[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FYI] Bruce Schneier on Palladium and the TCPA
- To: debate@lists.fitug.de
- Subject: [FYI] Bruce Schneier on Palladium and the TCPA
- From: "Axel H Horns" <horns@ipjur.com>
- Date: Sat, 17 Aug 2002 19:19:53 +0200
- CC: krypto@thur.de
- Delivered-To: mailing list debate@lists.fitug.de
- List-Help: <mailto:debate-help@lists.fitug.de>
- List-Id: <debate.lists.fitug.de>
- List-Post: <mailto:debate@lists.fitug.de>
- List-Subscribe: <mailto:debate-subscribe@lists.fitug.de>
- List-Unsubscribe: <mailto:debate-unsubscribe@lists.fitug.de>
- Mailing-List: contact debate-help@lists.fitug.de; run by ezmlm
- Organization: NONE
- Priority: normal
http://www.counterpane.com/crypto-gram-0208.html
------------------------------- CUT -----------------------------
Palladium and the TCPA
[...]
Lots of information about Pd will emanate from Redmond over the next
few years, some of it true and some of it not. Things will change,
and then change again. The final system may not look anything like
what we've seen to date. This is normal, and to be expected, but when
you continue to read about Pd, be sure to keep several things in
mind.
1. A "trusted" computer does not mean a computer that is trustworthy.
The DoD's definition of a trusted system is one that can break your
security policy; i.e., a system that you are forced to trust because
you have no choice. Pd will have trusted features; the jury is still
out as to whether or not they are trustworthy.
2. When you think about a secure computer, the first question you
should ask is: "Secure for whom?" Microsoft has said that Pd allows
the computer-owner to prevent others from putting their own secure
areas on the computer. But really, what is the likelihood of that
really happening? The NSA will be able to buy Pd-enabled computers
and secure them from all outside influence. I doubt that you or I
could, and still enjoy the richness of the Internet. Microsoft really
doesn't care about what you think; they care about what the RIAA and
the MPAA think. Microsoft can't afford to have the media companies
not make their content available on Microsoft platforms, and they
will do what they can to accommodate them. There's often a large gulf
between what you can get in theory -- which is what Microsoft is
stressing in their Pd discussions -- and what you will be able to
have in practice. This is where the primary danger lies.
3. Like everything else Microsoft produces, Pd will have security
holes large enough to drive a truck through. Lots of them. And the
ones that are in hardware will be much harder to fix. Be sure to
separate the Microsoft PR hype about the promise of Pd from the
actual reality of Pd 1.0.
4. Pay attention to the antitrust angle. I guarantee you that
Microsoft believes Pd is a way to extend its market share, not to
increase competition.
[...]
------------------------------- CUT -----------------------------
--
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de