Slashdot Mirror
LaGrande, TCPA, and Palladium
An anonymous reader writes "Intel's Paul Otellini gave a talk to developers where Intel's project called "LaGrande" was mentioned. This project is aimed to create a "safer computer environment", that would consist of an advanced TCPA implementation. Some of the features it has deal with physically "protected execution, protected memory, and protected storage". When talking on LaGrande, Otellini said "it's a core technology that things like the Microsoft Palladium initiative can take advantage of to build much more stable platforms.""
However the most negative single feature of TCPA and Palladium is the nature of Palladium and the philosophy that has driven Microsoft's development and promotion of Palladium. I think this is probably the scariest part of the whole deal. They recognize what could happen but they press forward regardless.
Most people who hear about these projects don't really understand how little control or privacy these projects will leave us. As far as stable, thats just funny...These projects will not give us more stable software, just buggy software that will let us do less. Next they will be telling us about CPUs and HDs that require MS to work correctly. and I have the first coherent post on this subject :)
"/. =
A world withought hackers, were the only people who can allow software to be installed on your computer is the nice folks at Microsoft and intel, wait did i forget myself in that list? this is a joke all it will be is Microsoft schemeing to prevent "fair use", open source, and easy government computer spying and restrictions is all that palidinium will be used for. Sounds like the future of the wounderfull digital restrction management is comeing.
come comment on the madness at http://slashdot.org/~phreak03/journal/
In the classic LucasArts adventure game Monkey Island 2, there is a character called Largo LeGrande. When we first meet him, IIRC, he tells Guybrush (the protangonist) that this island isn't safe, and then procedes to turn him upside down and shake all the money out of his pockets. Also, he has an oppressive embargo on the whole island (The Largo Embargo).
:)
Couldn't think of a better name, myself.
Such a price the gods exact for song: to become what we sing - Pythagoras
Bill Gates is my hero!
1. Create an insecure operating system
2. Profit
3. Blame computers for your insecurity
4. Profit
5. Get hardware vendors to make changes to compensate for YOUR buggy software
6. Profit
7. Prevent any software except yours from running securely
8. Profit (by others demise)
9. Take away everyones choice.
10 Profit
11. Blame the computers some more, as you take away more freedom
12. Profit. Profit. Profit.
When there is a wolf guarding the hen hose, why on earth would I need the shotgun named Linux?
I was as afraid of palladium as the next guy before the details started to come out, but I think we ought to try to avoid the knee jerk reaction and think this stuff through more carefully.
A lot of people are opposed to any scheme that can be used to thwart piracy. But in my view that's an extreme and unreasonable position, even when fair use issues are taken into account.
For a long time it's seemed to me that the thing we ought to be working towards is an open system of distribution, one that can't be dominated by large media concerns, something that gives a guy who makes music at home the same sort of access to the market as the big record labels.
To me, the issue is not whether or not my computer is capable of running some sort of protected DRM system -- the issue is whether or not it's capable of running alternative systems, if the existence of a palladium aware media player will break my mp3, ogg, and divx players, or my entire open source operating system. As I read these proposals, that's not the case, they won't break things.
Microsoft has said explicitly that one of the key design goals of palladium was that it shouldn't break existing software.
In my view, these sorts of services are useful, and we ought to be talking more about "how" then "if" they are implemented.
In particular, we ought to be sure that software that will run under linux can provide the same sorts of services as a palladium enabled version of windows. I know that the applications themselves couldn't be truly open source (or at least you'd have to use a signed snapshot of an application that was developed using open source methodologies). But I don't think that's enough of a reason to pull back from this stuff.
There are useful applications for this stuff.
About a decade ago, one of the hot topics among crypto types was digicash -- cryptographic protocols invented by a guy named Chaum that try to mimic cash, especially its anonymity and security.
One of the big problems was how to make microtransactions work when you're disconnected from the net. Imagine two palm os devices doing a transaction over infrared. Chaum's answer was to use tamper proof chips.
Sure, on some level nothing is tamper proof, but it ought to be possible to make tampering difficult enough, expensive enough, and to cap the size of the transactions possible and the rate at which they can be made, in a way that would give people reasonable security. The NSA could hack the micropayment system, but they'd have to spend a million bucks, and all they could get back would be $50, or something like that.
