Palladium Changes Name

thelinuxking writes "According to this CNET article, Microsoft has changed the code name of its highly controversial 'trusted' computing platform from 'Palladium' to 'next-generation secure computing base.' Microsoft claims that the name is being changed to reflect the fact that Microsoft is 'embracing this technology in terms of folding it into Windows for the next decade.' Also, an unnamed small firm has claims to the trademark of 'Palladium'. Microsoft denies that they changed the name due to the criticism 'Palladium' has recieved, and released the source code to the core part of the software to show that the software is secure and does what they claim." Notice the PR diversionary tactic: it's being criticized because it does what they claim, not because it doesn't. :)

Hello?

[dpete4552]

Why is it that a $300 billion some company isn't able to hire someone who check the with the trademark office to see if any of the crap they are using is already trade marked?

Re:Hello?

[dubious9]

So all of a sudden Microsoft would care about breaking the law? They like to do what they want. Standards shmandards. Embace, extend, bugify and license. Besides "next-generation secure computing base" sounds much less imposing than Palladium. Anything they can do to shift attention away from this is beneficial to implementing it "painlessly".

I'm surprised they didn't take away its name completely.

Anyway I don't think its because some small company is crying about the name.

Re:Hello?

[AKnightCowboy]

Why is it that a $300 billion some company isn't able to hire someone who check the with the trademark office to see if any of the crap they are using is already trade marked?

Maybe this $300 billion company figured they could strong-arm the trademark owner out of the name like they strong-arm everyone else in the industry?

Re:Hello?

Becasue if you've ever been involved in large-scale IT projects from the early days, you tend to find engineers use their own pet names for them. One sticks, get's used as a codename while the project is in development stages. This usually gets released in initial publicity documents.

On the other hand, given that Exchange 2003 is code-named Titanium, I'd wager that someone's been looking at the periodic table.

I doubt Palladium was ever going to be used as a release name, something boring like MS MyVault...

Re:Hello?

[Ty]

Because in the past they've just muscled any trademarks they wanted from their respective owners.

Ask the the people from SyNet, which was run out of business from fighting a trademark dispute with MS over their trademark on "Internet Explorer" in the mid 90s.

Re:Hello?

[Zeinfeld]

Why is it that a $300 billion some company isn't able to hire someone who check the with the trademark office to see if any of the crap they are using is already trade marked?

It was a code name, they were not using it in trade.

An international trademark search costs millions so companies use code names while they do trademark searches.

Palladium was simply one of a list of metals that they had used for secure O/S projects.

Microsoft was never going to market under the name Palladium any more than it would use Yukon or Longhorn.

Re:Hello?

Well, _if_ said "unnamed small firm" is Palladium Games, even MS has chosen the wrong group to mess with. Kevin Sembieda is not afraid of the court system.. and i'll probably get sued for writing this. :)

Re:Hello?

[Peter+Simpson]

Hah! If true, this would be the first time that Microsoft hasn't attempted to bludgeon the small company into a greasy stain on the sidewalk and walk off with the desired trademark.

I don't mind euphemisms, but they should at least be plausible. Or, maybe some Microsoft writer of press releases decided to try to sneak a bit of humor past his boss, and succeeded brilliantly!

Besides, Palladium is the recognized generic name for a chemical element. I don't believe you can trademark it.

Re:Hello?

[KoolDude]

Palladium was simply one of a list of metals that they had used for secure O/S projects.

What ? Palladium for Open Source Projects ? MS should get *real metal* swords to fight open source... palladium's too light ;)

Wow Wow.. wait... lemme explain.. tht was... just... a.. joke...ZOOOOM.... [ducks and runs away]

Re:Hello?

An international trademark search costs millions so companies use code names while they do trademark searches.

They do not cost millions. Not even close. I can have an international search run by my IP attorney for a few thousand dollars. Microsoft has them internally.

Also, at Microsoft the project "code" names are given as a working name so people working on it have something to call it. Most projects never have trade names because they are are piece or part of something else.

Re:Hello?

[Zeinfeld]

They do not cost millions. Not even close. I can have an international search run by my IP attorney for a few thousand dollars. Microsoft has them internally.

If you want to exclude all posibility of collision you do. Trademarks are complex, you can have different companies using the same trademark on different categories of product.

Microsoft probably did do a cheapie thousand dollar job, I would not expect that type of search to preclude any possibility of a claim.

I doubt the case gets too far however since Microsoft never sold anything under the Palladium brand. Attempting to trademark an element name is difficult in any case. Kind of like trying to enforce a trademark on windows...

Re:Hello?

[susano_otter]

Maybe this $300 billion company figured they could strong-arm the trademark owner out of the name like they strong-arm everyone else in the industry?

Or maybe the other company figured they could make some easy money in an out-of-court-settlement by preemptively filing a trademark on a name they knew Microsoft was using but hadn't trademarked yet. It could happen.

Won't they feel silly when they discover that "Palladium" was just a code name, and MS never had any intention of trademarking it as a brand name anyway!

Re:Hello?

[SN74S181]

Kinda like the code name 'Sagan' that Apple used, that got the hemphead astronomer into a tiff not that long ago.

Re:Hello?

[flygeek]

I believe the trademark is owned by Pinnacle Systems, for its digital video storage systems. While Pinnacle is big enough to fight back, I doubt that Microsoft would want to pick on a company that is making big inroads with MS operating systems in the video industry (most Pinnacle products run on Windows, even in the professional/broadcast space).

Re:Hello?

[The+Notorious+ASP]

Kinda like the code name 'Sagan' that Apple used, that got the hemphead astronomer into a tiff not that long ago.

Part of the tiff though was due not just to the use of his name, but because of the OTHER PowerPC code names being used, namely Cold Fusion and PDM (Piltdown Man) -- All hoaxes.

apple code name

Re:Hello?

[fiftyvolts]

What about Apple? The code name for Mac OS 10.2 was Jaguar, and the name stuck. Feel my brain womp!

Re:Hello?

[olly+the+limey]

well when it comes to trademarks and copyrights the only ones you can really look up are the registered ones (that "R" you see around sometimes) and although only the registered ones can be easily looked up, they are not the only ones that have legal sway. many others do, as long as they can show that they did it first, they're in.

- olly the limey

Re: Hello?

Why is it that a $300 billion some company isn't able to hire someone who check the with the trademark office to see if any of the crap they are using is already trade marked?

This is the same company that is unable to renew domain names or renew privacy registrations. Regardless of opinions about software, its admin definitely sucks.

Re:Hello?

Maybe it could if it wasn't somewhat large $2.5B company. My guess is that it was Cadence Design System's Palladium product they were infringing upon. http://www.cadence.com/products/palladium.html

They can change the name all they want

[jdkane]

They can run, but they can't hide from /.

Re:They can change the name all they want

.. who will "fart in their general direction" for as long as it takes.

I wonder if it was these guys...

[iiioxx]

Palladium Books, maker of fine pen-and-paper role-playing games.

Re:I wonder if it was these guys...

[skroz]

I knew it! BillG is a dee-bee! He's secretly working as an agent of Xiticex, and intends to bring down the Coalition and NGR with help from...

Oh, er, there I go cross referencing fantasy and reality again. I am not an NGR Borg... I am NOT an NGR Borg...

Palladium

[Big+Mark]

Maybe they changed it because no-one had a clue what palladium actually is...

Joe Sixpack - "Muuur, pall-ad-ium? What's that?"
Joe Fourpack - "I think it's food. I eat it."
Bill Gates - "No! That's an xbox 2, with trust built in so you can't watch VCDs, DivX, or listen to mp3s on it!"
Joe Fourpack - "Tastes like chicken."

-Mark

Re:Palladium

where the hell did Joe Fourpack come from?? was he dropped off from one of those alien space crafts called UFO that SOHO has info on??

Re:Palladium

Joe Fourpack is just a regular Joe who is short 2 from his pack.

Re:Palladium

[WaKall]

Obviously, Joe Fourpack drinks Guiness by the can.

Re:Palladium

Maybe Joe Sixpack should consider a career in nursing...he's nursing that sixpack pretty well, at least Joe Fourpack is doing something with his...

Re:Palladium

[Poeir]

Rumor has it that you can now buy Guiness by the quart. It'll just be a matter of time until someone combines Guiness with gas station technology.

Good news!

[netsharc]

Good news everybody! We have free videos and MP3s! "Secure" computing base? Why are they sabotaging themselves, now this thing has the word "security" attached to it, and you know how MS's track record with security is!

The name is a bit long?

[zonix]

next-generation secure computing base

Try saying that fast ten times in a row?

z

Re:The name is a bit long?

[Dave2+Wickham]

I just did. Was something supposed to happen? :)
It does seem a bit of an odd name... Let's rename /. to "big, green, technology news site" and the GameCube to "small black, purple, or other coloured cube to play games on".

Re:The name is a bit long?

I think they were going for something along the lines of GNU - Gnu's Not Unix...but someone forgot the vowels, or that just shows the compentency level at microsoft, take ur pick

Re:The name is a bit long?

I'd say:
All your next-generation secure computing base belong to...

If it was, like, two years ago.
But it's not.
So I didn't.

Re:The name is a bit long?

[Coke+in+a+Can]

Technically the gamecube is a rectangular prism, not a cube. Mesure one yourself.

Re:The name is a bit long?

[zonix]

Well, I couldn't - somewhere around the third iteration 'computing platform' just goes wrong for me. :-)

z

Re:The name is a bit long?

[Dave2+Wickham]

Yeah, I temporarily forgot that, for the purposes of this ;). /me glances at his GC.

Re:The name is a bit long?

[Patrick13]

Couldn't we just call it "the system formerly known as Palladium".

It worked for Prince.

Re:The name is a bit long?

[mlyle]

It's not really a rectangular prism.. it has this curved extrusion out of it to carry it by.

Re:The name is a bit long?

[nicething]

I want a T-shirt that says: "Rectangular Game-Prism"

Re:The name is a bit long?

next-generation secure computing base next-generation secure computig base next-generation secreu computigb ase nex-neration secreu computigb ase nest-neration secreu copmutigb ace estneraion cesreu opmcutigba estaion cesu otigba eion ce oba eoncea bah dammit

guess you're right.

Re:The name is a bit long?

[sheean.nl]

We are no longer the knights who say "Palladium!".. we are now the knights who say: "next-generation secure computing base."

Re:The name is a bit long?

next-generation secure computing base ...

Then, the marketing guy will come up to Bill 6 months before the release and say :
"Bill, I think the name suck. It's way to long.

Bill - Lets call it "NGSCB" Then.
Marketing - acronyms aren't good marketing-wize.
Bill - Microsoft secure computing base?
Marketing - Mmmm, not sure if putting "Microsoft" next to the word "secure" is a good idea.
Bill - "Secure computing base?"
Marketing - But what does it do?
Bill - Why didn't you say that when I came up with "windows".
Marketing - Well, we all know what's a window
Bill - Then tell me what's a window
Marketing - It's something you can see thu...that you can break easily, which is not secure for thefs
Bill - Shall we call this product "Door" then?
Marketing - Bill, have you ever came up something original in your life?
Bill - Well, fixed 8 chars file naming?
Marketing - ...and non restrictive?
Bill - "You are fired!"
Marketing - Ok, call it Door.

Re:The name is a bit long?

[darkpixel2k]

next-generation secure computing base

Try saying that fast ten times in a row?

The real challenge is to keep a straight face while saying it.

Re:The name is a bit long?

[amoe]

Technically the gamecube is a rectangular prism, not a cube. Mesure one yourself.

Technically, can any physical object be a cube?

Re:The name is a bit long?

[Coke+in+a+Can]

If you define cube loosely, as a 3-dimensional object where all 3 dimensions are the same length, yes. If you want to get even more technical, then yes, nothing can be a cube.

Re:The name is a bit long?

[/dev/trash]

ok go here: http://www.cafepress.com

Re:The name is a bit long?

[K5+User]

The GameCube mesures 15x11x14 and is purple. So I could sue Nintendo for misrepresentation(that was long)and fraud and while I'm at it why not sue them for more like harassment, abuse, making a purple cube. And the interesting thing is I will probably win. That's how great the courts are. Did it have to be purple?

Re:The name is a bit long?

[Coke+in+a+Can]

"making a purple cube"

You just stated that is ISN'T a cube.

Al, don't act as though you aren't Al. You're more transparent than Microsoft's claims regarding the monopolization of the computational (how's THAT for a big word?) industry.

Re:The name is a bit long?

You should know better than to mention the word 'base' on this site in any context. Same thing with linking to any domain from Christmas Island! Need I make the bad joke, or shall we end this now? :)

Re:The name is a bit long?

> You should know better than to mention the word
> base' [...]
> Need I make the bad joke, or shall we end this
> now?
>
Actually "All your next-generation secure computing base are belong to us!" is about as ON-topic as it can get!

Re:The name is a bit long?

[Puu]

Continuing from "Windows" they should of course call this "Gates". "Doors" has a nasty open source hippie association to it.

Re:The name is a bit long?

[roman_mir]

Sure worked well for him.

He used to be Prince. Then he was 'The artist formerly known as Prince'. Then he was 'The Artist'.

So, in case of Microsoft it was Palladium. Then 'The System formerly known as Palladium.' And then just 'The System'?

Re:The name is a bit long?

Nintendo wil then give you add materials from the launch showing it was avalable in Black and that purple/blue color. In japan you can also get Orange (spice) color, and recently in the US a metalic finish version has been released (Platnum).

Re:The name is a bit long?

[SeanAhern]

Wouldn't that be a "right rectangular parallelpiped" or "right retangular prism"? Gotta get that right angle in there. Prisms don't have to have to extrude at 90 degrees.

Re:The name is a bit long?

[Coke+in+a+Can]

I'm not sure. The knowledge bestowed by a 7th grade French Immersion math class isn't all that great.

Although wouldn't the rectangular give the correct idea? Would rectangle-based prism be better? We do this with words like "prisme a base rectangulaire" (note that the "a" should have a grave accent).

Re:The name is a bit long?

[SeanAhern]

It's not the shape of the base that I'm concerned about. It's the angle between the base and the sides. Looking at it from the side, most prisms look like this:

----
| |
| |
| |
----

But there's nothing preventing you from creating a prism that looks like this:

----
/ /
/ /
/ /
----

That's what I mean. To describe the GameCube, the base has to be at right angles to the sides. If you don't put the word "right" into the description of the solid, you are not constraining it, and the prism could very well be non-right, as in the second drawing.

The French might be "prisme droit a base rectangulaire", but I'm not positive.

Re:The name is a bit long?

[Coke+in+a+Can]

I see. Hmm. Yet another time education doesn't give the full story, as I see it.

Palladium...

Heh Palladium is the name of the movie cinema 200 meters from here.

Does this mean they will hand out copies of this "secret project" there?

Chiapas criminals in big blue cheese hats!

[Yoquimbo]

I pulled a Palladium Mors in a pack of Chronicles years ago...

Re:Chiapas criminals in big blue cheese hats!

Palladium Mors originally appeared in Legends.

.Net, Palladium

[prichardson]

Watch this,

Now Microsoft will change Windows XP to Windows NGICI (Next Generation Insecure Computing Interface) thats pronouced ni-ji-se

Re:.Net, Palladium

Why would Microsoft do that? It is understood practically all over the world by professional and novice users alike that the Windows XP OS and Interface is the best you can possibly have. To suggest otherwise immediately notifies others around you of how idiotic you are.

