![]() | This page is an archive of past discussions. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page. |
This page is an archive of previous discussion held at Talk:Palladium operating system (which has now been moved to Talk:Next-Generation Secure Computing Base). See that page for current discussion. Note also that this is not a forum for discussing the technology itself, only the Wikipedia article about it.
Opponents of this idea regard this is an ironic development, as Microsoft has a famously poor record in software security, with weaknesses in the security stance of their existing software being one of the prime causes of computer insecurity. One of Palladium's developers, Paul England is quoted by MSNBC as saying "I firmly believe we will be shipping with bugs".
Opponents of Microsoft's Palladium initiative characterise it as an attempt by Microsoft to close the PC architecture, thus entrenching Microsoft's monopoly in PC operating systems into monopoly control of the entire PC industry, both hardware and software. In addition, Microsoft would also be in a position to control the market for digital rights management, and would effectively control the digital entertainment and publishing markets.
Whilst it would appear inconcievable that the PC and entertainment industries would accept this state of affairs, it is possible that Microsoft will succeed in forcing the PC industry to adopt the Palladium technology, using its marketing muscle and leveraging its existing monopoly in desktop operating systems. This could occur because of the competitive advantage that Palladium could offer to existing hardware incumbents, who might believe that they can use it to "lock in" their current dominant position in the hardware market. However, they could pay a high price for entrenching their position, by becoming dependent on Microsoft for the necessary licensing IP needed for access to the new PC market.
The entertainment industry would then have little choice but to go with Microsoft's initiative.
A Microsoft employee is on record as suggesting that the adoption of Palladium or similar technologies would have to be compulsory to be effective: see Ross Anderson's FAQ for details. The only way that this could be accomplished would be by making the adoption of Palladium-type technologies compulsory. This would have the effect of forbidding the sale of general-purpose computers.
Palladium puts the security chip in control of your computer. The controller of the security chip now has, if they desire, absolute control over everything that goes on in your computer, and access to all the information that it contains.
Microsoft already appears to be willing to take over control of its users' computers. Microsoft is reported as having already changed their EULA for their existing operating systems to allow them to install any software that they may wish on your computer, at any time. (This relates to the EULA for the 2002 security patch update for Windows Media Player: see the Register story cited below).
For years people have criticized Microsoft for inadequate security engineering. Now that they are engaged in a major effort to address this deficiency, including Palladium, they are being criticized for doing that, too.
Palladium is a completely voluntary system. Each user is free to enable the Palladium technology or not. If they choose to turn it on, it is because this provides access to content and services which are valuable to the users.
Palladium, contrary to some early rumors, does not limit itself to code signed by a centralized body like Microsoft. Instead, each application developer can set up its own key that will be used to authenticate versions of that application that are running on remote machines. In this way there are no limitations on access to Palladium technology. Every developer, from the largest to the smallest, can set up its own trusted applications without needing permission from Microsoft or anyone.
The key technical enhancement of Palladium is that trusted apps can run side by side with legacy ones. The trusted apps run in the "curtained memory" of the system and are immune to being observed or altered by any other software. Trusted apps can then use hardware encryption to save data on the disk such that no other applications can decrypt it. This allows Palladium to retain full backwards compatibility with existing Windows applications. There is no need to reboot or limit the other software that the user runs, in order to use Palladium features.
There are a number of uses for Palladium which will empower end users at the expense of centralized bureaucracies. Recently several researchers pointed out that Palladlium could increase the security of P2P file sharing networks, making it harder for copyright owners to inspect the data flowing through the network and attack it.
See this article for a detailed proposal on how Palladium can support P2P file exchange systems. The authors show how Palladium technology "can be employed to better protect pirates and their peer-to-peer distribution networks from the entertainment industry."
Other possible applications include online games, where the use of cheating client software can be detected and eliminated, and auction systems, where "sniping" and similar antisocial behavior can be limited. MKWilliams
Microsoft plans to release the Palladium micro-kernel, known as the Nexus or the Nub, in source code form. This will allow people to confirm that Palladium works as claimed, and use the "many eyes" principle to improve the security and reliability of the Palladium system.