It seems to me that this kind of hardware could be seen as a more flexible kind of tamper proof chip.
I think the goal should be that whatever hardware comes out should work with arbitrary operating systems. The trust chain should be decentralized.
In other words, if I develop an electronic music distribution system, I should be able to develop apps for whatever OSs I choose to support, and I should be able to make my system recognize whatever signatures I feel are trusthworsthy. It ought to be possible for *anyone* to develop such a system, and to use the hooks into the hardware.
The thing that worries me is that if all we say is "no, palladium is the devil" we won't have any voice in this stuff.
for Intel and M$ that nobody has claimed the intelectual property rights on idiocy (yet).
---- "Logoff! That cookie shit makes me nervous!" - A. Soprano
LaGrande eh, named after Largo LaGrande from Monkey Island II no doubt, he's the guy who steals all of Guybrush Threepwoods money.
In case you haven't noticed, most of the big attacks that really impact ordinary users seem to be with code that the user has agreed to run--be it an email forwarding virus or spyware, the user instructed the computer to run the offending code. So how is Palladium supposed to help? If it blocks non-Microsoft endorsed code, it's as evil as Slashdot claims it is. If it runs the offending code, as instructed to by the Outlook or Internet Explorer user, then all of that fancy hardware security added up to exactly nothing.
Check out IBM's new ThinkPad notebooks, "now with better 'security'"!
I saw an ad on TV for one of those. Kinda made me cringe. I'm curious as to what kind of TCPA stuff it's got.
actually the only big players not into this are apple and sgi..
sun, amd amongst others are actually PARTNERS in the TCPA ALLIANCE
im quitting computing and going back to robotics or something now..
"There is hopeful symbolism in the fact that flags do NOT wave in a Vacuum " --Arthur C Clarke
Im actually looking forward to TCPA and Palladium. No, really i am. It will lighten the load of my job, being a support engineer.
What im saying of course is it will have its place, on the business desktop, on the childs computer, on public accessable computers etc etc. They have already stated that there will be a option to turn it off, and to be honest all of those who say "Well yes, but what about when they remove that option?" are just scaramongering. Yes true they can remove it in the future, but will it be that easy? I dont think so, there will be too a big outcry, and there will still be large numbers of eastern computer manufacturers making PCs as we know them now.
As i said at the beginning of my post, i am looking forward to this. Especially if systems administrators will be able to control it (and i bet they will be able to), as this creates a whole new set of security barriers to wouldbe theives etc. Imagine what the outcries were like when the first user account was created on an OS which didnt have full rights to all the system. This is jsut the same.
This could be both good or bad. On the good side, it might support multiple virtual machines a la VMWare without the horrid hacks needed to make that work. On the bad side, it could mean that you can't develop code that will run on consumer machines without permission from Microsoft.
While that MAY be the case for the short-term, i'm sure once it becomes part of the average users desktop M$ will find some excuse to "lock it down" further.
With Palladium, etc. it will become possible for programs to keep especially sensitive data safe from malicious programs operating on the same machine. Now an attacker will have to not only subvert one of the programs that I have trusted, it will also have to defeat the Palladium system.
What kinds of malicious programs? Define "malicious"? More importantly, how does MICROSOFT define "malicious"? Could Openoffice.org, a presumably "unauthorized" piece of software be considered malicious if it is able to open a Microsoft Word document? Food for thought.
I don't see how this can be a bad development. At worst its neutral. At best, Palladium will allow me to do all sorts of things on my computer that I wouldn't dream of doing today because of security concerns.
Microsoft? Neutral? Neutral EVIL, maybe! :)
I'm not sure what you mean when you say you aren't able to do things on your PC that you won't be able to do with Palladium in place. I can think of MANY things that Microsoft would try to prevent you from doing with their implementation of Palladium (and not necessarily "illegal" acts such as copying and distributing movies and music.) Palladium is NOT about Freedom.
-- Jim
One component that seems to be missing in the whole Open Source realm is hardware control. I wonder if it would be viable or even possible for the Open Source community to co-develop, or at least be able to provide specifications to hardware manufacturers.