Don't get so upset that MSFT continues to destroy *nix, mac, and linux.

Re:.Net, Palladium

Or Next Interface for New Junk Internet Trusted System User (NINJITSU).

Yeah... it's a dumb excuse for an acronym but not nearly as dumb as International ANSWER.

Re:.Net, Palladium

[Tony-A]

Don't get so upset that MSFT continues to destroy *nix, mac, and linux.
So that's what this MSSQL worm is all about.

Re:.Net, Palladium

[MrWa]

This is funny! :-)

ni-ji-se = second generation, roughly, in Japanese, right? Oh the fun that could be had with that...

Re:.Net, Palladium

Funny....MS is changing .Net and Palladium names because no one understand what it is exactly.
But, will changing the name change something?
It's not the name that is confusing...is how they explain it.
I dunno...call it "Microsoft Lock (r)" ...I don't care...but at least try doing something that will work correctly and explain it when you know yourself what it is.

Re:.Net, Palladium

[prichardson]

Honestly I had no idea it was anything remotely japanese, thanks for the info.

Re:.Net, Palladium

Same thing as your OpenSSL worm, dipshit. Proof that even linux users don't patch. MS had had this bug patched since June last year.

Re:.Net, Palladium

[nekura]

Now Microsoft will change Windows XP to Windows NGICI (Next Generation Insecure Computing Interface) thats pronouced ni-ji-se

Oh no, the Windows ninjas are going to get us!

Re:.Net, Palladium

[Tony-A]

MS had had this bug patched since June last year.
Yeah, they did a real good job didn't they?

Re:.Net, Palladium

[Bert64]

But the OpenSSL worm didnt gain root access to the machine, and infected a comparatively of machines relative to the number which have openssl installed, remember the openssl worm only targetted x86/linux machines, openssl runs on a lot of others.. such as Solaris.

hmm

[andih8u]

I figured for sure they were gonna try calling it MSinux

Re:hmm

Naah, they'd get sued by that nasal decongestant firm...

Microsoft "embraces" another technology....

[Eric+Damron]

" Microsoft claims that the name is being changed to reflect the fact that Microsoft is 'embracing this technology in terms of folding it into Windows for the next decade.'"

Why does my stomach get a queezy feeling when I read this??

Hey, I got karma to burn...

Re:Microsoft "embraces" another technology....

Nijise? Is that Japanese? .. hmmm.. Secondary ridge, according to babble fish.

I know why...

[yivi]

Because all our next-generation secure computing base are belongs to them.

Oh Come On!

Why don't M$ just call their next OS BorgOS? They can begin at v.8.0 so it looks "cool" and up to date with certain ISP's software versions (wink) and they can move up in version # perpetually.

Confirm the Borg rumors, bring on BorgOS!

Re:Oh Come On!

[Melantha_Bacchae]

Actually, their OS for the next millennium was called "Millennium" while it was a research project in the late 1990s. But if it is any comfort to you, it was built to run on top of the "Borg JVM". These days, the Borg JVM has been replaced by .Net.

These web pages have fascinating material, including references to "trust" and "trust domains" (formerly known as Palladium), and such tell tale phrases as "only one system" (to rule them all), and the "assimilating" of machines, etc.:

Millennium Summary Paragraph
(Look under "Previous Projects" for the "Borg JVM" reference.)

Millennium Goals Page

For those who are worried that the loss of the Palladium keyword would make it difficult to explain to end users the dangers posed by such technology: Just park the parties in question in front of a TV and show them the Japanese version of "Godzilla 2000 Millennium" (with subtitles). Most people can grasp "evil alien monster taking over my computer so it can rule the world". And Godzilla's answer to embrace and extend is oh so elegant. ;)

Shinoda: "The age of Millennium."
Io: "What does that mean?"
Shinoda: "A thousand year kingdom. It wants to create a home for itself. There is one flaw in its plan: Godzilla."
"Godzilla 2000 Millennium" (Japanese version)

In Other News

[long_john_stewart_mi]

In other news, Ikea has changed its name to Good Luck Putting This Stuff Together.

(inspired by Harland Williams)

Re:In Other News

I thought the new name was "Cheap-ass particle board that falls apart in six months."

Shakespeare

[grub]

"A rose by any other name..."

Did they release a White Paper?

They should take one from IBM's play book and release a White Paper / FAQ on how Palladi....ERR...Next Generation...Sec*&^*## has nothing todo with DRM and how that is what the bad folks over at TCPA are doing ... not good old MickeySoft!

Make your time

[Waffle+Iron]

All your next-generation secure computing base are belong to key signer.

Re:Make your time

[Dirtside]

"If you can't dazzle them with brilliance, baffle them with bullshit." - W.C. Fields

since no one bought what they said with Palladium

[QEDog]

If you cannot convince them, confuse them!

Wonder how much they were asking for...

[surprise_audit]

So, any guess as to what price the current owners of the Palladium trademark have put on transferring it to Microsoft??

If it were mine, I think I'd be looking for a cool $1Bn...

Re:Wonder how much they were asking for...

Find it in here. In particular, look for serial numbers 78139180, 76247902, 75689166.

My friends work for MS!

[Mdog]

Am I the only one that is tired of seeing my friends go work in Redmond? They will agree on 9 out of 10 Anti-MS criticisms, yet they go to work there. I am so frustrated with it. *sigh*

Re:My friends work for MS!

Why, because they won't hire you?

Re:My friends work for MS!

[Mdog]

They wanted me to work there. I refused on principle.

Re:My friends work for MS!

What's the matter? Don't like money?

Re:My friends work for MS!

Seems a sensible thing to do if you want to make a difference actually...

I'm not talking about taking the beast out from the inside either, just the common sense route of if you can make a difference, then why not go and make a difference? Hopefully your friends will make MS a better company in the long run.

Re:My friends work for MS!

Ok.

How many people do you know that don't think their boss is an idiot?

So shut the fuck up. Next thing you know, you'll be saying "Friends don't let friends go to work"...

Re:My friends work for MS!

[Joe+U]

Wouldn't that make the anti-ms critics responsible for many of the problems with Microsoft? (The same problems which in turn have fueled the anti-ms critics.)

Re:My friends work for MS!

[deaddrunk]

Because principles don't pay the mortgage sadly.

Re:My friends work for MS!

[Peaker]

Bah. Unethical people should be shot. That includes you.

Re:My friends work for MS!

[Mdog]

I've often thought about how much "damage" a mole could do. Let's say I go to work for MS with the intention of putting in little bugs and/or giving confidential information to the open source community.

Re:My friends work for MS!

[di0s]

Time to meet some new friends??

Re:My friends work for MS!

If you had the choice of losing your house or working for a crook, what would you do?

Re:My friends work for MS!

They wanted me to work there. I refused on principle.

I get that every day, phone rings and it's Microsft again

"Please Mr Coward, we're begging you to come work for us"

"No Mr Gates, it's a matter of principle and HOW DID YOU GET MY NEW NUMBER?"

Re:My friends work for MS!

[lamp540]

Yeah, it feels like a knife in the back.

Re:My friends work for MS!

they may agree with the criticism of MS.

But they agree more strongly that they should be paid big money.

Re:My friends work for MS!

[GigsVT]

We will never know what percentage of the too-numerous-to-count security holes are actually caused by malice.

Even if they caught the person, they would have a very hard time proving it wasn't just ineptitude. MS code being so bloated doesn't help. Lets assume Windows is 1GB of source, which isn't unlikely, that's about 25 million lines of code.

Re:My friends work for MS!

[cellocgw]

I've often thought about how much "damage" a mole could do. Let's say I go to work for MS with the intention of putting in little bugs

How would that be different from MSoft now? Ohh, you said LITTLE bugs.

Re:My friends work for MS!

Anonymous Coward writes:
>
> Mdog writes:
> > They wanted me to work there. I refused on principle.
>
> What's the matter? Don't like money?

Tamboli, get back to your VB homework.

Re:My friends work for MS!

[Christopher+B.+Brown]

Unfortunately, that's a case of "two wrongs not making a right." In the long run, it would reflect really badly on you, as you'd be demonstrating that you're a liar, prepared to act in bad faith, and, overall, untrustworthy for any important purpose. I dislike MSFT as much as most; for someone to go in as a sort of "virtual terrorist" doesn't make them right...

Great...

[Eric+Damron]

My Palladium sucks T-shirt is now worthless and I don't think a "next-generation secure computing base sucks" T-shirt will cut it.

Re:Great...

There is a certain kind of logic to all that. Call it Palladium, wait til everyone gets irate and associates the word Palladium with something they hate then change the name. And if you can change it to a name that's utterly unmemorable all the better. Then roll it out.

Re:Great...

[Thing+1]

There is a certain kind of logic to all that. Call it Palladium, wait til everyone gets irate and associates the word Palladium with something they hate then change the name. And if you can change it to a name that's utterly unmemorable all the better. Then roll it out.

That's exactly why the easy-to-remember-and-pronounce SSSCA was changed to the consonant-heavy CBDPTA .

Re:Great...

[moncyb]

How about a T-shirt that says: Next-generation Windows Secure [against] User eXtenstions -- WinSUX! ;-)

Re:Great...

[Malcontent]

Simply get one that says "Microsoft Sucks". That way you are covered no matter how many times they change the names on their products.

Re:Great...

> There is a certain kind of logic to all that.
>
There is indeed. It's alphabetical code:
n-2=l
g+2=i
s+2=u
c-2=a
b+2=d
-------
liuad+2
= liuaf: Linux Is Unusable And Fucked!

Also, "Next-generation secure computing base - the motherboard formerly known as Palladium!" = "ngscb tmfkap". Shuffled around it spells what all people formerly known as Linux users will say when they see the mandatory Windows-splash-graphic on their next-generation hardware: "fsckng btmap!"

Call it whatever you want.

[Blackknight]

I still won't use it. I vowed that MS would never get another dime from me, and I meant it.

Don't have to deal with it at work either, we use all Linux.

Re:Call it whatever you want.

[glMatrixMode]

You are very naive for a Blacknight. Did you know that Linus is working for one of the companies behind palladium (there are frequently news on The Inquirer indicating that Transmeta is designing palladium chips) ? Did you know that an asian 'open source' community is registered as a member of the tcpa ?

The future is not bright. Most people, including among linux users, don't want to take ideological positions. The day Palladium will be necessary to connect to most of the net, they will adopt it. You can be pretty certain that some future linux kernel will have an optional palladium mode, and I bet this will be done in some 3.x version. Of course, this is madness since it will make them dependant on microsoft.

There will remain some who won't turn it on, but they won't be able to acces to the larger part of the net where all the media will be available; they won't be able to connect most peripherals and won't have access to entertainment (unless you call gnuchess entertainment); what's more, they won't have to possibility to communicate in any way (including e-mail) with the palladiumised world : so they won't be many. Only some gnu ideologists, and some LaTeX-addicted mathematicians like me.

good

[pizza_milkshake]

at least it's catchy

Marketers

[banzai75]

Ahh, and yet another name change brought to you by your local devil-worshopping marketing department.

Has KDE caught the Debian disease?

Hey buddy, "it's ready when it's ready". Oh wait a second. That's what the Debian developers are always saying and they're only, what, a YEAR behind in getting KDE3.0 and gcc3.2.

Never mind. Spam away!

Re:Has KDE caught the Debian disease?

[praedor]

Don't be so bothered about gcc3.2. It frickin BITES. If you are using XFS you are f*cked - it is incapable of compiling any kernel with XFS support. No doubt there are other things wrong with it beyond this one.

You are better off with a compiler that works. Stick with gcc-2.96. It's dependable and the same kernel that gcc3.2 choked on compiles fine with gcc2.96.

Re:Has KDE caught the Debian disease?

[0x0d0a]

Don't be so bothered about gcc3.2. It frickin BITES. If you are using XFS you are f*cked - it is incapable of compiling any kernel with XFS support. No doubt there are other things wrong with it beyond this one.

Or, rather, XFS bites because it fails to pass the stricter checking of gcc 3.2.

All a matter of perspective.

where's the source?

[slugo3]

"Microsoft denies that they changed the name due to the criticism 'Palladium' has recieved, and released the source code to the core part of the software to show that the software is secure and does what they claim."

Released the source to who? I don't remember seeing this anywhere and a little googling comes up with nothing. Seems like you would want to post it to slashdot since open source users are the ones most concerned about the ramifications of pallad... Err next generation secure computing base.

Re:where's the source?

what happen to the other product's source code, are they not secure enough?

Re:where's the source?

Bzzzt, incorrect. Some, maybe 1-5% and some protocol stuff is being held back, because those nastys can't be fixed without breaking lots. I would be happy if a panel of independant experts were given full access AND able to release impartial findings.

Because....

[IcEMaN252]

Because everybody want's a secure computing platform, right?

I mean, who wouldn't want a computer that has all its data secure, is immune to hackers, and runs only Microsoft products?

Re:Because....

Because everybody want's a secure computing platform, right?

Just like everybody wants to turn a verb into a posessive noun. There is no way to turn that into a grammatically-correct sentence.

Re:Because....

[geekee]

Actually, about 95% of the population want "a computer that has all its data secure, is immune to hackers, and runs only Microsoft products."

Re:Because....

They can probably sell it in the back part of the sex store with all those interesting accessories and peripherials.

Who wouldn't like to be punished , tortured, frustrated, controlled while doing their taxes ?
Oh yes. A lub job make it go a bit easier.

Re:Because....

Maybe it was a typo or perhaps used to imply the ignorance of the masses?

I'll complete that

[akincisor]

... still has thorns. :-))

The correct name for it

In accordance with Gnu/Stallmans naming policy, the ngscp (next generation secure computing base) must be renamed to gnu/win(64|32|16)/MSDOS~1/drm/tcpa/ngscp/xp/ie/200 0/98/95/ME/NT/BSD/Xenix/longhorn

Before we have any Knee Jerk reactions...

[manyoso]

Honestly, people ... Next-Generation-Secure-Computing-Base is not DRM. This is only a tool that will allow computer users more security over important documents. Just because Pallad...Next-Generation-Computing...can be used to build DRM does not mean that it should be lumped in with it. Save the knee jerk reactions for IBM and TCPA.

Re:Before we have any Knee Jerk reactions...

[sean23007]

Isn't that exactly what everyone said about IBM and TCPA? "It isn't DRM. It only gives you more security over your documents, and just because DRM can be built on it doesn't mean that it should be criticized with DRM. That's for Palladium..." I've heard all this before.

Re:Before we have any Knee Jerk reactions...

http://dictionary.reference.com/search?q=sarcasm

Re:Before we have any Knee Jerk reactions...

[blibbleblobble]

"This is only a tool that will allow computer users more security over important documents."

In other news, guns don't kill people.

Re:Before we have any Knee Jerk reactions...

[Billly+Gates]

No palladium is DRM. Here is an example.

The pics on the site particularly shows a document being access and permission from an agent is needed to view it. Now what is the diffinition of DRM ?

Could TCPA be used for drm? The answer is yes and no but that is what its not designed. There are no apps I am aware of that use it. Its just a soldiered on encryption chip. Its also an industry standard and highly documented.

