Slashdot Mirror
Microsoft Scales Down Palladium
bonch writes "Formerly known as Palladium, Next Generation Secure Computing Base (NGSCB) will not be fully available in Windows Longhorn after all. Instead, Longhorn will offer "the first part of NGSCB: Secure Startup," says Jim Allchin, Microsoft's group vice president for platforms. However, most hardware will not support this technology on release."
What, exactly, is Longhorn going to do? They seem to have dropped more features from it than there were in the first place!
Heck, Microsoft cannot even secure its own "proprietary" gaming console, why did we ever fear that they'd lock down all of our computers?!
Perhaps Microsorft have finally realised that such an invasive DRM system will cause a mass exodus of people from windows to Lenix. Microsoft seems determined to play into Lonis Torvaldez's hands with issues like these and I can't say that I'm ungrateful. Now if only WINE could play more games I'd switch straight away as the rest of my pirated material already works perfectly under linix.
Making the moon less necessary since 1998.
What exactly is Longhorn still bringing to the table at its release? I used to look forward to Longhorn when I ran Windows, because it was supposed to contain all these new and wonderful technologies, then I got tired of waiting and .... well, my .sig says it all really.
Good to see that Microsoft have not been concentrating on the frivolous activity of making the GUI sexy (obviously) and have been concentrating instead on the more serious improvements "under the hood".
You know, super secret stuff that they don't want to talk about in case Apple steal for the "Future Cat" operating system in 2020.
So rather than this being something pulled from Longhorn it's just being emphasised that having a system with the TPM chip isn't a requirement for running Longhorn.
You may think me a tired, old, cynic. I'd have to disagree about the tired bit.
"Secure Startup protects users against offline attacks, blocking access to the computer if the content of the hard drive is compromised. This prevents a laptop thief from booting up the system from a floppy disk to circumvent security features or swapping out the hard drive."
In other words, no more pulling out a drive to virus-scan it then replacing it or replacing a drive on an OEM machine - that won't allow it to boot.
"The security platform depends on a TPM chip being present in the system. The chip is an industry standard governed by the Trusted Computing Group, a non-profit organisation which develops security standards."
All nonprofits rely on donations to survive, and I can bet that a LOT of donations are going to start rolling in to them from certain organizations involved in content creation and distribution.
Also, if it requires a custom chip, it ain't gonna go over easy - new motherboards will be required.
Striking fear in the authors of godawful fanfiction, I am here, appearing in darkness, Tuxedo Jack!
Either I'm stupid or they are (for humility's sake, I'll assume the first), but doesn't file system level encryption already solve this problem?
Also, Apple is already one step ahead by removing floppy drives from the computers.
Microsft reports today that Longhorn will not be shipped at all. Instead, it would be shipping a stripped down version of Windows XP with an all new startup screen and bundled with features from late Windows 3.11
This is my sig. There are thousands more, but this one is mine.
Microsoft is totally dropping the ball. Not that I'm complaining. But giving previews of software that's so bad that they have to threaten those that publish screenshots? Dropping important features?
I tell you, if IBM sunk $1 billion dollars into making a single grandma-usable Linux distribution, it'd be the best $1 billion they ever spent. That's a pipe dream, but seriously, if nobody capitalizes on this, it's a total missed opportunity to break the Microsoft monopoly.
In my opinion, the software is ready. KDE is all set to go. We've got office applications, dtp, multimedia, internet, databases... If somebody could fix CUPS, make software installation simple, and populate all the most important configurations in one area and give them easy-to-use and consistently-designed wizards (that the experienced users could of course ignore), this thing would be ready. Not World of Warcraft ready, maybe, but ready enough. Hell, I'd buy it in two seconds.
The problem is, you need someone with deep pockets to finance all the boring aspects of making a unified-feeling distribution and fixing all the intricate bits (like CUPS or whatnot), but if they did, and slapped a big old IBM on the cover, it'd be dynamite. And having IBM on it would probably add a center juggernaut quality that might make hardware companies more interested in doing proper driver support.
Secure Startup protects users against offline attacks
? PHPSESSID=f6bfd6ada2877cbe69e8f281ef4ca487 that will help you out with that.
Gimme a break. Who needs security from offline attacks more than security from online ones? If that were such a stretch, there are products http://www.computersecurity.com/laptop/cables.htm
As an ACTUAL Windows user (and yes, I do use it; software investment, unfortunately) I'd love to see more ONLINE security: integrated firewall, antivirus, spyware, etc. That would more satisfy me.
When the going gets weird, the weird turn pro. ~~ Hunter S. Thompson
Is it just me, or is Longhorn increasingly beginning to resemble vapourware? We were sold the idea of a revolutionary next-gen computing platform, with all-new graphics subsystem, trusted computing (yuck, but at least different), enhanced security, relational filesystem, etc, etc, etc.