Quick rebuttals to some of the anti-Palladium points above:
Palladium is a decentralized system which allows each content developer to set up their own "sphere of influence" independent of the othes. Microsoft has indicated that access to Palladium technology will be freely available. This does not allow them to monopolize DRM technology, rather each developer can use Palladium to create their own DRM system and rules.
So what does Microsoft gain? Simple: they sell more versions of Windows if PCs are used more widely. Palladium will allow content companies to set up software systems that let them distribute movies, music, video, ebooks and other content across the net, while retaining control over copying and redistribution.
There is no need to make Palladium compulsory in order for its benefits to be widespread and effective. Since the software will be built into the Longhorn operating system, with the hardware crypto chip being installed in the next generation of PCs, most users will automatically have access to this technology. Then, content companies need only require users to enable Palladium in order to get access to free trials and low cost downloads of high value content. Users will voluntarily utilize Palladium technology simply because doing so makes their computers so much more useful and valuable. There is no need whatsoever for mandates and compulsion.
Contrary to claims, the security chip does not have control over your computer. Its functionality is limited to generating a key internally, then taking a hash of software as it loads into memory, and reporting that hash remotely, signed with its crypto key. It can also perform other crypto functions on request. This is about as far from "absolute control" as you can get!
The page is actually not too bad so far as its facts go, it is the tone of it that violates neutrality. I'll go through and read it over more carefully later on (if I remember) but my initial impression is that it just needs to be rephrased so that it is more encyclopediac in style. Tannin 00:59 May 12, 2003 (UTC)
Yeah, I'm going to flag this for an NPOV dispute. While I agree that this is an attempt by Microsoft to completely dominate the industry, the article spends too much time bashing the idea and not enough time talking about the positive aspects (if any). CHz 10/21/03, 2:47 PM PST
I propose to remove the lengthy discussion under "Functionality of TCPA/NGSCB" on the main page which describes a mistaken understanding of how Palladium would work, involving only loading a signed OS, etc. Also I propose to remove the response to this under "Criticism" which is no longer relevant since that description was mistaken. I will leave the accurate Functionality description (the first part of that section) as it is correct. Any objections? MKWilliams 20:29, 4 Dec 2003 (UTC)
Okay, I took out the old description, and left in only those entries in Criticism which made sense in the context of the accurate description. MKWilliams 18:33, 10 Jan 2004 (UTC)
Clearly there is a lot of difference in opinion over what exactly Palladium/TCPA/NGSCB (hereinafter abbreviated to PTN) will do, which seems to fit into two camps:
Perhaps someone can provide a list of what PTN actually does, so that a) the article can be amended and b) this functionality can be examined and, if necessary, criticised.
Daveryan 14:22, 4 Jan 2004 (UTC)
Actually, neither of these is correct. See the main page for how it actually works. There is no signing of the OS or of programs. Rather, a crypto hash is taken of each software component as it loads into memory, via secure hardware. That hash can then be used to lock/unlock (encrypt) data or to securely validate the software configuration to a remote machine.
MKWilliams 18:29, 10 Jan 2004 (UTC)
As the article correctly states, the NG-SCB was previously known as Palladium - so shouldn't it be moved to Next Generation Secure Computing Base. It's a pain to type, but we can have any number of redirects. Given that I don't have time to read through the whole debate on this page and get involved in any other way, I won't just do it, but I thought I'd bring it up anyway. - IMSoP 15:40, 11 May 2004 (UTC)
I second that proposal. Edward Grefenstette 14:47, 9 Dec 2004 (UTC)
The link to this page was an NPOV dispute message. What exactly does discussing the pros and cons of NG-SCB (both of which are given equal prominence in the 'disputed' article) have to do with NPOV? About as much as Bill Gates has to do with selling strawberries! Removed the NPOV dispute autolink, replaced it with a 'see also' (since nobody seems to be disputing the neutrality anymore, but still talking about the subject itself).
