Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Microsoft

Questions for a Lecture on Microsoft's Palladium? 612

Posted by Cliff
from the tossing-out-those-pointed-questions dept.
An anonymous reader asks: "Microsoft is going to be giving a lecture on Palladium for my Computer and Network Security class at MIT this Thursday. We're told that it's going to be the most technically detailed lecture publically given to date, and that we should be armed with questions as a result. Any suggestions from the Slashdot crowd? What technical details have you been dying to know about Palladium?" It would be interesting to hear back from someone who is planning on attending this. For those who wish they were, but can't for one reason or another, what would you have asked by proxy?
This discussion has been archived. No new comments can be posted.

Questions for a Lecture on Microsoft's Palladium?

Comments Filter:
  • by Longinus (601448) on Tuesday October 15, 2002 @08:58PM (#4458117) Homepage
    Are there any plans to have this webcasted via audio or video, or at the vary least transcripted for our analytical pleasure?

    MIT's page [mit.edu] makes no mention of any intention to do this, and seeing how it will apparently be the "most technically detailed lecture publically given to date," I think that the public would benefit greatly from such a service.
  • by Drunken Coward (574991) on Tuesday October 15, 2002 @08:58PM (#4458120)
    Maybe it isn't as technical as you want the questions to be, but I'm interested in the answer:

    Can open source software and Palladium coexist?
  • THe obvious one ... (Score:3, Interesting)

    by Vilim (615798) <ryan@NOSPam.jabberwock.ca> on Tuesday October 15, 2002 @08:58PM (#4458121) Homepage
    The question i would most like to see them confronted by (though i most likely know the answer) is: Microsoft has been called a monopoly in the PC market, it maintains control over more than 95% of the desktop market. Since the only operating system that can even compare to windows (desktop wise) on the PC is linux. If palladium is integrated won't this mean death for linux and Microsofts complete domination over the desktop market? They will most likely try to sugar cote thier answer, or say that linux should go closed source (HA!) however it will boil down to "Yes".
  • Target Consumers? (Score:5, Interesting)

    by magnum3065 (410727) on Tuesday October 15, 2002 @08:59PM (#4458132)
    I'm curious who Microsoft expects to be the target customer base for this software, do they expect home users, or businesses. Will this be used in general across an office, or possibly only for machines that require high security (e.g. servers with remote access)? It seems that the average home user wouldn't want to be troubled with some of the new security features, and since technologies of questionable legality (mp3, divx, etc.) are becoming popular in the main-stream now, many people would actually be opposed to some of the new security measures. So, since Microsoft has typically targetted an average home user with their products, do they expect to win over the home user market for this new product, or do they simply plan on a small user-base that requires a more substantial amount of security at first, then try to make the system more wide-spread among consumers later?
  • by Anonymous Coward on Tuesday October 15, 2002 @09:00PM (#4458136)
    What repricussions will this have on computer users that enjoy the use of standards, such as Ogg Vorbis, and share their private, legally owned, collection between multiple Operating systems on a Single Machine, or multiple machines running a variety of Operating System?
  • by Degrees (220395) <degreesNO@SPAMsbcglobal.net> on Tuesday October 15, 2002 @09:00PM (#4458141) Homepage Journal
    Who will own the keys that release it? Where will those keys be stored? Do I get to run the server that hands out the key?

    I am thinking if I make a video of my grand kids - how can I make sure that anyone I want can view it?
  • Reasons (Score:5, Interesting)

    by qwerbus (583999) on Tuesday October 15, 2002 @09:01PM (#4458148) Homepage
    I'd ask them why they think they need to protect Hollywood?
  • by Anonymous Coward on Tuesday October 15, 2002 @09:02PM (#4458153)
    Will Palladium enforce .Net framework code-access security? E.g. if I delare a private member, can I be certain that the hardware will guard that memory location with its life from access outside my class?

    And would the same apply to non-.Net Win32/64 code? How about scripting languages? Other VMs?
  • Tech/legal mix (Score:4, Interesting)

    by lawpoop (604919) on Tuesday October 15, 2002 @09:02PM (#4458154) Homepage Journal
    My Q: To what extent will palladium rely on legal means to enforce policies?
  • by djmagee (165242) on Tuesday October 15, 2002 @09:02PM (#4458156)
    This is what I want to know. How does MS plan to get people to buy into this? How are computer manufacturers going to react when they have fewer, more expensive options for building their computers. And what would make the average consumer see in it? How many people are really that worried about people reading their documents that they'd be willing to give up things like copying CD's, burning mixes, etc...
  • My question (Score:2, Interesting)

    by Anonymous Coward on Tuesday October 15, 2002 @09:04PM (#4458164)
    When will the specs be released in enough detail to enable people to write a nub (or "nexus" or "trusted operating root")?

    Will there be any consideration of key management systems that would allow one, for example, to trust any kernel signed by (ie.) RedHat?

    Will applications have to care about this sort of thing, or will one nub look the same as any other to them?
  • Corporate liability (Score:5, Interesting)

    by paranoic (126081) on Tuesday October 15, 2002 @09:04PM (#4458166)
    Will Microsoft assume liability for when Palladium breaks, or are they going to hide behind some shrink-wrap/click-through agreement that says that they (Microsoft) can't be held liable for anything?
  • by brw215 (601732) on Tuesday October 15, 2002 @09:04PM (#4458170) Homepage
    From what I have gathered, NO code can run on palladium enabled hardware that is not signed by Microsoft. I am concerned not just about Linux, but about all open source and individual development in general.

    Will code I write be able to be run on different Windows machines, or will I be restricted to my local environment barring a signature from Microsoft? From what I have read so far it is the latter and that is frankly terrifying.
  • by carlmenezes (204187) on Tuesday October 15, 2002 @09:07PM (#4458193) Homepage
    You talk about Palladium being trusted and secure computing. Are there any provisions for backdoors so any content generated by the "secure" technologies can be monitored? If so, how secure will these backdoors be from malicious hackers?
  • by PFAK (524350) on Tuesday October 15, 2002 @09:08PM (#4458198)
    How is Palladium supposed to help or "enhance" the users experience?

    In my opinion this is going to just frusterate the every day user, and make the "hacker" laugh at Microsoft's effort of a controlled system. The average user wants to go on his/or her computer - listen to music & chat.

    They do not want some "secure" music file, they just want to be able to listen to the song. They don't care if its authenticate, or if it contains a "virus".

    I believe that this is just a useless effort on Microsoft's part, and lots of wasted time & money for the user.

    And for my lead on..

