|
|  | | | | The New Palladium — Too Secure By Half? | | | | | found on: New Scientist
written by chlim01, edited by Peter (Plastic) [ read unedited ]
posted Thu 27 Jun 1:00am | | | | |
 | chlim01 writes: "
Palladium, Microsoft's newly-announced framework for its future operating systems, promises to offer a level of security that its current offerings lack. As New Scientist reports, 'future versions of the Windows operating system will be designed to run only digitally signed code, to stop hackers uploading malicious programs and to prevent computer viruses from spreading... the system should even automatically bin unwanted email, or spam.' Unfortunately, in exchange for this increased level of security, Palladium offers new problems for users. For instance, the RIAA and MPAA would find it much easier to restrict the use and distribution of digitally pirated music and movies.
Additionally (as pointed out by both joyful immolation and BSD) it raises the question of whether Microsoft would sign unofficial and/or open source programs so as to run on Palladium.
Since Palladium's success depends on consumer acceptance of both these potential restrictions, as well as the new hardware required, it isn't clear how commercially successful this ambitious scheme will be. Also, it isn't clear if Palladium can work as promised. As cryptography expert Bruce Schneider points out, 'If this works, it will be the first time in the history of computing that it works.' Will Palladium be a goer in the marketplace?"
| |
[ more plastic... ] |
| | | | | | | | 10. Re: Additional costs....
| | | | by Tessera |  | | | at Thu 27 Jun 6:31am | score of 1.5 brilliant | | in reply to comment 1 | | | | | |
surely there'd be some sort of provision built in for an administrator of an individual machine to set policies?
Surely Microsoft won't abuse their monopoly power over the market to restrict competition and alternative business models...I mean, that's common sense, right?
Quick rule of thumb: When dealing with big corporations, Microsoft in particular, NEVER give them the benefit of the doubt. Assume they're going to screw you over, and maybe you'll escape with your shirt still on your back.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | | 2. Other problems
| | | | by TheMCP |  | | | at Thu 27 Jun 2:52am | score of 5 informative | | | | | | |
The entire theory of Microsoft's concept of security is that in order for a program to run, it has to be signed by a key issued by a recognized key authority.
The problem with this is, it assumes that you can absolutely, utterly trust the key authority only to issue keys to trustworthy parties. It assumes that nobody will want to issue any malicious code signed with a key because the key will be traceable to them.
Situation A: Let's pretend for a moment that programmer John Doe goes mad and decides to unleash a sinister computer virus that will erase the hard disks of everyone in the world, and doesn't care if he gets in trouble. He certifies who he is to Verisign or whoever the key issuer is, pays his money and gets his key, and writes his virus. He signs it with the key and unleashes it on the world. Sure, he'll get in trouble, but he's nuts, so he doesn't care.
Situation B: The ABC Widget Company obtains a key for legitimate use for signing legitimate software. A disgruntled employee embeds some malicious code in their software which will do nasty things at a later date. The software gets signed and distributed.
Situation C: Somebody manages to obtain an anonymous key. This isn't impossible: an unknown party got a key issued by Verisign in the name of Microsoft Corporation a while back. I believe it's still not known who it was. Such a key could be used to distribute harmful code, which if written judiciously may go undetected for some time.
Situation D: Somebody manages to obtain a confusing key. Recently a group of security experts in Russia managed to obtain a key from Verisign that appears on screen to say that it belongs to Microsoft, but one of the letters is actually a unicode character for a foreign alphabet letter which only looks like one of our standard letters, so the key issuing computer at Verisign didn't see a problem. Fortunately, they were only doing it to prove a point, and announced it to the press.
Situation E: A disgruntled employee at Verisign or Microsoft issues a key anonymously and off-the-record either to themself or to a third party for use in distribution of malicious code. I don't believe this has happened yet, but I believe it could. Ultimately, somewhere there's a person who has the power to do such things (in other words, access to a master key and/or ability to remove records from the purchase database), and we have to trust that they will use their powers only for good.
All of these potential problems arise from Microsoft's unwillingness or inability to simply make their OS inherently secure, like a UNIX or VMS system. MacOS is going in the right direction. Why can't Microsoft?
Probably because such a key system gives Microsoft ultimate control over everything that happens on the system. If they don't want you doing something, they simply don't allow it. If you're a competitor, they could put you out of business by denying you a key, or revoking it. They could make the system automatically make competitors' software run more slowly. Anything. You think they've got a monopoly now? Just wait till they try this garbage.
End of line.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 13. Re: Other problems
| | | | by Pravda | | | | at Thu 27 Jun 8:13am | score of 1 | | in reply to comment 2 | | | | | |
UNIX is not inherently secure. Plenty of exploits exist to get root access (the latest OpenSSH 3.3 vulnerability comes to mind), and there's nothing to stop people from writing code that can do nasty things. For example, it would be trivial for me to write a game that, also in the background, executes a DOS attack on some server of my choice. Ain't nothing in UNIX (or any of it's children) to stop me.
This notion of anything in computing being "inherently secure" is silly, and more importantly, dangerous. Nothing is ever provably secure, with the exception of a one time pad.
