Schneier Analyzes Palladium

bcrowell writes "This month's CryptoGram from Bruce Schneier has an analysis of what little information people have been able to glean (without signing an NDA) about Microsoft's Palladium initiative." We might as well throw in a direct link to Schneier's look at the MPAA License to Hack bill as well.

Also in the crypto-gram

[wiredog]

Down in the news section, he has a link to an article which shows that profiling airline passengers is "provably less secure" than random searches at the gates.

He has issues with arming airline pilots as well.

The real dangers, though, involve the complex systems that must be put in place before the first gun can ride along in the cockpit. There are major areas of risk.

Re:Also in the crypto-gram

[bnenning]

he has a link to an article which shows that profiling airline passengers is "provably less secure" than random searches at the gates

Not quite:

the authors of this paper show that, given a reasonably diverse population of terrorists, this system is provably less secure than random searching.

The terrorists we are currently dealing with are not from a diverse population. With very few exceptions, they are male Muslim extremists mostly between the ages of 17 and 40. The paper assumes that Osama and his buddies can recruit a 25 year old Saudi and a 75 year old grandmother from Nebraska with equal ease, which is certainly not the case. It's an interesting theoretical piece, but certainly doesn't "prove" that profiling is a bad idea.

Re:Also in the crypto-gram

[sethg]

The terrorists we are currently dealing with are not from a diverse population. With very few exceptions, they are male Muslim extremists mostly between the ages of 17 and 40.

And how does that help? Muslims can belong to any ethnic group, and Al-Qaeda recruits all over the world. Consider "American Taliban" John Walker Lindh (a white boy from Marin County) or "shoe bomber" Richard Reid (a British subject with a Jamaican father). And even among folks from the Middle East, how many Anglo security guards could reliably distinguish a Saudi from a Hispanic?

Even if the profile screens out nine out of ten terrorists, the tenth one knows he is unlikely to get caught, so he can smuggle the bombs on the plane while the other nine stay on the ground and forge checks or whatever. That's the central insight of the "Carnival Booth" paper.

EFF has nothing on this!

[Delrin]

"None of this is new or controversial, so why are copyright holders even talking about this? This bill would make it legal for the MPAA, the RIAA, and its ilk to break into computer systems they suspect (with no standard of evidence) are guilty of copyright infringement. It will allow them to perform denial-of-service attacks against peer-to-peer networks, release viruses that disable systems and software, and violate everyone's privacy. People they choose to target would be deemed guilty until proven otherwise. In short, this bill would set up the entertainment industry as a Gestapo-like enforcement agency with no oversight. "

Isn't this just becoming the general trend in America? I wonder how many victims of the MPAA will be arabic looking?

VM Could break Pd perhaps?

[Dooferlad]

The latest Crypto-Gram has some things to day about Pd, or Palladium as the full name goes. It is interesting, but it doesn't say anything about somthing that sprang to my mind - the possibility of a virtual machine that runs as a Pd device, on top of a non-Pd device, completely breaking the security. This would be hard to do I expect, but not impossible. Those who have written VmWare and similar programs probably have it in them to reverse engineer the protocols used and re-produce them in software, for the sake of argument call it VmPd.

It goes like this:

VmPd runs on a PC, VmPd contains all keys required to access all areas of itself. VmPd is trusted, because it is a trusted PC (which is the point of this whole mess) to do what it is expected to do. For the sake of argument assume we have downloaded The Little Mermaid under license from Disney, and we are only allowed to play it once. We turn off VmPd, and all we have is an encrypted jumble on our hard disk where we set up the partition to host it. We also have the keys to read it though, and simply decrypt the move and show it to our hypothetical little children as many times as we like.

This works because, as I understand it, Pd only allows you to access material with certain rights, depending on what access partition it is under. If Disney set up an access partition for downloading movies, this will be done in a way that trusts your Pd machine.

Assuming that Disney only give you a key when you pay for one, that key will always work unless they can chance how the movie is encrypted. It is conceivable that they would have a player that on-the-fly re-encrypts the movie with a new public key as you view it, every time you view it, and they only give you the new private key when you pay for it. But the transmission of the key is encrypted, trusted because you have a Pd device, so you just intercept the key on its way into VmPd, don't play the movie, and decrypt it yourself and watch as many times as you like.

I am probably missing something, but it makes for interesting thinking.

Re:VM Could break Pd perhaps?

[revery]

That is interesting...

Now I'm excited about Palladium. ;)

Re:VM Could break Pd perhaps?

[Fruit]

The problem is of course in constructing the Palladium emulator (VmPd). You'd have to break a real one open to get the encryption keys out, and even if you succeed, the key of the real Palladium is licensed to you (and can be traced back to you). You won't be able to put it on a website without violating some agreement you signed when it was licensed to you.

So yes, it could work, but it's not going to be easy and it will be a significant threshold for anyone who wants to upload new materials to p2p. It'll be possible, but not casually so.

Re:VM Could break Pd perhaps?

[Kaa]

VmPd runs on a PC, VmPd contains all keys required to access all areas of itself. VmPd is trusted, because it is a trusted PC (which is the point of this whole mess) to do what it is expected to do.

This might work if and only if you gain access to the private keys of the Pd hardware chip.

If you have these keys, the security is broken completely and you can do whatever you want. Getting them is the hard part.

Keep in mind that you, the owner of the machine, is NOT supposed to have access to these keys. In fact they are specifically protected against YOU.

Pd is trusted in this context means that a Pd machine is trusted by Disney, etc. to display some copy-protected crap. You, the owner, is NOT the trusted party, you are the bad guy, the malicious bastard that your machine has to be protected from.

Re:VM Could break Pd perhaps?

[dattaway]

If you are going to break the law, do it in style. Go steal a Palladium box. Crack the keys, publish them, and have an innocent family ruined by the law. This is about what this version of digital rights management is, its about raping and pillaging innocent people. What's a better point to make than to show what it really does to people?

Re:VM Could break Pd perhaps?

[Reziac]

That's what bothers me most about Pd: it isn't MY machine anymore. It's someone else's machine, which I am occasionally allowed to use, if I do so only for the purposes, and via the methods, defined by its new owner.

And people still wonder why I hoard old hardware....

More info here

[countach]

There is more info at the EFF here. And donate some money while you're at it. That's more likely to help than a slashdot whine.

Funny coincidence.

[A_Non_Moose]

Today's MacHall

My favorite quote

[stefanb]

They're trying to invent a new crime: interference with a business model.

This sums it up pretty nicely, I think.

With all this non-resalable equipment and media...

[tlambert]

With all this non-resalable equipment and media, has anyone done an environmental impact study in terms of waste disposal, when your computer and/or it's current OS load and the CDROMs it came on can no longer be donated to the local orphanage?

We're already having problems with monitors and computers (it costs to throw a monitor away where I live, unless you take it to the dumpster at 3AM), with most printed circuit board finding their way to heavily contaminating the countryside during cheap-labor disassembly after shipping to Asia.

-- Terry

A tired Hollywood plot?

[bunyip]

Viewed from the 10,000ft level, it sounds like a common Hollywood plot (Pd in parens):

It's the year 2050 (2004) and the government (MS) is telling everybody how they will live (compute). Trust is guaranteed by the government (MS) and violators will be punished (digitally locked out). The people (programmers), though outwardly happy (productive), harbor deep lingering desires for freedom (open source).

Then, along comes a rough-shaven, rogue hero (hacker), played by Stallone or Schwarzenegger (Torvalds). The aforementioned hero (hacker) then liberates the people (programmers) from the tyranny of the government (MS). The people (programmers) are overjoyed, their lives have returned to normal.

So - if it ever played out like this, I'm sure someone in Hollywood already has the rights to the script. Will they own us?

Alan.

Re:A tired Hollywood plot?

Wow, I have to admit, the parent post is insightful (stupid). The analogies are concise (tired) and accurate (cliched). It truly makes me proud (depressed) to read this masterpiece of slashdot (slahbot) eloquence (drivel).

TCPA / Palladium FAQ v1.0

[Camillo]

Bruce also refers to Ross Anderson's TCPA/Palladium FAQ, which is well worth a read. Of particular /. interest is question 18, cryptically titled "Ugh. What else?":

"TCPA will undermine the General Public License (GPL), under which many free and open source software products are distributed." "You will still be free to make modifications to the modified code, but you won't be able to get a certificate that gets you into the TCPA system."

A lot of background information can also be found from Ross' page about Economics and Security.

You should ask yourself the question "if a computer can run code in a protected environment, whose code would you be willing to let into the computer?" Once it's there, it is protected - even from you.

Re:TCPA / Palladium FAQ v1.0

[pmz]

Part of the answer for question 22 in Ross' FAQ is even more disturbing:

"When I asked [the Microsoft Research speaker] whether this meant getting rid of linux he replied that linux users would have to be made to use content screening."

Currently, there is a "digital divide" between those who have computers and Internet access and those who don't. Palladium raises the bar to divide those who have Palladium and those who don't. This scares the shit out of me (not literally, now, put probably so in a few years).

If power over people is founded in controlling information, then....

Re:TCPA / Palladium FAQ v1.0

[Shirotae]

Bruce Schneier lists Ross Anderson's so-called "TCPA/Palladium FAQ" among a whole lot of other links to related content. Having read the TCPA spec, the recently published book on TCPA, Seth Schoen's notes (referred to by Schneier), and as much else as I can find about TCPA and Palladium, I would say that if you want to stand on someone's shoulders to see further into this area, Schneier is a giant, but Anderson is at best a dwarf, and probably standing at the bottom of a deep hole. I was shocked that someone with Anderson's reputation could produce such a poorly researched piece of work.

Read the TCPA spec for yourself, it's on the web for all to see, as Schneier points out. Do your own thinking. A lot of what has been written about it is just plain wrong. There are risks and a dark side to that sort of technology, but also a lot of good things that could be done with it. The open source community could exploit TCPA to their advantage if there are people with the insight and imagination to see the opportunities.

Re:TCPA / Palladium FAQ v1.0

[renehollan]

I had written my thoughts on what might be acceptable DRM in my slashdot journal a while back. It doesn't provide for all the fair use rights we have traditionally come to enjoy, but I think it is impossible to come much closer and have any form of DRM at all (that is, it is the least-oppressive form of DRM I can envision).

Why does this matter?

Because there are very legitimate reasons for providing others access to content, software, etc. without having to tie them via a remote access protocol to secured hardware (servers). Imagine any type of distributed, cooperative P2P network where the clients could not be easily hacked to abuse the network. Control over unauthorized redistribution of copyright material is but one such application of DRM.

Of course, the ??AAs don't want simple redistribution control: they want complete access control as well, turning the world into a pay-per-view-of-our-content nightmare. Deployment of oppressive DRM could certainly bring this about.

I keep thinking how Microsoft had to bend to an open Internet, not under their control, except for the few protocols they tried to keep closed -- the net was fundementally designed to be as decentralized as possible. If a non-oppressive means is not found to safely store foriegn content on one's computer with regard to unauthorized redustribution to others, but that respects, as much as possible, the computer-owner's traditional fair use rights and technical freedoms, we will have a far more oppressive one shoved down our throats.

