Palladium, 'Trusted PCs' in the News 354
Reuters is carrying a fairly lengthy article on Palladium and 'Trusted Computing'. Worth reading - remember that what the Reuters/AP wires carry is all that most people will ever know about any particular issue.
I don't get it (Score:2, Funny)
Re:I don't get it (Score:2)
Yes, my new "Trusted Computing Platform" will be called "Xentronium" just to spite you! Bwahahah! I captured Orion before you!
For those that don't get the reference, play MOO2
Considering this as news for the masses... (Score:3, Interesting)
All in all a good article for the masses. Just needs more followup for those interested.
Re:Considering this as news for the masses... (Score:2)
Here is how I understand that Palladium is supposed to defend against viruses. This is based on a presentation I saw a couple of weeks ago by a Microsoft guy.
First, Palladium uses a crypto chip (what some critics call the Fritz chip) which can seal data. This way secure software can lock up data so that if some other software gets infected, the data is still safe. So the virus has to actually infect the secure software.
Second, when the crypto chip encrypts the data, it embeds a hash of the secure application in the data blob. When a piece of software decrypts it, the crypto chip computes a hash of the decrypting software, and compares it with the hash embedded in the encrypted data. If they disagree, it does not allow the data to be decrypted.
Therefore, if a virus infects a piece of software that has encrypted some secure data, it won't be able to decrypt it any more. The virus has changed the executable code and so the hash will change. This will be detected by the crypto chip and so it won't allow the decryption to go forward.
Anyway, that's the theory. Infected software other than a secure module can't get at the secure module's sealed data; and infecting the secure module will change its hash, so already-sealed data will no longer be accessible.
There's also a feature where the crypto chip can report the hash of some secure software to a remote server on the net. This could let distributed applications detect if a remote system was infected with a virus.
Re:Considering this as news for the masses... (Score:2)
An end to those cheating bastards in online gaming!!! Sign me up!
Re:Considering this as news for the masses... (Score:2, Insightful)
I don't deny that this makes it harder but rember that most virii exploit bugs and oversights and it would be naive to believe that there would be none in a trusted system. Especially when you consider who is making it.
Orthanc
more critical than I would have imagined (Score:2)
Maybe there's hope for Palladium being struck down after all?
fairly lengthy? (Score:2, Insightful)
I'm not sure if this is a sign of the sad state of popular media, or the sad state of all populus.
Re:fairly lengthy? (Score:2)
Reading slashdot tends to give a warped view of issues like these. Think of all the important, weighty issues in politics and business and the environment and so on that you wouldn't bother to read a 2 page article about. Let the politicians and businessmen and environmentalists worry about their problems, and we about ours. It shouldn't be everyone's job to worry about everything.
Heh (Score:5, Insightful)
As proof, Anderson points to a patent called "Digital Rights Management Operating System," for which Microsoft has rights
One of the first times a software patent might actually be a good thing. At least stifling competition and innovation in this area will give us a chance to focus our efforts on what is inevitably going to be a fundamentally flawed MS implementation of DRM.
Biddle and a TCPA spokesman deny the assertions, saying that no monitoring, reporting or censoring capabilities are designed into the systems, and people will be able to choose whether they want to use the security features, or not.
Talk about bullshit. DRM is useless if the user can turn it off.
To some, the TCPA plan is reminiscent of Intel's proposal in the mid-1990s to put a serial number on its Pentium chips. Public backlash caused Intel to abandon the plan.
Last I checked, the serial numbers are still there, and even though you can turn them off in the CMOS on some motherboards, software can turn them back on, so I hear.
By contrast, in trusted computing, special security chips and other hardware will work with software to verify the source of data and that it has not been changed, and to create safe zones within the computer for storing information.
Talk about a stupid solution to a simple problem. It doesn't require special hardware to protect the integrity of files, just proper software design. The earlier story on microBSD showed an implementation of software based integrity verification.
Technology companies must carefully balance individual rights and corporate interests, says Bruce Schneier, cryptography expert and chief technology officer at Counterpane Internet Security, a network monitoring firm.
Consumers used to vote with their dollars, no "balancing" was necessary. MS is betting on using monopoly power, and ignorant consumers to pull this one over on the public. Educated consumers are a necessary part of the free market, with technology becoming so complex, and specialization at an all time high, this may point to a larger problem, a complete breakdown of the free market, due to the lack of educated consumers.
"Microsoft wants the Chinese to pay for software," said Ross Anderson, head of computer security at the University of Cambridge in England and a renowned software expert.
Yeah, cause we all know those fucking chinks just leech off westerners. That is a pretty controversial thing to tell an AP reporter. To be fair, it was probably taken out of context.
Re:Heh (Score:2, Insightful)
Unless the software will not function at all without DRM active.
Re:Heh (Score:2, Insightful)
This whole fritz chip thing is designed to force you to use windows on only Microsoft terms. Infact Bill Gates himself called these TCPA chips as bouncers in your system to make sure everything is behaving properly. (bouncers??) THis is why Microsoft is getting a woody over this. For now they can have complete EULA controll with a digital enforcer. Hollywood will only release movies and audio in
Now, where do you get such a certificate to run or release your own programs? Oh from Microsoft only, and to make it worse you probably would have to sign an EULA stating that you will never make any viral gpl programs or make something that would compete agaisnt them!
