“Who should your computer take its orders from? Most people think their computers should obey them, not obey someone else. With a plan they call “trusted computing,” large media corporations (including the movie companies and record companies), together with computer companies such as Microsoft and Intel, are planning to make your computer obey them instead of you. Proprietary programs have included malicious features before, but this plan would make it universal.” Read RMS’ editorial at NewsForge.
RMS: Can you Trust your Computer?
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
46 Comments
Any government stupid enough to allow such machines to be sold in their country should be removed from office immediately for gross incompetence. To all intents and purposes, you would be simply handing control of your country to whoever controls the software/hardware (big US corporations in general). It would be like making a hole in your national security big enough to drive a sizeable moon through..
Rajan, you are seriously deluded if you think Palladium won’t be cracked. Everything can be cracked, it is only a matter of time. Having hardware support just makes things harder for the cracker, not impossible. But once its cracked, it’s cracked, and if you standardize on it, you’re screwed. That’s why it’s important to have a variety of security methods at all levels of the system, not just one “end all, be all” system like Palladium. As for MS coming through, I’ll believe it when I see it. “Initiatives” mean nothing without actual product. As for your examples, they are all half-baked. Windows is still a mediocre graphical OS, not on a par with the best that have come before it. Office still doesn’t have some of the innovative features (particularly with respect to document layout) that Corel had years ago. PocketPC still has a clunky UI in comparison to Palm (why do you think Palm PDA’s are STILL more popular?) Visual Studio still isn’t as good as Delphi, etc, etc. The list of (better) products that
Microsoft killed off and replaced with its own lines goes on towards infinity. Microsoft has killed entire product segments (like Office suites!) through it’s domination of the Windows platform, and people laziness in just accepting whatever came from Microsoft instead of doing their own research to pick the best products. Read some PC Magazines from the early 1990’s. You’ll see rafts of innovative products that no longer exist thanks to the status quo.
And please, nobody reply to me making comparisons between Office XP and WordPerfect 8! The two products are a generation apart, and if Microsoft hadn’t entrenched Office with bundling deals, who knows how good they would be today? They certainly were better than the equivilent MS products of the time! If the examples serve to show anything at all, it is just that Palladium might succeed only through Microsoft’s clout, rather than on its own merit as a security system.
Back on topic, the arguements that have been made in favor for Palladium as a security measure are just plain funny. Making things hardware based doesn’t serve to make the system unbreakable. Repeat after me: All security is breakable. Software makers have yet to design an unbreakable security system (even with hardware assistance, remember those dongles?) what makes you think Palladium will be the one?
As for Palladium and Linux, it’s highly unlikely. First, the Palladium technology is most likely patented. Using patented technology in a GPL program is extremely hairy without an extremely liberal license from the patent holder. What are the odds MS will do that? Every move it has made (with its EULAs) in recent history contradicts that possibility! Second, the whole idea of an “MS Linux” is frightening. Suddenly, an OS has to be “MS-approved” just so I can access content other people send me? Of course, MS can’t make Office “Palladium-only” as somebody suggested. But if the default is “Palladium-on, no restrictions,” and people are as customization-phobic as the OSNews forums would have me believe, most Word documents will suddenly become Palladium protected, though the user’s themselves might not notice, or if they do, they’ll be happy because there is “more security.”
Suddenly, being a Linux user is no longer only a mild adjustment, but an onerous burden that requires fighting with every single content provider you encounter!
Lastly, what’s with all the faith in Microsoft? It is just plain dumb not to look at a company’s past actions when evaluating their future plans. I’d be as happy as the next guy if Palladium turns out to be entirely harmless. But when has Microsoft ever made friendly gestures to the computing world? Where is that big “Shared Source” initiative that was announced when the DOJ was on its back? How come I can’t download the sourcecode to WinCE anymore (draconion license or not)? Where is the new, friendly behavior with PC makers (because the thing with Dell is just more of the same)? I’m not a corporation-hating maniac. NVIDIA, for example, is a company I have a lot of faith in. They make good products, at reasonable prices, is friendly to the “geek” community, actively supports Linux (and soon FreeBSD), and what faults they do have (closed source drivers) are entirely understandable given their situation. When NVIDIA announced the Cg project, I had no belief that they would try to take over the market, because
their past behavior in actively supporting OpenGL (they were the first major consumer manufacturer to ship a full OpenGL ICD, instead of a Quake mini-driver) told me they believed in open standards. Overall, I trust NVIDIA. How does Microsoft compare? What has Microsoft done to deserve our trust?