There are problems with my attempt at "less-oppressive" (non-oppressive would not be completely correct) DRM attempt: it's deployment and required PKI trust infrastructure would involve a huge capital cost. More oppressive DRM schemes would be, sadly, cheaper to deploy. The only way that the infrastructure costs could be mitigated would be if a PKI web of trust could be built on traditional trust models rather than few certificate authorities, and grow the way roads spring up between communities desiring to engage in communication and trade.

Re:TCPA / Palladium FAQ v1.0

[HiThere]

Gains to who? Risk for who?

It seems to me that, if this is successful, the risks will be born by the end users, and the gains will be the the organizations that control authorization. Based on recent history, I would expect the decrease in value to be accompanied by an increase in price.

Re:TCPA / Palladium FAQ v1.0

[HiThere]

I can understand that there are reasonable uses for some kind of DRM, but as long as those who ostensibly wish the valid uses embrace this foul variety, I would be happiest if they were driven out of business. And I don't believe their protestations of "we only want what's proper" either.

While the MPAA and RIAA are busy corrupting the legislators of the country, I cannot find it in my heart to lament some part of their wealth being stolen. I just wish that someone would take it all. They have declared themselves the enemy of all humanity, and deserve to be dealt with as wolves were. (Perhaps, when they are driven nearly to extinction, we might devote some efforts to preserving their species in the name of economic diversity.)

And this proposed Palladium is worse. Palladium is most nearly analogous to conduting germ warfare with germs that intentionally cause debilitating mutations. It nearly justifies armed insurrection. My current hope is that it will fall on it's face. I'm also hoping that MS will be bankrupt before they can finish the plans. If not, it justifies ... perhaps I'd better not say just how much it justifies. It probably doesn't justify open warfare of a physical nature. Probably. I'd give that a certainty rating of 53%.

Re:TCPA / Palladium FAQ v1.0

[renehollan]

I can understand that there are reasonable uses for some kind of DRM, but as long as those who ostensibly wish the valid uses embrace this foul variety, I would be happiest if they were driven out of business. And I don't believe their protestations of "we only want what's proper" either.

Those that embrace this foul variety probably don't give a rat's ass about legitimate uses for DRM, yet can trot out examples of legitimate uses to justify their own heinous plans. The electorate and elected are too ignorant to tell that they are being deceived.

But, I'd hate to think that we have to discard the baby, as it were, because the bathwater is so polluted.

Re:TCPA / Palladium FAQ v1.0

[renehollan]

DRM makes it possible to forbid traditional fair uses (time and space-shifting, interoperability, extraction for criticism, etc.) that do nothing except inconvenience the consumer of the copyright content. It is unreasonable that these fair uses be lost solely to prevent unauthorized redistribution. However, the present DRM proposals do just that, and, if they become a wide-spread defacto standard, would dampen any DRM systems that are more friendly toward fair use, yet still prevent unauthorized reproduction.

For example, I wish to keep all my copyright media on a central server, to be distributed to authorized clients within my home. I also want to be able to make archival copies that are useless to anyone but me. PKI can be used to make this possible, however such systems are more complicated than those that lock content to one and only one playback system.

At present, the various ??AAs are proposing DRM systems that are far too crude. They need to be refined so that traditional fair use is protected as much as mitigating unauthorized redistribution. In fact, if copyright is interpreted as a means to benefit the public by encouraging the production of creative works, fair use should be more important than preventing so-called piracy.

Re:Reminds me of Tivo

[Tall+Rob+Mc]

Problem is, my computer holds information far more important than my TiVo. They can have my TiVo space, but I'll be damned if they touch my computer.

History tells the future.

[miffo.swe]

Bruce Writes:

"It's hard to sort out the antitrust implications of Pd. Lots of people have written about it. Will Microsoft jigger Pd to prevent Linux from running? They don't dare."

I dont have the same impression of Microsoft that Bruce seems to have. If i go trough what they have done in the past there is nothing they wouldnt do to get more control. They will almost certainly have a licence tailored to make it hard for Open Source/Linux to implement it without breaking GPL.

Considering that GPL is a bigger threat to them than linux itself i assume they will take a shot at it. GPL is the one thing stopping them from stomping all over Open Source wreaking hawoc like in Simpson. They much prefer the BSD licence where they can "borrow" code since the despite their extremely big cashpile cant get people who knows how to code.

Usefulness of Palladium?

[Wingchild]

After reading the article, I can't imagine that a home user would ever make a point of purchasing a system on the order described. Hardware-level tampering resistance is a good thing for Department of Defense computers, say, but does the average home user, surfing the web and storing recipes, really have to worry about someone leeching that information from residual information that could (maybe) be gleaned from the CPU itself?

Dear lord! Perish the thought.

I can't even imagine most companies having to deploy something on this order to safeguard their data. Hell, I'm not even sure the military needs it.

For reference, the Department of Defense has a series of guides and guidelines for locking systems down to ensure security. These are called STIGs and are created by DISA (Defense Internal Security Agency) and the NSA (National Security Agency). When the guides are applied the machines are as secure as can be made.

Part of the guidelines cover physical security; i.e., if someone can reach your hardware physically without being cleared for it, you fail that part of the check. As such, I can't imagine how Palladium would not be redundant to things we already have in place.

For good security, you can use smartcards with a PKI certificate, anyway. Don't let someone sign on without one, don't let them access data without one, have an active and interested central monitoring and issuing authority and practice good physical security. Save the money you'd spend on Palladium equipment.

Re:Usefulness of Palladium?

[Over_and_Done]

I can't imagine that a home user would ever make a point of purchasing a system on the order described. Hardware-level tampering resistance is a good thing for Department of Defense computers, say, but does the average home user, surfing the web and storing recipes, really have to worry about someone leeching that information from residual information that could (maybe) be gleaned from the CPU itself?

I think that the point is that the consumer does not have a choice. They buy the latest and greatest that Dell sells them, and don't really pay attention to the OS, or anything else associated with the machine. People will be adopting something that they don't understand. Not a whole lot different from what goes on today.

Re:Usefulness of Palladium?

[sphealey]

After reading the article, I can't imagine that a home user would ever make a point of purchasing a system on the order described. Hardware-level tampering resistance is a good thing for Department of Defense computers, say, but does the average home user, surfing the web and storing recipes, really have to worry about someone leeching that information from residual information that could (maybe) be gleaned from the CPU itself?

The "average user" won't get a choice. The number of organizations capable of designing and manufacturing general computing chipsets has been falling since the 1980s; I believe that in order to produce an Intel-compatible motherboard today you would be forced to buy chips from one of three vendors. Once those three are on-board (ha ha), all chipsets and hence all Intel systems will become Palladium compliant.

A few techno-geeks might be capable to putting together Linux systems from the parts bin, but they likely then wouldn't be able to run any commercial software.

sPh

Re:Usefulness of Palladium?

[imadork]

After reading the article, I can't imagine that a home user would ever make a point of purchasing a system on the order described. Hardware-level tampering resistance is a good thing for Department of Defense computers, say, but does the average home user, surfing the web and storing recipes, really have to worry about someone leeching that information from residual information that could (maybe) be gleaned from the CPU itself?

You're right -- for the average home user, a non-palladium system will be more useful than a palladiun system, all (technical) things being equal. But there will be marketing, social and political issues that will sway the average user --

• Palladium will (and already is) being marketed as a way for the average user to secure his or her own information, even if this claim is somewhat dubious. (It has been billed as a way to prevent viruses from running, because they wouldn't be signed and would not be trusted by default, for instance.) Remember that no matter what their marketing people say, Microsoft doesn't care one whit about the integrity of your data, unless they can find a way to make money from it.
• Major content distributors have, for the most part, been hesitant to distribute digital content without the ability to control it as much as possible. Once Palladium-enabled PC's ship, don't be suprised when all new CD's, DVD's, or whatever is carrying content at that time won't work on old PC's (or, old stand-alone players for that matter). This will be an incentive for the average user, who can't live without their media, to upgrade their hardware and software to Palladium-enhanced versions.
• As we have seen in the past, content distributors will buy legislation, in as many countries as possible, that will make it illegal to circumvent the "protections" in a DRM scheme, and Microsoft will be happy to offer Palladium as a way to comply with that law. (As above, this will be billed as a way to protect consumers, when in reality it is a way to protect content distributors at the expense of the average citizen.) By licensing the technology to all "established" Commercial OS (and standalone media player!!) vendors, they can dodge the Monopoly accusations while getting to Microsoft's Holy Grail -- getting money for every PC (and CD/DVD/whatever player!!!) that ships, whether or not they actually own the OS that ships on it. It has the added benefit of mandating that people upgrade their hardware in order to comply with the law!

Re:Usefulness of Palladium?

[tijsvd]

After reading the article, I can't imagine that a home user would ever make a point of purchasing a system on the order described.

Unfortunately the home user won't read the article. He will read advertisement ads that promise him a computer that will make "Windows XP even more secure".

The home user bought Office 2000 because of the helpful little paperclip. He will buy this.

Re:Usefulness of Palladium?

[rseuhs]

Unfortunately the home user won't read the article. He will read advertisement ads that promise him a computer that will make "Windows XP even more secure".

The home user bought Office 2000 because of the helpful little paperclip. He will buy this.

Wrong, the home user did not buy Office 2000. If they have it at all, they pirated it.

And that's Palladium's problem. Currently, the home user is used to pirate software/music/movies and if anything tries to stop him doing it, he will refuse to use it.

There will be a market for non-Palladium systems (to be more specific, there will be no market for Palladium systems) so companies will produce for that market. If AMD and Intel are relly so stupid to refuse to make any non-Palladium chips anymore, be ready for VIA and Transmeta chips that will be bought if there is no other chance to watch "insecure" content on the PC.

Come on, this has been tried before (DivX-hardware player) it just does not work.

Re:Usefulness of Palladium?

[Sloppy]

After reading the article, I can't imagine that a home user would ever make a point of purchasing a system on the order described.

...

Save the money you'd spend on Palladium equipment.

People don't but Wintel stuff based on whether or not they like its features. They buy purely based upon network effects. Or rather, there's one feature that is more important than all others combined: compatability. If this weren't the case, Microsoft and Intel would have gone out of business many years ago.

I've seen a single spreadsheet being mailed to someone, result in them spending two or three thousand dollars on a new computer that didn't offer anything else the user wanted, except for the ability to read that spreadsheet. In a market like that, a leader can get away with poisoning their products in just about any way. Joe Sixpack will buy Pd if that's what it takes to be able to watch the trailer for "LotR 4: Sauron's Revenge" or take his work home with him.

The only thing that can stop this is for people to become more conscientious, and I just can't see that happening.

Re:Usefulness of Palladium?

[sethg]

Come on, this has been tried before (DivX-hardware player) it just does not work.

Also, remember Digital Audio Tape? At the time it was introduced, it was technically superior to regular audiotapes (higher sound quality) and CDs (since it could be copied, and CD-Rs weren't on the market yet). The RIAA howled about how this was going to destroy their business, etc., etc. A law was passed. DAT recorders were rigged so they couldn't make second-generation copies.

Result: Nobody bought DAT recorders.

Re:Usefulness of Palladium?

[rseuhs]

Result: Nobody bought DAT recorders.

Well and the same will happen to Palladium-PCs.

Why the hardware?

[truthsearch]

Can someone please explain why the desired level of security can't be obtained by only software? What exactly are the situations which require a security chip as opposed to software? I'm not speaking of physically breaking into the computer, but someone at the keyboard or over a network.

