Slashdot Mirror
New Chips Keep Tight Rein on Consumers
banannaslug writes "NYTimes (subscription, etc.)
talks about Microsofts Palladium. The article addresses how applications of controlling technology affect competition as well as the consumer, can be used to extend monopolies to new markets and has
very serious implications for what happens to user driven innovation. We'd have the people's operating system, the people's web browser and the people's media player, and 'computers' would be as useful to innovation as a bicycle to a fish.
This is the kind of behavior you expect in a mature industry that tries to add
'law' to preserve failing market models dependent on a lack of competition. Next thing you know they'll want to force customers to upgrade periodically." Point it out to your boss.
The current unencumbered hardware isn't going to go away unless people stop buying it, or a law is made against it.
Under the DMCA, unencumbered hardware could be considered a circumvention device to avoid the Palladium-based DRM hooks. And if that's not good enough for the attack lawyers, just remember - the DMCA got passed.
You bet your ass unencumbered hardware could go away. Give it five years. Five years is forever in the computer industry - remember what hardware you were using five years ago?
Better to stop this now, before it can take root.
Someday, you're going to die. Get over it.
I'll stop worrying the day that my relatives who don't understand the difference between a CD and a hard-disk, understand at least this.
Jumpstart the tartan drive.
> The current unencumbered hardware isn't going to go away unless people stop buying it, or a law is made against it.
Both are more likely than you might think. Never forget that free market models are only applicable to free markets: Consumers do not have a free choice in an almost completely monopolized market. That is: I agree that nothing's lost until people actually start buying and using these Palladium based technologies, but what people buy or what people use is to very large extent a result of marketing. And - as we all know - Microsoft has a lot of resources to do "good" marketing...
Situation A: Lonely midnight pasty white hacker codes up easy to use, secure, encryption software for the common user. This is something which can be used for good or evil, but should nonetheless be available for everyone to use. He publishes the code so people can ensure that there's nothing going on behind the scenes. He is praised on high and given verbal rimjobs by the "community."
Situation B: Same as A, except the hacker is now Microsoft. They are slammed, accused, and drilled by the "community," the only real difference being that their code will not be modifyable for distribution while the hacker above's will be. (They're releasing it under shared source remember.)
Shit, click on any crypto article and you will have people whining about how there is no easy to use, open source crypto software installed on everyone's computer. Now we're getting it by the only company who could actually get it on every computer, and you bitch and whine because of one facet of the implementation, DRM, which is inevitable and would happen regardless of who developed the cryptosystem. You either get crypto on every computer, and DRM, or no crypto and no DRM, you can't have one and not the other. Deal with it.
So finally, I can actually send a secret to Grandma via e-mail without anyone being able to snoop in on it. But sure, you can skip over mentioning that part (something rather incredible given it's been 30 years since RSA) because it obviously takes too much effort to actually boycott the RIAA or stop pirating music in order to get them to respect your "fair use" rights. String up Microsoft instead, right?
I'd have issues with it if we wouldn't be able to see the source code, but we will be able to. It doesn't matter that it's not GPLed in this situation.. if there is a bug you can be sure MS will fix it ASAP since their ass is riding on this software. This is not IE.
Also, if you end up not being able to install Linux on your computer because of the hardware, either blame yourself for buying the hardware knowing that Linux was not up to speed yet, or blame the Linux hackers for not supporting your hardware. Don't blame MS for getting crypto in every home -- that's been a something that everyone who knows anything has wanted since the 70's. Don't kid yourself -- without MS doing it, it would never happen.
--
Does anybody think this is just a reglossing of the personalization stuff in Passport that didn't fly?
They made a big deal of grabbing and getting control over your personal information and when that went over like a fart in Church they backpedaled and thought:
"Well, will they accept it if we word it _this_ way?"
"Draco dormiens nunquam titillandus."
I don't like Microsoft. Let me get that out of the way right now. I consider the company to be a shining example of some of the worst aspects of capitalism.
But Microsoft isn't what worries me. Microsoft does not make me paranoid. Why? Because I know that no matter what happens with Microsoft, I can always choose not to use their products. I can buy or build myself a perfectly usable computer that runs Mac OS X, Linux, or what have you, and is certified 100% MS-free.
What worries me is the spectre of DRM laws mandating how my computer works and what types of programs I may and my not write.
I am concerned about any program, any piece of hardware, any treaty, any law that treats me as a consumer, not a citizen.