Seen in the subQ: "For once I have to +Pravda. Scary. - Anonymouse Savant"
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 14. Re: Other problems
| | | | by scareduck | | | | at Thu 27 Jun 8:49am | score of 1.5 astute | | in reply to comment 13 | | | | | |
That's true, up to a point. In general, Unix, Windows, and any other OS you could name, have or will have security issues. Therefore, keeping up with vendor patches is vital to good security. But with Microsoft, the emphasis has always been on ease-of-use over security. An unflattering way of putting this is that Microsoft's customers tend to be lazy. It's not that unreasonable -- there have been documented cases where Microsoft servers have been compromised even though patches already existed (Code Red and its descendants was one such). Hence, the itch to centralize security by taking out the defective element in the security puzzle -- the end user. Unfortunately, this also means that the end user is not to be trusted in any other way. Microsoft will therefore have a final lock-in to prevent any unauthorized program from executing on your machine. Think what this means for anti-trust. And, think what this means for Intel: this amounts to corporate suicide. Intel has long had the problem that they are at best an indirect supplier to the PC consumer, while Microsoft frequently is direct. This gives Microsoft a huge price advantage, which means Microsoft is the senior partner in the Microsoft/Intel partnership. The only thing Intel has going for it that scares MS is Linux; but now, by their complicity in Palladium, Intel has decided to cast their lot in entirely with Redmond. Palladium gives Microsoft the means whereby they can finally crush open source software. Linux can't boot without authorization from Redmond. Sayonara, IBM. So we all know what happens to companies that do business with Microsoft as a sole customer, de facto or de jure. Nice knowing you.
We're smarter individually. -- Larry Niven
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 17. Re: Other problems
| | | | by dylanr | | | | at Thu 27 Jun 9:22am | score of 1.5 astute | | in reply to comment 13 | | | | | |
UNIX is not inherently secure
Neither is a deadbolt lock on your door... it must be properly engaged in order to provide any benefit.
UNIX-style systems provide several tools with which to secure your system. A talented and dedicated person could use these tools to do a very good job of securing their system.
Incidentally, there is plenty in *nix to prevent the exploit you describe. The first layer of prevention is that it is far more difficult to distribute binaries than source and your exploit won't stay undiscovered very long if you distribute in source.
More importantly, when you run a program in *nix, you run it under a specific set of privileges. Often this is the very minimum set, or a set created specifically for the program. Further, you can use commands like chroot to greatly restrict the program's ability to traverse above its own directory.
You are right that there is no such thing as inherent security (one-time pads included, actually). But there is a distinction to be made between a system that provides an array of leading security tools and one which relies entirely on trusting a single vendor... a vendor with a poor security history, no less.
In theory there should be no difference between theory and practice. In practice, there usually is.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 22. Re: Other problems
| | | | by mdb31 | | | | at Thu 27 Jun 9:32am | score of 1 | | in reply to comment 14 | | | | | | |
But with Microsoft, the emphasis has always been on ease-of-use over security. An unflattering way of putting this is that Microsoft's customers tend to be lazy. To which my reply would be: good for them! "The customer is always right" may be a tired cliche, but it's pretty accurate, as a quick comparison of the annual profits of MSFT and, say, RHAT, will show you. And it's definitely not just big bad MS always ignoring security: while products coming out of Redmond have become more and more secure, the latest entrant in the Linux space (Lindows! Now pre-installed on Walmart PCs!!) ships with some pretty interesting default uid/gid values (i.e. a big fat 0 in both cases -- yup, the average Walmart consumer is always root on their box...). Linux can't boot without authorization from Redmond Nonsense. The TCPA spec explicitly allows the end-user to turn off any security. Of course, this will prevent any trusted apps from running, but Linux or even Windows in "non-secure" mode will run just fine. And if a Linux vendor gets their distro TCPA-certified (which would be severely unpleasant, but not impossible), you might even see "protected" (read: RIAA/MPAA certified, the-terrorists-won't-win) content on such boxes. Any Linux vendor is free to implement their own Palladium. Of course, Mr. Stallman would have a thing or two to say about that, but that's a different discussion.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 39. Re: Other problems
| | | | by Pravda | | | | at Thu 27 Jun 12:22pm | score of 1 | | in reply to comment 17 | | | | | |
The first layer of prevention is that it is far more difficult to distribute binaries than source
How so? Because there are so many flavors of *nix running on about a million types of hardware floating around? That's not a particularly good justification, it's just a fact of life.
More importantly, when you run a program in *nix, you run it under a specific set of privileges.
Absolutely true.
However, to do these things, you just can't be joe user playing around with Minesweeper. 99% of the population would just run their workstations under root if they had a chance, and just execute things with that permission level.
The moral of the story here is that UNIX security is very very good if you have a dedicated administrator and techincally savvy users. These are two things that most people don't have the benefit of. Hell, I couldn't install GAIM in my account on my school's Solaris boxes 'cause I didn't have the right permissions. Fine & good, but could you imagine trying to standardize for an entire company?
What Microsoft is doing here is making things as secure as possible in the context of nontechnical, independent users. And this is a very intriguing solution, one which I want to look more at.
Sidenote #1: While mucking around with UNIX networking code, I discovered a way to crash any Solaris box as long as I had a shell account and gcc. So even with all the restrictions, it still can (and probably will always) be done.
Sidenote #2: A one time pad IS provably secure. It's the only perfect cryptographic mechanism, if I remember correctly.
Sidenote #3: Whoever modded me down as "overrated" is an idiot. I post at one, so no one rated me any higher. Mod down from one with "obnoxious" or "modappeal" or something, but not freakin' overrated.
Seen in the subQ: "For once I have to +Pravda. Scary. - Anonymouse Savant"
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 45. Re: Other problems
| | | | by empathogen | | | | at Thu 27 Jun 2:30pm | score of 1 | | in reply to comment 22 | | | | | |
"The customer is always right" may be a tired cliche, but it's pretty accurate, as a quick comparison of the annual profits of MSFT and, say, RHAT, will show you.
That's not a fair comparison, for the following reasons:
-Microsoft is about 4 times as old as Red Hat
-Microsoft uses proprietary technology versus open source Red Hat software
-Microsoft entered in the PC OS market early, and established a monopoly for their operating system, compared with Red Hat, which offers one among many competing flavours of linux
Any simple comparison saying Red Hat is doing poorly because it doesn't listen to customers as much as Microsoft is overly simplistic.
