Slashdot Mirror

← Back to Stories (view on slashdot.org)

The Power of Palladium

Posted by ryuzaki0 on from the it-slices-it-dices dept.

phriedom writes "Salon has coverage of Palladium which gives first page coverage to the idea that Palladium is designed to kill open source software. My favorite part though is on page two, where the Microsoft apologist says that ones view of Palladium 'depends on what you believe Microsoft's long-term aims are. If you believe it's to stimulate commerce and stimulate security, it's a step in the right direction ...and if you're perhaps given to suspicions that Microsoft always makes decisions with the aim of frustrating competitors of the Windows empire rather than for the good of consumers, you might have a different view of the same architecture.'" Wired also has a story claiming under-the-hood exposure to Palladium, although it doesn't seem to have much information that hasn't come out already. Update by J : Steven Levy's Palladium story, which we linked to in an earlier article, has allegedly been pulled from MSNBC's website. Anyone know if there's a simple explanation of this?

10 of 391 comments (clear)

  1. The whole point... by gilroy · · Score: 5, Interesting
    Blockquoth the FCC's Farber:
    "Until we see it, until we actually look at the code, until we go through the whole process and see how the whole system will work, we won't know what it's like."
    Is Microsoft going to let us look at the code, to "get under the hood"? It certainly doesn't sound like their usual practice, much less the oritentatiion of Palladium. And if we can't examine the code, if the architecture is kept secret "for security", then how can we tell what's allowed and what's not -- what will be able to run and what will be under Microsoft's thumb -- without buying into the whole system?

    Anytime you focus that much control through one agency, you're asking for trouble. Funneling it through a for-profit company is double the risk.

    --
    The Mongrel Dogs Who Teach
  2. Customers not caring? Ha. by billatq · · Score: 5, Interesting
    The strongest part of Palladium will be its ability to determine whether a given software application should run on a machine. The system will be shipped with these functions turned off, but "we actually think it's likely that users will say, 'I'm only going to run code that's been signed,'" Biddle says. By "signed," Biddle means that the application has been cryptographically tagged by a "signing authority." The Palladium system would run the code only if the user has approved that specific authority

    When Intel came out with the uniquely identifiable number in the Pentium III, of course customers didn't care, right? When I do have to run windows, and need to install drivers, things that aren't signed are generally the things that I need to use! Why in the world would I want any sort of chip that could possibly restrict this sort of thing. This could even be expanded to be "you can't run this code on your machine unless redmond has signed it"

  3. Good ploy... by MarvinMouse · · Score: 5, Interesting

    Well, from the sounds of it. This is a perfect attack on the open source movement.

    While absolutely anyone will be able to program code for the Palladium system. Since anyone can have a licence. (I believe Microsoft would let this get by). Only the open source people wouldn't be able to handle the new licence everytime. Thus Microsoft maintains control in two ways.

    1. The only main threat to MS's OS monopoly right now is Linux (and maybe a tad bit of Apple, which they own a seat on the board for.) This isn't a huge threat, but if it takes off, Windows loses it's viability. Then MS is screwed. With Palladium, only MS OSes(and MS supported OSes) will be able to handle the Palladium hardware, and the only competition that could potentially cause problems is blocked because it's unreal for it to be signed every single time.

    2. If MS decides to spread their wings some more. They will have the ability to put loopholes into Palladium to make it harder for competitors to code. They have done this before with Windows, making changes that purposely are damaging to competitor software (I know, I have had to program around those changes.) I wouldn't be surprised if they used this to accomplish the same thing.

    No matter what though, it does show an evil injenuity that I haven't seen from MS since the days of OS/2, and even all the way back to MS/DOS. I guess OS is having the effect of forcing these companies to compete. Since people have realized the software they pay for is as good as software people give away for free. :-)

    --
    ~ kjrose
    1. Re:Good ploy... by Rick+the+Red · · Score: 5, Interesting
      I don't follow your logic. Linux loses how, exactly? Without the ability to use the Palladium hardware, Linux won't be able to run Palladium software? Unlike today, you mean, where Linux can't run any Windows software anyway. (if you want to share files with MS Office users the answer is Open Office, not Wine)

      The only threat here is if the Office files themselves (and things you want to do on the Internet, etc.) require Palladium. But that would lock out more than just Linux users, it would lock out anyone without a Palladium PC, Palladium Windows, and Palladium application(s). So for Palladium to effectively kill open source in general and Linux in particular it will have to become so ubiquitous that everyone needs it even more than they today need Office or IE compatibility. And that will not happen until everyone who is currently happy with their PC, OS, and applications find a good reason to replace them all with Palladium versions, and that won't happen untill Palladium becomes ubiquitous enough to effectively require it, etc. It's a classic chicken-egg problem, and I fail to see the Killer App that's going to make everyone throw away perfectly good computers and upgrade to Palladium systems. It's either everyone upgrades overnight or it fails to take hold.

      Even if every new PC sold from now on is Palladium-compliant, what do you do about the installed base? What Killer App makes them all upgrade? If my bank requires Palladium, I'll switch banks; enough folks do that and the remaining banks won't switch to Palladium. If all new CDs require Palladium, the most they can expect of me is that I'll buy a DRM-compliant CD player and use the analog output to "pirate" the music for my car and computers. Lots of people forget that today's cheap analog is far better than the best you could buy at any price 20 years ago; if you don't have super-d-duper amps and speakers you won't notice the difference; you certainly won't notice it in your car at 60 MPH. Hell, most MP3's introduce more distortion in their compression than you'd get taping the analog outputs! Don't fear analog, folks.

      So unless you can show me the Killer App, I predict Palladium is as dead as Digital Video Express (Divx, not DivX).

