Slashdot Mirror
Windows Security GM Talks NGSCB (Palladium)
An article at IT Manager's Journal (along with Slashdot, part of OSDN) reports on John Manferdelli's recent talk at Stanford on what Microsoft is calling for now its "Next Generation Secure Computing Base," or NGSCB (formerly Palladium). Manferdelli is the general manager for Windows security at Microsoft, and his presentation was mostly about the technical, not ethical or other considerations involved in this system. His position is understandably different from those of privacy and free software advocates who assert that Microsoft's elaborate security is designed to lock users into Microsoft software at the expense of privacy and choice.
A great victory for consumers everywhere.
Rumour has it, he only works one day a week :o)
Avantslash - View Slashdot cleanly on your mobile phone.
Manferdelli is the general manager for Windows security at Microsoft
The title is also called 'The guy who sits round doing nothing' at Microsoft HQ.
When anger rises, think of the consequences.
Confucius (551 BC - 479 BC)
So I guess slashdot has gotten to the point where they don't even bother linking to an article since no one actually visits the sites anyway.
All your BIOS are belong to us.
The link above appears to be to /.
Here is the article on the IT Manager's Journal site.
"It is dark. You are likely to be eaten by a grue." -- Zork
Microsoft is equiping all its people and MCSEs with early version of this stuff along with glossy brochures to hand out to the dumb suits that sign the checks. They won't sell this on technical merit, they're selling it to the PHBs. As always.
If you're forced to install this crap, break it, make sure it doesn't work. That's how we got rid of Exchange and had free software come into our company with just over 4500 people.
... when Microsoft earns the trust of the computing public then we'll trust Microsoft. Of course by then the Sun will be a red giant and humanity will be living on distant worlds.
It's the perfect article, touches Microsoft, DRM and the evil once known as Palladium! Best of all no one can read the article because it justs links back to slashdot. Everybody can shoot from the hip on this one, because once again the only link in the article wasn't even checked to see if it works. Do stories here get reviewed and selected by a seven line perl script?
My concern with this would be what happens when you upgrade? How do they differenciate between new hardware and "surreptitiously" copying files to a different system? I remember all of the Office XP Activiation nightmares, and I can't help but think this will turn into a complete fiasco, too.
I hate to break it to you, RIAA, but the problem isn't people re-distributing DRM music from iTMS, Napster 2.0, etc.
Do you even lift?
These aren't the 'roids you're looking for.
For those who don't understand what "Trusted" Computing, DRM, NGSCB and friends are all about, but do want to be awakened to reality - here's a red pill.
-
Ok, repeat after me...
Every attempt to lock down ID's, every attempt at DRM, every attempt at hardware ID (remeber Intel's great Proc Id idea?) has failed.
Not only has it failed, but the backlash they have caused has made the problem they were to solve worse. True, this is a real threat to peace, love and freedom, but in the end, the consumer decides, and while the unwashed are unwashed, if you piss them off enough, they will find something else, and the tend to find it with a speed that is previsouly to be unthought of (remember Napster?).
Does that preclude us fighting these type of initiatives? No, but at the same time announcing the End Of The World is a bit rash...
What's Next - Scheduled Meetings
Thursdays 2600 GMT
Windows Security GM Talks NGSCB (Palladium)
Was I the only one who initially read GM as Game Master?
If you can't see the value in jet powered ants you should turn in your nerd card. - Dunbal (464142)
if the article is accurate, MS says the trusted computing feature can be optionally enabled/disabled. glad to hear this. what is more relevant is whether the user will have the option to run certain applications in untrusted mode. i fear that software makers will bind users hands.
smd4985
Doctorow's story calls it "Honorable Computing", and perhaps stretches the capabilities a little further (writer's hyperbole?), but in essence what he's talking about is DRM and piracy: Not 100% on-topic, to be sure, but I like Doctorow's story a hell of a lot better than Microsoft's. Go read it, and see where the future might be headed!
