Slashdot Mirror

← Back to Stories (view on slashdot.org)

Palladium Changes Name

Posted by ryuzaki0 on from the see-also-carnivore dept.

thelinuxking writes "According to this CNET article, Microsoft has changed the code name of its highly controversial 'trusted' computing platform from 'Palladium' to 'next-generation secure computing base.' Microsoft claims that the name is being changed to reflect the fact that Microsoft is 'embracing this technology in terms of folding it into Windows for the next decade.' Also, an unnamed small firm has claims to the trademark of 'Palladium'. Microsoft denies that they changed the name due to the criticism 'Palladium' has recieved, and released the source code to the core part of the software to show that the software is secure and does what they claim." Notice the PR diversionary tactic: it's being criticized because it does what they claim, not because it doesn't. :)

2 of 348 comments (clear)

  1. Re:Hello? by Zeinfeld · · Score: 4, Informative
    Why is it that a $300 billion some company isn't able to hire someone who check the with the trademark office to see if any of the crap they are using is already trade marked?

    It was a code name, they were not using it in trade.

    An international trademark search costs millions so companies use code names while they do trademark searches.

    Palladium was simply one of a list of metals that they had used for secure O/S projects.

    Microsoft was never going to market under the name Palladium any more than it would use Yukon or Longhorn.

    --
    Looking for an Information Security student project suggestion?
    Try http://dotcrimeManifesto.com/
  2. Re:Is Palladium REALLY optional? by Xtifr · · Score: 5, Informative

    I keep hearing that TCPA is NOT the death of Free software. But how can that be?

    TCPA is not Palladium. Here's a link to some whitepapers on TCPA (posted to /. yesterday).

    Here's how I understand Palladium. It is implemented beginning at the hardware level. The hardware refuses to execute a boot sector that has not been digitally signed. Therefore, only "trusted" boot loaders will work.

    TCPA is more like pgp than like ssl, i.e. there are no "root certificates". The chip contains a key, and can store signatures. So, when you install a system, you sign it, and install the signature in the chip. The boot loader only has to be trusted by you.

    Palladium is irrelevent because it's not going to be part of Linux (or BSD). If you install MS's OS and give them your trust, you have no one but yourself to blame.

    There is no way that Microsoft is going to sign a bootloader like, say, LILO

    Signatures from MS are irrelevent. What matters is that the signature stored on the chip matches the boot sector. MS doesn't have to sign it; you do. Of course, this might prevent you from dual-booting Linux and MS, since MS might make their system refuse to install unless you put their signature into the chip, but I have an easy solution to that. I just install Linux, and don't run anything from MS. :)