Don't believe me? Go read the EULA for the
This attempt by Microsoft is extrememly illegal under the sherman anti trust laws and make microsoft's case agaisnt the doj look tiny in comparison. Bill will own %100 of the software industry. Scary scary shit. I do not mean to sound paranoid per say but I take Microsoft's bussiness plans with a grain of salt. Look at theit past behavior? I expect Microsoft to do the worse things imaginable like they have at every single oppurtinity since their inception.
Re: (Score:2)
Re:Heh (Score:3, Informative)
Re: (Score:3, Interesting)
Re:Heh (Score:2)
Honestly I see it as a really drawn out and convoluted (and probably slow) way to enforce sandboxes, other OS's have no problem doing it with plain old x86 hardware, I don't understand why MS is having such trouble.
Re: (Score:2)
Re:Heh (Score:2)
Yeh, I feel safer already. They'll just constantly be DoSing me by injecting foreign code into IIS. Big improvement.
Re:Heh (Score:2)
If your distro of linux supports TCPA, then yes. TCPA is an open specification, and there is much chatter about developing open OSS's that conform."
Wrong
1.) Ms owns a patent on it
2.) Any attempt would be illegal under the DMCA
"If you are forced to use windows or use your pc as a doorstop
You aren't."
If you can not fully turn TCPA off, then it is windows-land or a doorstop. Lookup answer 1 from the top of my reply to find out why.
"WIth 3 every component will need a different key just to work! Yuck.
This is good. Security conscious people will create a list of programs - specified by key - that they allow to run. No other programs will be allowed to run. This is enforced by hardware means. This would for example mean, that even if your webserver contained a buffer overflow (say, like the one Apache suffered a few weeks back) an attacker could not inject code (because it would be unsigned) into the operating environment. This means that a buffer overflow attack would be pointless. This means websites will be more secure. That is good."
Wrong security concious people will only have these features( assuming Windows will have utility to allow them too) if it is signed and probably running in trusted mode. Meaning apache will not run at all. Or would have no security be defualt if it had permission to run. IIS would obviously benifet but not untrusted apps like apache. Can apache ever get signed and be trusted by Windows? Look up reply number 6.
For now they can have complete EULA control with a digital enforcer.
Yes, that is the exact idea. Someone sets forth a contract, and you agree to it. And then you follow it. Thats what licenses are all about. I download a GPL program, I use it, I follow the GPL. Pretty simple.
Let me get this straight. You would like Ms to tell you how to run your own computer and according the to EULA they can change it anytime! Your crazy. I do not want ms to decide how I use my computer or boss around potential competitors to force me to use there software. If you are a competitor then you must allow microsoft to sign your application under a strict legal agreement. I also do not want to download a service pack and have my eula changed so I have to upgrade my os to stay current or to satisfy microsoft microsoft whenever its stock goes down. Microsoft is currently doing this with corporate customers. Remember Steve Balmer mentioned he wanted all pc's to eventually become rented. Now they can do this. With TCPA its Microsoft's way or the highway.
"This whole fritz chip thing is designed to force you to use windows on only Microsoft terms.
Bold faced lie. The whole idea of TCPA is use hardware to enforce data partitioning and access control lists."
So if Microsoft after spying on me decides they doesn't like my usage, will I still be able to run Windows? No. You said it yourself. The acl will prevent me if I dare piss off microsoft. TO me this is Microsoft's way or the highway. You seem to be under the impression that the user will have some control over the access lists stored on the hidden partations. These features are implemented to help Microsoft and not the consumer. If the users had full control then the drm would not be effective and microsoft could not enforce their EULA to the most strictest terms. Repeat after me. TCPA is not an open standard.
WIth 3 every component will need a different key just to work! Yuck.
This is good. Security conscious people will create a list of programs - specified by key - that they allow to run. No other programs will be allowed to run. This is enforced by hardware means. This would for example mean, that even if your webserver contained a buffer overflow (say, like the one Apache suffered a few weeks back) an attacker could not inject code (because it would be unsigned) into the operating environment. This means that a buffer overflow attack would be pointless. This means websites will be more secure. That is good."
So if Microsoft doesn't grant apache the right to run, then apache itself is unsigned and wont run or will run only in untrusted mode! How is that good for anything besides IIS? Read reply 3.
"Now, where do you get such a certificate to run or release your own programs?
Entities that issue certificates. I imagine Versign will be one. But under TCPA you or your system administrator or boss or vendor will define which certificates to trust. It is very similiar to how SSL works."
When you run IE and visit a webpage that requires shockwave and a window pops up asking you if you want to install shockwave, who assigns the certificate that the plug-in is legit? Is it verisign? No Microsoft. Infact the certificates currently used to validate plug-ins are going to be used with pallidium for every application you wish to install. I read it on zdnet somewhere. You will need to go through microsoft to have a certificate of athenticity. My guess is at first Microsoft will allow you to install an unsigned application and only a warning will appear. Then after TCPA becomes standard, they will revoke it and have the power to kill all unsinged applications or ones they do not like that somehow might compete with any microsoft product. The potential abuse of such a harsh system is staggering and I do not trust Microsoft. No one not even Linus should have this much power.
"Bill will own %100 of the software industry.
Out and out lie. TCPA is an open platform, it will benefit many vendors, MS amoung them. It will also benefit consumers."
Yes and open and patented stanard that only ms will have the security codes to use. How usefull. If they attempt to open it then the purpose of such a device will be non existant. With the combination of
"I do not mean to sound paranoid per say but I take Microsoft's bussiness plans with a grain of salt. You do sound paranoid. Paranoia is virtue, but not your variety. Your variety is built on mistruths and mal-applications of rumors. Read up on TCPA/Palladium. And then remember correctly that Palladium is vapour. " Oh, really [ibm.com]. According to users of this notebook [ibm.com], linux will not even run without it disabled. Palladium is real and is already out. WindowsXP has support for palladium that runs on these crippled IBM machines. And no they do not have all these admin settings you assume will have. They only block content and only microsoft can access the acl's.
