Slashdot Mirror
Palladium's Power To Deny
BrianWCarver writes "The Chronicle of Higher Education has the most detailed article I've yet seen on Microsoft's Palladium architecture. The article discusses the potential Palladium has to give publishers power to eliminate fair use and the potential for software manufacturers to use Palladium to enforce shrink-wrap licenses. Comments from several great sources including, Ed Felten (Freedom to Tinker), Eben Moglen (pro-bono counsel for the Free Software Foundation and recent Slashdot interviewee), and Seth Schoen (Electronic Frontier Foundation) among many others. Key quotations from article: Palladium could create 'a closed system, in which each piece of knowledge in the world is identified with a particular owner, and that owner has a right to resist its copying, modification, and redistribution. In such a scenario the very concept of fair use has been lost.' 'Palladium will "turn the clock back" to the days before online information was widely available.' and 'Microsoft could decide to lock everything up.'"
It saddens me that some US people are spending all this time and energy protesting a war that hasn't happened yet and could give a crap about things happening in their own country in regards to their freedom. And it's not just this story, it's all the freedoms that are being taken away thinks to the events of 2001.
Wouldn't that be history repeating itself?
You mean 'The Technology Formerly Known As Palladium' ;)
What is particularly maddening about Palladium is the repeated claims that this offers a security benefit for end users. Microsoft is trying very hard to trojan in this DRM technology as a part of the Trusted Computing initiative. If this is the form of 'trust' they are speaking of then I want nothing to do with it.
Buy your processors now before they are infected with all of this Palladium/TCPA nonsense.
Comment removed based on user account deletion
Every time something like this comes up, people either go defeatist and decide that Microsoft own us all, or decide to fight back.
The world was once as free as our computers, we lived in isolated communities. As soon as the bridges formed between us, we became united, and ruled. Laws were made. Ownership was arranged. The higher classes sprung up and controlled the land, forcing the lower classes into a life of endless work.
Times have improved, but the fact remains: once many things join, a hierarchy is formed. Now we are having our Governments get more involved in the internet, setting up protective laws at first, and now actively trying to control and limit data flow.
The corporations will 'own' the 'land' we have. They will charge us for the privelige, and render our systems useless unless we upgrade.
Ok, this is a worst-case scenario, but remember that Microsoft has already tried underhand tactics (EULAs agreed as soon as you open them!?) and with this new cookie jar for them to reach into, who knows what new, restrictive ideas they may be planning.
- Rico
A question
Is then MS pushing this as a way to seal up markets like China? whre this desire to lock up information is prevalent?
Don't Tread on OpenSource
My guess is that all you'll need to crack it is the install CD of an older version of Windows.
So to answer your question: not very long.
there's no place like ~
So, with as buggy as MS security usually is, how long after the first Palladium crap-o-la is released until we can either a) emulate it's functionality or b) completely bypass it? That is not to say that I'm unworried about it, but seriously people, they can't stop me, you, or especially ALL of us forever. It just doesn't work.
-theGreater View.
I suspect all this time we spend worrying about the dark future that is Palladium/Next-Generation Secure Computing Base/DRM-in-general will turn out to be quite small potatoes indeed, once the other shoe drops. It can't be too long before MS announces that it is opening its own movie studio and/or record label (if not just buying up some of the smaller-yet-successful of the established ventures)... at that point, when MS is both giving us the content and telling us what we are and are not permitted to do with that content, that's when everything will truly suck.
Obviously you can see how, being the folks developing the software, Microsoft can (hell, probably *will* as a software protection feature) program in the ability to encrypt the data into a form that only Microsoft can read, and put a remote based command as the trigger.
... for payment and product activation info"
So you sign in for your latest Windows Update (which you'll have to because if you don't, your encryption will soon be out of synch and nobody will be able to read squat that you make), Windows Update detects that "Hey! This copy of Palladium has been registered in a different computer", not knowing that you've just moved the hard drive over to a newer chassis with more expansion room, and sends the code to lock it all up, so that all you get on bootup is a message to "Call Microsoft at
That Jesus Christ guy is getting some terrible lag... it took him 3 days to respawn! -NJ CoolBreeze
I remember reading somewhere once that fairuse is actually only available to you if you are able to carry it out, the manufacturers/publishers dont have to provide you with the ability to copy something freely or run/play that copy freely. This generally means that although cd protection schemes, DRM etc destroys what many on here think is fair use, it actually doesnt do anything of the sort. Now cd protection schemes that dont actually work, ie play in a audio player but not a pc are a totally differnet matter. As usual, i expect someone on here to clarify my position, wether its right or wrong etc.
