Analyzing Palladium 481
apeir0 writes "The Register has a story which proposes an ulterior motive to Microsoft's new Palladium: a GPL-killer. 'It's the very fact that this appears insoluble to me that helps me realize that MS has put tremendous, careful thought into it. To make the commons Linux-hostile, MS is taking dramatic steps to make it GPL-hostile. Very clever and admirably diabolical.' Is this a valid point or just paranoia?" Ross Anderson has been writing about this recently; we covered his paper a few days ago, and he's now got a Palladium FAQ up. Another submitter sent in this interview with the Microsoft manager in charge of Palladium. The Washington Post has a column. Update: 06/27 22:43 GMT by T : Bob Cringely also has a column on Palladium up, in which he says that several of his fears have been realized by it.
Ignore them. (Score:4, Informative)
Re:Ignore them. (Score:5, Interesting)
However I can't ignore this. It does worry me since most of my clients only know MS. It is very difficult to get your avarage joe user to break the MS habit, and some clients believe the FUD being spewed/parroted by media.
We can't ignore it, MS have a monopoly and they are going to leverage to its fullest extent until it is (if ever) taken away.
I cheer on your use of linux, but we are a minority, a well informed minority, but a minority non the less.
Re:Ignore them. (Score:5, Interesting)
The parent post to which you replied should never have been marked Troll, and I will enjoy ripping the moderator responsible a new one on meta.
That having been said, I disagree with his suggestion that ignoring this problem is the answer, but not for the reasons you say (or at least, not entirely for those reasons). This must be fought tooth and nail, as we are being attacked from two sides:
1) Microsoft, trying to leverage their monopoly to impose further, very detrimental, restrictions on the freedom of customers to deploy the correct technologies for their solutions under the guise of DRM.
2) The entertainment industry, that is trying to legislate the very same restrictive technologies and require them in all digital hardware.
We would be absolute fools to ignore this.
Having said that, fewer and fewer people care about Microsoft's proprietary protocols. Even offices that deploy Microsoft on the desktop are, in my experience, deploying open protocols in place of Microsoft's wherever possible to avoid the sort of nonsensical moving target and deliberate breakage MS service packs often result in.
The result, interstingly enough, has been a quiet movement on the part of several businesses away from Microsoft not just on the server side, but also on the desktop
This is why Microsoft is scared, this is why Microsoft is trying to impliment coercive technologies that will remove the last vestiges of customer choice, and this is why their unholy alliance with Hollywood will likely succeed in creating a Revelations-esque dystopia if we sit on our hind ends and do nothing to prevent it.
Unfortunately we as Americans are so thoroughly conditioned to not become actavists about any cause, no matter how much we care about it, that it is very possible we will do nothing about it in time.
BTW - As another person who works at a company that has completely depircated Microsoft products and deployed GNU/Linux widely throughout our enterprise I can echo the original poster's comments (that were so unjustly marked as a Troll): Life as a non-Microsoft shop is damn good.
Re:Ignore them. (Score:5, Interesting)
This is a disabling technology and DRM management laws would be disabling laws. Take a look at prohibition to see what would happen. Most people will begin using computers illegally, black market devices and software will be developed, economic calamaty will eventually ensue due to the brakes being put on free commerce in many arenas, including Hollywood and Microsoft.
It will be one hell of an ecnonmic downturn. I alos predict that all the financial pundits will not key on DRM laws being the cause, but they will be.
Re:Ignore them. (Score:2, Insightful)
No, dumb fuck, we're not.
But those of us who are affected by the attempt to legislate DRM rights (as noted in my post) are.
The point remains, even if it is over your head.
Re:Ignore them. (Score:5, Insightful)
Which FUD are we talking about? This entire series by been a collection of FUD on both sides. In case you missed it Slashdot is also doling out large quantities of:
FEAR: Of loss of privacy, of misuse by Microsoft, os loss of user's rights.
UNCERTAINTY: of what's going to happen period. Almost everything I've read so far is speculation.
DOUBT: Doubting Microsoft's intentions, doubting it will work. How much doubt do you want?
As a community, we've not only grown a huge distrust for Microsoft, we've grown a love for their methods. Not only do we happily wage wars with FUD, we seem (as I look through the moderated up comments), apparently advocate licenses that prevent Palladium from working with "open hardware" (sorry, but that doesn't sound open to me, it sounds as exclusionary as Microsoft's standard tactics).
It's about time we returned to our core beliefs, before we lose them entirely and become what we claim to despise.
Re:Ignore them. (Score:3, Insightful)
Which is amply demonstrated by the fact that this is the second time the story has been posted this week.
The Register article shows only that the reporter has no clue as to what Palladium is and what it can and cannot do.
No DRM solution is 100% secure, the issue is not eliminating piracy, it is raising the barrier sufficiently so that the content owners are confident enough to release material and for the level of piracy to be low enough that people can all make a buck.
Attempting to rig a DRM solution so that people could only run MSFT O/S would be (1) illegal and (2) very stupid since people would have a legitimate reason for bypassing the alledged DRM measures to run Linux.
If you run Linux you are not going to have a Palladium certified O/S and many content providers are not going to sell stuff to you. But that is exactly the current situation. Palldium is only going to mean that Windows users can get content that the owners will not release without strong(ish) DRM.
Reason for FUD (Score:3, Insightful)
B this is just the initial stage of "freaking out." I, for one, never thought that anything short of an *obviously* oppresive gov't law could stop open source or the GPL.
But now that is changing. I'm worried. Here's why:
If the TCPA's ideas becomes law, and old applications are made incompatible, or more likely, obsoleted by new ones, people will be required to upgrade to new hardware/software to get much of anything done, as I see it. Upgrading is a source of revenue for corporations (e.g. MS), I think it's safe to say they would try for this if they could.
If this becomes standard and exclusive, there isn't a whole lot the OS community can do, especially if it is illegal, IMO.
The only thing to stop this is a huge outcry from the tech community and/or the education of government officials. Past that, the Joe Publics will have to become angry. And considering the Joe Publics I know, that isn't likely unless the idea of their computer being run remotely is spread around.
I think Joe Public can handle not stealing music. He might be used to it, but after all, by common definition, he is stealing it.
I think Joe Public won't mind the "extra security" if he thinks it's there. People aren't retarded, but often ignorant.
That is why I worry.
There is no way this could last forever. That would be retarded -- even congress has to learn about technology sometime. But what I can forsee in a possible future is a world where the companies have put their other foot in the door of our computers (and wallets). And it'll take a fight to get them out if they get that far.
To be honest, I'm scared. Fear, uncertainty and doubt are being spread because we (or at least some of us) believe in it. FUD from companies is typically BS with no thought behind it. This FUD is genuine fear, IMO.
definitions of Security (Score:2)
Thus we can get an internal Microsoft definiition of Security:
making the world safe for Microsoft or a means by which competition to Microsoft can be locked out.
yeh, this is cynical. don't know where I would get such an attitude. maybe I should change my brand of coffee.
being able to trace the source on something means responsibility can be assigned.
Probably the features should be availble with the default setting of these features turned off.
I also imagine that such features would be spoofable, somehow.
