphz]

This already came up as a front news story - the fact that some states have laws prohibiting the government purchasing items from criminals, and therefore shouldn't be able to buy any MS software.

Probably a better one would be to challenge the 'campaign contributions' from felons...

Re:Installation vs. Usage - Mac 10 Windows 7, Linu

[Dalcius]

To comment on this:

-You do not need Windows tech support to view an AVI. I think that was his point.

Misc. comments:
-However, you cannot complain that Linux is "too hard" because of some of it's 'fixes'. If Windows breaks, TOUGH -- what can you do but reinstall? If Linux breaks, at least you can fix it. Just because you can fix it and that fix is difficult doesn't make it any harder than Windows -- it's just an option you never had. Note -- I'm not suggesting the parent was meaning to say otherwise, I'm adding this because people often seem to not understand it.

-There is a learning curve on Linux, just the same as Windows. I'm not suggesting that users should be forced into using the shell, but that some people blindly assume because a Windows -> Linux transition isn't 100% painless, Linux is too hard. Again, not suggesting that the parent meant otherwise.

Godwin's law is VERY CONVENIENT for neo-NAZIs, too

[Ungrounded+Lightning]

Interesting idea, but according to Goodwin's Law, the first party in a discussion to mention "Hitler" or "Nazi" has lost the discussion.

...it was a tounge in cheek joke about USENET flames of its day. It was never considered by its creator to be an actual, accurate commentary on internet speech, much less some deeply wise insight into the human psyche, and certainly not as a new "rule" of debate.

Indeed.

And the literal interpretation of Godwin's law has been used heavily by anti-freedom posters (including neo-fascists) to shut down debate. They do this when someone:

points out how their proposal is similar to one of the programs of the NAZI party, or

tries to show how the NAZIs already took that nice-sounding idea and ran it into the ground.

So I now formulate:

Rod's Law of Internet Debate: "Anyone citing Godwin's Law against an opponent in a serious political debate has admitted he is an authoritarian and has lost the argument."

Godwin's Law

[Kaiwen]

according to Goodwin's Law, the first party in a discussion to mention "Hitler" or "Nazi" has lost the discussion.

Not at all. Godwin's Law merely observes, it doesn't proscribe:

As a Usenet discussion grows longer, the probability of a comparison involving Nazis or Hitler approaches one.

While the implication is that, once this point has been reached, the discussion has outlived its usefulness, Godwin's Law itself does not say so much. In its accepted form it merely observes that, given enough time, any Usenet discussion will eventually degenerate into Nazi name-calling.

While by way of application of the Law it has become accepted Netiquette in many places that the Nazi comparison ends the conversation (the Nazi reference being the bellweather indicating the discussion had already burst into flames anyway) -- and that the one making the comparison ipso facto loses the discussion -- this is not a requirement of the Law itself, which is not proscriptive at all.

For more information on Godwin's Law, check out The Godwin's Law FAQ.

Trolling at its best.

[Steveftoth]

First of all, this technology COULD be used to take over TCP/IP since all code has to be signed by MS. Probably not the IP part, since all the routers need to be able to understand that and MS hasn't decided to make a line of routers (yet). But definatatly the TCP part since the routers don't determine things like sequence numbers or the checksum algorithm.
Don't forget that they can now force download and install of any software they want thanks to their new eula in Media Player.
Secondly, any virus that travels via script will still be able to inflitrate your system. That's how scripts work, you click on them, and then they run in the 'signed' interpreter. You're saying that all .cmd, .bat files have to be signed with microsoft tools. Thus leaving all users who don't pay for the MS signing tools unable to use their own computers.
I'd say that anyone who is slightly tech-savvy is capable of writing a bat file.
Don't forget about Office viruses either, a document can't be signed either, and if they are then it will be have to be eazy.

Unfortunately, that's how it's being used.

[Ungrounded+Lightning]

Godwin's Law states that as any discussion gets longer, the probability of a comparison involving Nazis or Hitler approaches one.