..at least til the major Internet Routers start using Palladium to control virus and worm attacks. Not a Palladium verified system? Get your own internet.
That Jesus Christ guy is getting some terrible lag... it took him 3 days to respawn! -NJ CoolBreeze
This only affects windows users, if the mainstream computer users (geeks excluded) want to give all of their freedoms up to MSFT, so be it. I run linux, and can do what ever I want with my data, be it music , video, source, etc. If you are stupid enough to give microsoft money to control your life, you might be to stupid to own a computer.
I want my rights back. I was actually using them when our government stole them after 9/11.
The copy protection will be cracked within a week. Something this big and this unpopular doesn't stand a chance. Remember the "copy protected CD's"? The protection was circumvented with a black marker.
Then Microsoft will have to use the DMCA to shut people up.
Interesting thought on Palladium - bear with me.
Palladium as a whole, to me, sounds impossible to implement, maintain, and get buy-in on. The potential for backfire, for cracking, for failure, seems large.
So, how much does Microsoft really plan to implement?
Maybe this is a significant percent of publicity-playing. See what people think, get out the word you're "doing something" to deter the competition, then put in something far less in function (and effort, and cost) than you started and say its what people "want." Meanwhile you can hopefully discourage others innovating.
Just a thought.
"The Sage treasures Unity and measures all things by it" - Lao Tzu
OK, let's say that a big university like MIT implemnts Microsoft Windows Shiny and Secure Palladium Edition 2005. Not only on a workstation, but on _all_ computers; libray computers, dorms, workstations, servers etc.
Then all documents produced inside MIT will become Microsoft DRM enabled. All the papers, tests, research and publications. Right?
Year 2050. MIT want out. Whatever reason they have; they need to get out: The cost of the system is to high or the system don't work according to the promised specification.
Actually the reason they have, don't matter. Maybe Penguin OS v69 has become The OS.It's irrellevant. They want out; and they want it now!
Now what?
Well, for starters just about everything people have done the last 45 years is _potentially_ lost forever unless they manage to get a deal with Microsoft.
All the fileformats are MS Propretary DRM Palladium Edition and can't be read on their new and shiny OS and they would have to deal with the relatives of former employes who "own" information produced on MIT.
What a mess. Such a waste.
Melius mori in libertate quam vivere in servitute.
Palladium will not: (and I quote into the cauldron..)
.. would face enormous pressures to do so"
- Replace the Windows operating system.
- Search the Internet to detect and delete pirated software, music, and movies.
- Eliminate spam and software viruses.
- Prevent a digital thief from gaining access to a computer in person and disabling its hardware security features.
"The goal, Microsoft officials say, is to make servers and desktop PC's that people can trust." (ha-ha)
Maybe a system that did ALL of these things would be competitive?
--
I think it's only fair these [hopefully nonexistent] publishers are forced to purchase Palladium PCs and use only Palladium-liscensed reference material for which they will pay per byte forever.
"Colleges
Why not instead force publishers to provide text-searchable CDs for free to legitimate book owners because of fair use laws? Safari seems pretty useful.
If every student is networked these days, I think there may be an opportunity for universities to promote a solution to a real (as opposed to hypothetical) problem which happens to appear antithetical to Gates' wet dreams.
- Students spend an awful lot of money on textbooks, and sometimes have difficulty finding them in bookstores and libraries. A significant number might jump at the chance to purchase a digital copy instead of the paper textbook.
- Searching for words in textbooks should be promoted at universities as one of the few clear merits of owning a computer in school. It would be interesting to see legally if universities, or individual students, can promote this to the point of forcing publishers to provide a free fair-use cd of searchable text with every textbook. The bookstore could hand them out when books or purchased.
- Students who have purchased second-hand books also should be able to enjoy the benefits of digital searching.
- Annotation is a second obvious merit of using a computer in school, and it's why the web was born. Students used to surfing the web will readily jump into information organized in am easy to use, interactive format. Researchers should also be able to freely access stores of annotations and digital texts.