[shrug]
Ignore them and you'll vanish (Score:2, Insightful)
So even if they put a TCPA-compliant Linux on that hardware, because that hardware mix is not approved then they won't be able to use TCPA-restricted services. They won't be able to communicate with TCPA-locked clients and suppliers.
Even if they buy TCPA-compliant boxes with TCPA-crippled Linux, they will have to run only TCPA-approved applications. A TCPA-approved application can not trust data from a non-approved application (or else the app is at risk of being damaged/subverted by the data -- a buffer overflow or other attack can make an app do unapproved things). So they can't have TCPA apps read the output from custom programs, and can't create services for clients which involve their own unapproved software.
Why should I care? Where's the "killer app"? (Score:3, Insightful)
All of this matters how, exactly? If I can run a non-TCPA approved OS (even Windows XP) on the TCPA motherboard, so what? Isn't that the same as running a non-TCPA approved OS on a non-TCPA motherboard? I don't get it. So I can't use TCPA-restricted services or run TCPA-restricted software. Big whoop. I can't do that now!
TCPA will only matter if it reaches critical mass, but people (and corporations) will have little incentive to upgrade their hardware AND their software just to run Longhorn/Palladium unless they can't do something critical without it. In other words, the TCPA-restricted services and software will have to be required, and how will they ever become required if everyone must first upgrade their hardware AND OS AND applications?
I really doubt M$ can reach critical mass on this one. What's the "killer app" that drives everyone to TCPA/Palladium? Movies? -- Hollywood would have to stop releasing on DVD and switch over 100% to a TCPA-restricted medium first, and frankly at that point I'll just stop buying movies. Remember, society got along just fine from the 1900s to the early 1980s without owning/renting movies, and we got along just fine in the 1980s and most of the 1990s owning/renting them on VHS. I'd miss DVDs, but I won't replace my entertainment system if they stop selling them. Treating me like a thief isn't going to make me rush out and replace my TV, VCR, & DVD player with something that performs exactly the same (and refuses to play my old DVDs!). The RIAA and MPAA both think society can't get along without them, but they may be in for a rude awakening.
eBusiness? So far they haven't been able to entice everyone to pay bills or shop exclusively online, and forcing a complete system upgrade first isn't going to make it more attractive. Why business would rush to embrace this eludes me. My job is making in-house software for Fortune 500 companies, and they hate spending money on things like automated testing tools; they sure aren't going to like having to pay an outside company to certify their in-house software before their own computers will run it. Hell, who certifies the development copies so they can even be tested? Companies are not going to replace all their computers just so they can increase their software development costs.
Nobody's going to go for this -- there's no "killer app."
Score -1: Troll (Score:2, Insightful)
Re:Score -1: Troll (Score:2)
Sure, chances are 99% of our conclusions and fears are way out there, but that does in no way remove the need for awareness of those fears to exist. If we wouldn't cry out each time something like this was proposed, we'd be giving a completely wrong signal, all but telling the industry that they can get away with doing such things...
Between a valid point and paranoia (Score:5, Insightful)
Re:Between a valid point and paranoia (Score:4, Informative)
Check out this Yahoo! story [yahoo.com] for another angle. I imagine Bill is think "check and mate"....
Re:Between a valid point and paranoia (Score:3, Informative)
Re:Between a valid point and paranoia (Score:3, Interesting)
Its kind of like noting that the Internet was in (somewhat) widespread use well before 1996, so why didn't Microsoft pay attention if this Internet thing is such a big deal. It wasn't until the graphical web browser showed up that Microsoft paid attention. Therefore, its not the Internet - its the Web.
In some people's minds the two ARE the same thing. And while they really are seperate entities, one depends greatly on the other for its success. And once the Internet with its more user-friendly flashy graphical Web front-end hit the scene... businesses, even those who had spent years running competing technology / practices, were forced to adopt it.
Linux and the GPL share many of the same traits. To the uninformed, the GPL and Linux are the same thing (if both aren't simply labled 'freeware'). The GPL license and GNU project layed the foundation for Linux. Linux drove the popularity of the GPL. At first GPL/Linux went unnoticed by the IT industry. And then it sprung forward, caught momentum, and is now an issue most IT Industry players must tackle - including Microsoft.
The GPL and Linux provide a whole range of threats to Microsoft. Competing software. Competing standards. Demand for open standards. Loss of control over implementation of those standards. Loss of control over publically available code, to include technology and code developed at Universities and through the US Government. Competative advantages to competing businesses able to adopt a business model that can make use of this code base. It doesn't matter if its specifically Linux or the GPL - its all full of nasty potential for Microsoft.
Microsoft's strategy is pretty simple. Linux presents a unique threat - it can't be bought, out-marketed, or simply smothered. Linux is grassroots and now a part of a wide number of corporate strategies. Its an IT industry hydra and the time-tested strategy of lopping off a head won't work. So Microsoft has decided to go for the heart; the GPL. Which would be a nice and neat thing to do - poison the GPL and ALL the issues of Linux and the GPL begin to fade.
Lots of problems ahead for MS (Score:5, Insightful)
or even a high-level verification method. Obviously not, it's embedded in hardware.
I would think that an identification code embedded in hardware is going to be cracked, and in short order. What happens to Charlie consumer when he finds that his version of Word no longer works because some cracker has a hold of his unique
identifier? And that he can't change that identifier without a new MOBO? Or that Microsoft is giving away his credit card number to anyone who can spoof his identity?
It's a common failing of software manufacurers to think that new hardware can solve problems that software cannot (CF pretty much every dongle ever made) Just let MS run with the ball until they realise that the same thing can be done in software at a fraction of the cost.
In addition, I think it would die in Anitrust. Just wait until those computers start being returned, because they won't play nice with my operating system of choice, and watch Intel turn on a dime.
If I were an MS employee (Score:3, Interesting)
So if they want to get this adopted and in use - below the radar if possible - they have to do it very slowly. Get the stuff out there and then launch BigBrother.exe (or actually, bigbro~1.exe).
Re:If I were an MS employee (Score:3, Interesting)
Re:Lots of problems ahead for MS (Score:3, Interesting)
All the manufacturers will be nodding their heads at MS while producing security free boards in the background. The market always follows what people want, and many consumers won't want to be tracked and stamped by MS.
Re:Lots of problems ahead for MS (Score:5, Insightful)
DRM is coming, and if people don't like it, they will have to move fast because with AMD and Intel promising support, there isn't much stopping DRM legislation - apart from some teenagers and some commie-hippy protestor types.
So get ready to wear the mark of the beast...
Re:Lots of problems ahead for MS (Score:2)
I'm not so sure. The identification code is embedded in the hardware, and there would be no way to read it. At best you can give it data and use it to encrypt/decrypt stuff for you. The only way this stuff can be attacked is if something can spoof this, and pretend to be the Windows OS. But the hardware in the BIOS and the motherboard are going to be doing their absolute best to stop that happening- the BIOS/hardware can run certificate checks on the program that is asking for the encryption and authenticate it that way.
The problem is that in doing this you are moving many of the traditional OS functions down into the BIOS/hardware, this will make it very complex to do right, but modern semiconductors can probably do this. It doesn't necessarily benefit Microsoft though- there's going to be plenty of forces in the world, particularly Europe that will preclude that, although domestically in America it may be different.