Could palladium be used for drm? The answer is a certain yes. How do I know? Look at Bill Gates comments, the discussion of the next generations of Windows, and the link I gave above. Palladium was designed as a proprietary drm solution from the ground up to turn a pc into a cable box to applease hollywood and cut down on piracy. You have the next generation of Windows that has everything to the filesystem encrypted and even all the peripherals are encrypted. Everything is setup as a trust relationship? You have to ask yourself why is a whole trust relationship needed for simple encryption?

TCPA is an open standard while palladium is secret and in combo with the DMCA illegal for anyone but Microsoft to use! In palladium every component has an encryption chip and the nexus chip on the motherboard only views the keys from the application agents and other the peripherals. Bill Gates called these agents using the nexus chips "bouncers" back in 2000 when discussing some of microsofts research with secure computing. Bouncers?? He also mentioned during the 1990's that he wanted china to becomed hooked on Microsoft products so during the next decade he could find a way to "make them pay".

So lets summarize here:
1.)Instead of a master encryption chip, the master in palladium (nexus)deals with trust relationships between all the different keys in the peripherals. To make sure nothing is tampered with. It also only partially decrypts the data. All the other peripherals like the hard drive and video decrypt the rest. Yes even the video card is encrypted to prevent you from recording movies!

2.)Bill Gates calls the software agents that communicate with the nexus "bouncers".

3.) Microsofts own pics show documents being "trusted" to view on a pc.

4.)Micosoft mentioned that NTFS will go away and be replaced with an encrypted filesystem so palladium can take advantage of it. Yes palladium ready hard drives are already on the market! My guess is even the hard drive will be palladium ready to make sure the user can't read it.

Folks if this is not drm then I do not know what is. Hell, coding for your digital cable box might be easier then coding for your palladium machine. That is unless you use Microsoft tools only. This does assume that it can not be turned off. TCPA can but since palladium is only vaporware right now I can not say.

Please TCPA please take over before palladium. Macs are expensive and I do not want to switch. However if Windows only works with palladium then I guess its time to start the voodoo Steve Jobs worship. If you read my other comments you will notice I am pro TCPA. I just do not trust Microsoft. Microsoft wants apple out of the multimedia market for years and directX really did hurt them but they are still there. Infact directx was made according to an insider soley to hurt apple. Hollywood, content makers, and the porn industry, backing palladium might just kill it out of its core market and seal its fate.

The big consorturium of TCPA likes Linux and has no intention to find anyway possible to kill competition. I am sure they will be more lenient in regards to signers and gatekeepers.

War is Peace, Freedom is Slavery....

Security is Vulnerability

Pallas Athena should sue them...

[vinyl1]

...or maybe she could just borrow a few thunderbolts from Zeus.

Enter Ze ms-sql Worm

[prepp]

So everyone just forgot the blasted worm...
We're switching out our routers and servers as we speak to unix...
(postgresql is nice) :D

Where are you taking this from?

[pVoid]

I've heard many things being said about Palladium, but have paid almost no attention whatsoever to them as of yet... mainly because this is still vapour-ware, and whatever is being said right now is most probably zealotism, or trendism (both of which I hate).

it's being criticized because it *does* what they claim...

So what is it that Palladium does that TCP doesn't do that's so bad for you? I've heard of Palladium doing curtain memory (which at least seems like a Good Thing(tm), but definitely is not a Bad Thing (tm) -- in the worst case a Useless Thing(tm) ), I have also heard that Palladium is *not* DRM.

So what's it to you? why are you complaining? Enlighten me, oh gods of OSS.

Re:Where are you taking this from?

The ability to use the 'trusted hardware' to ensure that only 'securely signed applications' (read: blessed by Microsoft) could be in memory at the same time was one of the things I read about a while back - excellent DRM strategy as you can't even run another program to try to fish data out of the sound card buffers to 'clean' the DRM crap out of an mp3. Considering that it would be a *very* small step to go 'MSOffice will not run with an untrusted app in memory' (or anything else they feel they need to cram in as part of the OS) and they've effectively killed any software they don't approve of.

They might as well stop selling compilers.

Re:Where are you taking this from?

[Billly+Gates]

TCPA is really just an encryption card solderied onto the board. WIth TCPA you have a number generating chip, an encrytion chip, and a special bios. Its designed to enchance e-commerce and secure corporate desktops and is an open standard.

Pallidium was designed according to one of the founders to figure out how he coud control his bytes on someone elses computer! It was later found out that user security could also be enhanced so Microsoft is marketing this as a secure and trustworthy platform. Here is a diagram. Pallidium is not really a single pieace of hardware but a standard. A palladium certified system contains a master encryption/trust relationship chip called the nexus, a encrypted video card, encrypted sound card, encrypted hard drive, encrypted network card, encrypted memory, and maybe an encrypted cpu like the one in the xbox but I am not to sure on this. Anyway a palladium certified system also contains a special bios as well as an operating system that has an agent aka "bouncer" which communicates with the hardware and software. Bill Gates himself used the term bouncer. I find this term spooky.

Each component trusts each other so if an encryption key is discovered in one component the other components and the nexus will rencrypt it. The reason many slashdotters view palladium as more of a drm solution then TCPA is because of the following. Its a proprietary model.

1.)A trust relationship is not needed to encrypted a file

2.) Take everything with a grain of salt from Microsoft. Look at the drm already in the media player. If you upgrade your windowsXP pc you will no longer be able to listen to your wma's. On my Windows2k box the default version of media player uses very little cpu usage and I can record what I listen to. If I upgrade my version of media player my cpu usage goes up to %20 and I can not record what I hear! Media player versions 8 and above already encrypt the sound! Last when I select a wmv from kazaa I always get a dialog asking me if I "Would like to update my digital rights management in order to view this". Can we trust them not to abuse it? Think also about the WindowsXP product activation feature. With pallidium Microsoft can make sure you register and not re-install it by using your own computer.

3.)Microsoft has made its intention quite clear that yes, this is a drm solution for individuals who want to protect their work but what they do not mention that Microsoft is actively working with Hollywood to make sure that "there" content is protected as well.

4.)Palladium is a closed standard

5.) Bill Gates mentioned that this is the decade in which piracy will disapear in asia and he wants a way to make people pay.

6.) Microsoft makes money by selling your desktop space via the media player. Hollywood wants to use this market to promote their products but fears people will record songs and video's. In other words your windows pc is Bill's vending machine.

7.) It gives the signers god like powers to deactivate programs or files if they think your abusing their EULA's. Your own pc will be the judge and jury during every copyright dispute that pops up.

This is not on the list because it can't be confirmed but I have a feeling this will also happen. With things like encrypted video cards, it will be impossible to record a dvd. An encrypted file system with an encrypted hard dirve is also a bitch since files can be very will hidden. Another example is an encrypted sound card in a palladium compliant os, only media player will rip cd's and if it detects its copy protected will refuse to do so. That is unless other competing products are signed. Microsoft already has some nice copy protected technology for audio cd's in which its trying to get hollwood to adopt.

TCPA is just a way to secure a file or a connection. Microsofts approach is a whole tamper proof complex system where every object, file and peripheral is controlled. I am thinking it will be like a digital cable box scrambler. It sounds like a nightmare and last but not least we do not know who the gatekeeper will be? Hmmm let me guess. Microsoft.

THis could also be used to eliminate competition since its really Microsoft's technology and only they can decide who can and can not run on "their" platform. These are the words of Jack Valentini...If you can't control it, then yo do not own it...".

This above of course is just pure speculation but judging by Microsoft's behavior I think this is part of Microsoft goals. .

Its really about open vs close technology. ALso I believe hailstorm can become a reality where renting services will be the norm.

Re:Where are you taking this from?

[SiliconEntity]

A palladium certified system contains a master encryption/trust relationship chip called the nexus, a encrypted video card, encrypted sound card, encrypted hard drive, encrypted network card, encrypted memory, and maybe an encrypted cpu like the one in the xbox but I am not to sure on this.

Come on, Billy, where do you get all this? the Microsoft document you linked to explains that Palladium contains 3 hardware components and 2 software. The hardware:

• Trusted space
• Sealed storage
• Attestation

The software:

• Nexus
• Trusted agents

This doesn't say anything about encrypted video cards, encrypted sound cards, encrypted network card or hard drive. The "trusted space" is some kind of memory area, but I don't know if it is encrypted or not. And you're wrong about the "nexus", that is a software component, part of the operating system, not a "relationship chip".

Okay, you don't want to believe everything Microsoft says. Fine, I don't necessarily believe it either. But what about your facts? Where did you get them? Why should we believe your claims about what Palladium is?

Re:Where are you taking this from?

[Billly+Gates]

""Palladium" is not a separate operating system. It is based on architectural enhancements to the Windows kernel and to computer hardware, including the CPU, peripherals and chipsets, to create a new trusted execution subsystem (see Figure 1). Here after fig. 1.

Also note that pki is in the hardware layer in fig 1 where it mentions the various peripherals. I was in error with the nexus. I meant the ssc chip but the nexus is what the agents use to communicate with the ssc chip so I problably got them confused. Still works on the same concept. The trust relationship between the ssc and peripherals I got from zdnet news sources about 2 years ago as well as from other slashdotters. No longer online.

For example to establish a trust relationship between the hard drive and the ssc for example requires that each pieace of hardware have its own set of pki keys. Hard drives need to *hide* certain sectors from the user. Scsi already has this feature which IBM and Microsoft lobbied to have but ata-133 for now doesn't have it. You might of remembered all of the fuss here on slashdot 2 years ago about this. Remember that the encryption keys are stored on the hard drive. If someone cracks the ssc keys and uses them to access the encrypted filesystem then the rest of the system is compromised since the user can then read the other keys.

Thank you Microsoft

[ShatteredDream]

I think I'll buy stock in Apple and RedHat now. I'm sure your users are just going to love having to buy a new PC in order to use your next OS. I'm sure they're also going to love hearing little johnny's complaints that his MP3s and DivXs don't work anymore. Oh wait, don't forget grandpa, grandma, auntie, mom and pops. Yeah, the entire American family is now getting in on the act.

Re:since no one bought what they said with Palladi

[Vargasan]

If you can't dazzle them with brilliance, boggle them with bullshit. :)

This is just like the Hollings bill.

They just changed the name so that it would be harder to remember and search for. They could have made up a new term to refer to their new DRM, or got the rights to the name, but they have opted to use the vague "next-generation secure computing base" instead.

You can easily find stuff about Palladium. But searching for next-generation secure computing base turned up a lot of people using these keywords, and with quotes as of yet has turned up nothing.

Re:This is just like the Hollings bill.

[lamp540]

Yeah, that makes a lot of sense. They aren't marketing to consumers, they're forcing it on them. So no need to label effectively.

future is good

[jdkane]

"Looking ahead, we are working on a new hardware/software architecture for the Windows PC platform (initially code-named 'Palladium'), which will significantly enhance the integrity, privacy and data security of computer systems by eliminating many 'weak links,'" Gates wrote in the memo.

However Linux doesn't seem to require an integrated hardware/software Palladium or similar technology. MS is trying to stay in the $. I'm sure over the next Decade Linux can get an interface as integrated and user-friendly as Windows and Macs (look at OsX on FreeBSD). Then what will you choose as a computing platform? .. An integrated Windows/hardware/software secure system that you pay through the teeth for, or a less restrictive but equally friendly, cost-effect Linux desktop system? ... especially if you are deploying hundreds or thousands in a corporation. The future can be bright. MS might just force themselves into harder competition by this secure computing strategy. Here's hoping, because it's always nice to have more than one on the playing field.

Re:future is good

[ozric99]

sure over the next Decade Linux can get an interface as integrated and user-friendly as Windows and Macs.

Isn't that what people were saying 10 years ago? ;)

Re:future is good

What if you could only use the coolest new music service everyone loves by using Palladium, because the RIAA doesn't "trust" Linux? That would help keep MS in power.

Re:future is good

[Billly+Gates]

But how will you run Linux? The oems will tailor to %97 of the market. They need to be Windows NG^&*^ certified" in order to sell Windows! To be certified means being palladium complaint! They have to use palladium or they go out of bussiness. Only a monopoly can pull a scam like this off and force OEM's to do this.

Also corporate customers love Palladium because they can timebomb all their documents and secure important data and bring down support costs but eliminating virii. Enron for example would love something like this.

Macs( only linux platform left) will be avoided since they can no longer read email or word docs, or produce "protected" images for the companies "protected" websites.

This will also squeeze unix out of the server room since everything will be an encrypted .net nightmare. All the clients will need to have a trustworthy server to run their trustworthy apps. It doesn't matter if Linux is better. If it can't run on standard hardware then its useless as the cd its been cut on.

Remember that it was the corporate world that wanted a one standard monopoly. They chose Microsoft. In 10 years the doj will be all over Microsofts throat for allowing this to happen. They and the judge f*cked up bigtime and we will see the result of the ruling with this.

Re:Just look at the SQL Server bug

[manyoso]

Oh wait... Palladi...Next..Generation...blah...blah won't fix stuff like the SQL Server bug and in fact has nothing resembling what we normally think of as security. My bad.

The name has been changed because it was too sexy

[glMatrixMode]

Yes : Palladium was a 'good' name. It encouraged people to talk about it. It was a Name against which people could league them together. Now it's another dull acronym nobody is willing to talk about ...
perhaps even to think about...

believe me, this is the most 'clever' idea from microsoft since June. by the way, this technique is getting pretty common in the area. There were already the dmca, tcpa, sssca, cbtdpa....

I urge people here to find it a catchy nickname before it is too late (it will be to late when the hype about palladium will be over, which means soon). "Big Brother" is maybe not original enough... and also not enough specific (there are other related issues in america, like the tia and the tips).

Same roach, different rock

[Daniel+Phillips]

"Next-generation secure computing base", hmm, that's a little long, we should just abbreviate it to "DRM".

The fact that it was something that got a lot of attention and gave rise to a lot of misunderstanding

Yes, to be sure, people do not understand why Microsoft is telling them it's supposed to make their Windows security less buggy, when it's obviously much better suited to restricting what you can do with your own computer.

"Best Burgers"

I have always found that establishments which claim to be 'the best', or which incorporate such claims in their name, to be lacking.

"Seattle's best Coffee" is a great example. It is crap.

I am sure you have your own examples. I have found it generally wise to avoid those establishments and any products so-named.

ah, microsoft...

[DarthWiggle]

I believe this move pretty much defines "obfuscation." It's easy to oppose, single out, and criticize "Palladium." It's a lot harder to oppose, single out, and criticize "secure network of corporate jargon and words that are put in to make the name longer initiative lemur".

(If you're tempted to mod this "redundant", think about giving me some mercy points for using a nickel word like "obfuscation.") :)

Re:ah, microsoft...

Here's the easy answer. Don't stop referring to it as Palladium. If enought geeks keep calling it Palladium, the name will stick despite what Microsoft's marketing dept. wants.

Re:ah, microsoft...

[jez9999]

I don't think there's much chance of anything else happening. People will remembe the name Palladium, not whatever MS now calls it, and MS will carry on calling it what they want.

Re:Just look at the SQL Server bug

Not seen anyone answer their own troll before now.

