Slashdot Mirror
Microsoft To Demo 'Palladium' At WinHEC
1010011010 writes "According to Microsoft Watch, Microsoft will be demonstrating Palladium (also known as 'Next-Generation Secure Computing Base') at WinHEC in May in New Orleans. The 'trusted root' is now called the 'Nexus' by Microsoft. Developers wishing to write 'Nexus-aware' applications will apparently have to pay a licensing fee to do so. The product manager for Palladium, Mario Juarez, says, 'It's important to note that nexus-aware applications will not hinder any apps or anything else running in the regular Windows environment.' I'm sure you can all hear the word 'yet' at the end of that sentence. There's talk of phasing in Palladium, starting with Longhorn Server in 2005. I wonder how Microsoft will convince consumers that loss of control is a good thing, and how long the convincing will take. I, for one, am already planning to transition my company away from Microsoft software. Hopefully that won't get messed up by and dumb mandatory-palladium legislation from the Fritz types."
.NET plays with any database just fine via Native drivers, OLE/DB, or ODBC. AFAIK the issue is that VS.NET doesn't fully support non MSSQL DB's within it's Server Explorer - a feature that I have never found too useful anyway.
There is no longer anything that can be done with computers that is nontrivial and clearly legal. -- Paul Phillips
Uh... No. VS.Net only ships with Microsoft data drivers, but there is nothing stopping you from installing mySql server Oracle and any other database that has an ODBC driver (and there's a lot of them so i'm not going to link them all in here!).
Simple... suddenly secure Office apps will use .Net which runs the macros in a sandbox outside the secure zone. It has been on the drawing box for quite some time. Office 2003 will offer the first steps to .Net integration wich will ultimately add more security and control over these dumb macro exploits.
But the more obvious step would be to prohit you from manually launching such a script in the first place. Which is a step up. I've personally witnessed Computer Science Master and PHD students who should know better open up arbitrary code sent to them via email. Goes to show that sometimes even the knowledgeful are just as dumb as the users they often mock.
I am just wondering how signing all the executables will protect anyone from viruses. Most viruses today are macro or scripted.
First, Palladium doesn't sign all the executables. As the article takes pains to mention, all the old Windows programs will still run. What Palladium does provide is "attestation", meaning that the secure hardware can report a hash of the secure part of the application to a remote server. That server can then decide based on the hash whether to trust the app.
As far as viruses, I think you're right that macro viruses wouldn't be stopped. The one advantage is that the scope of the damage might be limited, as any "sensitive" data on your computer could be encrypted using the Palladium hardware. So you could still get an email virus, but it couldn't access your bank account data.
Actually there is, while ycan use an ODBC driver with C# at a programmatic level, the IDE happily tells you that only Access and SQL Server are supported when you attempt to use the IDE's tools to access the datasource, link it with controls etc. This is Visual Studio .Net Standard btw.
I wrote what I consider to be a fairly informative article on Palladium and the impact on the anti-virus industry here:
p alladium.xml
... uh ... PR-ish ;-)
http://www.virusbtn.com/magazine/archives/200209/
Summary:
- It's foolish to expect it'll stop viruses
- Microsoft will have the anti-virus industry by the short and curlies
- Microsoft PR is impressively
Score:-1, Funny
Yeah, I know, OT but English is not my mother tongue. I thought, Fritz was some reference to the Germans but this does not really make sense here, does it? What does "Fritz types" mean?