Windows Security GM Talks NGSCB (Palladium)

← Back to Stories (view on slashdot.org)

Windows Security GM Talks NGSCB (Palladium)

Posted by timothy on Wednesday December 3, 2003 @04:23AM from the neckbone-connected-to-ankle-bone dept.

An article at IT Manager's Journal (along with Slashdot, part of OSDN) reports on John Manferdelli's recent talk at Stanford on what Microsoft is calling for now its "Next Generation Secure Computing Base," or NGSCB (formerly Palladium). Manferdelli is the general manager for Windows security at Microsoft, and his presentation was mostly about the technical, not ethical or other considerations involved in this system. His position is understandably different from those of privacy and free software advocates who assert that Microsoft's elaborate security is designed to lock users into Microsoft software at the expense of privacy and choice.

18 of 281 comments (clear)

Min score:

Reason:

Sort:

What it's about: by iantri · 2003-12-03 04:24 · Score: 5, Insightful

"Trusted Computing" basically means "you TRUST us, we don't trust you."
A great victory for consumers everywhere.
1. Re:What it's about: by hanssprudel · 2003-12-03 04:28 · Score: 5, Insightful
  
  More accurately it means:
  
  "People who don't trust you can trust your computer to control you."
2. Re:What it's about: by Anonymous Coward · 2003-12-03 04:29 · Score: 5, Informative
  
  Fixed link to the article - is here
3. Re:What it's about: by garcia · 2003-12-03 04:37 · Score: 5, Insightful
  
  yup. and it means that they are going to do everything in their power to stop us from having any freedom. That includes forcing us to use a BIOS that will only "trust" their OS and thus render most hardware useless except for Windows.
  
  See more here.
  
  (Please note that this comment mentions that we have to trust them and they don't trust us.)
4. Re:What it's about: by Zeinfeld · 2003-12-03 05:16 · Score: 5, Interesting
  
  More accurately it means: "People who don't trust you can trust your computer to control you."
  Actually it means that people who do not trust your computer configuration can pass data to you and be confident at some level that it is not exposed.
  Palladium is no better for DRM copyright enforcement applications than any other hardware technology. The problem with DRM is that it is break once run anywhere. Palladium like any other hardware enforcement system is breakable, the catch is that you have to break a system that is trusted by the sender of the data.
  For copyright control you cannot be any more selective about the destination machine than requiring it to be a palladium machine. So it only taks one palladium machine ever to be broken and you are toast.
  For control of sensitive company documents the issue is very different. I can configure my systems so that they only deliver sensitive data to specific palladium pcs that I have designated as trusted and to obtain my documents you have to break those specific machines.
  There are still people who complain about this sort of thing. Where would the world be without corporate whistleblowers? Pretty much where we are today, there were no shortage of whistleblowers on Enron, Krugman reported repeatedly in the New York Times, few took notice until Enron collapsed and suddenly it was open season, everyone acknowledged that Enron and co had ben ripping off California...
  Security is security, you can't expect technology to enforce your particular set of ethical constraints. Palladium turns out to be very useful for meeting a real business need which in most cases is completely legitimate. I do not want communications with my lawyers to be disclosed. Confidentiality is in general a good thing, it is occasionally a bad thing.
  But one thing to consider is that the greater the confidence that people have that their communications are secret the greater the probability they will say something in a permenant form that later compromises them. Nixon discovered this. I don't think that security will prevent disclosure of information about criminal activities and frauds.
  Take Diebold for example, if they were cluefull enough to have used DRM to control their internal documents they might have been cluefull enough to secure their Web site to stop an attacker from compromiseing their software to rig the vote. What we need in the Diebold case is not internal company memos with incriminating information. What we need is a reliable security audit.
  
  --
  Looking for an Information Security student project suggestion?
  Try http://dotcrimeManifesto.com/
5. Re:What it's about: by dspeyer · 2003-12-03 05:29 · Score: 5, Informative
  
  You left out:
  Copyright (C) 2002 Richard Stallman.
  Verbatim copying and distribution of this entire article is permitted without royalty in any medium provided this notice is preserved.
  
  When you're copying an entire essay, is it really too much to include a few lines at the end, so that people know who wrote it and what they're allowed to do with it? It's not like you have to copy-type it, we have copy-and-paste working reliably now? :-)
  Incidentally, the original article included a few footnotes, and is available on GNU's site.
  