"It is dark. You are likely to be eaten by a grue." -- Zork
Say anything else, but sealed storage is a simple concept, we control what can be saved. What we need to be concerned with is how they secure it. If sealed storage is at the hardware level, then the "sealed PC" MS has been seeking for years will be a reality.
How can you install Linux, BSD or WinXP if the device itself requires the OS to authenticate? You can't. Sure you may be able to crack a work around, but what company will run software that is in place via crack?
This brings up the next issue, what happens when you replace your box? We have heard of all the fun people have had with XP licensing and system upgrades. Do you get to keep all those MP3s or do they not belong to the box. If you can authenticate on a second box, then you really don't have a secure system using the box.
While MS likes to dismiss these as "we are working on it" they will again be in a position to dictate their use. By the time grandma learns all here files are now secure and she must pay to move them to her new box, it will be too late. This idea that we can somehow wait for MS to figure out a solution in secret that we can all live with is crazed.
If we are going to take a secure machine approach it will need to be a standardized one, open for all to use. I don't think we will see MS jumping to support that concept.
Granted all systems of non trivial size have bugs, but it would seem that microsoft in integrating so many of its products together have left themselves vunrable for many chain reactions. So each bug in windows can have a much more severe effect than an equivelent one in a different enviorment.
Well.. maybe. Or Maybe not. But Definitely not sort of.
Microsoft sells an OS vulnerable to buffer overflow exploits.
The obvious solution for secure computing -- better quality control on their code.
The Microsoft solution -- anything but better quality control. Limit the user's control of the machine. Enact a code-signing scheme. But, whatever you do, don't make us audit millions of lines of our own code.
Save the whales. Feed the hungry. Free the mallocs.
Isn't it more like "you MUST 'trust' us or you cannot access the internet"? That's the eventual goal, anyway.
Alphanos
The bottom line: Do you trust Microsoft? That's ultimately what this is all about.
I don't understand what it is about these technologies and their evangelists that makes it so easy for them to wooll over listeners and analysts eyes. I mean, the author of the article quotes Stallman's and Sulzberger's comments, but they seem to go in one ear and out the rest.
This isn't about whether one trusts Microsoft. People who dislike Palladium and TC are not tinfoil hatters who think that once it is deployed Microsoft will use it to take over the world, or whatever. The bottom line is exactly what Sulzberger says: How much control should users have over their own systems.
Microsoft's representative covers this up in invented technical terms, and talks about "security" and "trust" because those words sound good to the uninitiated, but that is just a smokescreen for the true neature (not a lie - they are upfront about what the system includes, they just spin it so people Chris Preimesberger will miss the point).
The point is this: every piece of "security" and "trust" that can be gained from Palladium is gained by palladium taking away from the user control of his own computer. Once that control is removed, ISPs can "secure" and "trust" that the user has his system configured as they mandate (see the Cisco router story). Microsoft can "secure" and "trust" that their software is licensed and registered. The record companies can "secure" and "trust" that their songs cannot be copied, ALL BECAUSE ULTIMATELY THE COMPUTER, NOT THE USER, IS IN CONTROL!
The question he asked "Does Microsoft have a back door" is stupid. Nobody serious believes that Palladium contains a backdoor so that MS can take over the computer. They believe the point with Palladium's design is that software can be installed with restrictions that the user cannot circumvent, and that people will be forced into installing such software, hostile to themselves, on their own PCs, in order to exchange data and connect to the Internet.
The reported responses from the MS representative give us absolutely no reason to answer "no" to either of Sulzberger's questions, even though the article claims so. In fact, when MS say things like, "We are building a scalable, distributed credential-based security model here," and list features of "attestations with authenticated code that is affiliated with only that particular process" - that is exactly what Sulzberger and Stallman are talking about. The Palladium computer will attest - BEYOND THE USERS CONTROL - whether the computer is running software that is "trusted" by the counterpart and hostile to the user, exactly so that the counterpart can mandate the use of such software (read DRM).
