LaGrande, TCPA, and Palladium

An anonymous reader writes "Intel's Paul Otellini gave a talk to developers where Intel's project called "LaGrande" was mentioned. This project is aimed to create a "safer computer environment", that would consist of an advanced TCPA implementation. Some of the features it has deal with physically "protected execution, protected memory, and protected storage". When talking on LaGrande, Otellini said "it's a core technology that things like the Microsoft Palladium initiative can take advantage of to build much more stable platforms.""

Useful services, devil is in the details

[astrashe]

I was as afraid of palladium as the next guy before the details started to come out, but I think we ought to try to avoid the knee jerk reaction and think this stuff through more carefully.

A lot of people are opposed to any scheme that can be used to thwart piracy. But in my view that's an extreme and unreasonable position, even when fair use issues are taken into account.

For a long time it's seemed to me that the thing we ought to be working towards is an open system of distribution, one that can't be dominated by large media concerns, something that gives a guy who makes music at home the same sort of access to the market as the big record labels.

To me, the issue is not whether or not my computer is capable of running some sort of protected DRM system -- the issue is whether or not it's capable of running alternative systems, if the existence of a palladium aware media player will break my mp3, ogg, and divx players, or my entire open source operating system. As I read these proposals, that's not the case, they won't break things.

Microsoft has said explicitly that one of the key design goals of palladium was that it shouldn't break existing software.

In my view, these sorts of services are useful, and we ought to be talking more about "how" then "if" they are implemented.

In particular, we ought to be sure that software that will run under linux can provide the same sorts of services as a palladium enabled version of windows. I know that the applications themselves couldn't be truly open source (or at least you'd have to use a signed snapshot of an application that was developed using open source methodologies). But I don't think that's enough of a reason to pull back from this stuff.

There are useful applications for this stuff.

About a decade ago, one of the hot topics among crypto types was digicash -- cryptographic protocols invented by a guy named Chaum that try to mimic cash, especially its anonymity and security.

One of the big problems was how to make microtransactions work when you're disconnected from the net. Imagine two palm os devices doing a transaction over infrared. Chaum's answer was to use tamper proof chips.

Sure, on some level nothing is tamper proof, but it ought to be possible to make tampering difficult enough, expensive enough, and to cap the size of the transactions possible and the rate at which they can be made, in a way that would give people reasonable security. The NSA could hack the micropayment system, but they'd have to spend a million bucks, and all they could get back would be $50, or something like that.

It seems to me that this kind of hardware could be seen as a more flexible kind of tamper proof chip.

I think the goal should be that whatever hardware comes out should work with arbitrary operating systems. The trust chain should be decentralized.

In other words, if I develop an electronic music distribution system, I should be able to develop apps for whatever OSs I choose to support, and I should be able to make my system recognize whatever signatures I feel are trusthworsthy. It ought to be possible for *anyone* to develop such a system, and to use the hooks into the hardware.

The thing that worries me is that if all we say is "no, palladium is the devil" we won't have any voice in this stuff.

Re:The sad thing is....

[cheezedawg]

1) Fair usage writes on media

- The media that will most likely be restricted is media that is not available at all right now (legally) because the media producers fear piracy. Fair usage is a pretty muddy area, anyway.

2) The right to copy and email many types of files on my own system

- In general, you do not lose this "right". The cases where you do lose it, it is not legal to copy the file anyway.

3) The right to use international software without running it in a virtual environment (i.e. international software is unlikely to get certified)

- Certified by who? The user still decides what software is trusted or not.

About privacy:

Each palladium system has a unique 2048 bit public/private key pair. However, the public key is protected by hardware and cannot be tracked by a third party because of a system of nonces (outside parties will never see the same public key twice for the same system). Therefore, privacy is maintained.