  --
  Sig:Why copyright isn't a fundamental human right
6. Re:What it's about: by DickBreath · 2003-12-03 05:37 · Score: 5, Insightful
  
  Actually it means that people who do not trust your computer configuration can pass data to you and be confident at some level that it is not exposed.
  
  That is one element of what it is about.
  
  If they can trust the programs on your computer to do what they want, then those programs can also be trusted to control your behavior and actions.
  
  Palladium turns out to be very useful for meeting a real business need which in most cases is completely legitimate. I do not want communications with my lawyers to be disclosed. Confidentiality is in general a good thing, it is occasionally a bad thing.
  
  There is this thing called cryptography that meets the business need you speak of.
  
  The "business need" that Palladium meets is the need to control users behavior, what software they can run, and perhaps most importantly, what software they can NOT run.
  
  But one thing to consider is that the greater the confidence that people have that their communications are secret the greater the probability they will say something in a permenant form that later compromises them.
  
  If you can't stand up for what you say, then don't say it. And please do not run for public office. Let your "yes" mean yes and your "no" mean no. Say what you mean and mean what you say.
  
  Yeah, wonderful thing here. The ability to say something, and then later take it back, knowing that one can trust other users computers to obey.
  
  Where would the world be without corporate whistleblowers?
  
  This is an interesting issue. What whistleblowers are about is someone who is involved or exposed on some level to wrongdoing and then decides to blow the whistle. Palladium will never stop this. Whistleblowing is about one of a bunch of thieves developing a momentary feeling of guilt. I am not aware of any whistleblowers who obtained their information by snooping in information they were not supposed to have access to. Palladium won't stop whistleblowers. It will just stop you from doing things with your computer that Microsoft does not like.
  
  --
  
  I'll see your senator, and I'll raise you two judges.
7. Re:What it's about: by Hobbex · 2003-12-03 05:58 · Score: 5, Interesting
  
  Actually it means that people who do not trust your computer configuration can pass data to you and be confident at some level that it is not exposed.
  
  TO YOU. That it is not exposed _to you_.
  
  Why do the MS apologists always leave out those little important words that make all the difference!
This is a test, right? by terradyn · 2003-12-03 04:26 · Score: 5, Funny

So I guess slashdot has gotten to the point where they don't even bother linking to an article since no one actually visits the sites anyway.
Link to article by Chalybeous · 2003-12-03 04:27 · Score: 5, Informative

The link above appears to be to /.
Here is the article on the IT Manager's Journal site.

--
"It is dark. You are likely to be eaten by a grue." -- Zork
Upgrade or "Surreptitiously Copy"? by josquin00 · 2003-12-03 04:32 · Score: 5, Insightful

Files within the NGSCB architecture will be encrypted with secret coding specific to each PC, making them useless if stolen or surreptitiously copied.
My concern with this would be what happens when you upgrade? How do they differenciate between new hardware and "surreptitiously" copying files to a different system? I remember all of the Office XP Activiation nightmares, and I can't help but think this will turn into a complete fiasco, too.
1. Re:Upgrade or "Surreptitiously Copy"? by peragrin · 2003-12-03 05:09 · Score: 5, Insightful
  
  Actually what scares me most about this is what happens when your motherboard dies, you now have a new pc with the old hardware and no access to your files. Also what happens if you upgrade to longhorn 2010 do you lose access to those files. it is a standard microsoft tatic.
  
  --
  i thought once I was found, but it was only a dream.
Re:Security? by Frymaster · 2003-12-03 04:33 · Score: 5, Funny

Rumour has it, he only works one day a week :o)
i would think the opposite: his beeper must be going all the time!

--
2 1337 4 u!
At least some people do understand what's at stake by MikShapi · 2003-12-03 04:37 · Score: 5, Informative

For those who don't understand what "Trusted" Computing, DRM, NGSCB and friends are all about, but do want to be awakened to reality - here's a red pill.

--
-
repeat after me... by BubbaTheBarbarian · 2003-12-03 04:38 · Score: 5, Insightful

Ok, repeat after me...

Every attempt to lock down ID's, every attempt at DRM, every attempt at hardware ID (remeber Intel's great Proc Id idea?) has failed.