"I expect Microsoft to do the worse things imaginable like they have at every single oppurtinity since their inception.
Thats fine, because chances are they will do bad things. Thats why you should use Linux." See my first reply above.
Re:Heh (Score:2)
http://www.trustedcomputing.org/docs/Website_TCPA
http://www.trustedcomputing.org/docs/TPM_QA_07180
http://www.trustedcomputing.org/docs/main%20v1_1b
Here are some of the highlights:
4. Is the TPM based platform limited to a particular operating system or microprocessor?
No. The TCPA specification is designed to be platform and OS agnostic. The TCPA specification is not limited to a specific platform, OS or CPU.
9. Does TCPA certify applications and OS's that utilize TPMs?
No. The TCPA has no plans to create a "certifying authority" to certify OS's or applications as "trusted". The trust model the TCPA promotes for the PC is: 1) the owner runs whatever OS or applications they want; 2) The TPM assures reliable reporting of the state of the platform; and 3) the two parties engaged in the transaction determine if the other platform is trusted for the intended transaction.
18. Does the TCPA support open source systems?
Yes. The ability to use the TPM functionality is available to all developers of software. An open source project could determine to use TPM functionally today. The concepts of measurement, protected storage and attestation of measurements are fundamental concepts that hold true for any type of OS or application. The platforms that support TCPA today are not limited to only one OS and if open source developers provided applications that used the TPM functionality they would find support.
Re:Heh (Score:2)
No. The TCPA specification is designed to be platform and OS agnostic. The TCPA specification is not limited to a specific platform, OS or CPU"
Ok I will repeat for the third time. Microsoft owns a patent on an OS using DRM ( specifically TCPA) hardware. So in essense its not limited to a particular platform but legally its limited to Windows. Remember when Adobe sued elmsoft and threw one of their Russian programmers in jail for DMCA volations? What makes you think Microsoft wont do the same? After all is not the TCPA architecture a copyright protection device and would this not make Linux itself a copyright circumvention device? Go read the XBOX Linux faq on why they chose to boot linux requiring a mod chip rather then try to reverse engineer the enccypted boot sequence? I believe the XBOX uses pallidium or at least some form of it to prevent unlicensed games from running. This affirms to me what Microsoft's intentions really are for palidium.
"9. Does TCPA certify applications and OS's that utilize TPMs?
No. The TCPA has no plans to create a "certifying authority" to certify OS's or applications as "trusted". The trust model the TCPA promotes for the PC is: 1) the owner runs whatever OS or applications they want; 2) The TPM assures reliable reporting of the state of the platform; and 3) the two parties engaged in the transaction determine if the other platform is trusted for the intended transaction."
You are right about this one. The TCPA consorturium does not have a certifying authority. So how does an application become signed in Windows? According to the faq's you quoted above, the two parties engaged in the transaction determine if the other platform is trusted for the intended transaction. So if i select a setup.exe file, Windows(assuming its the other party)will go online to Microsoft and determine if the app has a seal of approval. If not then Windows itself would deny the app to run or it would only run in untrusted mode. While its not limited to one OS theoritically, you still need the OS you are running to be that third party for the handshake. Even if a third party signed the application how would the OS then run it? THe os itself would also have to handshake on it or trust that it really is safe to run it. Knowing Microsoft I bet they will probably ignore every handshake but theirs. The TPM key is scret after all and is it not the operating systems job to handle the executables?
"18. Does the TCPA support open source systems?
Yes. The ability to use the TPM functionality is available to all developers of software. An open source project could determine to use TPM functionally today. The concepts of measurement, protected storage and attestation of measurements are fundamental concepts that hold true for any type of OS or application. The platforms that support TCPA today are not limited to only one OS and if open source developers provided applications that used the TPM functionality they would find support."
Since an TPM encyption key is required as well as Microsoft owns the patent on using an OS with TPM, you can kiss the idea of running linux goodbye. If the DMCA is appealled, then I suppose its possible to apply a closed source patch to get linux to use it or even run on it. I assume you need to pay the consorturium alot of money to gain the TPM key and displaying it in public would be prohibitied. If the key is public knowledge then a virus could also use the key and pose as a legit application to the other party. By the way no where in the docs does it say that the other party isyou!. Its only a software company that is a member of the consorturium. This would defeat the whole purpose for it. This is why a trust 2 way relationship is needed. However this would piss off alot of opensource hackers like RMS since the closed source patch would be required. Or I suppose we could have an online authority do the trust and sign linux itself. I am sure it would be expensive to mantain and would probably get the thumbs down from Linus.
Re:Heh (Score:2)
The TCPA has repeatedly said that the standard will be open for anybody to freely use. We all know that Microsoft has some patents that relate to DRM and palladium, but they have specifically said that the other operating systems will be able to make use of the standard. This includes how to make use of the TPM and use the encryption keys in it when entering a trusted mode. Any OS will be able to use the TPM.
And I'm still trying to figure out how you interpreted the line of the FAQ that said "the owner runs whatever OS or applications they want" to mean that you can only run what Microsoft wants you to run.
The fact is the TCPA standard is very open and it does not prevent you from running Linux. IBM's TCPA compliant Thinkpads have been on the market for over a year and plenty of people install Linux on them. The hardware is already out there and you can run Linux on it- I don't see how you can argue with that.