Re:Why the hardware?

[DoctorFrog]

Because you control the software. The object of
the exercise is to protect the copyright holder
of the file you put on your computer from
you.

Re:Why the hardware?

[Ngwenya]

Can someone please explain why the desired level of security can't be obtained by only software?

Because the control mechanism in any von Neumann machine is in the same band as the stuff being controlled (ie, the OS - which enforces the security policy - operates in the same space - the CPU's available memory - as the programs which may, or may not, behave themselves).

Ultimately, the only way to have a secure audit trail for how a computer got to its current state is to have the verifier out of band from the verified. This is why you need the trusted component (the tamper proof verifier which can sign the logs of the host system). Assuming no-one can get to the trusted component private keys (even, or especially, the computer owner), another computer can trust the signature to be an accurate representation of the state of the original machine.

By the way, it's this in-band control mechanism which means that the Internet Protocols have an incredibly hard time defending themselves against DoS attacks - because the ICMP packets travel along the same route as the TCP/UDP packets. If you can interfere with the data stream, you can interfere with the control stream as well. The phone companies found this out ages ago, which is why whistling at 2600Hz doesn't work any more.

--Ng

Re:Why the hardware?

[Quixadhal]

Because you are a consumer and cannot be trusted. You will pirate software, and you will steal music. You are a BAD PERSON (TM) and the RIAA/MPAA is working very hard to pass laws to keep People Like You from harming their right to profit.

This is how they view us. To the industry, we are nothing more than a source of income, and they will go to any length to protect that. Producing good products at reasonable costs isn't possible due to their limited mindsets, so they attempt to maintain their archaic model at the expense of our freedoms. Afterall, what does our freedom mean to them? Nothing.

As long as people like us continue to accept whatever people in Hollywood or Redmond say as the only alternative, we will reap the fruit they plant. If you don't want Bill Gates and Jack Valenti to tell you what you are allowed to do with your computer, you need to stop buying their products and tell your congressmen that you won't be a part of their system anymore. You can't avoid the law, but you can choose to not listen to music from the RIAA, not watch movies from the MPAA, not use software from Redmond, and not buy hardware with DRM. If that means becoming Amish, then hey... raise a barn and think back to the good old days before the corporations took over.

Re:Well

[CaptainZapp]

He makes the data-basis of his analysis exceptionally clear and cautions explicitely that things might and will change.

You would have seen that, if you'd have actually bothered to click the link.

Re:Well

[Fizzol]

Unfortunately by the time we get to see 'the real thing' it may already be mandated by law and be far too late to do anything about it. When dealing with something like this you really can't have too much lead time.

Ownership of Your Own Computer

[Greyfox]

Bruce Says: My fear is that Pd will lead us down a road where our computers are no longer our computers, but are instead owned by a variety of factions and companies all looking for a piece of our wallet.

We're already well down that road. It is very easy to see a day when the general computing device we all know and love will be illegal because it makes it way too easy to copy digital data. Nevermind that what made the general computing device popular is that it manipulates digital data so easily.

We all know what the industry wants. THe industry wants a pay per view world where every consumer pays every time he views industry owned content and the industry is protected from competition because they control the technology that allows content to be created. It isn't about fairness. It isn't about content authors getting paid. It's about greed, plain and simple.

Re:Ownership of Your Own Computer

[Eric+Damron]

"A security team is not going to sweep through every neighborhood in the world collecting up all the 'illegal' equipment. Simply put, the older machines will still be around, they just won't be able to connect to certain services or play commercial recorded media."

You're probably right that existing equipment may be grandfathered in but the sale of non DRM hardware could become illegal. So, you could own and use your existing system until it dies but you couldn't sell it or buy new non-DRM enabled equipment.

Within 10 years 99% of equipment will be DRM enabled. No large pool of cheap equipment. Senator Hollings from SC has already drafted the bill.

vaporware... ?

[jukal]

Palladium, Pd46, Heat of vaporization 357.0 kJ/mol. I quess kJ/mol means, KiloJournalists / Microsoft's Obfuscated Literature?

Re:vaporware... ?

[infinite9]

Palladium, Pd46, Heat of vaporization 357.0 kJ/mol. I quess kJ/mol means, KiloJournalists / Microsoft's Obfuscated Literature?

That's it! Bill Gates is on a quest to make 1 mole of dollars! Let's see, $6.02x10^23... he's almost there!

Re:No, it's neither a problem nor idiotic

[Launch]

To say that users upgrade only because they have problems with an operating system is myopic. If that were the case then we would all be using dos still. The reason users upgrade is for features, be it word processors or operating systems. And in MS case, many users upgrade for the 'razzle dazzle of it'. To say MS's strategy is to perposely distribute an operating system that doesn't install on a significant number of it's users machines is just plain stupid.

Hey, I'm all for Linux, and if you don't like MS then fine... but when I heard bitchy stories about how MS makes products that don't work to catch users on the upgrade it's just anoying.

It happens, OSes can be buggy, and they are hard to write. Just look how many kernal patches there are floating out there for the linux distros.

Trust me, if MS had a product that installed successfully the first time for every user that installed it they would flaunt it (and rightful so) in all of their competitors faces.

Bottom line: WindowsXP is an easy to install OS that most likely has a higher success rate of installing on first attempt then any other OS out there (and much higher success rate then most linux distros I've installed)...

Damn!

[Greyfox]

I thought I closed that i tag there. That's what I get for posting to slashdot before I've had my coffee. Bruce said the stuff in the first paragraph there. The second two are my comments.

Good insight

[beleg777]

I'm sure others will mention this, but I thought this quote was worth highlighting.

Microsoft really doesn't care about what you think; they care about what the RIAA and the MPAA think.

Anyhoo, I thought this was a good, well ballanced article. He's much more realistic than most about what may happen, both on the paranoid and the hopeful angles.

Re:Good insight

[seosamh]

I was going to quote the same passage, along with

Microsoft can't afford to have the media companies not make their content available on Microsoft platforms, and they will do what they can to accommodate them.

Whether MS actually needs the content companies at this point is debatable. If it came to that, Gates could buy a couple ;> in a pinch.

But if MS wants content available on their platform, why not open that platform up to let the consumers of content make sure they can access their favorites on Windows? There are a lot of people who use MS products by choice (not me, but there are such people) who would build their own open source solutions if MS would give them the slightest encouragement.

Or maybe not. What the hell do I know?

Re:Good insight

[Melantha_Bacchae]

beleg777 wrote:

> I'm sure others will mention this, but I thought
> this quote was worth highlighting.
>
>> Microsoft really doesn't care about what you
>> think; they care about what the RIAA and the MPAA
>> think.

Even more, Microsoft doesn't care what its *customers* think. And that is going to get it into serious trouble one fine day.

I don't care how unsophisticated a computer user is, most people would notice not being allowed to do a favorite activity when their old PC let them do it. If you think the copy-protected CD returns are something, wait till you see droves of people trying to return their Palladium PCs because:

1) It has a virus. It's not supposed to get them.
2) It ate my mp3 collection.
3) It won't play my CDs. There is nothing wrong with them, my old PC played them just fine.
4) It charges my credit card every time I play some music.
5) It won't run this program I downloaded. In fact it tried to call the police, but I unplugged the phone line. Nope, it wasn't warez, it was this cool free (GPL'd) program named FileZilla. The computer was calling me a commie.
6) It won't run my old programs.

If the RIAA and MPAA are all Microsoft cares about, then they can just go swim with those sharks. And they can share their fate: shark steaks:

Eisner and Disney (what he gets for saying mean things about Mothra's dear Apple):
http://www.businessweek.com/bwdaily/dnfla sh/aug200 2/nf20020816_4160.htm

AOL Time/Warner:
http://www.cableworld.com/archive/ca bleworld/2002/ 08/05/cwd02080506.shtml

Vivendi:
http://news.bbc.co.uk/1/hi/business/20 82412.stm

Mmm, yummy. Somebody pass the butter sauce.

Bells are ringing: Mothra, Mothra! Every heart is calling: Mothra, Mothra!
Come on, Tok Wira, these sharks have gotta pay! New Kirk calling Mothra, we need you today!

On the same topic...

[jnd3]

Bob Cringely wrote a column on the same topic about a month ago. He called Palladium a Rosetta Stone for malicious hackers. Sounds like a blast.

That's just what I want, another Microsoft initiative aimed at security. They've done such a good job at it so far that now I'm a whisper away from getting my account canceled by my ISP -- all because some Outlook/Outlook Express user somewhere has Klez and our e-mail address.

Re:On the same topic...

[jpmorgan]

Nice column. Unfortunately, it proves nothing more than that Cringley and his hax0r friends shouldn't be talking about crypto, since they apparently don't understand some pretty fundamental points and cryptographic techniques.

If I understand correctly what my friend has written above, the Palladium architecture presents a wily hacker with what is essentially a Rosetta Stone -- two versions of the same data (one encrypted, one not) from which one can quickly divine the key needed to transform one to the other.

Gee, if you have both the crypttext and the plaintext of something that's encrypted, it's easy to extract the key! Um, well, maybe if you're using XOR or something, apparently Cringely has never bothered to actually look at strong cryptography (why doesn't this surprise me). For those who don't know (but at least have the sense to not rant about what they don't understand), part of the definition of strong crypto is that it is computationally infeasable to determine the encryption key given both plain-text and crypt-text. Extracting a key given a crypttext-plaintext pair is certainly not simple or 'quick'.

Honestly, I wonder why people listen to Cringley at all - he has a chronic inability to get his facts straight. If you're going to bash something you should at least bother to understand what you're talking about.

Palladium (like chemists, Microsoft calls it "Pd")

[ejaw5]

as all chemistry students will learn:

Palladium (Pd) + MP[3/G/EG] (MP*) => Fire.

How to beat it

[ShieldW0lf]

My understanding of the way this system works is that the authour of a piece of media will be able to revoke ppls rights to use it remotely. What needs to happen is for someone to hack some major source of media, and wipe out everyones media. Once this happens, people will refuse to buy the hardware. If you could wipe out a few multinationals and a few important government departments, that would help bring us all together, "consumers" and government alike.

It's already happened.

[gillbates]

My fear is that Pd will lead us down a road where our computers are no longer our computers, but are instead owned by a variety of factions and companies all looking for a piece of our wallet.

Strange thing is, what most people don't realize is that they don't own the software that runs on their computer. Microsoft does (or at least the EULA claims they do). Our computers are not our own, and have not been our own, for a long time now. The sad fact is that while we may physically own the hardware, a part essential for the hardware functioning - namely, the OS - is owned by Microsoft.

Now, you could counter by saying that people could run Linux, however, this isn't really an option for the average computer owner. Most computers built today have hardware that isn't fully compatible with Linux (Winmodems, etc...). So, the while the user has physical possession of his computer, all of his data is effectively owned by Microsoft, because without Microsoft's blessing, the average PC is useless.

So the next time you hear of someone wanting to buy a new PC, you might want to remind them that unless they are willing to install Linux, they aren't really buying anything. It's more like a lease from Microsoft.

Re:It's already happened.

[RickHunter]

Yes, its an old, worn issue... And many people still don't know about it. Or play down its importance. Or ignore it entirely.

Also, note that you used to be buying a copy of the Little Mermaid (to use your example), but some of your property rights were restricted for the good of society and the intellectual commons. Unfortunately, recent copyright law revisions have travelled far along the road to turning copyright into ownership, so this is no longer true.