Re:Lots of problems ahead for MS (Score:2)
Re:Lots of problems ahead for MS (Score:3, Insightful)
Re:Lots of problems ahead for MS (Score:2)
Re:Lots of problems ahead for MS (Score:3, Interesting)
I would think that an identification code embedded in hardware is going to be cracked, and in short order.
Hardware is enormusly dificult to crack, look at the ASIC on DBS cards for example, reverse engineering software is one thing, anyone with a afternoon and a hex editor can do that. Getting a electron microscope out and figuring out how the circuits work on a eeprom substrate is an entirely different matter.
What happens to Charlie consumer when he finds that his version of Word no longer works because some cracker has a hold of his unique identifier?
How about this, what happens to Charlie consumer when he wants to upgrade his system and move all of his software from one to another, you guessed it, he cant, its tied to the first machine for good, fork up another say $2000+ dollers to upgrade all of your software.
Just let MS run with the ball
Isnt that what got us into this mess in the first place?
In addition, I think it would die in Anitrust. Just wait until those computers start being returned, because they won't play nice with my operating system of choice, and watch Intel turn on a dime.
Isnt that how it should be? Vote with your $$$ just dont buy one and it will die a horible horible death, more importantly inform as many people as you can about it.
Re:Lots of problems ahead for MS (Score:2)
I wonder if this could be the straw which breaks the camels back, and finally gets some legislation in place to regulate the rights of software licencees. For example, I would think that getting a free (or for the cost of the media), replacement of all programs, when my HDD dies would not be an unreasonable thing to have written into law. I'm sure there must be plenty of others.
Re:Lots of problems ahead for MS (Score:5, Insightful)
Sure. Remind me, where do I download the software hack for Xbox?
Sorry, you're just plain wrong on this one. Trying to impose security on an insecure OS with a dongle is wildly optimistic. But tying the hardware and the OS together is - demonstrably - not. Modding an Xbox requires a hardware hack, and Microsoft aren't idiots; they'll learn from the Xbox vulnerabilities and make sure that Palladium is harder to crack, or they'll have got their para-legal team hopped up and ready to take down any mod suppliers the instant they appear (note that one Xbox mod chip supplier went under today).
I'm not saying it'll be impossible, but I am predicting that it'll be damn hard and will require more than just a soldering iron and a cavalier disregard for your warranty, the EULA and the DMCA.
As regarding it dying in antitrust... well, we've seen how fast the DoJ moves on these issues. As for returning computers, what's your basis for believing that by 2006 you'll be able to buy a generic naked system without a Microsoft OS installed? And if we're talking about individual components, what will the market be for people who want to install a non-Microsoft OS but who won't realise that a stock consumer Intel/AMD chip won't talk to it? 2%? 1%?
This is a big deal. It's the Son of SSSCA, dressed up in pro-consumer clothes. It's not mandatory, just de facto (i.e. zero difference in practical terms). The response to any legal challenge will be that if you really want to run a non-Microsoft OS, you can pay extra for "server" or "pro" versions of CPU's (and whatever other components have jumped on the bandwagon). Fine, but how long before the anti-piracy argument gets leveraged to push through either a consentual or compulsory scheme to license access to non-Palladium parts? Six months? Less?
We can argue this until the cows come home, but let's agree to compromise. If you're right, you can say "told you so". If I'm right, I can say... well, whatever Bill allows me to say. Fair enough?
Re:Lots of problems ahead for MS (Score:3, Informative)
Remind me, where do I download the software hack for Xbox?
The X Box Hacker Site [xboxhacker.com], of course. Really, I don't follow X Box hacking closely enough to know how far this has progressed, but it seems to me that a mod chip has been developed--in 9 months since the X Box was released, and it's DRM was touted as 'unbreakable'. Give it another 9 months for more development.
In fairness, though, the link to the FAQ indicated that while external-to-the-processor DRM management solutions were feasible to break, the embedded-in-the-processor DRM solutions expected in rev 2 and later of Palladium would be not hackable by individuals, or even groups of individuals.
And as for your other point: This is a big deal. It's the Son of SSSCA--yes it is. This is a big deal--the death of Linux, and the end of Apple, unless Motorola gets on board, and quick. You may be able to run those OSes, but you will have ZERO interoperability with 95% of the market. Two things that I think might save us: public outcry against this like Intel's previous attempt to allow external reading of the processor's serial number. Also, since this plan really requires ubiquity of the OS, the absence of a monopoly OS will hamper or kill it. The Anti-Trust penalty may help here, or may not.
Where trust comes from (Score:4, Interesting)
Juarez:
Re:Where trust comes from (Score:3, Interesting)
First of all, what they publish will be the interface to the hardware. The important stuff will still be hidden down in the hardware, or up in the application.
Secondly the code will only work if it is signed my Microsoft. If you change a single bit the hardware will flag it as "untrusted" and lobotimize itself, as the MS-DRM-OS patent puts it, it will "renounce the trusted identity". Altered code will not work.
MPAA/RIAA will jump onboard and start offering locked content. Sales of the system will be diven by movies/audio only useable on "Palladium enabled" computers.
The system will be cracked, but it will require a student in a college lab scanning the data off of the hardware, or maybe someone in his garage hacking a new circuit into the motherboard. It will be the biggest hack-target in history. It wont last long.
-
Re:Where trust comes from (Score:2)
I told [slashdot.org] you so.
No big shocker here. (Score:4, Interesting)
It seems that we, the mass public, are expected to give up the idea than when we buy something, it's ours. Now that even seems to include our hardware, not just our software.
Devices hostile to 3rd party peripherals (Score:5, Interesting)
> For example, some mobile phone vendors use challenge-response
> authentication to check that the phone battery is a genuine part
> rather than a clone - in which case, the phone will refuse to recharge
> it, and may even drain it as quickly as possible. Some
> printers authenticate their toner cartridges electronically;
> if you use a cheap substitute, the printer silently downgrades
> from 1200 dpi to 300 dpi.
I wonder if there's a list of printers and/or phones that perform in such a manner. I'm not sure if the law would deem such behavior as "anti-competitive", but I as a customer certainly find it so, as well as offensive.
Olympus SmartMedia (Score:2)
Re:Olympus SmartMedia (Score:3, Interesting)
I have an Olympus C2000Z with a panorama feature, which can only be accessed if I insert a Smartmedia card from Olympus with this feature enabled.
I recently purchased a new smartmedia card of 128MB from a white brand, and the feature is unavailable with this card. It *may* have to do with vendor lock-in, but it may also be that those Smartmedia cards have a special (read: more expensive) feature of providing more temporary storage or something.
Re:Olympus SmartMedia (Score:3, Informative)
Re:Olympus SmartMedia (Score:3, Informative)
Re:Devices hostile to 3rd party peripherals (Score:2)
In cases where the manufacturer holds a virtual monopoly over a widely used device, it would be expected that the consumer get a choice in buying spare parts. This was done to General Motors in the 1960's. At that time, GM held a HUGE market share, yet refused to allow anyone to manufacture spare auto parts (they owned or controlled all of their suppliers). That monopoly was broken up.
