 |
 |
 |
 |
 |
|
Palladium's perilous promise |
|
|
|
 |
|
 |
 |
Friday June 28, 2002 - [ 03:28 PM GMT ]
Topic - Closed Source -
- By Jack Bryar -
Is Microsoft's proposed "Palladium" software an honest attempt to
improve system security? Or is it a Trojan horse designed to let content
providers, the police and your boss get into your computer?
Once upon a time, "high 'mid rock and wood," the ancient city of Troy featured a statue of Pallas Athene
that was said to have fallen from the heavens when the city was founded. The
Trojans believed that this "Palladium" was a guarantee from the gods. They
believed that this "holy thing" would "secure from harm your city ...
forevermore." As any student of Homer or other Greek and Roman texts may recall, it
didn't work out that way.
Apparently some classics major with a sense of irony persuaded
Microsoft to adopt the name of Troy's ineffective idol as the code name for a
proposed new operating platform the company wants to put on your next computer.
Presumably, developers hope Palladium software will secure the company
against effective competition. Unfortunately, if Microsoft is successful with
Palladium, lots of consumers may need securing from harm. And that's the least
dangerous thing about the platform.
Last January, in typically grandiose fashion, Bill Gates announced
his company was launching a "jihad" focused on creating trustworthy computing. Most
observers assumed, or at least hoped, that perhaps Microsoft was going to repair
core elements of its architecture, particularly, the patchwork of
under-documented legacy components that's been so successfully exploited by hackers and virus writers.
They would have been wrong had they assumed that.
Instead, Redmond's marketeers have determined that the biggest
security problem is the free flow of information and content. Microsoft's solution is
Palladium, a computer-inside-the-computer, complete with its own chips and
operating system designed to restrict your ability to access or process
information. Whoever thought processing information was the whole reason for
computers in the first place?
This week, Microsoft launched its opening salvo in what promises to be a
massive marketing program designed to drown out any complaints about the
proposed new system coming from the technical community. Through a series of
exclusives with non-technical publications owned by infotainment conglomerates,
the company hopes to position its patented "Digital Rights Management Operating
System" as the consumer's friend.
The first media outlet given an exclusive peek was Newsweek Magazine,
a rival of Time (and by extension, AOL Time Warner). The
publication's reporters took the bit, and described Palladium as an architecture
that will "improve our ability to control and protect" information, and a
platform for a "host of yet-unimagined services." They may be unimagined in part
because Palladium consists of mostly imagination and relatively little
software. The Newsweek reporter saw little more than white boards and graphics.
One observer commented that much of the presentation sounded like a re-work
of the company's Hailstorm project.
Based on the presentation, the system is to consist of a
computer-within-a-computer that will preprocess all external system communications, and any other "security" issues. The components include an authentication
system, special hardware chips, and a "nub" software module designed to handle
security tasks. Project Manager Mario Juarez said that the company will publish
the source code for Palladium, or at least for the nub component. This
appears to be something less than Open Source, however, in that the code will
be strictly look-but-don't-touch. GPL-style Open Source use, distribution,
and development rights don't seem to be part of the deal, and it is not
clear if code will be offered to anyone other than hardware developers and
selected software and content publishers. The company has simply promised that
Palladium will be a "collaborative effort" among "stakeholders," with some
user feedback solicited "later."
Among the features of Palladium:
- It uniquely identifies both you and your PC to those you
deal with. Any connection between you and any other device is mediated by
the system, which can prevent transmission of content or your access to that
content.
- Documents you receive cannot be modified (or in some cases,
retransmitted) without the originator's permission. This means any attempt to summarize
content, or even mark it up, may be restricted.
- Email will be mediated by the system. Only content authorized by
you (or your employer? or your government?) can pass through the system.
- "The Man" will be on your system. Or at least "My Man."
Content originators can send an agent accompanying their content to ensure that
content is not waylaid between them and their intended recipient. This is
marketed as insurance that hackers and identity thieves can't capture, alter or
audit messages transmitted between you and your recipient. How this
represents an improvement over current encryption systems or secure channels such
as virtual private networks is not clear. It is also not clear whose "man"
this will be. Microsoft has hinted that the "man" might be fitted with a
back door for nervous government and police types.
Even without a back door, Palladium may allow third parties to monitor
your activity. Although the system is still in early stages of development,
it appears to extend a concept developed for Microsoft's Directory
Services products. Products like Active Directory generate a "unique object identifier" for
every document and code element in the enterprise. Based on that identifier,
object flow can be tracked and user access restricted. Who holds the
identifier (besides your company or ISP)? Well, Microsoft does it today, along with a
limited number of corporate partners.
From Redmond's perspective, Palladium's design is brilliant. It hands
security over to a "consortium" of developers, effectively unloading
responsibility for the entire issue. As separate code, it signals other software
developers that the company might start to modularize and open elements of its
code base. And it puts a firewall around the company's separate and proprietary
Windows platform. The company even gets to use the phrase "Open Source."