I use XP Pro and think it’s a great OS. I’m not a Microsoft basher. But, based on the record, I simply don’t trust them.
What do geeks do?
– they whine about the world on /.
– they sit around and are apathetic about politics
– they always choose comfort over conscience
– they let Microsoft exhibit at LinuxWorld
– they criticize Richard Stallman in a manner similar to Cipher criticizing Morpheus. Or the rabble criticizing Thomas Jefferson.
And …
– they build digital versions of the Nazi prison camps.
Geeks have chosen the path of the Sonderkommando and are betraying their own kind. Sonderkommandos was the name given to concentration camp prisoners whose job was to service the assembly lines of death. They did the dirty work of Auschtwitz.
The modern geeks do the dirty work of killing digital freedom.
Instead of being agents of liberty, freedom fighters, they are nothing but servants of evil.
Always looking for a little appreciation, the modern geek is the ideal slave.
There is no hope until the geek wakes up from the trance.
But that is the red pill? What will it take?
#p
Palladium won’t be forced on you. Yes. It won’t. You like Gentoo? Great! Go to BIOS, if you have a TCPA-enable motherboard, and switch it off! Simple, aint it? For sure, you won’t be able to run TCPA-only apps, or use TCPA/Palladium features in certain apps, but from your post – you don’t want them.
So to put it plainly: Unless you are a Windows user, it won’t be forced on you. For Windows, I suspect it would be optional until there is enough TCPA-enable machines to make a Palladium-only Windows.
Rayiner: I never said Palladium won’t be crack. I also never meant to imply that. Never. If I did, I’m sorry, cause that is not what I meant. Palladium is the software part of the TCPA, which makes it easier to update when a security flaw is found.
I’m not suggesting that Palladium is unbreakable. If it made by God, yes. If it is made by man, hell no it is not perfect. No man-made product would ever be. History, as our teacher, can tell us that no security meassure made by man is ever perfect. We would always leave one or more details, and by human nature, someone else would find them.
Windows is still a mediocre graphical OS, not on a par with the best that have come before it.
Big deal. Linux is the fastest growing altenative desktop OS (in terms of sales, mind you) and it doesn’t have a better UI as Windows. Windows first started to get marketshare because of the APIs (Win16 allowed you to write for both Windows and OS/2) and price (OEM pricing). Later on, because of its large and growing marketshare, it got a lot of apps other OS don’t have.
Office still doesn’t have some of the innovative features (particularly with respect to document layout) that Corel had years ago.
Which is why Corel controls a profitable niche in the word processing market. It is quite impossible for Microsoft to have the same document layout features as Corel as they would have to logically throw out their own ideas. But there are far more Office-only features Corel don’t have. (Besides WordPerfect is only picking up the pieces. Until recently, I wouldn’t consider it…. unless of course I was a WP user).
PocketPC still has a clunky UI in comparison to Palm (why do you think Palm PDA’s are STILL more popular?)
There are only two reasons why Palms are more popular.
1) Apps.
2) Price.
Figure it yourself. Personally, I think PocketPC is a better UI. May take a longer time to learn it, but after that it is faster to get around.
Visual Studio still isn’t as good as Delphi
That is very debatable. Personally, I don’t know (I never used either one before), but Borland lost a lot of marketshare to Microsoft when they started a (long) rewrite of some of their tools (namely Borland C++).
Microsoft has killed entire product segments (like Office suites!) through it’s domination of the Windows platform
You know that is untrue. First things first. Microsoft Office started to get a lot of market share when (then) it had almost all of the features of Lotus 1-2-3, WP and H Graphics, plus an extremely cheap price. The closest someone have got to Office’s featurebase is Sun’s StarOffice – which for me, someone who hardly uses Office – isn’t enough.
So name the “office suites” Microsoft killed. I can only think of two, SmartSuite (which was a terrible, terrible product) and gobeProductive (which hardly have any features). Perhaps you could enlighten me?
and people laziness in just accepting whatever came from Microsoft instead of doing their own research to pick the best products.
People’s laziness should never be blamed. The companies who doesn’t market properly never gets a large userbase. People want to know what they would get in return to buying a new product. They couldn’t care less about whether it is cool, whether it is fast -if they can’t do their work, they won’t even consider it.