Unfortunately, one of the corollaries of Godwin's law is that any discussion where NAZIs are mentioned is effectively over, because (if it hasn't already) it will now degenerate into either namecalling, a flame war over NAZI Germany, or a flame war over Godwin's Law. And it is this corollary that is usually meant when the law is cited.

More here.

Re:Unfortunately, that's how it's being used.

[Yohahn]

I can agree with this.. THIS is true.

Because now everybody is arguing about my use of the word NAZI, instead of thinking about how to use PR against this plan.

I wish they would Focus on the problem.

Somebody used SLAVEWARE. That would be kind of good.
Is there any better term that could be used?

BIGBROTHERWARE while probably closer in meaning, dosen't sound as good.

(Lets face it.. things designed to get people thinking need to sound good if they are to be effective)

Re:Unfortunately, that's how it's being used.

[Yohahn]

Sorry to reply to myself.. but I had to add,
I find it ironic that the reason that the thread was distracted was because of the citing of Godwin's law.

Re:NAZIWARE vs. SLAVEWARE

[Yohahn]

In considering what the NAZI's did to Germany (not to mention europe), I would argue that NAZI is more specific.

While the Labour force was not necessarily "enslaved", they were indeed influnced. However, when I think how the NAZI's got in power, I think of mass controled propaganda.

I believe that an internet made with this technology would not be used to directly to enslave. More, like the NAZIs, it would be used to influnce the thoughts of the masses.

Insight I read about how media controls the public:

Media does not tell you what to think, but it does tell you what to think about. Having a loud voice doesn't mean people will agree with what you think, but it does mean people will be thinking about what you are thinking about.

Re:Installation vs. Usage - Mac 10 Windows 7, Linu

[Khazunga]

Your oppinion reflects Linux as it was two years ago. Please do try and take both SuSE and Mandrake for a run. You'll see their TCP/IP dialogs don't mostly suck, and SuSE's admin interface is just plain excellent. Installation couldn't be easier (SuSE 8 default installs with three mouse clicks)

You use Debian, and I respect the choice. Its an excellent distribution, very easy to maintain *if* you're a techie. I've used SuSE on my desktop, and switched to Gentoo. I think its better *for me*. Debian and gentoo are both excelent. Neither one is advisable for my parents.

However, I have them using SuSE 7.3, with KDE 3. Again, not my choice of desktop or OS, but excellent for them. The machine never breaks as it used to with Windows, and they can do their work (mainly word processing, spreadsheets and digital image downloading). Linux is reaching readyness for the desktop. And it can only get better.

The 1984 is FUD, too -no msg

[extrasolar]

No message.

Hilarious

[Eric+Damron]

I find it hilarious that Microsoft can leverage security as an issue to justify implementing an OS that is designed to kill open source OSes like Linux.

Microsoft: "We've been making a really insecure operating system that has cost the world billions in damages. But don't worry or consider existing operating systems that are already secure because we're going to design a new operating system. It will do exactly what WE want so YOU won't have to be bothered with choices."

Re:Hilarious

[cant_get_a_good_nick]

This is the same company that tells other folks that you should use MS products not Open Source because of security, then says it can't release their source code because their products are so buggy that any release will cause security holes. Hmm, if after years of writing OS and Applications you can't write code that would stand up to release, now you decide you have enough security expertise to totally rewrite the basic security platform of billions of PCs. Ummm, OK.

Microsoft makes many products, some good, some not so good. But they've always been the best when it comes to anouncements of what they will do, and have people buy it. No matter how many cult-of-personality thinkers say it, Bill Gates is not the best visionary (MS BOB, remember how he had to reissue "The Road Ahead" to include his great wisdom on the Internet) but they're paranoid hyper-competitive people who will do absolutely anything to stay ahead.

Re:Soon, computers will be free...

[Delphix]

and I will live in a hut in the forest and be done with any damned piece of electronics made after 1985.

Re:Installation vs. Usage - Mac 10 Windows 7, Linu

[extrasolar]

This is not hard:

rpm -ivh package-name.rpm

and its even easier on a debian system. Just write the command down on a piece of paper and tape it to the wall like they used to do in the old DOS days. And gnorpm, in my opinion, is more difficult to use!