Re:Devices hostile to 3rd party peripherals (Score:2, Interesting)
My thought is one of these companies will over step the bounds and get sued. Oh wait..Microsoft already did and they are buying their freedom. God I feel good about America right now.
MS is Silly (Score:5, Insightful)
Apparently the US government does not think it's silly. Nor did the judge in the case who ruled against them.
Masters at work (Score:5, Insightful)
How are Microsoft experts? (Score:4, Informative)
They have 4 major successes. They took the OS monopoly granted them by IBM (as a result of IBM facing an antitrust suit) and built a successful empire. They leveraged internal knowledge of "Chicago," (Windows 4.0/95) to get Office 95 on release and establish a near monopoly on desktop office suites. They leveraged their OS and finances to establish a near monopoly of Internet web browsers. They also used financial muscle to clip Borland off at the knees and establish a near monopoly in development software.
However, in the cases of their successes, they really leveraged a critical mistake by their competition. Even NT Server's rise was a combination of marketing and boneheaded moves by Novell. Novell has let everyone believe that they are dead, so NT ate a lot of their market. Linux is now a huge portion of the market.
I really don't understand why everyone believes that Microsoft is invincible. Look at how WordPerfect, Netscape, and Novell dropped the ball. Also look at how Apple dropped the ball.
Microsoft is great at release early and release often. They put out near beta code quickly to establish a beachhead. They then keep running at you, hard. Fail to innovate (Netscape and Real) and they will clobber you. Keep running ahead, and you can be the Intuit of the world.
Microsoft has a LOT of failures. MS SQL Server has NOT defeated Oracle and DB2 for the Enterprise "mass" market of databases. MS SQL Server gets most of its success from MS Shops that web deploy apps with VBScript ASPs. Low end web publishing uses MySQL+PHP, while the higher end does Java+JSP+Oracle. Those of us in the technically complex world without the heavy Enterprise backing do either PHP (or Perl) with PostgreSQL in the Unix camp OR ASP with MS SQL in the NT camp.
MSN has never defeated AOL, despite its early predictions (and 7 years of being pushed in MS's monopoly Oses). You're insane if you think that Xbox is competitive with the PS2 or Game Boy Advanced. It has been running even with Nintendo's Gamecube in 1 of the 3 major markets (trounced in two others) while Nintendo hasn't released a major title yet.
UltimateTV was a total flop. There are lots of failures, not just Microsoft Bob.
Get a grip people,
Alex
No, it still won't work. (Score:5, Interesting)
Think about it for a second: a lot of people, though not the [MP|RI]AA, are going to be royally pissed off about this.
Therefore, they will be tempted to do something about it. So, we'll see one of these solutions:
Finally, I think the US
Again: I believe M$ is just testing the waters here. It's probably either a marketing test balloon or vaporware, designed to please the US government in these post-9/11 times.
Remember: Palladium can only work if every company joins the conspiracy. Some, maybe even a lot, won't.
YMMV, IANAL, Standard::Disclaimer and so on and so forth.
Re:No, it still won't work. (Score:3, Interesting)
The Cartel Problem (Score:4, Interesting)
Remember: Palladium can only work if every company joins the conspiracy. Some, maybe even a lot, won't.
This, IMHO, is why it won't succeed for the same reason cartels designed to artificially restrict supply sooner or later all fall appart. Initially, people might go for it. When an economic disadvantage is passed on to consumers - designing this, after all, isn't free, and developers who can't or won't pay the fees required to have their code "Certified" will be unable to develop for that market - and consumers of Palladium PC's will be unable to use their wares.
This will result in a incentive for a manufacturer of CPUs or motherboards to produce a non-Palladium product. People will move to those platforms for a variety of reasons, producing an incentive to produce non-palladium products, springing up a non-MS taxed industry. It probably would motivate a lot of busy people like me to start working on GPL products to fight against the mark of the beast. Sooner or later though, a hardware manufacturer will spring up to produce hardware to meet the demand. That's inevitable.
This, frankly, sickens me to think about. I'll become physically ill if Apple announces they're going to soil their OS X and Powerbooks with this platform.
Re:The Cartel Problem (Score:4, Insightful)
Cartels like the diamond industry? That was has been going strong for ages! Cartels like OPEC? It may not have the strength it used to, but it still has a tremendous amount of control over oil pricing. I hope you're right on this one, but it's not a given.
Absolutely Right (Score:4, Insightful)
Absolutely right.
Then, lets not forget cartels like the Recording Industry Association of America (RIAA) and the Motion Picture Association of America (MPAA), who have successfully lobbied for and purchased legislation to enshrine their oligarchy into US law.
These are the very people who are pushing for this sort of nonsense, and a software monopoly as a result would be fine with them (indeed, perhaps even preferable to a free market, since it is only one point of pressure/influence they would require).
We are absolutely kidding ourselves if we do not think this is a serious threat to Free Software, the GPL, and our very freedom as human beings.
The natural direction (Score:2)
I look at this problem as a question of stable/unstable systems - think the physical world:
- A ball at the top of a hill is an unstable system - any disturbance will make the ball roll down the hill. To keep the ball on the top of the hill for a long period of time, one needs to frequently provide energy so that the ball stays/goes back to the top of the hill.
- A ball at the bottom of a valey is an stable system - the ball will only get out from the valey in case of a major disturbance. For small disturbances the system is self-correcting - the ball tends to roll back to the bottom of the valey.
So - social systems can also be stable or unstable. An example:
- A bunch of kids left alone in a room with a pile of candy. They are told by a grownup that if they get the candy something bad will happen, and then the grownup leaves. Now, one kid gets the nerve and goes and gets a candy. Nothing happens. Then another one. Still nothing. The another and another and another. This is an unstable social system - the candy won't last long.
Back to our problem (finally). I believe this is an unstable system. My reasoning is as follows:
a) From the side of hardware manufacturers:
- Any hardware DRM implementation will be more costly than a non-DRM implementation. At the very least, more space will be needed in the CPU, which means a bigger die, which means a more expensive CPU (the bigger the die the more likelly it is it has some failures, meaning less working chips per wafer meaning less more money per chip).
- Inicially the majority of the software out there will not require Paladium/DRM. Only new programs might require that.
- Thus (at least in the beginning), machines without Paladium support will be both cheaper and suitable for the biggest majority of software/consumers (thus having a competitive advantage). This makes it very tempting for hardware manufacturers to NOT produce Paladium-compatible machines.
b) From the the side of software producers:
- A Paladium/DRM license costs money. Implementing software which requires Paladium/DRM is thus more expensive than non-Paladium-compliant software.
- Similarly to the hardware side - in the beginning, the majority of machines will not have Paladium support. In order to reach a sizeable portion of the market, the software must thus support non-Paladium-compliant hardware.
- Thus software producers that want to reach the biggest portion of the market will either produce non-Paladium compliant software or software that will work in non-Paladium compliant machines.
Puting it all together:
a) Hardware manufacturers will have a competitive advantage in manufaturing non-Paladium-compliant machines (cheaper and work with almost all software)
b) Software producers will have a competitive advantage in producing software that works with non-Paladium compliant machines (the majority of the market) or even non-Paladium-compliant software (which has the aditional advantage of not requiring a Paladium license).
