Like I said it has to be credible. So Exxon announces they are bringout a touch version of Aros (hobby OS). They'll be spending $150m / mo in development for the next 2 years. Which translates into an OS design staff of 15k top developers. They start working with hardware manufacturers who are concerned with ExxOS will sell. Exxon guarantees them another $2b in marketing expenses during the first year. They will also use their ties with the auto industry to help move these devices with new car buyers. They want Exxon only machines to run ExxOS.
He made billions by luring thousands of unsuspecting investors (including home 'mom and pop' type investors) into buying his overvalued bubble stock.
Mom and Pop type investors should be in mutual funds, not directly buying stock. If they are directly buying stock they either know what they are doing or they are gamblers not investors. Zuckerberg didn't lie to anyone. They weren't lured they made a judgement call and were wrong.
I don't know the numbers by the IPO. But here were the numbers in 2010. Stock plus estimated value of all holdings.
Mark Zuckerberg: 24%, $5.3 billion Accel Partners: 10%, $2.2 billion Digital Sky Technologies: 10%, $2.2 billion Dustin Moskovitz: 6%, $1.3 billion Eduardo Saverin: 5%, $1.1 billion Sean Parker: 4%, $880 million Peter Thiel: 3%, $660 million Greylock Partners: ~1.5%, $330 million Meritech Capital Ventures: ~1.5%, $330 million Microsoft: 1.3%, $286 million Li Ka-Shing: 0.75%, $165 million Interpublic Group: 0.5%, $110 million Adam D'Angelo, Matt Cohler, Jeff Rothschild, Chris Hughes and Owen Van Natta: 1%
If you want advice, don't do anything where you care about the type of clients. Work in the server realm. The type of serious work you accomplish on these devices are areas where portability, speed of interaction, or weight / size matter a lot. Just walk around and observe the controls on devices from a refrigerator to a stove to a Watch a movie from the 1960s. Look at every item. Could this benefit from being more complex (i.e. a touch screen). Would this benefit more from deep integration with other information (leans more towards a desktop)? Most of the desktop stuff is already converted. Its easy enough to figure out what will go where.
Going forward it is as well. If you look at Microsoft's vision of the future for Office: http://www.youtube.com/watch?v=a6cNdhOKwi0 even with the advanced technology touch devices to viewing and light editing serious editing requires a more traditional desktop setup.
I agree. That's why I changed the analogy to Exxon with a credible claim of being willing to spend billions. I do think Exxon could get manufacturers to support closed hardware for them.
Microsoft is perfectly free to abuse the fact they are a Dow stock and have instant respect. They aren't free to abuse the desktop monopoly.
This is the entire entertainment industry -- we'd like to be able to sell content to customers and control how it is displayed per the license A good chunk of the software industry. -- we'd like to be able to sell software and not have to worry about piracy A huge percentage of enterprise -- we'd like to be able to have the same sorts of tracking with electronic documents we used to have with physical documents
As I mentioned when Microsoft still was planning Longhorn/Vista to a major upgrade the 3 components were: new interface (Aero which did happen), WinFS (ended up being a minor update SQL server) and trusted computing. The fact that Apple has been doing great with trusted computing is probably spurring Microsoft on.
The threat to Linux is not the UEFI Bios being locked down. The Linux community has a 20 year record of handling that kind of nonsense with no problem. The threat to Linux is that Linux runs fine on these new protected computers but the data whether it be websites, or movies or school classes rejects the environment.
Microsoft is not going to lock people out of using alternative OSes on x86 hardware, in the same way they haven't stopped people from buying Word Perfect. The days of "DOS ain't done till Lotus won't run" are long over at Microsoft. What is a much more realistic threat to Linux of creating trusted kernels is trusted kernels lead to trusted programs.
You're right. I didn't realise it was that cheap. But once you have to go through Microsoft to get your key signed, you give them a lot of power, and they may change their mind at any time.
They might. But once they become a jerk about being the signing authority its harder for them to remain the signing authority. They are going to have a strong interest in there not being easy circumvention, which will be hampered if they create a market for circumvention.
That's a good point. But someone may still try to lock down personal computers for the >90% of users who are non-technical,
You mean with things like blocking P2P? Same problem though... how to you avoid people sharing VBA scripts online? Circumvention becomes too easy because non-technical people are motivated. Though I agree it makes things harder. Certainly encryption was harder in the 90s when it was only semi-legal than today.
