Slashdot Mirror
Microsoft To Demo 'Palladium' At WinHEC
1010011010 writes "According to Microsoft Watch, Microsoft will be demonstrating Palladium (also known as 'Next-Generation Secure Computing Base') at WinHEC in May in New Orleans. The 'trusted root' is now called the 'Nexus' by Microsoft. Developers wishing to write 'Nexus-aware' applications will apparently have to pay a licensing fee to do so. The product manager for Palladium, Mario Juarez, says, 'It's important to note that nexus-aware applications will not hinder any apps or anything else running in the regular Windows environment.' I'm sure you can all hear the word 'yet' at the end of that sentence. There's talk of phasing in Palladium, starting with Longhorn Server in 2005. I wonder how Microsoft will convince consumers that loss of control is a good thing, and how long the convincing will take. I, for one, am already planning to transition my company away from Microsoft software. Hopefully that won't get messed up by and dumb mandatory-palladium legislation from the Fritz types."
I think right now, they are so unsure of where they are going with this that the show really doesn't matter. Since the testing began, i've seen rumors of home versions and the like. The final product will most likely dramatically change from what is shown at the show.
If anything, I think the fees would drive more people to develop their software on free platforms.
;)
If you sell a hardware platform with your application, then the cost of the operating system is in your cost of goods and services for producing your app. I think this is one of the major arguments of Linux + Java. Though my disclaimer is that I'm not a product manager
--------
Free your mind.
Now MS can candidly tell consumers how they intend on outright controlling all of your data and even charge developers for the "privilage" of being able to conform.
I just can't see how so many pointy-hairs can examine Microsoft and it's products and decide that it would a good idea to spend so much money on it. Microsoft sales people are truly adept at their trade.
Developers wishing to write 'Nexus-aware' applications will apparently have to pay a licensing fee to do so.
And, I suppose it will only be a matter of time before Palladium dictates that only Nexus-aware programs will run. Nice business model.
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety."
Okay, I'll bite. IN THEORY, that is in a perfect world, the idea of programs/documents needing authentication is a good idea. It would be great for administering desktops in an office environment for example. That is if I (as the admin) get to control the authentication server. IN PRACTICE, i see this as a move towards a closed development model (not as in closed-source, as in closed dev like consoles for instance where everyone needs to go through nintendo/sony/MS to publish software) where MS controls access. I could be wrong though, and the idea that we could finally stop idiot employees/customers etc from installing gator or emailing out confidential information by mistake is a nice one.
Jeremy
Shouldn't this story be in the "Your Rights Online" page? Considering that clicking on Pallidum's EULA will be just like signing your soul over to the devil....I'll take an open source solution thank you very much.
"Some fight for law. Some fight for justice. What will you fight for? One day, you will see."
I wonder how Microsoft will convince consumers that loss of control is a good thing, and how long the convincing will take.
I must have forgotten when they convinced me that Clippy was a Good Thing before forcing^H^H^H^H^H^H^Hintroducing it.
Seriously, do you really think they're going to even try to convince us? What's the point of having a monopoly if you can't (ab)use it?
It's worth nothing that the behemoth apps (Outlook, Word, Excel etc) are signed, they will probably keep their embedded superscripting features, so viruses will still happily run on them.
I am curious about buffer overflows. Stack checks are not infallible, code is not read-only and and I can't imagine the palladium system checking the signature for each 4k block as it runs (since if decent encryption is used it will be quite expensive in CPU time). So, will we have signed apps that might still have such bugs ?
I agree with your fears, but even your best-case scenario sounds like a pain for perhaps 70% of computer users.
The risks far outweigh the benefits from a company that has shown itself repeatedly to be untrustworthy.
The comment about preventing employees installing software is misleading. NTFS and Unix permissions can prevent this (though it's tricky to get the balance on NTFS if people actually have to use the computer for more than a few specific tasks. I have been called out several times to fix people's new XP systems that will only run programs as the Administrator. Ironically enough, Microsoft games seem to be the worst offenders.