- Also annotation as well as the ability to index and navigate by scene or timecode is very useful with film and video. This could be useful in university film, music, television, language, and science courses among others, and universities ought to be able to negotiate with publishers to create free-use zones for scholarship purposes without all this annoying crypto. If enough did it, there would be a smaller potential Palladium market.
- Schools with less funding should be able to invest in personnel and students, and (if there is a suitable alternative) ought to be able to use information technology to reduce the financial barriers. MIT has embarked on an open curriculum and more should be promoted. We need to enable people to apt-get an education and get used to it so they won't let it get taken away.
- It would be interesting to see if projects funded by national governments would be exempt from Palladium
- While MP3 sharing may very well be within the law, it is not as obvious a poster child for fair use as any of the above uses of everything from ascii text to hdtv. I think it would be very interesting to see if the open source and educational communities can relatively quickly develop something demonstrably more useful and open that Palladium, and possibly preempt it.
If Microsoft have these powers, they will abuse them. Microsoft will use it to further force you to do what they want you to do, not what you want to do. Even with the very recent legal difficulties, they are still acting exactly as before. And this has just cost me a couple of hours of my time. Let me explain - bear with me, the gall of MS will amaze you...
I use Windows XP with Mozilla. The software my bank uses is only compatible with the Microsoft JVM (stupid bankers...). I have previously installed the Sun JVM, so in an effort to get the Microsoft JVM working I used the new "Set program access and defaults" option which Microsoft added to Windows XP as part of the settlement. It is supposed to make it easier for you to set the default email, JVM and browser clients. I intended to change my defaults to IE and the MS virtual machine, use my bank's site, and then change them back again to Mozilla(1). To cut a long story short, once I had changed my default browser from Mozilla to IE, it was impossible to change it back again. The new configurator that Microsoft had added as part of the legal settlement had renamed all of the mozilla files so they wouldn't work anymore, replacing their old extention with "new", i.e. so mozilla.exe became mozilla.new. Not only that, it also removed the mozilla icon from the desktop, the "power bar" and the menu. So the only way I could get it working again was to completely reinstall it. And they did this as part of the legal settlement!
F*uck them. I'm going to move to Linux for my desktop. It might have installation hassels too, but at least I'll know that they haven't been designed to be difficult on purpose.
(1) This may seem an odd thing to do, but you can't download the Microsoft JVM from the MS site any more, so I thought this might be a way to reactive it.
Whilst it is true that if it doesn't work at all then it will be shunned, it is not so true if it doesn't work in the interest of the consumer.
If Microsoft start making 'agreements' with vendors like Dell and HP to sell only (or mainly) Palladium'd boxes then people will buy them. Especially if there's some sort of discount price incentive put in place.
It's a sad fact that we often have to face here, that the average person just wants 'a computer', and they don't care about how it works, who's really in control, and why that might be bad. As long as Mom and dad can do their tax, and the kids can play the latest incarnation of Tomb raider or Quake then all is just dandy.
Once again our fate rests with the teenagers. If they can complain just loudly enough to mom and dad that they heard that computers from .* supplier don't work properly (i.e. allow music/video/whatever to be exchanged freely) then maybe nobody will buy them and disaster could be averted.
Sad state of affairs really isn't it?
What you and nearly everyone else here seem to be missing is that "DRM Technology" also contains the ability to define NO restrictions! Just like on DVDs where there is a "Regeon Free" bit that can (and is) set by the publishers of the material.
So Indie musicians (Like myself) have NOTHING to fear about this. In fact, maybe for the first time if an Indie musician decides that they WANT to control their music (About 1 in 20 do) they now have the power to do so, while the others will have the power to grant unlimited lisence so you know you are copying legally.
Contrary to popular belief, coding is not all free blow-jobs and beer. Those things cost MONEY!
"There will still be the vast majority who DO NOT UPGRADE and use THE OLD STANDARD. "
This is true -- according to Google's Zeitgeist, the number of people using "obsolete" versions of Windows (95, 98, NT) is almost the same as those using the latest versions (2000 and XP).
"I really can't see how this will effect people who don't use it (now tell me how it will take over the world when people do start to use it and how it will effect the data on the internet and bla bla bal....)"
Easy. If broadband ISPs only allow Palladium-equipped devices (PCs, routers, etc) online, then the Internet will be denied to everyone else. Should Microsoft make their own version of IPv6 that's "secure", it's going to be supported by all the major players. (If the MS-IPv6 protocol can't be altered through software, then any company that doesn't support the corrupted protocol is going to be locked out from all new PCs once IPv6 goes live.)