Many companies failed because they have a mentality of “selling something I made, not making something to sell”. If they do “making something to sell”, they would succeed.
Read some PC Magazines from the early 1990’s. You’ll see rafts of innovative products that no longer exist thanks to the status quo.
You don’t have to go back that far. Just take magazines from last year or the year before. Sure, they are innovative products. A new idea. Something cool. If I don’t need it, why should I buy it? That’s the problem with many of these products, which is why IAs failed, Newtons failed, etc.
First, the Palladium technology is most likely patented. Using patented technology in a GPL program is extremely hairy without an extremely liberal license from the patent holder.
The only patent that doesn’t have a liberal license (or rather, the only patent known to us mere humans) is Microsoft’s DRM OS. Something that would be almost impossible to place into Linux without spending a lot of time in making GNU/Linux to carry DRM features.
HP is a supporter of Palladium, and with a sizable number of Linux customers, it is unlikely they would ignore it.
most Word documents will suddenly become Palladium protected, though the user’s themselves might not notice, or if they do, they’ll be happy because there is “more security.”
It would be the same as you recieving an encypted mail. If you can’t open it, you email back the person who sent it to send an unencrypted mail. The same case with Palladium.
It is just plain dumb not to look at a company’s past actions when evaluating their future plans.
It is also plain dumb to think they would repeat their actions when the DOJ is having a close eye on every move they make.
Where is that big “Shared Source” initiative that was announced when the DOJ was on its back?
It promise to the DOJ it would allow OEMs and ISVs to get certain portions of Windows sourcecode under the sharedsource license – not members of the public.
What has Microsoft done to deserve our trust?
Personally, I trust them enough to not bash them before any information about Palladium comes out. If it turns out to be true what you, RMS and the whole entire anti-MS world says – I’d be the first to leave Windows.
But right now, bashing Palladium before any information (I mean technical, not marketing) comes out, we have people bashing it already.
I believe Palladium is like IBM’s TCPA implementation into its computers. The big difference is that third parties can easily write support for it.
Visual Studio still isn’t as good as Delphi, etc, etc.
I haven’t tried to write Pascal code with Visual Studio.Net yet, so no comment there, but Visual Studio certainly provides better integration for multiple languages (Delphi Studio’s newest version allows use of C++ as well, but I’m not sure on the level of integration there).
Where is that big “Shared Source” initiative that was announced when the DOJ was on its back?
http://microsoft.com/licensing/sharedsource/default.asp
How come I can’t download the sourcecode to WinCE anymore (draconion license or not)?
I don’t know, did your browser break? There are a couple of different versions of Windows CE source code available from the shared source page, so I’m not sure why you can’t download it.
It’s a frightening thought.
Just imagine being able to track all dissent. The dissenter’s computer sends it to you automatically.
Microsoft and Intel have now become the greatest threat to freedom since Stalin. Stalin would have made these boys “Heroes of The Soviet Union” for such creativity.
Start screaming about it now – or in a few years it will be too late.
First, let me address ideology. Personally, I avoid proprietory software at all costs. Thanks to Linux and GNU (and thus RMS) I can run a 100% free software system. Now, regardless of your personaly ideology, I think you can agree that it is important to have a free software option, if only to maintain competition for proprietory software.
That said, I know a lot of people think that this is a paranoid reaction driven by pure MS-hating. While the reaction is most certainly driven by a dislike of Microsoft, I’d argue that it is neither undeserved nor paranoid. Microsoft does have a history of trying to control everything within the personal computer software market. This happened with media (Windows Media Player), web browsers (Internet Explorer), office suites (MS Office), 3D (Direct3D), etc. Whether or not this was good for users is a matter of personal opinion (after all, most of the above products *are* better then their competitors). The point is that they all allowed Microsoft to gain more control over the computing market. It is rather difficult to argue that this was an unintended by-product. Desire for domination was at least one factor, if not the only one, that led to the development of all these products. The aggressive stance Microsoft took with PC makers shipping alternative OSs (most recently against Dell), and it’s GPL-bashing with the SMB protocol documentation (among other things), only supports that conclusion. Now to the paranoid part. One can hardly say that it is paranoid to believe that Palladium is just another attempt for Microsoft to gain more control. It is just a sensible look at the history of the company’s projects. Sure Palladium has more uses than just control, but again, it is undoutedly a factor, arguably a major one.