And of course the possibilies of remote administration is strangely compelling...

GNU/Linux on the desktop is here.

I still don't get it

[macemoneta]

Maybe I haven't had enough caffeine today, but what's to prevent someone from using software emulation for the hardware functions in Palladium? Wouldn't this allow the security and authenticity checks (and DRM) to be circumvented?

The problem is that a PC is a general purpose computing platform. It's not a DVD player, or a CD player or even an email station. It's anything the software makes it. And it has lots of free CPU cycles these days for things like emulation. If the software never invokes the CPU functions or uses a software protocol stack instead of the hardware stacks, you can do anything you want.

You can hack the firmware (like what's been done to DVD players), you can even patch the CPU with hacked microcode. If you can't, then you need to upgrade your hardware when Palladium 1.1 comes out. And 1.2, and...

Why not simply prove that the design is faulty before it gets out of the gate?

Re:I still don't get it

[crucini]

I think the hardware will decrypt content. So, Alice wants to download a song. The OS asks the hardware for its "identity" - a file with a serial number and a RSA public key. The whole identity file is signed by Microsoft. The OS sends this file to the music server, which verifies the signature. The music server prepares a music file containing the mp3 and some DRM rules and encrypts this file with the public key it got from the client. The music server sends the music file to the client.
Whenever Alice plays the song, the OS simply tells the hardware to play it. If the hardware is satisfied with the security of the machine (no unsafe code running), it decrypts the file on the fly and sends it to the ADC. Maybe the mp3 decoder will be in hardware - maybe it will be a special piece of software signed at a higher trust level than the rest of the OS because it can touch (gasp) plaintext audio.
As for your idea: let's say you stick a Palladium OS distribution CD in a Linux box and start playing with it. First, the whole CD might be encrypted, ala DVD, with a set of keys issued to various CPU makers. In which case, it will be virtually impossible to get at the Palladium machine language. Remember, DVD-CSS was cracked only because they allowed software implementations.
Assuming that it's not encrypted, you might be able to get Palladium OS to boot in a virtual machine. But the VM would not have a valid "identity" file as described above, so while you could fool the OS you couldn't fool any outside parties like the music server.
As for the firmware and microcode updates, obviously those would be digitally signed by the hardware maker and the hardware would not accepted unsigned updates.
Also remember, distributing tools to circumvent any of this is a felony violation of the DMCA. The Hollings bill, if it passes, will add more penalties.

Microsoft could make it clear to CPU makers that any compromised keys will be revoked. So if VIA rushes through their Palladium implementation and sells a series of chips with unintended holes in them, as soon as the news leaks those keys are revoked and VIA has a lot of explaining to do, as their customers are unable to view copyrighted content from the internet. I think this threat would induce the chipmakers to implement securely.

Re:I still don't get it

[macemoneta]

So if an unhappy Intel/AMD/etc. person waits a year into "DRM CPU" production, then leaks the their key, what happens? Intel isn't going to recall a years production worth of CPUs; they can't afford it. It's the same problem as the DVD issue; you can't recall all the DVDs to update the encryption. Once the cat's out of the bag, you're done. You can't disable the key; too many paying customers will be impacted. DVD Deja-Vu all over again.

Re:I still don't get it

[crucini]

This problem is not unique to DRM. Many systems rely on keeping important keys secret. For example, Ross Anderson has written about the problem of crypto keys used by ATMs. And when the US was pushing the Clipper chip, they had a scheme for inserting the eavesdropping key which seemed fairly robust. I think the usual approach is to design an automated system for generating and handling the keys so employees never come in contact with them. I think Intel already successfully keeps a lot of secrets. For these keys to leak, either there would be a breakdown in internal procedures or an employee would have taken great risks to circumvent security and copy the keys.
But in general, I take your point that this scheme puts a lot of eggs in one basket.

Re:True.

[ceejayoz]

And those damn heartless corporations that disagree with me can sell proprietary binaries to hell!

You're acting like they don't do that already... ;-)

Grrr. Nobody seems to get it.