It makes chip developers happy. The design will require a whole new
generation of processors and input/output devices. Microsoft gets to choose its
hardware partners, giving it leverage over Intel and AMD while making life
potentially more difficult for firms like Motorola and Transmeta. And instead of
Microsoft pressuring computer and consumer electronics developers to adopt
Palladium, the company can rely on major media companies and allied government
officials to do their coercion for them. Any company that goes to the trouble of
adopting Palladium will take little convincing to take on the accompanying
Windows products optimized for it.
Happy too, should be anyone in big media.
Palladium's most promising feature (for content owners) has been
digital rights management code. DRM assumes that authors or owners of material
ranging from email to the latest Britney Spears CD must have some way of
preventing unauthorized reproduction of content. Such a concept is the antithesis
of the original Internet, which was designed to facilitate wide
reproduction of content to ensure that a message could travel to its
destination even if the network were badly damaged. However, DRM fits into the
plans of content developers who believe that their rights to control the
distribution of their materials should allow them to control your PC.
What the system really loads into the Palladium "user vault" is a user
identity, "rights managed" content, and a "trusted application" that only it can
bring into memory for execution. Unless the user's machine is verified as an
"allowed" system, the software or content won't run. Imagine a scenario where a
CD you bought will run on your PC or CD player, but not on your girlfriend's
equipment, and then only for six months, and you begin to get the idea.
While much of the speculation about digital rights management involves
music, text content is significantly more important to Microsoft and to many
big media companies. Many vendors of news and information have tried to
keep alive a two-tiered marketplace, selling content once, as "news" or
"current awareness," then re-selling the content a second time to archival
services such as Lexis-Nexis or Dialog, among others. In order to make this
work, electronic news services frequently require their customers to promise
not to re-publish articles or to delete content after a limited number of
days. Today news vendors have to rely on an "honor" system among corporate
customers to ensure content won't be kept indefinitely. In the future such
content would automatically disappear or at least become unreadable after a
certain date. Palladium can also limit the distribution of email and other
informal documents through the same process.
Whatever the concerns of consumer advocacy groups about Palladium or
other digital rights management schemes, they pale compared to the concerns
of human rights activists. Done poorly, digital rights systems could
let content originators track down who read what, who they
shared it with, and how they got it. That's bad enough when Walt Disney is
monitoring you. It's quite a different issue if the originator of a document is
the government of a country like China or Zimbabwe, or deservedly paranoid company execs at a firm
like Enron or WorldCom. Dissidents and whistleblowers have no reason to
welcome Palladium or any similar system.
To its credit, Microsoft has sought out at least some opinion leaders,
such as the Center for Democracy and Technology. It has also helped
publicize a critique of the Trusted Computer Platform Alliance (of which it is a
member) for pushing DRM ideas that would further compromise worker and citizen
rights against corporate of government snooping. But unless these "enhanced"
systems allow the user to trust the machine on his or her desktop, both Palladium and
DRM are likely to meet with fierce consumer resistance, and further ensure
the growth of Open Source alternatives.
|
 |
 |
 |
 |
|
|
 |
 |
 |
 |
Palladium's Perilous Promise (#17670)
by The Misanthrope on 2002.06.28 11:28 | User Info |
Lest ye forget, not only is Newsweek rival to Time, but Newsweek is to Microsoft as Time is to AOL. Not exactly the places to go for anything other than puff pieces about either.
I don't watch The Today Show on (MS)NBC for Microsoft trial coverage; I don't read Newsweek for the latest security warnings about Windows.
[ Reply to This | Parent
]
Still just a rumor about vaporware (#17671)
by DCallaghan on 2002.06.28 11:53 | User Info |
Its a little early in the game to worry about the apocolypse. Palladium isn't even sheduled to be scheduled until 2004.
As mentioned, Palladium is similar to a 3-yr work-in-progress by the Trusted Computing Platform Alliance, which includes 180 members including founders HP, IBM, Intel and MS.
IBM isn't going to tolerate a system that torpedoes its Linux initiative. I'm not as worried as I used to be about the future of Linux before IBM came on board. Now it takes more than a fluff piece to get me excited.
And to comment on the article, this is probably not the only thing MS will be doing as part of its security initiative. Say what you will, but when Bill sends out a memo, there are some very smart, talented programmers on the To: list. I expect to see more security initiatives than Palladium come from Redmond.
Now if you'll excuse me, I have to check up on the availibility of patches for a new critical security flaw in XP and Media Player announced today! :)
[ Reply to This | Parent
]
Court case? (#17673)
by OwlWhacker on 2002.06.28 12:02 | User Info |
I can see it now:
Palladium comes into being, Linux is dead, Open Source becomes extinct. Another trial of Microsoft will occur, and ten years later it will be dismissed because it happened so long ago it's no longer relevant. Or we could all just switch to Linux...
[ Reply to This | Parent
]
Secuity Issues (#17681)
by Anonymous Reader on 2002.06.28 13:37
There is way too much stench of the cliched "Big Brother" attitude here. Unless the user of this system is defined as Record Comapnies, Government, Paranoid Conglomerates, etc., where does the user security come in? Sounds like MS is trying to protect the user from themselves by policing files that exist on their PC rather than trying to police the risks of malicious viruses entering that PC (which seems to be the problem in the first place). I tend to believe that this will stay vaporware since it really just paves the way for crackers to tackle more security flaws in this (sarcastic) more secure system.
