Microslosh vision of the future
blitz
blitz at macronet.net
Sun Aug 11 22:50:37 UTC 2002
>
>
>>
>>So read about Palladianism, and tell me the different between Palladium
>>and Server 2000........
>>
>>Windows Palladium, the end of privacy as we know it.
>>
>>This taken from various sources encluding UHA and deviantart, the
>>register and slashdot., Disturbing news..
>>
>>Earlier this week, Microsoft outlined their plans for their next
>>generation of operating systems, codenamed Longhorn/Palladium. Among the
>>features touted was the "secure networking" functions that OS would offer.
>>
>>Firstly:
>>Microsoft plans to implement Palladium DRM (digital rights management) in
>>a hardware chip, initially implanted on the mobo, but later on embedded
>>in the CPU, and employing hardwired encryption throughout. The purpose of
>>this is to flag every file on the computer with a digital signature
>>telling a remote server what it is. If it's an unauthorized file, the
>>remote server will tell your computer not to let you execute it.
>>
>>This is basically an attempt to stop the trading of mp3's and/or warez.
>>
>>Secondly:
>>Before an application can run, it too must have a digital signature
>>remotely verified by another server. If the program binary doesn't match
>>with any of the authenticated binaries, your computer won't run it. This,
>>again, is meant to stop your computer running "unauthorized" software -
>>which might be warez, or it might just be a nifty freeware program that
>>the authors can't afford to have certified. Microsoft will be able to
>>control exactly what your computer can and can't run.
>>
>>Thirdly:
>>As most of you know, Microsoft employ a strategy of making their software
>>deliberately obsolete - they make it forward compatible, but not backward
>>compatible. With the laws of the DMCA, it will soon be illegal to try to
>>make a software product that is compatible with another programs file
>>types (for example, take the many office applications there are for Linux
>>which have had some success in translating their arcane file formats).
>>This has the effect of killing any competition in the water - since
>>you're not allowed to make your new product compatible with any of the
>>others, no-one will use it. And eventually people will give up using any
>>of the others instead, since no-one else can read their documents. So the
>>entire world will be left with one choice only for software - Microsoft.
>>
>>Fourthly (I don't know if that's a word, but it should be):
>>Palladium will effectively ban free software, not just free stuff for
>>Windows platforms, but free stuff for Linux, Mac, in fact every OS that
>>runs on a Palladium enabled motherboard/processor. Why?
>>In order to get the program to run on a palladium platform, you will need
>>to pay to have your binary certified as "safe" by Microsoft's software
>>authentification branch. And who in their right mind is going to pay for
>>a piece of software they spent hours working on? It just wouldn't be worth it.
>>
>>It gets worse when it comes to open source projects, such as Linux and
>>BSD. Those of you who know about these things will know that open source
>>projects are created by freelance coders all over the world who create
>>programs in their spare time and then give them to the rest of the world
>>for free. Many of them also release the source code for free too, so that
>>if you wish you can alter the program (such as to fix bugs, add features etc).
>>Now, it would be bad enough if the owner has to pay a certification fee.
>>But EVERY CHANGE that is made to the source code will require a new,
>>separate certificate to be created. Those of you who use Linux will know
>>that so many things get updated so quickly, that this just isn't
>>practical, and would cost the open source development people millions of
>>dollars. This is money they just don't have, and Microsoft knows it.
>>
>>Fifthly:
>>The "secure network". This is the real clincher for Palladium. At first,
>>they're going to make it so that it is possible to turn Palladium off at
>>the hardware level. But it is created in such a way so that, if you try
>>to connect to a Palladium web server, you won't be allowed to. Palladium
>>machines will only be able to talk to other Palladium machines, and
>>non-Palladium machines won't be able to talk to any Palladium machines.
>>Hence, if Palladium reaches critical mass, there will be thousands of
>>people the world over who won't be able to access the internet or even
>>work on a network with Palladium machines, so by extension they will be
>>forced to "upgrade" to Palladium machines.
>>
>>Sixthly:
>>At first I thought: what the hell, this is only going to apply to x86
>>architecture (namely Athlon and Pentium chips, since it's only AMD and
>>Intel who are involved at the moment). So, I could try another hardware
>>architecture: such as the Mac/PPC, or the Sun Sparc, or an ARM, or any
>>other kind of processor.
>>But then I realside that even if I did, I wouldn't be able to access the
>>"Palladium network" which could encompass the entire internet if this
>>concept goes far enough. So all you Mac users would be effectively locked
>>out; you too would have adopt a Palladium machine if you wanted your
>>computer to actually do anything.
>>
>>Seventhly:
>>Palladium will enable all your documents to be controlled remotely. No,
>>this is not a joke. If Microsoft find you are using an outdated version
>>of Office, all they need to do is send a message to your computer and it
>>will no longer let you read any of your documents that were created with
>>that application.
>>Even more sinister is that if Microsoft take offence at any of the
>>documents on your machine (this could be porn, it could be a simple
>>document containing DeCSS information or anti-Palladium information) then
>>they can delete or alter it not just from your PC but from every other
>>Palladium PC on the network.
>>This has a remarkable similarity to the "Ministry of Truth" in George
>>Orwell's "1984" where the government continually faked information, both
>>new and old, the entire country over to make themsleves appear "correct"
>>all the time.
>>
>>
>>If Palladium ever becomes widespread enough, the internet as we know it
>>today will be dead. Instead of being controlled by us, it will be
>>controlled by Microsoft, and you will have no choice to do exactly what
>>they say.