That said, what is the danger in Palladium? The most common reaction, that Palladium hardware might dissallow running alternative OSs is unreasonable and only serves to lend credence to the pro-Palladium forces. Clearly, having Palladium hardware not run Linux will bring the whole antitrust issue back into the forefront, because it is a clear and direct abuse of Microsoft’s monopoly status. The more likely scenario is that Microsoft will use Palladium to keep Linux or other OSs from being viable alternatives. Today, for a certain class of users, Linux is a very viable alternative to Windows. With my Linux machine, I can do everything I do in Windows, including seamlessly interoperating with the thousands of Windows machines on my campus network. I can read Windows file formats, access Windows-oriented websites, use hardware that was only designed with Windows in mind. The danger of Palladium is that it could remove alternative OS’s greatest strength: interoperability. If alternative OSs could suddenly no longer access the huge amount of Windows-oriented content, they would no longer be viable alternatives for most people. Palladium is the only way Microsoft can do this. Closed file formats won’t work, people either reverse-engineer them, or simply standardize on open ones. Think MP3, PDF, XML, etc. Palladium offers a solution. With Palladium, Microsoft can close up any file format, but attaching to it Palladium security. What if all future Word documents were all Palladium protected? Windows user’s wouldn’t notice anything (and most likely wouldn’t turn off the feature) but Linux user’s would suddenly find they cannot read the file, even they their programs can read the format. Now imagine that all other Microsoft program’s do this as well. Imagine Palladium-proteced pictures from Grandma, PDF forms from corporate HQ, training videos from the school’s science department. It could even propogate to the Internet. Imagine needing Palladium to log into your online banking page or to participate in an online auction. Without enabling Palladium in Linux (which is of dubious legality) or cracking the protection (which is just plain illegal) Linux users could be cut off from a huge amount of content, in the name of “security.” Suddenly, only people who don’t need to access external content can use Linux, instantly eliminating it as a possible competitor to Windows.
Now, one could still say that Palladium will not have such a large scope. It will only be used for content that absolutely needs protection, like media files and secure documents. Even then it’s not a moral technology. Why should Microsoft decide that I, as a Linux user, am not worthy of buying MP3s online or reading secure documents from business partners? And why do I need Palladium to do either? Last time I checked, good ole RSA encryption was plenty good for these uses, and if you’ve got a hacker that can break RSA, they sure as hell can break Palladium.
Now, you’re left with the following: Palladium is a technology that has a very real power of killing alternative OSs. It’s not a given that it will be used in that way, but it certainly has the power of being used in that way. Now, when you have such a powerful weapon lying around, do you honestly want Microsoft to be the one with their finger on the trigger?
I certainly hope no one who supports Stallman’s view of the world ever complains about FUD from Microsoft because Stallman’s article is FUD defined.
The reason why MS and Intel aren’t threats to freedom is because there are and have always been alternatives (Mac, OS/2, Unix, etc.). For Stallman that isn’t enough. He doesn’t want you to have the choice to select MS software and/or Intel hardware.
Stallman reminds me of the leader of North Korean…definitely out of touch with reality.
Corporations will often try to leverage their market power in bizarre ways but there is no guarantee that they can maintain such power. So long as the government doesn’t mandate ONE operating system or ONE chip provider there will always be choice and thus limits to what MS/Intel/etc. can do.
Grow up and stop whining!
I found this article provided the general hindsight and information others need to pay attention before too late. As his point regarding GPG, I think it’s indeed essential and important to understand in terms of security point of view. In a real world, there’s no police forces I have known who can prevent all sort of crimes or solve all the cases. In other examples such as military, again resourceful doesn’t mean sure winning either. The morale of all of this is I don’t think we should let the corporate to overtake ALL the task of computer security for all of us. Microsoft could have made popular and easy to use OS, but if she wanted to transform into a business of providing computer and network security and yet to maintain this big and wide exposure, I don’t think she could make it, nor should we seriously trust “security” into any one particular party – this is the morale of prudence in adopting security measures I believe.
I hope you realise that Microsoft are the FUD kings. If they want you to buy their product (say Office) not another one (OpenOffice.org), they will make you dread the day you thought of leaving MS’s clutches.
I haven’t always followed RMS’s followings, but with Palladium coming in the not so distant future, where is your freedom.
I don’t live in the US (I live in New Zealand). But I know that the US constitution is based on individuals rights. If those rights are taken away from you by any means, that is considered breaking your constitutional rights. If the companies can get away with this, the constitution in which you, your friends and your workmates live under in now invalid.