As i see it, the current situation is a stable situation. A great deal of energy (read money) must be spend in order to change the status-quo. Software developers need to be convinced (as in paid) to do Paladium-only software while hardware manufacturers have to be convinced (again paid) to develop Paladum-compliant machines.
The temptantion for software producers or hardware manufacturers to put out products that do not require Paladium will be huge given that any one that does so will have a competitive advantage (which will translate to more market share) in relation to the ones that remain Paladium-only compliant.
As soon as one company leaves the pack and starts increasing their market share others will have to leave too in order to stay competitive.
The only way to avoid this would be if all consumers would at the same time change all their machines and software to be Paladium-compliant. In a Paladium only world there is no market for non-Paladium machines or software.
Re:No, it still won't work. (Score:5, Insightful)
Today, chipmaking systems cost in the billions of USD. No one is going to start a garage shop to fabricate these things - they will have to come from established (read: large) manufacturers. Large companies are very susceptible to government pressure: "no DRM instructions in your new CPU? I guess we will have to cancel that big secret contract with the NSA, and also sic the SEC on your financial statements."
Similarly on the CPU side: Intel and AMD are really the only games in town now. Any new systems would have to "play ball" with one of those two. And again, as large organizations (in Intel's case with large US Government contracts) they will fall into line if pushed.
sPh
Re:No, it still won't work. (Score:4, Interesting)
One of the most successful chipmaker of all time is ARM. The first version of the ARM chip (a 16-bit RISC chip) was created by just two people, with no money, no help and no support from the main company (Acorn, at the time). If I remember well, these two people did not even have a lot of experience in chip design.
The great-grandchildren of this chip can now be found in millions of devices all over the world. iPaq, Nokia, HP, you name it: they all use it (even Palm, in its latest models).
Even when ARM1 came out, it was touted as more powerful than anything Intel had to offer at the time. It was also easier and cheaper to produce and consumed less power than all other CPU models.
And there are ARM clones out there, including one on Open Cores.org [opencores.org]. Not that I think that desiging an ARM clone is necessarily good, just that that designing a cheap RISC CPU can be done.
So, designing a complete "GNU Hardware" system is possible, and it could even be a way of ditching the mess which is the PC architecture.
Think about it:
Let's face it: some people (including me) would pay good money for a "no-Palladium" system. Especialy if I have no choice!
Operating Systems such as Linux are a commodity -- but a commodity that break M$ monopoly. I think it's time for the hardware itself to become a "free speech" comodity as well. And Palladium could push the Open Source community to do just that...
Re:No, it still won't work. (Score:3, Interesting)
Palladium is based on the patented Xbox method. The hack for that requires an expensive mod chip, a soldering iron, and a willingness to break your warranty and (arguably) the law in the form of the DMCA. That's pretty darn good security in practical terms, and it'll be better by 2006. This isn't some afterthought dongle, this is Palladium hardware that will only talk to the Palladium OS, and vice versa.
Bzzzt, wrong. Not enough market, and this won't open a niche, because Intel and AMD will sell expensive "server" versions that will run non-Palladium OS's (then expect to see sales licensed to "crack down on piracy"). But surely (I suspect you'll say) people will realise that it's better to support a cheaper and technically superior solution over a bloated expensive incumbent. Uh, right. Nobody every got sacked for buying IBM, goes the adage. Remind me, how is Transmeta doing these days? Still burning up the venture capital, right? OK, we can go to PPC, but that sinks one of the great strengths of Linux/BSD, that you can install it side by side with Redmond on your Intel/AMD system and see if you like it.
Er, yes. Or rather, I think that EU politicians will let it in, and then the EU courts will have to deal with it after the fact. You know, the way it always works. Third word? What's the interest in the third world? It's to increase the potential market. OK, but companies know that it's more expensive to recruit than to retain. It's way more efficient to lock in your high value customers than to spend money to try and persuade low value customers to join in. And once you're infected by Palladium, they've got you. You're never getting out. They don't have to win everywhere at once with this, they just need to start the ball rolling.
Spurious assertion. First off, by 2006 Microsoft plan to have everyone - corporate and residential - on software-as-a-service plans, with automatic updates. And they'll simply stop offering anything other than Palladium. Then look at it from the point of view of risks and penalties. What's the cost of not signing up? It's guaranteed exclusion from the Palladium network. Initially, that means Microsoft, which means (depending how they want to play it) patches, fixes, MSN, MSDN, Microsoft Messenger, Hotmail, Passport, you name it. Then if just one of your big customers or partners switches, you have to switch, or lose them. I agree that it'll be hard for Microsoft to get the ball rolling on this, but when it starts, my god will it pick up momentum.
Maybe I'm being Chicken Little. Maybe you're being Pollyana. But the costs of me being right are a heck of a lot higher than the cost of you being right. I say we scream about this, and we scream about it now, before it has a chance to gather momentum.
Anyone notice the inherent similarities (Score:5, Insightful)
Although, I guess if I had to choose between getting a new MOBO and new eyeball I'd pick the MOBO. Maybe this is Microsoft's attempt to be least-worst.
No, no, no (Score:2)
I think MS has learned that their reputation preceeds them in the content creation industry and will do what it takes to gain that trust.
Palladium, Microsoft’s future? (Score:5, Insightful)
Palladium if it ever actually comes to pass is probably the biggest and most profitable enterprise Microsoft could ever possibly have imagined. Why? Secure software running on a secure platform. But what steps do you take to make this idea a reality?
A trusted hardware base. All hardware must meet certain operational standards that are set out by a central organization. For hardware to be "compatible" it must live up to the minimum of these standards. Similar to government regulated health and safety standards on all current hardware, but in this case software regulated. While this might not appear in Palladium version 1.00 it will definitely feature in its future, as all the big media companies want hardware copy protection.
All software needs to be certified by the above central organization. It wouldn't be out of the question for Microsoft to create an "external sub-company" to administer this side of the business and not seem like it's trying to be a monopoly. This new company would deal with Sun, Linux, Oracle, etc, in the same way it would deal with Microsoft. Why this might happen I'll explain later.
How will this software be certified? If a software company just uses any old computer language to create a binary, what will get certified the source code or the binary? This is an important question, how do you check that the software that's certified has no backdoors? As backdoors are the single biggest problem within a closed "secure" system.