The fact that Microsoft tell us that the code will be open for review gives absolutely no confort. It is not the code, but the very concept of Palladium that is frightening beyond belief. Apparently Microsoft have nothing to fear regarding being open about it, as for some reason so many people cannot seem the grasp the point that Stallman, Sulzberger, and myself scream into the void!
I'm getting the message
"Citizen 6767323#2 you do not have sufficient security clearance to access this page, your local Police have been automatically informed of this infraction. Have a nice day"So I don't think it's Slashdotted.
Manferdelli is the general manager for Windows security at Microsoft, and his presentation was mostly about the technical, not ethical or other considerations involved in this system. His position is understandably different from those of privacy and free software advocates who assert that Microsoft's elaborate security is designed to lock users into Microsoft software at the expense of privacy and choice.
This is a classic example of a propaganda technique. An organization with an goal that is unpopular casts a spokesman as an authority on that goal, but only on a narrowly defined scope. This serves to limit the terms of the debate, as well as to get people to accept tenets of the organizations goals.
In this case, Manferdelli is only an expert on the technical aspects of secure computing. The concept of secure computing is something that a lot of people opposed to Palladium actually accept. It's possible to win converts or at least marshall good PR by getting people to "agree" with Microsoft's technical goals, even when they disagree with the larger implementation and motivation.
This technique is common in totalitarian countries. For example, you may be opposed to Nazi eugenics, but Dr. X, who is only an expert on the medical problems associated with poor breeding, can quickly have you agreeing that birth defects and disease are bad. Once you're that far, why, the overall issues and conclusions of eugenics are much more reasonable and less objectionable.
Overall, this technique works great, and you might even find it in use in your place of work. You limit the scope of debate, removing the things that people really object to, and then get them to agree to things "on their own merits", which makes the overall plan more palatable.
"Trusted Computing"
The term is pure genius, it implies security/safety but doesn't address who is protected from what.
In fact the whole thing seems to be founded on the dubious premise that information (programs/data) can be transferred without transferring complete freedom as to it's use (physically if not legally).
This is patently nonsense.
A case in point is the remarkable lack of electronic money on the planet (like Mondex).
Banks/governments do not trust that real but virtual "cash" can be transacted and stored safely and securely from device A to device B without fear of fraud or loss.
And if you can't do it "safely" with an electronic representation of $0.42 then how can you do it with programs or office documents?
Don't forget that a system is being invented that RELIES on the decryption keys being in the hands of the enemy (that's us by the way) but just too hard to get at.
People have found ways to pull decryption keys directly off the data bus and even out of embedded processors. I see no reason why human ingenuity is supposed to freeze at the point this technology is released, especially if there is a financial incentive to do so.
I'm on the Gentoo IRC channel a lot, getting help and giving help when I can. But when I try to bring up the pitfalls of trusted computing, all I get is a 'huh'? or "nah, it will be ok I'm sure".
It's like everyone has their heads in the sand. When the major BIOS makers are going to trusted only computing, where are we going to run our Linux?
Some people say "just buy a Mac". I'm sorry, if I could afford a Mac I would. But since I can't build a brand new Mac for $475 like I did the machine I'm using now, it's going to be a while. And the only reason I built this so cheaply is because I didn't have to pay a Microsoft tax.
I want a machine I can build myself. An OS that I build myself. When I do that, I'M THE ONE WITH CONTROL! Not MS or Dell or Gateway or Pheonix.
"Music is everybody's possession. It's only publishers who think that people own it." - John Lennon.
Will we keep our right of private ownership of computers?