Not only has it failed, but the backlash they have caused has made the problem they were to solve worse. True, this is a real threat to peace, love and freedom, but in the end, the consumer decides, and while the unwashed are unwashed, if you piss them off enough, they will find something else, and the tend to find it with a speed that is previsouly to be unthought of (remember Napster?).

Does that preclude us fighting these type of initiatives? No, but at the same time announcing the End Of The World is a bit rash...

What's Next - Scheduled Meetings
Thursdays 2600 GMT
Not about trusting Microsoft by hanssprudel · 2003-12-03 05:04 · Score: 5, Interesting

The bottom line: Do you trust Microsoft? That's ultimately what this is all about.

I don't understand what it is about these technologies and their evangelists that makes it so easy for them to wooll over listeners and analysts eyes. I mean, the author of the article quotes Stallman's and Sulzberger's comments, but they seem to go in one ear and out the rest.

This isn't about whether one trusts Microsoft. People who dislike Palladium and TC are not tinfoil hatters who think that once it is deployed Microsoft will use it to take over the world, or whatever. The bottom line is exactly what Sulzberger says: How much control should users have over their own systems.

Microsoft's representative covers this up in invented technical terms, and talks about "security" and "trust" because those words sound good to the uninitiated, but that is just a smokescreen for the true neature (not a lie - they are upfront about what the system includes, they just spin it so people Chris Preimesberger will miss the point).

The point is this: every piece of "security" and "trust" that can be gained from Palladium is gained by palladium taking away from the user control of his own computer. Once that control is removed, ISPs can "secure" and "trust" that the user has his system configured as they mandate (see the Cisco router story). Microsoft can "secure" and "trust" that their software is licensed and registered. The record companies can "secure" and "trust" that their songs cannot be copied, ALL BECAUSE ULTIMATELY THE COMPUTER, NOT THE USER, IS IN CONTROL!

The question he asked "Does Microsoft have a back door" is stupid. Nobody serious believes that Palladium contains a backdoor so that MS can take over the computer. They believe the point with Palladium's design is that software can be installed with restrictions that the user cannot circumvent, and that people will be forced into installing such software, hostile to themselves, on their own PCs, in order to exchange data and connect to the Internet.

The reported responses from the MS representative give us absolutely no reason to answer "no" to either of Sulzberger's questions, even though the article claims so. In fact, when MS say things like, "We are building a scalable, distributed credential-based security model here," and list features of "attestations with authenticated code that is affiliated with only that particular process" - that is exactly what Sulzberger and Stallman are talking about. The Palladium computer will attest - BEYOND THE USERS CONTROL - whether the computer is running software that is "trusted" by the counterpart and hostile to the user, exactly so that the counterpart can mandate the use of such software (read DRM).

The fact that Microsoft tell us that the code will be open for review gives absolutely no confort. It is not the code, but the very concept of Palladium that is frightening beyond belief. Apparently Microsoft have nothing to fear regarding being open about it, as for some reason so many people cannot seem the grasp the point that Stallman, Sulzberger, and myself scream into the void!
Illegal Citizen Activity by CmdrGravy · 2003-12-03 05:04 · Score: 5, Funny

I'm getting the message
"Citizen 6767323#2 you do not have sufficient security clearance to access this page, your local Police have been automatically informed of this infraction. Have a nice day"
So I don't think it's Slashdotted.
Re:What it's REALLY about: by hummer357 · 2003-12-03 06:41 · Score: 5, Insightful

Will we keep our right of private ownership of computers?
Will we keep our right of free use of our Net?

ehm... i think it's grotesque that someone would even think of asking these questions.

i also think that the whole 'Next Generation Secure Computing Base' thing is about who will be pimping who.

some time before we'll get the final version of longhorn stuffed down our throats, msft will probably have decided that it's in everyone's (*) interest to expand the trusted compiting base to the full operating system, and we'll be able to forget about using any software that wasn't okay'ed by msft to run on the system. (= signed code?)

maybe we'll see modchips for regular computers in the future too?

better start stroking the penguin sooner than later!

h357 - paranoia est. 1977

(*) everyone = riaa/mpaa members, msft themselves, anyone who pays premium prices to develop software using msft tool