I am all in for freedom. If you don’t have freedom of choice, what do you have?
He might be saying the best thing in the world, but he comes across really baddly, very much “i’m better than you, your all wrong, worsh my idealogy, and thus me!”.
I’m sorry, but I just can’t stomach more than a few paragraths before I turn off, and/or turns me away from his views.
I really with the open source movement could get someone with a more marketable manner on board, RMS is a pain and Linus, while I’m sure a great programmer is very very dull.
He is just taking the opportunity to bash propreitory software and promote Free Software. He speaks of Palladium and LaGrande as if he knows what would happen. Firstly, DRM would only be used to protect DRM-media and DRM-software for copyright protection. You can avoid it: Don’t buy such software and music and videos. It is not like the companies planning to use these features doesn’t have their own copyright protection schemes. What would change is that it is virtually unbreakable.
So, RMS, for crying out load, if such a senario as you mention does happen, be my guess, write articles like these. But don’t take cheapshots against closed source software. After all, if they ceased to exist – what are you going to clone next?
I don’t know about DRM, but Palladium did provide a way to control what can a computer do by IDing your PC with the Palladium chip. In e-commerce transaction and other circumstances, they can just refuse to allow you to connect since your computer is ‘not secure’ enough. Unless there are other means to assure such computer ID scheme is not controlled only by a particular corporate interest groups. I think there are still risks here.
I don’t know about DRM, but Palladium did provide a way to control what a can computer do by IDing your PC with the Palladium chip. In e-commerce transaction and other circumstances, they can just refuse to allow you to connect since your computer is ‘not secure’ enough. Unless there are other means to assure such computer ID scheme is not controlled only by a particular corporate interest groups. I think there are still risks here.
I don’t know about DRM, but Palladium did provide a way to control what a can computer do by IDing your PC with the Palladium chip. In e-commerce transaction and other circumstances, they can just refuse to allow you to connect since your computer is ‘not secure’ enough. Unless there are other means to assure such computer ID scheme is not controlled only by a particular corporate interest groups. I think there are still risks here.
Sorry it was a mistake, I thought the page is not loading and hence click the submit button couple times, please feel free to delete the redundant posts. Sorry about that again.
Microsoft and Intel have now become the greatest threat to freedom… I can’t possibly quote any more.
That’s about the most appalling statement I’ve read on this site.
To be very generous, pretend that you are undecided on Palladium. To which side of the issue would this kind of rhetoric push you?
Yours truly,
Jeffrey Boulier
I would think about your statements of how Palladium would only be used to protect MP3s and other media. History shows us that Microsoft’s intentions are almost never as clear as they seem to be. Like I said, it is within the power of Palladium, if it becomes popular, to kill Linux. Do you trust Microsoft not to do it?
That said, Palladium is a stupid idea to begin with. First, it’s not “virtually unbreakable.” First, it’s Microsoft’s. That’s not trolling, it’s simpley looking back at history. Microsoft’s track record with security is terrible. Still is. Their protections in the XBox were cracked in a week! If you hired a plumber, and he flooded your house, would you hire him again? Odds are that Palladium gets cracked in a month, two tops. Second, a large part of it’s design involves delivering secured data to an unsecure endpoint (the user). It’s impossible from a security point of view. It’s hard enough communicating between two secure endpoints! Once the system is broken, it’s only takes one warezer to package the app into a GUI grandma could use. The only way to get a decent amount of security in distributing online media is through multiple, varied protection mechanisms. If you have lots of them, then there is a very good chance that many of them won’t be broken (there are only so many people with this skill) and that a good percentage of your media will be secure. Standardizing on one method just makes less work for the crackers. Third, it’s unecessary. Palladium’s features break into three catagories:
1) The hopeless: Virus protection falls into this catagory. The only way to properly protect against viruses is to build security throughout the system, at all levels. Having one “virtually unbreakable” barrier (ala Palladium) only makes it easier for the virus writer to muck with the system once he breaks it. Take a look at Linux viruses vs Windows viruses. Windows has a lot, Linux has almost none. And the “more people use Windows” arguement doesn’t hold water, because a large percentage of servers use Linux, and the “incentive” in the server arena is much larger for the virus writer.
2) The impossible: DRM falls here. If you don’t trust the endpoint of a secured transaction, then no security will help you. If it isn’t a law of physics, it should be.
