Cryptogram: Palladium Only for DRM
Greg Rose
ggr at qualcomm.com
Mon Sep 16 18:21:15 EDT 2002
At 06:45 PM 9/16/2002 +0000, David Wagner wrote:
>[snip...] or for its other features that could be used to
>take away control from the owner of the machine. A banking application
>is a great example where the user's and the bank's interests are aligned,
>and hence there is no need for physical security or for a semi-coercive
>infrastructure for taking control away from the owner of the machine.
Well, the bank's and the users' interests are only *mostly* aligned. The
user really wants to be able, in the case of some strange disagreement, to
take the application to a disassembler and show that it occasionally
transfers twice as much money as it is supposed to, and show that its own
records note such transfers. Under Palladium, the user loses the ability to
audit either the program itself or the program's static data. In theory,
this doesn't matter, but in practice...
I agree that all of the other protections can be provided by proper
OS-level security, and don't need Pd. So again, Pd just takes that
burdensome self-protection ability away from the user.
Greg.
Greg Rose INTERNET: ggr at qualcomm.com
Qualcomm Australia VOICE: +61-2-9817 4188 FAX: +61-2-9817 5199
Level 3, 230 Victoria Road, http://people.qualcomm.com/ggr/
Gladesville NSW 2111 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list