Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Chips Keep Tight Rein on Consumers

Posted by timothy on from the happy-independence-day-fellas-keep-it-down-willya dept.

banannaslug writes "NYTimes (subscription, etc.) talks about Microsofts Palladium. The article addresses how applications of controlling technology affect competition as well as the consumer, can be used to extend monopolies to new markets and has very serious implications for what happens to user driven innovation. We'd have the people's operating system, the people's web browser and the people's media player, and 'computers' would be as useful to innovation as a bicycle to a fish. This is the kind of behavior you expect in a mature industry that tries to add 'law' to preserve failing market models dependent on a lack of competition. Next thing you know they'll want to force customers to upgrade periodically." Point it out to your boss.

4 of 375 comments (clear)

  1. It'll be good and bad... by weave · · Score: 4, Interesting
    My prediction. This will be a boon for workplace computers. The home market will reject it.

    IT has been itching to seize control over the desktop ever since those rouge PCs yanked control from the terminal/mainframe days. This OS will help that greatly. Say goodbye to Personal in PC.

    The home user will most likely reject it. We think about gramps with a computer, who doesn't care, but in almost all family situations, there's a younger and computer literate geek who is called whenever there is a computer problem. Most of them love Microsoft now (look at the flame wars here for examples). Removing Personal from PC at home just ain't going to fly. People will reject it and if future hardware enforces it, the hardware market will take a huge negative hit for years while people hold on to legacy computers until they all die out. For advanced gaming, we'll just buy consoles. For our home box tinkering needs, we'll hold on to our trusty current boxes...

  2. Comment removed by account_deleted · · Score: 4, Interesting

    Comment removed based on user account deletion

  3. Re:much more informative articles by 0xdeadbeef · · Score: 5, Interesting
    I went looking for less-cheerleading press on this, encountered this gem:

    Microsoft Tackles Cyber-Security.

    Notice the highlighed quote:
    "If [Paladium] works, it will be the first time in the history of computing that [this level of security is obtained.]"
    Bruce Schneier
    Cryptography expert
    Ooh, a bold new step for Microsoft, a bold new step for mankind! Now read his actual statement, included in the same article:
    "If this works, it will be the first time in the history of computing that it works," said Bruce Schneier, a cryptography expert and author of "Secrets & Lies, Digital Security in a Networked World."

    "Lots and lots of encryption is broken all the time because it's done wrong," Schneier said. "The odds are actually zero this will be secure."
    Now can anyone claim that the press isn't trying to spin this?
  4. Go home, shill by marxmarv · · Score: 5, Interesting
    Palladium is an open architecture (I mean, on paper, that is).
    Not if it's patented. Go search on www.uspto.gov for "digital rights management operating system".
    It doesnt exisit yet, but the idea is that its not just MS running the show - anyone could be the authority you trust - hell it could be the FSF!
    Incorrect. The system as described in Microsoft's patents is based on the premise of transitive trust: BIOS trusts hardware, OS trusts BIOS, application trusts OS therefore application trusts hardware.

    One problem is that it's impossible to ship such an OS with a level of trust that preserves competition. If only MSFT is trusted by default, and a scary message must be acknowledged before trusting other parties, most users will use only MSFT software. If only MSFT and people it trusts are trusted by default, and a scary message must be acknowledge before trusting other parties, MSFT gains a lot of power over what people do use (and trust can be centrally revoked, enabling MSFT to partake of a number of slimy business models). If VeriSign or similar is at the root of default trust at the OS level, and a scary message must be acknowledged before trusting other roots, shareware/freeware authors have to pay a tax to VeriSign to create their applications, thus stifling innovation. If no scary message is printed at all, then the point of the whole system is moot.

    Anyone can be a trusted source - anyone! This is about hardware enforced trust, not MS literally signing every piece of code that runs on your box.
    Have you tried as an individual to get an Authenticode certificate from VeriSign lately? They won't do it because of half-assed reasoning that includes the two meaningless trump words "national security". If, as you claim, this project is about "hardware enforced trust" then how does a user attempting to insert their own hierarchy of trust distinguish themselves from a virus (or, heaven forbid, a competitor) attempting to insert its own hierarchy of trust?

    This is about software trusting hardware and software trusting software. The hardware doesn't need to trust anything, and hardware trusting software is a well-researched and well-practiced problem which requires nothing short of potting whole systems in epoxy to foil attackers. Read Microsoft's patents, not Microsoft's propaganda.

    You are correct - this is the same idea as "smart cards" except that its for the masses.
    This has nothing to do with the problems smart cards solve. Smart cards attest to the identity of the user, and as people are movable it makes perfect sense for these to be movable as well. Palladium's version of trust has nothing to do with a user proving their identity and only with proving a computer's identity. People don't care about a computer's identity. State-sanctioned spies, content vendors, corporations, software and software vendors do. What does a secure real-time clock do for the average user? Nothing. This is not about solving problems for the end-user.
    Releasing the code and a full specification, especially if the code is BSD-licenesed, will prove that MS's intentions and implementations are designed to elevate the entire industry, not just MS.
    Incorrect. If there is a patent on loading and identifying a digital rights management operating system its use is governed by Microsoft's licensure of that patent. If systems will (as feared) fail to allow use of the cryptographic processor or potentially even the entire system unless every stage of the boot trusts the next one by signature, that seriously degrades the user serviceability of open-source OSes. If users can set the secure real-time clock then it's clearly not secure. To top it all off, Microsoft is not known for handing out code under terms that allow modification or redistribution, and I fully expect the Palladium source to be released under the same viral "shared-source" look-but-don't-compete license as the CIFS specification and MSDN.

    At this point MS could go closed, proprietary, only good for Microsoft, or it could go for open, wide-ranging, available for everyone. It looks like they are learning towards the latter.
    History has shown they open things just enough to get maximum traction in any particular campaign. I suspect that, as they have done historically, they will disclose just enough info to allow them some slimy claims about openness and then aggressively leverage those claims to gently or brutally exclude competition on many levels.

    This initiative has nothing to do with consumers except to ensure they consume and pay for the privilege.

    -jhp

    --
    /. -- the Free Republic of technology.