Even easier: sites that currently "require" Internet Explorer -- but work fine with other browsers -- will require IE plus Palladium. Or your ISP says that only PCs with Palladium are supported.
If Microsoft plays their hand correctly, they'll be in complete control of the x86 platform, and nothing other than a successful anti-trust case will break that hold. If Microsoft fails, they'll alienate enough people that Linux and other OS's will make significant gains.
So I was meeting a very successful entrepreneur and he gave me this insight:
Patents can be used to ward of small competitors to a business. You cannot use a patent to ward of microsoft or ibm or any other large company with a large amount of money in the bank. You can sue them for patent infringement, they would drag the case in court, fight for a year or so and pay you a million bucks at the end. But by that time, they've already done whatever damage they could, and your company is bankrupt.
Of course this doesn't work if the patent holder is a big company such as one of the above.
Moral of the story is: if big players want to infringe smaller players' patents, they could do so and have a good chance of getting away with it for not that much money.
Such are the wonders of capitalism.
I think this is my new favorite cliche here on /.: the view that the judges, juries and structures of the legal system in the United States are completely blind to anything but money.
It doesn't cost ANYTHING to defend yourself in court. Sure, a company with a ton of money and resources can research an argument or position limitlessly, but if that position doesn't have truth behind it, a court will certainly see through it.
So can we please toss this argument already? Anyone who is likely to sympathize with the crack of "more money = scales of justice" is already thinking it when you've hit the Submit button.
As the article points out, what happens if Word requires Palladium to run and encrypt any documents it creates? Then people who don't have Palladium and Word can't read those documents. At least now people can reverse-engineer Word documents and read them via Abiword, OpenOffice, etc. If Palladium is used, you would have to break the Palladium encryption before you could even reverse-engineer the document. And you would probably be charged under the DMCA for breaking the encryption.
Imagine what would happen to Wine if all the new Windows games and applications required Palladium to run. If Wine can't break Palladium encryption, then Wine can't run any new Windows software. This could prevent any sort of Windows emulation or reverse-engineering that is allowable by fair-use. They could effectively prevent people from using any OS other than Windows to run their applications or view documents. As new applications come out and old ones become outdated, Palladium could become the new standard just because all the new software requires it.
Microsoft has been trying to push the Software as a Service model for a while now. The big idea a few years ago was that you would "rent" the software as you needed it. I'm not sure if they're still pursuing this, but Palladium would provide a nice convienent way of securing the back end of it and making application over a network more possible. Once this happens, all of a sudden, software is a service!
Java: Protected by a sandbox. At numberous points in past, some implentation flaw has allowed java apps to get around the sandbox.
DVD: Trotted out to content providers as secure since content could be encrypted and secured on the disk. Then one vendor makes a mistake and includes an unencrypted key in their DVD player, some kid in Europe finds it, and the entire house of cards falls down. If that one vendor didn't screw up, DVD's probably would still be unrippable.
In all technologies, the apologists have pointed to the fact that they are secure by design, but flaws in implementation or procedures caused the faults.
So even if I wanted TCPA/Palladium to be a smashing success, I wouldn't bet my fortune on it. Someone will screw it up...
I'd be interested to know what the people here think will be the fate of OSX on x86 - a lot of peopl ehave said that Apple is gearing up to release the OS, in some form (probably not to run on any and every x86 box) for x86 as a hit back at Microsoft when they release Palladium.
If this is true then Apple obviously thinks there are going to be a lot of users that are going to be so p****ed off at MS that they'll switch platforms at this time. And they have a lot more marketing dollars than any of us here to predict these things, so what do you guys think?
-Nex
This sig has been deprecated.
You're splitting hairs.
It acts like UNIX. It has UNIX-y software in the box. You can get arbitrarily large amounts of UNIX-y stuff and install it.
For anybody who doesn't care about "trademark dilution" of the UNIX brand, it's UNIX.
So are the BSDs. So are the various Linux distros. Get over it.
And, insofar as NT is supposed to be POSIX compliant, there is an argument to be made that you could in fact run a UNIX workalike under NT. Bottom line is, who cares?
Why yes, I AM a rocket scientist!
