Microsoft: Palladium will not limit what you can run
    Jay Sulzberger 
    jays at panix.com
       
    Thu Mar 13 21:45:43 EST 2003
    
    
  
On Thu, 13 Mar 2003, Hermes Remailer wrote:
> The following comes from Microsoft's recent mailing of their awkwardly
> named "Windows Trusted Platform Technologies Information Newsletter
> March 2003".  Since they've abandoned the Palladium name they are forced
> to use this cumbersome title.
>
> Hopefully this will shed light on the frequent claims that Palladium will
> limit what programs people can run, or "take over root" on your computer,
> and similar statements by people who ought to know better.  It is too
> much to expect these "experts" to publicly revise their opinions, but
> perhaps going forward they can begin gradually to bring their claims
> into line with reality.
The Xbox will not boot any free kernel without hardware modification.
The Xbox is an IBM style peecee with some feeble hardware and software DRM.
A Palladiated box is an IBM style peecee with serious hardware and software
DRM.
So, a fortiori, your claim is false.
oo--JS.
>
> An Open and Interoperable Foundation for Secure Computing
>
> By John Manferdelli, General Manager, Windows Trusted Platform Technologies
> Microsoft Corporation
>
> The Next-Generation Secure Computing Base (NGSCB) is part of Microsofts
> long-term effort to deliver on our vision of Trustworthy Computing. We
> are pleased that independent observers and many journalists continue
> to show interest in NGSCB and what it will enable. While much of the
> response has been positive, especially among analysts, security experts
> and people concerned with privacy, we recognize that there are still
> questions about NGSCB, and still a great deal of misunderstanding and
> speculation around our intentions.
>
> In this newsletter Id like to set the record straight on one of the more
> common and persistent concerns, specifically that the NGSCB architecture
> will limit the things that people can do with computers by forcing them
> to run only approved software, or software that is digitally signed.
> In fact, NGSCB intends to do no such thing. It is important to understand
> that NGSCB is operating system technology. Just as anyone can build a
> program to run on Windows today using widely-published APIs, they will
> be able to build new programs tomorrow that take advantage of the NGSCB
> architecture when it is included in a future version of Windows. How these
> new programs are built  and what they will require of the user  are
> questions for the application developer to answer. But NGSCB inherently
> has no requirements forcing approval of code, digital signatures, or
> any other such qualifying mechanism. NGSCB will run any software that is
> built to take advantage of its capabilities, and it will only run with
> the users approval. Moreover, even when NGSCB is running, programs that
> are not using NGSCB features will operate just as they do today.  It is
> true that NGSCB functionality can be used by an application (written by
> anyone) to enforce a policy that is agreed to by a user and a provider,
> including policies related to other software that the application can
> load. Such a policy could, for example:
>
> - Govern how private information is used by software
> - Prevent malicious code from snooping private information, stealing keys,
>   or corrupting important information (i.e., banking transaction data)
> - Govern how intellectual property running inside the application can
>   be used
>
> Policies like these could be set by the user at his or her sole
> discretion, or they could be set in a manner mutually agreed to by
> a user and one or more parties. However, NGSCB does no screening of
> application components or content, and if any screening took place,
> it would be within the isolated bounds of an application running under
> NGSCB. Moreover, no NGSCB application can censor content played by
> another NGSCB application.
>
> Policy in the Hands of the User
>
> The extent to which the NGSCB will be beneficial will largely depend on
> the wisdom of the policies that people choose to embrace. We are designing
> NGSCB to give individuals visibility to the policies available to them
> in the programs they run, as well as control over how they proceed. By
> offering new features to enhance privacy, security and system integrity,
> we can foresee NGSCB enabling a wide range of beneficial scenarios,
> including the following:
>
> - Helping to protect personal medical information
> - Preventing a bad application from interfering with a banking transaction
> - Preventing viruses from harming programs or data
> - Preventing unauthorized people or applications from accessing a computer
>   remotely and carrying out unauthorized actions
>
> My colleagues and I appreciate your interest in the work we are doing. We
> know we still have a lot of work to do, and value the beneficial influence
> that discussion and debate provide as we strive to deliver trustworthy
> computing technologies.
>
> - John Manferdelli
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
    
    
More information about the cryptography
mailing list