[Boing Boing Blog] More sharp notes on Palladium
R. A. Hettinga
rah at shipwright.com
Sat Jul 6 18:11:24 EDT 2002
--- begin forwarded text
Status: U
To: boingboing-mailblog at yahoogroups.com
From: "Cory Doctorow" <doctorow at craphound.com>
Mailing-List: list boingboing-mailblog at yahoogroups.com; contact
boingboing-mailblog-owner at yahoogroups.com
Date: Sat, 06 Jul 2002 11:13:25 -0700
Subject: [Boing Boing Blog] More sharp notes on Palladium
Reply-To: boingboing-mailblog-owner at yahoogroups.com
<http://groups.yahoo.com/> <http://groups.yahoo.com/mygroups>My Groups |
<http://groups.yahoo.com/group/boingboing-mailblog>boingboing-mailblog Main
Page
Seth has posted further, in-depth notes about our meeting with Microsoft's
Palladium team, going into great detail about the technical workings and
intentions of the system -- and there's no Latin in sight this time! The
closer you look at Palladium, the more civil liberties implications begin
to surface. Again, Seth is the likely most technical person to have
received a briefing like this without signing an NDA; his notes are lucid,
accurate and well-informed.
When you want to start a Palladium PC in trusted mode (note that it doesn't
have to start in trusted mode, and, from what Microsoft said, it sounds
like you could even imagine booting the same OS in either trusted or
untrusted mode, based on a user's choice at boot time), the system hardware
performs what's called an "authenticated boot", in which the system is
placed in a known state and a nub is loaded. A hash (I think it's SHA-1) is
taken of the nub which was just loaded, and the 160-bit hash is stored
unalterably in the PCR, and remains there for as long as the system
continues to operate in trusted mode. Then the operating system kernel can
boot, but the key to the trust in the system is the authentication of the
nub. As long as the system is up, the SCP knows exactly which nub is
currently running; because of the way the CPU works, it is not possible for
any other software to modify the nub or its memory or subvert the nub's
policies. The nub is in some sense in charge of the system at a low level,
but it doesn't usually do things which other software would notice unless
it's asked to.
<http://vitanuova.loyalty.org/2002-07-05.html>Link
<http://www.quicktopic.com/boing/H/5Dxg3vRyNkY6>Discuss
--
Posted by Cory Doctorow to <http://boingboing.net/>Boing Boing Blog at
7/6/2002 11:13:23 AM
Powered by <http://pro2.blogger.com>Blogger Pro
To unsubscribe from this group, send an email to:
boingboing-mailblog-unsubscribe at yahoogroups.com
Your use of Yahoo! Groups is subject to the
<http://docs.yahoo.com/info/terms/>Yahoo! Terms of Service.
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list