While I can't comment on the Lindow's uid/gid settings, a windows user is going to be the equivalent of root (administrator) on their Windows2000/XP box.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 47. Re: Other problems
| | | | by BantokSwirl | | | | at Thu 27 Jun 4:49pm | score of 1 | | in reply to comment 14 | | | | | |
That's true, up to a point. In general, Unix, Windows, and any other OS you could name, have or will have security issues. Therefore, keeping up with vendor patches is vital to good security. But with Microsoft, the emphasis has always been on ease-of-use over security.
And the real joke is, they can't even get the ease-of-use part right.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 48. Re: Other problems
| | | | by dylanr | | | | at Thu 27 Jun 9:16pm | score of 1 | | in reply to comment 39 | | | | | |
That's not a particularly good justification, it's just a fact of life.
Call it whatever you want. Source is easier to distribute and the people who do the heavy lifting in the *nix world seem to be OK with that. It may not be intended as a security measure, but anything that works to require greater training of the user is bound to have some positive side-effects.
99% of the population would just run their workstations under root if they had a chance, and just execute things with that permission level
No doubt. As good an argument for having IT policies as any I've heard.
Of course, if people want to do this on their Wal-Mart Lindows boxes, fine. Nobody at risk but them, anyway.
UNIX security is very very good if you have a dedicated administrator and techincally savvy users
Yep. The same is true of Windoze, to a point. Ease of use and security are pretty much competing goals. Anything that seeks to expand the power of the user without requiring more knowledge is likely to be a security risk.
Not very many years ago, you couldn't even get Linux installed without knowing a lot about how computers actually work. Now they sell it pre-installed at Wal-Mart. Will Wal-Mart Lindows actually be any more secure than Win98? Not likely... certainly not out of the box. It might lead to a more powerful, easier-to-run version of Bastille, though... which would be nice.
A one time pad IS provably secure. It's the only perfect cryptographic mechanism, if I remember correctly
Perfect in theory, but only with respect to a narrow definition of security.
I wasn't going to make a distinction between security and cryptography before, but they are totally different issues, as I'm sure you're aware.
A one-time-pad is only secure under laboratory conditions. In the real world, the key distribution problem reduces the security of a one-time pad to the security of the mechanism used for distributing the key.
Further, a one-time pad does not prevent traffic analysis, nor does it provide any measures to verify the sender or receiver as the rightful owners of the key. Truly random pads are very difficult to produce and the length of the message is constrained to the size of the pad.
A single, small message from a single-use key may be completely undecipherable, but that's only one way of defining security among many. Ultimately, one-time pads have very little to do with practical security... or even, for that matter, with practical crypto.
In theory there should be no difference between theory and practice. In practice, there usually is.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | | 3. odd
| | | | by nataxia | | | | at Thu 27 Jun 4:22am | score of 1 astute | | | | | | |
I don't know what to make of the comments I've seen on this initiative (here and elsewhere). For years microsoft is bashed for its 'security problems'. Notwithstanding the mitigating factor that every cracker in the world is bent upon finding ways to destroy microsoft's products (which hurts only you and me, not microsoft), the criticism was often well placed. However, now that microsoft suggests an initiative to make its platform(s) more secure, they are attacked for being 'naive', or even better, attacked for the possible advantages these initiatives could bring to the company -- that is, attacked because everything they do nowadays is seen as some sort of conspiracy to control our lives. i've already stopped listening to microsoft; now i'm beginning to tune out the critics as well. it seems to me that we have a very simple, old, and common situation: lies and innuendos coming from all interested parties, whose sole purpose is gathering advantage for their own positions, regardless of truth, accuracy, or the 'right way' to go forward.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 4. Re: odd
| | | | by slippytoad |  | | | at Thu 27 Jun 5:14am | score of 4 brilliant | | in reply to comment 3 | | | | | | |
I would, if it were legal, forward you the daily (and I do mean daily, sometimes two or three times) security alerts I get from Microsoft regarding their bug-ridden code. As of this morning 8:06 EDT I have two security bulletins in my mailbox that arrived in the last hour. I expect at least one more before the close of business. That's just the stuff they're willing to officially notify me of and have some semblance of a patch for. One of them lists four separate vulnerabilities that appear in one of those Microsoft products, and the other lists one that you are probably using right now if you're listening to music (hint, hint). Almost all of these are due to programming mistakes that a sophmore should know not to make -- unchecked buffer overflows, mainly. I program with Microsoft's API and know for a fact that it is a morass of ill-conceived function calls, many of them duplicating each other or overlapping. There are all kinds of weird things you encounter when you write in Monkey C -- functions whose parameters must always be set to zero (they're called reserved, for what it's not clear), functions that you have to call twice to get properly working . . . there are something like 3,000 pages of Microsoft API documentation sitting on my desk right now, and my library is small and incomplete compared to some. So let's just say that I'm skeptical that they're actually technically capable of doing this. They are some of the sloppiest programmers on the planet.
Woohoo!!!!! FUCK YEAH!
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 8. Re: odd
| | | | by bitekman | | | | at Thu 27 Jun 6:23am | score of 1.5 brilliant | | in reply to comment 3 | | | | | |
Currently, microsoft's 'security problems' tend to be defects in existing products. For instance, IIS is not supposed to serve files you don't tell it to. There are several vicious and commonly exploited defects in IIS that allow remote attackers to, indeed, get any file they want. Of course, there are defects in all sorts of software and OSs, including my beloved Linux, so it's not like MS is alone in this area.
The other kind of security problem is architecture. That is, win95 is "insecure" in that you only have one user, with one set of priviledges -- all. Win2k, on the other hand, has a very powerful permission system that, when used correctly, is very effective.
But most people don't use it correctly. Just like most people don't change the default password on their SQL server and get hacked that way. This is one of the things Palladium is trying to prevent -- to not allow people to shoot themselves in the foot, as it is.