Here is what I think Microsoft is making a play for:
The answer is a trusted programming language a.k.a
Microsoft is predominantly still a software-based company. While the IBM PC compatible hardware is Microsoft strong hold it's not the only hardware option. To a large extent Microsoft has won the desktop market. The only way they will lose it is if there's a change in the Client/Server (Desktop/Internet) relationship. Microsoft saw with Java how this relationship could change and Windows could become no more then a footstool for Java applications. If Java had become the programming language of choice for creating Desktop/Internet applications Windows would have become a very easily removed part of the equation. Enter all the dreams of the Net-PCs, a slimed down computer running cheap to free operating systems with a Java run-time on-top. Here's the twist. Microsoft liked the idea and with its power in the desktop arena knew it could succeed where Sun failed. Microsoft Windows might not be the flagship of Microsoft for much longer, as Palladium could become the software platform of the future. Two reason why I think this: 1) They could create a more "open" version of Windows knowing this would help them in their antitrust cases. But really knowing that all software by default will have to run under Palladium anyways. 2) Palladium will be run on all trusted hardware footprints (PC, Apple, etc). But Microsoft will use its power over the desktop market to implement Palladium through Windows. Once it has been accept as the standard that Microsoft believes it will be, demand from users of other hardware platforms to support Palladium will create the need for all client operating systems / hardware to support an implementation and because its all based on
With this move Windows steps back becoming primarily a desktop only environment running Palladium for all import tasks. Windows users will still be able to play all their games and fun applications, which might not be trusted but Internet access and important data can only be accessed through Palladium. Windows would sandbox trusted and untrusted software apart. So at an operating system kernel level trusted and untrusted software runs differently. Plus with Microsoft changing its file system from FAT/NTFS to a Database system untrusted software wouldn't be able to get access to this partition, both at hardware and software levels.
Now the "external sub-company" suggested above would be used as follows: This company would be "external" from Microsoft, and Microsoft would sell its MS-Palladium investment to said new company, which just happens to have Bill Gates as its CEO and many other big shots involved. This new company (which for ease of reference will be called "New$oft") will be now responsible for managing all the NS-Palladium implementation with all hardware / software companies. This implementation will required backroom access to all operating systems source code, to double check that there are no loopholes in the security of an implementation. Companies like Sun and Apple to an extent will have to allow Newsoft access to their primary intellectual property. Newsoft will check that the operating system cannot do any damage to the secure Palladium.NET network. As for Linux, Newsoft will create its own GPL distribution and modified Kernel, which it obviously has control over. This is all perfectly legal as Newsoft gives away all the source code for NS-Linux free. But when purchasing NS-Linux a license fee is paid for the NS-Palladium subsystem. All Linux updates will have to come through Newsoft before becoming part of NS-Linux. This will hi-jack Linux and removing control of the Kernel from Mr. T to Newsoft. Linux will still be as popular as ever but the distribution of choice will be Newsoft's because of market compatible pressures.
Now to the finial piece of the puzzle. Palladium will control access to different data and software features through certificates. Companies creating software that will run on Palladium.Net will have to get certified for developing different types of software. Meaning, not only will the source code be certified the companies that create the code will also have to be certified if they want their application have access to certain user data. This way only trusted companies will be allowed on the trusted Palladium.Net network. But the only way to create the byte-code is by using the Microsoft's Studio.Net tools. The byte-code that is created will have to adhere to standards that can easily be parsed for backdoors or loopholes. This way the certification of the binary process becomes a simple automated matter of checking the company's certificate permissions against what the binary byte-code is programmed to do. If the binary byte-code operates within the limits of the company's certificate we have a trusted program. This could even be applied to things like Palladium-Word macros, Palladium-emails to stop spam, the list of possibility is endless.
So to recap. All computer hardware is updated to have a Palladium microchip. The operating system has been updated to run Palladium's run-time byte-code. All software and software companies have been certified by Newsoft to be trusted. Linux is just another pawn in Newsoft's game of secure chess. Call this farfetched if you wish, but in Bill Gates wallet beside the picture of his children is a copy of this plan which he looks at daily, and smiles
Re:Palladium, Microsoft?s future? (Score:2)
That is farfetched. I'm sure he doesn't have pictures of his children there; probably a calculator that calculates his net worth in terms of how many people he can buy with it.
Palladium, Microsoft’s future. I hope so. (Score:2)
As for M$ having wont the desk-top battle. There are 50 million machines opned by people who WANTED to buy them rather that the 250 million machines bought by people who were'nt using them, looking for the >st ROI and st cost.
Linux is gaining %-age in the flat desktop market and that's coming out of M$s %-age.
The web sever market is definitely not IIS.
There's 25,000,000 Mac users out there and they bough their machines because they wanted it.
There's 25,000,000 Linux users out there and they bough their machines because they wanted it.
There's 250,000,000 M$ users out there and the machine was bought by the company they work for because it was cheaper, not easier to use or better.
Palladium (a toxic metal and a mythical calamity ending in the sac or Troy,) is based on trust.
Given the hunk of Swiss cheese that M$ has created and shilled all these years, would YOU trust them?
a million times: no. (Score:5, Funny)
I refuse to have my computer settle any existential problems before I do.
Especially when running software sold by the pasty white guy with a red light on his head.
If if changes the Unix/Linux security model, fine (Score:2)
If this Palladium project encourages general-purpose Unix to move towards a more trusted model with ACLs and other features, then it is a good thing for all of us.
Re:If if changes the Unix/Linux security model, fi (Score:2)
In Windows you want to read a file whose access is denied to only a limited group of people, even having administrative access doesn't allow that. You must take ownership of the file, and generally admins are not given that privledge.
In the non-trusted Unix world, root can do anything anytime. It has alot to to with network security because any sysadmin or anyone with access to a sysadmin has the ability to usurup the security model and do whatever they wish.
Re:If if changes the Unix/Linux security model, fi (Score:2)
In a Domain, you can assign user privledges to whatever level of detail you require.
Re:If if changes the Unix/Linux security model, fi (Score:5, Insightful)
I find it amazing how folk can start a sentence 'I don't know anything about this' and then go on to pontificate. Examples of this behavior include practically every Senator's reaction to the pledge of allegiance rulling (I haven't read the rulling but I'll make a dumb-ass statement to protect my base) and 50% of the posts on Slashdot by Linux people on WNT.
Under WNT you can set the O/S up with very strong file access permissions. It is not unusual to configure a WNT machine so that administrators don't have access to user's files and if you read the manual you can set the system up so that nobody has system privillege, administrators who can mod user accounts cannot modify the system log etc.
With W2K and later you can turn on the encrypting file system. By default the administrator still has the ability to recover files via the recovery root. But you can export that to a floppy disk and put it in a safe. You can also integrate more powerful Key Recovery systems from third party vendors that enforce dual control over recovery.
UNIX was not designed to be a secure O/S. The security it does support is a subset of the security mechanisms of MULTICS. The design observation made at the time being that the machines of the day (early PDPs) could not support a complex security model.
It is unfortunate that so many people mistake age for security. By the time VM-UNIX was developed the VAX 11/750 VMUNIX was developed on was capable of supporting a sophisticated security model as VMS proved. But like so many UNIX design features what had originally been a shortcut had been elevated to the status of dogma.
Hardware based security is bunk (Score:2, Insightful)
And how do you patch hardware when you find, 6 months in, that there is a flaw? This is a giant step backward in technology, designed to make people go out an buy yet more useless crap for their computers.
Re:Hardware based security is bunk (Score:2)
I remember a motto from years ago by the Pompey Pirates (gotta love the Atari ST):
"Dongles won't beat us!"
