Slashdot Mirror
Microsoft Scales Down Palladium
bonch writes "Formerly known as Palladium, Next Generation Secure Computing Base (NGSCB) will not be fully available in Windows Longhorn after all. Instead, Longhorn will offer "the first part of NGSCB: Secure Startup," says Jim Allchin, Microsoft's group vice president for platforms. However, most hardware will not support this technology on release."
What, exactly, is Longhorn going to do? They seem to have dropped more features from it than there were in the first place!
What exactly is Longhorn still bringing to the table at its release? I used to look forward to Longhorn when I ran Windows, because it was supposed to contain all these new and wonderful technologies, then I got tired of waiting and .... well, my .sig says it all really.
Microsoft is totally dropping the ball. Not that I'm complaining. But giving previews of software that's so bad that they have to threaten those that publish screenshots? Dropping important features?
I tell you, if IBM sunk $1 billion dollars into making a single grandma-usable Linux distribution, it'd be the best $1 billion they ever spent. That's a pipe dream, but seriously, if nobody capitalizes on this, it's a total missed opportunity to break the Microsoft monopoly.
In my opinion, the software is ready. KDE is all set to go. We've got office applications, dtp, multimedia, internet, databases... If somebody could fix CUPS, make software installation simple, and populate all the most important configurations in one area and give them easy-to-use and consistently-designed wizards (that the experienced users could of course ignore), this thing would be ready. Not World of Warcraft ready, maybe, but ready enough. Hell, I'd buy it in two seconds.
The problem is, you need someone with deep pockets to finance all the boring aspects of making a unified-feeling distribution and fixing all the intricate bits (like CUPS or whatnot), but if they did, and slapped a big old IBM on the cover, it'd be dynamite. And having IBM on it would probably add a center juggernaut quality that might make hardware companies more interested in doing proper driver support.
Probably right about the virus-scan. Outside the machine, the drive probably will look like it is full of garbage.
However, I don't think replacement will become impossible. If the machines won't allow replacement disks, this means that a disk failure will result in a useless machine; this will probably also get in the way of people wanting to add disks -- and the people wanting to put Linux on a second-hand machine will cry foul -- so this is going to fly as well as those boat-anchors those machines would become.
And this iteration of Longhorn at least will not require these chips... you won't have to buy new motherboards just now. But, perhaps further down the line this may become a required peripheral for Longhorn, but this will not be until most motherboards have it in place.
It looks like mostly a way of keeping stuff on hard-drives secret. As such this is not so bad in view of how frequent notebook-theft is, or how big the security problems of second-hand equipment are.
SIGBUS @ NO-07.308
Is anyone else amused at the timing of the release of Tiger? By all accounts it was ready to go a month ago.
WINHEC finishes and then Tiger is released. Longhorn is shown to be an investment in distant future mediocrity and Tiger is released tomorrow.
If Microsoft was going to start naming operating systems consistently, then... let's see...
Windows 2000 -> Windows NT 5.0
Windows XP -> Windows NT 5.1
Longhorn -> Windows NT 6.0 or Windows NT 5.2?
Or maybe even Windows NT 5.11?
For those wondering what Microsoft has been "doing" for the last 12 months, and how they are spending their billions in revenue. since it's clearly not about "product development", one hint was given by Eben Moglen, who says they have been hiring lawyers for the last 12 months and using them to shake down companies for cash in advance who use free software over "potential" patent disputes. In other words extorcion and racketeering. But you can read about this .
Is anyone here keeping a list of things that were supposed to be in Longhorn but aren't gonna be?
Exercise caution when modding this message up: the author acts like a jerk when his karma is excellent.
Probably right about the virus-scan. Outside the machine, the drive probably will look like it is full of garbage.
:(
Speaking as a computer tech who make money out of cleaning up viruses that would be a real bitch
Also, if it relies on a chip on the motherboard, what happens if the m/b gets toasted? Would all the data be history?
Karma? Hey I just call it as I see it.
A fast booting read-only image is a necessary step to achieve security with a user's machine that is even momentarily exposed to internet.
Microsofts patching model is a security hole in itself. If software can permanently change the state of a machine (especially if downloaded from internet!) the system is insecure.
No amount of virus scanning, port blocking, smart administration, new fangled encrypto-chip or other tweaking will ever be able to ensure that the system has not been comprimised.
As I said, ROMed boot images are necessary for security, but of course, not sufficient. However, solving the rest of the problem becomes larglely an exercise for the network administrator.
Just this one recognition can lead us to predict the future of computing with foresight. The days of multitasking applications on one CPU are over. Probably special purpose diposable/commodity hardware systems that run one application only are the solution. No more upgrades. No more self-running documents.
It is deeply unlikely that Microsoft will be the ones to bring this about. Security will be the death of Microsoft.
DEVELOPER RANT: don't use if (win_version == nt5.1) use if (win_version >= nt51).
DEVELOP RANT: don't use OS version tests if you can use feature tests instead.