Yes, its an old issue... And we should keep reminding people of it. Because ignoring it won't make it go away.

Re:It's already happened.

[rseuhs]

Please stop the FUD. The majority of computers is very well compatible with Linux.

Re:It's already happened.

[SETIGuy]

If you buy a DVD of "The Little Mermaid" do you actually own the little mermaid? Can you resell copies of it? Resell distribution rights?

What do you get for your $20?

You get the right to watch a copy of that movie, in a certain way, on certain devices. You don't own "The Little Mermaid", but rather a mere copy.

You've missed a very important point, if you purchase a DVD you've also purchased the rights of fair use of that copy. These are the same rights you get when you buy a book. Fair use includes:

• The right to protect your purchase by making a functional backup copy.
• The right to lend the media to another party without compensation so that they may view the contents.
• The limited right to exhibit the contents without compensation. (You can invite friends over to view the contents.)
• The right to space shift. (i.e. the right to use the media in any device anywhere.)
• The right to time shift. (i.e. the right to use the media at any time.)
• The right of resale.
• The right to destroy the content.
• Upon expiration of the copyright, the right to do anything you want to it, including selling copies.

The content providers (read MPAA, RIAA and other abusive corporate monopolies) have attempted to use technology, the courts, and the congress to limit these rights. The above rights are limited by:

• Technological and legal impediments to fair use. (Copy protection, DMCA, etc.)
• Making media that are specific to a single device or class of devices. (Region coding, DRM, Pd)
• Making media that are time limited. (DivX, Pd, DRM)
• Pressuring legislators to extend copyrights far beyond the limited times intended in the constitution.

The idea that copyrighted works are "licensed" is a relatively new invention. The "content providers" have been fairly sucessful in convincing the world that this is true. They've also been sucessful in convincing the congress and the courts that the constitutional reason for copyright is guaranteed profit, rather than advancement of the arts and sciences.

Re:It's already happened.

[BurritoWarrior]

If you buy a DVD of "The Little Mermaid" do you actually own the little mermaid? Can you resell copies of it? Resell distribution rights?

No, but I can sell my actual copy of the movie. Microsoft tries to claim I can't even sell the original of my software, even if I never use it again myself.

Comment removed

[account_deleted]

Comment removed based on user account deletion

Relevant, thoughtful, and unpartisan

[l33t-gu3lph1t3]

Amazingly enough, this one is able to analyze most of the knowledgebase around "Palladium" and boil it down to the more interesting core issues. I would've appreciated a little more insight along the lines of what such a strategy as Palladium does to the role of the PC however. Generally speaking, PCs are multipurpose machines, which are *fully* programmable, and do pretty much whatever you tell them to. They manipulate data in any way *you* the *user* see fit. What Microsoft is attempting with "Palladium" is going to place restrictions about what a PC can do, and leave these restrictions up to the content producers. I won't comment on the stance of the content producer, but I will mention that this is a departure from what has been a central tenet of the computer: "it's yours". The trend seems to be shying away from "it's yours" to "you didn't buy it, you paid us to ALLOW you to use it - in a way we deem appropriate". Of course, "we" being the content producers. Microsoft really doesn't care what we dow with our music and movies - they just don't want the MPAA/RIAA/Legislators breathing down their neck.

Re:One IMPORTANT thing

[miffo.swe]

They will probably coerce it into AMD and Intels Cpus by either repression or by lobbying. Once its in the CPU its a easy task of just slipping it into the next version of Windows.

Their goal is probably to make it impossible to buy a new computer without the hardware part. Once that is in games and other apps are released to only work on a palladiumenabled computer. Note that this is a bit down the road and not all of it will happen at once. Its a sneak attack.

Hopefully either AMD or Intel will see that the one of them that not has the hardware thingie in their CPU will be selling a lot more CPU's than the other.

On that conclusion i presume they will lobby as hard as they can to make it mandatory to have TCPA built into new computers.

Lots of things to think about in this piece...

[jvmatthe]

Microsoft really doesn't care about what you think; they care about what the RIAA and the MPAA think. Microsoft can't afford to have the media companies not make their content available on Microsoft platforms, and they will do what they can to accommodate them.

This brought two ideas to mind...

• Microsoft often positions themselves as a company that empowers the individual user with new software. Will this pitch ring as true when they have clearly stacked the deck to pay homage to the mighty media companies at the expense of the usual freedom that users are fast becoming used to? Or will they find a way to make less freedom seem like more, so that the individual users don't notice?
  
• My usual impression of Microsoft is that they will work around obstacles to maximizing profit. That's what C# (vs. Java) and IE (vs. Netscape) are all about. So, perhaps they'd eventually find it in their best interest to become a real media company themselves and work to lay the new foundation for replacements (or a replacement) for the MPAA and RIAA. Why not the Global Media Producers Association which encompasses all media and has a leaning towards digital distributions, effectively making the MPAA and RIAA obsolete? With such a leadership role (staying at arm's length to stave off anti-trust litigation), they could easily position themselves as the premeire distribution point for such media, without necessarily locking out other platforms (like Apple's MacOS).
  
• Wouldn't it be cool, in a way, to see Microsoft pay lip service to the RIAA and MPAA while cleverly stabbing them in the back? Microsoft is, after all, one of the most vicious hard-ball companies around, or at least has given many that impression. I say that not necessarily in a negative light, in case it comes across that way. It's kind of like enjoying watching a good bad guy in a movie. :^)
  

Ok, time for work...

Re:Lots of things to think about in this piece...

[swb]

Microsoft is, after all, one of the most vicious hard-ball companies around, or at least has given many that impression.

I think Microsoft's history of raping its business partners for fun and profit is well known. I seriously doubt that Entertainment, Inc. is willing to have any dependency on MS at all, in fact they'd like to force MS to license their systems, software and patents.

Didn't MS even proffer a digital music system to the RIAA a while back (2-3 years ago) that RIAA blew off?

I think "wishing" MS would screw Entertainment, Inc is a little like wishing Stalin would defeat Hitler; it gets rid of one bad guy but it only allows another to roll ahead freely.

What is really disappointing in Palladium

[af_robot]

No one will ever even imagine a beowulf cluster of these Palladium PCs!! Damn!

Are we gonna need Mod Chips for our PC's then?

[dBLiSS]

I can see it now, you will have to buy Mod chips for your PC on the grey market, to get around the hardware "security" just to install Linux..

Re:Are we gonna need Mod Chips for our PC's then?

[thasmudyan]

I can see it now, you will have to buy Mod chips for your PC on the grey market, to get around the hardware "security" just to install Linux..

Yes, maybe so! Obviously the first version of Palladium will be the friendliest, in order to calm critics and get user acceptance. At some point in the future you won't be able to install Linux, but before that a lot of other stuff will be gone, too. The PC will be a completely different thing, the stuff you can do with it will be outweighed by the stuff you are not allowed to do with it, by then. It will be a slow process of course, to keep the users in a spiral that is slowly spinning down (you don't want to wake them up doing harsh movements).

The main problem is, that the computer as we know it today is inherently the most dynamic tool mankind has ever built. It is based on the concept of copying and modifying data freely. Most of the computer's convenience and usefulness comes from this property. Now Palladium/DRM takes this away to the maximum extent possible without turning the whole PC into a vegetable.

This technology WILL come, and it WILL take away our most beloved toy to replace it with some ghastly Juggernaut that watches our every move. Our own PC will be treating us as the enemy!

Isnt he being a bit harsh here?

[Kenneth+Stephen]

To quote : "3. Like everything else Microsoft produces, Pd will have security holes large enough to drive a truck through. Lots of them. And the ones that are in hardware will be much harder to fix. Be sure to separate the Microsoft PR hype about the promise of Pd from the actual reality of Pd 1.0."

Sure, Microsoft has to date produced lots of software with security holes "large enough to drive a truck through". However bear in mind that the holes have usually been a consequence of the overriding principle of wanting to keep things user-friendly at all costs. Their past history doesnt imply anything about how secure they can make their stuff. Certainly, Microsoft hires a lot of smart people and I'm sure that if they were given the mandate to design and implement a secure infrastructure, they could do it - something that Bruce seems to think is impossible.

Re:Isnt he being a bit harsh here?

[Observer]

Certainly, Microsoft hires a lot of smart people and I'm sure that if they were given the mandate to design and implement a secure infrastructure, they could do it - something that Bruce seems to think is impossible.

Design, yes. Implement? Well, given the SSL certificate mishandling in IE that's been reported recently (and commented on in this same edition of Mr Schneier's Cryptogram), quality control still seems to be a little, um, lacking. It's a little difficult to change the whole culture of an organisation from getting the latest! greatest! new-featured! products out of the door to hit the marketing window, to one where you're concentrating on getting the thing done right, even if you need to take more time and money over it. Yes, MS will gradually improve - it has no choice as it moves into areas where errors may cost serious money - but it will be a long process.

Re:Isnt he being a bit harsh here?

[sphealey]

Sure, Microsoft has to date produced lots of software with security holes "large enough to drive a truck through". However bear in mind that the holes have usually been a consequence of the overriding principle of wanting to keep things user-friendly at all costs. Their past history doesnt imply anything about how secure they can make their stuff. Certainly, Microsoft hires a lot of smart people and I'm sure that if they were given the mandate to design and implement a secure infrastructure, they could do it - something that Bruce seems to think is impossible.

I would argue that it is in fact the very "smartness" of the people at Microsoft that makes it unlikely that MS will be able to create a secure product. Mr. Gates has explicitly stated (interview in Newsweek about 1995) that when he was hiring people to build Microsoft, he wanted very young, very smart people with no previous experience in the computer industry. And he got them in droves. So these very smart people came in and started rebuilding everything from scratch - without bothering to study the fundamentals or learn about what had been tried in the past.

So the smart people at Microsoft made every mistake that had been made in computing since 1938 all over again, without knowing they were making those mistakes or what their consequences would be. Networking is a perfect example: in their haste to bring something to market that would displace Novell (keeping in mind that Novell created the market for MS-DOS networking), the genuii at MS built a clumsy, difficult to manage, insecure contraption of a networking system that ignored every lesson Xerox, Novell, 3Com, Wang, and others had already learned.

And, thanks to the power of the installed base, we are now stuck with Microsoft Networking and its insecurities for at least the next 20 years, because everything has to be backward compatible with what is already out there.

So I would say a combination of smartness, arrogance, and lack of perspective is exactly what has brought Microsoft code to where it is today. And a corporate culture of that nature is very, very hard to change.

sPh

Other changes in Palladium

[l33t-gu3lph1t3]

What is also interesting to note about this article is the hints it gives as to Microsoft's future plans for software security. The idea of having independant secured partitions within a computer is not new of course, but it's nice to note that MS is doing *something* about their rather poor security history. Oh GOD, please pray that they don't integrate Outlook Express with the *secure OS* portion of Palladium

Re:Other changes in Palladium

[Chris+Johnson]

They would have to be willing to have less features than earlier versions of Windows, and less features than any clown who came along promising to automate all your IT chores with one click- remotely! from thousands of miles away! just one click and it slices, dices, and builds you a secure web site!

In other words, it ain't the locks, it's the keys- and MS got where they are by selling people on ease of everything. To do that, they laid the foundations for insecurity hell, and to get away from that, they have to make things more difficult for idiot users.