The ease with which a technical user could circumvent DRM, didn't stop the music companies from forcing it on users, and it didn't stop Microsoft from investing a lot of money into DRM.
Absolutely and DRM is being used by publishers today. But that's a different issue than the type of total lockdown you were describing. There have always been some degrees of copy protection of IP on personal computers, from the late 70s onwards.
and the technical users will also be hurt by it (for example, by not being able to install any OS they want).
The barriers you are talking about like a minor change to the bios are far less than the difficulty of installing another OS that is unsupported by the vendor. Linuxes are easy to support because the hardware vendors are friendly. If they remain friendly there will be keys for Linux. If they become unfriendly, the keys won't be the complexity. You are going to have to do much worse stuff than change setting in the UEFI to get Linux to run. Take a look at forum posts from the mid 1990s about what life is like when hardware vendors were mostly indifferent, not even hostile, to Linux installs.
There hasn't been any outrage or criticism over the fact that root kits can be installed through the boot loader
Of course there have been. Heck when I was at Comdex in 2000, Y2K had now passed and the number one issue for discussion was the lack of kernel security i.e. how to have an application or piece of data determine it was running under a genuine kernel. Kernel security, which allowed for trusted computing was one of the 3 major innovations for Longhorn (what would eventually be Vista). This has been a serious flaw in Windows for over a decade.
A kernel can't figure out if it is virtualized or not. A program can't figure out if it is running against a pure kernel or not. A piece of data can't check the status of the program accessing it. A piece of hardware, especially a TCPI chip can't figure out if the process accessing it is compromised.
You want to fix this problem the first thing you need to do is allow kernels to know if they are running against real hardware or not. And hardware needs to know that the kernel is trusted.
You don't convince every device manufacturer to include your cert, that's free but a ton of work. You just pay Microsoft 5 bootloaders x $80 each = $400 for them to sign the key.
Not in meaningful numbers yet. Its experimental because there are a lot of businesses which like tablets, but even those are a minority. Its an exciting area but the actual amount of implementation is still rather limited. Medical charting is an area its catching on.
RDP on a touch screen is terrible. A possible emergency solution but not something you would want to use regularly.
I agree there is a bit of a difference here between a supplier and a customer. But if we agree this was something manufacturers were willing to do, because a customer asked, then it didn't require monopoly power to get the manufacturers to do it. It is not "monopoly" power if manufacturers want to use Microsoft's OS and Microsoft is a jerk about it. Its only monopoly power if somehow Microsoft is using their desktop monopoly to force ARM vendors to do something.
No guys who create root kits created the conditions that caused this choice. I think Microsoft has a pretty track record of not wanting to be in the security business. They've been dragged there against their will under protest.
I don't see how this is leveraging a monopoly. I agree with you analogy:
a) Wham-o's system is great. They have copyright so they get secure boot. b) Wham-o's system is so/so or worse. No one produces c) Wham-o's system is good. Maybe the lockdown has some effect but not much. Very few end users change OSes on their Arm devices.
The fact that Microsoft has more credibility than Wham-o is different than a monopoly. If Exxon stepped forward and and announced they considered 8" tablet factors crucial to the future of gas drilling, were going to spend a fortune developing and marketing a new OS.... it would carry the same weight
Smaller Linux versions, without the backing of a corporation, won't be able to afford signing or getting OEM manufacturers to include their keys.
The cost is $99 to get Microsoft to sign your key. Individuals can easily afford to get a key signed for the custom OS they want to run on their own machines all by themselves. The fee isn't a million dollars. It is essentially free. This whole thing about the money is IMHO simple hysteria about nothing.
_____
SecureBoot controls what OS can be run, and the OS can control what software can be run, using a system of checksums and signing keys.
Absolutely true. But most powerful software packages include languages. So for example you mentioned encryption. Most encryption algorithms can be implemented in a few lines of any scripting language: Powershell, Visual Basic for Applications, AppleScript, Perl, SQL are all plenty powerful. You can do most encryptions in under a page in any of those languages.
Similarly P2P. There are well known Python P2P clients for the major services in like 80k and that's including the hash table data.
You cannot lock down computers to the degree you are talking about and have them still be computers.
First off I'm not sure that any significant percentage of the population actually changes OSes on Arm devices. If they don't like the device they return it to the store.
However, in terms of the thought experiment... we know that they would agree to it, since we've had ARM devices produced by small firms with locked down OS configurations. The marketing approach is a little different where the OS company is tangential and the manufacturer is being hired so the device can be rebranded.