You might want to read these notes on Palladium and how it relates to TCPA from Seth Schoen. They are also very informative:
http://vitanuova.loyalty.org/2002-07-05.html [loyalty.org]
Re: (Score:2)
Re:Heh (Score:2)
Its all about control and not once have you proven me wrong. Does the user have the TPA access keys? No, then the user does not control the data. Pure and simple. READ THE DAM STORY. The engineers behind this created this scheme as a way to control (notice the world control)data. From who? Virus writers? Pirates? Actually it was orignally designed to prevent the user from acessing certain sectors to make drm possible and to applease hollywood and stomp out casual copying. Security came as an afterthought later on. The users only control parts of the security on their systems but not the keys or the boot sector, creations of their own apps(if they develop software), or loading an alternative OS. All else is controled by the OS/hardware which handshakes to a third party.
So what if my system is more secure! What, from myself?? Fuck this. Go ahead and buy your stupid TCPA machine. I will never, never buy it.
If you want to wait for a trustworthy company to start up(your own post says "numerous will spring up...meaning none exist") so you have to pay a monthly fee to access you own opensource applications then fine. No startup would make any money if the application providers or users did not pay them to be trusted. Meaning opensource apps are SOL. I will run linux on a mac and not have to worry about signed executables while you curse at your pc.
You can call me stupid, flame me, mod me down, I don't care. I will not change my position. You are being way too naive and overly optomistic about this and have no proof that ms wont do this considering they are the only ones that can even run on this currently and have a whole lot of power they can abuse.
Just remember in Windows that everything runs above the kernel and if the kernel reads an acl that says do not run if unsigned then it wont run. If no other provider exists then your SOL. Do not come crying here on slashdot that you now have to rent your pc because Microsoft's stock price went down again and linux wont boot on your secure pc. It wont ever be ported. It will be a cold day in hell if it ever is.
Also explain how a fully opensource implementation is possible without giving away the crown jewels?
Re:Heh (Score:2)
And last but not least palidium is based off of TCPA but is not fully TCPA compitable. Its Microsoft only version that works only with Windows.
Flame war over. I am done
Re: (Score:2)
Re:Heh (Score:3, Insightful)
>> What if drm is on by default? Could I load
>> Linux on it?
> If your distro of linux supports TCPA, then
> yes. TCPA is an open specification, and
> there
> is much chatter about developing open OSS's
> that conform.
If I used your way of replying, I would call this a bold faced lie. I won't, because I reckon you are just ignorant. Microsoft has a patent on "DRM-enabled operating system", which mean they could at any time deny distribution of Linux.
>> For now they can have complete EULA
>> controll with a digital enforcer.
> Yes, that is the exact idea. Someone sets
> forth a contract, and you agree to it. And > then you follow it. Thats what licenses are > all about. I download a GPL program, I use > it, I follow the GPL. Pretty simple.
Again, if I used your method of arguing, I would call this a blatant lie. Since I don't, I just suspect you are ignorant, and tell you the truth:
You don't have to accept anything to use GPL-based software. Not a thing, zilch. The only time you have to accept the GPL is if you distribute the software (or derived software), something you cannot legally do with Microsoft software.
I'm ok with you disagreeing with the original poster, but calling him/her a liar is pretty offensive. Microsoft is a proven criminal monopoly that has misused their power on numerous occations. Are you actually so naive that you except all of this is just good intentions?
Re:Heh (Score:2)
Re:Heh (Score:2)
One of the first times a software patent might actually be a good thing. At least stifling competition and innovation in this area will give us a chance to focus our efforts on what is inevitably going to be a fundamentally flawed MS implementation of DRM",
Why did ms patent the OS part? Oh
MOD UP PATENT! I only dissagree with you on the first point. I think a score of 0 is inappropriate.
My other guess is why ms wanted to patent a drm os was to prevent apple and ultimately quicktime from viewing movies. MS wants to monopolize the audio/video market. This is apple's core market right now. Why should hollywood create a movie in quicktime or the RIAA sell some mp3's when they can use drm protected
Re:Heh (Score:2)
Consumers won't be allowed to vote with dollars (Score:2)
The problem is that the media and some technology corporations (like MS and Intel) are getting laws such as the DMCA passed that make voting with your dollars moot.
If it was not illegal to circumvent digital copy protection mechanisms, then there would be more such programs and devices available, and more people would have a taste of what will be taken away by something like palladium.
As it is, the DMCA makes it difficult to distribute mechanisms to bypass current DRM, so the huddled masses will see less of a difference when palladium arrives on their desktops. Most non-technical users already can't copy DRM-protected materials. Palladium will not mean much difference to them, so why should they bother voting against it with their dollars.
In addition to that, certain content will only be available on palladium, so in many cases, average non-technical users may actually have a reason to prefer it.
Ironically, it may be corporations who end up balking at palladium and potentially turning off some of the "security" features. Companies are likely to be very concerned with the idea of outside organizations having any type of "enforcement" accesss (or any other kind of access) to their computers.
Turn it off (Score:2, Insightful)
I speculated about this a bit, and realised that it's probably the same kind of thing that the MPAA is trying to do to consumer home entertainment systems. From what I know, it means that if you choose NOT to use DRM features, you either lose the really high-quality (high-quality as in resolution, not high-quality as in content) stuff, or you are denied from viewing certain things.
Re:Turn it off (Score:2, Insightful)
It's the same logic behind social security numbers and immunizations.