It's a very good question whether they'll be willing to do this.

Not the MPAA's bill.

Quite frankly, I'm a little tired of the reactionary way in which any perceived infringement on electronic freedom is automatically associated with the MPAA. For the record, the RIAA works closely with Berman, and the bill is more or less theirs. Jack Valenti has publically distanced himself from the bill, and it's not something the MPAA had a hand in.

There's a lot of misdirected initiatives out there, but please credit the MPAA with knowing what's right and what's not.

In layman's terms: Stealing our member companies product: wrong. "Hacking" (I'd prefer "cracking," or simply "script-kiddying," as a DoS attack is not hacking in the traditional sense) a consumer's computer: wrong. Sending Cease and Desist letters and, when those fail, working with the ISPs not to terminate acounts (examples of the MPAA's letters can be found at chillingeffect.org and you'll note they do not include language asking for account termination), but rather to remove the infringing material, IMHO, right.

I'm an author and a filmmaker, I've worked with the MPAA, I've seen my work pirated, I've heard studio heads freak out about the fact that their product is available on the Internet three weeks before theatrical release. (Anyone who hangs out in IRC knows this to happen.) I see that the problem is real. I also see the MPAA being very defensive, but most certainly not offensive (think strategy, not personal opinion ;) in their fight to stem this tide.

Re:Not the MPAA's bill.

[danaris]

I'm an author and a filmmaker, I've worked with the MPAA, I've seen my work pirated, I've heard studio heads freak out about the fact that their product is available on the Internet three weeks before theatrical release.

First of all, let me say that I am in no way affiliated with anyone in the industry, and, as such, am basing my comments entirely upon what I have been able to glean from other people's accounts. Thus, if anything I say is incorrect, please feel free to correct me--I am always looking for a better understanding of this subject.

I don't think any of us here will disagree that piracy happens, and, to individuals such as yourself, it might truly be a problem. However, our two main gripes are 1) they're going about fighting it in all the wrong ways, and 2) the amount of money actually lost to the RIAA through piracy is so small as to be insignificant (to them; if any of us actually got that amount of money it would probably make us very happy), and, from what I can tell, only a very tiny fraction of that would get back to the artists/movie makers/etc.

To address these points more fully:
1) Yes, the piracy happens, and digital piracy happens, but by far the biggest piracy is analog. Most of the problem isn't people ripping a DVD of a movie and distributing that (though it happens); the problem you mentioned, movies appearing early, is usually accomplished by some insider (or semi-insider) leaking it; they have access to the original source material, so none of this would stop them from copying it. The other problem is that they are assuming the consumers are all thieves, and thus punishing everyone for the sins of a few. What they could be doing instead is looking for better ways to make buying the product attractive (like dropping prices or something).
2) The RIAA/MPAA talk about numbers of pirated copies sold in a certain period (side note: how the heck do they even know? Do the pirates tell them??), and take those, with the amounts they would have been paid, had all those copies been bought from them, and come up with an amount that they call the amount of money they've lost to piracy during that period. The first problem with this is that, if they had not bought the pirated copies, most of those people would not have bought anything from the RIAA/MPAA. Then, even if those numbers were correct, I think they could afford it. How much do they spend on campaign contributions a year? I would bet that it's at least as much. And, of course, the "poor artists" who are being robbed by the "evil pirates" would get very little of the money.

Once again, if any of this information is inaccurate, please do not be offended; instead, simply tell me what I've gotten wrong.

Dan Aris

Re:Not the MPAA's bill.

[HiThere]

I used to despise the copiers. I don't anymore, and the actions of the MPAA and the RIAA are the reason for that.

I cannot imagine an excuse for the actions that the MPAA and the RIAA have engaged in. They have corrupted the legislators. For that they deserve nothing less than to be put out of business as quickly as possible.

Perhaps these organizations could be forgiven the theft of our rights, were they to exhibit sincere repentance, and attempt to correct the wrongs that they have done. They do not. They exhibit no sign of remorse. So they deserve only bankruptcy, and I hope they get it soon, before they can do more harm.

You say that the MPAA doesn't deserve to be implicated this time, because this time it was the RIAA. MPAA will continue to be associated in this way until they reform their activities. Just because they weren't obviously associated one time doesn't mean that they won't be assumed guilty. They've abused us (or attempted to) themselves too many times.

So this time perhaps the association was unwaranted. But last time it wasn't, and just based on past actions, it probably won't be next time.

You can reform you image, but it takes a lot more than not participating in the vileness one time. For a start, they could stand up and denounce the DMCA. That would do a lot to reform their image, but I somehow doubt that they even want to do that. They could appologize for bribing Senators, and attempting to purchase legislation that injures the end-users.

I have not purchased a video or seen a movie since this campaign started. Whenever I am asked, I explain why (and, I admit, sometimes when I am not asked). I refuse to cooperate in purchasing branded merchandise that I know or believe benefits an MPAA member. But don't feel picked on. I treat the RIAA the same way. I only purchase independant labels, and few of them (usually because I know the musicians, and I know that they don't have an RIAA membership). I don't give them as presents. etc. And I feel sorry that I have not done more to damage you.

You say that you are an independant film-maker, and perhaps you are. Well, I'm a programmer. I create things too. And it takes me a lot of time and effort. So where do you get off telling me that I need to pay a tax to you whenever I burn a CD? (This may be an erroneous complaint. Perhaps the tax doesn't cover digital media. This year.) Where do you get off telling me that I shouldn't be able to create free formatted media? Why are you allowed to assume that whenever I write a video tract to disk, I haven't created it?

FWIW, I have neve copied a work that I didn't have the right to copy. This is a large part of the reason that I originally stopped using MicroSoft products. You've got your nerve to lecture me about "stealing". Where do you get off assuming that people who despise organizations that are corrupting the legislators and defiling the constitution are criminals? By my lights, defending the MPAA or the RIAA makes you a traitor and a felon (aiding and abeting the comission of a felony, to whit, suborning a federal official in the performance of his office). Now IANAL, and I know that no DA would prosecute you. But that makes you no less guilty in my eyes.

Re:With all this non-resalable equipment and media

[Waffle+Iron]

The Palladium scenario would be a net benefit for the environment. Nobody would ever throw away any electronic equipment ever again, for fear of losing the magic keys that enable them to watch the content that they paid for.

No circuit boards would be dumped in Asia. They would remain embedded in ever growing stacks of redundant consumer electronics devices in American living rooms.

One side effect: sales of outlet strips, surge protectors, A/V cables and video selector switches will skyrocket. Buy Belkin stock today to get in on the ground floor.

Don't get too worried

[selectspec]

I wouldn't get too worried over MS actually following through with PD. The fact is that security is so often a trade off for functionality, and that MS has ususally errored on the side of functionality, not security. That's a tough habit to break. If they follow through with a "trusted" system, they are pretty much guaranteed to end up with a system that is not user friendly because it doesn't trust the user. I know this is a simplistic way of looking at the problem, but we've seen plenty of MS research that never left the ground and received plenty of hype.

Out side USA

[t_allardyce]

What does the bill say about foriegn piracy? will the RIAA be attacking systems that are outside of the USA? If American soldiers came over to another country and killed/kidnapped someone there would be hell to pay (ignoring Afganistan lol). Like wise, if the SAS went to America and did the same, there would also be hell to pay.

"To me, it's another example of the insane lengths the entertainment companies are willing to go to preserve their business models. They're willing to destroy your privacy, have general-purpose computers declared illegal, and exercise special vigilante police powers that no one else has...just to make sure that no one watches "The Little Mermaid" without paying for it. They're trying to invent a new crime: interference with a business model."

Thats got to be the best way i've heard it put so-far.

Re:Out side USA

[Chris+Johnson]

"If American soldiers came over to another country and killed/kidnapped someone there would be hell to pay (ignoring Afganistan lol)."

But they do, and there is, including Afghanistan. *blink*

Sorry, OT :) wait, let me try to work it into context somehow ;)

...sooooo, what if American soldiers came over to another country to kill/kidnap someone at the behest of Microsoft because they were compromising Palladium and thus endangering computer security all over the US, nay, the world? :D

Offtopic- he's getting overly complex

[dfenstrate]

The real dangers, though, involve the complex systems that must be put in place before the first gun can ride along in the cockpit. There are major areas of risk.
Yes, this was such a danger, that we all remember the stories about problems with armed pilots that happened before the FAA banned the practice in 1987 for political reasons.

Actually, come to think of it, I cant' seem to recall a single one. Can you?

Pilots carrying handguns on their planes used to be routine, and in fact, when carrying US mail, required by the federal government.
When this person speaks of complex systems, he's obviously forgetting one over-riding principle: KISS. Keep it simple, stupid.
When you give pilots guns, do what other federal agencies and the majority of police departments do- each pilot is responsible for their own firearm, and must have it in their possesion at all times. So yes, they carry it through the gates, and security checkpoints. They certainly don't hand them over at any time to the high school dropouts who clean the plane or run the security checkpoints. They would carry the gun on them, on their hips, or maybe some quick draw holster at their controls (only while their seated.) They should be required to take lessons in weapons retention, so that terrorists would have a harder time getting the weapons from them.
Think about it carefully- when terrorists bust through the cockpit doors, they're going to be close, and their going to be nicely framed targets in a little doorway. Assuming the pilots are vaguely aware of whats happening in the cabin behind them, they're going to be prepared to annihlate one or multiple attackers.

Stun guns and other non-lethal methods often don't work well for single attackers, and are useless for multiple attackers.

Picture this scenario: Terrorists, armed with whatever, try to take over the plane. They are highly trained in improvised weapons and hand to hand combat and there are four of them (a la 9-11. Dealing with the single air marshall that mightbe there would be easy- have one guy start everything, and when the Air Marshall jumps up to take care of the first, the others get out of their seats and take care of him. Presumably, this would be alot of commotion, and the pilots would hear it from the flight attendants, through the doors, our through a cabin monitor of some sort.

Now once they have the cabin under control, they go for the cockpit. They bust through the cockpit door (even if it is reinforced, it won't take long) Here's where the scenario splits.

A. The first guy gets hit with a taser the pilots might have (or blocks it completely with a seat cushion shield.)The others then use whatever they have to kill or subdue the pilots, and take control of the plane. The air force sends up an F-15 and drops the airliner like a bad habit, Hopefully over a rural area. All onboard are lost, maybe some on the ground. National treasures are safe.
B. The terrorists bust through the door. The pilots have the plane locked into autopilot so they can deal with the issue at hand. The shoot the first terrorist. The second. The third. Whats left of the fourth after the air marshall, whom the terrorists already killed, dealt with him. Maybe they're such poor shots they accidentally shoot one person on board, maybe two. The plane lands ASAP (this takes at least 15 minutes from cruising altitude.) Innocent Casualties: 1 or 2, tops. Terrorist casualties: 100% & mission failure. The air force saves a $70,000 Air to Air missle for a target drone.