Regarding emailing out confidential information - that's a total red herring. If people have the ability to send email without physical human monitoring, the best you can have is a keyword search. Palladium would do nothing to prevent people leaking information, unless it was by preventing them installing an email client (which again is something that can be handled by permissions.)
While I love my mp3s, downloading free images, music videos, tv shows, even copying a DVD to divx here and there ;) ... I can see both sides to the conflict.
I was always one of the people saying the Internet would revolutionize the world... that Information should be free, etc etc. And that's what it comes down to... the real world is based on selling goods, trading services, etc. These goods and services are of limited quantity, so they have value. Media on the Internet can be copied infinitelly, and thus has no value.
I am stepping out on a limb here, but is it possible the dot.com boom of the late 90's failed because of people trying to charge for things that were inherently worthless? What if your wallpapers.com website sold quality wallpaper images, but that were signed and could only be used by the person who bought it. (think: When I buy a painting to put on my wall, I can't send a copy to all my friends for free, can I? Isn't it the _same thing_??)
So there's the problem. Do you want the benefits of a media-rich world, where people can actually make MONEY, and succeed, and continue? How many GOOD sites have shut down because of lack of revenue?
Would it be worth it, if it were properly implemented and restricted, to put such a system in place to give the internet an actual economy?
no comment
No offense bud, but take some care with your typing, okay? Between "Pallium" and "DMR" it's hard to figure out what you're saying.
And while you're right that Palladium is not the same as DRM, I've heard Manferdelli (the Microsoft manager) talk, and he very frankly admitted that the original motivation for the project was to support DRM. Then they realized they could generalize it and do a lot more with it.
I also disagree that Palladium provides a sandbox. Palladium applications can still be pretty damaging. They can delete all your files, or whatever, just like apps today. What Palladium does allow is that an application can encrypt its data and be confident that no one else can decrypt it. So you do gain a certain amount of security in that way. Palladium-aware apps can protect themselves in ways that old-style programs cannot. But there's no sandbox per se.
Your final point is right, if Microsoft really did turn this into the fascist nightmare that people are describing, they'd lose market share like crazy. Nobody is that committed to Microsoft. The fact is, Microsoft is petrified of losing customers - that's the only way they've managed to stay on top. They'll do anything, anything, to increase market share.
The whole point of Palladium is to try to find a compromise between the requirements of the media companies to allow PCs to be used to download movies and such, and the demands of end users to have control over their computers. Technically, Palladium achieves this - where users give up control, it is done voluntarily and in exchange for being allowed to download legal multimedia content. But that hasn't quelled the FUD.
That doesn't require hardware support. You can already do this in multi-user systems (including WinNT/XP/2K) by creating a new unprivileged user and executing code as that user. If every user could create sub-users with limited privileges, the system would be protected from untrusted code (capability-based operating systems basically have this feature built in, but they're not popular yet). Java and .Net can do this too (running untrusted code in a sandbox). And I've seen an option in the WinXP "Run as a different user" dialog, something like "run as this user, but prevent the program from executing harmful code" (although there's no explanation about what this actually does).
Windows already has support for signed drivers to prevent this exact situation. Microsoft has a compatibility lab which will test and certify drivers, to make sure they won't bring down the machine (among other things).
This doesn't make much sense. Windows already has driver signing, and the driver name is displayed (or logged) when it crashes. But it doesn't really matter - most users will blame all their computer problems on Windows, Microsoft, or the computer itself. And the majority of users won't know what Palladium is (even if their computer supports it), or why this should stop them from blaming their problems on Windows.
...that similar to the Xbox, which I hear is a sort of initial version of the Palladium/hardware security that we will be seeing... What will happen if this huge target does get cracked? Would it make it even more vulnerable than a target that is expected to be broken into every once in a while?
"If you sell a hardware platform with your application"
Isn't this exactly what Apple is doing?