[Elwood+P+Dowd]

All of these "features" of the Windows+DRM are lies. Steven Levy bought it hook line and sinker, but not just because he ignored the downsides. DRM Windows is not going to stop your spam, because it would be inconvenient to make people choose who they can receive email from. So they won't do that. It would be inconvenient to make users decide exactly what privileges to give to apps they install. So those apps could still do malicious things to their computers. DRM Windows isn't going to stop that either.

The only features that will definitely be implemented perfectly are the ones that will limit our freedoms. Licensed debugging tools only, shrink wrapped OSes only, licensed media only, etc.

so, how long...

[ceejayoz]

until someone hacks the IIS server containing the list of authorized software?

BritneySpears.exe is an authorized Palladium program. Giving full read/write access to C:\.

Re:Installation vs. Usage - Mac 10 Windows 7, Linu

[schmaltz]

Points taken, and I s'pose it's true that I'm out of date. I've been hearing good things about Mandrake and SuSE both, time I gave one of them a run.

Re:Installation vs. Usage - Mac 10 Windows 7, Linu

[schmaltz]

This is not hard:

rpm -ivh package-name.rpm

No, but the consequences of running that command can be. Kernel version, dependencies, editing configuration files. All that requires command-line knowledge for which there's no GUI substitute.

As much as I dislike some of the implementation, OS X is the closest thing to a unix with really decent automatic configuration and installation tools. True, like one poster said, I'm out of date, been using Debian Potato for ages. My next two installations will be SuSE and Mandrake, and maybe DeadRat, just to check out 7.2.

Still not a monopoly?

[dasheiff]

We're they in trouble for making pc makers install windows on their systems? Isn't this even worse? Hopefully the government will see this one.

Re:Installation vs. Usage - Mac 10 Windows 7, Linu

[extrasolar]

"No, but the consequences of running that command can be. Kernel version, dependencies, editing configuration files. All that requires command-line knowledge for which there's no GUI substitute."

Okay, this is the way I see it. GNU/Linux requires computer literacy. Anyone who is computer literate should not be surprised of the fact that certain software requires other software to run. And anyone who is computer literate should not be afraid to either refer to the manual packaged with their software or look up the often superb online documentation.

In other words, GNU/Linux is ready for the desktop.

But, the lack of computer literacy is a different problem that needs to be tackled differently.

Who has the control?

[Noel]

I must admit, this is a masterful stroke. It appears to give users additional control over their computer's security, while limiting the options in such a way that it actually concentrates that control into others' hands.

[NOTE: Since real information about Palladium is pretty fuzzy right now, I'm theorizing a bit about its capabilities for now. Only time will tell...]

It can remove my power to choose what's authorized to run on my computer. It can prevent usage of "untrusted" or "unauthorized" code. Lovely turn of phrase, that. Notice how it uses the passive to avoid any implication of *who* is trusting or authorizing the code? "Palladium is all about deciding what's trustworthy. It not only lets your computer know that you're you , but also can limit what arrives (and runs on) your computer, verifying where it comes from and who created it." The implication is that the user is in control, but who decides?

I have not yet seen anything saying how programs are authorized. It would be logical to set up a coalition to do this, and use membership agreements to control the behavior and competitiveness of its members, and exclude undesirables. We can see prior art in the way the DVD-CCA controls access to the CSS keys and uses that control to enforce region controls and lack of digital output.

It can remove my power to access information, since Palladium "can limit what arrives" on my computer. In other words, the authorization control can extend beyond code to data. If a site does not have a valid Palladium authorization (however those are issued), then Palladium may be able to prevent access to it (and tell me that it has saved me from an "unauthorized site"). Again, the key to this control rests in the authorization process.

It can remove my power to customize my computer. No, I'm not talking about case mods, I'm talking about OS and program configuration. In order to maintain a "trustworthy" system, it will have to limit access to the configuration system. Assuming they keep something like the Windows Registry, I can see two options here. They may refuse to authorize regedit, et al., and remove OS authorization from any registry touched by those programs. Or they may remove the my ability to change anything "critical" (by some definition or other) in the registry.