Sure you don't HAVE to get your kids a social security number, but you would have a whole lot of trouble getting them into any school without one, they would have a whole lot of trouble ever getting a job or passport without one, etc.
When the alternatives are a ton of hassles, you really don't have much choice at all.
interesting choice of words... (Score:5, Interesting)
*emphasis mine
I think the implicit meaning here is that consumers think the internet is theirs. when in fact it is not.
What will happen when corporate america convinces the world that it owns the internet?
Re:interesting choice of words... (Score:5, Insightful)
What will happen when corporate america convinces the world that Pi equals exactly 3? Well, a lot of shoddy engineering. But they can convince all they want, it won't make it so.
IP is IP. TCP/IP is something else entirely.
Re:interesting choice of words... (Score:2)
The question you should be asking, is what are we going to do about it?
Re:interesting choice of words... (Score:2)
sometimes stupid things are acceptable to millions (Score:2, Interesting)
And to most people, it makes total sense then to ban those anonymous, crime-friendly pc's. I suppose the silver lining is, we could at least free ourselves of spammers. So it's a tough call ;-)
Not A Tough Call At All (Score:2)
It isn't a tough call at all, as there are already ways [spamassassin.org] of freeing yourself from SPAMMERs that don't require you to give up your basic freedoms.
Besides, do you really think Palladium is going to 'free' you from SPAM. Given the track record of Microsoft's email services (hotmail, etc) I think it is more likely you are going to be receiving SPAM adverts from Microsoft "strategic" partners, and perhaps anyone who pays the piper appropriately, and with 'trusted' computing, maybe what won't be trusted won't be the SPAM, it will be the SPAM assissin software that otherwise would have let you filter the crap out of your inbox.
One thing is absolutely certain. Whichever way that particular battle on your Palladium Trusted Computer goes, it won't be your choice. It will be Microsoft's choice.
Fair and well balanced article. (Score:5, Insightful)
Is that such a bad thing? You wouldn't see a story that well balanced on TV. TV news offers nothing except one sided stories. Then of course you have specialty news sites like Slashdot or The Register. Can you tell me with a straight face that The Register offers fairly balanced articles?
Reuters, the Associated Press, and local newspaper staff writers are the last bastion of fair reporting. You have to admit that this article was very fairly written. It offered no opinions of it's own, and reported both sides of the argument without trying to say which one was "right". If Joe Sixpack were to read this, he would be free to make his own opinion based on the facts, not have one shoved down his throat. I think we should be thankful that fair reporting still exists in this corporation dominated society.
Re:Fair and well balanced article. (Score:2)
Re:Fair and well balanced article. (Score:4, Insightful)
Ah, another person whose commitment to a free press is only skin deep. Of course reporting about Palladium -- or the Klan, for that matter! -- should be "fair and balanced". That's the unflinchinhg goal for honest jounralism. Show a little faith that maybe, just maybe, when John Q. Puublic or Jane Sixpack gets the actual facts in a fair and balanced matter, he/she will make the right choice.
Stop trying to save the peoples of the world from themselves. Give them the facts and let them save themselves. If your position, after an admittedly "fair and balanced" presentation, cannot survive, then it doesn't deserve to
It's called democracy, people.
Re:Fair and well balanced article. (Score:2)
Re:Fair and well balanced article. (Score:2)
You're implying that whoever wrote the article should not have been attempting to write it in an unbiased manner. Ergo, you're saying the writer should be biased. Biased towards your personal ideas on the topic, that is.
The thing that differentiates news from editorial is that in an editorial, the writer's opinion is offered. Regardless of the views of a newswriter, they should attempt to provide the facts, lest they turn news into editorial (as happens so very often on Slashdot).
You seem to suffer from an all-to-common disease: you think that your personal views are what are "right" and "good", and views that aren't in line with yours are "wrong" and "evil". I, for one, am thankful that you are not a news reporter!
Rewarding those who put content on the 'Net (Score:3, Insightful)
Ugh, Dave, the majority of people who put content on the 'Net are getting their reward: they're sharing their thougths, dreams, ideas, projects, photos, songs, etc. with the world. And the vast majority of them, virally enough, aren't charging for it. Go figure.
Damn Straight (Score:3, Insightful)
What do I get in exchange? I get hundreds of thousands of programs as part of my Linux distrobution on my server.
Is it a good arrangement? I think so.
Re:Rewarding those who put content on the 'Net (Score:3, Funny)
I'll tell you what - here's the deal - you don't put your content on the "'Net", and I won't bother with DRM. How does that sound ?
Erm yeah, OK (Score:4, Insightful)
Of course, Palladium has absolutely nothing to do with DRM. Microsoft just patented it by accident. And if DRM happens to be built in to your OS, well it's just 'unfortunate'.
Re:Erm yeah, OK (Score:2)
Um, Palladium is an Operating System. You disable it by not installing it on your computer.
The TCPA hardware on the computer is "disabled" by not installing a TCPA complient OS. Case in point, IBM has been shipping TCPA complient Thinkpads for over a year now. No operating systems make use if that yet, so the TCPA hardware is effectively disabled. Oh, and plenty of people are still installing Linux on these Thinkpads- thats because the TCPA standard is not OS or even platform specific.
Seth Schoen's Palladium Summary (Score:5, Informative)
Fails at the first fence (Score:2)
Fails at the first fence. If they're on someone else's computer, they're not his bits anymore...
