I Told You So

[R. A. Hettinga]

http://www.pbs.org/cringely/pulpit/pulpit20020627.html


JUNE 27, 2002
I Told You So
Alas, a Couple of Bob's Dire Predictions Have Come True

By Robert X. Cringely

Just over three years ago I wrote a column titled "Cooking the Books: How
Clever Accounting Techniques are Used to Make Internet Millionaires." It
explained how telecom companies were using accounting tricks to create
revenue where there really was none. Take another look at the column (it's
among the links on the "I Like It" page), and think of Worldcom with its
recently revealed $3.7 billion in hidden expenses. Then last August, I
wrote a column titled "The Death of TCP/IP: Why the Age of Internet
Innocence is Over." Take a look at that column, too, and think about
Microsoft's just-revealed project called Palladium.

The end is near.

Sometimes I'd rather be wrong, but it's a no-brainer to guess that
accountancy, which has apparently become something of an art form or
interpretive dance, could have a dark side. And you'll never lose money
betting for Microsoft and against Microsoft's competitors and customers.

Let's concentrate on the Microsoft story. Last August, I wrote of a rumor
that Microsoft wanted to replace TCP/IP with a proprietary protocol -- a
protocol owned by Microsoft -- that it would tout as being more secure.
Actually, the new protocol would likely be TCP/IP with some of the reserved
fields used as pointers to proprietary extensions, quite similar to Vines
IP, if you remember that product from Banyan Systems. I called it TCP/MS in
the column. How do you push for the acceptance of such a protocol? First,
make the old one unworkable by placing millions of exploitable TCP/IP
stacks out on the Net, ready-to-use by any teenage sociopath. When the Net
slows or crashes, the blame would not be assigned to Microsoft. Then ship
the new protocol with every new copy of Windows, and install it with every
Windows Update over the Internet. Zero to 100 million copies could happen
in less than a year.

This week, Microsoft announced Palladium through an exclusive story in
Newsweek written by Steven Levy, who ought to have known better. Palladium
is the code name for a Microsoft project to make all Internet communication
safer by essentially pasting a digital certificate on every application,
message, byte, and machine on the Net, then encrypting the data EVEN INSIDE
YOUR COMPUTER PROCESSOR. Palladium compatible hardware (presumably chipsets
and motherboards) will come from both AMD and Intel, and the software will,
of course, come from Microsoft. That software is what I had dubbed TCP/MS.

The point of all this is simple. It may actually make the Internet somewhat
safer. But the real purpose of this stuff, I fear, is to take technology
owned by nobody (TCP/IP) and replace it with technology owned by Redmond.
That's taking the Internet and turning it into MSN. Oh, and we'll all have
to buy new computers.

This is diabolical. If Microsoft is successful, Palladium will give Bill
Gates a piece of every transaction of any type while at the same time
marginalizing the work of any competitor who doesn't choose to be
Palladium-compliant. So much for Linux and Open Source, but it goes even
further than that. So much for Apple and the Macintosh. It's a militarized
network architecture only Dick Cheney could love.

Ironically, Microsoft says they will reveal Palladium's source code, which
is little more than a head feint toward the Open Source movement. Nobody at
Microsoft is saying anything about giving the ownership of that source code
away or of allowing just anyone to change it.

Under Palladium as I understand it, the Internet goes from being ours to
being theirs. The very data on your hard drive ceases to be yours because
it could self-destruct at any time. We'll end up paying rent to use our own
data!

Can you tell I think this is a bad idea?

What bothers me the most about it is not just that we are being sold a bill
of goods by the very outfit responsible for making possible most current
Internet security problems. "The world is a fearful place (because we
allowed it to be by introducing vulnerable designs followed by clueless
security initiatives) so let us fix it for you." Yeah, right. Yet Palladium
has a very real chance of succeeding.

How long until only code signed by Microsoft will be allowed to run on the
platform? It seems that Microsoft is trying to implement a system that will
enable them, once and for all, to charge game console-like royalties to
software developers.

But how will this stop the "I just e-mailed you a virus" problem? How does
this stop my personal information being sucked out of my PC using cookies?
It won't. Solving those particular problems is not Palladium's real
purpose, which is to increase Microsoft's market share. It is a marketing
concept that will be sold as the solution to a problem. It won't really
work.

Let's understand here that not all Microsoft products are bad and many are
very good. Those products serve real customer needs and do so with genuine
purpose, not marketing artifice. But Palladium isn't that way at all. This
is NOT about making things better for the user. This is about removing the
ability for the end user to make decisions about how his or her computer
functions. It is an effort by Microsoft to take literal ownership of
Internet technology, Microsoft's "embrace and extend" strategy applied for
the Nth time, though on a grander scale than we've ever seen before. While
there is some doubt that the PC will survive a decade from now as a product
category, nobody is suggesting the Internet will do anything but grow and
grow over that time. Palladium assures that whatever hardware is running on
the network of 10 years from now, it will be generating revenue for
Microsoft. There is nothing wrong with Microsoft having a survival
strategy, but plenty wrong with presenting it as some big favor they are
doing for us and for the world.

What's saddest about this story is that it could be positive. The world is
a dangerous place and finding ways to make people responsible for what they
do on the Net is probably good, not bad. I just don't think we have the
right people on the job.




Home | The Pulpit | I Like It | Baloney | Old Hat | Tell Me When | Pass It
On | Bob's World

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com