-- Dan =)
guess (Score:2)
1. The PKI spec and reference implementantion is public.
2. PKI chips are manufactured my multiple 3rd parties.
3. The validation to get your keys will be done by trusted third parties.
4. Nothing changes. In the beginning, things might be easier for those running Windows.
The world is not dumb enough anymore to be fooled by MS, it does not have ultimate control anymore, they are under pressure from many directions in which an OS is used(mobile terminals, embedded devices, consoles, desktop computers, servers) - all of these have multiple serious contenders now with differing interests. No one is strong enough to kill everyone else.
Invisible hand (Score:3, Interesting)
Or so I hope.
Re:Invisible hand (Score:3)
Well, when one of them will run my operating system of choice, and the other one won't, it is an easy decision.
Luckily, my operating system of choice runs on the open product. Unluckily, the silent hand is wielded by the 95% of people whose OS of choice will probably only run on the closed hardware.
Re:Invisible hand (Score:3, Insightful)
This will not result in the removal of the crippled products, it will result in tariffs on the imports. The open hardware may be available, but it will be available only via the black market.
Re:Invisible hand (Score:2)
Which would then lead to counter-tarrifs, and a full scale trade war. Would the US government want to risk that just to please the RIAA and Microsoft? I think the farmers, the steel workers and the car industry would go nuts!
Re:Invisible hand (Score:5, Insightful)
They're going to let you switch it off. However, if you switch it off, you wont be able to generate or use "trusted" content, and if 80% of people do not accept your "untrusted" content (with a little help from some cunningly-worded MS error messages), you're up shit creek (to use a common engineering term).
The carrot will be Hollywood DRM content, and the stick will be in creating the perception that MP3s, Oggs and Linux are in some way "untrusted".
What about a 'FAQ' for dummies? (Score:2, Insightful)
Anyone know where one could encounter a well written introduction to the problem, and a summary of the main points in the FAQ?
This would be good for people who's not technically oriented, but still use computers for variuos tasks. Those are the ones that must know about the implications of Palladium, to be able to protest against it with their wallets...
I'd write one myself if I posessed the insight and eloquence, but I suspect that many others could do a far better job than I.
of course it's valid (Score:2)
Microsoft will redefine free as "without reward".
Won't work (Score:2)
They'll rip the latest Hollywood blockbusters and Britney Spears' album and put it on something like FreeNet [freenetproject.org] and everybody will take to downloading it and more importantly, we'll all feel really good doing it.
Ditto running something like Microsoft Word. Once it gets hacked so that it is Palladium-neutered it can be transmitted to everybody in a flash and we all get to run it and feel good about doing so.
Fuck Intel and fuck Microsoft.
Another brilliant strategy by Microsoft (Score:2)
"Here's a latest version, buy it!"
"Oops we left out a feather which will be in the next release for your buying pleasure."
"The bug which has been reported was very dangerous and those who reported it should be tried as terrorists, by the way, the fix will be out in 2 months only costs $$$ to have an authorized technician take care of."
"Completely new design, as we Listen to You, expect it as soon as our current anti-trust trial is resolved."
"Bill Gates and Hillary Rosen deny tryst even as users find all CD's placed within 10 feet of PC's suffer damage from XPQ radaition (thanks to that special new chipset!)"
And of course, cattle will just wallow into stores and buy it without giving more thought than whether it comes with a shiny, candy-like button.
so... 20 years late? (Score:3, Insightful)
Fritz H. needs to be un-elected. Anyone got good pointers on how to do that?
-- Multics
Call me paranoid... (Score:2, Interesting)
So, what are we going to decide? Will we allow the big companies (the 'Party') to take away all of our freedoms one by one? Today fair-use, tomorrow anonymity?
It sounds to me like this would be the ideal time to use the united force of all people around the world who value their freedom to fight the sickening proposals being made by those who stand above the possible effects of their ideas.
Certainly, this technology might be useful in certain situations, but it should never be used to limit the freedom of the individual.
Are we willing to sacrifice our freedom for the sake of the profits of the 'entertainment' industry? It would hardly surprise me if after a successful introduction of TCPA, the number of sold CDs/movies and the profits made on movies in theatres would rapidly decrease, instead of rise, like they did before the introduction of TCPA (profits made by the entertainment industry has continued to rise in the past few years, despite the doubling of the number of sold illegal CDs and the exponentially growth of P2P software over 2001).
I propose that we, the people, make our final stand here and let utter defeat be the fate of our opponent(s).
And the Antitrust trial is even over yet. (Score:2)
I hope CKK kicks Gates in the "cojones."
Interesting piece of FUD (Score:2)
The first method is similar to what ICQ-like programs do, but ICQ was not designed to facilitate one-off messages from unexpected people. For example, all businesses have to have "open" email addresses, as do a lot of other people, including students and faculty, and so forth.
The second method might seem superior at first glance, but requires perfect security in both the central database and every client machine that stores a digital ID locally. I think that that is going to be most unlikely. We all know that spammers will find it all too easy to create fake IDs, steal the IDs of innocent home users who think a firewall is a sheet of insulation used to stop a fire in a building, and generally make a mockery of Palladium.
How hard is the authorization to hack? (Score:2)
I'm sure some hacker will figure it out.
disobey the law! (Score:2)
palladium CAN definitively be circumvented. Maybe a mod chip will be required to avoid querying the palladium chip, but it's just hardware. A few days ago I posted a comment [slashdot.org] here on slashdot, which generated a nice amount of discussion about that.
I understand now that if it's about public key cryptography on the chip it will definitively be a tough job to circumvent it. But it has to be done, no matter if it's illegal under the DMCA.
Some 30 years ago it was illegal for people with skin color different from white to sit in front of a bus. It was the law. Was it right to obey that law?
Mod me down as a troll, mod me down as useless. But I say that it is time to embrace our cyber weapons, our mind, our smartness, and fight out all those absurd laws - by disobeying it. No reason to fight back, definitively not in a court. The best ways to do that are:
I know I do sound trollish, but I do firmly think it's time to fight back against that. A law is supposed to protect the people - not the corporations!
last thought - if Palladium gets introduced in the US, and all vendors apply it, and the DMCA makes it illegal to circumvent it... do you, GNU users in the United States of America, really want those laws to block your creativity and your freedom? Do you know that other countries will probably not introduce anything like the DMCA, nor implement Palladium? Do you really want to be left alone in a world that will improve GNU systems, stuck on stupid law questions?
Now flame me.
The obvious hole (Score:2, Interesting)
Frankly, I think it HIGHLY unlikely that one of these keys won't be uncovered, either by an insider or by a large distributted cracking project. And once a key is out, ALL THE MACHINES CAN USE IT TO BYPASS PALLADIUM.
Nuff said.
--
Am I missing something? (Score:2)
Intel Serial Number Deja vu? (Score:2)
Why does Bin Gates think his effort will fly when Intel's didn't? People just won't buy his stuff any more than they did Intel's! This is a market economy -- people vote with their dollars [euros,yen,etc].