![]() | This page is an archive of past discussions. Do not edit the contents of this page. If you wish to start a new discussion or revive an old one, please do so on the current talk page. |
This page is an archive of previous discussion held at Talk:Palladium operating system (which has now been moved to Talk:Next-Generation Secure Computing Base). See that page for current discussion. Note also that this is not a forum for discussing the technology itself, only the Wikipedia article about it.
Opponents of this idea regard this is an ironic development, as Microsoft has a famously poor record in software security, with weaknesses in the security stance of their existing software being one of the prime causes of computer insecurity. One of Palladium's developers, Paul England is quoted by MSNBC as saying "I firmly believe we will be shipping with bugs".
Opponents of Microsoft's Palladium initiative characterise it as an attempt by Microsoft to close the PC architecture, thus entrenching Microsoft's monopoly in PC operating systems into monopoly control of the entire PC industry, both hardware and software. In addition, Microsoft would also be in a position to control the market for digital rights management, and would effectively control the digital entertainment and publishing markets.
Whilst it would appear inconcievable that the PC and entertainment industries would accept this state of affairs, it is possible that Microsoft will succeed in forcing the PC industry to adopt the Palladium technology, using its marketing muscle and leveraging its existing monopoly in desktop operating systems. This could occur because of the competitive advantage that Palladium could offer to existing hardware incumbents, who might believe that they can use it to "lock in" their current dominant position in the hardware market. However, they could pay a high price for entrenching their position, by becoming dependent on Microsoft for the necessary licensing IP needed for access to the new PC market.
The entertainment industry would then have little choice but to go with Microsoft's initiative.
A Microsoft employee is on record as suggesting that the adoption of Palladium or similar technologies would have to be compulsory to be effective: see Ross Anderson's FAQ for details. The only way that this could be accomplished would be by making the adoption of Palladium-type technologies compulsory. This would have the effect of forbidding the sale of general-purpose computers.
Palladium puts the security chip in control of your computer. The controller of the security chip now has, if they desire, absolute control over everything that goes on in your computer, and access to all the information that it contains.
Microsoft already appears to be willing to take over control of its users' computers. Microsoft is reported as having already changed their EULA for their existing operating systems to allow them to install any software that they may wish on your computer, at any time. (This relates to the EULA for the 2002 security patch update for Windows Media Player: see the Register story cited below).
For years people have criticized Microsoft for inadequate security engineering. Now that they are engaged in a major effort to address this deficiency, including Palladium, they are being criticized for doing that, too.
Palladium is a completely voluntary system. Each user is free to enable the Palladium technology or not. If they choose to turn it on, it is because this provides access to content and services which are valuable to the users.
Palladium, contrary to some early rumors, does not limit itself to code signed by a centralized body like Microsoft. Instead, each application developer can set up its own key that will be used to authenticate versions of that application that are running on remote machines. In this way there are no limitations on access to Palladium technology. Every developer, from the largest to the smallest, can set up its own trusted applications without needing permission from Microsoft or anyone.
The key technical enhancement of Palladium is that trusted apps can run side by side with legacy ones. The trusted apps run in the "curtained memory" of the system and are immune to being observed or altered by any other software. Trusted apps can then use hardware encryption to save data on the disk such that no other applications can decrypt it. This allows Palladium to retain full backwards compatibility with existing Windows applications. There is no need to reboot or limit the other software that the user runs, in order to use Palladium features.
There are a number of uses for Palladium which will empower end users at the expense of centralized bureaucracies. Recently several researchers pointed out that Palladlium could increase the security of P2P file sharing networks, making it harder for copyright owners to inspect the data flowing through the network and attack it.
See this article for a detailed proposal on how Palladium can support P2P file exchange systems. The authors show how Palladium technology "can be employed to better protect pirates and their peer-to-peer distribution networks from the entertainment industry."
Other possible applications include online games, where the use of cheating client software can be detected and eliminated, and auction systems, where "sniping" and similar antisocial behavior can be limited. MKWilliams
Microsoft plans to release the Palladium micro-kernel, known as the Nexus or the Nub, in source code form. This will allow people to confirm that Palladium works as claimed, and use the "many eyes" principle to improve the security and reliability of the Palladium system.