Cheers,
Ian
White box computers? (Score:3, Funny)
Then again, I'm known for my xfiles style paranoia.
it's pointless (Score:2)
The only serious threat is legislation or legal precedent: if running your favorite OS on an embedded chip becomes defined as "circumvention" under the DMCA, then there is real trouble. But then we'd be heading for the technological dark ages anyway: a DRM world simply cannot support a rapid pace of technological innovation.
Re:it's pointless (Score:2, Interesting)
Trying to impose digital rights management through a consortium is bound to fail
If you mean that other alternatives will always be available (ignoring absurd legislation) then you're right, it will fail - but if you mean that people will reject the DRM-ized technology and shift wholesale to Linux or BSD, that ain't going to happen.
Its already been demonstrated that the bulk of the world will happily continue using the monopoly OS even after years of blue screens of death and countless security exposures trumpeted loudly. Why should they switch to a better solution just because of some (to them) obscure argument about privacy ??
Then again, when they find they can't rip their buddy's CDs maybe that will start to focus their minds...
Re:it's pointless (Score:2)
Bingo. When my sister (former assistant DA and a total law-and-order type) and my mom (retired do-gooder public school teacher) both start to ask me about ripping CDs to hard disk and space-shifting music, then I know that the Content Cartel is doomed. People are getting used to this whole musical frededom thing, and taking it away hits them a lot closer to home than, say, the Microsoft monopoly.
Re: (Score:2)
A Bit Bland... (Score:2)
"While Palladium is still a long way off, an uproar has arisen over how technologies might be used to curtail consumer "fair use" rights to make personal copies of movies and music and to more tightly control software use."
Why on earth did they put the term "fair use" in quotes? It sounds almost like they're trying to discredit the notion.
Other than this one glaring exception, not a bad piece. Not a good piece, but not bad either.
BlackGriffen
Re:A Bit Bland... (Score:3, Insightful)
An industry push to tighten security on personal computers could be either the salvation of electronic commerce or the bane of consumers, who view the Internet as their digital information playground.
Like the other poster pointed out, this implies that the users do not control the Internet, rather large corporations do.
The "playground" reference seems to discredit users as credible creators of content, they are just kids playing; the corporations are the ones doing the important stuff. By extention of their generally condescending tone, this "fair use" thing is silly too.
What may be perceived as minor intrusions in a Western corporate setting might have Big Brother consequences for computer users in countries with more controlled environments like China and Saudi Arabia.
In other words, "of course our government is benevolent, but in other countries run by evil people, it may be a problem, but not here".
I wouldn't call this article balanced at all.
Does Taiwan Count as Chinese? (Score:5, Interesting)
And what happens when America locks down its computers? Does Taiwan sit back and say, "Yeah, okay" - or do they start building boxes without the Palladium hardware and maybe even their own CPUs and start selling them worldwide (and smuggling them into America will be the next big "Drug War" issue!) and take over the computer industry from Intel? While Linux is taking over the software market from Windows by ignoring the issue?
Go ahead, Bill! Feel free! Don't let the door hit your butt on the way to the poor house!
MS will lose on this one. (Score:2, Insightful)
Re: (Score:2)
Great... my future looks like Hiro Protagonist now (Score:2)
Interesting, I thought that the CIC handled that...
response to a quote from the Palladium FAQ (Score:5, Interesting)
You know what I say? LET IT. Let's face the facts:
PC sales have leveled off. The market is at saturation. There is no "killer app" that will make anyone who does not presently own a PC go out and get one. If they don't own a PC by now, they DON'T want one and nothing will change that. The majority of PC sales are now replacements for existing obsolete/older machines and machines for new population members. It's the same situation the car manufacturers face, and they're used to it. The IT companies are just freaked because it's no longer a growth market and they're having to adjust.
Interactive TV, network appliances, video phones and flying cars. All ideas that sound good and futuristc, all without mainstream acceptance. It is quite possible "The PC as an entertainment appliance" is just as doomed to becoming a niche market as any other anticipated "killer app" that awaits over the horizon.
Tivos aren't exactly flying off the shelves. Yes the Tivo is a neat geek toy. The public at large doesn't care. They already own a VCR.
I don't want to wait for a movie to download that I can only watch on one PC. I want the DVD that I can play in my DVD player, my friend's DVD player or bring it with me and watch it on the TV in my boat.
I don't want to wait for an entire album to download that I can only listen to on one PC. Just like DVDs, I want the actual disc.
There is a place I can already get what I want, and it's nearby where I shop for food and they also sell clothes - it's very convienent, it's called the local department store. If the digital intellectual property the media companies are so interested in protecting was only less expensive, they wouldn't have to worry about protecting it. I'd much rather buy it.
Shooting themselves in the foot (Score:5, Interesting)
Taken a step further, how many people actually feel good starting up the ol' P2P client and ripping the media companies a new one?
I'm not advocating piracy, what I'm merely pointing out is that maybe the increase in piracy is due to the fact that all this digital rights stuff is making people feel a little bit better about not paying for music and movies. Instead of decreasing piracy, all they (the media companies) might really cause is MORE rampant piracy and the rise of prices of "open" hardware on eBay.
New World Order? (Score:2)
RICO (Score:2)
Now the question is if RICO statutes could be applied. Then every one involved with the damn thing could lose big bucks. Really big bucks.