Its been a while since I've done this but... I don't think that's true. If you partition a drive prior to Windows installation it won't grab those other partitions. Unless you explicitly tell it to Windows doesn't resize partitions. So when you lay out your drive/var,/home, swap... just leave one for Windows.
Requiring other OS makers to buy a license from Microsoft is very clear evidence of using their monopoly power to stifle competition.
They aren't requiring them to buy a license nor is it from Microsoft. They are requiring other OS makers to file a little paperwork and pay a trivial processing fee. There is no attempt to stifle competition as is demonstrated by the fact that when RedHat and Ubuntu applied for keys they got them.
How many bootloaders are there? I'm thinking in 18 years of using Linux I've seen about 5. These certs are $99 each. So say $500 solves the problem for every loader.
Given that Microsoft sells keys at essentially cost to competitors how is this "abuse"? Doing stuff you don't agree with is different from abusive practice.
I agree with everything you wrote. I'm a longtime touch typer and even on a bad physical keyboard I don't look while on a virtual keyboard, regardless of how good, I can't do it. While the brain is good at positioning the fingers without much input to get things right it needs 3D feedback, which the screen doesn't provide.
But there is a big difference between being able to almost perfectly aim blind with the touchscreen and requiring constant feedback and conscious attention with , the mouse. Without looking at a screen you wouldn't have minor problems using a mouse to point and at an onscreen keyboard. The argument was over whether touching or mousing is more natural and that example is one where the differences are still clear. It does show how touch screens still have to go quite a ways to provide the sort of sensory feedback that's really needed
The enterprise features that is the depth of the Windows software stack is pretty much all they've got. I think its hugely important. If I'm wrong and it isn't, they lose since their entire strategy is based on moving that software stack over.
BTW Apple hasn't disrupted enterprise yet. BYOD on phones is the only example and that's still light integration (mostly with exchange).
Now not pay them. Just
1) Build an OS that would be good
2) Help them sell their products
Microsoft does both (1) and (2) (at least arguably).
Like I said it has to be credible. So Exxon announces they are bringout a touch version of Aros (hobby OS). They'll be spending $150m / mo in development for the next 2 years. Which translates into an OS design staff of 15k top developers. They start working with hardware manufacturers who are concerned with ExxOS will sell. Exxon guarantees them another $2b in marketing expenses during the first year. They will also use their ties with the auto industry to help move these devices with new car buyers. They want Exxon only machines to run ExxOS.
Yeah I think they would get the time of day.
He sold about $1b worth of stock during the offering.
He made billions by luring thousands of unsuspecting investors (including home 'mom and pop' type investors) into buying his overvalued bubble stock.
Mom and Pop type investors should be in mutual funds, not directly buying stock. If they are directly buying stock they either know what they are doing or they are gamblers not investors. Zuckerberg didn't lie to anyone. They weren't lured they made a judgement call and were wrong.
What regulations did the SEC fail to enforce? There was no fraud.
I don't know the numbers by the IPO. But here were the numbers in 2010. Stock plus estimated value of all holdings.
Mark Zuckerberg: 24%, $5.3 billion
Accel Partners: 10%, $2.2 billion
Digital Sky Technologies: 10%, $2.2 billion
Dustin Moskovitz: 6%, $1.3 billion
Eduardo Saverin: 5%, $1.1 billion
Sean Parker: 4%, $880 million
Peter Thiel: 3%, $660 million
Greylock Partners: ~1.5%, $330 million
Meritech Capital Ventures: ~1.5%, $330 million
Microsoft: 1.3%, $286 million
Li Ka-Shing: 0.75%, $165 million
Interpublic Group: 0.5%, $110 million
Adam D'Angelo, Matt Cohler, Jeff Rothschild, Chris Hughes and Owen Van Natta: 1%
If you want advice, don't do anything where you care about the type of clients. Work in the server realm. The type of serious work you accomplish on these devices are areas where portability, speed of interaction, or weight / size matter a lot. Just walk around and observe the controls on devices from a refrigerator to a stove to a Watch a movie from the 1960s. Look at every item. Could this benefit from being more complex (i.e. a touch screen). Would this benefit more from deep integration with other information (leans more towards a desktop)? Most of the desktop stuff is already converted. Its easy enough to figure out what will go where.