      --
      If all this should have a reason, we would be the last to know.
  4. How about this? by shunnicutt · · Score: 5, Interesting

    First of all, I don't trust Microsoft at all.

    Given that, I've read all of these articles floating around and in principle I have no problem with a system of authorized applications.

    However, the one thing I haven't seen is any indication that I myself will be able to authorize programs on my own computer. In my opinion, this would allow geeks to play with their own programming, download open source projects, etc. while still enjoying the knowledge that unless a program has been authorized by a signature authority or by themselves, it's not going to get a toehold in their machine.

    If I'm beholden to the authorities to approve what I want to use, then I'm never upgrading. If however I'm allowed to authorize anything I might write or download then I don't have an objection to the principle.

    The devil is always in the details, however.

  5. Ha ha by Anonymous Coward · · Score: 5, Interesting

    I read it. It's silly. They're implying they will allow non-microsoft operating systems to use their palladium stuff.

    But they clearly couldn't allow open source operating systems. So who does that leave? There are no other x86 operating systems to speak of except the open source ones, unless Palm for some reason decides to do a BeOS revival. Maybe MS will release a doctored version of freebsd with all the crucial kernel bits closed-source just to prove look, we're leteting competitors in? And what would be the point of offering Palladium tech licensing to other operating systems, when you couldn't run Palladium software anyway (because the Palladium software is win32??)

    *Could* they allow open-source operating systems? How could Palladium chip manage to function when the operating system has been altered specifically to allow you to run things without consulting the Palladium chip? Does the Palladium chip refuse to let the machine boot unless the operating system itself has been signed? How does it read the disk to see if the operating system is signed without letting the operating system partially boot first? Please explain.

    Yeah, yeah, DMCA, whatever. There's a limit to what the DMCA can do before it gets hauled into court and struck down. The general public can't understand all this gunk about linux and kernel drivers, but they WILL understand "This law makes it illegal to distribute this 40k file containing a long set of instructions in english, because this other program can convert that set of instructions into a patch for windows that will let you back up files for Palladium-enabled programs in windows." Very few people actually need or want to run DeCSS. If palladium succeeds, lots of people will want to circumvent it.

    Is anything above wrong? There ARE reasons to circumvent palladium, right? I think MS's greatest triumph in any case is when they can make it so everyone is talking about their new technology but no one is sure what it is, and that's the case now. Is it or is it not true that Palladium would allow you to create an application that WOULD NOT run unless Palladium were enabled and in control of the operating system? Is it or is it not true that Palladium would create hard disk sectors and third-party peripherals that couldn't be accessed unless Palladium were enabled and in control of the operating system? These news articles are all so vague. Enlighten me.

  6. The Big Problem with DRM by namespan · · Score: 5, Interesting

    The big problem with DRM is the dichotomy between trust and freedom.... if we're going to have signed code and signed media, there's going to have to be some barrier to getting signed. This signing, however, reduces the freedom to release code or media... in effect, restricting ALL expression, not just expression of copyrighted works or viruses.

    And if history is any indication, what will the signatory barrier be? Just a "reasonable" fee...

    The trust/freedom dichotomy is the biggie. If there were a way to resolve that -- perhaps the "2600 can sign things" idea mentioned -- letting DRM come is not a big deal.

    --
    Libertarianism is rich wolves and poor sheep playing gambler's ruin for dinner.
  7. When will we reach the point... by TheSHAD0W · · Score: 4, Interesting

    ...When code will have to be signed in order to run on a processor at all? This seems to be the end of this path, restricting processing to "trusted" applications, all in the name of intellectual property rights. Linux? Ha. Only Windows is allowed on our hardware, because other operating systems are havens for software and media pirates.

    Once code verification has been inserted into the CPU, arranging it so code HAS to be signed in order to be parsed. What happens when laws are passed requiring all CPUs faster than X gigaflops to have mandatory code verification?

  8. This is BOTTOM UP design (bad, very bad) by Systems+Curmudgeon · · Score: 4, Interesting

    The idea of Palladium is obviously to design a low level trustworthiness that can be used somehow, or in many ways somehow. To get something useful you need to start defining the problem to solve, and then specify your way down to what's in the chip and the OS. If all that specification were public now, I might believe in Palladium. We can think of a million ways that the software USING this new capability can be compromised. The designers have to start by figuring out, and tell us about, the secure usages first. Microsoft, the author of an operating system (Win 2000) in which you HAVE to have massive user privileges or you won't even know that most software installs are failing due to lack of privilege, is going to give us a trusty capability with enough degrees of variation to be useful? As if!

  9. Re:Details on Palladium from EFF's Seth Schoen... by ajs · · Score: 4, Interesting

    That's the spin, right? But that statement in no way binds Microsoft to the idea of not suing the pants off of Linus, Red Hat and SuSe the moment Linux uses MS-patented DRM techniques (e.g. makes use of the DRM hardware in a Pd motherboard).

    Worse: Microsoft's SMB subsystem could stop accepting data from non-DRM-friendly servers or clients at any time. When that happens, since Samba cannot do the DRM without violating the patent, everyone running Samba loses.

    It's not so much that Pd v1.0 will hose Open Source. I give MS credit for being much smarter than that. I think it will be an early service pack that addresses "security concerns" that starts to cause small problems for "non-trusted" systems and software. Then, a new "high security" IIS release will start to bounce non-IE browsers (or at least that's MS' counter-threat to AOL who is currently threatening to take a huge chunk of the browser market away by releasing a Netscape-based AOL).

    This will be the tool that the marketing types use in the next round of platform wars. They would be stupid not to use it. It is incumbent on us to find a way to stop that before it becomes an option.