Yeah. Actually I've been told (by an MS exec) that the demand is mostly coming from normal business. They like the idea of keeping control of internal documents, keeping it secure, all the benefits of DRM etc. I've seen a roundtable discussion at a conference that was discussing the benefits a new age of DRM will bring, these guys were really enthusiastic but they weren't from the MPAA or RIAA. They were just business people (except the blonde in the short skirt, I think she was just there to distract the attendees).
Just being hopefull in the idea that one day in the not so distant future, someone somewhere will develop a Palladium virus that would default to deny all rights to all mediums and data. That your computer would just close itself out and deny all access to it, saying you don't have the rights to access it.
And say this virus spread like wildfire, and hundreds of thousands of happy-go lucky MS users worldwide can't get to their MP3s and DivX p0rn, nevermind grandma and her email, and the business exec that can use powerpoint. I'm thinking this would be sweet... So, what's your favorite limnux distro??
-A30N
Actually it doesn't even prove what software I am running. It allows anyone who knows the master keys, (or keys signed by the master keys) to claim that I am running something. The implication, but not the requirement, is that the this only occurs if I am running software of your choosing. (For example, he who controls or knows the master keys can fake being an interoperable computer and suck down medical records 'protected' by this technology. One wonders if people will be tricked into believing that this is 'perfect security' and not have any backup security perimiter for this situation.)
In any case, assuming that hypothesis correct, then this is control. You can coerce interoperable software to behave however you fashion, and control interoperability. While it is true that I could coerce you just as much as you coerce me, (I won't let you send me music unless you run a particular music server that serves OGG files.) most business-to-consumer relationships are not equitable power relationships. Thus, the control, while theoretically both ways, will in practice be one-way. (You run XYZ, or else we won't send you a copy of this electronic-only textbook you need for a class you need to graduate.)
Palladium is a mechanism that is perfectly suitable in situations where it really is a voluntary consentual relationship. I would have no problems with Palladium if this was its scope. However and again, many person-to-business relationships are not exactly consentual. (Look at people trying to get refunds for the windows tax on laptops. Or, look at the copy-control cartel.) In the real world of not-entirely-consentual relationships, Palladium will be used for coercion and extortion of citizens.
As-is, and barring the fact that it cannot actually prove to a different machine what software I am running, Palladium is not per-se a completely bad idea. I like it in ways. The problem is that it is one of those things that is guarenteed to be abused, and it will be abused in really nasty ways.
In this real world, Palladium allows digital extortion. Just because I used your software to write my book does not mean that you have any right to control how, when, and where I use my book. That is why I'm against it.
The most critical issue that I see from this is publishers locking out those who can not pay for the service. The ability for the publishers to create their own definitions of what is "fair use" could create a further imbalance between those universities that are rich and those that are poor.
The key element that makes the internet such a critical part of academia is the freedom to exchange ideas from anywhere on earth. Removing that fundamental element puts those people who can not pay for the same ability out of the loop, and serves to stratify society even more than it is already.
Who benefits? Two factions benefit from this:
1. Monopolies - corporations who tend to gain from exclusive control over a particular market. This reinforces their exclusivity at the expense of freedom.
2. Elitists - those who feel that only a select few with resources should have access to higher education and the halls of power.
Both of these factions work hand in hand to further their agendas. Every ivy league college will have a fully functioning Palladium system, state colleges and universities will cut critical continuing education and other 'bootstrap' programs to pay for it, and small colleges without the resources will be left in the dark. Once the defacto standard is set (by publishers removing free electronic access, and embracing Palladium), it will all be over - the internet will be come a 'dark' place for those left out.
Of course, that might have a positive effect: those who GPL their manuscripts will have wide acceptance as 'the source', since most teachers will not be able to pay for the cannonical knowledge base to 'clip' for fair use.
Lodragan Draoidh
The more you explain it, the more I don't understand it. - Mark Twain
It's pretty safe to conclude that consumers have abused fair use. Not to mention the piracy by non-consumers. I cannot wait for the day that DRM switches on. I will get EVERY penny I am due. If some people don't buy my stuff, no problem. This means more resources to support those that do.
My stuff will get bought, not pirated.
Joe Schmoe copying my work means I get NOTHING. If I pay a "tax" to MS, then I'm still making something. (Sales - MS tax) is a whole lot more than the $0 I would get from Mr. Pirate.
If Palladium is evil, then it's the lesser of the two evils. It didn't have to be. Piracy forced my hand. Blame the pirates.