Many hardware vendors are finally waking up and embracing Open Source, e.g. (3ware, Adaptec, Intel, AMD), but it seems as if the community is always fighting with hardware. If worst came to worst, we could all boycott a particular vendor and pledge as a community to buy non DRM (Digital Restrictions Managemet) devices from a competitor in volume.
After all, DRM is NOT LAW! (Well at least not until Microsoft donates $20,000 to a couple of congressional campaigns).
Open Source should have Open Hardware!
Also, I am not worrying too much about Palladium or other "copy protection" type devices. They will be defeated just like every other type of "copy protection" that has ever been invented. In fact reverse engineering Palladium in compliance with the DMCA will probably be a sourceforge project.
If Palladium works as it is supposed to, a Palladium enabled application will be able to store data so that no other application can access it, even if the user trusts that application.
This way when I install a game, I don't have to worry that it could steal my bank account information. No program would be able to access my bank account information unless it was signed by the same company as the program that stored the information originally.
VIA is also not in the TCPA alliance. Maybe their CPUs are weak tea now, but the roadmap for the CIII architecture and beyond suggests that it can be extended and enhanced well beyond its current capabilities.
Knowledge is power. Knowledge shared is power multiplied.
Wrong. DiVX never caught on because there were alternatives available. In this world, windows is the only show in town for most people. Forget linux, it's not even in their head, so they wouldn't think about it. Their business uses windows, their websites require windows, so why not just use windows? If it's the only show in town, you don't have much of a choice.
Does Intel like losing European Union Sales? All the countire sin this union have expressed the desire to refuse to allow TCPA in their computer systems..They hate oppression by big us companeisand they hate Intel and MS..
Don't Tread on OpenSource
No,
A word processor is pretty useless without the ability to share files. Nobody is going to use a word processor that prevents this.
However, your bank will be able to store your account number on your machine such that no program not signed by your bank can access it.
Microsoft's chosen vendors (and Microsoft itself) will not be able to access this bank account number.
As far as whether or not it is proprietary, TCPA is the (theoretically) open platform, Palladium is the proprietary Microsoft thing that could possibly be made TCPA compliant but probably won't be. I don't support Microsoft's continual efforts at creating proprietary protocols, but I do support creating something like Palladium/TCPA.
Not likely, because the idea of DVDs that expire a few days after purchase was so bad that even Joe Sixpack wouldn't buy into it.
If you want to give the keys to your computer to anybody but yourself, fine. Publish your static IP address, turn off your firewalls, deinstall your anti-virals, and announce here that you've done this and I'm sure your box will be 0wn3d in a few minutes. Maybe you'll even still get to use it afterwards.
The rest of us obviously have a lot more sense and a lot less trust than you do. Are you new to the Internet? Do you actually buy products that spammers sell? Is your "herbal Viagra" working?
"Trusted Computing" is intended to protect the vendors, not the users. We are the ones that are expected to pay for these boxes. I can't think of any actual benefits which DRM-enabling will give me in actual practice.
If you want to buy it because it's k3wl n3w t3cHn0l0gy, go for it. And post about your experiences, in the post DRM climate, those of us still in the USA will need all the laughs we can get, and those of us who aren't probably deserve some chuckles at US expense as well.
Tech Public Policy stuff
History is replete with Bad Things imposed by powerful entities (be it governement, warring factions, religious institution, corporations, etc). Usualy, those entities attempt to reduce resistance to those schemes by publicising them as good, advantageous, desirable even.
Censorship is a reccuring favorite. "It would be bad to let the counter-revolutionnaries / heretics / competitors to speak against the System". Another common theme is "We have to protect the weak / children / people against harm and/or themselves".
This is, however, the first time that I see something so obviously nefarious portrayed in such a positive light!
The only raison d'tre of Palladium (and the underlying mechanisms) is to prevent people from using their tools to process the data of their choice in the manner they choose. Be it to prevent the "evil pirates" from listening to their CD on their computer, or *gasp* using such-and-such technology without the "safe" and "approved" program (how much are you willing to bet that "approved" software will always be commercial, proprietary and expensive?)
This would be horrible enough to get even the general populace to react and protest... if it wasn't described as an "enhancement". "Safer" They say (for whom?). "More reliable" (at what?).
My OS and computing environment are safe enough for the tasks I give them as it is. I don't need "help" protecting me against myself!
