Slashdot Mirror

← Back to Stories (view on slashdot.org)

Palladium's Power To Deny

Posted by timothy on from the back-in-line-you dept.

BrianWCarver writes "The Chronicle of Higher Education has the most detailed article I've yet seen on Microsoft's Palladium architecture. The article discusses the potential Palladium has to give publishers power to eliminate fair use and the potential for software manufacturers to use Palladium to enforce shrink-wrap licenses. Comments from several great sources including, Ed Felten (Freedom to Tinker), Eben Moglen (pro-bono counsel for the Free Software Foundation and recent Slashdot interviewee), and Seth Schoen (Electronic Frontier Foundation) among many others. Key quotations from article: Palladium could create 'a closed system, in which each piece of knowledge in the world is identified with a particular owner, and that owner has a right to resist its copying, modification, and redistribution. In such a scenario the very concept of fair use has been lost.' 'Palladium will "turn the clock back" to the days before online information was widely available.' and 'Microsoft could decide to lock everything up.'"

23 of 535 comments (clear)

  1. Excuse me, but by Raul654 · · Score: 5, Informative

    Wasn't there an article on slashdot a while back talking about how someone had defensively patented Palladium-DRM schemes in order to prevent M$ from doing exactly this? If so, then how can M$ do this now -- would it not be in violation of such patents?

    --


    To make laws that man cannot, and will not obey, serves to bring all law into contempt.
    --E.C. Stanton
    1. Re:Excuse me, but by retards · · Score: 5, Insightful

      Maybe by buying the patent or suing the owner of that patent until he/she is forced to sell it or capitulate. Sound familiar? It takes money to use a patent as leverage.

    2. Re:Excuse me, but by sh!va · · Score: 5, Interesting

      So I was meeting a very successful entrepreneur and he gave me this insight:
      Patents can be used to ward of small competitors to a business. You cannot use a patent to ward of microsoft or ibm or any other large company with a large amount of money in the bank. You can sue them for patent infringement, they would drag the case in court, fight for a year or so and pay you a million bucks at the end. But by that time, they've already done whatever damage they could, and your company is bankrupt.
      Of course this doesn't work if the patent holder is a big company such as one of the above.
      Moral of the story is: if big players want to infringe smaller players' patents, they could do so and have a good chance of getting away with it for not that much money.
      Such are the wonders of capitalism.

    3. Re:Excuse me, but by Kierthos · · Score: 5, Informative

      Sorry, often times it does cost to defend yourself in court. There is the expenses incurred in having a lawyer (or more then one) for your side. There is also the loss of income because you are not working while you are in court defending youself. Sure, you can hope, if you win, that the judge will take your legal costs onto the judgement, and factor in some punitive damages, but it's not guarenteed.

      Kierthos

      --
      Mr. Hu is not a ninja.
    4. Re:Excuse me, but by SiliconEntity · · Score: 5, Informative

      Wasn't there an article on slashdot a while back talking about how someone had defensively patented Palladium-DRM schemes in order to prevent M$ from doing exactly this?

      That was cypherpunk "Lucky Green", who said he submitted a patent application on ways to use Palladium for software copy protection. This was after Microsoft publicly told him that not only did they have no plans to do that, they couldn't even think of a way to use the technology for that purpose. Lucky said that he could think of lots of ways, so he'd go ahead and patent them. You can read more about Lucky's plans here.

      I haven't heard anything about this lately, and a recent patent office search for applications under Lucky's real name (widely known, his initials are MB) didn't turn up any hits. So I don't know if he actually went through with it or not.

    5. Re:Excuse me, but by senahj · · Score: 5, Informative

      > It doesn't cost ANYTHING to defend yourself in court.

      Clearly you've never defended yourself in court against a
      deep-pockets plaintiff. Perhaps you should refrain from
      commenting unless you know what you're talking about.

      Someone with money to burn can bury you and the court under
      a blizzard of motions, subpoenas, and depositions, to most of
      which you will need to respond. Copying and filing fees
      alone in such a case can amount to many thousands of dollars.

      Then there's the small matter of your own time.
      A plaintiff with money to burn can tie you up in court
      appearances and depositions for months on end.
      Will your employer understand if you only show up for
      work one or two days a week for six months?

      See if you can find the answers to these questions
      by Googling about :

      What has been the effect on the personal finances of
      Keith Henson (L5 Society founder, among other things)
      of exercising his free speech rights to criticize the
      Church of Scientology ?
      How did this effect come about ?