Re: (Score:2)
Re: (Score:2)
And we all know what happened to the Trojans (Score:2)
I almost spewed up my iced mocha latté when I read the opening paragraph of the article:
Even someone with the most rudimentary liberal arts education knows what happened to Troy and the Trojans, right? No? Well, here are the relevant parts of Homer's Iliad [tufts.edu] and Vergil's Aeneid [tufts.edu] boiled down into one paragraph:
The Greeks went to war against the Trojans because one of their kings' wife, Helen, skipped town to hop in the sack with a Trojan prince. The war went on for about ten years or so with no clear victory in sight for either side. Finally, however, the Greek soldier Odysseus (a.k.a. Ulysses) hatched a clever plan--the Greeks would build a huge, wheeled wooden horse and offer it to the Trojans as a sign of surrender. Unbeknownst to the Trojans, however, Odysseus and a crack team of Greek soldiers would be holed up in the horse's body. Lo and behold, the Trojans accepted the horse and opened the gates to let it in. That night, Odysseus and his posse got down and started kicking some serious Trojan ass from inside the city. In fact, the shrine of Pallas Athena (the Palladium in question) was where the Trojan king Priam and his remaining family members took refuge. But it didn't matter; the Greeks came in and slaughtered them.
Three thousand-odd years later, the term "Trojan horse [tuxedo.org]" has taken on a special meaning in tech jargon. Perhaps whichever marketing dweeb at Microsoft came up with the name "Palladium" for a security product should have paid more attention in that world literature class.
(As a side note, with this story in mind, using the brand name "Trojan" for security tool of a different sort [trojancondoms.com] is also ironic.)
The GPL applies to opening the SOURCE code. (Score:2)
They belong and should reside on development machines and on distribution servers which us MD5 to verify the veradicity of the sacrosanct code. Like they do now!
If M$ minions think that this will give them a lever to oust the Linux community, they'd better look again. If they think somebody will hand them the keys to the kingdom and say sure, you decide who we should trust, when nobody trusts them, they must be listening only to their own lawyers argue at the anti-trust trial.
The http protocols are open source. The whole infrastructure is open-source.
Unix/Linux servers number in the millions and serve over half the web.
There are 25,000,000 Mac OS 6..9.x and X users out there. There are 25,000,000 Unix and Linux boxes out there. As much as M$ might want to try, they can't balkanize the 'Net that way. There is NO posible excuse for suddenly locking out 50 million users.
Nobody's gonna buy it. The class-action lawsuits, the criminal investigations, will begin before we even have a total count of the clients, servers and hosts.
Too many systems would suddenly go missing for it to go unnoticed. You can't sneak this one under the radar and hope the Justice Department won't notice.
This is not something that businesses and politicians can rally around. Specially given the fact that it would be so fuckin' obvious that not even a lawyer could deny it. Well okay. Maybe a lawyer could deny it, they can deny that the earth goes around the sun, but getting a judge to buy that argument would be a real stretch.
That would launch an anti-trust suit by prople with serious weaponry since many the many police and military sites would suddenly become unreachable. And when these people don't trust you, they tend to shoot.
Redmond might not become a smoking crater but it would certainly become a ghost town.
Re: (Score:2)
Is a VIRTUAL MACHINE the answer??? (Score:2)
Within a virtual machine, you could run and store whatever file formats you want, and it would be transparent to the host operating system.
You could run one virtual machine or a host of them, depending on your needs or desires.
Stuff that comes to mind immediately is the Java VM and VMWARE. With both or those, the host operating system (and hardware) has NO idea what you're doing. In fact, I used to run Windows 2000 within a VMWARE session (under Linux) because that configuration was more stable than running Windows on the hardware alone.
This amounts to using Paladium precisely for what is was designed to do. The fact that you can run the world's largest trojan horse under it means nothing, for all it would see is a large program.
What Microsoft is forgetting... (Score:2)
But what was the easiest way attackers ever took down Troy?
The trojan horse.
how long.. (Score:2)
I don't think they can pull it off (Score:2)
The only sure winner in this scheme is Microsoft, and for that reason alone, the rest of the industry has to rally against it. If this ever comes to pass, I can think of more than a few software companies that I can short-sell as part of my "Palladium early retirement" plan.
Maybe that's how to kill Palladium. Have some geek-friendly organization develop the "Palladium 500", a list of 500 companies that may be hurt by Palladium, so as to trigger a short-selling festival if this nonsense ever gets off the ground. The mere existance of such a list would serve as a wake up call to those who are in a better position to help with the political and financial issues. Believe me, any CEO whose company is on a list of targeted short-sellers is going to scream loudly. Would you buy stock in a high-tech company if a bunch of geeks was preparing to sell short? The beauty of this plan is that no one has to actually short any of the stocks, the mere existance of a list would do the trick.
better transactions? (Score:2, Insightful)
I don't see what any of this has to do with people trusting the internet for transactions. How can I trust my transactions any more than I can trust it now with an SSL based system? Ok, so under Palladium I would know that my Netscape binary has been reviewed and was trusted. But I pretty much believe that already. That's not the reason people don't trust internet transactions.
One thing I find interesting about this proposal is that it requires some level of code review before release of any software. All source would need to be submitted to a third party to ensure that the code can be trusted. That sounds like quite a mess to me.
Devon
Send the industry a message, a petition (Score:2)
All users: business, personal, educational, etc. should sign a petition and affirm that they will adamantly refuse to do business with hardware and software companies that support this latest attempt at a Microsoft market stranglehold.
LET THE INDUSTRY KNOW CLEARLY THAT WE REJECT THIS AND IT WILL COST THEM DEARLY IF THEY SUPPORT IT.
I will be the first: Netgraft Corporation will NOT do business with any developers who produce hardware that supports Palladium, any distributor that sells Palladium-scheme hardware, any software vendor which utilizes Palladium hardware, and any company which does business on the Palladium platform.
If someone starts such a project to collect these names, please contact me.
Will the market put out a competitor.... (Score:2)
The downside of this would be that the incompatibility issues between MS and GPL would be magnified. However there are upside issues too. The consumer, when informed that their CDs won't let them make mp3s of the music they just bought would be more likely to move to a GPL solution. The CDs which are incompatible with GPL might become less desirable. EU companies, outside the authority of US legal issues could mine out a larger niche in the market.
In fact, I see a much larger role for EU in open source projects as a result of the short-sighted efforts of US legislation (patents, etc.).
Microsoft's win-win (Score:2, Insightful)
Re:on a more serious note (Score:2, Interesting)
Let's say, in my case Intel will lost 200-300 (all what's possible Intel) PCs yearly. but then again I'm only one. I will just move my bussines to first quality non-DRM platform (and if that's Apple than Apple it will be (god I'm proud I wanted my bussines as platform independant as possible)).
But to state my case more clearly, if there is 1000 resellers as I am, it will be a significant market loss. Anyone remember CPU number?
Re:Flattening (Score:3, Insightful)
The Fritz chip will prevent any non-[MS|RIAA|MPAA]-approved software from accessing a protected document. And in the Palladium/Fritz scheme, to get [MS|RIAA|MPAA] approval the application will not be allowed to have a useful "save" option.
Of course, maybe all you need is a single "buggy" but approved application to get around all this.
Another way would be to digitize the video or audio coming out of your PC, but after the MPAA makes owning or building unrestricted A/D converters illegal [eff.org] this won't be an option. (Except to those of us who know how to build A/D converters out of stone knives and bearskins and live in the underground economy).
Re:Damn Him (Score:2)
We've got our share of problems in NC, but please don't blame somebody else's on us too!