Ultimately, it can force a choice between "all-Palladium" and "no-Palladium". If it can refuse to run unauthorized programs or access unauthorized sites while any authorized programs are running or authorized sites are being accessed, then I cannot work in both realms at the same time. I must either choose "Palladium" ("safe") or "non-Palladium" ("dangerous"). It could also deal with these realms asymmetrically: if I try to use Palladium resources, it could automatically close all non-Palladium resources (and tell me that it has saved me from danger), but if I try to use non-Palladium resources, it might refuse to load them until I had manually closed all of my Palladium resources, and perhaps rebooted.

Faced with this choice, how many users will be willing to give up some useful non-Palladium resources rather than giving up all Palladium resources? Immanentizing the false dichotomy, anyone?

I sure hope I'm wrong about this, and that I'm just being too paranoid. Unfortunately, recent history seems to show that we need a really healthy dose of paranoia when dealing with things like this. Again, only time will tell for sure.

Points of BS

[Fujisawa+Sensei]

It's easier to vandalize a Web site than to program a remote control.

Totally bogus. Websites are not that easy to vandalize. Especially if they are running Apache under OpenBSD.

Consumers fret about the loss of privacy.

Rember Hailstorm? How is this going to solve your privacy issues, especially considering the new EULA in MS's latest security patch that allows them to root your computer and look around anytime they want?

Computer security is enough of a worry that the software colossus Microsoft views it as a threat to its continued success: thus the apocalyptic Bill Gates memo in January calling for a "Trustworthy Computing" jihad.

Why is security now viewed as a threat to MS before January? Aren't they a Monopoly? Can't they make a user friendly OS without the chronic security holes? And why are there security holes is Windows Medai player?

Though Microsoft does not claim a panacea, the system is designed to dramatically improve our ability to control and protect personal and corporate information.

Who's ability? My ability or Microsoft's ability? If its my ability: how so? If its anybody else: screw them.

Tells you who you're dealing with-and what they're doing.

What about privacy?

Protects information. The system uses high-level encryption to "seal" data so that snoops and thieves are thwarted. It also can protect the integrity of documents so that they can't be altered without your knowledge.

Please tell me how they are going to be snooping around my computer to begin with?

Stops viruses and worms. Palladium won't run unauthorized programs, so viruses can't trash protected parts of your system.

This comming from the company that run Hotmail. All I get there is SPAM. Then I get SPAM from MS telling me to buy more space because I might not be getting all email! Like I'm acctually going to spend money so I can have a bigger bucket for the SPAM.

Safeguards privacy. With Palladium, it's possible not only to seal data on your own computer, but also to send it out to "agents" who can distribute just the discreet pieces you want released to the proper people. Microsofties have nicknamed these services "My Man." If you apply for a loan, you'd say to the lender, "Get my details from My Man," which, upon your authorization, would then provide your bank information, etc. Best part: Da Man can't read the information himself, and neither can a hacker who breaks into his system.

Why would I want a third party involved in my transactions? The thrid party may not have access to your information, but they can tell what is going on. For example if Progressive insurance regularly access certain information, they can sell the information they do have about me, contact info and such, to a competing company like Farmers or Geico.

Controls your information after you send it.

I seem to rember a courtcase where an author wanted a cut from or block off sales of used copies of his books. The Supreme Court shot it down. Right now if I buy something, I have the right to resell it, with DRM I don't

Palladium is a dead-serious attempt to finally make it happen,....

He's right.

Hollywood's fear of digital copying.

They were also afraid of VCRs. I don't see the industry bankrupt yet though.

And what if some government thinks that Palladium protects information too much? So far, the United States doesn't seem to have a problem, but less tolerant nations might insist on a "back door" that would allow it to wiretap and search people's data. There would be problems in implementing this, um, feature.

Bullshit.

Others will note that the Windows-only Palladium will, at least in the short run, further bolster the Windows monopoly. In time, says Microsoft, Palladium will spread out. "We don't blink at the thought of putting Palladium on your Palm... on the telephone, on your wristwatch," says software architect Bryan Willman.