Plus �a change,� the French say, �plus c�est la m�

"the more things change, the more they remain the same"

Scene: Microsoft Marketing

MGR1: "we have an ojectionable, intrusive, likely insecure, amoebic "engulf and devour" program here that seems to be getting a lot of BAD PRESS!"

MGR2: "BAD PRESS! A major change is required to our whole approach!"

MGR1: "Major change?!?!" ---long pause---
"Fine! we'll change ... The NAME!"
--- FADE TO BLACK ---

Not as sexy.. why not NGSCB?

But if they continue to use that term we could just refer to it as NGSCB. Its not too sexy or catchy, but after trying out with google it doesn't show up as much as the keywords in the new term Microsoft has decided to use.

Secure Computing Base: The Next Generation

[Graspee_Leemoor]

Secure Computing Base
The Next Generation

Cyberspace- the final frontier.

These are the voyages of the monopoly: Microsoft.

Its continuing mission- to seek out new life and new civilizations... ...and sell them Windows and Office.

graspee

Re:Secure Computing Base: The Next Generation

[archen]

Hmm.... in that scenario would Linux be the borg? Where there is no single point of power, only a "collective" in control.

Re:Secure Computing Base: The Next Generation

And every one that touches the Linux Borg's software gets infected with GPL. It's too bad the Borg never wins.

interesting

[gyratedotorg]

this might be a little off topic, but i find it interesting how this industry is full of companies who are able to regularly force things down their customer's throats and still generate a profit, whereas just about every other company in every other industry has to cater to its customers in order to survive.

Re:interesting

[ageOfWWIV]

It's called a monopoly!

Re:interesting

It's also how they used to sell religion.

something people didn't understand (blackbox) but
believed was important to every aspect of their lives.

Contrast that to a Toaster. If it burns your
toast, is butt ugly, or the new model comes
with an accessory that does hotdogs you know enough to say thanks, but no thanx.
or soemthing like that.

Re:Reply to this:

If you are refering to invading Iraq, you are a grade A idiot.

And like all grade A idiots on earth, the only thing that comforts me is knowing that you have to live with yourself for the rest of your life.

Is Palladium REALLY optional?

[DickBreath]

I keep hearing that TCPA is NOT the death of Free software. But how can that be?

Here's how I understand Palladium. It is implemented beginning at the hardware level. The hardware refuses to execute a boot sector that has not been digitally signed. Therefore, only "trusted" boot loaders will work.

From here, the trust is handed to the software, and the trust keeps expanding as more software is loaded. Some future version of Windows, let's call it Windows Secure User eXtensions, or for short, just Windows SUX, would be designed to cooperate with this trust model. The boot sector for WinSUX would be digally signed. So the hardware would load and execute the boot sector.

The boot sector loads an OS kernel from disk, the WinSUX kernel. Now the boot sector will not execute the kernel unless it is digally signed. So once the boot sector checks the signature, it passes control to the loaded kernel. The trust keeps expanding. Once the kernel is in control it can run only digitally signed device drivers, thus ensuring security of the hardware, and that only trusted hardware is used. WinSUX can also only run trusted applications, such as Windows Media Player, thus ensuring DRM. Untrusted applications could be run within a sandbox by WinSUX - with certain API's and raw access to the hardware being off limits. Thus only trusted DVD players, media players, etc. will run. There will be no CD audio rippers, because they, being unsigned and untrusted, won't have access to rip the raw bits from an audio CD.

Just as WinXP requires registration to use, WinSUX can do likewise. But with WinXP there are already numerous hacks to defeat the registration mechanism in WinXP. Not so with WinSUX. If you tamper with the code, you invalidate the digital signature, and the boot loader won't run the OS. Or if you didn't tamper with the kernel, then whatever trusted DLL or application you had to tamper with won't get run by the kernel because it's digital signature will now be invalid.

Being able to trust that WinSUX is trusted also allows Microsoft to ensure things that they cannot ensure today. They really could make WinSUX expire after two years and refuse to run. You could not patch WinSUX in order to continue running the OS you paid for.

So it seems like WinSUX does give security to Microsoft and to Hollywood, but not to the user. There still could be remote root exploits in WinSUX, thus allowing hackers to compromise running systems, steal credit card numbers, deface web pages, plant remote monitoring software, launch remote attacks, etc.

So far my analysis has not mentioned open source. Some would say, "If you don't like Palladium, then don't run WinSUX." But this ignores the fact that Palladium begins at the hardware. In order to run any bootloader, it must be signed.

There is no way that Microsoft is going to sign a bootloader like, say, LILO, the boot loader for Linux, unless it is trusted. Now LILO is open source, and Microsoft could say they will sign a "trusted" version of LILO. That is, if LILO is patched so that it will only execute a digally signed Kernel. So, LILO is patched, it is open source, Microsoft inspects the source, compiles it, and signs it. Now you can use the LILO boot loader and only execute signed Kernels. But all we've done is move the problem. Now I can only run signed Kernels. Maybe major distribution kernels such as SuSE, Red Hat, etc could have signed kernels. But what about Joe User who wants to compile his own kernel? What about developers who compile thirty kernels a day?

Of course, I'm sure Microsoft will find ways to make their own internal kernel developers lives easier. In fact, this becomes one way in which Microsoft can make external OS developers lives more difficult, and give their own developers an advantage.

The fact remains that the only way you're going to get a Kernel signed is if it is trusted. This means inspecting the source to make sure it doesn't have any naughty bits, and promises not to ever execute any other naughty bits. Signing kernels also becomes a new revenue stream for Microsoft.

But some would say: "But Palladium is optional, if you don't like it, just don't use it." Do you really expect me to believe that it will be optional? If it is optional, then all of its benefits completely disappear.

If Palladium were optional, then the following scenario would be possible. Put LILO into boot sector of hard drive. Boot up a specially crafted loader which loads the WinSUX kernel, patches it to bypass its security, and then start execution of the compromised WinSUX operating system. Once a compromised WinSUX can be executed, then all security bets are off. I could compromise its ability to run only signed device drivers. I could compromise its ability NOT to run an MP3 ripper. Compromise its registration mechanism, thus allowing pirated copies of WinSUX. Compromise its ability to quit running when it has reached the expiration date. It would even be possible to compromise WinSUX to allow the reading of material which Microsoft might consider "subversive", such as what you are reading right now.

Does anyone really believe Microsoft would go to so much trouble to ensure security only to turn around and make it optional? Optional means that the entire security of WinSUX and other future versions of Windows could be defeated. (Of course this is true on any non-Palladium hardware, such as a hardware emulation like Virtual PC.)

Let's continue with the analysis of getting open source programs to be "trusted". Maybe Microsoft runs a service where they will inspect another OS kernel to make sure it is trusted, and then they will sign it, so that the trusted LILO will run it. A trusted Linux kernel would have to be trusted not to execute any naughty code. Linux is trusted as long as it does two things: (1) only executes signed LKM's (Linux Kernel Modules), and (2) keeps certain API's off limits to untrusted user space programs. (You'll note that this is just how I previously described WinSUX.)

A Visual Basic programmer could write his own toy programs. But he could never write code that did anything naughty, such as play DVD's. Or he could do so only through secure COM components. System level programming would now become something that only a special "guild" could do. Ditto for device drivers.

Would Microsoft relax these restrictions? If I could run arbitrary LKM's, then all bets are off. I just write a Linux Kernel Module that holds interrupts, wipes memory clean, loads WinSUX, patches it, and then starts the compromised WinSUX running on the hardware. The LILO-Linux-LKM just becomes a means to an end of running compromised patched WinSUX code.

So in short, Palladium cannot be optional. If it were optional, then why bother at all? It guarantees nothing to the user. It only makes guarantees to Microsoft and to Hollywood. By making it optional, then these guarantees disappear.

If Palladium is not optional, then who holds the keys to sign programs? If just anyone can get any arbitrary program signed to run on the hardware, then the entire point of Palladium disappears. (I just need to get a special loader-patcher signed to compromise WinSUX. Or get some other program signed that will run my loader-patcher on the raw hardware.) If only trusted Open Source operating systems can run, then this effectively destroys open source. But Microsoft gets to play the PR game of saying that Open Source is welcome to participate in Palladium.

How can they pull this off? Just require all hardware to implement Palladium in order for it to run WinSUX. Most users will happily buy a computer with WinSUX preloaded. So the public will not understand that by allowing Palladium hardware to become widespread that they have just cemented Microsoft's control over what software that you can run on your computer.

Re:Is Palladium REALLY optional?

[Squidgee]

Here's the thing everyone is missing: Videogame Consoles (e.g. PS2, XBOX, GC) have their own version of Pallidium. They will run only "trusted" boot code , but that has not stopped Linux from running on them.

I see a future of mod_chip sellers if Pallidium/(Insert Marketing Friendly Name Here) becomes a reality. It iwll become as the Console market is now; if ya wish to run Linux, buy a mod_chip. And yes, Microsoft will have their own team made to prevent chips/shutdown sellers.

And if you don't like it, buy a Mac and chuck Yellow Dog Linux on it; or run Mac OS X.

Re:Is Palladium REALLY optional?

Um... Maybe it's just me, but I figure you can still put your own computer together, and as long as people run linux, non-palladium motherboards should be available. They should be cheaper to manufacture, after all, and Microsoft can't enforce monopolistic standards anymore. That, and this won't do anything for music piracy either. You'll still be able to download and play digital music, you just won't be able to rip it yourself. That really makes less sense than anything else, though. Currently you can use all of your .mp3 hardware legally, but after this, if you have an iPOD and a PC, the only way you can get songs onto the iPOD is to acquire them illegally. I don't really see how this helps MSFT out from a DRM standpoint.

Re:Is Palladium REALLY optional?

Dude, TCPA and Palladium will be in the fucking Intel/AMD CPU. Chipping it will not be an option.

Quit kidding yourself that crackers will save you. I've tried to explain the Palladium/TCPA nightmare to people, only to be rebuffed with "it'll be cracked"... as if that's the answer. How do you crack software when you cannot see the instruction stream (it's only decrypted inside the CPU), and cannot alter it since it would invalidate the signature and not run.

The PC is about to become a set-top box... directly under the continual observation and control of Microsoft and the content companies... and stupid assholes like you can only hope that a bunch of crackers will save you, instead of fighting to save yourself.

Re:Is Palladium REALLY optional?

[Rich0]

Here's how I understand Palladium. It is implemented beginning at the hardware level. The hardware refuses to execute a boot sector that has not been digitally signed. Therefore, only "trusted" boot loaders will work.

I don't think this is fully correct. I believe it will boot unsigned code, but this fact will be noted by the hardware, and when you try to run your favorite copy-protected game it will query the hardware and find this out - and not run (chances are the code will be encrypted using a key embedded in the hardware, so you won't be able to get it to run by patching it either - it will only be decrypted if the hardware trusts the OS you're running - and such an OS would probably block your debugger from intercepting the key).

Anyone who wants to run linux probably won't have trouble using a palladium-equiped machine. However, they won't be able to view some content online, or use software designed with next-gen copy protection. To somebody who is into pure open-source, this is a non-issue - they don't run proprietary software anyway. To somebody who wants the best of open source and proprietary software, it will be a problem. (Ie - forget running lindows - it may run some software, but it probably won't run anything copy-protected.)

If you're content to run linux and openoffice and zangband, then I wouldn't worry too much about the various trusted platforms they're talking about. But if you want to run the latest propreitary video game, you'll be stuck running windows, or perhaps a particular signed distribution of linux (where you could probably compile all the user-space programs you want, but you couldn't touch anything that runs in kernel-space).

Re:Is Palladium REALLY optional?

[NSParadox]

But it is optional. Just disable the security (hardware manufacturers have promised that you CAN disable it), and then run an unsigned kernel. You won't be able to run a secure OS, secure apps, or secure media, but you can run anything you want.

Which is why OSS isn't going to be affected at all by this, but piracy will, so this is a Good Thing for those of us who sell software or content for a living.

Re:Is Palladium REALLY optional?

[DickBreath]

I figure you can still put your own computer together, and as long as people run linux, non-palladium motherboards should be available.

Do you really think the population of Linux using people is enough to warrant different hardware?

Maybe there will be a trusted bootloader that will execute any other untrusted OS, but won't give it any trust.

Why do you think Bill Gates called it "My Computer"?

Re:Is Palladium REALLY optional?

[Xtifr]

I keep hearing that TCPA is NOT the death of Free software. But how can that be?

TCPA is not Palladium. Here's a link to some whitepapers on TCPA (posted to /. yesterday).

Here's how I understand Palladium. It is implemented beginning at the hardware level. The hardware refuses to execute a boot sector that has not been digitally signed. Therefore, only "trusted" boot loaders will work.

TCPA is more like pgp than like ssl, i.e. there are no "root certificates". The chip contains a key, and can store signatures. So, when you install a system, you sign it, and install the signature in the chip. The boot loader only has to be trusted by you.

Palladium is irrelevent because it's not going to be part of Linux (or BSD). If you install MS's OS and give them your trust, you have no one but yourself to blame.

There is no way that Microsoft is going to sign a bootloader like, say, LILO

Signatures from MS are irrelevent. What matters is that the signature stored on the chip matches the boot sector. MS doesn't have to sign it; you do. Of course, this might prevent you from dual-booting Linux and MS, since MS might make their system refuse to install unless you put their signature into the chip, but I have an easy solution to that. I just install Linux, and don't run anything from MS. :)

Re:Is Palladium REALLY optional?

[capologist]

So in short, Palladium cannot be optional. If it were optional, then why bother at all? It guarantees nothing to the user.

It can, but there would have to be some kind of interface allowing the user to talk to it directly and configure it. I.e., your RogueOS couldn't authorize itself, but the user could authorize it.

If Palladium is not optional, then who holds the keys to sign programs?

I assume that it would be certificate authorities like VeriSign.

Re:Is Palladium REALLY optional?

[Xtifr]

But it is optional. Just disable the security (hardware manufacturers have promised that you CAN disable it), and then run an unsigned kernel.

Or sign your own kernel when you install it. This already works, rampant paranoia aside. The Linux drivers are already available from IBM.

Re:Is Palladium REALLY optional?

[216pi]

why do you think microsoft could become a trusted signer. Why should microsoft be the only one that can sign bootloaders and kernels?

Why not let sourceforge.net become a trusted signer, that can sing kernels, api's and software? You didn't follow the chain in the other direction.

but maybe I simply missed the point. /* ducks and smells burning karma due to pro-pall^H^H^H^H pro-'embracing this technology in terms of folding it into Windows for the next decade.' speech.

Re:Is Palladium REALLY optional?

[jez9999]

Some of you developers don't actually realise that piracy helps you. A lot. There are many programs that wouldn't have got off the ground if they'd never been pirated. People that did pay for the software wouldn't have heard about it. People who cracked it to try it out for a while, and ended up paying for it because they liked it, wouldnt have done so. And so you people would be poorer. Honestly, some of you developers are just as pathetic as the RIAA. "Save our profits!"

Re:Is Palladium REALLY optional?

That's the worst case. Here's a better one.

You can turn "on" or "off" your trusted arch. in BIOS. You can also set what your signed key is in BIOS.

The value of a trusted arch. is that once you chose your own key, etc, you would be able to be sure that only programs you compiled yourself, and signed yourself would be able to run on your system. Thus, "maybe" avoiding various kind of virii.