>>
>>Hence why I want to tell as many people about this atrocious idea before
>>it become spopular, and M$ administer their miraculous spin to it to make
>>it sound like the best thing since sliced bread.
>>
>>
>>Darn, I forgot to post the links explaining about it. I'll also put up a
>>few emails from some mailing lists me and my friends are members of.
>>
>>Initial outline of Palladium [link]
>>
>>Analysis on how Palladium is solely designed to protect IT businesses
>>such as Microsoft [link]
>>
>>The Palladium FAQ [link]
>>
>>How Palladium has the potential to eradicate Linux [link]
>>
>>======================================
>>
>>The following is an excerpt from an email by "Lucky Green" one of the
>>worlds most renowned cryptography hackers:
>>
>>[Minor plug: I am scheduled to give a talk on TCPA at this year's DEF CON
>>security conference. I promise it will be an interesting talk. [link] ]
>>
>>Below are two more additional TCPA plays that I am in a position to mention:
>>
>>1) Permanently lock out competitors from your file formats.
>>
>>- From Steven Levy's article:
>>"A more interesting possibility is that Palladium could help introduce
>>DRM to business and just plain people. It's a funny thing," says Bill
>>Gates. "We came at this thinking about music, but then we realized that
>>e-mail and documents were far more interesting domains."
>>
>>Here it is why it is a more interesting possibility to Microsoft for
>>Palladium to help introduce DRM to business and "just plain people" than
>>to solely utilize DRM to prevent copying of digital entertainment content:
>>
>>It is true that Microsoft, Intel, and other key TCPA members consider DRM
>>an enabler of the PC as the hub of the future home entertainment network.
>>As Ross pointed out, by adding DRM to the platform, Microsoft
>>and Intel, are able to grow the market for the platform.
>>
>>However, this alone does little to enhance Microsoft's already sizable
>>existing core business. As Bill Gates stated, Microsoft plans to wrap
>>their entire set of file formats with DRM. How does this help Microsoft's
>>core business? Very simple: enabling DRM for MS Word
>>documents makes it illegal under the DMCA to create competing software
>>that can read or otherwise process the application's file format without
>>the application vendor's permission.
>>
>>Future maintainers of open source office suites will be faced with a very
>>simple choice: don't enable the software to read Microsoft's file formats
>>or go to jail. Anyone who doubts that such a thing could happen
>>is encouraged to familiarize themselves with the case of Dmitry Skylarov,
>>who was arrested after last year's DEF CON conference for creating
>>software that permitted processing of a DRM- wrapped document
>>file format.
>>
>>Permanently locking out competition is a feature that of course does not
>>just appeal to Microsoft alone. A great many dominant application vendors
>>are looking forward to locking out their competition. The beauty of this
>>play is that the application vendors themselves never need to make that
>>call to the FBI themselves and incur the resultant backlash from the
>>public that Adobe experienced in the Skylarov case. The content
>>providers or some of those utilizing the ubiquitously supported DRM
>>features will eagerly make that call instead.
>>
>>In one fell swoop, application vendors, such as Microsoft and many
>>others, create a situation in which the full force of the U.S. judicial
>>system can be brought to bear on anyone attempting to compete with a
>>dominant application vendor. This is one of the several ways in which
>>TCPA enables stifling competition.
>>
>>The above is one of the near to medium objectives the TCPA helps meet.
>>[The short-term core application objective is of course to ensure payment
>>for any and all copies of your application out there]. Below is a mid to
>>long term objective:
>>
>>2) Lock documents to application licensing
>>
>>As the Levy article mentions, Palladium will permit the creation of
>>documents with a given lifetime. This feature by necessity requires a
>>secure clock, not just at the desktop of the creator of the document, but
>>also on the desktops of all parties that might in the future read
>>such documents. Since PC's do not ship with secure clocks that the owner
>>of the PC is unable to alter and since the TCPA's specs do not mandate
>>such an expensive hardware solution, any implementation of limited
>>lifetime documents must by necessity obtain the time elsewhere. The
>>obvious source for secure time is a TPM authenticated time server that
>>distributes the time over the Internet.
>>
>>In other words, Palladium and other TCPA-based applications will require
>>at least occasional Internet access to operate. It is during such
>>mandatory Internet access that licensing-related information will be
>>pushed to the desktop. One such set of information would be blacklists of
>>widely-distributed pirated copies of application software (you don't need
>>TCPA for this feature if the user downloads and installs periodic
>>software updates, but the user may choose to live with
>>application bugs that are fixed in the update rather than see her unpaid
>>software disabled).
>>
>>With TCPA and DRM on all documents, the application vendor's powers
>>increase vastly: the application vendor can now not just invalidate
>>copies of applications for failure to pay ongoing licensing fees, but can
>>invalidate all documents that were ever created with the help of
>>this application. Regardless how widely the documents may have been
>>distributed or on who's computer the documents may reside at present.
>>
>>Furthermore, this feature enables world-wide remote invalidation of a
>>document file for reasons other than failure to pay ongoing licensing
>>fees to the application vendor. To give just one example, documents can
>>be remotely invalidated pursuant to a court order, as might be given if
>>the author of the document were to distribute DeCSS v3 or Scientology
>>scriptures in the future DRM protected format. All that is required to
>>perform such an administrative invalidation of a document is either a
>>sample copy of the document from which one can obtain its globally unique
>>ID, the serial number of the application that created the document, or
>>the public key of the person who licensed the application. (Other ways to
>>exist but are omitted in the interest of brevity).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nanog.org/pipermail/nanog/attachments/20020811/99aa408e/attachment.html>
More information about the NANOG
mailing list