What's the worry? Well, for the system to work, someone has to decide what's authorized and what's not. Whether that someone is Microsoft or not, there's a significant concern that the controller of the certificates could (a) never certify certain classes of software (like GPL stuff), thus killing entire industries (b) make certificate acquisition odious or expensive, eg if you're an independent artist you have to join the RIAA before you can get a certificate and distribute your music.
That's my concern, at least. I find the project interesting, although it's clearly mostly vaporware at this point.
I'm full of bees...who died at sea -- Sparklehorse
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 25. Re: odd
| | | | by Thergy |  | | | at Thu 27 Jun 9:49am | score of 2 brilliant | | in reply to comment 3 | | | | | |
If you belief that Microsoft's true intention is to protect you, the user - then I have a nice little bridge that I'd like to sell you.
Microsoft's number one reason for the Palladium project is to protect themselves (and their business partners) from software piracy.
They know that no one will pay extra and sacrifice flexiblity of software choice just to prop up Microsoft's bottom line. So, they come out with this line of crap to fool us into believing that it is all for the users benefit and MS is doing this as some sort of charity.
LIES... all LIES!!!
The worst part of this whole thing is, is that people like you will bite the worm and swallow the hook. And before you know it we will all be sucked into the vortex of software despotism run by Microsoft's Software Enforcement Storm Troopers.
"There's a sucker born every minute."
"Imagine if there were no hypothetical situations... " -- Mendosa
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 42. Re: odd
| | | | by nataxia | | | | at Thu 27 Jun 12:54pm | score of 1 | | in reply to comment 25 | | | | | |
i don't recall defending microsoft. i believe i said something to the effect that i don't listen to them anymore. what I did say was that for all the people who complain about security, nobody seems to have been able to create a secure system. Even the unix guys get their security systems breached quite often. Heck, I don't think there is such a thing as a secure system, anywhere.
anyway, this is a hardware solution (from what i understand) that is also getting participation from Intel and AMD. I don't think these companies are composed of stupid people. Certainly if ms creates a reasonably secure system, this is a good thing. Why is everyone so keen to smack it down?
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 56. Re: odd | | | | by nataxia | | | | at Sun 18 Aug 7:24am | score of 1 | | in reply to comment 32 | | | | | |
extraordinary how people comment without reading. read my post again, and maybe again. i'll lead you a bit. find the passage: "i've already stopped listening to microsoft". also, consider who is being talked about when i say "all interested parties". i'll give you a hint: it means everyone, including microsoft, is constantly spouting nonsense.
no wonder they dominate the world with half-wits like you opposing them. sorry to be rude, but i'm really sick of being insulted every time i don't make absurd generalizations just so i can pretend to be part of a self-righteous movement.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | | 5. We all know where Palladium gets its name, right?
| | | | by OSULugan | | | | at Thu 27 Jun 5:14am | score of 5 brilliant | | | | | | |
"Microsoft's name for its efforts, Palladium, comes from the statue of Pallas Athena, which was believed to protect the ancient city of Troy from invaders."
Which was so effective against a countermeasure, who's name has already made it into Computer Terminology.
Good job Microsoft.
(On a side note:
read the entire comment...
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 6. Microsoft's Continued Quest For World Domination
| | | | by Anonymous Idiot |  | | | at Thu 27 Jun 5:59am | score of 0.5 informative | | | | | | |
The Beast of Redmond has caused quite a stir with this proposal. Plastic's about two days late for the post - The Register and Slashdot both had it yesterday. The issues of technical feasibility, consumer acceptance and how the hell M$ expects to get away with this have already been beaten to death, a mere 24 hours later.
If Palladium succeeds, it will split the Web in two. There will be the Web where M$ rules and the Web that rejects it. There's already a situation like this, it's called AOL.
No doubt there will also be a cottage industry of intermediate sites that allow users of the real Web to access the evil empire in order to get a new driver's license or whatever.
M$'s objective here is the same as AOL's: corral the clueless and relieve them of their cash.
Does anybody who is reasonably hip to Linux, BSD, or even Apple care if M$ and AOL bleed suckers dry?
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 15. Re: Microsoft's Continued Quest For World
| | | | by scareduck | | | | at Thu 27 Jun 8:55am | score of 1 | | in reply to comment 6 | | | | | |
You haven't been reading closely. If MS corrupts the intellectual commons known as "PC design" such that Linux can't boot, it won't matter what the rest of us do.
First, they came for the Linux desktop users, but I didn't complain because I wasn't a Linux desktop user...
We're smarter individually. -- Larry Niven
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | | 7. "genuine" parts only a competition-killer?
| | | | by call -151 | | | | at Thu 27 Jun 6:19am | score of 1 | | | | | | |
From the story:
For example, some mobile phone vendors use challenge-response authentication to check that the phone battery is a genuine part rather than a clone - in which case, the phone will refuse to recharge it, and may even drain it as quickly as possible. Some printers authenticate their toner cartridges electronically; if you use a cheap substitute, the printer silently downgrades from 1200 dpi to 300 dpi.
There are valid uses of security and invalid ones. Artificially restricting competition is a serious danger and it sounds like this is already happening. Unfortunately, many of these kinds of things wouldn't be discovered until long after the purchase or the security system is implemented; it would take a pretty informed consumer to check things out in advance.
It's interesting the article mentions inkjet cartridges in particular, because there is a situation where, allegedly, printer manufacturers do not make money on the printers, but expect to make money on the refills. Not surprising, considering a genuine ink cartridge can be $30, as much as a six-pack found on dealmac. The same as the "sell the razor at a loss, make money on the blade refills" model." On one hand, it seems like companies read the entire comment...
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 9. Microsoft dismisses conspiracy prematurely
| | | | by call -151 | | | | at Thu 27 Jun 6:24am | score of 1.5 astute | | | | | | |
Again from the article:
The notion of hard-wired authentication rings alarms for conspiracists who sense a plot by which Microsoft might exert even more control over what kind of software could run on future computers. The Redmond behemoth dismisses such talk as silly.
