Lets take a look at NGSCB shall we:
http://www.microsoft.com/technet/security/news/ngs cb.mspx
"Strong process isolation. Users can wall off and hide pages of main memory so that each nexus-aware application can be assured that it is not modified or observed by any other application or even the operating system."
Once again, relying on a hardware function of a CPU, to cover their ass.
"Sealed storage. Information can be stored in such a way that only the application from which data is saved (or a trusted designated application or entity) can open it. With sealed storage, a nexus-aware application or module can mandate that the information be accessible only to itself or to a set of other trusted components that can be
identified in a cryptographically secure manner."
Do you get this? you use the 'trusted' program, say oooh MS Office TCI, your cannot open or view it, without using that program, and only that
program or another that Microsoft designates as 'Trusted'
Do you think they will certify open office? or sun office? I think not Locking your data into their formats, and accessible only at THEIR
discretion.
"Secure path to and from the user. Secure channels allow data to move safely from the keyboard/mouse to nexus-aware applications, and for data
to move from nexus-aware applications to a region of the screen."
Wow, a 'secure path' means 'You can only view/interact with this data in the manner WE dictate, and any usage we do not EXPLICITY 'permit', by default will be prevented. (no more feeding that DVD out via S-video to
your VCR, you think macrovision is a PITA.....
RIAA's wet dream.
Or how about:
"NGSCB is being designed so that a Windows-based PC with the requisite hardware will be able to run different nexuses, although only one nexus
at a time will be able to run on a machine. Anyone can write a nexus (licensing issues will be involved and licensing terms have not yet been
announced). The user always has the ultimate authority over what nexuses are allowed to run."
'licensing issues' eh? CLOSING STANDARDS
And take a look, even MS is trying to pollute TPM 1.2, since NGSCB will be:
Q: I have heard that NGSCB will force people to run only Microsoft-approved software.
A: This is simply not true. The nexus-aware security chip (the SSC) and other NGSCB features are not involved in the boot process of the
operating system or in its decision to load an application that does not use the nexus. Because the nexus is not involved in the boot process, it
cannot block an operating system or drivers or any nexus-unaware PC application from running. Only the user decides what nexus-aware applications get to run. [Anyone can write an application to take
advantage of new APIs that call to the nexus and related components without notifying Microsoft or getting Microsoft's approval.]
Did you catch this? [] ? How can 'anyone' write an application, when the standards and specifications are subject to MS's whim on who and how to
license it?
"It will be possible, of course, to write applications that require access to nexus-aware services in order to run."
In otherwords, Office and all applications we license the use our standards, which will be made nexus-aware (ostensibly to prevent piracy)
but will require us to 'call home' in order to use it.
What about:
Q: Is NGSCB Microsoft's implementation of the TCG or TCPA specifications?
A: No, NGSCB is not an implementation of the existing specifications developed by TCPA or TCG. The upcoming version of the trusted platform
module (TPM 1.2) is expected to work as the security support component in the NGSCB architecture.
and
Q: In what ways do TCG and the NGSCB architecture differ, and what do they have in common?
A: The NGSCB architecture encompasses a much broader set of functionality than TCG, but both efforts are designed to enable a more
secure and trustworthy computing platform.
[This is embrace and extend, even when its supposed to be 'Trustworthy'
- Authenticated booting of nexus
This is 'call home or dont run'
Q: Will other software produ
The least you could do was change the title, as it stands your spreading FUD, try editing it to something more in line with reality like:
CA Settlement mis-represented, Canopy Groups twisted web.
or
CA says 'not willing participant in fiaSCO'
or
CA says '2 for 1 licenses' do not an enorsement make.
Slashdot Mirror
Lets take a look at NGSCB shall we: http://www.microsoft.com/technet/security/news/ngs cb.mspx "Strong process isolation. Users can wall off and hide pages of main memory so that each nexus-aware application can be assured that it is not modified or observed by any other application or even the operating system." Once again, relying on a hardware function of a CPU, to cover their ass. "Sealed storage. Information can be stored in such a way that only the application from which data is saved (or a trusted designated application or entity) can open it. With sealed storage, a nexus-aware application or module can mandate that the information be accessible only to itself or to a set of other trusted components that can be identified in a cryptographically secure manner." Do you get this? you use the 'trusted' program, say oooh MS Office TCI, your cannot open or view it, without using that program, and only that program or another that Microsoft designates as 'Trusted' Do you think they will certify open office? or sun office? I think not Locking your data into their formats, and accessible only at THEIR discretion. "Secure path to and from the user. Secure channels allow data to move safely from the keyboard/mouse to nexus-aware applications, and for data to move from nexus-aware applications to a region of the screen." Wow, a 'secure path' means 'You can only view/interact with this data in the manner WE dictate, and any usage we do not EXPLICITY 'permit', by default will be prevented. (no more feeding that DVD out via S-video to your VCR, you think macrovision is a PITA..... RIAA's wet dream. Or how about: "NGSCB is being designed so that a Windows-based PC with the requisite hardware will be able to run different nexuses, although only one nexus at a time will be able to run on a machine. Anyone can write a nexus (licensing issues will be involved and licensing terms have not yet been announced). The user always has the ultimate authority over what nexuses are allowed to run." 'licensing issues' eh? CLOSING STANDARDS And take a look, even MS is trying to pollute TPM 1.2, since NGSCB will be: Q: I have heard that NGSCB will force people to run only Microsoft-approved software. A: This is simply not true. The nexus-aware security chip (the SSC) and other NGSCB features are not involved in the boot process of the operating system or in its decision to load an application that does not use the nexus. Because the nexus is not involved in the boot process, it cannot block an operating system or drivers or any nexus-unaware PC application from running. Only the user decides what nexus-aware applications get to run. [Anyone can write an application to take advantage of new APIs that call to the nexus and related components without notifying Microsoft or getting Microsoft's approval.] Did you catch this? [] ? How can 'anyone' write an application, when the standards and specifications are subject to MS's whim on who and how to license it? "It will be possible, of course, to write applications that require access to nexus-aware services in order to run." In otherwords, Office and all applications we license the use our standards, which will be made nexus-aware (ostensibly to prevent piracy) but will require us to 'call home' in order to use it. What about: Q: Is NGSCB Microsoft's implementation of the TCG or TCPA specifications? A: No, NGSCB is not an implementation of the existing specifications developed by TCPA or TCG. The upcoming version of the trusted platform module (TPM 1.2) is expected to work as the security support component in the NGSCB architecture. and Q: In what ways do TCG and the NGSCB architecture differ, and what do they have in common? A: The NGSCB architecture encompasses a much broader set of functionality than TCG, but both efforts are designed to enable a more secure and trustworthy computing platform. [This is embrace and extend, even when its supposed to be 'Trustworthy' - Authenticated booting of nexus This is 'call home or dont run' Q: Will other software produ
No, you're right :) I missed an apostrophe, [you're] or [its] could be used I guess. /. - The online grammar/spell/thought checker :)
The least you could do was change the title, as it stands your spreading FUD, try editing it to something more in line with reality like: CA Settlement mis-represented, Canopy Groups twisted web. or CA says 'not willing participant in fiaSCO' or CA says '2 for 1 licenses' do not an enorsement make.
[This is like breaking into Linus Torvald's house, stealing his sketch notes about Linux, and making fun of them for having such poor quality.]
Linus doesnt compile his sketchy code and distribute it, he distributes the code for review, good or bad.