    How much is this going to cost Microsoft to develop? For the bug fixes & patches because of Screw ups in the development proccess which don't let me open my Microsoft Powerpoint file.
  • by redback (15527) on Tuesday October 15, 2002 @09:08PM (#4458199)
    What options are likely to exist for people that do not wish to use Palladium?
  • by DRnetman86 (617230) <david&maxtechcomputer,net> on Tuesday October 15, 2002 @09:09PM (#4458200) Homepage
    Will Pallidium come integrated with Longhorn and all future M$ products, or will there be an opt out program where you can choose to not use Pallidium.
  • by GigsVT (208848) on Tuesday October 15, 2002 @09:13PM (#4458236) Journal
    Or:

    Can a system of DRM be devloped that does not rely on security through obscurity at any level, or a crippling of general purpose computers?
  • what the hell? (Score:2, Interesting)

    by Anonymous Coward on Tuesday October 15, 2002 @09:17PM (#4458251)
    I would like to know one thing. It's to do with this combination of words:

    Microsoft. Computer and Network Security. Lecture. MIT.

    Ha.

    I'm sorry. I just don't understand how Microsoft is able to lecture students on the merits of their (closed, proprietary) technology at a university. What is the purpose of their visit, and how did it come about? Are they going with the intent of selling the idea of Microsoft 'security' to students (who, of course, would eventually be prospective employees or clients)?

    I suppose I'll actually be pretty suprised if they were there in a serious, technical (and non-marketing) capacity given Microsoft's blatant hatred of the opinions of others when it comes to anything that doesn't fit their corporate vision. This also seems odd remembering their policy of (in)security through obscurity.

    Just walk out of there if they try to make you sign anything.
  • by Kindaian (577374) on Tuesday October 15, 2002 @09:18PM (#4458255) Homepage
    Why should one buy a more expensive Palladium compatible computer if they can buy a cheaper non-Palladium one?

    Why would a company restrict the content they provide and thrus limiting their consumers with a tecnology that will divide the world and conquer nothing?

    Cheers...
  • by danheskett (178529) <danheskett AT gmail DOT com> on Tuesday October 15, 2002 @09:21PM (#4458273)
    None. That was easy?

    Seriously, your question is like asking: "how will PGP affect me sending e-mails to my grandmother, who doesn't have PGP?"

    Thats really all it.
  • It Will Be Broken (Score:4, Interesting)

    by Yossarian45793 (617611) on Tuesday October 15, 2002 @09:23PM (#4458282)
    First, let me say that I understand the goals of Palladium, including why it would be a valuable technology for MS customers and others; and I think I understand as well as anyone how the technology works, having only seen the publicly available information. My question is:

    What makes Microsoft think that Palladium won't be broken or circumvented, given that the information security community at large has not had a chance to review the technology?
  • by gwernol (167574) on Tuesday October 15, 2002 @09:26PM (#4458309)
    The great technology boom of the 80's and 90's - and the wealth that was created as a result - happened because ownership of Personal Computers became widespread. Microsoft and Intel were two of the key players that triggered that explosion. One of the most important reasons people brought PCs was because they could write or run any software on them. They were open systems controlled by the user - not a corporation. Unlike the mainframes and minicomputers that preceeded PCs you could run the software you wanted and you didn't have to seek permission from yourIT staff.

    Does Microsoft really believe its best course is to enforce a return to the bad old days of corporate control of computing through Palladium and other DRM mechanisms? Doesn't this route open up the way for a competitor to give people what they really want - control over their systems? Isn't this the beginning of the end for Microsoft?
  • "More of a basic business question, but didn't anyone learn from Intel's ill-fated processor serial number "feature" in the Pentium III, or the Div-X movie fiasco? Why would consumers want this at all, and why will they choose it over other alternatives?"

    Or conversely, "Why does Microsoft believe that Palladium will earn a positive cash flow for the company, satisfy return on investment, etc, in the long run?

    Essentially, "what's in it for YOU?" This could reveal some interesting information about their long term strategy and core motives.

  • by Broadcatch (100226) on Tuesday October 15, 2002 @09:36PM (#4458369) Homepage
    For Palladium to authenticate licensed media, there must be some set of public keys stored in the hardware somewhere.
    • Who holds the private keys?
    • How does a new media producer get their media "signed"?
    • What happens if a key is compromised?
  • Engineering holes (Score:3, Interesting)

    by Henry V .009 (518000) on Tuesday October 15, 2002 @09:37PM (#4458372) Journal
    You've went to a lot of trouble to make the Fritz chip uncrackable, but Palladium has to be enforced in software. Taking control of the boot loader was a good idea, but what do you do when someone exploits a buffer overrun or a backdoor--or a macro in Word 95--to run arbitrary code, and disable all Palladium features. Isn't all your effort completely useless?
  • 2 Questions (Score:4, Interesting)

    by Proudrooster (580120) on Tuesday October 15, 2002 @09:40PM (#4458389) Homepage
    1. Will turning Palladium "off" ALWAYS be an option in the future?

    2. What is plan "B" for a TPA (trusted computing architecture) when Palladium hardware security is defeated and anyone can run bogus signed code?

    ( I secretly want them to answer "Why, that's impossible, no one could ever break Palladium." )

    * The Titanic was an UNSINKABLE ship! *
  • by Anonymous Coward on Tuesday October 15, 2002 @09:45PM (#4458413)
    I. Who will be responsible for maintaining the list of valid "certificates" identifying secure environments? How will a site identify those who it trusts?

    II. Under palladium, what mechanism will there be to "upgrade" to newer computer equipment, or restore material from backups to a replacement system?

    III. How will the individual shareware or freeware developer be able to develop code that runs in the palladium secure portion.

    IV. For security, you need to have a root "key" that decrypts all others. However, this key has to go over an unsecure bus (typically LPC bus). LPC sniffers were used in the X-box hack, how will palladium remain secure from these.

    I am posting anonymous for a reason. If you agree with these questions, please mod me up.

  • Re:Demand? (Score:5, Interesting)

    by TellarHK (159748) <tellarhk@@@hotmail...com> on Tuesday October 15, 2002 @09:45PM (#4458414) Homepage Journal
    What do you mean "playing with nothing less than the death of the general purpose processor", they're openly -banking- on it. Microsoft has wanted to kill off the idea of the "Personal Computer" ever since they realized being a monopoly and letting other people work with the same hardware, building on their software layer was going to be a losing gamble in the long run.

    They want to lock everything down and help the industry along back to the era of computing devices, rather than flexible, expandable, personal computers. This new "Freestyle" media center is just the beginning if you think about it. You can't -buy- a Windows Media Center license, you have to buy the software installed on a Microsoft-approved machine. Unless the software industry as a whole fights back against this push, we'll see the death of PC's within the next 10-15 years and the rise of a more fragmented, more expensive series of black boxes.

    Why should Microsoft include DirectX in a PC when they have Xbox? Why allow people to build whitebox machines and risk them installing someone else's OS on it when they can tear the PC apart and make multiple "appliances" that conveniently link together bit by bit in order to become what people want? Snap your internet module into your media module, then connect your IO module and run the whole thing on WindowsCE 2010.