Given that the Department of Justice (and 19 states moreso) has been actively and successfully pursuing their case and that a court of law has found Microsoft guilty of conspiring and abusing monopoly power, I think "oh, that's silly" doesn't quite cut it as a response
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 11. Shooting themselves in the foot all right.
| | | | by LJ Gould | | | | at Thu 27 Jun 7:12am | score of 1.5 astute | | | | | | |
If microsoft does go through with this they will lose a lot of important business.
First of all, this system depends on internet access, depending on how it is implemented it would either have to be constant or required every time someone installs software.
That would make Palladium OSes useless to those who don't have Internet Access, and annoying for those who dial up. It also makes Security through issolation nigh impossible, and that's a nightmare for Governments and other organizations who have secrets to protect, and protocols to follow -- bye-bye military contracts.
No one who is wary of privacy or monopoly issues will be willing to live with such a scheme. The Germans, for example, would never buy it. Their government already has problems with microsoft over spyware... this isn't likely to make them feel secure.
And all that said, this is a large, new software undertaking we're talking about here. There are almost certainly going to be exploits that allow viruses, trojans and other programs to bypass the security features.
In other words, for all those costs, there will come little benefit -- at least for the ten years or so it takes until they have the bugs ironed out.
I think we need a new OS - Microsoft's are becoming unsuitable, Apple requires special hardware, and I still have many doubts about architectural philosophy of Linux, Unix, and friends.
This time, maybe we can get it right.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 12. Be afraid, be very afraid...
| | | | by Doctec |  | | | at Thu 27 Jun 7:32am | score of 3.5 informative | | | | | | |
The Palladium initiative has me less concerned than the TCPA, of which Palladium is MS's implementation. TCPA is the basis of a hardware-level monitor that controls what you can and can't do with your PC, the servers you can/can't connect to, what goes in and comes out. A consortium led by Intel is spearheading this effort. The first version is dubbed the "Fritz chip" (after Sen. Fritz Hollings) and will be a soldered-on motherboard add-on but it will eventually be embedded in CPUs themselves. The implications of TCPA are staggering, as this well articulated TCPA/Palladium FAQ makes clear. Palladium is just the tip of this iceberg - TCPA is designed to freeze out competition, stifle innovation and eliminate freedom of choice. If there is not a significant enough movement on the part of consumers to shoot this thing down, the era of being able to do pretty much whatever you want with your PC will come to an end. Big Brother - Coming Soon to a PC Near You!
(not his real hat size)
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 16. it's all part of the DTPA--
| | | | by kipmanley | | | | at Thu 27 Jun 9:00am | score of 1 | | | | | | |
--or the Digital Terrorism Prevention Act of 2004.. (It's not so much that satire is dead these days, is what I'm thinking. It's that all you have to do is quote what they're saying verbatim, and there you have it: your satire, ready and waiting. It's too easy, is the problem. Is also scary as hell.)
"Freedom is not something they can give you," is how I think the thing Utah Phillips likes to quote goes. "Freedom is something you have until someone tries to come and take it away. The degree to which you resist is the degree to which you are free."
Or something like that.
Long story; short pier.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 18. The Mother of all DOS targets
| | | | by tylerh | | | | at Thu 27 Jun 9:24am | score of 1 | | | | | | |
From the American Heritage Dictionary:
Hubris: Overbearing pride or presumption; arrogance: There is no safety in unlimited technological hubris (McGeorge Bundy).
All that is missing is Bill Gates's picture.
This scheme requires that everyone's computer check in with a central key authority. Thus, a Denial of Service (DOS) attack against these site(s) would affect the function of computer users everywhere thereby creating a malicious hackers wet-dream. Or an extortionate mafia's pot of gold. (Note to non-computer security types: there is no possible defense against a sufficiently well-resourced DOS attacker)
Courage
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 35. Re: The Mother of all DOS targets
| | | | by GiantMouser | | | | at Thu 27 Jun 12:10pm | score of 1 | | in reply to comment 18 | | | | | |
Silly haxor. If you've played Netrunner then you'd know that to stop a DOS attack all you need is a good trace and your own corporate solo team... which I'm sure Microsoft doesn't have ;)
Arguing online is like being in the Special Olympics. You might win, but you're still retarded.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | | 19. Instead of
| | | | by spartyms2 | | | | at Thu 27 Jun 9:31am | score of 2 brilliant | | | | | | |
Upgrading our software to get rid of the viruses? How about we upgrade the users to stop opening them?
I'm just going to throw a number out here. But I estimate that 90% of viruses are opened by users who, to be quite honest, don't know what the fuck they're doing.
I'm on a computer at least 3 to 4 hours a day, and have been for the past 7 years or so. In all that time I have gotten one virus, and I can pinpoint the exact reason for it. I opened what I thought was an MP3, and didn't notice the .vbs extention on the end. Dumb me.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 20. Microsoft = Matrix
| | | | by geophile | | | | at Thu 27 Jun 9:31am | score of 2.5 compelling | | | | | | |
Another very disturbing aspect of this plan is that it will absolutely destroy future generations of programmers. I was born in 1957 and graduated high school in 1974. I was one of the very few, very lucky kids to have access to any kind of computer (a DEC PDP 8M -- 0.018 meg of memory and a clock speed of maybe 0.0001 GHz). That's how I got my start. I would stay late, go in early and go in on weekends to get the chance to take over the machine. As a result, I had the same sort of experience that millions of kids, born 15-20 years later had with PCs. And that's what gave rise, in large part, to the computer revolution.
Think about it: the original spreadsheet was built on an Apple II. What if the Apple II had been an appliance on which you could run a fixed set of games and application and that's all? No programmers, no interesting, new, ground-breaking programs. Just whatever the company who holds the keys decides can be run. Linux would never have been created. (And that's the whole point of Palladium.)
