quote:
Q: Will "Palladium" really stop spam/prevent viruses for me?
A: Unfortunately, no. Despite the hype in the media, "Palladium" will not stop spam or prevent viruses all by itself. But by using "Palladium" as a foundation, there are a number of trust and infrastructure models we can build that will help combat spam and viruses in new and effective ways.
Let's look at spam first. There's been plenty of research on techniques to automatically reject spam e-mail or restrict the ability of spammers to generate it in the first place. These techniques include the following:
* Simply rejecting mail that isn't authenticated or digitally signed with a "validated" identity (which would block all anonymous e-mail, including desired anonymous e-mail)
* Forcing spammers to perform some nontrivial computation for each message they wish to send
* Maintaining per-user whitelists and blacklists of senders
* Scoring every inbound e-mail message using heuristics that look for common characteristics of spam messages
"Palladium" systems could certainly be used to improve signing-required or computation-required regimes, compared with what's possible today on conventional hardware. (The latter is probably more interesting because "Palladium" provides facilities that would allow a sender to prove to a recipient that the sender performed a particular computation within the "Palladium" environment.) Clearly, the possibilities for antispam measures on "Palladium" PCs is a research area deserving of further study.
With respect to viruses, the contribution from "Palladium" is a little more straightforward. Since "Palladium" does not interfere with the operation of any program running in the regular Windows environment, everything, including the native OS and viruses, runs there as it does today. So we're still going to need antivirus monitoring and detection software in Windows as well. However, "Palladium" does provide antivirus software with a secure execution environment that cannot be corrupted by infected code, so an antivirus program built on top of a "Palladium" application could guarantee that it hasn't been corrupted. This grounding of the antivirus software allows it to bootstrap itself into a guaranteed execution state, something it can't do today.
WELL THEN WHAT THE FUCK IS THE POINT OF THE WHOLE THING? THIS IS THEIR ONE BAD EXCUSE FOR MAKING IT, AND THEY CAN'T EVEN SAY IT WILL ACCOMPLISH THAT!
Convert now or forever be undermined by useless security measures.