Palladium Hard Drive Sighted on eBay (Score:2, Funny)
Must...tear this...apart...aarrgh (Score:5, Interesting)
Yeah, this is such a problem. I mean, right now, the Internet contains more content than me or even a large group of people could possibly hope to consume in a lifetime. And don't even start to say that most of the content now is garbage. That's (one) very much a matter of personal taste and (two) ignoring the fact that an essentially infinite amount of good information plus an essentially infinite amount of garbage still supplies you with plenty of good content...and search engines help us tune out the garbage.
media companies complained they wouldn't release high-quality versions of their published content to personal computers because of piracy concerns
Books and movies are available from libraries. I'm sure they hate that too. But I think the reason they complain about the Internet so much is it's an unbelievably large library without even so much as a librarian to regulate the usage of anything. Corporations want to start commercializing the information content of the Internet, instead of settling for selling physical products online. They are blinded by the opinion that if there is a way they can make money, then they have a right to make money that way. Thus they feel we must start to regulate all the information on the Internet. Bastards.
"I like to call this controlled computing rather than trusted computing," said Chris Hoofnagle
I like to call this crippled computing rather than controlled computing.
What may be perceived as minor intrusions in a Western corporate setting might have Big Brother consequences for computer users in countries with more controlled environments like China and Saudi Arabia.
Huh? WTF does this mean? That we can trust the Western corporations not to abuse power? That Western citizens are apathetic to the notion of a Big Brother? Any way that I read this it makes no sense.
"[DRM is] not something that really is part and parcel of what Palladium is," Biddle says, adding that it is related to optional add-on features that customers could elect to use.
This is tantamount to saying here is our new computer product, which you can use with this set of optional handcuffs. Go ahead, try them on, you'll like them. What? You don't want to use them? Hmm. Okay guys, bring in the service pack! Now it's mandatory.
"Security is more social than technical," Schneier said. "There are a lot of good technical controls in Palladium, but it's unclear whether they'll be used to protect personal privacy or limit personal freedom.
Finally someone with a clue. I might add that convincing the general public that the Internet lacks content, that they need Palladium, that they should use the "optional" features -- is all social engineering. There is no technical justification for any of it, but since the gap between someone who understands the true potential of a computer and someone who just uses email is so huge, it may not be that difficult for them to convince Joe User that his computer should be "secured" for his own protection. If people are ignorant of what they're losing, they won't cry foul when they lose it.
*Sigh* Back to searching for the scarce crumbs of useful content on the Internet...
Re:Must...tear this...apart...aarrgh (Score:5, Interesting)
Oh, they do, they do. Don't think the Content Cartel isn't aiming for the effective elimination of public libraries through the imposition of increasingly restrictive access control mechanisms. And don't think that dead-tree publishers are any more moral or public-spirited than bit-pushers. To quote Ralph Oman [washingtonpost.com], former US Registrar of Copyright, under whose regime the expansion of intellectual "property" rights occured,
As we can see, public libraries are no more than thieving "special pleaders" who scavenge off the public domain without ever returning anything to society. Oh, wait, that's more a description of Disney, but oh, well... The Registrar of Copyright himself apparently dismissses public libraries. You don't think the Content Cartel drools over the prospect?
Reuters/AP never reach most people (Score:2)
Most people don't like to read serious newspapers... they don't have enough pie charts and they use big, headache-inducing words like "president" and "Gorbachev." So a lot of people read USA Today or tabloids which use catchy, easy-to-swallow words like "prez" and "Gorby." Those papers dumb the news down and cut out critical information their readers don't want to think about anyway.
A far larger portion of the population gets its news from television, which is not news at all. It's entertainment, soundbites, hype, ads and then one to four sentences about the news. Even the most well-intentioned copy writer cannot encapsulate "Trusted Computing" fairly in four spoken sentences, so everyone who watches the broadcast will be very poorly informed.
Then there's the largest group: the people whose news consists of the watered-down, telephone-game-tainted rumors they hear from the people they know. They don't watch/read the news because they don't want to.
Reuters is often trash compared to the AP or a good newspaper reporter's story, but it's far better than what most people will hear about this issue.
DO YOUR PART! (Score:5, Insightful)
I'm serious, talk to your less-geeky friends and family. This is not a rant. Spread the word in plain english, then the common folk know they don't need to upgrade to an operating system that will simply restrict what they do.
Re:DO YOUR PART! (Score:2)
And the public slowly cooks, just like a frog.
Right (Score:3, Funny)
The Digital Rights Divide.... (Score:3, Insightful)
With all thios effort to constrain creativity and innovation, there needs to be effort and work being done to create laws (plenty of licenses are already available) that protect our right to be creative and innovative with what is the most versatile tool we have yet created, the computer.
The constraints being proposed in DRM and such are a contridiction of such creativity and innovation freedom, not to mention the taking away of far use. But if these constraints are chosen to be applied by such a collective, then as product producers they have every right.
HOWEVER, They DO NOT Have the Right to Suppress Competition for Comsumer Choice. It is wrong to try and shut out open systems which contribute to creativity and innovation, not to mention far use.
I should have a choice, not be forced to buy one or the other but have a choice as to whether I am buying a genuine computer or some constrained to the level of dedicated applicance, device.
These are two different items!!! And it should be made clear, made very clear.
On one hand you have appliances and that which will only run on such appliances. On the other hand, the choice of versatility open for being creative and innovative with, limited only by not being able to access products designed specifically for the constrained appliances.
TWO different general Lines of Products.
One Constrained, the other NOT.
Those pursuing constraints need the hell to stop infringing upon genuine computers system which were here before they came up with a lessor systems. They need to make it clear to the buying public that they are not taking away consumer choice, but making a different product.
The Consumer has a right to have choice!!
Why has this difference not been identified and made clear to the general public?
It seems very clear to me that there is a great deal of consumer deception going on here.