The whole trust concept could be very good for servers. Even for consumers, as they could add various companies to their trust lists. Then when an evil virus got sent to them by someone they don't trust, it wouldn't be able to execute on their computer.

Maybe.

The one thing I've always wondered, is that given most everything now a days isn't written in C, it's written in VB or some scripting language, if the scripting platform is already trusted, then any code run by the script can run on the platform because the platform is trusted.

Of course, as someone earlier mentioned, trust doesn't matter that much if someone can find a security hole in a trusted app.

Just my 2c.

Re:Is Palladium REALLY optional?

[Squidgee]

A) It will be cracked.

B) This "stupid asshole" doesn't need to worry about Pallidium, because this "stupid asshole" doesn't use a stupid fucking pc. So burn with your MS Pallidium pc whilst I download my free music all I want.

It's people like you who merely bitch and don't do anything that hurt the computer's future, not people like me who promote alternatives (Macs, Transmeta, SPARC, etc).

Re:Is Palladium REALLY optional?

[dentar]

If the industry made a system board that could boot nothing but windows or "trusted" boot sectors, the outrage would be very very loud. I don't think any system board manufacturer wants to take that risk, especially with lots of corporations now using Linux and BSD in the server room and on the desktop.

Re:Is Palladium REALLY optional?

[SiliconEntity]

The hardware refuses to execute a boot sector that has not been digitally signed.

Many people have posted to explain that you are all wrong about this. The bigger question is, where did you get your misinformation? Was it perhaps from the TCPA/Palladium FAQ? That FAQ is full of misinformation! You can't trust a word in it.

Someone yesterday posted that TCPA had good uses. They were accused of spreading FUD! And yet people post all kinds of totally incorrect information about Palladium and TCPA and nobody objects. People don't seem to mind when they are lied to, as long as the people doing the lying are on the same side. But lies which promote your goals are just as bad as lies which oppose them! In the long run, lying hurts you because eventually the truth will come out.

More and more, people are learning the truth behind Palladium (excuse me, the Windows next generation secure computing platform - boy, that just rolls off the tongue, doesn't it?) and TCPA. It's not great news, but it's not nearly as bad as some of the doomsayers were claiming. Let us rededicate ourselves to dealing with reality, to getting the full facts about these technologies and not believing every net.rumor that someone is mongering.

Re:Is Palladium REALLY optional?

[Hobbex]

TCPA is more like pgp than like ssl, i.e. there are no "root certificates". The chip contains a key, and can store signatures. So, when you install a system, you sign it, and install the signature in the chip. The boot loader only has to be trusted by you.

Not quite, you should have read the documents you linked to more carefully. What TCPA does is that it hashes the boot sector, and stores that hash. It can then provide that hash, signed if need be, later. And that the TCPA chip only contains the keys you generate is in fact not true: it contains a pair of hardwired keys called the "endorsement" keys that are set by the vendor. What the DRM applications will require is the boot sector hash of "trusted" operating system, signed by an "endorsement key" from a vendor that it trusts. It can then be sure you are running an OS that will not let you control your machine.

To repeat myself, here is a paste from something I posted yesterday:

The trick is that you cannot modify the OS software, because each layer of it that is loaded verifies the next, down to the boot loader, which the TCPA chip takes the hash of. So a modified OS means a modified boot loader, and the DRM service will ask for the current boot loader hash signed by the TCPA chips "endorsement key" (which is set by the vendor.) If the hash is not one recognized as a "trusted" OS (ie, one on which the user can't have root) then no go. Nor can you open files you downloaded previously, exactly because the TCPA chip won't decrypt stuff if the boot loader hash is different (boot viruses my ass).

Of course, this might prevent you from dual-booting Linux and MS, since MS might make their system refuse to install unless you put their signature into the chip, but I have an easy solution to that. I just install Linux, and don't run anything from MS. :)

You are right that we will probably be able to simply ignore this by running Linux for the forseeable future - but we will not be able to ignore it if user hostile clients become the norm. I figure we can all live without whatever annoying overpriced services the record companies are thinking up, but what happens when M$ has the bright idea of making a "trusted" version of IE that respects a "do not display source" tag in the HTTP reply? All it would take is the simple addition of a field containing the signed boot loader hash to the HTTP request to prove that the data is going to a "trusted" browser and not "untrusted" mozilla which should be locked out (until it implements the same "feature".)

Yes, it is a good thing that those of us who understand that user hostile applications are pestilence can simply choose to turn them off - but we also need to be vocal in our opposition, because a LOT of people are being LIED TO regarding the purpose and function of these technologies in order to lead them down a path they may not have chosen had they been told the truth.

Re:Is Palladium REALLY optional?

Do you really think that Macs/Transmeta/SPARC are not part of this? If so, you are even more naive than I originally thought. You can start with Transmeta's chip... that's already going to have TCPA in it.

Re:Is Palladium REALLY optional?

[Xtifr]

The trick is that you cannot modify the OS software, because each layer of it that is loaded verifies the next, down to the boot loader, which the TCPA chip takes the hash of. So a modified OS means a modified boot loader, and the DRM service will ask for the current boot loader hash signed by the TCPA chips "endorsement key"

Which is fine until I run the DRM service under Wine, and single-step through it to find out where it does the signature check, and patch it to bypass that check completely. Now I've got an application that will run under my emulator, and I've got the data, encrypted with the TCPA chip which is under my control, so I can decrypt it, and I would seem to be happy as a clam. Or, at least, no worse off than I am with any other proprietary format that needs to be reverse-engineered, like ra or wmv or whatever.

Am I missing something?

Re:Is Palladium REALLY optional?

[spitzak]

The DRM program is going to request something from the Palladium chip. This will be a number that it needs in order to decypt itself. So single-stepping under Wine will not work, the chip will deliver the wrong number and the program will not decrypt.

I agree that Palladium is very bad. The absolute #1 purpose of Palladium is to make sure that data on the web cannot be displayed unless you are using a licesenced copy of the Windows Operating System. The #2 purpose is to make DRM easier.

I believe TCPA, not matter what the people defending it claim, is to allow Palladium to work without having a hardware design dictated by MicroSoft. Claims that it is a "really useful hardware encryption chip" ignore the fact that it has parts designed to make sure the BIOS is the correct one. That is totally unneeded for a "safe" (which could be opened or closed instead by a password typed in by the user during boot) and serves only ONE purpose: DRM.

Re:Is Palladium REALLY optional?

[moncyb]

Some people have pointed out that Palladium hardware as it is created now doesn't require you to use a Palladium OS, but how long will it be before MS requires all Palladium compliant hardware to only run Windows? They weren't convicted of antitrust violations for nothing. It probably won't be tomorrow. It may not be a year from now, but if left unchecked, it could easily happen within the next decade.

WinSUX...I like that name. use it everywhere!

Re:Is Palladium REALLY optional?

[echo]

Yes, where does it say that you'll have access to the endorsement keys in the TCPA Hardware?

Re:Is Palladium REALLY optional?

[b17bmbr]

You could not patch WinSUX in order to continue running the OS you paid for.

sorry old sport, but you haven't read the fine print. you didn't pay for the OS, you paid for the license which grants the user (singular) the right, er, privilege to use it. and it is a privilege, because rights are not granted.

Re:Is Palladium REALLY optional?

[Xtifr]

The DRM program is going to request something from the Palladium chip. This will be a number that it needs in order to decypt itself.

So, I've installed windows under bochs, so I know what the boot track is supposed to look like, and since I have control over the TCPA chip, I use it to generate the hash, and get the signature of the hash, and return that to the app running under wine, in place of the data it thinks it's getting from the chip, and the program decrypts itself, and I save the decrypted version, and go merrily on my way.

Re:Is Palladium REALLY optional?

[Xtifr]

Yes, where does it say that you'll have access to the endorsement keys in the TCPA Hardware?

I can't find that specifically, but it does say that the initialization and management functions "provide strong separation of what can be done at BIOS (boot) time, and what can be done at normal run-time, so that sensitive operations (like reading the edorsement key) can't be performed by malicious applications trying to compromise one's privacy."

The fact that reading the endorsement key is considered a "sensitive operation" strongly suggests to me that it IS AN OPERATION.

Re:Is Palladium REALLY optional?

[Xtifr]

Furthermore, if it is trying to use the OS signature as a decryption key, then it's going to fail every time the OS is patched or upgraded, so people won't upgrade their OSes, which is a development that MS will fight tooth-and-nail. Their livelihood depends on people making regular upgrades to the latest-and-greatest flavor of Windows. Not to mention the fact that they have to release service packs now and again to address issues like the vulnerability that resulted in the recent netstorm.

No, I think the scheme you describe, while it might provide poor, easily bypassed DRM in theory will fail badly in practice.

Re:Is Palladium REALLY optional?

[Villageidiot9390]

Wrong. It will not have TCPA in it. It will however support x86 extensions that allow it to generate keys and I believe securly store them. And as for Macs...Steve Jobs has said that he will NOT use TCPA, he believes that stolen software is a social problem. Can't speak for SPARC though, but then again I would doubt it.

Re:Is Palladium REALLY optional?

[Reziac]

Actually, it occurs to me that M$ and hardware vendors could collectively use this to force more simultanous hardware and OS upgrades. As it is, most people only upgrade their hardware once for every 2 to 3 times they upgrade Windows.

So, if this works to the ideal business solution for both hardware vendors and M$: If you want to upgrade your hardware, you'd be forced to upgrade Windows. If you want to upgrade Windows, you'd be forced to upgrade your hardware. Everybody wins -- except the consumer. :(

Re:Is Palladium REALLY optional?

[Planesdragon]

Signatures from MS are irrelevent. What matters is that the signature stored on the chip matches the boot sector. MS doesn't have to sign it; you do. Of course, this might prevent you from dual-booting Linux and MS, since MS might make their system refuse to install unless you put their signature into the chip, but I have an easy solution to that. I just install Linux, and don't run anything from MS. :)

Funny... IIRC, MS's settlement agreement specifically said that they have to fix their bootloader...

Re:Is Palladium REALLY optional?

[Sri+Lumpa]

"Of course, this might prevent you from dual-booting Linux and MS, since MS might make their system refuse to install unless you put their signature into the chip, but I have an easy solution to that. I just install Linux, and don't run anything from MS. :)"

How is that a solution?

The problem postulated is that you cannot dual boot Windows and Linux (or another Free Software OS) and your "easy solution" is not to dual boot, you solve the problem by nbot solving it? How is that a helpful solution for those that need or want to dual boot?

Re:Is Palladium REALLY optional?

[Hobbex]

They mean reading the public key part of the "endorsement" keypair. The reason this is considered sensitive that it serves as a unique identifier of your hardware - privacy is probably the least of our concerns if using these systems, but it is something that has mainstream attention.

The private key part of the "endorsement" key cannot be read. If you read the whole document at the IBM page the guy says quite clearly that the "endorsement" key cannot be changed, but that that would serve no purpose because it's purpose is exactly to get the vendors "endorsement" that it has not been tampered with (flatly ignoring that the only application of this is the DRM he claims TCPA was not designed for.)

Re:Is Palladium REALLY optional?

Jobs is full of shit, haven't you realised that yet? He'll be brought to heel fast enough. Oh, and BTW, Transmeta's chips most certainly will have TCPA in them... just watch.

Re:Is Palladium REALLY optional?

[Hobbex]

Now I've got an application that will run under my emulator, and I've got the data, encrypted with the TCPA chip which is under my control, so I can decrypt it, and I would seem to be happy as a clam.

Am I missing something?

Yes, that the TCPA chip is NOT under your control. That is the entire purpose of it - it will not decrypt the DRM data unless running under the same operating system where it was created, and because this operating system is "trusted" it will make sure that only the unmodified DRM app (or any that it specifically allows) can read the data.

IBM claim that their TCPA chips are not resistant to hardware tampering, so it might be possible to bring the TCPA chip under your control (the easiest way would probably be to disrupt the point at startup where the TCPA chip reads the boot loader and feed it false values). This isn't really that surprising however: NSA level tamper resistance is expensive (see how easy it has been to build mod chips for the consoles even though the makers hate them). Most probably they are counting on the DMCA: as toothless as the DMCA is against software cracks, as effective it against the distribution of hardware cracks - they figure most people will bend over obediently rather than start soldering their motherboards.

Re:Is Palladium REALLY optional?

[HiThere]

There's two separate things here. One is Palladium, and the other is the IBM chip.

The IBM chip has a certain bonus for security at the cost of a certain danger to backups.

The MS scheme offers no benefit to the end user, and isn't optional.

They are implemented using similar technologies. The IBM chip could (probably) be used as a component of Pallidium, but isn't, in and of itself, a problem, but merely a possible solution to an unusual problem. with tradeoffs.

Re:Is Palladium REALLY optional?

[NSParadox]

Er, so what products have benefited from piracy? MAYBE obscure music, where the publishers couldn't afford to effectively market an album, but that's a BIG maybe. These bands would already get great marketing from online music services if it wasn't for the fact that nobody used them (because everyone has a friggin huge MP3 collection). While many pieces of software get great advertising through piracy (crippleware CD burning software, for example), that doesn't translate to more profit for the software developer.

Damn right I'll save my profits. You're not going to do it for me by not paying me for the software you use. Since when am I not entitled to pursue MAXIMUM PROFIT from the stuff made out of my own sweat and blood?

Re:Is Palladium REALLY optional?

[Xtifr]

Yes, that the TCPA chip is NOT under your control.

Evidence? IBM just released open source Linux drivers for the chip, which would appear to place it under my control. In light of that, you make a bold claim, which, without evidence, I'm going to dismiss as paranoid ravings.

That is the entire purpose of it - it will not decrypt the DRM data unless running under the same operating system where it was created.

The white paper IBM published lists many purposes for the chip. You are welcome to claim that DRM is the original and maybe even the primary purpose, but when you claim it's the entire purpose, you are simply and clearly wrong.

it will not decrypt the DRM data unless running under the same operating system where it was created

This is the assertion I have been questioning all along. Re-asserting it does not further the discussion. How is the chip supposed to tell that I'm not subverting the system by scraping the data that it's going to use to generate the signature from elsewhere? This thing isn't magic, nor can it read my mind. I'm not interested in dogma, I'm interested in facts.

Re:Is Palladium REALLY optional?

[Xtifr]

Actually, it occurs to me that M$ and hardware vendors could collectively use this to force more simultanous hardware and OS upgrades.

That's an interesting idea. However, unless MS improves their QA and security testing, they're going to continue to need to release service packs which would seem to break this scheme.

But, it's definitely something they could try if they were determined enough, and it sounds like it might be worth keeping an eye out for. You deserve a +1 insightful mod (though at this late date in this thread, I doubt you'll get one).

Re:Is Palladium REALLY optional?

[Xtifr]

The private key part of the "endorsement" key cannot be read.

Well, that's definitely a little odd, but hardly a deal-breaker. I've been using public-key encryption on a regular basis for years now, and not once in that time have I had the slightest desire or interest in reading my own private key. As long as GPG can read it, everything works fine.

Re:Is Palladium REALLY optional?

[Reziac]

The trick would be to have SPs fool the OS/hardware into accepting the SP as part of the original -- I think it could be done, maybe by simultaneously replacing whatever key or hash is used to ID the OS/hardware in the first place. (Which leads one to believe if they could do it, so could a determined hacker, thank ghod.) After all, some viruses manage to spoof existing OSs into thinking the virus is a legit file...