    Call me paranoid, but I'm really afraid they'll find a way to make this profitable for the whole industry and completely kill the hobbyist when it comes to the new gear down the road.
  • A line of Questions (Score:5, Interesting)

    by Sylver Dragon (445237) on Tuesday October 15, 2002 @09:46PM (#4458418) Journal
    1. Will it be possible, as a home user, to create and digitally sign a creative piece of work? Such as, a home movie?

    2. What ramifications will this have on digital content created before the introduction of Palladium? Will it still play?

    3. Will the information necessary to create a Palladium enabled viewer be available to public? Or will we only be able to use Windows Media Player to play Palladium enabled content? What are the projected licesing costs for a company that wishes to create a viewer that is able to view Palladium enabled content?

    4. Will hardware that requires a signature be able to run content that does not have one? (if yes) Will this then mean that any software that pre-dates the hardware must be upgraded? (if no) Then how will this system differentiate between a desired, older, program, and a virus?

  • Palladium questions (Score:2, Interesting)

    by knorthern knight (513660) on Tuesday October 15, 2002 @09:47PM (#4458425)
    MS has made much hype about how Palladium will improve end-user security against email viruses.

    Q1) What will Palladium accomplish for end-user security that couldn't be accomplished by turning off auto-execution and refusing to execute email attachments ? I.e. an audio/x-midi attachment should be *PASSED AS A DATA FILE TO MPLAYER*, rather than executed directly. This would've stopped KLEZ dead in its tracks.

    Q2) A couple of names... "Aldrich Ames and Jonathon Pollard". Given that the CIA can't keep secrets, how does Microsoft expect to ? All it takes is one mole in MS, or one disgruntled employee to give out Microsoft's authentication signature. And every virus will show up as a "properly signed app". *WHY DON'T YOU GUYS TURN OFF AUTO-EXECUTION FER-CRYIN-OUT-LOUD* ???

    Q3) Microsoft has Palladium patented like crazy. How much will MS charge to allow allow Open Source apps/OS's to run under Palladium ?

    Q4) What restrictions/conditions, if any, will Microsoft place on Open Source or any 3rd-party apps/OS's to run under Palladium ?
  • by Zeinfeld (263942) on Tuesday October 15, 2002 @09:48PM (#4458430) Homepage
    Microsoft? Other software vendors? Any software vendor? Artist representatives? Joe blow down the street? Or, hopefully, whosoever the owner selects?

    Anyone the content owner selects.

    The point is that the content owner has control here. If you don't want to palladium control the video you send to granny then don't lock it, if you do want it protected then lock it.

    A more significant question is 'will companies not affiliated with major labels be able to use palladium to control access to their content without discriminatory terms?' In Europe Rupert 'Fox news is not biased right wing crap' Murdoch got control of the independent satellite chanels because he had control over the encryption scheme implemented in the decoders and could discriminate in the charges to use it. The labels could use a similar mechanism to keep out indie labels and band owned labels.

    There does have to be a root for hardware though. Microsoft has not yet said how the root will be managed, however since Brian stuck all the SPKI stuff into dotNET he does appear to be into single rooted hierarchites.

    Assuming that the harware manufacture will follow the DOCSIS model (which TCPA seem to be doing) there will be a root owned by some manufacturing consortium that any manufacturer can get certified under provided they undertake to meet the trusted criteria.

  • by danheskett (178529) <danheskett AT gmail DOT com> on Tuesday October 15, 2002 @09:49PM (#4458436)
    Okay, lets settle this once and for all gigs.

    The answer is of course yes. YES.


    Its simple. Three parties. You, the media provider, middleman.

    You arrange for content from media a provider. They issue a license which is held in escrow by the middleman, who is paid *directly* by the consumer (you). The media provider issues you custom encrypted media file, with the only key going to the middleman *anonymously*. Your software starts and downloads, sends your file hash/details to the middleman, and the appropriate key is downloaded. As long as no one else simulatenously has the key, it is issued anonymously. You listen to the music. When you want to "move" that media file to another machine, or sell it, or give it away, or whatnot the key is removed from your machine and checked back into the middleman. It can then be rechecked back out. The middleman never has to know the owner's identity, which machine its on, or any of that. It simply holds a small file with a key in it. When the key is checked out the file is destroyed.

    The real weakness on this system is the client. If the client has a "hole" in it - something that lets the raw unencrypted data out to another portion of the system - the system is bust. That's where Palladium system comes in. Software that is on the middleman's approved list - with the binaries being approved ahead of time - would reside in a Palladium like secure-system portion of the system after loading. Encrypted communications (SSL) would download the key into a sealed storage area of the system. The security chip would be responsible for protecting the output path (as Palladim supposedly will), the audio path (as secure audio path supposedly already does).

    The whole thing is open, using established encryption techniques. It is anonymous. It is backed by hardware protection of the unencrypted data. And it has no effect whatsoever on normal functions of the PC. Furthermore, OSS systems could be fully friendly towards it, with absolute no compromise of any principles of the FSF or OSS. The player software is entirely open, as is the communications protocols. The only caveat is that the software development cycle on this software will be much slower thanks to the code review needed by the middleman. This is to be expected, but it is somewhat necessary. Additionally you'd have to carefully compile it on OSS systems to ensure that the key binaries are an exact match to the middlemans approved list.
  • by Lethyos (408045) on Tuesday October 15, 2002 @10:01PM (#4458520) Journal
    "Microsoft is evil, blah blah blah..."

    Now that's out of the way, let me remind you that there's a lot of truth to this often repeated statement. Palladium is, in a lot of ways, a cool, if horribly unoriginal technology (the concept of making software dependent on the presence of hardware to run has existed since dongles).

    Regardless of how cool, funny, or "weak" it is as many of you claim, Palladium has two purposes. 1) Palladium is meant to make other deep-pocketed interests happy (more money for MS). 2) defeat any and all competition to Microsoft products.

    It's very clear: Microsoft has the say-so in what code gets to execute on a Palladium-tainted computer. What code do you think will be allowed to execute?

    You will argue: "It will be cracked." "We can stick with old computers." "This will not be accepted by businesses/consumers." But those arguments are either irrelevant or fall flat on their faces.

    First of all, I agree. It will be cracked without a doubt. But do 99% of the users out there know how to use such cracks to free themselves? Do any of you crackers out there realize how complex this system is?

    Second, we cannot stick with old computers. This is evident by the fact that there are hordes of users out there running 1GHz processors with half a gigabyte of RAM for the purposes of checking their email. Plus, software will always get more sophisticated and people will always want higher framerates, and so on. New computers will be purchased.

    Last, of course consumers and businesses will buy up Palladium hardware! This is, without a doubt, the most absurd assumption anyone can make! "People don't want another DivX!" "People don't want to give up their rights!" Bullshit. People do not even know what their rights are. Not to forget that marketing spins already exist that are meant to convince people that they are getting something (increased security) when they are having something taken away. (Apologize to the guy who coined that phrase.)