We need to cry, shout and yell loud enough to be heard. The CDA was nothing compared to this, because our computer remained ours, we could always choose to obey the law or not.
They are trying to take that choice away from us.
-- MG
This way when I install a game, I don't have to worry that it could steal my bank account information
But you don't need Palladium to solve this problem!! If you run Linux, you can do this by using chroot. The problem is readily solvable on todays hardware. But solving this is not what Microsoft is really interested in. If they wanted security for users they could have implemented it years ago. Like other systems.
The only thing Palladium provides is taking control away from the owner. Really! Think about it!!!
)9TSS
With Palladium, etc. it will become possible for programs to keep especially sensitive data safe from malicious programs operating on the same machine. Now an attacker will have to not only subvert one of the programs that I have trusted, it will also have to defeat the Palladium system.
Yes. This is a very good thing.
However, the problem becomes when Palladium is the de-facto standard. When you need Palladium on to run pretty much anything, including seeing grandma's last e-mail, because her system uses Palladium by default, then we have a problem.
Palladium is a bad company's wet dream. Enron's accounting books could be completely unreadable to anything except for the computer they were created on -- "Oops! It got wiped.. sorry sir.." Those pesky e-mails that pointed out exactly how MS was trying to lean on other companies? You certainly wouldn't be able to get hold of them under a Palladium system.. even the copies over at the Netscape office could be set to "expire" and auto-delete themselves after a certain amount of time.
Or here's a fun one, EULAs that automagically update themselves from headoffice with no warning whatsoever to the user. It's bad enough now when to download a *required* security update, you are forced to accept a change in licensing. If you don't download the update, you lose the ability to obtain support, but at least right now you have the choice. Palladium gives the content owners, (which in this case is the folks who presented the contract) the ability to change the content at any time. Do you really believe that every company out there will be willing to resist temptation?
Plus, when it's the defacto standard, you start losing the widgets and API's that allow new software to be built without Palladium. After all, if MS can simply discontinue support for W98, what makes you think that they can't discontinue support for non-palladium equipped systems?
"Your trying to use what API? Oh.. that was before Palladium. We deprecated that a while ago, just use our new Palladium enhanced version now. It provides better security and support. Open source developer? No problems with that. Just so long as you cough up a nickel for every person that tries to use your program, we'll be happy to set up a key for you."
Which brings us to a point where *all* software has to be licensed through a key provider - and also a point where if the key provider decides they want more money (name me a corporation that wouldn't) they simply increase the charges and/or invalidate current keys.
Of course, the answer for all this is, "Well don't use it! Use Linux or something." Unfortunately, this assumes that we'll have the choice. The first attack on that choice is coming in the form of legislation. When hardware manufacturers are mandated to have security protocols in their hardware. The second attack is the weight of network effects. As I said, when even grandma uses Palladium, when every major company from here to Timbuktu uses it for the "security advantage", you really lose any choice to not use it. Oh I suppose you could try and be like those die-hards who still make use of FIDO, but beyond hobbyists, you completely lose the ability to connect to the world. This can go even further when major routing points start to use it to increase the security of the entire internet. Prevent DDOS attacks from those nasty non-Palladium machines out there by dropping their packets at the first router. Only Palladium Approved Packets will be accepted, thank you. At that point, even the die-hards will be forced to move to Palladium (or I suppose they could ressurect FIDO).
Now, will things get this bad? I don't know, this is kind of a worst case scenario, and we all know that it often doesn't get to the worst case. Unfortunately, I really don't see anything that would stop this scenario from happening.
Finally, on a side note, if you have even a minor knowledge about proper security precautions for your computer then your banking information is likely safer being on your computer than it is being in your wallet.
Kwil
That Jesus Christ guy is getting some terrible lag... it took him 3 days to respawn! -NJ CoolBreeze
When companies invest R&D money into bigger hard drives, faster CPUs, video gizmos, and slicker GUI interfaces, we all understand the motivation -- increased sales.
From what I have heard about "LaGrande" and "Palladium", there are benefits for the "gatekeepers", but no benefit for end users. Nobody is projecting increased sales because of these lovely DRM "features". Indeed, many are wondering if people will buy this stuff at all. This would be like McDonalds working on a way to make greasier french fries, because it would help the lard industry.