Another solution might be to have the original key match to an internal OS version ID, which would stay the same for mere SP upgrades, but not for version upgrades. Likewise spoofable (there is a util available to fool biased webservers into believing Win3.1 is Win9*, so..) but would certainly defeat the average user, and corporate accounts (where the real money is) couldn't get away with doing it, or they'd lose their support contract that they've already paid for.

It sounds paranoid, but I think it behooves us to consider even the most paranoid scenarios, since if we geeks can think 'em up, you can bet some suit is already seeing dollar signs in the same direction. Whether it's practical to implement, or whether it'll fly in the marketplace, that we'll get to see in realtime.

I don't think it's all that farfetched, considering that both Tandy and Apple have had a few models of hardware that only spoke to some particular subversion of their respective OSs, merely by what was hardcoded in ROM. Not to mention how **OEM workstations tend to be relatively or entirely non-upgradeable... and I'm sure they'd love to have yet another way to enforce hardware upgrades, the more often the merrier.

**Someone just gifted me a pile of older IBM workstations, clearly designed to be "put together once, NEVER taken apart again" -- caused much swearing at the idiot who made it so the only way to get at the HD w/o damaging it is to *completely* dismangle the case!

Thanks for the mod of confidence :)

OT: I truly hate the new mod-percentages system -- makes it really hard both as poster and moderator to get a good feel for how moderators felt about a given post.

Re:Is Palladium REALLY optional?

[Reziac]

BTW, check out what Maggie Biggs (who is seldom too far off-base about such things) has to say about it in the latest issue of ComputerUser: http://www.computeruser.com/clickit/printout/artic les/5282400,2080,36,1,0101,3130963200003.html (beware the slashdot space) Seems she's having thoughts not too unlike mine, if less directly-stated.

By coincidence, tonight I find myself with mod points! :)

Re:Is Palladium REALLY optional?

[Xtifr]

Another solution might be to have the original key match to an internal OS version ID, which would stay the same for mere SP upgrades, but not for version upgrades. Likewise spoofable (there is a util available to fool biased webservers into believing Win3.1 is Win9*, so..) but would certainly defeat the average user, and corporate accounts (where the real money is) couldn't get away with doing it, or they'd lose their support contract that they've already paid for.

But if it doesn't defeat hackers, then there's no additional advantage to having the public-key chip (TCPA). The vendors can already do this without a public key chip, and it'll already lock-in the average user and the corporate accounts just as firmly, and be just as ineffective against the hackers. So I don't think this can really be called a danger of the TCPA chip.

One thing that recently occurred to me is that if the Linux drivers really do allow full control of the chip (which early indications suggest is the case), then it would be possible to build a proxy into an emulator like bochs, which would forward any requests to the actual chip (so the proper signatures would be obtained/verified), but would allow scraping all the incoming/outgoing data without any need for hardware sniffers. This would pretty much put the ability to defeat any TCPA-based DRM schemes back into the hands of even impoverished students who can't afford fancy hardware to monitor the TCPA bus.

I think it'll be interesting to see how this all plays out.

Re:Is Palladium REALLY optional?

[Xtifr]

Ms. Biggs seems to be confusing TCPA and Palladium, and her analysis flatly contradicts what the IBM white paper says. In particular, things like: "All approved software must be signed and must have an approved serial number" are features of Palladium (if anything), not TCPA, at least according to IBM.

Since IBM released open-source drivers for Linux, I'd expect that the Linux kernel folks will be able to tell soon enough what the situation is. I seriously doubt if IBM thinks they can get away with lying about the capabilities of their drivers to the folks who maintain the kernel; I find it implausible that they'd even try.

If 20 years in this biz has taught me anything, it's that the opinions of so-called "pundits" are rarely worth the time it takes to read them. I'm much more interested in the opinion of the techies who actually know something. So, if Linus, Alan and friends, after analysing the drivers, come out and say, "this is evil, avoid at all costs," then I'll start to worry. If (as I find more likely at this point) they instead say, "this is interesting and potentially useful", then I think we'll be fine.

Re:Is Palladium REALLY optional?

[DickBreath]

If the industry made a system board that could boot nothing but windows or "trusted" boot sectors, the outrage would be very very loud

Oh really? Most users will be happy to buy a PC at WorstBuy, take it home and run the preinstalled Palladium OS without ever giving a thought to the idea that the hardware might be incapable of booting anything else.

Re:Is Palladium REALLY optional?

[DickBreath]

I see a future of mod_chip sellers if Pallidium becomes a reality.

If the powers that be can own our hardware, then they can certianly make mod chips illegal.


After all, look at their other accomplishments.
Prohibition.
DMCA
Communications Decency Act
COPA
CALEA
Copyright extension

Re:Is Palladium REALLY optional?

[dentar]

Yeah, lots of people plain don't give a rat's butt about that PC with Palladium on it. However, of those of us that run other platforms, the vast majority do their homework first and don't buy those. Also, corporations usually go to their IT department for advice on what to buy, and those folks do their homework too. If they're an all Microsoft shop, who cares? If not, they'll do homework and NOT buy these fried chipsets. I hate to sound like a republican, but the market will likely drive this to make it not worth their effort.

Re:Is Palladium REALLY optional?

[DickBreath]

Another factor to consider is that lots of other countries who are jumping on the Linux bandwagon may not care for any system that would restrict their choices. They might be okay with DRM, but a box that can't boot Linux will never fly.

And at the risk of sounding like a republican, it is my opinion that the market will drive the demise of DRM as well.

next-generation secure computing base?

[pod]

Next-generation secure computing base? As opposed to the previous generations of secure computing bases?

Re:next-generation secure computing base?

[benja]

Next-generation secure computing base? As opposed to the previous generations of secure computing bases?

Unix.

Re:next-generation secure computing base?

[jafac]

what I want to know is, once they finish and ship this "next generation secure computing base" what are they going to call the next one they start working on?

all hail King IBM, the second . . .

[kraksmoka]

well, m$ started out with one goal, to beat IBM. unfortunately, they have gone one better, they have become IBM.

how much vaporware do they have floating around?

doesn't it seem that they have more expertise in changing their product names, than actually making useful software?

is it just me, or has the marketing dept. been on a rampage for three years now?

they have grown to the point where the left hand doesn't want to know what the right is doing (we know /yank what it's doing).

i think its just a matter of time before the m$ bubble bursts at this rate. they are losing sight of reality at a rapid pace these days.

well, at least by the time they release Windows .Net Smart Server Phone 2006 featuring a Hailladium Security chip, the last of the Code Red, Klez and SQL bugs will be worked out. . .

Next Decade

[Alethes]

Microsoft claims that the name is being changed to reflect the fact that Microsoft is 'embracing this technology in terms of folding it into Windows for the next decade.'

I find it simultaneously amusing and annoying that Microsoft will still be in business for the next decade, thus having that much more time to make our IT lives a living hell with even more codenamed software to trample over privacy rights and innovation in the name of protecting privacy rights and innovation.

Re:Another Idea

Or to borrow an idea from Prince, let's call it the "the fat piece of crap formerly known as Palladium."

Palladium gets a new name

[ageOfWWIV]

Yeah the change has nothing to do with the steamy warm pile of bad press Palladium has received for the last 10 months. This solely reflects Microsoft's decision to integrate, augment and "embrace" other secure technology along with Palladium.

Welcome to Echelon v3.11.
All attempts to copy this software will result in painful bursts of highly focused photon particles from the sky.

That's probably deliberate

[Andy_R]

All our efforts to get "palladium = bad" into the heads of non-techies are wasted.

"next-generation secure computing base = bad" is a more complex a message that does not make a neat soundbite

Re:That's probably deliberate

[ConceptJunkie]

Go to the fallback position:

Microsoft == bad.

Of course (at least in my opinion) Microsoft isn't all bad, but their business practices certainly are.

Re:That's probably deliberate

[timmyf2371]

A "next-generation secure computing base" doesn't sound bad to Joe Consumer - if I hadn't read on /. that it was the new buzzphrase for Palladium I might have thought it was good.

Don't mistake me for a Microsoft hater - I'm sure there are many worthy concepts and ideas in Palladium (for lack of a better title), and I can't really have many complaints about some of their applications, but due to previous experience and bad business practices, they have got themselves a bad reputation among many /,ers and techies.

Tim

How to lampoon an uncatchy name?

[melquiades]

Until now, we've had a nice and concise name for lampooning this thing, as in this lovely sig I spotted the other day:

Palladium: Just where the HELL do you think you're doing today?

But this new name just doesn't have the same ring to it. How do you make up a catchy slogan -- any slogan -- containing the inconceivably awkward phrase "next-generation secure computing base"?!

The resistance needs catchy terminology, even if the Evil Empire doesn't.

I suggest, as a start, that "next-generation" is superfluous:

Microsoft secure computing base: Just where the HELL do you think you're doing today?

Perhaps even the word "base" is as well, as long as the "Microsoft" is still in there:

Microsoft secure computing: Just where the HELL do you think you're doing today?

This presents the problem, however, that people may confuse the already-meaningful phrase "secure computing" with digital rights mangling.

One safe route, perhaps, is to insist on calling it "DRM", even as that phrase takes on an increasingly negative connotation and Microsoft attempts to disown it.

Re:How to lampoon an uncatchy name?

[moncyb]

How about the name a previous poster made up: Windows Secure User eXtensions? Shortened to WinSUX! To bring the point home write it like this: Windows Secure [against] User eXtenstions.

Re:How to lampoon an uncatchy name?

[MasonMcD]

And "where...are you doing" is going to be a scathing criticism?

Let's we doing our English good next time.

Re:How to lampoon an uncatchy name?

[flupps]

But this new name just doesn't have the same ring to it. How do you make up a catchy slogan -- any slogan -- containing the inconceivably awkward phrase "next-generation secure computing base"?!

All your next-generation-secure-computing-base are belong to us?

Meh.

[DarkHelmet]

What they're trying to do is making articles incredibly long about it, so that people will finally say, "Fuck It!" and not write any stories aboutDRM.

Microsoft Secure Medium Which Interfaces with Hardware and Makes Sure That Those Warezing Bastards Don't Pilfer MicroSoft Office and Visual Studio Or Else Bill Gates Is Not Going To Be Able To Afford His Borg Implants Anytime Soon And That Will Be a Real Bummer Because We Are Afraid of Those Linux Zealots is the newest attempt at securing the Microsoft Advantage.

After about 10 paragraphs of that, people decide to go, "I can't take it and instead write about LongHorn's database file system.

Good Strategy.

Re:Meh.

[kraksmoka]

After about 10 paragraphs of that, people decide to go, "I can't take it and instead write about LongHorn's database file system.

yes, lets all write about m$'s quixotic quest to surpass BeOS as the world's finest SQL file system. why, i'll get to the story right after I finish this m$ sql bug launches DDOS attack on the Root servers story.

here's hoping that m$ can duplicate BeOS's success.

Doomed

[miu]

From recent experience I can tell you that a project called "next-generation something or other" is doomed.

Now if they had changed the name to something like "Athena: super-dimensional fortress of security" then victory in the market would be assured.

Re:Doomed

Well, last time I checked a thing named as Next Generation lasted about seven years.

Re:Doomed

Titanic, the unsinkable ship.
Kursk, the unsinkable sub.

Bad karma.

+2???

You know what, this is just an example of how repulsive slashdot really is. I mean, it's great for news, but when people can just spout stuff with absolutely no basis, then they're full of it.

While it's true that MS's flaws have been made well public, there is no peice of software that is invulnerable to malicious use. Red Hat, Apple, Apache, and the like are releasing updates and fixes just as much as Redmond is.

Microsoft has done a number of things right; I really enjoy using MSVC++ .NET compiler I was given for free from a .NET Academic Convention in Detroit, as well as XP OS. XP is as stable of an opertaing system that you can have, while still incorporating user-functionality with the least amount of hassle.

Xbox Live! is one of the best times I've had playing online gaming in years. PC online gaming is ridden with cheaters, and many don't even think twice; Xbox live is still new, but they are taking lots of steps to prevent cheating. And I applaud that.

Re:+2???

Oh boy. Yet another MS shill. Just shaddup!

Re:+2???

Oh boy. The lying MS Super Shill! wow.

Wait a minute ...

[SuperDuG]

So they're going to market this version of windows as more secure than they're previous products. I would almost be offended that a company would admit they've been screwing me over for years, but now they think they've fix their security problem.

You know what I think? I think the net has suffered enough DDOS attacks, Worm Spreads, and Virii for the last 10 years because of OS's from MS the this next "Secure" release should be free to anyone who was made unsecure before from MS.

So I want to mail them a copy of Windows 98 and I want this new "Secure" version for free because I already paid for an operating system which was supposed to be more "stable and secure" and now what? This should be free to everyone who had to suffer data loss from the fault of MS.

Or I guess I could get an upgrade to a secure OS for free ... www.openbsd.org ...

Re:Wait a minute ...

ok so they slash the price of wind0z, but then tell you that it will expire in 2 years... problem solved while they still cash in

A suggestion for Bill Gates

[cabalamat2]

If Bill wants a more descriptive name for Palladium, may I suggest calling it:

We're Going To Shaft Every Idiot Stupid Enough To Buy This Crap And Let Us Control Them

Microsoft is speaking Newspeak !

[glMatrixMode]

This is exactly the point ! Have you ever taken some time to think about the semantics of :
"Microsoft Windows", "Microsoft Word", etc... ?
What it they had been called "Tiny Sweet Windows", "Tiny Sweet Word" ? Wouldn't you think of those names as ... ... weird ?
why has the parent got 0 ? mod it up !

shouldn't that be fivepack

We always say someone's a beer short of a sixpack

Re:since no one bought what they said with Palladi

[digitalsushi]

Harry S Truman?

names

[Rumagent]

"next-generation secure computing base" or, as it is known in-house, "Bend Over(tm)"

Rumagent

Good way to hide features

[failedlogic]

Calling it ' next-generation secure computing base' is a great way of hiding Palladium as a feature on the box of the next Windows. Say I was going to retail to pick up MS Windows' next version. On the box there is either listed in the features which would look more appeasing to consumers?

1) 'next-generation secure computing base'
2) Palladium

From the article "To address the criticism, the company has decided to release the source code of the core part of the software, known as the nub or nexus, so that others can verify it is secure and is doing only what the company has claimed."

Question: What about .NET ?

Re:Good way to hide features

The feature I look for on the Box is the
word "Microsoft".

If it is there, I just keep walking.

Re:The name has been changed because it was too se

[cabalamat2]

How about "Jackboot OS"?

In a similar vein, Intel's hardware implementation could be called "Big Brother Inside" or "Gestapo Inside" or somesuch.

Remember when...

[BitwizeGHC]

Remember when Sony referred to the PS2 as the "Next-Generation PlayStation"? Aren't you glad they changed that name to something similar?

Nice one!

[Wesley+Felter]

Yesterday you were saying Palladium and TCPA are basically the same thing, and bashing them both. With these skills, your karma will go far.

Re:Nice one!

http://dictionary.reference.com/search?q=sarcasm

oh no!!

[petsounds]

All your next-generation secure computing base belong to us!

correct me if im wrong here....