3) The redundent: Document protection falls here. There are a ton of good security models out there, so why another one? They all can be broken, just like Palladium can be broken. And those other models don’t have the high-profile required to get crackers working on it
It is valid, very valid (even thou. I agree Linux is more secure than windows) as System Admins (the only people running Linux servers)
a) Don’t run random applications
Normal users do, they get sent an email with an attachment, they’ll run it.
b) Have it tightly secured
This is much more than a normal users “runs some firewall downloaded from some warez site” and if it is that bad, they should be fired
I’m talking more about Linux servers vs Windows servers. Of course, the sysadmin does enter into the equation. UNIX admins tend to be older and more experienced than Windows admins, at least at this moment in time.
NIX admins tend to be older and more experienced than Windows admins, at least at this moment in time.
—
And if anything like me, willing to smack a person around the head for doing something stupid.
The computer is as secure as you want to make it. As I have said, one cannot avoid learning how to use a computer so that you know how to use it properly. Yes, this is directed at Eugenia Loli-Queru who considers that “usability” is the cure to all the world problems.
Sorry Eugenia Loli-Queru, but at the end of the day, if one doesn’t know basic computer, fundamentals usability isn’t going to help you when Joe Hacker or Pete Script-kiddie sends you a script.
You spend $NZ3000 on a computer, why not pick up 3 books and actually learn how to utilise the computer in the most efficient manor? learning a computer is NOT hard, it is whether you have the determination and a positive attitude that determines the success of failure.
No mp3, no divx, no opensource, no root, no privacy, backdoors for the NSA etc. Selling non-TCPA computer will be illigal in the USA. ( 500k and 5 years in prison)
I just hope europe will ban TCPA as illegal. With our more liberal laws it hopefully cant go to together. Otherwise M$ will be able to shut off whole countries by not granting them to use THEIR computers. We all will be fucked!
Inform yourself!
First off Paladium will not stop alternative OSes. In fact its quite likely there will be a Palladium compliant Linux OS. HP might very well make this product. The idea of Palladium is not to kill off other OSes its to replace the television with the PC as the center of the home entertainment universe. Microsoft does not want to be the only vendor having Palladium support; hech they themselves might even release a Palladium compliant Linux if they had to.
Second the argument that the security model isn’t good is quite false. The security model is about as strong as security models get for OSes with simple filesystems. If you consider Unix security good then Palladium security will be excellent. The main problem is going to be adoption syncing issues. Lets take your virus example. In a Palladium secure environment an unsighned app can’t run, except in a sandbox, ever. The virus can’t do any damage because it can’t access anything outside its sandbox; which means it can’t get to system files. If the virus manages to run in an unsecure mode the applications won’t have matching digital signatures and so once the user reloads back into the Palladium secure mode his system won’t run. Even the “email virus” that send out copies using your address book won’t work if the address book is secured since the sandbox won’t have access to the address book.
RMS’s editorial is quite correct. The problems with Palladium are much more on the political end then the technical end.
But the corporate world will decide the future, no matter how much individuals scream in protest. Bill Gates is a mongrel who continually outdoes himself at his own dirty shameless game, we all see that, but corporations don’t care about this as much as we do.
Sun has already proven that the corporate marketplace is suspicious of anything that is free.
Computing is not a bunch of people at OSNews sitting around and fearing the end of the world as we know it. With that pretext, computing would never have got off the ground.
Computing needs military cash, and then corporate cash. What a few people at OSNews say or think does not matter in the final analysis.
What would make a difference is if the corporate world could be brought to see the importance of stopping projects like these latest by Bill and Intel, and there individuals sitting and reading forums at OSNews might make a difference.
It won’t matter one iota if you can’t put a price tag on it for corporations. That’s the only language they speak.
First, it’s not “virtually unbreakable.” First, it’s Microsoft’s. That’s not trolling, it’s simpley looking back at history. Microsoft’s track record with security is terrible. Still is.
Palladium recieves hardware help, and that alone makes it more secure. Plus the added fact with laws in the USA making circumventing Palladium (think DMCA), and laws currently in the EU parliments – there goes any hope of it being broken.