The crypto-gram article discounts the fears of airliner integrity, so I'll be brief. Suffice it to say, if this airplane can land safely from 24 000 feet, a few bullet holes don't mean shit.
Other concerns:
We can't trust pilots with guns
Most pilots are ex-military that carried guns all the time when flying for the Air Force. Besides, we trust them with a $40 Million dollar aircraft and 100-400 passangers; why not a gun?
Someone innocent might die
Better than losing the entire plane. Even if they try and fail, I sure as hell prefer a fighting chance with a solid advantage.
The pilots should focus on landing the plane, or engaging in manuvers to through the terrorists off balance
How can the pilots land the craft if they're dead? How can they land it if they're doing crazy manuvers? How can an air marshall do his/her job under crazy manuvers. Answer to all: They can't.

Pilots should be armed, end of story. The prospects look reasonably good for this becoming a reality through legislation, though the feds are bound to fuck it up by making it too complex and cumbersome. I think the same legislation also limits liabilities to airlines in case of accidental shootings in a crisis situation.

We've know they're out to kill us, and if they come here to do it, let's send them to Allah without us.

Re:Offtopic- he's getting overly complex

[killthiskid]

I have flown multiple times in my time in the military, once clear over the Atlantic over to Germany, and I have NEVER seen a pilot with a weapon, let alone ever had any sort of weapon along for the ride.

Of course, these were all peace time, but you are incorrect in saying that pilots carry weapons in the military. While it may occure, I believe it is the exception, not the rule.

Re:Offtopic- he's getting overly complex

[irix]

I think it depends on what kind of pilot you are, and where you are flying.

For example, when my dad was flying tacitcal helicopters for the military, he carried his sidearm when he flew on any sort of operational mission.

Re:Offtopic- he's getting overly complex

[mOdQuArK!]

Picture this scenario: Terrorists, armed with whatever, try to take over the plane. They are highly trained in improvised weapons and hand to hand combat and there are four of them (a la 9-11.

I don't see this scenario being possible after 9-11. Anybody trying to hijack a plane with non-projectile/non-explosive weapons will be DOGPILED by the other passengers, especially if it looks like they're trying to get into the cabin. Improvised weapons and/or intensive combat training will only help you hurt/kill other individuals, but it won't move 800 pounds of desperate human flesh pinning you to the ground, and if you really make them desperate, it won't stop them from eventually gouging your eyeballs out & choking you to death.

In order to hijack a plane now a days, you need either a weapon dangerous enough to be likely to kill a significant number of the people on the plane in an instant, or you need enough hijackers (at least 30% of the passengers maybe?) to physically control all the rest of the passengers.

Re:Offtopic- he's getting overly complex

[dfenstrate]

You're right, but it doesn't hurt to take reasonable precautions, and I happen to think arming pilots is reasonable.

The next logical target would be cargo planes, as they have 2 or 3 people on board at the most. They're probably also alot harder to hijack, as access is severely limited, and you'd have to do it on the ground.

I've heard rumors that there have been some people of the type that performed 9-11 probing and practicing on domestic flights, trying to provoke reactions from air marshalls, without doing anything that would get them arrested. But this is just hearsay, so I guess we'll have to see.

actually, IMHO, even explosives and projectile weapons (short of large capacity automatic weapons) would be enough to keep the passangers in line, cause if they think they're gonna die anyway, what is there to lose?

stuff that i cant get at?

[tx_mgm]

There's nothing in Pd that prevents someone else (MPAA, Disney, Microsoft, your boss) from setting up a partition on your computer and putting stuff there that you can't get at

now what the hell is this gonna be for? data on MY hard drive that MY computer cannot access? sounds like storage or something to me (spyware?)...
will i see any money for this (i.e. "rent") for the hard drive space that i dont get to use now?
i dont care how much or little this will take up, but i am going to want that space

The worm

[oliverthered]

I had a simila plan to kill off the BSA,
Construct a worm/virus with a load of keygens that goes around changing all the software licences it finds, the BSA wouldn't be able to work out what was licensed and what wasn't.

You could do the same for media, change all the keys, once you've done that everything would be buggered.

hardware and software keys.

[mikeee]

Yeah. The problem is that the keys you'ld have to get to build VMpd aren't the software keys, they're the hardware keys. The software keys are what you'ld need to break into a partition on an unmodded palladium box.

This is essentially how an XBox works; having learned (now, finally) from the modchip fiasco, the plan for Palladium calls for embedding the key *inside* the CPU. It might be possible to steal this and then emulate pdCPU in software, but getting that key out will be tricky and no doubt illegal.

(Which means VMWare will never run palladium apps, btw...)

Re:hardware and software keys.

[topham]

The base assumption in the XBox paper is that the key is unique to each box. But that it isn't relevent.

Once captured off the bus the key can be revealed and used to decrypt everything else as necessary.

By the way, the hardware used may have been expensive, but the hardware PRODUCED to do it was valued by the author at about $50. So a device could be created to spit out the codes easily and cheaply. It also would not have to be attached for a long period of time, just long enough to retrieve the key. As such you could, theoretically take your xbox to a shop, and be handed the key 2 minutes later. Wouldn't have to solder anything either.

Re:hardware and software keys.

[pjrc]

The base assumption in the XBox paper is that the key is unique to each box. ...

By the way, the hardware used may have been expensive, but the hardware PRODUCED to do it was valued by the author at about $50. So a device could be created to spit out the codes easily and cheaply.

I just wanted to interject a quick reality check. Sure, it looks cheap and easy when quickly reading the paper (or just reading comments on slashdot, most written by people who themselves skimmed or did even read it). It looks so simple and easy...

The bare circuit board was made by Advanced Circuits using their $33 each service (that I've used a few times for my own projects). At the time they had a minimum of 2 boards, now it's three. $99 (plus shipping) is still a GREAT price for prototype circuit boards with 6 mil spacing. The norm for the industry is in the $300 neighborhood.

But that $100 only gets you a tiny bare circuit board with a LVDS to TTL buffer chip and 6 mil traces at the same spacing as the traces on the xbox circuit board (nice of them to route the signals on the outer layer instead of an inner layer with the vias burried under the BGA package).

Another component he used as a Xilinx development board, which probably sells for several hundred dollars, and featured a nice Virtex series FPGA chip (expensive). Even if you get the chip as a free sample, you'll need a 4 to 6 layer board (which is way outside of the $33 double sided service), and the ones with flexible choices of I/O signalling only come in BGA packages... which requires very expensive equipment or hiring an board assembly company to solder it. Those chips can only be programmed using proprietary software. Xilinx does provide some limited free software, but the full version sells between $700 to $2500 depending on which chips is supports.

Now I suppose if you're working in your basement, your labor might be free... but consider the difficultly of soldering those 6 mil traces to the matching 6 mil tracks on the xbox PCB. Also consider that he hand-routed the signals inside the FPGA chip for 200 MHz performance... a very difficult and time consuming task, and he manually tweaked the propagation delay of the clock to get his sampling into the center of the stable bit times of the waveforms on the xbox board.

I've spent quite a bit of time designing with FPGAs (eg, the mp3 player on my website), and I can tell you that this hand optimizing the internal layout of the FPGA, custom tweaked for the other delays in his system, is some very serious voodoo magic that takes an incredible amount of time and patience.

Anyway, my point is that the cost is much more than $50... as a student or engineer with access to much of the equipment, you can discount those other costs. Even if the hardware and software were free, the skill required is absolutely astounding. I know it's easy to read a paper like that and lump it into the collective memory of blubs that "appeared on slashdot" without any (or much) appreciation for what an incredible feat it was.

That's why I'm writing this long-winded message... to remind and armchair would-be hardware hackers out there that reading a paper like that prepares one for mastery in hardware hacking about as well as watching the olympic on television prepares one to be a champion figure skater.

So a device could be created to spit out the codes easily and cheaply. It also would not have to be attached for a long period of time, just long enough to retrieve the key. As such you could, theoretically take your xbox to a shop, and be handed the key 2 minutes later. Wouldn't have to solder anything either.

It would be trivial for Microsoft to make all those signals in inner layers of the circuit board in future revisions. Many other more sophisticated counter measures are also possible. Technically unsophisticated laws, like say, the DCMA also serve as a pretty good deterant (at least against a shop doing the work for profit).

But even with the xbox, as it was 1/2 a year ago, the key extraction is a very tough job. The bug in the secret bootloader that allowed the lookup tables for hardware config to bypass the entire process has almost certainly been fixed by now (reportedly, Nvidia recently reported a significant loss on an inventory of xbox specific chips that had to be scrapped... one can only assume they had the original bootloader code and the chips they're making now have a different key and that bug fixed).

So next time you watch figure skating, and they make it look so easy... the same is true with this sort of hardware hacking. Anyone who really does design and play with hardware can tell you that the process described in that paper was absolutely astounding. And while it was relatively cheap, it certainly costs MUCH more than $50.

Re:hardware and software keys.

[topham]

If this was developed in a business lab your right. No real argument there. Cracking the security on such a device makes an interesting paper to an academic. At no point was I intentionally masking the amount of work or effort required for the first person to do it.

If everybody had to do it from scratch it would not be feasable. My point is, it has been done. It can be duplicated, and/or, used to produce hardware to do it again, in a more commercial like setting. As opposed to academic.

And, in fact, it has been done.

As I am a programmer I understand that there is some hand waving involved. For me to put the tools (never mind knowledge) in place to pull off something like this, your right, would have cost me atleast $5-10K. (Even if I rented access to such equipment).

Re:hardware and software keys.

[pjrc]

If everybody had to do it from scratch it would not be feasable. My point is, it has been done. It can be duplicated, and/or, used to produce hardware to do it again, in a more commercial like setting.

It would not be easy to automate (eg, connecting to those 6 mil spaced traces), but yes, it could be automated.

And for all that trouble to build automated gear, Microsoft and Nvidia could implement even the most trivial changes to make automated hardware hacking gear obsolete.

Even with zero changes to the secret automated bootloader that embedded within the Nvidia chipset, just swapping the locations of a few wires on the circuit board and ordering their next batch of boards with the wires in different locations (or on inner layers where you can't touch them) would completely frustrate any automated key extraction techniques. It's a simple matter of opening the CAD software with the board layout, clicking and dragging on a few wires to move them, re-run the DRC checks and generate a new set of "gerber" files to send to the board fab. Here in the US, setup fees for a new set of gerbers run about $200. Even if Microsoft spends $3000 doing paperwork to document the changes, that quickly amortizes itself over the next batch of 50000 xboxes (xboxen?). Rinse and repeat a few times, and automated key extraction now has to deal with many different flavors of the board with the necessary signals in different, difficult-to-reach locations.

And that's just a trivial change of pushing a few polygons in the CAD software and ordering the next batch of circuit boards with new layout. Did you catch the mention of Nvidia recently reporting losses due to excess inventory of chipsets for the xbox that were obsolete and needed to be scrapped. They changed something.... I'll bet you can get at least one thing that changed inside the chip recently :)

So tell them!!!

[DoctorFrog]

Unfortunately the home user won't read the article. He will read advertisement ads that promise him a computer that will make "Windows XP even more secure".

The home user bought Office 2000 because of the helpful little paperclip. He will buy this.

Being defeatist about it doesn't do squat. I bring these kinds of articles to work. I leave them in the lunch room. I don't have to proselytise any more than that; everyone knows it's me leaving them, and they ask me. I tell them what's going on and what they can do about it, including the downsides ("You will have to learn more about your computer. You will have to do some research before you buy new hardware. You won't have as many commercial applications available, and that includes games.").

