...they would realize they have the one thing everyone wants: eyeballs. Don't alienate those extra eyeballs, figure out how to better monetize them INDIRECTLY. Pandora and Spotify have paved the way. Even YouTube is setting a trend with how advertising can co-exist with streamed content. Have ad-free and ad-supported content. Let people share their account, but tie those shared accounts to ad-supported content. And, look, I get there are still challenges...I don't have all the answers to how to ensure it's a clean break between ad-free and ad-supported. But, if they rip the bandaid off and block sharing, watch the "subscribers" drop like a rock. And, loss of eyeballs/customers is something wall street does not respond kindly to.

Let's move the clock back again. That will show them!

Funny, the first stage of NASA communicating that we have, in fact, discovered life on other planets is to communicate the need for a methodology to communicate that we have, in fact, discovered life on other planets. This is because, the primary motivation to spend the time and energy (and money) to develop a methodology like this would be to experience an event that created an "oh shit" moment. For example: "oh shit, aliens exist. How do we communicate this? We need a methodology!"

We don't need "pills" when we will have microscopic robots that can battlebot bad bacteria and win every time.

Right now in existing operating systems, some sort of keyboard driver will translate the keystrokes coming down the wire into characters and pass it where it needs to be. Of course, anywhere between the driver and the keryboard can be compromised. You can tamper with the physical cable, between the cable and the keyboard port, or directly in the software.

Now imagine this scenerio to fight this:

The keyboard and OS are NGSCB (Microsoft's Next-Generation Secure Computing Base (NGSCB)) -aware.

They have been configured to work together. (Leave the discussion for HOW that happens another day)

The keyboard will ENCRYPT all keystrokes and ensure the integrity of the data with a message digest and send the secure payload to the OS.

The OS kernel driver for the keyboard receives the data. The keyboard driver is untrusted, and can do nothing with the data except drop it. Ok. Denial of service if this is a rogue driver. But nothing else can happen. No information disclosure. It can't read the information. A proper keyboard driver would see this special payload and transfer it to the trusted environment through the use of a secure conduit transport. (Microsoft calls their particular environment Nexus, and have easy to use API to accomplish this)

Here the trusted computing base can pass the payload to the proper secure driver, in this case a secure keyboard driver that can verify the integrity of the data and unencrypt it. It can then determine what information can be passed back to the untrusted kernel. Microsoft calls these drivers agents, or more commonly NCA. In the case of password management, they can verify passwords securely on the trusted side, and just pass back particular results to the untrusted side.

At this point... both software and hardware keystroke loggers become useless. They can do very little but record the encrypted payload. (Of course they could try to brute crack this.. but a good design would account for this). It's actually quite a neat design... except that you have to trust the "trusted code base". Of course, you don't HAVE to. You could replace Microsoft's Nexus with your own. And from my understanding they are making provisions for that in Longhorn. But should I trust you any more than Microsoft?

I am over simplifing this, but my point is that Trustworthy Computing is actually a good thing.