Plus, history shouldn’t be used as a benchmark for security in this case. Why? Microsoft had commited itself in making their products secure. And everytime they commit themselves to something, it always come through. For example, Internet. If in 1993 or 1994, someone would say on Usenet that Microsoft would dominate the Internet, everyone would laugh you off Usenet. In 1985 if you said that Microsoft would be the most used graphical OS – again, you would be laugh off Usenet. If in that timeframe always you would say Microsoft would dominate the spreadsheet, word processing, and presentation software market – guess what would they do at you? Laugh. Yet another example, Windows CE – when first released, no one really thought it would break Palm’s grip of the market.
Their protections in the XBox were cracked in a week!
Yes, when was XBox release? Before Bill Gates announce the Trustworthy Computing campaign.
Take a look at Linux viruses vs Windows viruses. Windows has a lot, Linux has almost none. And the “more people use Windows” arguement doesn’t hold water, because a large percentage of servers use Linux, and the “incentive” in the server arena is much larger for the virus writer.
First of all, viruses are more common in the desktop arena, where Microsoft have a monopoly of the market, with more than 90% of the market. No sane virus writer would write for Linux because of its puny market share.
Then comes to the point of servers and whoever that is using Linux as a desktop now. They are all technical users. Not a bunch of grandmas and grandpas and ignorant teenage girls – they are technical users. They know about security, how to handle them. Now, if tommorrow Linux gets 90% of the desktop market, you bet you would see viruses right, left and center.
Also, the lack of viruses for Linux comes from the fact that it uses mainly Apache, instead of the horrid piece of crap called IIS. IIS was designed from ground up without any security in mind. Nadda, none whatsoever.
2) The impossible: DRM falls here. If you don’t trust the endpoint of a secured transaction, then no security will help you. If it isn’t a law of physics, it should be
How can it be a law of physics? Maybe pyschology, but physics?
On twarting Linux. Palladium would be used for transfering a document from one Palladium computer to another. This is like encryption, only the intended audience can view it. If a person is smart enough to know that you don’t have Palladium (they obviously would), it would be almost a piece of cake to send a document without Palladium or a person with a non-Palladium enable computer. If you like to see how is this like, buy a IBM laptop and study it. Now just imagine it to be faster and better, being integrated into the OS.
Besides, if Microsoft does dare to make Office documents Palladium-only, say hello to the DOJ. Also, I’m quite sure Microsoft wants anybody to take away some market share so they would get less than 70% of the market share – no more antitrust problems. If they manage to do this, they would obviously twart the growth of Linux and does remain as a monopoly – not really a spot they like to stay with.
So stop being paranoid. If what RMS says is true, I would be the first one dumping Windows and Office and moving to Linux fulltime.
Is that he is trying to convince the layman on the advantages of free software, where to the layman there really isn’t any advantage at all.
His purpose to begin with was to rebuild his software-sharing community. He has, of course, succeeded in this endeaver. But now he is trying to advocate this philosophy to people who simply don’t care about software at all.
If I was him, I’d look into my beliefs and find out what makes sense to this larger community. Knowing what I do on his philosophy, I’d begin a new movement–one better suited to the way things are today. Call it Independent Software or Autonomous Software or whatever you’d like. Advocate, instead, software that you can buy from business A and get fixed by business B and get support from business C. I don’t see any truer meaning of free software.
But until then, he’s going to continue to sound nutty which isn’t specifically his fault but rather a side-effect of trying to fit the square into the round hole.
G0tt: There is a law in the USA that makes TCPA mandatory? I though the Congress threw it out? Besides, Europe is considering a law tougher than the DMCA, I doubt they would ban TCPA. TCPA in its nature is quite good. In fact, nobody would badmouth it if Microsoft didn’t support it, because to the geek crowd, “Microsoft=bad. If TCPA have Microsoft, TCPA=bad”
Many Windows sysadmins probably know less than that nerd in high school. When the IT/dotcom boom came into place, many people instantly took on computer-related jobs. One of them is sysadmins. And since at the time the boom started, Windows was the king of the low end server market (a position quickly being brought down by Linux), it is looked upon as less secure as Linux.
But if you give me Windows 2000 Server, I can make it as secure as a secure Linux box. Firstly, I would dump IIS, and for the clients, dump Internet Explorer (hiding it, mind you), and Outlook/Outlook Express. Replacing it with other stuff. Then I would use Oracle instead of Exchange. Then do a thousand other steps of closing ports and closing compromized components. Plus keep it well patched (which involves a lot of reboots, which is why for now, I would rather stick with Linux or BSD).
Not to say that couldn’t be done.