I worry that someday, when I sit down to code away on my digital photo managment software that I will have to incorporate government-mandated checks to ensure that no one could possibly use my product in any illegal activity.
As I sit here in England, people are celebrating Independence Day back home in the U.S. I will be later today, too. I'm proud to be an American; I'm proud of the freedoms that I enjoy under the U.S. Constitution. But I am paranoid that many of the basic freedoms that I have always counted on are being swept silently away - in the name of big corporations, in the name of security, in the name of profit.
Security is a great thing, but not at the expense of freedom of speech. Companies and artists need freedom from theft, but not at the expense of law-abiding people. We already have laws for punishing thieves and crackers. Use those laws.
------
Just because you're paranoid doesn't mean they're not out to get you.
I am concerned about any program, any piece of hardware, any treaty, any law that treats me as a consumer, not a citizen
most common forms of trojans and backdoors will be effectively eliminated - assuming people don't set the PC to "trust all" sources
:p), people just don't know that they shouldn't run them. This won't stop one bit of trojans / backdoors / viruses / exploits, and if you think so wisen up.
I'm sorry, but you've been listening too much to M$ rethoric. Trojans and other backdoors don't run by themselves (unless you use Outlook
Kjella
Live today, because you never know what tomorrow brings
being FORCED to use it. Your argument reminds me of Stalman's contention that all software should be free/open. How can you be an advocate of freedom if you maintain that nobody should release closed-source software (are they not free to do so?) Similarly, while crypto and security are good, the idea that any particular implemenation of same will be hardwired into your hardware, only to work with software that uses the same implentation, is a little distasteful.
Now, of course, you will say that we aren't being FORCED to use palladium. Well, that's the problem with Microsoft. Their crap becomes the defacto standard that everybody else follows, for better or worse. Alternatives tend to shrink or disappear over time. Most people here on the dot probably like PGP/GPG. But if Microsoft incororated those into Office and said you could only share documents with people who also had it installed, and had the proper keys (given to you by Microsoft, after you 'signed' a EULA,) then you'd hear the same complaints. And those complaints would be legitimate.
Evil is the money of root.
I hate to break it to you, but Steven Levy is nothing more than a cheerleader for Microsoft. He is about as biased a writer as you're likely to come by when it comes to issues like "intellectual property".
... then they came for me.' idea (he was comparing himself as a victim of copyright infringement to a victim of the holocoust).
I lost all respect for the man when he published an article that was a play on the 'first they came for X and I did nothing
-- Shamus
Bleah!
If something's for sale, and I purchase it, I would like to believe that it's for my use. Example. I purchase a car. Mine to drive, modify, and use as I see fit. I don't have a rep from Ford checking to make sure I'm using only Ford Approved Parts, and ready to tow my car away if he finds I'm using something that doesn't have the Ford Seal of Approval. I have no problem with paying for something that I find to be useful. I have a problem with buying something that has its' usefulness to me curtailed by design. When I have to call my Microsoft Mommy and say "Mother May I?" to install something new in my computer is going to be the day I finally get off my ass and switch over to Mac.
What's obvious is you haven't been paying any attention. The whole PC hardware industry is geared towards making the pieces of junk that will host Microsoft's operating systems, instead of truly inspired hardware designs. The reason? To avoid being shut out for NOT being able to run what everyone else is running. Microsoft says jump and AMD/Intel/VIA/Asus/etc. say, "how high?"
A feeling of having made the same mistake before: Deja Foobar
What I'd like to see is those guys and the Palladium guys fight it out at Microsoft first, before they deliver us an OS that makes sure that the spam and Disney advertising gets through, but nothing else.
Careers should combine three things: what you can do, what you want to do, and what you can get paid for.
Palladium is a good idea, but not for desktop use. End-users are treated like criminals or people operating under secrecy.
.isos before I burn them. I use HTTPS (where the certificates get handed down via Verisign or some other root server).
Palladium is more about (1) hardware enforced signing and (2) code verification.
I'm all for signing and code verification. I check my package signatures with GPG before I install them and I MD5 all my
The problem lies with the fact that interoperability between Palladium and other systems is only guaranteed if you get a signature from a Microsoft-sponsored system. Guess which source is going to be trusted, no matter what? You're kidding yourself if Microsoft will allow you to "distrust" binaries or media coming from www.microsoft.com.