So my question is this: "Who is bankrolling this operation?" If Intel/AMD/M$ are really spending their own money on this, it's a mass outbreak of corporate stupidity. Is Saddam Hussein attacking our tech industry with some kind of "dumb-down" bio-warfare weapon?
My conspiracy theory is that the "LaGrande/Palladium" boxes will be blown out at firesale prices, subsidized by someone who really wants this stuff to be deployed -- kind of like Xbox on a massive scale. The payback will have to come from the victims^h^h^h^h^h^h^h^h customers -- endless fees and hidden surcharges built into everything they do.
For protecting from malicious (or more likely buggy) programs, everything Palladium promises is there right now. But machines are contuously hacked (Linux as well as Windows). Why? Because of a thing called bugs. Palladium is not going to stop bugs. It will instead sign bugs and say they are "trusted". Big deal!
Palladium's purpose is to make sure the owner of the computer can't insert "bugs", and the user cannot fix "bugs", no matter how hard they try or want to do it.
Well, I feel good that I'm running on AMD at least. Next best thing will be when I can switch to Apple equipment.
A slip of the foot you may soon recover, but a slip of the tongue you may never get over. -Benjamin Franklin
So from that point of view, any competitive plans by MicroSoft are probably much more geared to finishing off this "competition". Getting rid of Linux is just a side effect.
Rest assurred that the old Windows machines will not read palladium-encrypted pages either.
When they added memory protection to the 386, you could write software that ran in the unprotected mode. Yes, you could write a system that would lock things up so that a branch of software was unable to switch to protected mode and unable to write outside it's own memory. But you could write that system!
The difference with Palladium is that it is explicitly designed so that nobody other than MicroSoft can write the unprotected mode part.
Come on, think a little bit before posting next time.
If Palladium works as it is supposed to... I don't have to worry that it could steal my bank account information.
I wish I had Palladium when Code Red hit because it stole my... err, umm, well when Nimda hit it stole my.... ummm... well, you know! It will protect my DRM music and my DRM movies from viruses!
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
From what I understand, all that will basically happen (besides a few hardware changes to accomodate) is that new commands will be added to the Intel CPUs to allow a portion of memory to be designated as "protected", and I assume possibly even only accessable with a public key perhaps? So, a program can allocate a hardware-locked portion of RAM.
This would not stop Linux from running. Linux would simply not utilize the feature (or, it could even be added to Linux), and run it's own memory management scheme with software as it does now.
It will not stop your MP3s from playing. They'll just play in a protected address space. Or maybe they won't depending on your player software.
This will not stop your DVD ripper from ripping. An alternate driver and ripping program designed to simply not use a feature designed to provide hardware security for applications is not a violation of the DCMA (even if the ripping of a DVD is, which is a different question).
This will stop someone from using an external program to cheat at a game (the game locks off its memory, the cheat program cannot change the data).
This will prevent someone from, say, running a malicious program which essentially "core dumps" your RAM at a specific time, maybe when opening your e-mail reader?
This will possibly stop things like Outlook viruses, as Palladium/LaGrande-aware applications are hardware-isolated into their own address/execution space and cannot interefere with other applications.
Did I miss something? Should I really believe M$ is dumb enough to make a move which will cause outcry and backlash from the most tech-savvy of users all the way down to the e-mail granny, at a time when the DOJ, along with every man, woman, and l33t-preteen on the planet is breathing down their necks in anger?
C'mon people, I hate MS too, but they where smart enough to get this far, even if they did hire Balmer...I think that's an obvious move to NOT be making, if they value their asses (assets?) at all.
Please correct me if I'm wrong, and please post links.
CAn'T CompreHend SARcaSm?
Comment removed based on user account deletion
This is the most incisive post I have seen on the issue of Palladium. This is a post for the history books!
Great job man!
people stupid enough to buy it. It won't be the Financial industry or the HealthCare industry, M$ has seen to that. The University clients seem to be wiser and discovering Linux faster than anywhere else, what market do they have to 'penetrate' beyond the average AOL user ?
errr....umm...*whooosh* *whoosh* Is this thing on ?
Africa cannot survive if paladium goes through.
Sure it can. And so can Asia and Latin America and even Europe and N. America. Linux will eventually be modified to use TCPA hardware. It will be done in an open manner and you will be able to self-sign your kernel and applications and go merrily on your way using your computer systems just like you do now.