      Who was Scamizdat (hint: it wasn't Grady Ward) ?
      How many judisial motions did the Church of Scientology file
      against Grady Ward in an effort to prove that he was Scamizdat ?
      What impact did this have on Ward's finances ?

      Who is Larry Wollersheim ?
      How much was he awarded in his lawsuit(s) against the
      Church of Scientology? (appealed all the way to the
      Supreme Court; denied cert)
      When did Scientology exhaust the appeals process ?
      How much has Scientology actually paid to date ?
      How many lawsuits, cross-complaints, and legal actions has
      Wollersheim endured in his search for justice ?

      --
      Wait a minute. Didn't I say that on the other side of the record? I'd better check ...
  2. What's the issue? by Anonymous Coward · · Score: 5, Insightful
    Palladium, like computers and any other bit of technology, is a technology that can be used for good or evil. The people pushing it are only pointing out the good. The people against it are only pointing out the evil. In the end, if it doesn't work people will shun it like it's the latest version of TurboTax.

    This isn't where the fight should be. Instead, we should be avoiding the products of the companies that would use such technology for purposes of controlling what we can do with what we own.

    1. Re:What's the issue? by Nursie · · Score: 5, Interesting
      >> In the end, if it doesn't work people will shun it

      Whilst it is true that if it doesn't work at all then it will be shunned, it is not so true if it doesn't work in the interest of the consumer.

      If Microsoft start making 'agreements' with vendors like Dell and HP to sell only (or mainly) Palladium'd boxes then people will buy them. Especially if there's some sort of discount price incentive put in place.

      It's a sad fact that we often have to face here, that the average person just wants 'a computer', and they don't care about how it works, who's really in control, and why that might be bad. As long as Mom and dad can do their tax, and the kids can play the latest incarnation of Tomb raider or Quake then all is just dandy.

      Once again our fate rests with the teenagers. If they can complain just loudly enough to mom and dad that they heard that computers from .* supplier don't work properly (i.e. allow music/video/whatever to be exchanged freely) then maybe nobody will buy them and disaster could be averted.

      Sad state of affairs really isn't it?

    2. Re:What's the issue? by supabeast! · · Score: 5, Insightful

      I agree. Capitalism should have no problem eliminating overzealous, opressive DRM. There will be other companies producing hardware without Palladium. There will be software that does not use Palladium's DRM. There will be audio and video that is not tied down by Palladium.

      All we have to do is accept that, and stop giving money to the rest. Unfortunately, the leaders in the movement against DRM are hypocrites like the Slashdot editors, men who attack companies like AOL/TW, Microsoft, Blizzard, Disney, etc, and then purchase and promote these companie's products with their next breath. These men have plenty of talk but no moxie. Until these idiots can stop buying a copy of Windows XP to play Warcraft III on while watching a "Fellowship of the Rings" DVD, they are just supporting the technologies they complain about, and doing NOTHING to stop the problem.

  3. Correction by manyoso · · Score: 5, Interesting

    You mean 'The Technology Formerly Known As Palladium' ;)

    What is particularly maddening about Palladium is the repeated claims that this offers a security benefit for end users. Microsoft is trying very hard to trojan in this DRM technology as a part of the Trusted Computing initiative. If this is the form of 'trust' they are speaking of then I want nothing to do with it.

    Buy your processors now before they are infected with all of this Palladium/TCPA nonsense.

    1. Re:Correction by kfg · · Score: 5, Insightful

      Lies are truth and the truth are lies.

      The oldest trick in the book is to identify that aspect of your product that is going to be most harmful to your customers and spin it as a plus.

      Nobody advertises 40 room mansions on 1000 acres as "spacious." That epithet is reserved for studio apartments in a "bee hive."

      KFG

  4. One-step process by rgoer · · Score: 5, Funny

    Here is the one-step process MicroSoft will surely follow in the interest of sidestepping those patents you mention:

    1. Billions upon billions of dollars

  5. Re:=[ sad by Tim+C · · Score: 5, Insightful

    Well, perhaps they are just more concerned about the potential loss of life, than some computing thing that they've never heard of?

    Palladium may well be very news worthy in the industry press, but trust me, almost no-one outside of the IT industry is going to have heard of it. *Everyone* has heard about Iraq.