Shrug (Score:2, Interesting)
Then again, *nix is an OS by developers, for developers, so I'm just a weee bit biased towards those variants...
Re:Shrug (Score:2)
And before anyone starts: by "IT department" I do not mean the average digital-rights-advocate geek sysadmin who actually administers the servers, nor do I mean the rare IT manager with a clue about the implications of DRM. I am talking about the average CIO's and managers of the larger IT departments. And they, my friends, have pointy hair.
Re: (Score:2)
Re:Palladium (Score:2)
actually, no. you can have open source software, you just can't compile and run it yourself. the binary has to be signed by the appropriate authority. this is what is so insidious about palladium. it doesn't stop open source software from existing, it just makes it useless.
What content, exactly? (Score:2)
The theft of our freedoms (Score:2, Informative)
The worst of all is that people will be forced to use Palladium or TCPA machines, when laws like CBDTPA (the former SSSCA) will be passed.
Thus, sooner or later, the right to share will be outlawed, and people will no longer be able to "turn DRM off".
When no TCPA-free or Palladium-free hardware will be available and the ISPs will only allow TCPA machines to be connected to the Internet, there will be no alternative.
The worst of all, most of the people are totally unaware that many of their freedoms are about to be stolen.
For an introduction see:
http://action.eff.org/tinseltown/ [eff.org]
http://www.eff.org/IP/SSSCA_CBDTPA/ [eff.org]
TCPA / Palladium Frequently Asked Questions
http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html [cam.ac.uk]
"The Right to Read" by Richard M. Stallman.
http://www.fsf.org/philosophy/right-to-read.html [fsf.org]
(The important thing about this story is that it was written before the DMCA was even proposed!)
"What's Wrong With Copy Protection" by John Gilmore.
http://cryptome.org/jg-wwwcp.htm [cryptome.org]
Yup (Score:4, Informative)
Re:Is AMD in on this? (Score:2)
National Semicinductor, Novell, Nvidia and AMD are members along with 180 other spineless companies.
Notably absent are VIA and Sony
Re: (Score:3, Flamebait)
Re:Is AMD in on this? (Score:2)
The industry that is stifleing the tech industy, content producers, is barely a 30 billion dollar a year industry.
The content producers are leveraging legislation to raise their profits at the expence of the technology companies.
That is not legitimate. If the content producers double their profits while the tech industry gets theirs cut in half, the economy has lost 220 billion in revenue.
Kill the computer to save Mickey Mouse.
Bullshit
Re: (Score:2)
Re:Is AMD in on this? (Score:2)
I play movies all the time on my Linux PC with MPlayer [mplayerhq.hu]. You have to compile it yourself since it's illegal according to the DMCA, but it works great. Try it out. If you want to watch Sorensen-encoded Quicktime movies, Codeweavers' Crossover plugin is supposed to work nicely here.
I also have no trouble playing music (in MP3 or OGG) using any of the countless music players available for Linux. I recommend XMMS the most though.
Switching to Linux doesn't necessarily mean you'll be missing out on anything.
Re:lengthy? (Score:2)
Re:Quote (Score:3, Insightful)
But China has Sourceforge blocked.
China has Sourceforge blocked.
So China is pushing a non GPL Fork of Linux that we will NEVER see the benifit from except as a retail product from IBM.
Re:Good point! (Score:2)
Probably a much worse situation, I would think.
Re:Quote (Score:3, Insightful)
They have passed some intellectual property laws [china-laws-online.com] in order to join the world trade organization but have a long history of simply using other people's patents and copywritten works. 4 years of laws do not break 50 years of history.
So they have found another way: They have blocked sourceforge. How do they publish source? Interestingly, IBM's Linux development center is not blocked.
Yes, by copywrite law, any fork of a GPL product is automatically a GPL product. But only by law.
For instance, China is a full democracy by law. But there is only one candidate in any election.
Bill's Quote (Score:4, Interesting)
Needless to say, this is extremely offensive to the Chinese for historical reasons (think Opium War). Lol, between Gates and "Our products just aren't engineered for security" Valentine, I wonder how Microsoft stays in business...
Re:Bill's Quote (Score:2, Funny)
M-O-N..
Any way they can..
O-P-O..
Oh you'll pay sooner or later..
L-Y-Yessiree!
G'night folks!
Palladium in China (Score:2)
Any (IMO) "trusted" security system can be broken, given sufficient resources and access to the hardware. Palladium looks like it'd take the resources of a major nation to crack.
Umm... China is a major nation, y'know.
Re:Bill's Quote (Score:2, Funny)
Re:Quote (Score:2)
Re:Happily, a balanced article (Score:2)
I must have been entirely too used to reading articles on CNN, Salon, etc. which look entirely too much like press releases for Microsoft
Salon?!?
Does this [salon.com] look like a Microsoft press release?
Re:Who is going to buy it? (Score:2)
"Look honey, we bought you a nice new computer. See, it's got shiny parts and blinking lights, and it even is approved by that nice company that writes our software for us.... what was their name? Oh yeah, microsoft/
Re:I like Apple's take on DRM (so far) (Score:2)
(Quotes added for the less intelligent among us)
Re: (Score:2)
Re:I take that back (Score:2)
$ ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:00:DE:AD:BE:EF
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:11 Base address:0x7e00
$ ifconfig eth1 hw ether 00:00:ab:ad:1d:ea
$ ifconfig eth1
eth1 Link encap:Ethernet HWaddr 00:00:AB:AD:1D:EA
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Interrupt:11 Base address:0x7e00