This is the exact argument for DeCSS. You may be perfectly happy to own DVDs that can only be played on the "Enhanced Windows" system that Microsoft offers, but cannot be decrypted, EVER, on any other OS. Including Macs. (Depending on how much money they pay Microsoft for the right to play your media.
They are going to release the source, which is odd in itself. It leads me to believe in general that MS may being a rather okay-ish thing.
Releasing the source is not a sign of goodwill here. Since Microsoft already has the patent (look at point #7) on the core idea of Palladium it would mean diddly squat to the GPL community.
My conclusion: Look at smart cards. They offer the same feature set. The only difference is that I'm gladly willing to give up the right to run software on the processor on the card in order to make things like bank transactions possible. The question is, are you willing to give up the right to run any software on your computer not expressly signed by MS, just so you can watch your favourite DVD on your PC?
> Government needs to require all entertainment content to be made available to any distributor who wants to sell it subject to RAND (reasonable and non-discriminatory) license payments if they want to establish a free market.
.. distributing. Currently, its ironic that labels and such, the distributors are doing the very opposite of that - opposing all new forms of distribution and attempting to squeeze success out of creating scarcity of content.
Exactly!!!!!!!!!!!!!! (Even if it's unlikely without a significant, long, probably dirty revolt from consumers.)
Copyright was brought in to force work intop the public domain. I contend that they missed a very important point - the author is not legally allowed to give exclusive access to that content to one distributor. That should be against the law. In the same way that consumers should be free to participate in the market with a reasonable lack of outside influence, so should distributors all have fair and equal access to content, such that their success is built on how well they can deliver and price it, not how much culture, art and content can they withhold from the market and at what price will the market bear _access_ to that content.
Distributors should be in the business of
"Old man yells at systemd"
Comment removed based on user account deletion
To you "discount of commodity hardware" is the only complaint?! Gee, the vast majority of the complaints I've been seeing (even here on
invasion of privacy
erosion of Fair Use Rights
the rights of content creators (my complaint), as opposed to the alleged rights of corporative entities like the RI/MPAA
total Microsoft domination of the OS market through a hardware wedge
the possible virtual elimination/obsolescense of the GPL, and/or (GNU/)Linux
And here's a new one: jurisdictional misuse to enforce the DMCA (a US law which doesn't bind those of us outside the US) through hardware. Do you really think all those big US-based hardware manufacturers will make one version for the US and one for the rest of the world? Heh. In my country, we don't have a DMCA...(yet)
Funny, I don't see any (purely) "money" issues in there at all. Then again, as I've said before, there are some things that just don't come down to money, especially since it's damn hard to put a definitive price tag on rights (whether "inalienable" or not) and freedoms, except maybe (as Tom Jefferson said) "eternal vigilance."
I'm not a geek, I'm just a clever script.
How they are unfounded? When someone can't copy their own work for fear of hurting someone else's profits, they have lost their rights on that matter.
Comment removed based on user account deletion
Holy crap, what a breath of fresh air. Somebody who actually understands Palladium. Thank you for not blindly spouting off anti-microsoft rhetoric.
I can tell you that DRM is not the main focus of the hardware side of Palladium. The hardware focuses on creating secure locations in memory that cannot be accessed by any unauthorized people (other processes, bus masters, bios). This means that applications can store things in memory (including the application code itself) without any worry about it being revealed or modified by malicious people (like procdump for example). Palladium is a solution to one of the big security holes in computer architecture.
"The defense of freedom requires the advance of freedom" - George W Bush
Frankly, I can't see any difference between this and the previous Clinton administration Clipper Chip proposal from eight to ten years back. Except that now instead of the government having control over signing digital certificates we have a single private corporation. That's freedom for you! One further point: you state the system will only be used to control copying of content. Since the most fundamental operation of a computer is to copy, as in moving a byte from memory to a register for example, isn't by definition this also a mechanism to control how one may USE said content? Even if the content is something you created on your own?
I find it utterly amazing to read such large numbers of libertarian conservatives -- folks who presumably support individual liberty and non-authoritarian government -- so easily willing to cave into the demands of huge private corporations at their own detriment. Institutions so large they generate a revenue stream larger than most third world governments, and who clearly use the same monopolistic and exclusionary tactics so hated by the conservative right when the issue turns to government monopolies. And before anyone brings up the fact that government has guns while Microsoft (Disney et all) doesn't, might I point out just who they're buying off in order to obtain the legislation which will force us all to use their cripple-ware?