Not a comment specifically directed at you, I don't know if you do this, but I keep running into software on all platforms that doesn't run on older versions even when patches, service packs, hotfixes, software updates, backported libraries, or compatibility fixes have removed the dependency on the specific OS version they hardcoded into the application.
One of the nice things about the Amiga is that all the developer documentation showed code checking library versions instead. Not perfect, but much better than OS version checks. Palm provided hooks to do functional checks down to the entry point level, but then spoiled it by shipping example code doing OS version checking.
But there's so much more that we could do with ordinary computing. I can think of half-a-dozen things we could be doing, without any trouble at all. Fuck Trusted Computing and DRM, and fuck sucking up to Big Content - whatever happened to genuine developments and refinements in basic computer use?
.NET would look vaguely interesting, if it wasn't now an empty marketing catch-all buzzword for vendor lock-in. They could have done it right and created a genuinely next-generation interface, but instead it's late, buggy, ill-designed and ultimately just one more attempt to tie you to MS.
For just one example, where's the scriptability of compiled apps? I'm not talking about built-in VBA (hackcoughspit), but something more like Apple's system (SmallTalk? I dunno), or DCOP in KDE or GNOME (I forget which - a linux-based colleague once wowed me with how compiled, native, window-manager apps could be hooked by external scripts which received input and controlled the apps' behaviour.
Sure, ActiveX was a step in that direction, but it's not a "default" part of any Windows app - you have to code for it specifically and it's a nightmare. It's also a pile of shite, and insecure to boot.
I want to be able to write a script to hook when a certain colleague comes on-line in MSN Messenger, and automatically MSN him a file (fuck, I'd settle for only being alerted when someone from a certain group came on-line, but no-go). I want to be able to hook the end of a CD-burn and shutdown my machine. Or play a sound. I want to be able to script additional user-actions tied to a specific menu item in a specific program, or tied to a single menu item in every program that offers that menu item.
I know all these things can be done, either using kludgy workarounds, different apps or using VB/WSH/JS and ActiveX objects, but every solution is different. Nothing works the same. Most programs are entirely unscriptable, unless the programmer specifically tries to offer that functionality.
I want Visual Studio to expose DCOP-style scripting hooks for every app, unless you specifically turn it off (and even then, that shouldn't be easy). I want a proper, documented, sensible scripting language (or languages).
Sure, I can hear the calls now - "but users won't use those features - who even understands scripting apart from a few hackers, sysadmins and power users?"
But that's your fucking answer right there - the early adopters and pioneers, the people who advise on business-systems upgrades, and the people who bridge the gap and educate their fellow "ordinary users" so the skills trickle-down until everyone understands it. Fifteen years ago, who used and understood e-mail, or the internet? Hackers and sysadmins. And now?
Linux is successful because it's designed for hackers. Sure, it can be retrofitted for normal users too, but the reason it's still around is the thousands of hackers who tinker and play with it.
Microsoft is successful because of their enormous marketing budget, and their canny (and, to be fair, illegal) business practices. I'd even go so far as to say MS is successful in spite of their technology - it's generally inferior to FOSS, in my opinion, because they'll compromise on The Right Thing for marketing and vendor lock-in reasons.
If I were MS I'd be making my UI as scriptable and hackable as possible in an attempt to steal Linux's thunder. They've currently got the basic-user-desktop sewn up, although it's under attack from FLOSS. If they had any sense at all they'd be courting the hackers and power-users, to actually attack FLOSS where it hurt.
Build it and they will come.
Everything in moderation, including moderation itself
Heck, Microsoft cannot even secure its own "proprietary" gaming console, why did we ever fear that they'd lock down all of our computers?!
I know it was meant to be a joke.. but who knows, all these incidents might actually spur them to *gasp* learn about their mistakes and actually make an uncrackable system.
For all I know, the latest WMV DRM has not been cracked yet... and if Palladium were as good as that we might be in for quite a bit of trouble...
Online backup with Mozy, sounds like Ozzie, but more!
Secure startup is making remote attestation of the software configuration possible.
:
...) will be able to enforce that policy. IE-only will be enforced by the hardware inside your computer itself, and it will not be circumventeable.
What does it do ?
If a remote website asks your pc "do you run windows Longhorn ?" it will not be possible to lie. You can not give an answer at all if you choose not to, but you cannot claim you run windows longhorn without actually running windows longhorn.
Why is this useful ? DRM. The way to avoid DRM is to (for example) run a display driver that captures images and prints them out. So now the remote website can ask you "what version/configuration of windows are you running, please specify your display driver."
You can choose to respond in 3 ways
-> not at all -> access denied
-> you can lie -> lie is detected -> access denied
-> you can tell the truth -> access granted
Obviously, in the last case, you are totally at the mercy of their software, which is obviously the whole point of Secure startup.
With secure startup websites that only want microsoft browsers visiting them (your bank, your employer,
Rigghhhttt. No, Microsoft would never be worried that someone is going to eat their lunch. That's why they're always so nice and polite to competing companies, right?