Palladium is simply MS's API on top of TCPI hardware. It will be an inconvenience for would-be pirates of commercial content and a headache for those of us who would like to be able to back up our legally purchased music, etc.
But why, in God's name, would the UN Paladiumize its public documents? Or why would any 1st world agricultural research institute put DRM into the pamphlets that they give away free to farmers right now? Do you really think that anyone will tolerate a world where they cannot receive email simply because it doesn't have a Palladium approved DRM stamp?
Africa has hunger, disease, war, and lack of education among its many problems. Get some perspective. Palladium is not going to mean a thing (pro or con) to those who seek solutions to Africa's ills.
FreeSpeech.org
Sadly, I think you've nailed it down quite accurately. Once the camel's nose is in the tent, the rest of the camel soon follows.
Oh, and FIDO (and BBSing in general) is still alive and well, for what little that's worth to the average person. The underground railway for email of the future??
~REZ~ #43301. Who'd fake being me anyway?
Comment removed based on user account deletion
I keep seeing people claiming this, but where is the evidence ? Where is the statement from Apple that they will never support DRM ? Where is it ? What happens when MS says to them - "The next version of Office for the Mac will only run in a Palladium enabled machine" ?
In order to check whether I am allowed to obtain your public key, my machine will consult a license server, which could be run by Microsoft or a third party. If everything is OK, the license server will instruct your machine to send me your public key. The license server will check the subject of the email to make sure I am not a spammer. It sees that the title is "Microsoft sucks" and marks me as a spammer, and refuses to grant permission to get your public key.
Far fetched - of course, and I am not saying it will necessarily work like this. But the point I am making is, once you hand control of your machine to MS, you no longer have any say over what it does. MS don't *need* to even know what your keys are in order to lock you in/out.
Maybe not /. ers, but how much of your software do you buy from Walmart? Or hardware, for that matter? You might be part of the elite, but if you're outnumbered and you can't get non-DRM hardware then you're fucked.
If MS hadn't announced Palladium, do you really think Intel would be working on this? Hardware needs software. Otherwise it's useless. They are building this FOR Palladium. If you disagree, please let me know what OTHER platform it's intended for at this point.
A geek special interest group is an excellent idea. I'd like to see it happen, and I'm registered to vote. Since this would take more work than a /. post, however, I'd be interested to see how many people take you up on this. I'm in, anyway.
A trusted PC interface means that those-that-publish will be able to do so electronically without knowing that it's going to be pirated the next day.
Horseshit. This isn't what it's intended to do, and believe me, it won't do this. If I make a copy of your software using dd, I've copied the whole thing, encryption and all. Anyone who runs my dd'd copy will have perfectly functional software. Or did you think TCPA would suddenly cause all unprotected computers to disappear?
Neither do I consider a program being able to lock its own files a bad thing--since MS would be shooting themselves in the foot operatability-wise if it's impossible to tell the program to move the files to "public space."
Oh, FUCK. Are you kidding? This is Slashdot, I assume you've heard of open source. To get a program signed, you have to pay someone to use their code signing keys. Signing it yourself doesn't work, because the OS doesn't trust "your" keys. That means every piece of open-source software that wants to run on these platforms has to pay to move into public space. They won't do it.
The software I write is paid for by my organization, and I'm still running into the problem of code signing and paying to make something public. My project's task is to automate Office XP. Office XP won't run macros that aren't signed, which means I have to do one of two things: 1) pay to get a certificate to sign my code or 2) tell the user to install the self-signing certificate, ignoring the very loud warnings that blare when they attempt to do so.
It's rare that you're presented with a knob whose only two positions are Make History and Flee Your Glorious Destiny.
I'm surprised that your comment isn't modded up since it makes more sense than my comment to which you replied. ;)
Comment removed based on user account deletion
...However, there is still *a lot* to be worried about.
Consider that once the thing is there on the chipset, people (namely RIAA and friends) will want to use it. With the DMCA and other such laws already on the books, might not be to hard to *require* Linux to use LaGrande (via legislation) and limit your rights....
That has nothing to do with what intel is doing but what legislators are doing and that is a completely different story and irrelevent to what intel is implimenting.
I miss the Karma Whores.