Slashdot Mirror
Stopping Palladium?
jbwiv asks: "I've seen many articles/posts/opinions stating that Microsoft's Palladium could put an end to Open Source as we know it, thereby stealing away most of what I enjoy and appreciate about computers. With the big two (Intel, AMD) actively developing Palladium architectures, I'd like to get involved in the effort to combat it. However, I haven't found any person or group actively working to stop Palladium; plenty people are bitching, but no one seems to be doing much about it. Who can one contact regarding this, and are there any groups already involved? What other steps might be taken? It would seem that such an affront to our way of life would be met with more vocal and mobile opposition."
Buy a Mac, Sun, etc? I'd imagine those architectures won't be instating Palladium.
Or am I going to have to go back to my handy-dandy etch-a-sketch?
PS: I don't reply to ACs.
There has been alot of talk on this subject, almost all of it speculation. Do we have any concrete ideas about how it will stop open source? No we don't. We can only speculate (be like the x-box, secure hw, closed specifications). Short version, know thie enemy. We don't even know if it is the enemy.
Doesn't Palladium meet my needs? Doesn't Palladium have a place?
Unlike the CBDTPA, DMCA, UCITA, and other laws, we can't lobby against Palladium. We can't (and shouldn't!) lobby to have it banned at the federal level. It's a Microsoft product. If they want to make it, they will.
All you can do is not buy it, and exercise your free speech to try to convince as many other people as possible to not buy into either.
What more is there to do? Am I missing something?
If you're looking for action to take, lobby against the CBDTPA, let your representatives know how you feel on these issues, and focus on the legal problems. Microsoft is perfectly free to offer Palladium if they want to, because as sucky as it is, it's not actually being mandated by law. (Yet. Re: CBDTPA, lest ye hurry to accuse me of paranoia.) Palladium is going to happen. (Since the first incarnation will be horrid, it may not even be worth worrying about; the market may well write it out of existance.)
...how one day you people rail against the RIAA's attempts to shut down P2P, claiming that P2P has other uses than intellectual property theft. On the very same day, and quite often in the same thread, you can argue that Palladium is "evil" and it must die, regardless of the other uses of the technology to secure systems against unauthorized software such as viruses, worms and trojans. You have absolutely no concept what Palladium is but you have no problems condemning the technology. Either make up your mind of STFU. Enough of the hypocrisy.
Repeat after me : We will not win a lobbying/PR war. period.
So let them (Microsoft, Intel, AMD, RIAA, MPAA) try to please Hollywood : if Joe User has a true alternative to the annoyances of Palladium, he will switch in no time.
What about
- GNU/Linux instead of Palladium Windows
- A PowerPC G4 based PC instead of a Palladium Intel/AMD based one
- ogg/mp3 and divx instead of Palladium cds and dvds
- P2P instead of Palladium Amazon
Yes, Joe User prefers Windows/Intel/DVD/Amazon for now. But the choice will be very different when he will be annoyed by palladium every time he wants to listen to music or watch a movie.
Just be patient : they're working for us. And in the meantime, you can help to improve the alternative (hint, hint.)
Obligatory disclaimer : I'm not advocating the use of P2P as a means of avoiding buying music/movies. I'm just saying that if Hollywood impose unfair licencing terms, Joe User will switch to P2P, be it legal or not.
It only matters if people support it. For instance, I download most of my music from video game fan sites. Are those composers going to suddenly start producing music using palladium technologies? It's a possibility. But if they don't, then I still get to play the music. So don't support anyone who uses Palladium as a means to protect their copyright.
This is the method that the opposition will try:
1) Make some CPUs implement opt-in DRM
2) Make all CPUs implement opt-in DRM
3) Make some CPUs implement opt-out DRM
4) Make all CPUs implement opt-out DRM
5) Make some CPUs implement mandatory DRM
6) Make all CPUs implement mandatory DRM
We have to fight at every step. The key to fighting during the "some" steps will be economic and technical (early adopters must be punished) and the key to avoiding the all steps will be political.