    --
    It's official. Most of you are morons.
  6. Re:This is both good, and neccessary. by EricWright · · Score: 5, Insightful
    Those mp3s on your hard drive aren't fair use. Those divx copies of lord of the rings aren't fair use either.

    Bullshit. I bought those albums, so it is most certainly fair use. If I started sharing them with someone else, then it would not be. Just because I carry 10GBs of mp3/ogg on my laptop does NOT mean I have violated any law, civil or criminal.

    Similarly, how is having a divx copy of LotR illegal if I bought the dvd and ripped it myself?

    I can only assume you're referring to people who illegally download mp3s or make divx copies of illegally recorded theatrical showings of movies, but you need to be specific! The lack of specificity insinuates that we're all rampant filesharers, or that the only use of MPEG compression technology is piracy. Keep it up and the next thing you know, the MPEG consortium will have to disband or be incarcerated...

  7. Both by Kwil · · Score: 5, Interesting

    Obviously you can see how, being the folks developing the software, Microsoft can (hell, probably *will* as a software protection feature) program in the ability to encrypt the data into a form that only Microsoft can read, and put a remote based command as the trigger.

    So you sign in for your latest Windows Update (which you'll have to because if you don't, your encryption will soon be out of synch and nobody will be able to read squat that you make), Windows Update detects that "Hey! This copy of Palladium has been registered in a different computer", not knowing that you've just moved the hard drive over to a newer chassis with more expansion room, and sends the code to lock it all up, so that all you get on bootup is a message to "Call Microsoft at ... for payment and product activation info"

    --

    That Jesus Christ guy is getting some terrible lag... it took him 3 days to respawn! -NJ CoolBreeze

  8. Re:=[ sad by Tim+C · · Score: 5, Insightful

    Ah, but few people are seeing it because it's not happening all at once.

    Things like this, the general population won't know about until it's implemented and is being sold to them, and then, they'll only have the positive marketing spin (and perhaps a little bit of nay-saying in the general press, but nothing technical or deep).

    Things like the laws passed in the wake of the WTC attack get through, becuase

    a) it makes people feel safe, and as though people are doig soemthing about it
    b) "I have nothing to hide"

    I do agree with you, and take some solace from the fact that I'm in (and from) the UK. Of course, where the US leads, we (blindly) follow...

    --
    It's official. Most of you are morons.
  9. The real problem is interoperability by Anonymous Coward · · Score: 5, Insightful

    Like the article mentions, if the content provider, i.e. Word. Decides that only Word can read the article you just wrote. It means that OpenOffice can't open it (or any other competitor).

    If I want to add a plugin to a program. The program, might just say: no! you need to be a plugin approved by my company, not some random plugin. You thief!

    In other words, my beef with Paladium is that the security control is set at the level of the creator and not of the user. That in itself is not a problem until you realise that the control given to the creator is a lot more then simply "the right to copy and distribute" it affects the righ to interoperate between programs (in the name of being virus free).

    The software industry does not have a history of being open minded, I'd suspsect that by default interoperability would be set to off.

    Sad.

  10. Re:Why the problem? by mcrbids · · Score: 5, Insightful

    "I have been wondering what the issue is. If this is such a bad product, don't buy it. "

    What's the problem, you say?

    Microsoft==Monopoly.

    Don't like the price you pay for electic power? If this is such a bad product, don't buy it.

    Are you dis-satisfied with your telephone service? If this is such a bad product, don't buy it.

    Are you unhappy with the performance of the latest Ford auto? If this is such a bad product, don't buy it.

    Notice that this last one is much more feasible than the previous two!

    Microsoft is in that position. Because of the proven anti-competitive practices of a convicted monopolist, I don't really have that choice. As a software developer, I have to account for Windows as a platform or stop making money.

    And, if Microsoft decides that they EOL any non-Palladium O/S, millions will be forced to buy it, simply because they have no effective choice.

    Linux (Hooray!) is becoming an option, and I'll do everything I can to get it in use, but it's not there yet. I can't yet readily make a living producing software unless I at least allow accessability to Windows users.

    And Microsoft still has the power to potentially stonewall Linux adoption for a long time, and it's my feeling that Palladium is how they'll try do it.

    Only time will tell...