Microsoft = The Matrix. They want farms of caged consumers to feed on.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 21. Lies
| | | | by Thergy | | | | at Thu 27 Jun 9:32am | score of 1.5 astute | | | | | | |
"...to stop hackers uploading malicious programs and to prevent computer viruses from spreading... "
The purpose of this security is not to protect the user - it is to protect the software developers and publishers. The industry (and especially Microsoft) is pushing for some way to eliminate the grey market of unlicensed software usage.
Open source software, shareware, freeware, custom designed, and or privately developed software would all be lumped into the illegal/criminal/forbidden software category. Allowing the bigwig software companies to swoop in and charge you big bucks for same.
Don't let them fool you. They are not doing this to protect YOU - they are doing this to protect THEMSELVES.
I'll bet you that Norton and Symantec aren't liking this Palladium thing.
"Imagine if there were no hypothetical situations... " -- Mendosa
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | | 28. Re: All together now...
| | | | by Tessera | | | | at Thu 27 Jun 10:43am | score of 1.5 helpful | | in reply to comment 23 | | | | | |
I don't really have much choice. I mean, when choosing an OS to run, the biggest factor is what applications you're going to run on it. Word processing, browsing, etc. can be done in any OS you like, even DOS if you're nostalgic. The reason, quite frankly, that I run Windows XP is because I play quite a lot of computer games. And these games don't come out for Macs, and certainly not for Linux or Unix.
I don't particularly like Windows as an OS - I'm tech-savvy enough that its "You're an idiot, so we'll take care of it all for you" mentality gets a bit grating. I certainly could get by using OSX or Linux for my everyday activities. But if I want to play any of the games that are so dear to my heart, I'm basically forced to run Windows. Do I enjoy it? Not really. Do I have much of a choice? No.
I will probably, unless something changes, use whatever the next Windows OS is. I'll probably partition my hard drive and run another OS for daily operations, but I'll be stuck using Windows to play the programs that I want to. Again, this isn't something that I'll embrace with arms outstretched, but eventually I'll be dragged into it.
I think that some people will buy it, not knowing or caring what limitations Microsoft has put on their computer. And some people will buy it, simply because they have to. Sure, it's nice to make a stand, but on issues like this people but themselves before the "cause". They'll "put up with it" because it's too uncomfortable not to. And the slippery slope gets just a little bit steeper.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 30. Re: All together now...
| | | | by nmiguy | | | | at Thu 27 Jun 11:17am | score of 1 | | in reply to comment 23 | | | | | |
What pisses me off is that when the new OS comes around, Microsoft will try to force you to buy it. I was going to buy new computers for my employer, but my choices were suddenly limited when Microsoft XP came around. You can't buy a new PC with win 98 (when that was all that was required for the user I was buying for) They force you to buy XP or NT or 2000 (even that is changing) So in 2004 when Palladium come out, when you buy a new PC from DEll or Compaq or one of the big names, it'll come with this new hardware standard. You won't be given the choice for a computer with win 98, so if you're planning to partition your PC with win 98 and Linux you're kinda screwed. What about software that runs on earlier OS's? Will the new hardware standards make them incompatible if it is a non-windows based software? There is software out there based on dos.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 37. Re: All together now...
| | | | by carbomb | | | | at Thu 27 Jun 12:19pm | score of 1 | | in reply to comment 23 | | | | | |
The history of DVD players suggests that people are not totally opposed to buying hardware that works against them (my italics)
I don't recall the last time my DVD player wouldn't let me watch a movie. That is what I bought it for, right?
-carbomb
Shoots flaming balls with report
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | | | 27. Let me get this straight...
| | | | by amazingcriswell | | | | at Thu 27 Jun 10:25am | score of 1 | | | | | | |
Forgive me if I'm just restating the obvious.
1. Microsoft creates sloppy software with security problems.
2. These gaping security holes allow any idiot with too much time on his hands to create a "virus" that will cripple any system using, say, MS Outlook.
3. The fact that 95% of businesses are susceptible to these types of attacks, every half-assed email virus has the potential substantially impact the world economy (due to lost productivity, etc.)
4. Anything that "attacks America's economic interests" is now defined as "terrorism", so a half-assed email virus is equal in the eyes of the law to a bio/chem/nuke attack.
5. Microsoft proposes a solution to "hacker terrorism" that has the side effect (completely unintentional, I'm sure) of giving MS absolute control of the hardware and software used by the consumer.
6. If every consumer DOESN'T switch to Palladium or whatever, then the terrorists have won!
Did'ja see "The Daily Show" where they did a thing on all the nifty new psychoactive drugs now available?
"Remember, the pharmaceutical companies don't invent a disease without inventing the cure."
"...and remember, my friends, future events such as these will affect you in the future."
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 50. Re: Let me get this straight...
| | | | by trashcan | | | | at Thu 27 Jun 10:38pm | score of 1 | | in reply to comment 27 | | | | | |
Forgive me if I'm just restating the obvious.
Your opinions are just that, yours, not the pervasive, overriding public view. Deal with it. :-P
1. Microsoft creates sloppy software with security problems.
Bugs in software? Most software has bugs. You can argue that Microsoft has not focused enough on preventing security problems (maybe- have you ever audited code?) instead of fixing them afterwards.
2. These gaping security holes allow any idiot with too much time on his hands to create a "virus" that will cripple any system using, say, MS Outlook.
Any system using MS Outlook? Are you sure you don't mean unpatched older versions? Flaws are discovered and fixed. This is not a MS specific deal. OpenBSD, which has gone through extensive security auditing still has security flaws from time to time. If you want your system to be secure, you need to patch/upgrade/apply the fix or whatever and move on.
3. The fact that 95% of businesses are susceptible to these types of attacks, every half-assed email virus has the potential substantially impact the world economy (due to lost productivity, etc.)