I believe that our best opportunity is during step one. We need to be prepared to make END USERS who accept DRM suffer. This may be somewhat unnatural for us to do, but if we do that, the market will take care of the rest.
Here are a couple of ideas:
A) Open source licences should actively exclude installation on DRM *capable* hardware.
B) Open source tools must inhibit interoperability with DRM enabled hardware. "I'm sorry, but your machine does not meet the minimum requirements to view this web page"
C) At work, try to influence procurement policy:
- "DRM is for playing games and watching movies, do we really want our employees doing that?"
- "Some software breaks when you use that - let's keep our options open"
- "Palladium will worsen our lock-in to MS products, do we want that?"
- "When somebody cracks it, and they will, we'll get viruses we can't remove"
I think this is very straight forward, but is hard to see because it attacks open source from lots of different angles.
When the media companies require you to have a player for their content, the only choices will be closed solutions so they can trust that their data does not get stolen.
to be able to trust the application, you need to trust the underlying operating system.
palladium enabled hardware (dvd drives etc.) will require a trusted operating system too.
it won't work without a trusted operating system.
parts of the web won't work without palladium being enabled. buisness on the web wants security. palladium tries to offer them that.
by choosing open source, you are restricting what you can do with your computer.
open source has a market with non geeks because it can offer comparible functionality at a lower cost of ownership.
Now consumers will get the mindset "you get what you pay for".
a lot of the reason open source is where it is today is that people use it. they use it because it's not much harder to use than commerical products and it's a lot cheaper. with palladium, that incentive leaves.
:start
;
Lack of consumer demand creates lack of money. Lack of money creates lack of development. Lack of development creates lack of production. Lack of production creates lack of product. Lack of product creates lack of intrest. Lack of intrest creates lack of consumer demand.
;
GOTO start
If you really want to fight it, the simplest way to go about it is to get it known on the net to Joe User. If enough people are aware of the scheme that MS, Intel, and AMD are planning, people will not want to purchase it, and will even make a concious effort to make sure that thier new computers do not come with this so-called "enhancement".
When the big three realize that there is no customer base for a product like this, production of Pallidium will cease.
Get your free Dropbox account with 2 GB Free storage!
...here's a quick rundown on what I think is Microsoft's strategy with Palladium: it's quite beautiful actually in its cunning, and it's going to be difficult to formulate a solid response to it. It has absolutely nothing to do with stopping Open Source software from running on PCs, as this would be blatantly anti-competitive and PC manufacturers would run away screaming from it. It's more subtle than that. Instead, it is all about the age-old Microsoft tradition of decommoditization of formats and protocols that we learnt so much about from the 1998 Halloween documents, taking this low-ethics strategy one step further.
Media companies have known as long as almost any of us that the public at large want downloadable digital media - music, films, TV-on-demand. With the growth of broadband and PC ownership this has now become impossible for them to ignore. However, the explosion of P2P networks has also shown Big Media that without effective copy-protection, their content is soon available to anyone and everyone that wants it, without paying them. The media companies see this as a threat, as they think it will cut into their bottom line. From their point of view I think that's a reasonable assumption to make. It doesn't matter whether or not you agree with this or whether this is in fact the truth: the truth is irrelevant. The only thing that matters here is how the media companies see it, because they are the ones with almost all the content the public wants, and they have very deep pockets.
We've already seen the media companies and their surrogates make attempts at addressing this perceived threat on their own: witness PressPlay, LiquidAudio, SDMI, several CD copy-protection mechanisms and all sorts of other schemes. The trouble is that the media industry is still fairly clueless about the Internet and its users, and lacks the clout to force these schemes on the public, so all of them have so far fallen flat on their face, or have been cracked in no time at all, reducing their copy-protection effectiveness to zero.