And how will this dilute MS's monopoly?

Microsoft Linux Palladium Edition

[fferreres]

fferreres@fede:~$ head /etc/passwd

palladium:x:0:0::/root:/bin/bash
root:x:1000:10 00::/home/root:/bin/bash
bin:x:1001:1001:bin:/hom e/bin:
daemon:x:1002:1002:daemon:/home/sbin:
adm :x:1003:1004:adm:/home/var/log:
lp:x:1004:1007:lp :/home/var/spool/lpd:
sync:x:1005:1000:sync:/home /sbin:/home/bin/sync

fferreres@fede:~$ ls -al /etc/passwd
-rw-r--r-- 1 palladium palladium 746 Apr 6 17:59 /etc/passwd

fferreres@fede:~$ su -
root@fede:~# less /etc/shadow
/etc/shadow: Permission denied

root@fede:~# shutdown -h now
shutdown: must be palladium.

root@fede:~# mpg123 /home/mp3/maddona.mp3
/home/mp3/maddona.mp3 : Permission denied. Autodelete triggered....Done.

Re:DIVX

[Zeinfeld]

DIVX didn't die because of savvy users, it died because most of the companies in the industry were against it.

This was none too suprising when you consider that most DVDs are only watched once. So the net take for the movie companies would go down drastically.

Then the idea that circuit city would get a monopoly of the dvd rental business...

Re:Will it fail like DIVX?

[rnturn]

``Microsoft aren't [sic] a security company. They're a company that writes an Operating System. Perhaps they should stop trying to dominate the market and continue on building their line of OSes.''

Haven't we all wondered what Microsoft could have accomplished if they'd directed all the brain power devoted to screwing over their competitors to something more useful? Like a better product with world-class stability and security?

``One of the articles stated "If it's as buggy as the rest of Microsoft's code, can we really trust it?" And that's what I'm happy to agree with.''

Hear, hear! That's what makes me somewhat skeptical that Palladium will ever be adopted. Microsoft's reputation has accumulated an awful lot of tarnish for the computer press to begin having the reaction that is has in the past few days. Normally, they'd be hailing this as the greatest thing since <fill-in-the-blank>. But who trusts Microsoft with anything (product, partnerships, etc.) any more?

(For some reason, thogh, part of me thinks that, if Palladium is widely dismissed, Microsoft will begin whining ``Well, don't go blaming us for these viruses. We offered you Palladium...'' Uh, yah right.)

TCPA / Palladium FAQ

[scubacuda]

Here

Mandatory upgrade real possibility w/new MS EULA

[SgtChaireBourne]

The switch from 3.11 may be over and people don't seem to be flocking to fork over money for a lesser system like XP. However, the windows media player upgrade does take away that option to keep a system as it is by giving admin rights to your MS-Windows box. If you don't apply the patch now, you get "0wn3d" -- by anyone. If you do apply the patch, you lose your options and will have to accept whatever BillG decides is good for you.

Changes like this in the EULA have been used before to the disadvantage and inconvenience of the consumer. I see no reason to daoubt that they won't be used this time.

could you imagine ...

[kipple]

...a beowulf cluster of those? No? Neither do I.

I'd rather buy as much hardware as I can right now, before those computers will be mandatory, so I'll be happy for the next 30 years with my 120-old-PC cluster. ...and probably in 30 years they'll barely play my 3d ripped movies :)

Re:Installation vs. Usage - Mac 10 Windows 7, Linu

[gorilla]

Okay, this is the way I see it. GNU/Linux requires computer literacy.

But don't pretend that windows DOESN'T require computer literacy. Installing a random package, even with the pretty GUI installer, can break a windows box. You need someone with skills to go in and work out why installing a new game caused three other games to stop working.

Re:Installation vs. Usage - Mac 10 Windows 7, Linu

[schmaltz]

This is 2002. We've had computers with GUI desktops for, what, 15+ years? Why, in order for a set of well-engineered, long-accepted graphical metaphors to work consistently, do we now require (for Linux to be the desktop o/s) that users learn and know arcane command language from a 30 year-old mainframe-oriented (originally), text-based timesharing operating system? That's regressive, man.