Now Avalon's being back-ported to XP, trusted computing isn't making it into the final product, WinFS has been pushed back to god-knows-when, and general security will likely be as god-awful and insecure as ever.
Against this background, what does Longhorn actually have to offer potential upgraders? Especially businesses?
Pretty Aero Glass UI? "Windows theme's always worked fine for us, thanks, and requires no user-retraining - why bother upgrading?"
But, it's all new! "Yeah, so we'll have to buy all-new hardware. And beta test it^W^W^W live with the inevitable but unfortunate 1.0 bugs.
Increasingly the reasons are "But, but, but, it's the new operating system from MS - you have to upgrade!", which is, obviously, no reason at all.
I was quite worried about LH when it was first announced - it sounded like a hell of a leap beyond anything Linux and Free Software had to offer (although, given time, I was sure FLOSS would catch up or surpass it).
Now, however, I'm having trouble retaining even mild interest - Microsoft hyped it so much, and are now so publicly failing to deliver on anything they've promised, that by the time it launches I wouldn't be surprised if they've Daikatana'd the thing practically to death.
Longhorn? Long-in-the-tooth, more like - a decrepit and crumbling shadow of it's former self that looks in danger of becoming irrelevent before it's even launched.
Of course, I may be condemning it unfairly here - are there any killer features that will save it from this downward trajectory?
Besides a billion-dollar marketing budget?
Everything in moderation, including moderation itself
Rest assured that the first service pack will consist almost entirely of draconian DRM "enhancements".
(You did read the EULA, didn't you?)
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
This feature was one of the most important and most scary "improvement" in the history of computers a few years ago: removing the control of the machine from the hands of the user, censorship controlled by Redmond. The fact that they removed this "feature" is an improvement by itself.
Is anyone else amused at the timing of the release of Tiger? By all accounts it was ready to go a month ago.
WINHEC finishes and then Tiger is released. Longhorn is shown to be an investment in distant future mediocrity and Tiger is released tomorrow.
Who backs them? What is their official reason for existing? What is their real reason for existing? (This last question cannot be answered by merely reading this groups home page; you need to consider the motives of those directing or controlling this group.)
My guess is that their official reason this group exists is "to promote safe environments by protecting users from various malicious computer exploits" or similar sounding goodness.
In contrast, my guess is that their real reason for existing is "to strip users of their existing rights to use the programs and data on their computers so that copyright holders can dictate if, when, and how users may access them".
If Microsoft was going to start naming operating systems consistently, then... let's see...
Windows 2000 -> Windows NT 5.0
Windows XP -> Windows NT 5.1
Longhorn -> Windows NT 6.0 or Windows NT 5.2?
Or maybe even Windows NT 5.11?
For those wondering what Microsoft has been "doing" for the last 12 months, and how they are spending their billions in revenue. since it's clearly not about "product development", one hint was given by Eben Moglen, who says they have been hiring lawyers for the last 12 months and using them to shake down companies for cash in advance who use free software over "potential" patent disputes. In other words extorcion and racketeering. But you can read about this .
Is anyone here keeping a list of things that were supposed to be in Longhorn but aren't gonna be?
Exercise caution when modding this message up: the author acts like a jerk when his karma is excellent.
The MS guarantee: Your Machine will be safe for the first 35 nanoseconds.
Timo's Audio Software http://www.esseraudio.com
Just as automobile manufactures develop a concept car in hopes to bring all ideas togeather, I can't help but wondering if Longhorn is offically an OS. Rather, it sounds like Longhorn is nothing more then a pet project of verious concepts microsoft is playing with.
I'm willing to bet the next version of Microsoft Windows will not be as dramatic as we see in Longhorn. I think they know that consumers are tired of being "feature shocked" with a different and reorginized GUI. Hell, I love computers. But I must admit, it does get aggravating having to reaquire reacquire your bearings on any new OS revision.
Life is not for the lazy.
From TFA: "A chip, the Trusted Platform Module (TPM), is used to encrypt data streams between the operating system and applications." ... hmm, why do I think that this coming from Microsoft is not good ?
One question: why ?
I thought modern processors (like the 386) already kept processes from reading each others data. So it's not for separation.
It certainly won't keep an application from hacking the operating system, cause I don't think the TPM could possibly figure out if the data it encrypts is harmfull or not. So if the system call is buggy, it will be hacked TPM or not.
One use could be to only let digitaly signed/unmodified application to run
Feel free to add more ideas...
bye, krajo
Learn to separate truth from illusion. Because in this world, it's the hardest thing to do.
You are probably hearing "security" and "trust" and falsely assuming this means YOUR security, or YOU being able to trust your computer.
In fact you, the user, are not the intended beneficiary of "trusted computing" at all.
