Palladium, innocent.

[anphanax]

Heres one article:
http://www.microsoft.com/presspass/features/
2002/jul02/0724palladiumwp.asp
(You can search for the rest, I have spent time
gathering info for a briefing, but never kept
track of sources.)

After reading all this, At first i wasn't sure what to
think. People seem to be worried about this
palladium technology, quite a bit. Many of them
I has talked to had no idea what it actually was.
If you want MS to tell you, visit the site above.


Now, here's what they claim security wise:
Special Palladium-enhanced applications, will be
able to utilize the technology, and ONLY if the
user allows it to do so. It will prevent viruses
as each program enhanced with palladium can run
in a protected memory envirment where nothing,
even the operating system can control it. I
can't wait to see the exploits for that    . They
also are stating there will be NO backdoors for
government use, but they don't seem to say
anything about their use, except they feel
backdoor and failsafes could be security threats
to the palladium architecture. Files may also
be vaulted by trusted sources and can only
be accessed by them as well. (What happens
when someone tricks the user into vaulting
critical system files?)

As for the trusted computer and DRM, they have
stated that palladium wont required these
technologies and vice versa. However each may
utilize each other.

(http://www.microsoft.com/presspass/features
/2002/nov02/11-18twcroundtable.asp)
Microsofts goal:
"Invisible Security"

Why palladium is reasonably dangerous:
Bill gates himself stated the software
itself would have bugs. Everything generally
has bugs. Microsoft Windows is (you would have
to be an idiot not to notice) proprietary. MS
is widely known for their amazing security holes.
That itself bothers me. Another thing is
this whole, user must OK palladium to perform
palladium-related operations. That sounds
great, except for the fact, that doesn't
make you safe from windows. Windows seems to
like connecting to the internet alot,
exchanging info here and there. You wont have control
like they may say you will. One OK may mean:
ex.
internet explorer can run in palladium's safe enviroment.
nothing can modify it's processes
my firewall isn't working. =O.
I don't want to download a windows update.
I can't exit explorer without doing so.
I can't kill it out of memory.

which also brings up HUNG APPLICATIONS
which are in this protected memory.
ex.
MS Word is vaulting files and
moves itself into a protected
page file.
MS Word crashes.
You cannot ctrl+alt+del it.
(the operating system cannot affect
these programs)
goodbye!  

I know others have put personal thought into
this issue, and fealt like sharing a different view.

[ December 11, 2002: Message edited by: anphanax ]

[Doctor V]

Palladium will cost x amount of money to develope.  Adding new features always does this.  In order to develope it, intel and AMD will have to spend money, money that could otherwise go to making better, faster chips.  I don't want to have to pay for the development of fritz chips because I don't want to use them.  I don't want to buy fritz chips because I don't want to use them.  I want to be able to use my entire processor, and not have a part of it that I don't use.

Palladium will also possibly undermine the GPL, and make it much harder to make applications that are compatible with M$ documents.

In some places, they say the you can turn Palladium's DRM features off.  But you can't turn it completely off.  It will monitor your system to make sure no untrusted stuff is on the HD.  The computer may not boot if there is.  Various hardware (speakers) will not function unless the documents given to them (mp3s) are trusted.

I want control over all the data on my computer, the way it is right now.  I don't like the idea of having parts of my computer not listen to me unless they have approval from outside partys.  That is just wrong, and nobody gains anything but the (evil) content providers.

[jtpenrod]

quote:Now, here's what they claim security wise:
Special Palladium-enhanced applications, will be
able to utilize the technology, and ONLY if the
user allows it to do so. It will prevent viruses
as each program enhanced with palladium can run
in a protected memory envirment where nothing,
even the operating system can control it. I
can't wait to see the exploits for that . They
also are stating there will be NO backdoors for
government use, but they don't seem to say
anything about their use, except they feel
backdoor and failsafes could be security threats
to the palladium architecture.

Now where have we seen this tactic before? M$ has well learned the lesson of the boiled frog. You can't throw a frog into boiling water, as he'll jump out immediately. However, you can put the frog into a pot of cool water. Then slowly turn up the heat, and he'll boil before he realizes anything is wrong.

This is exactly what M$ did with XP. Before the grand release last year, there was lots of speculation about how bad WPA would be. So M$ went out of their way to make this as painless as possible. If you were concerned about privacy, they'd even let you activate over the phone. They also didn't question repeated requests for activation. It was all much ado about nothing. So all the froggies jumped into the nice, cool water. Then they began to turn up the heat: the revelations about the undocumented "daemons" that go running home to mother every time you go on-line, the pay-now-or-you'll-really-pay-later License 6, the viral EULA that accompanies Win XP SP 1. Seems to be getting rather warm in that pot, a year later, doesn't it?      

They will do the same thing with Palladium. At first, it will seem to be NBD. You'll be able to turn it off at will, disable DRM, rest assured that there aren't any backdoors into your system. All that will come in later "service packs". Don't worry, His Gatesness won't throw you into a pot of boiling water.      
______________________________________
Live Free or Die: Linux

Their fundamental design flaws are completely concealed by their superficial design flaws.

[ December 11, 2002: Message edited by: jtpenrod ]

[Doctor V]

Perfect example, that IS exactly what M$ does.

[mobrien_12]

The boiled frog analogy is great.  I'd like to use that some time.