Microsoft isn't stupid. They know that if they take too long on an upgrade, customers will start investigating alternatives. And if they slip a few percent in market share, there may be a high chance of them slipping a lot more.
Remember when 3DFX owned the 3D accelerator market? Any idea how they're doing now? Oh, that's right. They got usurped by their competitors, went belly up, and got acquired by NVidia.
Javascript + Nintendo DSi = DSiCade
If I remember correctly, Trusted Computing is baaad, at least as far as we /.'ers are concerned.
Why is everyone bashing Microsoft for dropping it?
Rejoyce!
-
They are a for profit business, why do you expect them to play nice. Find another for profit business that sits back and helps its competition. A little hint, they are none. The very definition of capitalism is to succeed over you competitors.
Long horn is not too long in coming as you put it. There are many people who still don't touch Server 2003 (us included) because it is untested technology. Most large business that run on MS platforms are not going to look elsewhere, rather they will look at Server 2003 when longhorn debuts. MS has its market locked in. It is in the business market as a whole, not the server market or desktop market. It sells solutions, not an OS or a specific software package. It sells the complete package.
Yes, I remember 3DFX very well. In fact I have an old voodoo 1 card in my closet. I paid $200 for it just so I could play GLQuake. Are you honestly trying to compare the resources 3dfx had with the behemoth that is Microsoft. MS can afford to loose money for years, they can make a bad product and it won't put them out of business. They are not only the 800-lbs. gorilla, they are also the room it sits in and the house that has the room in it.
Perhaps is people like you stopped focusing negative attention on other companies and started focusing positive attention of getting Linux up to snuff and ready for the world of secretaries, insurance adjusters, accountants, and millions of other people who use MS for their jobs you would contribute more then your redundant lament that MS is scared of Linux.
Jesus fucking Christ, either take some action to better the cause you are fighting for or shut the fuck up.
Are you really going to claim that is not a flexible enough solution?
Umm... yeah. Spotlight not only searches documents, it searches mail, photo, contacts, and other databases. And it does it *way* faster than the "wait a half hour for your entire drive to be searched" command line method.
Advanced in what fashion? Multimedia handling has been mature for ages. The only thing new in Multimedia handling that I am aware of is a couple more codecs and DRM. Linux supports pretty much all the codecs.
Windows has WMP and OS X has iTunes. Both manage your music effectively, and without issue. Both systems also have good integrated video components. No need to compile a piece of software that's illegal in this country. Both play DVDs without fuss, and both handle shakey multimedia files without crashing the video subsystem. (Although VLC and Xine seem to be much better than MPlayer on this.)
Are you aware of a system that has more reliable plug and play? True, there is no "one true system" but the distributions I have used were extremely effective in this department.
OS X? I just plug devices in, and they work. Period. Under Linux, I'm lucky if my mouse doesn't freeze up. (See my journal for this pet peeve of mine.)
If you meant functional cd/dvd burning being included with the OS, Linux is quite a few steps ahead of the competition.
The last time I used Linux CD burning, I had to run from hell and back just to configure the burner program. I ended up as a very unhappy customer, with several CDs that didn't work right on the XP machine they were intended for. (U was helping my sister with setting up her new XP machine, only to find that OpenOffice, Mozilla, and the other goodies all had 8.3 filenames on the CD.)
Javascript + Nintendo DSi = DSiCade
I should say that soon the linux boot/virus scan disks will theoretically be able to read these nasty secure startup drives.
I don't think so. It depends on exactly what Microsoft implements as "secure startup", but what I would expect is that they'll hash the kernel plus important drivers and services into the TPM, then bind an encryption key to that system state, then encrypt the rest of the disk contents with that key (well, really, with keys encrypted with that key, but whatever).
The result will be that if you boot a different OS, even one that knows about the TPM and hashes its own state, the bound key will not be accessible (because the hash value will be different) and the disk contents will not be accessible. That's the whole point of a TPM, really.
In Microsoft's favor (ewww, I can't believe I said that), if they do this "secure boot" thing correctly, and also have "rollback" functionality to go back to a last-known-good state (which XP already does, I think), then if you try to boot an infected machine, the OS will realize that it's in an altered state, restore the last checkpoint and reboot, thereby eliminating the virus whose installation caused the problem.
Of course, the bad thing is that, depending on what they hash, installing an "unofficial" sound card driver could cause precisely the same thing to happen.
I predict, however, that shortly after MS "secure boot" rolls out, you'll start seeing live CD Linux distros that feed the TPM exactly what Windows would feed it so that Linux boots up with the same TPM state and therefore has access to the bound keys, and everything else. Reverse engineering the decryption and the file system structure will be the hardest part of producing these distros, not the TPM-related stuff.
(Note: There are some complications with the above scenario depending on how much TPM support the BIOS has, and how it's configured. Suffice it to say that I think the above will be possible, though you may have to tweak BIOS settings and then re-install Longhorn to get it in a state where it is possible.)
Note to ACs: I usually delete AC replies without reading them. If you want to talk to me, log in.