[tx_mgm]

...but other than saving the riaa, what is "next generation secure computing" going to fix security-wise? am i correct to assume that this scenario can take place?
NGSCserver: incoming request! are you a NGSC computer?
NGSCcomuter: why, yes. as a matter of fact, i am!
NGSCserver: great! what can i do for you now that i know you are a trusted platform?
NGSCcomputer: i would like to exploit one of your bugs, causing you to blow your brains out and bring you to a screeching halt.
NGSCserver: okay! youre the boss!
::crash::

Re:correct me if im wrong here....

[spitzak]

Yes! EXACTLY this scenerio can take place. MicroSoft is relying on all the morons who don't know how computers work to think that this piece of hardware is going to enhance their "security" and stop all the proglems we have today. Everybody should be told that it will do ABSOLUTELY NOTHING!!! It will have absolutely zero effect.

But it enforces stuff at the hardware level! they will claim. I will make a counter-claim: I believe Windows as it is does not have any bug that will allow a non-Administrator to turn into an Administrator. It could very well be *perfect* and you could publish papers showing how utterly impossible it is for a user program to compromise a machine running Windows. And it really is as impossible to do as if there was hardware enforcing this. However this has absolultely no effect on all the bugs that cause exploits, as those bugs lie in programs running *as* Administrator (or root for Unix).

What it does is enhance *MicroSoft's* "security". It does nothing for bugs except "sign" them and say they are "trusted".

Bruce Perens likes it !

[BESTouff]

I know for one Bruce Perens eagerly awaits for Secure Trusted Computing: that's the only way he'll be able to get back the laptop lots of people have stolen him during LinuxWorld !

All your nextgen secure computing base belong 2us?

[VValdo]

How do you make up a catchy slogan -- any slogan -- containing the inconceivably awkward phrase "next-generation secure computing base"?!

This is absolutely the point. As anyone who follows the abortion issue knows (ex-- is it "Pro-Life" or "Anti-Choice?"), much of controlling a public debate is about winning the "terminology" war. How better to obfuscate a debate by blurring the way the topic is labeled and discussed? Is anyone in the general public really going to read an article which refers to Microsoft's dull-sounding "next-generation secure computing base"? Who wants to be "anti-security" anyway?

Notice that "NGSCB" is unpronouncable and hard to wrap your head around. Where as people can rally around a fight against something called "Palladium" there is no easy "brain-handle" in NGSCB to grab onto. They've chosen a bland nothing-name.

The Federal government had a similar problem with "Carnivore" which just sounds ominous. So what did they do? They changed the name to something bland-- DCS1000...something that sounds boring and innocuous, like the model of a breadmaker.

I'm sure the Department of Justice's Total Information Awareness will be renamed shortly to some anagram with no vowels like the "next-generation secure nation base 2003LJFBF". When you see they've changed the name, remember you saw it here first.

Incidentally, Time has a good article about how the White House is trying the same kind of thing by reterming thinning of trees as "management-caused changes in vegetation". While they can't do an all-out assault on the environment...

"They are rejecting the full-frontal-assault approach that gets a lot of media attention in favor of death by a thousand strokes of the pen," contends Stoermer. The Republicans are also learning how to spin environmental issues in their direction. In a confidential document distributed to G.O.P. Governors and members of Congress just before last November's elections, Republican pollster Frank Luntz advised party members to refer to themselves as "conservationists." The document said, "The first (and most important) step to neutralizing the [Republican environmental] problem and eventually bringing people around to your point of view on environmental issues is to convince them of your 'sincerity' and 'concern.'"

It's all about baby-steps and controlling the debate through language. As far as I'm concerned, whatever Microsoft now calls PALLADIUM, we and the press should not let them get away with it.

W

I'm chaning my name...

[flogger]

the 'Incredibly Rich Flogger!' Now let's see how long this fools my credit card company.

I'm not fooled by MS's "name change."

NO!

[A+nonymous+Coward]

I don't want a key locked to my machine, because it becomes useless if I switch machines, if the old one breaks, or I simply want something better.

Why is it so hard to understand that what is wrong with private keys is that I don't have complete control over them? If it's my private key, it's mine, not something hardware generated that I can't keep or delete or copy at my whim. When it goes out of my control, it's somebody else's, not mine, and I don't want it!

PR focussed on real problem from MS perspective

[SlideGuitar]

"Notice the PR diversionary tactic: it's being criticized because it does what they claim, not because it doesn't. :)"

It is being criticized by people who care about freedom... but the people who pose a more serious barrier are European and other governments.

The PR is focussed at the SERIOUS objections... not what you or I might find uncomfortable or politically objectionable.

Do as the press did unto Prince...

[Sax+Maniac]

Don't call it <long winded mumblefrotz>, call it "The Technology Formerly Known as Palladium".

Re:Do as the press did unto Prince...

[curious.corn]

Uh, wait a minute that's wrong! Your meant: The Architecture Formerly Known As Palladium...

Re:Do as the press did unto Prince...

[DarkHelmet]

You mean like the Knights that Until Recently said Nee?

Re:Do as the press did unto Prince...

[Herkum01]

Press Release: While Microsoft has once again renamed a software package, it is still known through the slashdot community as the "Same Old Shit" or SOS to the business community.

beginning of the end?

[collapser]

Then what will you choose as a computing platform? .. An integrated Windows/hardware/software secure system that you pay through the teeth for, or a less restrictive but equally friendly, cost-effect Linux desktop system?

my thoughts exactly.

(Depending on how immediate MS would like a user-bases platform transition,) I have a feeling this could either break or make MS.

something as integral as this could seriouly undermine its share in the home computing market: free/uncostly/pirated media and applications are exactly what people buy computers for.

Everyone will know the limitations before it is launched.. the only place I can see it taking off is in the Business Sector (as a compulsory part of a software licencing agreement).

Even by then it will remain to be seen how many companies consider MS platforms to be the most cost-effective and cheap to maintain. Not many, I'll wager.

I would think it would take a lot less than a decade to arrive at a UI as user-friendly and integrated than Windows or Mac.

what is most amusing is that this might have had a chance to gain "popularity" with users if it had been brought onto the market before the maturation of mass filesharing and open-source. (not that i'm going to confuse the two)

that, and somehow convincing Apple to use the same Hardware architecture =)

Re:The name has been changed because it was too se

[glMatrixMode]

What does 'Jackboot' mean ? that sounds cool, but I have never heard it (and English is not my native language).
'Gestapo inside' is too violent, as you know.

Hey, I've just had an idea : why not picking some name involving 'Soma' or 'Our Ford' or anything else from the 'brave new world' book by Huxley ?

Change those META-tags NOW!

[jakobgrimstveit]

To all those of you who have published pages with a realistic/pessmisitic view of the Palladium security platform: Update those page's META-tags NOW include any or all of the new terminology created by the Microsoft Marketing Department (r). Or else those search-engines will fail miserably to find anything relevant when those company executives tries to find information about the-next-great-thing from Microsoft which has been told to be oh-so-secure.

In A.D. 2003...

[Joey+Patterson]

In A.D. 2003, security was beginning...

User 1: What happened?
User 2: Somebody set up us the OS!
User 1: We get Palladium. Main screen turn on.
User 2: What?!?

[computer monitor slowly reveals G.A.T.E.S]

User 1: It's you!!!
G.A.T.E.S.: How are you gentlemen? All your next-generation secure computing base are belong to us!!!
User 1: What you say?
G.A.T.E.S.: 'Palladium' trademark is on the way to destruction. They have no chance to survive make their time.

Success of Paladium creates open source hardware.

[sergeaux]

Just my 2 cents. If Palladium totally wins, than people will get encouraged to create their own hardware. Now all commercial hardware exceeds the capability of what individuals can construct because performance is the only reason to pay more. But existence of Palladium, especially enforced by law, creates demand for the untrusted hardware, even with lower performance.

It had to be said....

[djoham]

Somewhere, in a dark and smoky Redmond meeting room, an internal Microsoft slogan is born...

All your next-generation secure computing base are belong to us

Hmmm I think I'll call it...

[ksuMacGyver]

The DRM previously known as Palladium.

Re:Just look at the SQL Server bug

The guy is a complete moron. Just look how many anti-Microsoft trolls he has posted in the past 24 hours (actually, we don't know the exact number because user pages only show the past 24 posts). Its pretty telling of how much he needs to get laid.

Re:The name has been changed because it was too se

[evilmrhenry]

Catchy name, eh?

How about Palladium? Many people already know what it means, and it's (somewhat) memorable.

Just because Microsoft declares the name to have been changed, doesn't mean anyone needs to listen.

New approach to naming

Distinctive keywords are bad for MS. Try searching google for Palladium - very first result will expose all the crap hidden behind smoke. Search for generic phrases like "next generation secure computing base" will always return enough irrelevant pages to keep users confused and under control.

And it's about as catchy and...

[Nick+Driver]

...appealing as "The Ballpark in Arlington"

Bleagh.

Re:And it's about as catchy and...

[lostchicken]

Yeah. And the old name was so much better. Arlington Stadium. Whee!

Foot icon?

[TheTomcat]

Microsoft has changed the code name of its highly controversial 'trusted' computing platform from 'Palladium' to 'next-generation secure computing base.'

Someone mis-filed this under "Microsoft".. is the "It's Funny.. Laugh.." category broken?

S

Palladium, the metal

[4thAce]

Perhaps Microsoft wanted to disassociate itself from the notion that their OS had something to do with the old cold fusion controversy.

Nah.

All your computing base..

are belong to us.

2003 == 1984?

[PetWolverine]

Why does that whole comment remind me unnervingly of the government in the book 1984?

Don't you see that the whole aim of Newspeak is to narrow the range of thought? In the end we shall make thoughtcrime literally impossible, because there will be no words in which to express it. (Full text here. Quote is from chapter 5.)

As I've said before, we need to get the lizards and aliens out of office or we'll all be wishing we lived in a country as free as Iraq.

secure what?

[zozzi]

Same shit, different name !

In Other Related News Today...

[otterpop378]

Satan, the Prince of Darkness, has changed his name to "Stan, the Democratically Elected Official Overseeing Things That Really Fall Into A Grey Area... Seriously, It's Not Evil."

Re:What is the Maisy?

[The+J+Kid]

Naaaah....'course not!

I mean, next-generation secure computing base, doesn't the new name just roll of you're tong like butter?

The OS Formerly Known as Palladium

[PetWolverine]

Yes, TCPA can also be used to build DRM. No, no one should criticize TCPA for having a potential application that is undesirable, because TCPA essentially provides features that are desirable.

Yes, the OS formerly known as Palladium can be used to build DRM. Yes, it should be criticized for this.

The difference is that TCPA is not owned by MS, it's created by 200-odd different companies and, as an open standard, owned by no one. If someone builds an implementation of TCPA that makes DRM feasible, we can choose not to buy it--therefore they won't, because nobody wants to put millions of dollars into R&D on a product that's guaranteed not to sell.

Microsoft, on the other hand, will certainly build DRM into the OS formerly known as Palladium. They have no reason not to, because as history has shown time and again, people are lemmings who will follow MS anywhere, even into a system as ludicrously restrictive as DRM. Their friends in the record and movie industry, on the other hand, will love (==pay) them for embracing DRM.

Besides, the OS formerly known as Palladium is built in such a way as to make DRM very much a possibility, whereas if you've read the recent /., you know that TCPA wasn't built with DRM in mind and therefore supports it in only an ineffective way.

Re:The OS Formerly Known as Palladium

Yes, TCPA can also be used to build DRM. No, no one should criticize TCPA for having a potential application that is undesirable, because TCPA essentially provides features that are desirable.

The problem with this argument is that DRM is not a capability, but a disability. There is nothing you can do with DRM that you can't do without DRM. To say that TCPA "can be used to build DRM" means that TCPA prohibits you from doing things that would circumvent DRM. It is a cop in a chip, no matter what the apologists say. And the claim that you can turn it off is bogus too because whether the chip is on or off it will still deny you access to the hidden keys you would need to circumvent DRM.

As for all of the good things that can be done with TCPA, if someone offered you a piece of cake with a little bit of dog shit in the middle, would you eat it?

Shell Game

Just playing a shell game...change the name...change the perception

In other news:
The legal system today changed the term "rape" to "unauthorized cavity access"

Re:The name has been changed because it was too se

[RealSurreal]

http://dictionary.reference.com/search?q=jackboot

This Is The City. The City Of Redmond.

The names have been changed to protect those who are guilty as fuck and don't want to get caught red-handed (even though the government will just slap them on the wrist again, most likely).

Re:All your nextgen secure computing base belong 2

[RealSurreal]

Here in the UK they thought we'd be convinced that Sellafield wasn't the same nuclear power station which went bang when it was called Windscale. Good article here on re-branding a PR disaster away.

Re:The name has been changed because it was too se

[cabalamat2]

What does 'Jackboot' mean ?

It's a stiff, high boot, associated with the military, especially Nazi Germany.

Hey, I've just had an idea : why not picking some name involving 'Soma' or 'Our Ford' or anything else from the 'brave new world' book by Huxley ?

I suspect this would be too obscure

REAL REASON MS CHANGED NAME

[messiertom]

I got insider info from a friend at Microsoft who said the only reason it was changed was so lazy geeks couldn't point out its flaws anymore.

In Soviet Union Russia....

[Billly+Gates]

...In Soviet Union Russia your computer protects itself from YOU!

....Oh shit, wait a minute.

A more official source of these news...

[Jugalator]

If you don't wish to trust CNet words too much, it might help to throw in a more official link:

http://www.microsoft.com/presspass/features/2002/j ul02/0724palladiumwp.asp

This is an old press release, but read the "Editor's Update".

I Thought Sega had that name all wrapped up...

[spammeister]

Since they started doing the arcades-in-a-theatre in Canada say some odd 6+ years back? Being mostly American read, i figured that this was an "Canada-only" thing, and should be brought to the attention of the uninitiated south of 49 :)

The "old" name of the Corel Center....

[spammeister]

Was Palladium, before Corel wasted (what, never!) money on getting it changed. The Corel Center is located in Ottawa (Kanata to be more precise) and is the home of the NHL LEAGUE LEADING OTTAWA SENATORS! meh!

Another quasi-generic trademark

[cenonce]

Gee, and I just thought they want another quasi-generic trademark like "Windows"!
-A

no, it's being criticized because

[sirshannon]

of what people have imagined it would do and what people have lied about it doing and what people have guessed that it might one day be able to do. People have been doing the same sort of thing Chicken Little was known for: running around screaming "the sky is falling! the sky is falling!".

And it's NOT just healthy skepticism either, I mean, when was the last time you heard some one raising hell about the fact that police officers have guns? Imagine what they could do with those guns! And they HAVE done things with those guns. And they COULD do things to you with them.

Actually the opposite...

[commodoresloat]

They changed the name because people who care about such things do know what Palladium is. MS is likely betting that Joe Sixpack is less likely to be interested in finding out the threats "next-generation secure computing base" poses to his privacy and ability to use technology. Whereas "Palladium" is something much easier to pay attention to. Seems like the semantic equivalent of security through obscurity.

In other news, does anyone else think it interesting that they are releasing the source code to part of Palladium? Cnet was a little thin on details about that though.

Weird name for common people.