Enter Microsoft and Palladium. Palladium is, in essence, a system which allows Microsoft to verify, through the use of hardware-assisted and hardened strong cryptography, that the PC that Windows is running on does not have any peculiar software or hardware attached that could divert and record an unencrypted digital signal - that is, the PC has a secure, verifiable digital path.
This is how it works: Each PC has a unique public/private keypair stored on the processor itself, in addition to Microsoft's public key. When Palladium is enabled, the hardware will refuse to run an operating system that is not signed by Microsoft's private key, and then the operating system will refuse to load hardware drivers that have not also been signed by Microsoft, effectively removing any possibility for diverting the unencrypted digital stream. When you download Palladium-protected content, it is encrypted using the client machine's unique public key, so it will only play back on the machine with the corresponding private key. Your access to the content is completely dictated by Microsoft, and because of the verifiable software and hardware in the client machine, there's precisely nothing you can do about it - at least, barring Microsoft's usual quota of bugs, but expect Microsoft to be quite meticulous here. You'll almost certainly always be able to turn Palladium off, but then you won't be able to play Palladium-protected content - you won't have access to the private key stored on the CPU that can decrypt the content. It absolutely will not stop you from listening or watching to unencrypted content, not on its own, anyway, and Microsoft is too smart to cut off its own air supply.
Microsoft can do this when the media companies failed because they have such total dominance over the whole client PC market and its architecture. Witness how they have already got Intel and AMD onboard to do the hardware side of things. Much of the software required to do this is already in Windows: driver signing, for instance, has been there since Windows 2000, although optional, and encrypted digital rights management has been in Windows Media Player for some time now too. It's plain Microsoft has been planning this for a while and has been doing the whole 'How to boil a frog' thing - i.e., slowly, bit-by-bit, all the time spinning it their own way.
The media companies will love it: finally they get their secure digital path and can start distributing all their content over the internet, whilst screwing the public out of their fair use rights. No new laws have had to be paid for, although the DMCA and similar laws worldwide will help keep attempted cracking of the system to a minimum. They can gradually start phasing out CDs so that, in ten years time, Palladium-protected content is the only digital content you can get.
Microsoft loves it because it gives them total control over the whole PC - they can dictate to hardware manufacturers exactly what they can and cannot produce, because if they don't listen, they don't get their drivers signed and the hardware won't run with Windows.
Once they have a good lead in the amount of content produced for Windows Media/Palladium systems, it gives them an enormous amount of leverage in consumer media products: music players, TV, cable, you name it. Everything media-related will be subject to Microsoft's whims, because without Microsoft's approval, your hardware won't be able to play any content.
It gives them complete control over what will probably eventually be the media industry's main form of distribution, which will earn them billions. Better still, with downloadable digital content becoming more and more important, it will be a major body-blow to Linux and Open Source - Microsoft will never sign a Linux distribution's kernel so that it can run in Palladium mode, so Palladium-protected content will never ever play in Linux. This will put an enormous dent in Linux's chances as an OS for the desktop - none of the media industry's output will play, and as CD/DVD supply gradually dries up over time, it will put Linux on the retreat back into its server homeland.
You can bet that eventually Apple will cave in too, assuming Windows Media protected by Palladium becomes dominant. They simply won't have any choice but to side with Microsoft and implement Palladium, because otherwise the supply of available content will dry up, unless there's a revolution in independent, free media. Mac-heads should get on board the anti-Palladium train now, because if you don't, Apple will be just as vulnerable to Microsoft as the rest of us. You simply don't have the desktop share to matter on your own, unfortunately, but together we might.
It is a domesday scenario for desktop Linux, and pretty ugly for consumer electronics manufacturers, PC peripheral manufacturers, Apple and other non-PC hardware makers, not forgetting of course the public at large. What can be done?
Well, there's six things that I can think off the top of my head:
I don't think the war is lost yet, but we need to start fighting. Microsoft has come up with a spectacularly shrewd bit of corporate strategy, and we need an equally good response - very soon.