Slashdot Mirror
Palladium's Power To Deny
BrianWCarver writes "The Chronicle of Higher Education has the most detailed article I've yet seen on Microsoft's Palladium architecture. The article discusses the potential Palladium has to give publishers power to eliminate fair use and the potential for software manufacturers to use Palladium to enforce shrink-wrap licenses. Comments from several great sources including, Ed Felten (Freedom to Tinker), Eben Moglen (pro-bono counsel for the Free Software Foundation and recent Slashdot interviewee), and Seth Schoen (Electronic Frontier Foundation) among many others. Key quotations from article: Palladium could create 'a closed system, in which each piece of knowledge in the world is identified with a particular owner, and that owner has a right to resist its copying, modification, and redistribution. In such a scenario the very concept of fair use has been lost.' 'Palladium will "turn the clock back" to the days before online information was widely available.' and 'Microsoft could decide to lock everything up.'"
Wasn't there an article on slashdot a while back talking about how someone had defensively patented Palladium-DRM schemes in order to prevent M$ from doing exactly this? If so, then how can M$ do this now -- would it not be in violation of such patents?
To make laws that man cannot, and will not obey, serves to bring all law into contempt.
--E.C. Stanton
http://www.stoppalladium.org
If you've read Code you probably already know why this kind of regulation by code is bad, but Lessig also wrote on this over At The Atlantic Monthly.
He says the picture of a world where one needs a license to read is discomforting.
Current laws represents a choice made by our democratic processes, and with copyright as code it's not clear how the same balance can be struck. The problem with regulation (And Law) through code is that there is no place for such a collective choice. If one kind of "trusted systems" software protects rights of fair use, a competing version will promise more control to the owner. This makes fair use a bug, not a feature.
I'm positive that this has been talked about in previous stories about both Palladium and TCPA, but I feel that it is important to highlight the distinction once more. TCPA is a hardware product. Palladium is the next level of system-wide DRM that Microsoft is planning on including in Windows Longhorn or Greenhorn or whatever they feel like calling it tomorrow. The TCPA spec calls for code signing for the system BIOS, and for a special chip to handle encryption duties, taking that load off the processor. This is a good thing, as it could make PGP encryption and signing for email transparent, as well as allow for code-signing and verification in the background. It can be turned off if you don't want it, but it can only be a Good Thing. It doesn't mean you can't run anything other than Windows on your hardware. It means that proper security is implemented at the hardware level, making it more difficult to install a trojaned program (ie, the download is automatically checked for the proper checksum etc) With the load taken off the CPU, better crypto for online transactions and things like remote desktop access would no longer cause performance problems.
Palladium would likely make use of this hardware to take care of the crypto aspects of DRM, but it is a part of Windows. If you don't buy Windows, you have nothing to worry about. Microsoft would have to manage to replace every DVD player, computer and MP3 capable device in the world to make DRM mandatory. Palladium may not be great for consumer's rights, but it is also not forced upon anyone. We still have a choice. Run some form of *nix on your current hardware, or buy a Mac. This shall pass.
My 0.10 shekels
Changing it yourself is a violation of the DMCA, even though you're the copyright holder because the DMCA protects that bit not your copyright.
Bullshit. It is illegal to circumvent a technological method for protecting access to a copyrighted work. Since you own the work in question, and the bit is not copyrighted, you may abuse the encryption any way you like.
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
The US resembles the late UK 19th century 'free market out of control' situation so badly (replete with your modern day Gilbert and Sullivans attempting to enforce unreasonable copyright laws on multinational soil) that people really have forgotten that 'content creators' dont have a say. Content buyers, content distributors, content publishers, have ALL the power.
.. and no, any "content creator" that owns a record label (the P. Diddys or Missy Elliot) don't count since their interests are planeted firmly in the middle-man mindset. I garauntee you most artists and musicians would wanna slap ya upside the head for calling the Hollywood juggernaut content creators. They are publishers.
Funny how every drastic social backlash seems to be preceded with a golden-age of middle-men. Just ask yourself when the last time you actually hearn an honest to god content creator speak his or her mind
Read up on some copyright history and you'll see we played this game about 100 years ago when piano roll technology hit the market and the UK saw rampant 'piracy' in the US. Find out why publishers are consistantly mistaken for content creators over and over in the latter stages of each cycle in the history of copyright law.
"Old man yells at systemd"
In military terms a "Trusted" system is one that can break your security policy. So a "Trusted" system can't be trusted.
Users can't be trusted so they are trying to solve the problem by locking down our computers so they (content producers) can be trusted.
The entire copyright regime is an impediment to freedom.
No moreso than marriage, alimony, or employment contracts.
Despite what Ghandi said, everyone has a right to recieve something for their labor. If I come over and setup your computer when you ask, I may be able to take you to court for wages--which I couldn't get if i didn't have the right to those wages.