    Palladium is very real, and it is a very real threat. It will be adopted if it is allowed to continue. Even if we educate the public, it will press on (after all, users running Windows left and right, despite superior alternatives)? Sadly, I have no suggestions on how to deal with it... but we must certainly not take it as a laughing matter.
  • by cenobita (615440) on Tuesday October 15, 2002 @10:02PM (#4458526)
    What this does mean, however, is hardware fiends going crazy to pick up "old" hardware. It's an OCP paradise, and should help breathe new life into hardware that's been moved to the "obsolete" pile..those of us who know hardware, however, know that even a 486 can be useful. This is immensely true for hardware that's slightly pre-Palladium. It's also a very good way to strip money from the hands of AMD and Intel..the more people boycotting this technology means a larger chance that the manufacturers will rethink this decision.

    It's unlikely to work, of course, due to the huge line between a hardware geek and mainstream user.. but I think it could make some kind of dent. Certainly one that could last until someone is able to bypass/crack/trick Palladium.

    So, I say let them do whatever. Last I checked, my Athlon XP 1500 ran FreeBSD very smoothly.

  • by default luser (529332) on Tuesday October 15, 2002 @10:03PM (#4458536) Journal
    Seriously, IBM was at the top of the PC world in the mid-80s when they tried to act god-like.

    They introduced the PS/2 and with it MCA. They even had the gall to threaten all clone manufacturers with retroactive licensing fees. They wanted the PC world for themselves, but clone makers stuck to their guns.

    With so many alternatives, consumers voted with their pocketbooks, clone makers fought back, and IBM permanantly lost their lead in the PC marketplace.

    Why does Microsoft think this won't be another PS/2, a death-knell for a company who thinks itself to be impervious?

    Apple's products have come closer to price parity with PCs every year, and OSX could gain incredible momentum, given the proper influence. Now more than ever distributions like Mandrake and Redhat are making Linux a usable alternative for the x86 platform. I personally believe this could be more than just a bust for MS, in the current climate it could be a critical error.
  • by yorgasor (109984) <ron&tritechs,net> on Tuesday October 15, 2002 @10:07PM (#4458560) Homepage
    Are you really trying to just obsolete all your old software so everyone is forced to upgrade to your latest and greatest OS & computers just to be able to make basic transactions on the internet?
  • by McCart42 (207315) on Tuesday October 15, 2002 @10:16PM (#4458621) Homepage
    How can user written software run on a 'trusted' system?
    From the Microsoft Palladium FAQ: When running, "Palladium" provides a parallel execution environment to the "traditional" Windows kernel- and user-mode stacks; "Palladium" runs alongside the OS, not underneath it.
    I think what they're trying to say is that you'll be able to run non-licensed software, however you'll receive a nasty warning similar to the warning in XP if you try to install non-WinXP certified drivers. So I see Palladium being like the Intel processor serial numbers, except you'll NEED to enable it for certain software. And of course it'll be cracked 2 days before release.
  • by Anonymous Coward on Tuesday October 15, 2002 @10:17PM (#4458629)
    I've tried to limit these to technical questions only. Some of these could fall more under the TCPA's stuff rather than M$s Palladium, but might be interesting to hear what they'll try and pull:

    What kind of performance hit can users expect to have when using encrpytion/DRM? And can they provide any benchmarks to back up any claims?

    How much hardware will have to be "upgraded" to work with Palladium-enabled software?

    What is the expected lifespan of Palladium security? I'm talking about this rev, not any "future versions".

    Speaking of security, what kinds of encryption are they going to be doing? IIRC, TCPA calls for both symmetric and public key encryption. Key lengths? Uniqueness of keys? Disposablibity of keys? Key storage by third parties for any reason? Proof of any of the above (particularly the last one)?

    How can a user ascertain if their system is running in "trusted mode" or not? Is it technically possible for a "trusted mode" to be running without the user's knowledge or consent? And, of course, how would they prove it?

    Do users have the ability to determine all that is running on their system in or out of "trusted mode"? Let alone control that?

    I believe I read somewhere about Palladium being able to create "vaults". If so (and I just wasn't hallucinating. Again), can multiple "vaults" be created, or even nested? Again, does the user have the ability to easily determine and access all vaults? If not, why not?

    Speaking as someone in academia, how will this affect those of us trying and developing software and even hardware (unfortuneately some of the tools I've personally used have required the use of Windows)?
  • by SiliconEntity (448450) on Tuesday October 15, 2002 @10:23PM (#4458662)
    I would ask this:

    Will it be possible for new peripheral devices, like disk players for Super Audio CD or DVD-Audio, to use Palladium to make sure that only "authorized" (by the drive manufacturer) software can read the data from the disk drive? I.e. will the drive firmware be able to use Palladium to get an attestation on the secure hash of the running software that is trying to access the drive?

    This would end unauthorized ripping of data from these new formats, which would be tremendously valuable to the content companies. It is plausible that these companies would only allow their drives to go into computers if Palladium could provide this assurance. Therefore by providing this capability, Microsoft would make PCs more attractive and useful to consumers, sell more copies of Windows, and make more money.

    Microsoft has both the incentive and the technological capability to do it. But they haven't said if they will, and none of their public discussion has touched this issue. Please ask them.
  • Several Questions (Score:2, Interesting)

    by kcb93x (562075) <kcbnac AT bnac DOT biz> on Tuesday October 15, 2002 @10:41PM (#4458752) Homepage
    1) a) How will one be able to turn off Palladium? (Suggestion: a physical switch, that is accessible from the outside of the case, for non-techies to use; also, this way it cannot in any way be remotely turned off) b) How will we be SURE that it is off? 2) a) Assuming that Palladium can be turned off, will the system work as though it were a normal system today? (I.E.- no Palladium) b) If the answer to 2a is no, then why? 3) How will everyone be SURE that Palladium will be able to run any OS, not just a Microsoft OS, and what will it take for an OS to be put on the "allowed" list? 4) Will Palladium have a time-out date after which someone will have to pay a new fee, or risk lock-out/deletion of their data? 5) What guarantee will the public have that Palladium won't lock out anything that Microsoft doesn't want run, and how will the public be able to file a complaint, and have it dealt with, for sure? 6) Will Palladium authentication of a program be free, by the creator of the program, so that it can run under Palladium?
  • by gidds (56397) <slashdot@@@gidds...me...uk> on Tuesday October 15, 2002 @10:42PM (#4458761) Homepage
    Why would consumers want this at all...?

    Content.

    IMO it's a similar situation to DVD region coding. Consumers never wanted it, but the big studios wouldn't put stuff on DVD unless it was protected, so the electronics companies had to agree to it, and if we wanted to use DVD we had to as well. Which many did. If M$ can make a must-have Palladium app (probably business- rather than consumer-targetted), then you'd be surprised how many go for it.