95 percent? I highly doubt that. Most companies have people who are in charge of maintaining security on their (internal and external) networks. Highly paid, well-trained (hopefully) professionals. I bet they know a little more security than your "MS Sucks/It's insecure" mantra.
5. Microsoft proposes a solution to "hacker terrorism" that has the side effect (completely unintentional, I'm sure) of giving MS absolute control of the hardware and software used by the consumer.
If I understand correctly Microsoft doesn't get any control over the hardware. Microsoft wants you to buy their hardware (if it does come out some day, I personally don't believe it will) so they can control your software. That's not controlling your hardware.
6. If every consumer DOESN'T switch to Palladium or whatever, then the terrorists have won!
Your humorless insight, half of a tired cliche, not the obvious.
Pat
A simple fire will cover your tracks . . .
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | | 29. Hardware v. Software DRM
| | | | by AshbyMan | | | | at Thu 27 Jun 10:53am | score of 1 | | | | | | | |
As was stated above in a few posts, the Palladium project, (and the Fritz chip), are not software based security devices and not designed to keep viruses out, although that is apparently how Palladium is being spun by M$.
Palladium is a hardware based digital rights management platform. It's main purpose is to allow its creators to observe, log, and if they desire, directly interfere with the end user's ability to view content or run applications on their machine.
Why hardware based? Quoting Schneier: "It's a whole lot easier to design a computer security system if we can leverage the innate physical security of the device, and assume parts of the system cannot be accessed by large classes of people." Basically, if no one can muck with the hardware, no one can strip out the encryption/watermarking/spyware/adware/keyloggers/whatever, that M$ will embed therein. M$ can therefore do more or less whatever they please to anyone using the hardware. Prevent p2p use, run a meter that accurately records every piece of media that a user watches, how many times they watch/listen/read it, disable Linux and anything GPL'ed (probably with an error message like "This software is unsafe and a security risk, shame on you for attemtping to use it, bad user, BAD!"), inundate them with Spam (Passport!! you know you want it!), and etc.
It won't work, no hardware will ever be tamper proof and I don't really like MS's odds of making Palladium tamper evident. Hardware based DRM can be hacked, it has been hacked. If it can't be removed, it can be circumvented, and it will be. I just hope once the misuse of this stuff gets some publicity people will start to wake up and see that there are other options.
"Without Music, Life Would Be An Error" Nietzsche
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 31. down the road a little
| | | | by joyful immolation | | | | at Thu 27 Jun 11:23am | score of 1.5 astute | | | | | | |
from another man's post....
The TCPA specs explicitly allow for any security features to be turned off, allowing you to load any operating system. The real problems with not having access to TCPA features are that users of alternative operating systems will lose access to even more content (since that content will actively verify TCPA certification via a secret handshake before even reaching your PC) and that Microsoft gains even greater control over what Windows will and will not do. The latter is bad for the alternative OS community in that it may very well mean that Windows implementations of free software will no longer run on most PCs, which is the real issue here.
this man seems to me to be right. Palladium won't kill Linux at all, since it is essentially an OS, and you're free to choose another one. In fact, in the short term users who greatly dislike not being able to run freeware or indie software on their computers will probably flock to Linux in droves.
No, the real problem is this: once Microsoft allows no indie software of any kind to be compatible with Palladium. there will be an exodus of windows-based hackers, frauds, and and other corporate-undesirables into Linux. When, after a year or two, it becomes obvious that hackers and viruses are only coming from Linux systems, not Palladium, Microsoft will induce the government to pass a law making all "non-secure" OS's illegal.
Of course, from a longer-range perspective, the real problem is the ultimate end of America's dominance in software... and from there techonology in general. When Microsoft strangles independent software in America, but it continues to flourish in other countries, U.S. expertise in programming and computer science will fall drastically. Some other nation that adopts less restrictive laws will surpass us in a quarter-to-half century.
Microsoft could eventually be responsible for the collapse or decline global of U.S. economic pre-eminence, at least in the software and computer industry.
From this perspective, Microsoft is a clear and present danger to national security.
Time to send in the Black Ops, boys. A three-star theater-command post for the first guy to bring me Bill Gates... dead or alive....
this city's dance/makes you feel so cold, it's got/so many people, but it's got no soul-
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 33. Things are Not OK.
| | | | by eataTREE | | | | at Thu 27 Jun 11:40am | score of 2.5 scholarly | | | | | | |
I'm having a crappy day, so I might be slightly more pessimistic than usual here.
It seems to me that after every single boneheaded completely-transparent MS power-and-money-grab, people say, "Now people will finally have had enough, and there will be significant consumer interest in alternatives to MS' products." And every time, it doesn't happen. Everyone just sucks it up and run back to MS for more.
Subscription licenses to Office/Windows XP. Lack of Java support under XP. Internet Explorer and the 5,001 critical security bugs. Outlook Express. Passport. Hailstorm. Busted implementations of "open" protocols that only work with other MS products. It doesn't freaking matter. Bill Gates could release Microsoft Trojan, now with ActiveBackdoor Technology (TM) and we'd STILL buy it. It seems that people will buy Microsoft crap, and implement commercial IT systems using Microsoft crap, no matter WHAT Microsoft does.
I give up. Either the computer consumers of the world can't tell good software from bad, or don't care. I guess this is 21st century capitalism, folks: even if your entire product line is a steaming pile of dingo shit, it doesn't matter. Spend some money on marketing, and some more to grease a few Congressmen's palms, and hey presto -- market dominance!
So yeah, if MS actually manages to build the Secure Computer, I have no doubt that we'll all go out and buy one. I can hardly wait to hear my RIAA-approved content on my MS-approved player application, secure in the knowledge that nothing on my computer poses the slightest threat to continued corporate profits.
Anyone have any good books on organic farming, or running a commune? My career in IT is looking awfully depressing right now.