The problem now is that people have too much control over their computers. From the perspective of somebody trying to limit what other people do, this is insecurity. If you write a computer program and sell it to someone, why, there's no guarantee at all that people will use it the way you wanted. People may find ways to trick your program into doing things it didn't intend, or even start to fiddle around with it and its innards, or use the files they made in your program in competing applications. It's as almost as if these people believe that just because they bought a copy of your software means they [i]own[/i] that copy. Something must be done about this. Vendors, like Microsoft, want to be able to "trust" your computer not to let you do things with it Microsoft doesn't want you to do. Hence, palladium.
Trusted boot is the first step in that. It convinces people that a piece of hardware in your computer that when switched on limits the ability to write to your hard drive to "trusted" pieces of code (and not scary things like Knoppix rescue cds) is a good idea. Somehow.
1. Regular crashes (couple of times every hour would do) accompanied by "You want to submit a bloody report?" messages. :-)
2. No support for *any* multimedia format except for WMA, WMV and ASF. Who cares for MP3 anyway.
3. It would be really nice to get a "Keyboard not detected - press enter ton continue" message for real in Longhorn
DEVELOPER RANT: don't use if (win_version == nt5.1) use if (win_version >= nt51).
DEVELOP RANT: don't use OS version tests if you can use feature tests instead.
Not a comment specifically directed at you, I don't know if you do this, but I keep running into software on all platforms that doesn't run on older versions even when patches, service packs, hotfixes, software updates, backported libraries, or compatibility fixes have removed the dependency on the specific OS version they hardcoded into the application.
One of the nice things about the Amiga is that all the developer documentation showed code checking library versions instead. Not perfect, but much better than OS version checks. Palm provided hooks to do functional checks down to the entry point level, but then spoiled it by shipping example code doing OS version checking.
This program is to be released next year, and will probably be delayed a few more times. MS' spinmeisters are just trying to keep it in the news, so they create 'news events' that are no events at all. Even negative attention is better than no attention at all. But is it worth the attention? No, not for me, I use Linux exclusively since 2001, and so can you.
;-)
Not only MS is guilty of using this vaporware tactics. All the media are lapping it up too, without even a single note of critisism. It seems we not only need the icbm adress of MS, but those of it's minion news outlets too
This space is intentionally staring blankly at you
Secure startup is making remote attestation of the software configuration possible.
:
...) will be able to enforce that policy. IE-only will be enforced by the hardware inside your computer itself, and it will not be circumventeable.
What does it do ?
If a remote website asks your pc "do you run windows Longhorn ?" it will not be possible to lie. You can not give an answer at all if you choose not to, but you cannot claim you run windows longhorn without actually running windows longhorn.
Why is this useful ? DRM. The way to avoid DRM is to (for example) run a display driver that captures images and prints them out. So now the remote website can ask you "what version/configuration of windows are you running, please specify your display driver."
You can choose to respond in 3 ways
-> not at all -> access denied
-> you can lie -> lie is detected -> access denied
-> you can tell the truth -> access granted
Obviously, in the last case, you are totally at the mercy of their software, which is obviously the whole point of Secure startup.
With secure startup websites that only want microsoft browsers visiting them (your bank, your employer,
It strikes me that Microsoft is feeling the pressure.
MS still has over 95% of the desktop share and roughly 50% of the server market.
You are deaming. They are taking their time becasue they can.
Secure Startup will eventually stop people running non-Microsoft OSs on computers.
With OS X, Apple bit the bullet and made a clean break with their crufty past. They had the Carbon API for a couple of years prior to release which made quite a few apps "OS X ready" from the gitgo. There is the Classic virtual machine for the apps that haven't gotten with the program and everything else is all new and quite a bit saner.
MS should do the same. Chuck the current hopeless mess into a virtual machine and start all over.
If I remember correctly, Trusted Computing is baaad, at least as far as we /.'ers are concerned.
Why is everyone bashing Microsoft for dropping it?
Rejoyce!
-
I'm seeing alot of concern about what this OS is going to do since they seem to be stripping everything out of it. Then I read a comment that they are building a base first and then juicing it up with the features being taken out at a later date. While I do agree with this analogy, I find it good and bad at the same time. MS OS's for the most part come with features that really don't get modified too greatly after its initial release. XP SP2 is really the only update we've seen that changes OS features. Remember too that all of their updates have been FREE and I have good reason to suspect that LH's updates will be free as well. Just because they aren't included with the initial release doesn't mean squat. To you and I that is. The downfall to releasing the updates at a later date is for the average Joe Lunchbox. Those people expect to have everything ready in a turn-key fashion. Some of us do as well. But dumping OS updates on people months after an initial release may get confusing. Make no mistake - Longhorn is the stepping block of future OS's from this company. They aren't going to let it croak. If it bothers you this much then you can always go buy yourself a Mac because afterall, don't they already have the features in question?