    Of course, the DVD protection was broken: player makers turned a blind eye to region mods, or even quietly introduced them themselves; and similar hacks became available for many DVD-RAM drives. Nevertheless, region coding still exerts a good deal of control over the DVD markets, and causes many consumers great inconvenience. And the same will happen with Palladium: if it becomes widespread and desirable, then someone is bound to crack it. But that won't stop it from causing untold pain and misery.

  • by SiliconEntity (448450) on Tuesday October 15, 2002 @11:09PM (#4458917)
    What kind of data recovery plans will exist if I buy $1000 dollars worth of digital music that is tied to my processor, only to have my processor get fried in a power surge? Will there be any way to recover my investment, or is it lost? If so, what's to prevent hackers from using that recovery mechanism? If not, how can this be a benefit to customers?

    Microsoft hasn't said how this would work, and it is certainly a good question. But I don't agree with your implication that it is somehow an unsolvable problem or indicates that Palladium must be weak.

    The related TCPA scheme did have a proposal for how to deal with this. The idea is that your crypto chip has a key in it that encrypts all this data. You can get it to export this key in a "blob" that can only be decrypted by the manufacturer. (Actually the key is exported in two parts, one in the clear and one in the blob, that have to be XOR'd together to recover the real key.)

    If your crypto chip dies, you buy a new computer or motherboard with a new chip. You send the backed-up blob and the new chip identifier to the manufacturer, who decrypts the blob data and re-encrypts it for the new chip, and sends it back to you. You then enter this into the new chip, along with the other half of the key, and presto, your new chip is initialized with the same key that was in the old one. So your new computer can read the data that was locked to the old computer.

    This is all done in such a way that neither you nor the manufacturer ever sees the crypto key, so the data is still protected.

    Now, this is pretty cumbersome, and maybe Microsoft will come out with something better. If this is really going to be a detailed technical presentation, this would be an excellent question to ask. Just don't assume they can't answer it!
  • by Anonymous Coward on Tuesday October 15, 2002 @11:10PM (#4458923)
    What changes in the underlying Intel architecture (IA32 or IA64) are required to support Palladium?

    Or will will a current generation Pentium support Palladium with auxilliary co-processors?
  • I want to know... (Score:2, Interesting)

    by A non moose cow (610391) <slashdot@rilo.org> on Tuesday October 15, 2002 @11:51PM (#4459144) Journal
    1. What special networking services are going to be in play to keep everything in check (if any).
    2. Will there be special ports left open (incoming or outgoing) for over-the-Internet verification or security checking purposes?
    3. Will there be any detrimental effects for a Palladium machine that has no Internet connection?
    4. Is it possible for the hardware solutions to be emulated with a mod chip/chips?
    5. If Palladium is disabled to get around a problem, what happens if it is later re-enabled?
    6. If using a Palladium machine to develop software, is it possible that some code will not run because of a Palladium restriction?
    7. Is Bill Gates really Borg?
  • by danheskett (178529) <danheskett AT gmail DOT com> on Tuesday October 15, 2002 @11:52PM (#4459148)
    It actually is very friendly.

    1. The only binary that needs to be trusted is the client/player. Thats where the hardware sealing and attestion are key. The rest of the system is *lower* in privelage than the client/player and hardware nub.

    2. The middleman has vast incentive to approve as much software possible, because that directly translates into mroe revenue. This is why it is important for them to chare consumers directly. They will be working for you, not the media companies.

    3. Anyone can see the binary and the source. The same program could run either trusted or un. The only difference is that when the program is executed as a trusted app, the special hardware provides the system with the hash of the code. This means that the middelman can confirm that the player is what he thinks it is. And since that portion of the system is off limits, once the hash is taken that code is permanent - it can't be modified by any portion of the system.

    4. An open source implementation of this would be very minimal. It would consist of an SSL transport layer, a version of XMMS that is striped down somewhat to remove outputting features, and a module to decrypt media encrypted with ther key from the middleman. After this code is assembled and tested, it is given to the middelman, who verifies it doesn't provide any loops. After that it is compiled against various systems and hashes are taken. This could be pretty serious job since most libraries would have to be compiled in statically - especially input/output libraries (it'd break the system if glic was linked outside the trusted portion of the system, the app would emphatically refuse to run).

    5. The code for the player could be distributed in any form. Improvements would have to be re-validated by the middleman of course. This will slow down the development cycle (daily releases aren't viable in this case).

    6. The binaries could be modified, as well as the source by anyone, but the program would not match the hash expected by the middleman, and encrypted content would not be decrypted and therefore played. However, that same binary would work fine with non-encrypted content.
  • Intel Serial number (Score:4, Interesting)

    by jmorris42 (1458) <jmorris@beau.EINSTEINorg minus physicist> on Wednesday October 16, 2002 @12:06AM (#4459221)
    Except of course it wasn't ill fated at all. When the public outcry came along, the allowed the BIOS makers to put in an option to supress it. And they all did. For a time.

    Got some Thinkpads a few months ago and guess what? The option is GONE. They win, we lose.

    Expect the same tactics again. In the beginning it will be optional but it won't stay that way long.
  • Re:Second post! (Score:1, Interesting)

    by Anonymous Coward on Wednesday October 16, 2002 @12:08AM (#4459231)
    I agree, MS employs a lot of smart folk who do good architecture & design work. The area they usually fall down in is execution (coding), sometimes due to market demands, fiscal constraints, and the like.

    I'd be much more interested in a removable key system, say a USB storage device that fits on a keyring (what you have), and perhaps a password (what you know) to secure my sensitive data. A centralized scheme is too ripe for abuse, and to make it less so would only produce a underfunded mess (much like the US Govt or VeriSign is now).

    I think one good question is:
    How does MS plan to make money off Palladium?

    There's obviously the patents and the proprietary source code, but where's the "value" to buyers?

    One way is to lock up content (enforcing intellectual property laws). Another is to lock up systems (enforcing software copyrights and security policies). But neither of these brings any value to the buyer, other than offering some level comfort that they're not breaking laws.

    I guess it's just to help businesses do business. And since businesses are the largest buyers of computers, it will do well. However, if you're not a business, you just get to foot the bill.
  • Re:Second post! (Score:3, Interesting)

    by Zeinfeld (263942) on Wednesday October 16, 2002 @12:10AM (#4459255) Homepage
    Sounds to me like you are a security wannabe who obsesses about perfection in certain areas and ignores the fact that the result is unusable. The perfect is the enemy of the good.

    Typically you'd rather lose data on an encrypted disk than risk it being compromised. Key recovery and key escrow go directly against this. Replacing mathimatically proven security for a human trust form of security = Bad idea.

    You sound an awful lot like Bruce didfive years ago before he got a clue and wrote secrets and lies which is all about why mathematically perfect systems are not what people want. BTW the main objection to Palladium is that it may not work if it is too perfect.