But doesn’t the approach just seem wrong. Take an insecure (or less secure) system and patch it and remove/hide stuff until its more secure.
I think many *nix distros fall into this idea too. It seems to make far more sense if you want genuine security to start from scratch and add whats needed.
I don’t think the UK would allow this technology because the government is busy kitting out it’s departments with Linux machines as we speak!
“The idea of Palladium is not to kill off other OSes its to
replace the television with the PC as the center of the home
entertainment
universe.”
That is the key point. One use of computers is as an entertainment
box. The RIAA thinks that is all they are used for.
These security measures are all designed to prevent users from
pirating entertainment data.
The problem is that the measures being developed may prevent us from
using computers for traditional computer applications – reseaech,
artistic/musical creation, word processing, etc. All computer users
are being targetted because of the growth of the “home computer”
market.
The other thing to remember is that the XBox is only the first
Microsoft home computer. That line will surely be developed into a
range of secure home computers and set-top boxes which are designed to
run only Microsoft programs and licensed data.
>The reason why MS and Intel aren’t threats to freedom is >because there are and have always been alternatives (Mac, >OS/2, Unix, etc.)
There are MANY that havn’t even heard of those alternatives,
and in many ways MS will do its best to force you to use their stuff, or prohibit you from use anything else.
That plus the fact that you get very little info on whats
going on inside your computer, at the very least “common people” with little compupter backgrounds will not know what this means to them.
That makes this a bad thing.
This is the logical evolution of capitalist consumerism. Companies want consumers to perpetually consume, to do this they have to control the content that originated with them. DRM and palladium make sure they can control where, when and for how long you have access to “their” content.
Now think about this : in the long term you will probably never again be able to own an (e)book, a piece of music, etc. A corporation will licence it to you under their terms. This is currently already the case with software, although noone has paid any attention because it is still relatively unenforcable.
Practically this comes down to scrapping the right of ownership, a right garanteed by every democracy. This just shows where the REAL power is today.
that is really it – that you don’t own anything anymore, you just license the right to use it.
What is “fair use” of something you don’t own? What if the license says that the owners can redefine the license at any time? What are your rights?
Maybe we ought to compaign to consume only what we own
First off Paladium will not stop alternative OSes. In fact its quite likely there will be a Palladium compliant Linux OS. HP might very well make this product. The idea of Palladium is not to kill off other OSes its to replace the television with the PC as the center of the home entertainment universe. Microsoft does not want to be the only vendor having Palladium support; hech they themselves might even release a Palladium compliant Linux if they had to.
You just don’t get it do you?
This is not about whether or not we’ll be able to run Linux, but about them taking away our freedom to run whatever we wan’t on our own computers. I wouldn’t buy a Palladium Linux from anybody. I use Gentoo, and I love the fact that I can customize every thing, including making my own kernel. All of this will be impossible should Palladium ever be forced upon us. So you see this is not just about Linux but about something much bigger and important: Our freedom.
Free software DOES have advantages for the layman:
1. The software can survive (e.g. Sorcerer Linux) even if the original author decides not to maintain it anymore.
2. As mentioned in RMS’s article, any malicious features will be detected, maybe not by the layman, but there will be other developers looking at the code.
3. You can install the software on any machine you like and use it for any purpose you want.
I am not a fan of Stallman in general…
but this time i think he is completely right
whether it be bsd or solaris or windows or qnx or linux or amiga or whatever i might happen to run…(insert favorite os here)
one big issue is having control over my machine…
i just do ~not~ want companies doing that for me
that doesnt make computing “trusted” it makes it as untrustworthy as it gets… besides maybe posting your root password on a script kiddie site and leaving a telnet daemon running unlogged
its NOT a proprietary vs open source issue… its a “get the @#$%^$ out of my computer” issue
i should have said “STAY the #$^#$$ out” not “GET the $%^$$^ out” as it hasnt arrived yet…
It’s amazing to read the confident assertions here about what Palladium is and isn’t, what it does and does not allow.
It is impossible to say “Palladium will allow you to create un-secured documents, emails, etc” for example – It seems likely that v1.0 will, but we do not know that.
Palladium is a scary concept, that’s all I know – and all any of us know.
Look at this!
http://www.cypherpunks.to/TCPA_DEFCON_10.pdf
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
http://www.heise.de/ct/02/22/204/“ rel=”nofollow”>http://translate.google.com/translate?hl=en&u=