And a thousand thousand slimy things lived on; and so did I. - Coleridge
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | | 34. This is not as bad as people are making
| | | | by joshv | | | | at Thu 27 Jun 11:50am | score of 0.5 disingenuous | | | | | | |
The situation would be similar to what we currently have with SSL and secure web sites (https). The browser has a preset list of trusted Certification Authorities. If a site's certificate is from one of those CAs and has not expired, the user doesn't see anything, they just access the site securely with full encryption. If the certificate is from an unknown CA the user is prompted and asked if they want to proceed. You are not locked out of the site. To get around this you can tell the browser to trust new CAs. I have worked at many places who generate their own certificates for web site testing purposes. Just tell the browser to recognize the new CA and the security warning popups go away.
I imagine this will be how Palladium works with programs. So if you get a GPL program that is not signed by an 'authorized' CA, you will have the choice of running it anyway (at your own risk - just as you do now with unsigned drivers) or telling the operating system to trust the new CA.
Writers of GPL programs could form their own CA if they wanted, so that users of GPL programs would only have to mess around with importing a new CA once, and all GPL programs would then work properly.
-josh
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 40. optmistic.... but wrong
| | | | by joyful immolation | | | | at Thu 27 Jun 12:24pm | score of 1 | | in reply to comment 34 | | | | | |
that's not how I understand it, actually.
if that's how it was, we'd all be making quite a fuss over nothing, but as far as I know, it's not. What would be the point of having Intel go out and design entirely new chips just for the purpose of informing the consumer whether or not their software is security-validated by Microsoft? How would that be revolutionary in any way? Why would hardware have to be reconfigured at all... after all, they could do that with a simple software reconigtion key.
Quoting from a (deliberately vague) Newsweek article on it: "Palladium will not run unauthorized programs." [explaining this as now you can be safe that no nasty viruses will ever be able to penetrate your computer.
That sounds pretty unambiguous to me. The goal, at least, is to make it so nothing unrecognized by Microsoft works. Gee, and I wonder what will be recognized by Microsoft...hmmm...Microsoft software?
this city's dance/makes you feel so cold, it's got/so many people, but it's got no soul-
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | | 36. Too smart for our own good?
| | | | by carbomb | | | | at Thu 27 Jun 12:15pm | score of 2 interesting | | | | | | |
I think that many Plasticians, being the tech-savvy, intelligent and handsome folk we are, lose sight of what real people want to do with their computers. I work as a sysadmin, and 99% of my users don't want to know how a computer works- that's my job. They don't want to download freeware, they don't want to fiddle with Linux, and they don't want to constantly fret about viruses and hackers. If the computer can keep itself secure (debatable point, I know) on its own, then by all means let it. Most computer users just want to send a few e-mails, download a little porn and play a few games.
A computer is an appliance, and ideally its operation should be as read the entire comment...
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 43. Re: Too smart for our own good?
| | | | by LJ Gould | | | | at Thu 27 Jun 1:08pm | score of 1 | | in reply to comment 36 | | | | | |
99% of my users don't want to know how a computer works- that's my job. They don't want to download freeware, they don't want to fiddle with Linux, and they don't want to constantly fret about viruses and hackers. If the computer can keep itself secure (debatable point, I know) on its own, then by all means let it. Most computer users just want to send a few e-mails, download a little porn and play a few games.
You've just summed up every reason why my Atari TT is still in service. I don't use it every day, but on those days when you just have to swear off windows....
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | | 38. I say one week
| | | | by Zal42 | | | | at Thu 27 Jun 12:19pm | score of 1 | | | | | | |
One week prior to the first actual Palladium hardware ships, the entire scheme will be cracked, rendering it worthless. That's my guess -- who wants in on this pool?
No Other Possibility
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | | 52. Re: More Information
| | | | by wiredfutureman | | | | at Fri 28 Jun 7:09am | score of 1 | | in reply to comment 44 | | | | | |
Read that too. It's not just M$ but a whole bunch of other companies in this consortium!
I think the main concern is that it takes away our privacy and freedom of choice. Also the GPL could be rendered useless and that would mean the end of Free Software :(
Whatever happend to democracy? Are people really that blind not to see what the corporations are trying to pull off here?
aXeL
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | 54. Re: More Information
| | | | by carbomb | | | | at Fri 28 Jun 11:15am | score of 1 | | in reply to comment 52 | | | | | |
Whatever happend to democracy?
Democracy applies to governments and organizations, not consumer goods. You don't get a vote in how a PC is manufactured and marketed. Your "freedom of choice" is limited to only the products that a company can profitably sell, and your only choice is to purchase or not. Computers and software are not some divine right- they are a consumable product, and as such will be made and sold to maximize benefit to the manufacturer.
-carbomb
Shoots flaming balls with report
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | | | | | 51. Why get upset...
| | | | by ChairmanBlank | | | | at Thu 27 Jun 11:17pm | score of 1 | | | | | | |
...if you think Microsoft is hopping on this to "make a better product" you're fooling yourself. To take this into quotedom "They are holding all the keys and guarding all the doors" From Microsofts standpoint they are closing off holes that allow competitors to enter. More control equals more bread. From a business standpoint it's perfectly reasonable, but since so many people rely on Microsoft it's morally irresponsible. Of course in the light of Enron and other companies, that's no suprise.
I'm the humblest man I know
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
| | | | | | 55. Linux user == Terrorist
| | | | by jdfan | | | | at Fri 28 Jun 12:46pm | score of 1 | | | | | | |
Given the recent concern about al Quaida hacking attacks, who wants odds that Palladium will become national security policy?
It's for our own benefit (and safety) that we're only allowed to run Microsoft software... Oracle? Too untrustworthy? Linux? Used by terrorists to launch attacks.
I can see the commercials now: Your Linux use directly assists terrorists.
And we thought the Patriot Act was a bit much.
| | | | [ ...reply just to this | comment on the story... | next new ] | | |
|
| | Member Login | | | |
|