Quick rebuttals to some of the anti-Palladium points above:
Palladium is a decentralized system which allows each content developer to set up their own "sphere of influence" independent of the othes. Microsoft has indicated that access to Palladium technology will be freely available. This does not allow them to monopolize DRM technology, rather each developer can use Palladium to create their own DRM system and rules.
So what does Microsoft gain? Simple: they sell more versions of Windows if PCs are used more widely. Palladium will allow content companies to set up software systems that let them distribute movies, music, video, ebooks and other content across the net, while retaining control over copying and redistribution.
There is no need to make Palladium compulsory in order for its benefits to be widespread and effective. Since the software will be built into the Longhorn operating system, with the hardware crypto chip being installed in the next generation of PCs, most users will automatically have access to this technology. Then, content companies need only require users to enable Palladium in order to get access to free trials and low cost downloads of high value content. Users will voluntarily utilize Palladium technology simply because doing so makes their computers so much more useful and valuable. There is no need whatsoever for mandates and compulsion.
Contrary to claims, the security chip does not have control over your computer. Its functionality is limited to generating a key internally, then taking a hash of software as it loads into memory, and reporting that hash remotely, signed with its crypto key. It can also perform other crypto functions on request. This is about as far from "absolute control" as you can get!
The page is actually not too bad so far as its facts go, it is the tone of it that violates neutrality. I'll go through and read it over more carefully later on (if I remember) but my initial impression is that it just needs to be rephrased so that it is more encyclopediac in style. Tannin 00:59 May 12, 2003 (UTC)
Yeah, I'm going to flag this for an NPOV dispute. While I agree that this is an attempt by Microsoft to completely dominate the industry, the article spends too much time bashing the idea and not enough time talking about the positive aspects (if any). CHz 10/21/03, 2:47 PM PST
I propose to remove the lengthy discussion under "Functionality of TCPA/NGSCB" on the main page which describes a mistaken understanding of how Palladium would work, involving only loading a signed OS, etc. Also I propose to remove the response to this under "Criticism" which is no longer relevant since that description was mistaken. I will leave the accurate Functionality description (the first part of that section) as it is correct. Any objections? MKWilliams 20:29, 4 Dec 2003 (UTC)
Okay, I took out the old description, and left in only those entries in Criticism which made sense in the context of the accurate description. MKWilliams 18:33, 10 Jan 2004 (UTC)
Clearly there is a lot of difference in opinion over what exactly Palladium/TCPA/NGSCB (hereinafter abbreviated to PTN) will do, which seems to fit into two camps:
Perhaps someone can provide a list of what PTN actually does, so that a) the article can be amended and b) this functionality can be examined and, if necessary, criticised.
Daveryan 14:22, 4 Jan 2004 (UTC)
Actually, neither of these is correct. See the main page for how it actually works. There is no signing of the OS or of programs. Rather, a crypto hash is taken of each software component as it loads into memory, via secure hardware. That hash can then be used to lock/unlock (encrypt) data or to securely validate the software configuration to a remote machine.
MKWilliams 18:29, 10 Jan 2004 (UTC)
As the article correctly states, the NG-SCB was previously known as Palladium - so shouldn't it be moved to Next Generation Secure Computing Base. It's a pain to type, but we can have any number of redirects. Given that I don't have time to read through the whole debate on this page and get involved in any other way, I won't just do it, but I thought I'd bring it up anyway. - IMSoP 15:40, 11 May 2004 (UTC)
I second that proposal. Edward Grefenstette 14:47, 9 Dec 2004 (UTC)
The link to this page was an NPOV dispute message. What exactly does discussing the pros and cons of NG-SCB (both of which are given equal prominence in the 'disputed' article) have to do with NPOV? About as much as Bill Gates has to do with selling strawberries! Removed the NPOV dispute autolink, replaced it with a 'see also' (since nobody seems to be disputing the neutrality anymore, but still talking about the subject itself).