    I sell key recovery systems, all my customers disagree. There are very few companies who would like to loose their accounts (other than those run by close supporters of George W Bush). If there were no demand for key recovery I would not sell it.

    As for storing a CC number on your computer and only allowing trusted wallet applications to access it. Sure, its rather stupid to store stuff like that on your computer. However you are far more likely to get it stolen from the other end.

    Not so, we can encrypt the cc number so that it is never known to the merchant (apart from the last four digits). SET did this years ago, it failled in part because of complexity but also because of the store on the PC issue.

    Finally, if you want to prevent a computer from booting if tampered with. It is pretty easy to boot from a write protected floppy. Put whatever verification you want on that.

    That is not particularly practical and not particularly secure either. Unless you can put the whole TCB onto a floppy (hint you can't get much of UNIX onto a floppy) then the attacker can compromise other system files and you are toast.

  • by metacosm (45796) on Wednesday October 16, 2002 @12:14AM (#4459279)
    Wouldn't this imply that if the hardware vender died and sold off all of its IP (to help pay off those debts) that if your hardware died, your data would in-effect be gone forever, or you would have to illegally violate DMCA to get to it?
  • Re:Optional (Score:2, Interesting)

    by Tablizer (95088) on Wednesday October 16, 2002 @12:31AM (#4459365) Journal
    IIRC I read that DRM would be "optional." Could you ask them what "optional" means for me?

    As far as they are concerned, letting you use any software and content is also perhaps optional.

    IOW, it is similar to how obeying a red light is "optional".
  • What, Why? (Score:4, Interesting)

    by dosh8er (608167) <`oyamao' `at' `gmail.com'> on Wednesday October 16, 2002 @12:51AM (#4459456) Homepage Journal
    What effect will this have on people who want to run multiple OS's (let's just say for lack of argument, OS/2, or older versions of Windows... BeOS, linux doesn't even NEED to fit the picture here...)? Would this cause problems for re-installs, re-formats, etc. (What effect will this have on the frequency of re-installing?) How will this help the growth of private building of systems, existing hardware, hobbyist usage of BASIC stamp kits, etc.? need i go on? Why should manufacturers of various computer components/accesories follow suit?
  • by MrWorf (216691) on Wednesday October 16, 2002 @01:10AM (#4459525) Homepage
    How will paladium affect computers and OS in other countries? I'm from sweden and the prospect of living with US laws (DRM, CARP, DMCA, etc) isn't a very compelling idea.

    Will we (non US) be unaffected by paladium? If so, how?
  • by spitzak (4019) on Wednesday October 16, 2002 @01:26AM (#4459583) Homepage
    You don't seem to understand the question.

    If there is a player that plays unencrypted content, then it is possible to copy movies. It only needs to be copied once, perhaps by a hacker with hardware modifications, or by pointing a video camera at the screen, and then can be played everywhere.

    If only encryped content can be played, then it does not matter if some hacker makes a copy, it cannot be played on most people's machines. Every single machine would have to be hacked to enable it to play some new player that allowed unencrypted content. The security to IP is enormously greater with such a system, ie hundreds of millions of times more secure, so much greater that the drive to enforce this system will completely squash any morals or promises by a few people at MicroSoft.

    But how will parents send grandma their videos of their baby? The answer is they won't, and they will forget the fact that there was once a time when a recording could be removed from one device and put into another. Or more likely they will be able to do it with a live connection through a trusted 1:1 connection from their camera to grandma's desktop.

    Nobody will be able to record music, make movies, and possibly even publish text without a license from a media conglomerate.

    I believe this is going to happen if these schemes are not stopped now.

  • Blank screen (Score:2, Interesting)

    by Cheese Cracker (615402) on Wednesday October 16, 2002 @01:42AM (#4459638)
    Here are some questions you might want to ask these guys:

    1. Will American government agencies (eg. FBI, CIA, NSA) have access to the data gathered by
    Palladium?

    1.1 If 'no': WHO will have access to the gathered data?

    2. Has Microsoft considered that the rest of the world might go their own way when it comes to
    OS and software?

    3. Why does Microsoft have the right to poke around inside a person's private property?

    If they say something like they have the right to do it because you might have illegal copies
    of software they own, then ask one of the two questions below:

    3.1 Is it okay if local store owners in Redmond break into Bill Gates' home a
    little bit now and then, just to check if Bill has some of the stolen items
    originating from their stores?

    3.2 Would you accept video cameras in your house that's controlled by the police?
    After all, you might be a thief and keep stolen goods in your home...
  • by cenobita (615440) on Wednesday October 16, 2002 @02:00AM (#4459688)
    in terms of research and development/setting the standard, i'd say that's very true. still, i can't help but wonder realistically what this translates to in terms of revenue for manufacturers. there are still a large number of mainstream types who consider themselves "hardcore gamers", even if they don't even know what overclocking is.. they do know, however, that if you want framerates that will burn a hole through your retinas, you need hot-shit hardware. real hardcore gamers would build their own system, as far as i'm concerned..even so, i'd be willing to bet the people buying those crappy systems from the likes of dell and hp aren't all stay-at-home mom's and webtv converts. optimistically, hardcore types will boycott palladium, but realistically, they can only hold out so long before the games start to rely on uber-ninja gear (at least in their minds).
  • by atrus (73476) <atrus@atrustriva l i e . o rg> on Wednesday October 16, 2002 @02:23AM (#4459750) Homepage
    Thats because in the new cores its disabled on the silicon.
  • Good question (Score:2, Interesting)

    by TyrranzzX (617713) on Wednesday October 16, 2002 @02:51AM (#4459814) Journal
    Since it seems the majority of slashdots audience is 13 year olds.... If you want to make them sweat, ask the questions that are going to hurt the most. The General ones are too easy, you want to reinforce the pain with direct evidence as to their incompetance. I think I have a batch that will make them squeam in pain and potentially give the poor representative a heart attack. 1: If Microsoft is going to implement any autonomous updating mechanisms in Palladium or any future operating system, will those autoupdating mechanisms be protected against the attacks that, for example, allowed the virus, Nimda, to slip into a help file in the korean release of .net, or allowed previous viruses to slip into updates Microsoft publicly released? If Microsoft was hacked and someone was able to execute a DDOS attack with however many millions of PC's a Micrsoft had autoupdated, what kinds of recovery mechanisms and schemes would be in place to recover from such of a disaster? And finally, would these recovery mechanisms include saving a users data if the virus hadn't already wiped it out? -To give them a heart attack. Point out the biggest, baddest, most major flaw in their system that can indeed be exploited. 2: If Microsoft is to compete with linux and other open-source operating systems, what portions of code would microsoft be willing to release to the public so modifications of the operating system would be possible? -To catch them completly off guard. 3: Will there be any central-verification of ownership with Palladium much like that implemented with XP that would require the dissemination of user identifiable data to Microsoft as a verification of purchase mechainism? If so, will this automatically sign users up for passport? Also, would such data be protected against dissemination out of Microsofts computer system much like the accidental posting of Passports users PI on Infospace's Internet White Pages which attributesd to Hotmails spam problem? In addition, will users be opted out of all advertising and any security features and/or extras by default? -To make sure that they will keep our data safe and secure. I especially like the last line =) 4: Will Microsoft's palladium enabled software, such as the Office Suite, have proper, GPL'd lisencing for at least 1 file format so that users may opt-out of having their data stored in a properietary format? -A bit more aggressive, but it's something they won't be ready for either. 5: What will a palladium-enabled operating system consider "secure" software? Will it be anything of the users choosing or will software only be allowed to run if it has the proper securities approved by some external party? - This is nailing the coffin shut, frankly. They will be prepared for this one, but unless they answer "users will be able to do what they want with palladium enabled" then they are directly answering that something is amiss.
  • by Alsee (515537) on Wednesday October 16, 2002 @03:01AM (#4459852) Homepage
    Won't Palladium delay the release of critical security patches, leaving computers vulerable to attack?