In MS's defence there is $ in the realm of digital enternainment security (which has always been pretty sad). So why not shake your money maker marketing schemes to get these Multi million dollar companies to buy into you. It is not a passion for MS it is a business, and they are in the grand business of blowing smoke up peoples wazoos.
[ Reply to This | Parent
]
There's nothing of value there (#17687)
by Anonymous Reader on 2002.06.28 13:57
Palladium is supposed to draw users in with some candy, but it's doing it with stuff already out there.
They're promoting secure e-mail, but GPG/PGP is very much a fact. Only, why did NAI stop selling PGP? It's hard to believe it was selling that badly.
They're also promoting secure end-to-end connections, but this exists today, with examples as simple as ssh.
What a sham.
However, I explained Palladium, including the risks and worst-case scenario's, to a Windows user (I use linux myself), and he called me a pessimist. Again, the major advantage MS will have is the disbelief people will hold that they could be screwed over that badly. Until it's too late ofcourse.
[ Reply to This | Parent
]
I just don't understand... (#17706)
by MrWinston on 2002.06.28 15:26 | User Info |
How "freely available" information is seen as a bigger security risk than a Web Server with more holes in it than a block of Swiss cheese.
[ Reply to This | Parent
]
another platform? (#17712)
by Anonymous Reader on 2002.06.28 16:29
I think what MS are doing here, is not just another OS, but the beginnings of another platform. They realise that to keep their empire rolling they need there own hardware platform that they can control. Lets face it, the X86 architecture is flawed, and is the main reason for hacks. And linux is no more secure than XP especially from a fresh install. People can harp about windows as much as they like but what linux people seem to forget is that linux lacks drivers and simplicity and is in danger of turning into another amiga.
[ Reply to This | Parent
]
Reminds me of RMS's (#17713)
by Anonymous Reader on 2002.06.28 16:49
"the right to read". Great article.
[ Reply to This | Parent
]
It's worse than just DRM (#17721)
by ssavitzky on 2002.06.28 20:22 | User Info | Home Page |
The way Palladium guarantees control over digital rights management is by starting with a ``secure boot'' -- just like Xbox today, which uses a remarkably similar (perhaps identical) mechanism.
This means that with Palladium on your motherboard, you will not be able to even boot an ``insecure'' OS.
Microsoft is hoping we won't notice this ``feature''.
[ Reply to This | Parent
]
Wonderful news for Linux & OSS... (#17722)
by surfimp on 2002.06.28 20:55 | User Info | Home Page |
"The more you tighten your grip, Tarkin, the more star systems will slip through your fingers."
My forecast: I think that, if Palladium gets implemented as described, it's going to send people to Linux and OSS in DROVES. Who wants to buy hardware/software that completely constrains your ability to do ANYTHING outside of what Big Daddy Bill spec'ed for you? If people are THAT stupid, I will consider it impressive. Most impressive.
I think it's a sinking ship for the hardware manufacturers as well, for the same reason.
Okay desktop Linux hackers, get to work! :)
-- Insert witty URL here
[ Reply to This | Parent
]
What about Macs? (#17733)
by Anonymous Reader on 2002.06.29 1:49
I am not that familiar with Macs, but MacOS is praised as simple and userfriendly and below there is almost Linux (again afaik). Wouldnt the natural switch for J. RandomUser be to Mac instead of Linux? And did Apple announce anything Palladium-like?
[ Reply to This | Parent
]
Control (#17743)
by Anonymous Reader on 2002.06.29 3:38
It's all about control. Let us for a moment forget the fact that you will not be able to boot Linux or run uncertified software. What it means is that you will be indentified all the time not only by your IP but with real identification. So whenever you will send an e-mail or post any post it will be identified as "this user from this machine". That actually means if Linux will become underground system and if you post something like "i love Linux" you will be shitlisted and that will allow some instance to monitor you and your activities. If statements like this will be on regular basis some sort of police will be authorized to check you and your apartment. This will be a state security issue.
Some people think they will be able to run some hardware that will not be pached. Mistake! I bet your ISP will not allow you to connect to internet without a proper identification. For security reason of course.
Every state will love this "feature". "Total control"! You visited a warez site? Yo are potencional criminal! You visited fsf.org site? You are a communist! You visited a Linux news site? You are an underground activist fighting to destroy Palladium! If such sites pass Palladium authentication at all.
And people are afraid that they will not be able to play their riped MP3's?
The question will not be "will i be able to run an alternative OS" but "do i need computers so much that i agree in such control". For me that means if they can put an end to Linux, free software and free computing (as alternative to Trustworthy computing) my interest in computers are dead. How many of you will buy a car that send information of your current speed etc. to the police allowing them to charge you for every traffic violation in real time?
[ Reply to This | Parent
]
|
 |
 |
 |
 |
|

Photon 3
Slap this on your
keyring, and you'll
probably never take it
off. Comes with
Strobe and Dimming
effects. Light source is
an ultra-bright,
unbreakable LED Bulb.
www.thinkgeek.com
|
|