It (the right to copy) is specifically impinged as a societal bargain (a real honest to God social contract) that creators push along the arts and sciences faster than normal and in exchange get to have a limited monopoly for limited times.
It's not a "limited monopoly" in the constitution. It's a legal securing of a right for a limited time.
When you look at such things as Palladium, you have to ask, is this going to advance or retard the progress of the arts and sciences? I think it will retard it so I'm against it.
How? I mean that, honestly and truly, HOW can Palladium retard the progress of arts and sciences?
Knee-jerk reactions aside, I have heard nothing more malicious about Palladium than "it will let a program write data that only that program can read or write." How, exactly, does that retard the progress of arts and sciences?
I end up losing rights without promised access to new and wonderful goodies. That's no bargain so we either remake the deal or call it off. If the RIAA/MPAA piss off enough people, the latter will be what gets passed.
Unless Palladium becomes mandated--which, if you recall, MS is fighting against--the copyright bargain will remain unchanged no matter what is done.
Once you have a copyright, you can use it however the heck you want, to gain wide distribution or to keep your invention private for yourself. Using a digital system that enforces your (admiditly draconian) agreement for use is hardly an abridgement of the copyright agreement.
Arts and Sciences got along just fine for centuries without perfect digital copies, and I haven't seen file sharing advance any great art or science, myself.
Computing experts in academe often blame Microsoft for producing software that is vulnerable to viruses and hackers.
But, of late, the experts have been criticizing the company's sweeping plan to correct those very deficiencies.
How is Palladium a plan to thwart viruses and hackers? Right in the bottom of the very same article they say that Palladium will not eliminate software viruses. And I suspect that it will eliminate few hackers too, since the weakest link is the people, not computers.
Can someone explain to me any real, additional potential benefits of Palladium? We have encryption and security for protecting sensitive data already... I bet most of student records leak from the paper copy accessed by some unscrupulous employee rather than through smart hackers.
They can always start releasing new content using only DRM-enabled technologies. I have an older Jornada Pocket PC, for which I can't find hardly any eBooks, because it came out prior to the advent of DRM on those devices - I can't even upgrade to a more modern OS because it's a hardware issue. Add in the fact that most consumers don't have a clue about this issue, and they could definitely (not neceassarily easily) make this a standard technology, and a gateway to moving forward with digital content.
Stop by my site where I write about ERP systems & more
And fluoride is documented as being more toxic than lead. =)
The Toxic Effects of Fluoride
To Do: 1. Take over world 2. Pick up Milk and Bread on the way home
Mac OS X is not unix. It is the proprietary mach kernel (which is not *BSD), with some *BSD utilities glued on.
I can do the same thing by installing some GNU utilities or cgywin in Windows. Is it unix now?
No.
[[["Mac OS X is not unix"]]]
The Open Group -- the official holders of the Unix trademark -- classifies UNIX as such:
"UNIX - the worldwide Single UNIX Specification integrating X/Open Company's XPG4 and additional standards. The majority of commercial vendors have registered UNIX products, with most at the UNIX 95 level and newer products registering for UNIX 98."
Obtaining an official UNIX title is merely achieved when key functionality is added, thus allowing the OS to meet the requirements of the UNIX brand. In this context, Windows NT could obtain UNIX status. Believe it or not.
Either way, your argument is moot. The open group has already clasified Apple as an official suporter Supporter of the "Single UNIX Specification".
See for yourself
This is misleading.
- The CSS cipher key is 40-bits.
- Whoever designed the CSS cipher wanted it to be cheap in hardware and didn't put much effort at all into its design. There is a simple guess-and-check algorithm that breaks it with a work factor of 2 ** 16.
Based on some simulations I ran with RC6, my PII 266 would break RC6 with a 40-bit key in just under a year on average (unoptimized C). The CSS cipher is much faster and is based on LFSRs, which can be bitsliced very efficiently using MMX instructions (I can try 128 keys simultaneously). Even without the weak cipher design, my lowly dinosaur of a machine could probably recover all of the player keys in under 2 months. (Very pessemistic estimate.)A work factor of 2 ** 16 means that even my slow machine can figure out the disk key in under a minute.
26! is more than 2 ** 88, but that doesn't make your secret decoder ring strong crypto. More or less they used the equivelent of a secret decoder ring to encrypt the data. Ross Andersen's attack on the A4 cellphone cipher should have been known to the designers of CSS, yet they went ahead with a cipher that is more easily vulnerable to the same sort of guess-and-check attack. (None of the advanced Russian sparse matrix inversion techniques are required to make it practical.)
Copyright Violation:"theft, piracy"::Anti-Trust Violation:"thermonuclear price terrorism"<-Overly dramatic language.