I keep a supply of Live-CD distros in my desk and I give them away. Microsoft has lost several Joe Sixpack level customers from this activity. I will help people do the switch, while making it clear to them that I'm not an expert or a professional, just a guy willing to help; I will always make a full backup if they have a burner (except for XP), and I will always recommend a dual-boot at least to start with, and I will always promise to do my best to restore their system (no guarantees) if they decide to go back to all-Windows. So far no one has taken me up on that last one.

Re:Well

[rseuhs]

Well, I admire Microsoft and all, but if they don't give us any real data we have no choice other than speculate.

Palladium-lovers usually tell us: "If you have nothing to hide, you have nothing to fear from Palladium".

Well, if Micrososft has nothing to hide, why do they keep Palladium a secret?

What ever happened to...

[pmz]

Amendment IV.

The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.

How is my hard drive and RAM different from my "papers" and "effects"?

Let's say I have 3,000 VHS videocassettes in an home owned by me. Those cassettes contain blatantly illegal copies of The Country Bears, which I intend to sell for profit but haven't, yet. The FBI cannot break into my home at any moment to see whether the videocassettes are there; they have to wait until I sell them carelessly leaving a trail right back to my home. Only then, with a warrant in hand, do they come and confiscate the cassettes probably arresting me, too.

Let's say I find a way to copy one of those videocassettes onto my Palladium-equipped PC but haven't distributed it, yet, even though I intend to. Will there be something about this act that triggers Microsoft's piracy alarms? Even though I haven't technically broken the law, yet, can Microsoft or their hit-men enter my computer without a warrant and delete that movie?

How is entering my computer through a network interface different than entering my home through the front door?

Re:What ever happened to...

[PhxBlue]

Actually, you're mistaken. If the FBI learns you have 3000 VHS cassettes containing copies of The Country Bears, and catches wind of your intent to sell them, they can nail you well before you actually carry out the act. That's the definition of conspiracy.

Likewise, the police don't have to wait for you to attempt murder if they know you're planning one. Authorities can arrest and convict you merely by proving intent.

Re:What ever happened to...

[pmz]

...they can nail you well before you actually carry out the act. That's the definition of conspiracy.

This is fine, but what if the conspiracy is totally stored within the mind? In either case, whether the movies are in my house on cassettes or on my hard drive, there is no clear external sign of intent.

The point I'm trying to get at is that Palladium might be a means of allowing me to be labeled a conspirator without there being real proof of it. In my post, the movie had simply been copied to the hard disk, which, in itself, doesn't break the law. The intent to distribute it isn't stored on the hard disk but the mind. Without proof of that intent, Microsoft, the RIAA, and /or the MPAA are, in my opinion, infringing on my Fourth Amendment rights by sneaking in to perform their brand of justice.

While we're at it, the First Amendment (free speech) and the Sixth Amendment (the right to a trial) should be considered, too. If Microsoft, the RIAA, and the MPAA think they can bypass the U.S. Constitution, of all things, in trying to preserve their way of life, they are arrogant beyond belief.

Re:What ever happened to...

[forkboy]

You're misinterpreting the search and seizure laws we have in this country. The FBI can go anywhere and do anything it damn well pleases, as can any law enforcement organization. However, not possessing a warrant simply means they can't use the evidence against you in court. A lot of dirty cops will search and/or seize cars and houses of suspected drug dealers without warrants of any kind without ever intending to prosecute, hoping that enough harassment will get them to roll over on THEIR dealers. This is what current drug laws in the US allow.....and it's gotten worse with the Patriot Act. Be afraid....

Re:What ever happened to...

[pne]

No locks... except the ones locking them out!

Perhaps then they'll learn to read and pay attention to licences they accept.

Am I really the first person to notice this?

[tdye]

Or have we all just given up commenting about it... Bruce's name is spelled wrong in the headline.

Sheesh...

Not true.

[beleg777]

With all the rampant speculation, FUD and vapor already out there, I think this does a lot of good. It's a much more realistic and mature speculation, and it's much more nutral than most of what is already being said. Granted, he can't clear everything up by telling people the way things are, but a lot of people are already saying a lot of things about Palladium, and it's good to have people saying intelligent things.

Re:One IMPORTANT thing

[Aexia]

I couldn't think out any reason to buy such a crippled (and expensive probably also) computer except forcing it by very restrictive law.

There you have it. You simply won't have a choice. All the major computer manufacturers will be on board with only producing Pd hardware and hte major software manufacturers will be on board with only writing software for Pd.

Want to play the latest, greatest games on your PC? You'll need a Pd compliant system to play it on.

Want the newest computer system? You'll have to buy Pd.

Want to upgrade your old non-Pd-compliant system? Too bad. They don't make parts for it anymore.

Sure, there'll be a used-PC market for a while, but eventually, the components will wear out and you'll have little choice but to go with Pd. And there might be a hanful of non-Pd computr manufacturers... but how many people will buy them? All the Mac and Linux users?

Microsoft will still control 95% of the market, which is plenty enough. By that time, they might be able to pay Congress to pass laws banning non-Pd compliant systems to nail that last 5%. Because, obviously, only hackers, pirates and terrorists would want to use a non-Pd system.

Big Corporate Brother

[DaytonCIM]

"[TCPA / Palladium] provides a computing platform on which you can't tamper with the applications, and where these applications can communicate securely with the vendor."

Does it concern anyone that Microsoft, Oracle, AOL, Disney, etc... would have control over your computer if this standard is implemented (and you use a windows platform)? Does it concern anyone that corporations and governments could delete anything they found objectionable?
Truth is: had the US government realised how big the Internet would become and how free information would flow, they never would have allowed it. With TCPA / Palladium, governments and corporations will kill the freedoms we now enjoy on the web, usenet, ftp, etc.

Re:Big Corporate Brother

[Maul]

It certainly concerns me. However, the average person doesn't even KNOW about Palladium. They probably won't know about it until the press hypes the "next version of Windows" that will "stop hackers from stealing."

Re:Big Corporate Brother

[night_flyer]

doesnt concern me, I have no intention of upgrading past win98/2k

The wheel turns...

[jarrell]

I find it entertaining that after all these years, someone is finally re-implementing Multics...

Man that guy can be clueless

[Archfeld]

"Microsoft can't afford to have the media companies not make their content available on Microsoft platforms, and they will do what they can to accommodate them."

I think it is the other way around. No media company can afford to offend M$. There are lots of media producing companies, and about 5 real OS manufacturers. M$ has the BIG stick in this case not intel or amd or any computer or software manufacturer.

Re:Well

[xmedar]

Yes and no here's my take on it

I disagree with Schneier on several points -

Will Microsoft jigger Pd to prevent Linux from running? They don't dare.

and earlier he says -

Some say that Pd is, in fact, Microsoft's attempt to preempt the TCPA spec.) TCPA is the Trusted Computing Platform Alliance, an organization with just under 200 corporate members

So does he think for a moment that Linux is a "corporate member"? Linux is by it's definition a community, not a corporation and thus cannot "be a member" of the TCPA, of course corporations who sell Linux can be members, but as the corporations involved with Linux are a fraction of what Linux actually is, Linux as a community could be damaged severely if this comes to pass.

Additionally, a new chip is required: a tamper-resistant secure processor.

And who's going to upgrade all those old machines that don't have the chip? And what of all those old machines donated at the end of their corporate or home lives to schools and charities? How much of the data swirling around the data buses is encrypted? Do we need new memory / I/O buses that are deemed "secure"? Are there requirements for sheilding the buses from electromagnetic surveilence? Or are they mandated to be open to some mandated authority? So many questions, and NO answers, if they really have been working on Pd since 1997 and there are no answers to these fundemental questions then I call BS.

Pd provides protection against two broad classes of attacks. Automatic software attacks (viruses, Trojans, network-mounted exploits) are contained because an exploited flaw in one part of the system can't affect the rest of the system.

Or *nix as it's usually called. Given that MS software has been and continues to be highly insecure does anyone really think that they can pull this off? The paragraph continues -

And local software-based attacks (e.g., using debuggers to pry things open) are protected because of the separation between parts of the system.

So how much will I have to pay MS to run a debugger? And will there be any other debuggers allowed to run other than MS ones?

There are security features that tie programs and data to CPU and to user, and encrypt them for privacy.

Does that mean that every user (member of family, freind, co-worker, etc) that uses a machine will require a seperate licence to get a seperate key or is it all encrypted with the owners rather than users key? And how are data and keys moved from machine to machine? What happens if keys (like the Regiistry before hand) become corrupt?

Your computer will have several partitions, each of which will be able to read and write its own data.

And what if a partition becomes corrupted? Do we have some sort of digital reciept if we got something from the Net so that we can get back from the Net what was lost locally? If so who enforces the contractual obligations of the digital seller? What if the seller ceases trading?

There's nothing in Pd that prevents someone else (MPAA, Disney, Microsoft, your boss) from setting up a partition on your computer and putting stuff there that you can't get at.

So the MPAA could just DoS me by using up all my drive space so I don't have any room to put MP3s on my machine?

Microsoft has repeatedly said that they are not going to mandate DRM, or try to control DRM systems, but clearly Pd was designed with DRM in mind.

They also say that they arent an abusive monopoly or that they arent hiding anything by not decaring share optionson their balance sheet.

There seem to be good privacy controls, over and above what I would have expected.

So no dial in to MS then to give up your blood type and sexual preference then??

And Microsoft has claimed that they will make the core code public, so that it can be reviewed and evaluated.

When? 2010? 2050?

It's hard to sort out the antitrust implications of Pd.

Why would they care? Hasnt Bruce been following the current case? Doesnt he realise that MS 0wnz the DoJ?

Will it take standard Internet protocols and replace them with Microsoft-proprietary protocols? I don't think so.

The word Halloween comes to mind...

Will Microsoft enforce its Pd patents as strongly as it can? Almost certainly.

Except in countried where software patents arent recognised

Lots of information about Pd will emanate from Redmond over the next few years, some of it true and some of it not.

Whoa! Some of it "true"?

1. A "trusted" computer does not mean a computer that is trustworthy. The DoD's definition of a trusted system is one that can break your security policy; i.e., a system that you are forced to trust because you have no choice. Pd will have trusted features; the jury is still out as to whether or not they are trustworthy.

Didnt NT have a C5 rating? Hehe...

I doubt that you or I could, and still enjoy the richness of the Internet. Microsoft really doesn't care about what you think; they care about what the RIAA and the MPAA think. Microsoft can't afford to have the media companies not make their content available on Microsoft platforms, and they will do what they can to accommodate them.

Yeah I mean it's not like people are ripping CDs and DVDs all the time and making them available over the Net with downloads in the billions per month or anything.... DOH!

3. Like everything else Microsoft produces, Pd will have security holes large enough to drive a truck through. Lots of them. And the ones that are in hardware will be much harder to fix. Be sure to separate the Microsoft PR hype about the promise of Pd from the actual reality of Pd 1.0.

At last! Pd is right now a big PR exercise with a bit of crappy MS code behind it that probably has hundreds of obvious holes (buffer overflow anyone?)

4. Pay attention to the antitrust angle. I guarantee you that Microsoft believes Pd is a way to extend its market share, not to increase competition.

and -

There's also a lot I don't like, and am scared of. My fear is that Pd will lead us down a road where our computers are no longer our computers, but are instead owned by a variety of factions and companies all looking for a piece of our wallet. To the extent that Pd facilitates that reality, it's bad for society. I don't mind companies selling, renting, or licensing things to me, but the loss of the power, reach, and flexibility of the computer is too great a price to pay.