Going forward it is as well. If you look at Microsoft's vision of the future for Office: http://www.youtube.com/watch?v=a6cNdhOKwi0
even with the advanced technology touch devices to viewing and light editing serious editing requires a more traditional desktop setup.
I agree. That's why I changed the analogy to Exxon with a credible claim of being willing to spend billions. I do think Exxon could get manufacturers to support closed hardware for them.
Microsoft is perfectly free to abuse the fact they are a Dow stock and have instant respect.
They aren't free to abuse the desktop monopoly.
This isn't just security experts.
This is the entire entertainment industry -- we'd like to be able to sell content to customers and control how it is displayed per the license
A good chunk of the software industry. -- we'd like to be able to sell software and not have to worry about piracy
A huge percentage of enterprise -- we'd like to be able to have the same sorts of tracking with electronic documents we used to have with physical documents
As I mentioned when Microsoft still was planning Longhorn/Vista to a major upgrade the 3 components were: new interface (Aero which did happen), WinFS (ended up being a minor update SQL server) and trusted computing. The fact that Apple has been doing great with trusted computing is probably spurring Microsoft on.
The threat to Linux is not the UEFI Bios being locked down. The Linux community has a 20 year record of handling that kind of nonsense with no problem.
The threat to Linux is that Linux runs fine on these new protected computers but the data whether it be websites, or movies or school classes rejects the environment.
Microsoft is not going to lock people out of using alternative OSes on x86 hardware, in the same way they haven't stopped people from buying Word Perfect. The days of "DOS ain't done till Lotus won't run" are long over at Microsoft. What is a much more realistic threat to Linux of creating trusted kernels is trusted kernels lead to trusted programs.
You're right. I didn't realise it was that cheap. But once you have to go through Microsoft to get your key signed, you give them a lot of power, and they may change their mind at any time.
They might. But once they become a jerk about being the signing authority its harder for them to remain the signing authority. They are going to have a strong interest in there not being easy circumvention, which will be hampered if they create a market for circumvention.
That's a good point. But someone may still try to lock down personal computers for the >90% of users who are non-technical,
You mean with things like blocking P2P? Same problem though... how to you avoid people sharing VBA scripts online? Circumvention becomes too easy because non-technical people are motivated. Though I agree it makes things harder. Certainly encryption was harder in the 90s when it was only semi-legal than today.
The ease with which a technical user could circumvent DRM, didn't stop the music companies from forcing it on users, and it didn't stop Microsoft from investing a lot of money into DRM.
Absolutely and DRM is being used by publishers today. But that's a different issue than the type of total lockdown you were describing. There have always been some degrees of copy protection of IP on personal computers, from the late 70s onwards.
and the technical users will also be hurt by it (for example, by not being able to install any OS they want).
The barriers you are talking about like a minor change to the bios are far less than the difficulty of installing another OS that is unsupported by the vendor. Linuxes are easy to support because the hardware vendors are friendly. If they remain friendly there will be keys for Linux. If they become unfriendly, the keys won't be the complexity. You are going to have to do much worse stuff than change setting in the UEFI to get Linux to run. Take a look at forum posts from the mid 1990s about what life is like when hardware vendors were mostly indifferent, not even hostile, to Linux installs.
There hasn't been any outrage or criticism over the fact that root kits can be installed through the boot loader
Of course there have been. Heck when I was at Comdex in 2000, Y2K had now passed and the number one issue for discussion was the lack of kernel security i.e. how to have an application or piece of data determine it was running under a genuine kernel. Kernel security, which allowed for trusted computing was one of the 3 major innovations for Longhorn (what would eventually be Vista). This has been a serious flaw in Windows for over a decade.
A kernel can't figure out if it is virtualized or not.
A program can't figure out if it is running against a pure kernel or not.
A piece of data can't check the status of the program accessing it.
A piece of hardware, especially a TCPI chip can't figure out if the process accessing it is compromised.
You want to fix this problem the first thing you need to do is allow kernels to know if they are running against real hardware or not. And hardware needs to know that the kernel is trusted.
You don't convince every device manufacturer to include your cert, that's free but a ton of work. You just pay Microsoft 5 bootloaders x $80 each = $400 for them to sign the key.
iPad has serious business use
Not in meaningful numbers yet. Its experimental because there are a lot of businesses which like tablets, but even those are a minority. Its an exciting area but the actual amount of implementation is still rather limited. Medical charting is an area its catching on.
RDP on a touch screen is terrible. A possible emergency solution but not something you would want to use regularly.