MacOS only runs on Apple hardware (yes yes, I know you can fake it), which can kept it pretty low compared to Windows which works on any x86 platform.
Now Windows will be locked to hardware as well...
Is MS pulling another Apple out their sleeves?
-- Tino Didriksen / ProjectJJ.dk
Sad thing is, they laugh because BSOD's happen all the time. If they never happened they would look at the BSOD thinking "What's that? Never saw that before." but instead they laugh thinking "Hah I get like 3 of those a day it's so funny." Why do people think it's normal for a computer to crash every day? Then they go out and spend like $1,000 at best buy upgrading 2 things because their 1.5 ghz computer is too slow (which explains the crashing, of course...) and they needed a 3 GHz P4. And when that fails to fix any problems I get a phone call at around 9AM asking me to fix the computer :-/
However, I think I need to clarify my points, as I was making broad claims and you've picked up at least one that needs clarification.
I also disagree that Palladium provides a sandbox. Palladium applications can still be pretty damaging. They can delete all your files, or whatever, just like apps today. What Palladium does allow is that an application can encrypt its data and be confident that no one else can decrypt it. So you do gain a certain amount of security in that way. Palladium-aware apps can protect themselves in ways that old-style programs cannot. But there's no sandbox per se.
By sandbox I mean that non trusted code work under regular windows with presumably tighter restrictions (providing the default sandbox) and trusted code run in a freer app space. I do realize that a trusted app would have full control over its space ultimately have potential to create damage This ultimately then begs the question can you really trust a trusted app? On its defence (slightly), anyone willing to pay a license fee to become certified *should be* more trustworthy than some virus writer as they've got to cough up some cash make themselves apear secure!
I admit my def is not a true sandbox and a poor term to describe what I meant. But if that's not what is delivered (or at least some other variant that has obvious measures of secure/insecure code execution then the end users just won't get it) then they're not going to be any major credibility in the short run as to the whole push.
And while you're right that Palladium is not the same as DRM, I've heard Manferdelli (the Microsoft manager) talk, and he very frankly admitted that the original motivation for the project was to support DRM. Then they realized they could generalize it and do a lot more with it.
Now, I totally agree with you.... Palladium is a totally different beast then what was initially announced. Goes to show that the consumer still has some power over big companies and not the other way around. However, I must point out that in the end it doesn't matter what was the original idea was, it's what delivered that counts. Simple example, Microsoft was going to release the next generation help system having spent over 1/2 billion into the project. It was going to revolutionize how help is provided. It got canned. Bits and pieces of it pop up in office in the form of SmartTags and other things.. Apple also had a similar thing going before that... OpenDoc if I'm not mistaken.... got canned. An on the subject on failures, remember Microsoft Bob? It was suppose to revolutionize computers to beginners... that got canned after lack of consumer interest.
My long winded point (and I apologise for that) is that Microsoft can say what they want when they want it about it, but the reality is they won't release something that's going to hurt them (well much). Case in point, windows media even with it's DRM is relatively popular (cough even though it has divx to help with some of those numbers). And God knows why they're IM is so popular but they've capitalized on it and are making a "hip" integrated add-on (3 degrees) for it.
Anyhow.... The best policy when speaking about Palladium is to wait and see.... We really don't know the particulars which only lead to more speculation. A charge that can be directly aimed at Microsoft for leaving it so vague at times leaving ramped speculation impossible to avoid.
Btw... I hope my response is a tad better.... I'm working late and such my writing skills are simply not there right now...
I run Windows 98 for weeks on end (Web surfing, compiling programs, testing compiled programs) with hardly a BSOD, and when I do get BSOD's they are mostly attributable to something I did to an application during development, which I can track down with a lot of gnashing of teeth.
If you are BSODing 3 times a day, it is some or another software you are running. Yeah, yeah, it is Windows' fault because there is very little defensive programming (validation of parameters of API calls) inside Windows, but it has to be some application that is doing it.