    This question should probably be saved until some of the groundwork for it has been already been covered. Here's the basis for it...

    Palladium programs and any Palladium data can only be used on a trusted nub ("nub" basicly means kernal). Any changes to the nub are going to have to be submitted for approval as a new trusted nub. How long will this approval process take?

    I think they plan an "independant" body to certify/sign a nub as trusted. If so point out this will massively delay the release of their security fixes.

    If Microsoft plans to do their own certification that their nub is trustworthy then point out that they are leveraging their 90+% marketshare to create a monopoly on trusted nubs and all commercial use of Palladium.

    -
  • Palladium could work (Score:2, Interesting)

    by quinnharris (450919) <slashdot@quinnh.org> on Wednesday October 16, 2002 @03:17AM (#4459930) Homepage
    Why do most so many people use Microsoft products? Is this because their products are functionally better? Or does a network effect play a large part in Microsoft's success. The more people that use Microsoft products and especially the OS, the more applications will work with them, thereby increasing the utility of their products. In addition, many users use Microsoft products because it appears to be easier to conform to the status quo.

    I believe Palladium is an excellent means to extend the magnitude of this network effect. Microsoft knows that consumers will not be eager to purchase products that seem inferior to there predecessors. And Palladium will not look inferior. A Palladium system does not directly restrict what the user can do with the system. You will be able to run all the applications you run now and use them in the same way on a Palladium system. But, a content provider will be able to effectively only provide content to consumers running the software they deem appropriate. This software can be very restrictive. If you decide not to use the restrictive software, you give up your right to receive content from providers that require it.

    The success of this technology as a DRM tool rests in not restricting the consumer to much. Lets assume the system is developed to a point where it can reliably authenticate an individual user via a smart card or something. This would allow a user to receive the content they licensed at any system that can authenticate a user and is trusted by the content provider. While this trusted systems will only allow users to access content they are authorized to access. If Microsoft could provide a reasonably high penetration of Palladium products, many consumers would find the restrictions of the system reasonable enough to justify purchasing protected content. The more consumers that purchase content, the greater the demand for Palladium products to utilize that content. The more Palladium products the greater the demand for the protected content. There is clearly a critical mass in which palladium would prosper or flounder.

    Its important to note that in this scenario, Palladium didn't restrict the user from doing an explicit thing they could do before like playing there mp3's. It simply provides the consumer with access to more content. This is assuming this content isn't provided by means outside of Palladiums control. For this reason, I would expect software will be the first candidate for exclusive distribution within the palladium realm. Infact, Microsoft can add value to palladium by providing software that can only be acquired by a palladium system.

    If the use of palladium becomes wide spread, a palladium enabled computer would offer a distinct added value in terms of available content over a non palladium counter part. Yet, to be an effective palladium system, the content providers must trust that system. But, establishing a system as trusted will be an expensive task. An individual would not be able to modify their palladium open source kernel (if such a thing will ever exist) and expect it to be trusted. If this where the case, palladium would be ineffective. This will prove to be a major challenge to open source development. It would inherently make working on many open source projects reduce the value of your computer.

    If successful, the Microsoft palladium products will be better than the alternatives not because of technical merits but simple because they are trusted. Establishing software as trusted by the plethora of content providers could prove to be a task only the largest Corporations could afford.

    This leads to the question. How will a content provider know what software to trust? Will each content provider need to explicitly define what software they trust? If an entity developed a palladium OS, would that entity need to get each content provider to trust it in order to compete with the Microsoft products that will undoubtedly be trusted by all?
  • by bgins (446545) <bgins@hotmaiPLANCKl.com minus physicist> on Wednesday October 16, 2002 @05:36AM (#4460293)
    As I understand it from the FAQ [cam.ac.uk] mentioned in the original post, Palladium enables 'trusted' computing in the sense that vendors trust the computers to operate according to policies they control. Thus, vendors can wield strong control over their markets and will be encouraged to bring out more copyrighted material without risk of loss of profits. This is Bill Gate's answer to the Software Piracy campaign MS started back in '99 or so.

    The obvious question with this is: What is the control infrastrucure for Palladium? Who controls file revocation lists? Who controls policy enforcement? Who can gain control through the courts? Who can gain control without users' knowledge?

    Specifically, How is storing private RSA keys on an SSC (Security Support Component [microsoft.com]) different from centralized key escrow management? (Won't the SSC vendor know or at least be able to know the private key?) Also, What are the costs of using blacklists and whitelists?

    Another obvious question, although less technical, is: How this is going to succeed where eBooks have not? Back in 2000, when eBooks were the just coming out, Microsoft predicted that it would be a multibillion dollar industry with rapid growth. Digital copyright protection capability was added to their version with the hope of securing their revenue. How are eBooks doing now? Are there any conclusions that can be drawn from this? Perhaps this is an instructive analogy to extrapolate from.

    Finally, and perhaps most importanly (but least answerable), the two FAQs above paint rather different pictures of Palladium and TCPA. How are we to know what the effects will really be? Do we have to look at the source [microsoft.com]?

  • by swilver (617741) on Wednesday October 16, 2002 @05:52AM (#4460317)
    Assuming that at some point the hashing algorithm will become public knowledge (hacked or otherwise), then you can fake your binary to get any hashkey you want.

    For example, if you got a MediaPlayer program and its approved, then you could subsequently modify it. Make it for example stream the unencrypted data to a file, instead of displaying it. It would involve tweaking the binary a bit so it would produce the correct hashkey.

    Given a hashkey system that generates say 128-bit hashkeys, then you can create any given hash key with your binary by just altering 128-bits at the end of the program (or in some unused string) until you get the right hashkey. This technique is already used to fool P2P programs into thinking a specific file served by someone is the same as the file you are really after, even though its protected by a hashkey.