--Maynard
Forum readers,
;-)
I can't beleive whats happening to the USA! First the DMCA and now palladium. All these will accomplish will be litigating US hardware manufacturers out of international markets. Already many forgien countrys use non content scrabling DVD players because they simply couldn't give a flying f*ck about our laws (korea, china, Austriala, etc). This international non complaince seems to be gainging steam too, many coutries like to look DMCA supportive but have never prosocuted anyone for backwards engineering or producing illeagal non-region encoded dvd players.
It looks like the future of US hardware industry will be very limited. US hardware companies will be forced to produce Palladium and DMCA complaint hardware, and will not be able to legally produce any non-dmca/palladium complaint hardware for export. Forgein hardware manufacturers will be selling their hardware to the US though, because they could legally sell DMCA/Palladium complaint hardware to the suckers in the US at the same time they sell unprotected hardware locally and to everyone but the US. There is no way that US hardware manufacturers would be able to beat the volume advantages that international hardware manufacturers would have. IBM and Sun would be stuck with the local US server market, because they couldn't legally make the servers that international markets would demand. International markets are tired of the US domination and it looks like Palladium will be the thing to drive the innovaters out of the US to europe in asia where they could work without fear of persecution. Following them would probably be the rest of our IS field, already countries like India are winning our IS bussiness . We will regulate Americas leading industry out of the country, then we'll be back to Auto manufacturing
At least thats my 2 cents.
If Palladium's goal is to increase security then it is a worthy idea, but not if users can't control it. Put an entry in the computers bios to allow the depth of control the hardware will allow. This is sort of what we have now with bios virus detection. You have to turn this off to install some software, you can turn it back on when the system is up and running. In an IT setting the computer bios could be set to allow such hardware control, the bios password could be setup and users wouldn't be able to mess with the settings as the ID dept. would hold the passwords. End user geeks would be able to do what they want, opting out at their own perl to viri that the hardware/software would protect them from.
Of course the virus writers could steal signatures and the whole system would be for naught. When you consider that PC hardware is used in embedded products with custom software it becomes clear that an opt-out to Palladium hardware is needed or this thing just won't sell. Want to run Windows? Then you might HAVE to opt-in. That's ok, if your trust MS.
NO NO NO NO NO. Really. This is important. MS is not the final authority. The USER is, because the USER decides who will be a trusted authority.
So, all this strong encryption and hardware-enforced execution policy, and we're back to square one. The user has to decide whether or not to run that e-mail attachment they just received. That doesn't quite sound like an 'initiative' to me.
This 'initiative' doesn't formalize the software code signing or trust system - it's been there in Windows since 1998 or so. What it does do is force it into hardware so that everyone, including developers, are made to use it. And who does that help? System administrators can force trust on by themselves using system-wide policies, and most home users would switch it off (if they were allowed to) the moment it prevented them from running something.
This is designed to tighten Microsoft's grip on software distribution channels. By requiring certificates for software developers (essentially a developer license), and colluding with hardware manufactures to only manufacture 'trusted' hardware, Microsoft is attempting to lock out non-commercial and free software.
Broaden the definition of 'software' to include 'content', and we're all really fucked.
I believe a free market should provide for maximum or at least high economic efficiency
Why? Who does that benefit? Shouldn't the system provide for the highest quality of life for the largest amount of people? If maximum efficiency means large amounts people get laid off, or have to work for low wages, or in unsafe environments (which it frequently does), then why is this possibly a good thing?
I must say I am _amazed_ by how big companies are allowed to cripple civil rights over there. A country previously recogniced as one of the greatest democracies. ;)
Millions of people have given their lives to protect the rights that you are now giving away because it's profitable?
Don't get me wrong, I beleive in strong, open market economy. But is that really where you are headed?
(If I was older, this would be where I'd start talking about "the good old days"... but unfortunately I'm not
-- Black holes are, where God is dividing by zero.
Besides this, I just read Levy's article in Newsweek. Some things are still not clear to me. How will Intel, AMD, and others implement the hardware? Will the feature be ignored unless explicitly exploited by software, e.g. the OS? Hopefully so, otherwise the new architecture will only run Windows, at least until others catch up.
And how will others catch up? Even if the security features can be ignored, users will want to use them even if they run, say Linux or BSD. And who among the users of a multiuser system will "own" the processor? We can hardly expect Intel to build respect for UNIX file permissions into the CPU, can we?
Finally, what will happen if I swap a piece of hardware? What will I have to do to make a new chip do the same as the old one, if they are unique in some way?