And especially since computers are so damn powerful now, it's almost absurd that most system management isn't handled automatically. Of course, this last applies to all three major desktops, not just Linux.

But the answer is, Linux is a server O/S, with roots steeped in, yes, mainframe timeshare systems, that has a GUI grafted on top of it. Users of spreadsheets, wordprocessors, games -most applications- should not have to be bothered with this stuff. That they are (Mac, Win or Lin) is almost shameful. Man, as a kid when I looked to the future of computers, I expected things to get drastically better. (Mac does come out on top in this regard.)

But instead, they got incrementally better. The last loudly touted new O/S, BeOS, was pushed on the basis of its multitasking fundamentals -techy/geeky features about which typical desktop users just couldn't give a flying.

From the ground up, without regard for current binary executable compatibility, an operating system designed today could be substantially better. In some ways, game consoles and PDAs (excepting wince) present an ideal exponent of latter-day interface and environment design.

Good point

[crucini]

The attempt to tie Palladium to 'security', in the sense we understand it, is dishonest. Palladium is a scheme to shift power from computer owners to Microsoft and content owners.

Re:Grrr. Nobody seems to get it.

[crucini]

I basically agree with you, but I can see how a draconian scheme like Palladiium could end spam. Spam inherently relies on deception and anonymity. Imagine that every message in your inbox has a full name next to it like "Robert H. Smith". The message was signed through a Microsoft-issued key; otherwise it would never make it to your inbox. If you click on "Robert H. Smith" you see his driver's license picture and address. You're in a good position to sue this guy, because you don't have to spend much effort figuring out who he is. Maybe Microsoft gives you a button to report the sender for abuse. A few thousand clicks later, Robert H. Smith is suspended from Palladium email for 90 days.
There's more - each message would probably have to be individually encrypted and signed. This might be too burdensome for spammers. Also, would their spamware be "trusted" under Palladium? For a really ambitious idea, Microsoft could issue each user 100 "stamps" per month. When you send someone a message, you give him your stamp. So if a spammer wants to send 8 million messages, like Ronnie Scelson, he'd need 8 million inbound messages first.
Of course, these measures would impact legitimate mailing lists. Microsoft could sell "enterprise certificates" to big corporations. And if the LKML is a casualty in this "war on spam" I don't think Microsoft would be too upset.

Re:Grrr. Nobody seems to get it.

[Elwood+P+Dowd]

Yeah, that would work.

But I think it would be inconvenient. The initial users of Palladium-only email would be inconvenienced by non-Palladium users that they would like to receive email from. If this meant that the first Palladium-based email systems defaulted to allow email from untrusted sources, that it would not provide the push that would require, say, AOL, to switch.

Now, if sending any unsigned email at all were considered a circumvention, and Microsoft told AOL that they would be required to shape up or be kicked off the microsoft platform, I can't imagine the resulting anti-trust litigation would end in our lifetimes.

Re:Installation vs. Usage - Mac 10 Windows 7, Linu

[extrasolar]

"This is 2002. We've had computers with GUI desktops for, what, 15+ years? Why, in order for a set of well-engineered, long-accepted graphical metaphors to work consistently, do we now require (for Linux to be the desktop o/s) that users learn and know arcane command language from a 30 year-old mainframe-oriented (originally), text-based timesharing operating system? That's regressive, man."

The first problem with your reasoning is when you say "designed for mainframe computers". It was designed with time-sharing in mind. And the basic command set was more designed for tree structured file systems, which we still use today.

Also, rather than arcane the basic GNU commands are actually straight forward. Again, these commands are designed for manipulating a tree-structured file system.

Unless you want to remove the user's ability to manipulate the file system, what is your complaint?

I am almost in agreement with you about system management. My only problem is in understand what sort of management you are speaking of. RPM does a really nice job on managing software. Its only problem is with dependencies. Of course, the very existance of dependencies is a good sign and shows that the system is reusing a lot of software.

Also, the online documentation is often quite good.