    Only problem I can see is that it might be too much work to find the combination that generates the correct hashkey; it would depend on the algorithm used, and how easy it is to guess what impact changes in the program have on the hashkey.

    In principle I don't believe that such a system could be made hacker proof. There will be a point that you can either fool the system into thinking you are running signed software (by forging the hashkey at some point), or a point where you can capture the data unencrypted; once stored unencrypted the DRM will fall apart.

  • by Bigfoot_Hunter (617755) on Wednesday October 16, 2002 @07:21AM (#4460482)
    So, when I do this very thing (exporting blob, sending, they reencrypt, reentering the code in a new chip, etc) when my chip has _not_ fried, means I have now two PCs that can both access the same data? So perfect protection is not guaranteed anymore. Right?
  • by Scarblac (122480) <slashdot@gerlich.nl> on Wednesday October 16, 2002 @07:45AM (#4460529) Homepage
    Say I have a Palladium-enabled computer and I have bought some digital audio from the Net. How can I do something completely normal with it, like burn it to a CD so I can listen to it in my car?
  • by Scarblac (122480) <slashdot@gerlich.nl> on Wednesday October 16, 2002 @07:54AM (#4460556) Homepage

    Say I write something in an interpreted language, Python, Perl, Java, whatever.

    The interpreter binary that runs the code is signed, totally officially Palladium-fine.

    Then I can write any Python code that does whatever, can't I? You can't sign the ASCII source code.

    I conclude that any language interpreter, or any application that has any sort of scripting language (say IE, Outlook, Word) can't have any means of breaking out of DRM in the language or it won't be certified. This is unbelievably crippling.

  • by jlcooke (50413) on Wednesday October 16, 2002 @08:08AM (#4460603) Homepage
    The prospects of Palladium are fantastic. However from a cryptographic "data flow / data storage" perspective, there are still many fears that the wealthiest corporation in the world will strong-arm this technology through without the required public review and due diligence.

    The AES process took years of open and very public scrutiny. Palladium will require at least that long before it is trusted. What are Redmond's timelines for disclosure, review, and deployment dates?
  • by Kjella (173770) on Wednesday October 16, 2002 @08:53AM (#4460794) Homepage
    Let's say I have a piece of software that would want to operate on Palladium-encrypted data, say a OSS alternative to a (overpriced/bloated/bugridden) commercial application. For some mysterious reason (read: monopoly power) Palladium-encryption of this data has become a de facto standard.

    Would I have to submit the source code in for verification? How much would a code validation cost (read: much more than any OSS dev could afford)? Would I have to go through the entire process every time it was updated/bugfixed? Or would there be some notion of being trusted in good faith, probably with a huge legal liability attached (also a OSS dev no-no)?

    I fear that the Palladium scheme will lead to a monopolization of the software arena, favoring the big software corporations, and the death of using open standards. "See the [LOTR II/Matrix II] trailer here on our MSHTTP server - the new standard for multimedia content. (Palladium/Windows Longhorn/WMP14 required)"

    It's also a perfect solution to Microsofts increasingly big problem justifying OS upgrades. Now its new feature can be "access to all the digital content provided by [new wiz-bang-protection scheme]".

    Microsofts biggest concern should probably be their stupid users. I think Windows/DRM formats will piss a lot of people off when they don't understand how to copy/back-up/transfer their files to a new machine or similar. Unfortunately, I don't quite see who'll be there to pick up the competition. Macs will always be there on the sideline, and while Linux is coming along I don't quite see it being the OS to tell MS to KISS ;)

    Kjella
  • by ACNeal (595975) on Wednesday October 16, 2002 @09:01AM (#4460833)
    One thing that everyone doesn't seem to get is that consumers would love Div-X if it was the only way to watch a movie.

    The fact that they can just go buy a movie on DVD for less than they can buy a music CD killed Div-X. Div-X didn't kill itself.

    If the only thing that MS supports is a palladium computer, and of course the only OS that your office will run is MS, then your office will buy new palladium computers.

    You can then chose to run WinXY at home, so you can steal your office applications and be compatible, or you can stay back on clunky old WinXP.

    Intel and AMD are both already working on in. You won't be able to bypass it with Linux because of the DMCA. You will have to stock pile old hardware just to run Linux. You won't have a choice to chose non-palladium if MS has its way. The consumers will vote resoundingly for palladium.

    Sort of like the free election in Iraq. Of course Saddam will get 100% of the vote, he is the only one on the ticket.
  • by osolemirnix (107029) on Wednesday October 16, 2002 @09:08AM (#4460889) Homepage Journal
    Essentially you have to create a binary that runs IF AND ONLY IF it is in the hardware enforced portion of the system.

    I think you'd have to do more. As a simulated client scenario, imagine something like a Linux box with vmware and a Palladium-Windows running inside that.

    Your binary is running in the secure palladium hardware. But somewhere this hardware returns a decoded unecrypted media stream back to the OS (for output), at which point it can be intercepted. If you want to avoid that interception, your palladium hardware has to pass the decrypted media stream directly to your media output hardware (e.g. sound and video card), in other words some kind of DMA, and you have to make sure the OS cannot access the memory of the media output hardware either.

    The upshot of all this seems to me that you have to implement a lot of functionality directly in hardware, at which point you loose all the flexibility that a software OS on a general purpose computer gives you.

  • by 1155 (538047) on Wednesday October 16, 2002 @10:02AM (#4461312) Homepage
    My question would be:

    At what point does microsoft plan to not be compatible with older operating systems. With the mainstream use for the most part of the windows 2000 (think XP here as well) will there be integration of this technology within these operating systems, or will this new technology only be utilized and supported by newer operating systems produced by Microsoft (see longhorn and blackcomb)?

    In the event that this is only supported by newer operating systems, what steps are being taken to reduce the risk of these systems interfering with the security of the newer machines interfacing with the old ones, as well as provide backwards compatibility?
  • by Alsee (515537) on Wednesday October 16, 2002 @02:10PM (#4463238) Homepage
    Microsoft has said they are going to publish the source code of the nub

    They are releasing the API and the source required to interface with Palladium. I doubt that means they'd publish the source to the entire nub. It's possible though.

    If the nub changes, does that affect systems that are fielded

    Yes and no. If you change so much as a single bit the nub becomes worthless. There will be mechanisms for releasing an approved nub that will be trusted. They can cryptographicly sign the new nub. Any Palladium program that trusts that signature will trust the new nub.

    A Palladium program could be locked to a specific nub, but usually it makes more sense to lock it to a signature on the nub. Programs can also have a revoke-list in case a flaw is found in a trusted nub. It will then refuse to run on the formerly trusted nub.

    The revoke list (or any update) could also be cryptographicly embedded in the program. Once something is added to the list you can't delete the change without wiping out the entire program.

    -

The major difference between bonds and bond traders is that the bonds will eventually mature.

Working...