[Thanatiel]

What's that for a name ? next-generation secure computing base ???
Why not "XBox Pro" as many expected ? ;)

one ring to rule them all

[glMatrixMode]

ah ok then... jackboot is rather good because 'boot' has a meaning for computers...
what about something around tolkien/wagner's ring ?

that reminds me of the old joke identifying the windows cdrom with the one ring... here it goes:

-Put it in the cdrom drive !
-W-what? in the cdrom drive ?
-Yes, says gandalf; and after a moment he carefully presses the EJECT button.
-Your hand ! See? It's quite cool ! can you see anything?
-N-no... wait... yes... there are writings... 'All rights reserved. By installing windows longhorn on any device you implicitly agree with the DRM User Licence.' I can't understand this language...
-None of you can... the letters are english, but the tongue is that of redmond, which I shall not utter here. it says ...

I think 'the one ring' could be rather appropriate for palladium... what's your opinion ?

Re:one ring to rule them all

[cabalamat2]

I think 'the one ring' could be rather appropriate for palladium... what's your opinion ?

Yeah, it's a similar idea: the One Ring was essentially a backdoor into the other Rings of Power, and MS Windows contains backdoors so Microsoft and control people using it.

Also, Gates is, like Sauron, evil.

5h4k35p34r3

[Bisifiniti]

A rose by any other name... ...still checks your harddrive for mp3s.

psst: OS X doesn't run on FreeBSD, not at all.

just thought you might want to know what you're talking about before you run off prognosticating.

Re:psst: OS X doesn't run on FreeBSD, not at all.

[jdkane]

You rained on my parade. Boo-hoo.

The stability of Mac OS X begins with Darwin, an Open Source, UNIX-based foundation. Darwin is a complete BSD UNIX implementation, derived from the original 4.4BSD-Lite2 Open Source distribution. Darwin uses a monolithic kernel based on FreeBSD 4.4 and the OSF/mk Mach 3, combining BSD's POSIX support with the fine-grained multithreading and real-time performance of Mach. Darwin also provides a complete shell environment featuring popular UNIX scripting languages such as tcsh, bash and perl; utilities including ls, grep and top; editors like sed, vi and emacs; as well as services such as ftp, apache and ssh.
http://www.apple.com/macosx/technologies/darwin.ht ml

As far as I'm concerned, my original post (let the karma speak for itself) was close enough for example purposes. I could have been anal and put all these details in the original post, but for the purposes of this discussion it's good enough as is. Hey, if it were another era, another time, maybe for a real essay or posterity purposes then this all would be warranted. Are you a teacher by chance? ;-)

You should try some prognosticating of your own. Continue to be Anonymous Coward if you don't trust your own opinions. It's tough to be an over-critical person and to come out from under the wraps of anonymity. But the good thing is everybody else got the gist of it. Too bad you're so smart -- it must be tough.

How many times?

[Solikawa]

How many times will they change this name?

Re:Palladium - its a GAME!

The Palladium Fantasy RPG®... http://www.palladiumbooks.com
And therefore and insomuch, claiming "Palladium" for a sucking TCPA-Addendum is really um, sucking.
I am glad they changed it to an "Acronym formerly known as Palladium":)

trademarks

[Tibe]

common star-trek go claim trademark of next-generation then they have nothing to stand on

sig. /. what not

Why it was the shoes of course!

[Hein_or_Henk]

See their website: http://www.palladium.fr

Spelling...

[usr122122121]

due to the criticism 'Palladium' has recieved

Remember, it's I before E except after C... and sometimes in proper nouns... and other situations. awww, fuck it.

How about calling it "Butt-head Astronomer?"

Oh wait, that's already been used, hasn't it?

Next Generation Bull Shit....

[3seas]

Now that's being honest "NGBS"

Is it just me of is everyone else getting tired of "Next Generation....."

It worked for Star Trek but after that.... Everyone was copying..... And AGAIN MS is late... Even later in real security... Maybe security has something to do with honesty at the base???

Windows Secure User eXtensions

[moncyb]

Microsofts own pics show documents being "trusted" to view on a pc.

That can be circumvented by an every day, run of the mill, film based camera. Doesn't Gates watch spy movies?

4) ... My guess is even the hard drive will be palladium ready to make sure the user can't read it.

I'm not sure you got it with this one, and I think it should be clarified for those who don't: this will work fine with any normal hard drive because all the data stored on it will be encrypted--no one will be able to recover that encrypted information (except maybe Microsoft-- perhaps not even then) no matter what they do (unless they steal the hidden keys on the motherboard somehow). I see no reason where they will need to create a special Windows Secure User eXtensions drive.

This will also cause problems for data recovery. Imagine you have some important files on the drive and the head crashes. A professional may be able to restore most of the encrypted information on the drive, but how are they supposed to decode it?

Hell, coding for your digital cable box might be easier then coding for your palladium machine.

Maybe, maybe not. Microsoft is so careless, I wouldn't be surprised if someone stole their certified keys and posted them on the internet. Remember the stories about Microsoft getting hacked, and the stories about some guys who cracked MS's signature keys. I serously doubt MS will keep the people from doing the same things they are today-- creating worms and viri, copying music / movies w/o perm from copyright holder, stealing credit card / bank account info, etc...

Security my ass. WinSUX!

Re:Windows Secure User eXtensions

WinSUX!

LOLOLOLOLOLOLOLLOLOLOLOLOLOLOLOLOL!!!!!!!!!!!11! 1

YUO TRUELIE SI TEH FUNNEY MAN!!!!!!!!!!111111

Can you people make up your fucking mind?

[ChicagoDave]

First you complain that Windows isn't secure. Now you're complaining that they're going to make it too secure.

What the hell?

You people are nuts. I don't get these complaints or arguments at all. It's like the advent of the lock and key. I wonder if the general population rioted because people would actually put a lock on their doors and keep the key to themselves?!!! Oh the horror!

I can't wait to hear the complaints when Windows is the most secure operating system on the planet.

You guys will have even more time on your hands then.

why don't they just...

[leabre]

MS likes to use simple names for all their products... Word, Money, SQL Server, Windows, Echange...

Why not rename Palladium to...

MS Vault(tm)...

Paladium...DCM... F* Bill Gates Just get an Apple

All this technology Microsoft is builing into their software will eventually lead to their own demise. Apple and various Linux distributors offer superior OS's for less money. If the hardware is integrated in this monopolistic scam, go out and buy yourself a nice multiprocessor Apple computer. Problem solved.

Re:Just look at the SQL Server bug

The recent SQL outbreak was caused by lazy admins not patching their boxes. Pallidium will give them a greater sense of security without providing any significant protection. Rember this software will be written by M$, the undisputed heavy weight champion of the remote exploit. Pallidium is all about controlling what YOU can/can't do with YOUR box not prtecting it from hackers.

It takes the heat off of it.

you know the phrase "if you can't handle the heat, get outta the kitchen ..." well, how many of you are going to remember the name .. "next-generation secure ....." shit, I've forgotten allready!

'next-generation secure computing base.'

[Green+Light]

That is just so dang funny. I can't stop laughing
HAHAHAHAHAHAHA!

"Our current generation of secure computing sucks, let's have a next-gen."

They must have a special marketing department that thinks up these names. Just like their web server's name is "Internet Information Server", or whatever IIS stands for. "Nothing short or simple, let's go for long, hard to say, and meaningless."

Re:Just look at the SQL Server bug

[Billly+Gates]

...or worse leaving the bugs open on purpose and then complain that only a hardware based solution would be the salvation towards the problems.

Did you read the news?

Did you read the interview with tha AMI guy a while back?
Did you read the news lately?
You're talking about TCPA, thats what Transmeta is working on - go read the whitepapers. Anyone can use TCPA, it's little more than a DSP for crypting.
IBM is gonna release open source TCPA drivers for Linux soon, and you don't need to register or get your software signed to make it work with TCPA - it is an option, not a necessity.

Palladium or whatever it'll be called is something different and does not necessarily depend on TCPA, but it may use it.

Re:Did you read the news?

[glMatrixMode]

i think _you_ are not understanding what you're talking about.
The TCPA is an 'alliance' of industrials promoting 'trusted computing' initiatives like Palladium. So a statement like
Palladium or whatever it'll be called is something different and does not necessarily depend on TCPA, but it may use it.
is meaningless. You don't 'use' the TCPA, it's not a technology.

Windows 2000 site goes over two years without a re

Windows 2000 site goes over two years without a reboot
This month is the first time that a Windows 2000 site has appeared in the 50 top sites which have the longest period of time since last reboot. www.byteandswitch.com has been running continuously since November 2000. When we first started graphing web servers uptime in the summer of 2000, many people were skeptical that a Windows machine would ever make the top 50. Perceptions change, and although two years is exceptional, several Windows 2000 sites have run for more than a year without a reboot. In the hosting industry, Microsoft partners Interliant and Divine each have sites that have not been rebooted in over a year, while Microsoft has also run several of its own sites for over a year between reboots.

-- ten bucks says that these systems are not patched --

Re:First Toddler Vomit Post!

Thanks for your insightful commentary. I see a promising trolling future for you. With that username, nothing could really go wrong! I'm still giggling like a teenage girl (with hot grits in between her labia minora).

For future reference: it's spelt "vomiting".

YUO = TEH FUNNEY

YUO = TEH WINNAR!!!!!!!!111!

FAGOT

Lameness filter encountered. Post aborted!
Reason: Don't use so many caps. It's like YELLING.

Re:Great...
Re:Great... (Score:1)
by moncyb (456490) Alter Relationship on 2003.01.26 2:43 (#5159579)

How about a T-shirt that says: Next-generation Windows Secure [against] User eXtenstions -- WinSUX! ;-)
[ Reply to This ]

Post Comment

Re:YUO = TEH FUNNEY

[moncyb]

Holy shit! Who's bot puked this up? Judging from the poor cut and paste job, I'd say either an AOLbot or a Billy Gates Bot.

YUO = TEH FUNNEY!!!!

LOOKY HE SI TEH FUNNEY AGANI!!!111! LOLOLOLOLO!!11!

Lameness filter encountered. Post aborted!
Reason: Don't use so many caps. It's like YELLING.

Or as we like to put it...

[Reziac]

If you can't dazzle them with brilliance, baffle them with bullshit!

The new windows nickname

That is "next-generation secure computing base".
Yes there will be "Windows next-generation secure computing base" and
"Office next-generation secure computing base". Obviously people will
want something shorter - I suggest we give it to them.

The problem with windows Next-Gen is paramount would never tolerate that
use of their name, and as they are quite good at defending their rights
that option is out.

Ok how about Windows secure - the challenge there is to find people who
can say that with a straight face.

Windows computing - egads that's too bland even for Bill's taste.

So we are left with Windows Base. Tolerable and usable. Now as Windows
Millennium became Windows ME, and Windows Experience became Windows XP.

I have no doubt that Windows Base should become Windows BS.

Feel free to pass this on - please do.

Intel has been looking at the periodic table

[yerricde]

I'd wager that someone's been looking at the periodic table.

Intel's doing the same thing. The "Pentium" mark is the systematic name of boron, standing for atomic number 5. "Xeon" and "Itanium" are "xenon" and "titanium" minus a letter each. "Celeron" is a made-up name designed to fit into the scheme.

Somebody finally clued in Saddam...

that 'Palladium' was not actually a fissionable material with which he could achieve world domination.

Unfortunately, the original English quote which caused all the confusion, "Some have speculated that Bill Gates' Microsoft Corporation may even achieve world domination through the commercial acceptance of the new MS Palladium product", was tragically mistranslated into Farsi as literally "Many expect Bill Gates to sell Palladium to help UN sanctioned tin pot dictators of middle eastern countries who attack their neighbors to achieve world domination."

Darn those English - Farsi translator applications.

Now with the $2,500,000,000 pre-release order placed by the Government of Iraq apparently lost, Microsoft can now safely move on to a far catchier name for their new product like the one put forth herein.

Sig - Involvement in computing on an ongoing basis will likely lead to madness.

Itanium - Apallium

[mattr]

Yep, that crypto-pseudoscientific trademarkese always works great on the customerdroids, except THIS ONCE! Muwahahahahahahahahah!

Consider the transition metals in this neat periodic chart (the map seems to be the territory!):

A. "Transition Metals" is a cool-sounding idea for a product naming strategy. And, the actual elements are conductors of heat and electricity (sounds good and electronic) and many are seen as valuable by the general public (gold, etc.)

B. Titanium -> Itanium. It's been taken.

C. Iridum? Taken, went down in flames (darn!)

D. Zirconium, sounds cheap. Nix.

E. Chromium? Well M$ has already taken it, but thought it sounded cooler as "Chrome".

D. Palladium -> Apallium! Sounds apalling! Can't use it.

E. There are already companies using palladium.com, vanadium.com, technetium.com (tucows got it, good show!), niobium.com's gone, someone called Dragon Information has yttrium.com. Aaand Tungsten's been used recently.

Some icky company with tons of popups stole selenium.com and .net!

Okay, you get the drift. What's left? Some of the names have been taken, or sound too prosaic or downright scandalous (Scandium, though naming after Scandanavia is neat). Some are doomed due to prevaling western opinion; Osmium sounds like Osamaium, Hassium sounds (just a little) like Husseinium.

Obviously high-paid marketgeeks feel they've struck oil with ..the periodic chart! Maybe now's a good time to strike a blow for freedom. Anyone want to register remaining ones, I also recommend the Noble Gases because they're.. um, Nobel! I mean Noble! But you can forget Xenon (Intel got that too). Anyone feel like researching good candidates make your posts count!

I've asked for a quote on seaborgium.com. But may I recommend bromium?

On that theme

[HiThere]

One, by me

Three OS for the hacker kings,
coding through the day,
Seven for the CEOs
in their halls of stone,
Nine for consumers,
doomed to pay,
One from the Gates lord,
claimed to be his own.

One OS to rule them all,
One OS to find them,
One OS to bring them all
And in the darkness bind them,
In the land of Redmond,
Where the lawyers lie.

The way you say

[Loosewire]

They changed the name beacuse palladium is too easy say, this next genration bollocks is so its more difficult to say , so its discussed less and allowed to quitelt grow

All your next-generation secure computing base...

[freeBill]

...are belong to us.

Think about it. What is a "computing base"? I'm not sure these guys even know what they mean when they talk about Palladium, so what does it matter what they call it. Probably vapor, until they think of a DRM strategy.

The next-generation-secure-computing-base memo/PR bulletin mentions a "nexus and nexus agents." Does anyone know what this means? Do they?

BTW, the pedantic grammarian in me wants to point out that the hyphen in "next-generation secure computing base" is superfluous. "Next" is an adjective and knows perfectly well what it's supposed to modify without being told.

nice try.

[twitter]

All our efforts to get "palladium = bad" into the heads of non-techies are wasted

No, it worked. People understand that M$ is neither "trusted" or "secure". They can change the name of their system all they want, people understand the concepts ammount to Digital Rights Denial. They know what to look for, regardless of name.

When you have a file on your computer that you can't copy or delete, but someone else can, someone else owns and controls your computer. Call it what you want, people know that not controling their work is bad.

good point.

[twitter]

Both you and Microsoft must report to the copyright spank office for violating Star Trek IP.

To boldly split infinitives, the trade marked Star Trek error.