I agree there is a bit of a difference here between a supplier and a customer. But if we agree this was something manufacturers were willing to do, because a customer asked, then it didn't require monopoly power to get the manufacturers to do it. It is not "monopoly" power if manufacturers want to use Microsoft's OS and Microsoft is a jerk about it. Its only monopoly power if somehow Microsoft is using their desktop monopoly to force ARM vendors to do something.
No guys who create root kits created the conditions that caused this choice. I think Microsoft has a pretty track record of not wanting to be in the security business. They've been dragged there against their will under protest.
I don't see how this is leveraging a monopoly. I agree with you analogy:
a) Wham-o's system is great. They have copyright so they get secure boot.
b) Wham-o's system is so/so or worse. No one produces
c) Wham-o's system is good. Maybe the lockdown has some effect but not much. Very few end users change OSes on their Arm devices.
The fact that Microsoft has more credibility than Wham-o is different than a monopoly. If Exxon stepped forward and and announced they considered 8" tablet factors crucial to the future of gas drilling, were going to spend a fortune developing and marketing a new OS.... it would carry the same weight
Smaller Linux versions, without the backing of a corporation, won't be able to afford signing or getting OEM manufacturers to include their keys.
The cost is $99 to get Microsoft to sign your key. Individuals can easily afford to get a key signed for the custom OS they want to run on their own machines all by themselves. The fee isn't a million dollars. It is essentially free. This whole thing about the money is IMHO simple hysteria about nothing.
_____
SecureBoot controls what OS can be run, and the OS can control what software can be run, using a system of checksums and signing keys.
Absolutely true. But most powerful software packages include languages. So for example you mentioned encryption. Most encryption algorithms can be implemented in a few lines of any scripting language: Powershell, Visual Basic for Applications, AppleScript, Perl, SQL are all plenty powerful. You can do most encryptions in under a page in any of those languages.
Similarly P2P. There are well known Python P2P clients for the major services in like 80k and that's including the hash table data.
You cannot lock down computers to the degree you are talking about and have them still be computers.
That is called restraint-of-trade
No it isn't. To commit restraint of trade you actually have to restrict trade. No judge is going to see a $99 processing fee as restricting trade.
First off I'm not sure that any significant percentage of the population actually changes OSes on Arm devices. If they don't like the device they return it to the store.
However, in terms of the thought experiment ... we know that they would agree to it, since we've had ARM devices produced by small firms with locked down OS configurations. The marketing approach is a little different where the OS company is tangential and the manufacturer is being hired so the device can be rebranded.
Its been a while since I've done this but... I don't think that's true. If you partition a drive prior to Windows installation it won't grab those other partitions. Unless you explicitly tell it to Windows doesn't resize partitions. So when you lay out your drive /var, /home, swap... just leave one for Windows.
Requiring other OS makers to buy a license from Microsoft is very clear evidence of using their monopoly power to stifle competition.
They aren't requiring them to buy a license nor is it from Microsoft. They are requiring other OS makers to file a little paperwork and pay a trivial processing fee. There is no attempt to stifle competition as is demonstrated by the fact that when RedHat and Ubuntu applied for keys they got them.
How many bootloaders are there? I'm thinking in 18 years of using Linux I've seen about 5. These certs are $99 each. So say $500 solves the problem for every loader.
Given that Microsoft sells keys at essentially cost to competitors how is this "abuse"? Doing stuff you don't agree with is different from abusive practice.
I agree with everything you wrote. I'm a longtime touch typer and even on a bad physical keyboard I don't look while on a virtual keyboard, regardless of how good, I can't do it. While the brain is good at positioning the fingers without much input to get things right it needs 3D feedback, which the screen doesn't provide.
But there is a big difference between being able to almost perfectly aim blind with the touchscreen and requiring constant feedback and conscious attention with , the mouse. Without looking at a screen you wouldn't have minor problems using a mouse to point and at an onscreen keyboard. The argument was over whether touching or mousing is more natural and that example is one where the differences are still clear. It does show how touch screens still have to go quite a ways to provide the sort of sensory feedback that's really needed
The enterprise features that is the depth of the Windows software stack is pretty much all they've got. I think its hugely important. If I'm wrong and it isn't, they lose since their entire strategy is based on moving that software stack over.
BTW Apple hasn't disrupted enterprise yet. BYOD on phones is the only example and that's still light integration (mostly with exchange).