[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FYI] Arnold Reinhold on MS-Palladium
- To: debate@lists.fitug.de
- Subject: [FYI] Arnold Reinhold on MS-Palladium
- From: "Axel H Horns" <horns@ipjur.com>
- Date: Tue, 22 Oct 2002 20:04:14 +0200
- Delivered-To: mailing list debate@lists.fitug.de
- List-Help: <mailto:debate-help@lists.fitug.de>
- List-Id: <debate.lists.fitug.de>
- List-Post: <mailto:debate@lists.fitug.de>
- List-Subscribe: <mailto:debate-subscribe@lists.fitug.de>
- List-Unsubscribe: <mailto:debate-unsubscribe@lists.fitug.de>
- Mailing-List: contact debate-help@lists.fitug.de; run by ezmlm
- Organization: NONE
- Priority: normal
http://cryptome.org/palladium-mit.htm
---------------------------- CUT -----------------------------
[...]
I went. It was a good talk. The room was jam packed. Brian is very
forthright and sincere. After he finished speaking, Richard Stallman
gave an uninvited rebuttal speech, saying Palladium was very
dangerous and ought to be banned. His concerns are legitimate, but
the net effect, I think, was to make the Q&A session that followed
less hostile.
Palladium sets up a separate trusted virtual computer inside the PC
processor, with its own OS, called Nexus, and it own applications,
called agents. The trusted computer communicates with a security co-
processor on the mother board, and has a secure channel to your
keyboard and mouse and to a selected window on your CRT screen.
How to prevent the secure channel to the on-screen window from being
spoofed is still an open problem. Brian suggested a secure mode LED
that lights when that window has focus or having the secure window
display a mother's-maden-name type code word that you only tell
Nexus. Of course this doesn't matter for DRM since *your* trusting
the window is not the issue.
All disk and network I/O is done thru the untrusted Windows OS on the
theory that the trusted machine will encrypt anything it wants to
keep private. Windows even takes care of Nexus scheduling.
A major design goal is that all existing software must run without
change. Users are not required to boot Palladium at all, and are to
be able to boot it long after Windows has booted.
[...]
There is also a change to the PC memory management to support a
trusted bit for memory segments. Programs not in trusted mode can't
access trusted memory. Also there will be three additional x86
instructions (in microcode) to support secure boot of the trusted
kernel and present a SHA1 hash of the kernel code in a read only
register. There may be a hole somewhere, but Microsoft is trying
hard to get it right and Brian seemed quite competent.
[...]
The real question from Microsoft's stand point is will the
entertainment industry be satisfied with Palladium's level of
security and release content that can play on Palladium equipped PCs?
DVDs aren't Hollywood's main problem. Movies are becoming available
online long before the DVD is released. Hollywood probably wants
something that monitors ALL content for watermarks. Palladium as
presented doesn't do this. But again it is a platform. Once it
exists, a later version of Windows might require it to be up and
would then verify all content displayed. If Hollywood doesn't
convince Microsoft to do this, Sen. Hollings will be more than glad
to introduce the necessary legislation. To paraphrase Stallman's
rant, in the Palladium context Alice and Bob are corporations and
Mallory is the PC owner.
---------------------------- CUT -----------------------------
--
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de