Will we keep our right of free use of our Net?
ehm... i think it's grotesque that someone would even think of asking these questions.
i also think that the whole 'Next Generation Secure Computing Base' thing is about who will be pimping who.
some time before we'll get the final version of longhorn stuffed down our throats, msft will probably have decided that it's in everyone's (*) interest to expand the trusted compiting base to the full operating system, and we'll be able to forget about using any software that wasn't okay'ed by msft to run on the system. (= signed code?)
maybe we'll see modchips for regular computers in the future too?
better start stroking the penguin sooner than later!
h357 - paranoia est. 1977
(*) everyone = riaa/mpaa members, msft themselves, anyone who pays premium prices to develop software using msft tool
Let's take this apart:
do not really completely control their computer. They run a Microsoft OS...
Quite true - those who run an MS OS have very little control over what their machine does. They don't have the source, so they can't fix the bugs, and their machine is constantly prone to virus infection.
In general, it is hard to get any Microsoft system to do what you want.
Nothing new, this has been the case for quite some time...
But some folk actually have pretty good control of their computers.
Translation: some folks use Linux.
Palladium is designed to ensure the continuation of the situation for most users, and to prevent the sale and use of computers which can be controlled by the user.
Translation: Party's over folks. We're going to make it so that you can't install Linux, because we don't like it. I really can't say enough about how evil this is: they want to take control of a person's PC away from the owner?! Consider what kind of mindset would want complete control over someone else...
Some features Microsoft will introduce in the future:
This is evil, pure and simple. It's not merely designed to stop copyright infringement - this is designed to force anyone who uses a PC to pay annual or monthly subscription fees to Microsoft.
Yeah, I know. But what should we expect from a convicted felon?
I guarantee I will not buy a Palladium equipped PC. I'm serious - I'll start building my own from processor and circuit board if I have to.
The society for a thought-free internet welcomes you.
Isn't that like finding someone who's homeless and giving them the title of National Economic Advisor? Isn't it like the NTSB giving Firestone an exemplary safety award?
Windows Server 2003 is a small step in the right direction, except it's 10 years late. [by the way - I LOVE the caption on the Windows 2003 page - I initially misread it as "do less with more".
I like to tell users the reason they are paying me $xxx to repair their computer is because Microsoft was busy working on Clippy instead of fixing the mess they call "Content Zones" in IE/OE. In all fairness, if users would "just keep up to date on their patches" then this wouldn't be (as much of) an issue...
And this is Microsoft's fatal flaw: They look at computers/software completely differently than the typical user.
Microsoft: Install the OS, update drivers occasionally, Check for system security fixes daily, and upgrade when a new OS comes out.
Typical User: OK, this envelope thing with the blue recycle signs around it is what I have to click to get mail, right?
(most) People want to use computers like any other appliance: their vcr, tv, radio -- they don't want to schedule updates and check for vulnerabilities and install firewalls -- they just want it to work.
As long as Microsoft (or ANY admin, for that matter) depends on the end-user to secure their equipment, they will be sorely disappointed.
I was told that I could listen to the radio at a reasonable volume from nine to eleven...
This has already happened. About 4 years ago, my college was re-imaging a bunch of Compaq servers with Windows NT when half of them suddenly died.
Turns out, the servers were sold when Compaq still sold a version of Windows NT, at prices considerably more expensive that Microsoft. To keep people from buying the machines without an OS and installing their own, the BIOS detected the OS, and if it was not a signed, Compaq-built copy of Windows NT, it refused to load it.
Fortunately, we had a support contract with Compaq, and we were able to flash the BIOS'es of the affected machines. But this was before the DMCA - today, flashing the BIOS to install an operating system of choice would be illegal.
We stopped buying Compaq machines shortly after that...
The society for a thought-free internet welcomes you.
If you don't read that closely, it might look like he's talking about how viruses and worms reduce many people's control over their computer. But he's really saying that Microsoft wants to ensure that everyone doesn't really control their computer.
What's not clear? He all but says that Microsoft wants to control your computer to stop you from copying songs - and, I assume, software.
Really, I was expecting something at least a little subtle.
Human/Ranger/Zangband