    --
    I have no problem with your religion until you decide it's reason to deprive others of the truth.
  11. Palladium != TCPA by mtnharo · · Score: 5, Informative

    I'm positive that this has been talked about in previous stories about both Palladium and TCPA, but I feel that it is important to highlight the distinction once more. TCPA is a hardware product. Palladium is the next level of system-wide DRM that Microsoft is planning on including in Windows Longhorn or Greenhorn or whatever they feel like calling it tomorrow. The TCPA spec calls for code signing for the system BIOS, and for a special chip to handle encryption duties, taking that load off the processor. This is a good thing, as it could make PGP encryption and signing for email transparent, as well as allow for code-signing and verification in the background. It can be turned off if you don't want it, but it can only be a Good Thing. It doesn't mean you can't run anything other than Windows on your hardware. It means that proper security is implemented at the hardware level, making it more difficult to install a trojaned program (ie, the download is automatically checked for the proper checksum etc) With the load taken off the CPU, better crypto for online transactions and things like remote desktop access would no longer cause performance problems.

    Palladium would likely make use of this hardware to take care of the crypto aspects of DRM, but it is a part of Windows. If you don't buy Windows, you have nothing to worry about. Microsoft would have to manage to replace every DVD player, computer and MP3 capable device in the world to make DRM mandatory. Palladium may not be great for consumer's rights, but it is also not forced upon anyone. We still have a choice. Run some form of *nix on your current hardware, or buy a Mac. This shall pass.

    My 0.10 shekels

  12. Re:What's the issue? (WHAT?!) by gosand · · Score: 5, Insightful
    This isn't where the fight should be. Instead, we should be avoiding the products of the companies that would use such technology for purposes of controlling what we can do with what we own.

    Sorry, you don't own anything anymore, you license it.

    While I agree with you in principle, I know that it won't work. Old saying - an ounce of prevention is worth a pound of cure. The average person, which BTW outnumbers the "in-the-know" crowd by about a million to 1, will not care. If the only thing that Dell sold was Palladium computers, the public would buy them. They won't go out of their way to avoid it, they will fork over their cash because as far as they are concerned, it isn't a big deal.

    Our duties as the technically literate is to make sure that things like Palladium do not happen. The (potential) cost far outweighs the (potential) benefits.

    --

    My beliefs do not require that you agree with them.

  13. Re:Why the problem? by mebon · · Score: 5, Interesting

    As the article points out, what happens if Word requires Palladium to run and encrypt any documents it creates? Then people who don't have Palladium and Word can't read those documents. At least now people can reverse-engineer Word documents and read them via Abiword, OpenOffice, etc. If Palladium is used, you would have to break the Palladium encryption before you could even reverse-engineer the document. And you would probably be charged under the DMCA for breaking the encryption.

    Imagine what would happen to Wine if all the new Windows games and applications required Palladium to run. If Wine can't break Palladium encryption, then Wine can't run any new Windows software. This could prevent any sort of Windows emulation or reverse-engineering that is allowable by fair-use. They could effectively prevent people from using any OS other than Windows to run their applications or view documents. As new applications come out and old ones become outdated, Palladium could become the new standard just because all the new software requires it.

  14. Remember ActiveX, DVD, and Java by weave · · Score: 5, Interesting
    ActiveX: Designed to be secure, can only run trusted/signed controls. Due to a few holes, bad implementation, and a microsoft-cert accidently released, it's been possible to get around this in the past. ActiveX didn't really work as designed

    Java: Protected by a sandbox. At numberous points in past, some implentation flaw has allowed java apps to get around the sandbox.

    DVD: Trotted out to content providers as secure since content could be encrypted and secured on the disk. Then one vendor makes a mistake and includes an unencrypted key in their DVD player, some kid in Europe finds it, and the entire house of cards falls down. If that one vendor didn't screw up, DVD's probably would still be unrippable.

    In all technologies, the apologists have pointed to the fact that they are secure by design, but flaws in implementation or procedures caused the faults.

    So even if I wanted TCPA/Palladium to be a smashing success, I wouldn't bet my fortune on it. Someone will screw it up...

  15. Re:Who's locking what up? by IamTheRealMike · · Score: 5, Interesting
    Here's what gets me though, why is MS the bad guy here? Obviously there's some demand for MS to fill here.

    Yeah. Actually I've been told (by an MS exec) that the demand is mostly coming from normal business. They like the idea of keeping control of internal documents, keeping it secure, all the benefits of DRM etc. I've seen a roundtable discussion at a conference that was discussing the benefits a new age of DRM will bring, these guys were really enthusiastic but they weren't from the MPAA or RIAA. They were just business people (except the blonde in the short skirt, I think she was just there to distract the attendees).