Pd is about the control of information, where/how you get it and how you use it, usually the perview of media companies, governments, religous leaders etc for most people on this planet, as opposed to some of us /.ers who rely on ourselves and open sources of information. Your wallet is only the tip of the iceburg, they want your mind, Pd is The Matrix with nightly reboots.

Re:One IMPORTANT thing

[Sloppy]

WHO&WHY is gonna buy Pd-PC?

It's the same answer as "Who & Why buys non-Pd Windows in 2002?" Look around: Every single person that you know who uses MS Windows today, will use Palladium for the exact same reason.

Re:That would be counting... Payed vacations.

[benwb]

Ten days for an entry level job in the us is normal.

Palladium's a Big Patch

[Spencerian]

The mere need for Pd wouldn't exist if it weren't for the fact that Windows is a single-user operating system hastily and badly written as a pseudo-multiuser OS with inherently poor and hackable security. Microsoft Windows is what would've happened to the original Mac OS if Apple was successful in hacking their old Mac OS (pre-Mac OS X) to work as a multiuser, multithreaded OS, IMHO.

The only thing that made Windows different from the old Mac OS in terms of security is that the Mac OS never reached a critical mass of users. So, as a result, virus makers never bothered to make the volume of viruses or hacks to penetrate the old Mac OS.

Microsoft, IMHO, is trying to simply wrap up their inherent inability to write anything with sufficient security by making a product, and charging users for something they should expect as part of any trustworthy operating system's initial cost of purchase.

Of course, there's no guarantee it will work as advertised--another Microsoft trait.

Re:Palladium's a Big Patch

[Chris+Johnson]

Old school MacOS didn't have as many scripting and automation capabilities as the horribly vulnerable Windows (w. Microsoft internet software). When it did, it got bit. Quicktime added a feature basically from Windows, at one point- auto-start CD-Roms. This immediately got used as a virus vector, and the 'Autostart worm' became a major problem. You had to turn the 'autostart' Quicktime feature off to be immune from it.

It's got very little to do with mass of users- when there was a virus vector, believe me, it got hit. It's just that MacOS was always less wide open to attack than Windows w. MS apps.

If Microsoft wanted to make Palladium bulletproof from viruses, they'd have to make it so you do everything manually, by yourself, possibly with 'wizards' or whatever to help you. Nothing would be automated, least of all system-level scripting running off email or Web content (ye GODS who came up with that?). Trying to set up security levels is only asking for hacking: the only way to be truly secure is to not have the capacity to be infected.

Like old MacOS with WebStar: gee, you could root that box if it didn't have all the remote admin capability of a _toaster_... outta luck!

If you want a computer system that cannot be buggered, build one without an *ahem* ;)

Re:Palladium's a Big Patch

[Spencerian]

Great point, especially about WebStar. In its Mac OS 9 incarnation, that thing was practically uncrackable. You're right...old Mac OS had few methods to jump into it. Apple seems to understand that in OS X, since most of the ways in are disabled by default. Good for them, and us.

Yep, I remember the AutoStart joys. That QT "feature" was not amusing. Most viruses today do rely a lot of scripts and other niceties that MS throws in, don't they?

If Pd is wired up as everything else in Windows has been, you're right...they'll find a bum to bugger.

Re:Palladium's a Big Patch

[Chris+Johnson]

That's good, yes- though I have to say, if you have ways in, which are locked by the computer (disabled) then it's just a matter of coming up with a way to make them ENabled and *plook*

There's something to be said for not even having the ways there at all, if you're not going to use them. Classic MacOS using non-MS internet apps (never mind WebStar servers) was very tough to do anything to through online viruses. It was just possible that you could get THE USER to go to a website or something, and get THE USER to actively download the virus vehicle, which would unstuff automatically but not run unless THE USER went and actually doubleclicked on the sucker- at which point they've gone to so much effort that you might as well let them be infected :)

I remember when the "Good Times" virus was a hot topic of conversation, and hotly dehoaxed by all and sundry. There was no such thing as an email virus! Now, thanks to Microsoft, more than 99% of my email that passes antispam filtering is email viruses. This is partly because I've had the same email address since something like 1996, maintain a web site, and am pretty well known in some circles... but it's still disgusting, and yes, I do blame "let's make APIs to automatedly send mail to everyone in the address book, or any subset thereof" Microsoft.

Somehow I don't see them using Palladium as a means to change email to a 'telephone' like, manually-write-to-one-person-at-a-time model. I do expect they'll be ready to facilitate commercial bulk mailing, though. "opt-in! opt-in!"

MS and Bush Administration in League?

[Maul]

Is it just me, or am I wrong to be suspicous that any company would have the blatant ego to release something like Palladium, which could have the capabilities of squashing all competition, in light of an antitrust trial?

It looks like the Bush Administration wants the DOJ to give Microsoft a slap on the wrist, however. Even though they've been found guilty of leveraging their Monopoly powers to squash competition.

I'm not going to point to any conspiracy theories, etc., just a gut feeling. Could it be that the Bush Administration secretly wants Microsoft to deploy Palladium?

If Palladium is as bad as people are saying it is, it has the capability of forcing every computer user who wants to use the internet in a meaningful way to use the same exact (or very similar) system as everyone else.

Imagine that MS deploys Palladium, then announces that they are going to "cooperate" with the Office of Homeland Security, allowing them to use the capabilities of Palladium to "fight terrorism."

Working together with Microsoft, the government could suddenly have access to everyone's hard drive. Not only in the United States, either, but on any PC in the world that is running on Palladium hardware. Unplugging your PC from the network won't even be an option if you are required to be connected to use any software.

And of course, anyone who resists upgrading to Palladium after a certain period of time would not only be pictured as being against capitalism by refusing to spend money to upgrade their PCs, but would also be seen as aiding the terrorists by using non-Palladium hardware.

They could also justify a military raid of Southeast Asian countries for producing "terrorist computer hardware," in other words cheap computer hardware that is not Palladium-enabled.

I might be a bit alarmist, but it seems that some of the capabilities of Palladium are very much aligned with the Bush Administrations current track record of curtailing our civil liberties and screwing around with other countries in the name of "fighting terrorism."

Additionally, though I'm still skeptical, I'm becoming more and more convinced of the possibility that the Bush Administration knew about what was going to happen on 9/11 at least a few weeks before hand.

I certainly hope we don't start seeing "Palladium-enabled" purchacing kioscs at our supermarkets and so forth, but it wouldn't surprise me. Revelation 13 is seriously starting to freak me out.

It quacks like a duck

[TFloore]

It looks like a duck, it quacks like a duck... it must be a duck.

Purchasing software or movies... It looks like a sale, it acts like a sale... it must be a sale.

You are still limited by what copyright law allows. But copyright law allows an awful lot.

Yes, to run a program that you purchase on CD, you copy from the CD to the CD-ROM cache, to the computer RAM, to the computer HD, then run it and copy to the computer HD cache, to the computer RAM, to the CPU L2 cache, to the CPU L1 cache, to the CPU registers.

Guess what... to watch a VCR tape, your VCR does much the same thing. It reads an analog signal off a tape, transmits it through several filters to a wire connecting it to your tv, into the tv and through several filters, to an electron beam gun. Lots of copies for that, and 20 years history that this is all completely legal, no license required.

All the copying required to run a computer program is covered under copyright law and fair use. Copyright law basically says you can do one of two things... you can copy something, or you can distribute it. But you can't do both. I can make as many copies as needed or desired of something in order to use it, and so long as I don't distribute any of those copies to other people, I'm within the law.

(Yes, exact legal opinions don't precisely say that... but they are close enough to work that way in practice. That's why the media companies are trying to buy new laws to prevent this.)

Licenses are not required to legally run software you *buy*. Ditto for movies you buy. You are still limited by copyright law, but in no way do you need a license in order to legally use this product you bought.

Re:It quacks like a duck

[RickHunter]

Err... I thought that too, until I read the actual law in question. Turns out that you aren't allowed to make copies, except with a few specific exceptions. (One backup copy, copying to memory to run a computer program) And that's just what I was able to parse out of the legal spam - there could be more restrictions or exemptions sitting in the middle of two dozen pages about cable and radio frequency licenses.

And EULAs may indeed be enforcable, depending on your state. See the text of the UCITA, which I believe both Maryland and Virginia passed...

Hosting (quartering) of DRM agents (soldiers).

[aphor]

Do not take this lightly. It can make citizens into subjects of an already exclusive government. It takes the abuse of power into part of your private domain in ways most people are not prepared to understand. Privacy, as a right, is defined by the U.S. Constitution's explicit freedom from "quartering of soldiers." Email this stuff to the people who you forward jokes to. You need them to know how you feel.

[from the ( Bill of Rights) 3rd. Amendment to the Constitution of the United States of America]
No Soldier shall, in time of peace be quartered in any house, without the consent of the Owner, nor in time of war, but in a manner to be prescribed by law.

Consider Bruce's analysis:

Pd is inexorably tied up with Digital Rights Management. Your computer will have several partitions, each of which will be able to read and write its own data. There's nothing in Pd that prevents someone else (MPAA, Disney, Microsoft, your boss) from setting up a partition on your computer and putting stuff there that you can't get at. Microsoft has repeatedly said that they are not going to mandate DRM, or try to control DRM systems, but clearly Pd was designed with DRM in mind.

There seem to be good privacy controls, over and above what I would have expected...

When you think about a secure computer, the first question you should ask is: "Secure for whom?" Microsoft has said that Pd allows the computer-owner to prevent others from putting their own secure areas on the computer. But really, what is the likelihood of that really happening? The NSA will be able to buy Pd-enabled computers and secure them from all outside influence. I doubt that you or I could, and still enjoy the richness of the Internet. Microsoft really doesn't care about what you think; they care about what the RIAA and the MPAA think. Microsoft can't afford to have the media companies not make their content available on Microsoft platforms, and they will do what they can to accommodate them. There's often a large gulf between what you can get in theory -- which is what Microsoft is stressing in their Pd discussions -- and what you will be able to have in practice. This is where the primary danger lies.

If you consent to allowing companies to install DRM agents on your computer, you are giving up your legal domain of privacy to them. This is not bad if each program is quarantined off from any others, but what is to keep them from conspiring with each other via RPC across "partner" servers from vendor to vendor to offer you "tighter integration." The programs on your computer even with perfect process separation on your Pd equipped computer are no more trustworthy than the websites from each respective vendor. Worse: you still have to trust Microsoft to implement (instead of pretending to implement) those security functions.

Re:One IMPORTANT thing

[MsGeek]

It's VIA now. And it is doubtful that VIA would allow MS to put Pd in their processors, particularly considering the mistrust that the Chi-Coms have for the US and the fact that the CIII chip has its biggest market in Mainland China.

Even though EPIA has a pretty bad performance record, (although it's been embraced by many because it's cheap and quiet and very very small) get used to it. Because with Intel and AMD on the same page of the hymnal with MS, this is what those who don't want to be r00ted by MS will have to deal with.

Re:Well

[rseuhs]

Would you like Microsoft to know everything you hear/watch/do?

That's the whole point. Microsoft has good reasons to keep some things a secret and we all have good reasons to keep some things secret.

Why should we have to disclose everything and not Microsoft?