Microsoft officials poured cold water on a published report that said its Next-Generation Secure Computing Base (NGSCB, code-named Palladium) project is being canned. “The project is continuing full steam ahead. It’s alive and kicking and we’re very excited about it. The vision has been refined over the last year but it’s absolutely not true that it’s being killed,” MS product manager Mario Juarez said.
Microsoft: Full Steam Ahead for Palladium
About The Author
Eugenia Loli
Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker.
Follow me on Twitter @EugeniaLoli
Oh man, Palladium can be done right, or… it can be done very wrong… I really sugest people if they have time read up on Palladium, it scared me..
It doesn’t scare me much actually, I think it’s a good bad thing. It will hopefully create a small (or big) market of users that doesn’t want this and companies will create systems that doesn’t include it. That’s what I hope for anyway, but it’s also likely not to happend if Palladium is hasslefree enough that people actually will put up with it.
Besides I have hardware that will work for at least 10 more years, and the software I have will never stop working. At least I won’t have to be affected if I want to continue using computers.
I’m getting tired of people gladely swallowing anything that MS puts in their mouths. They can go along and do that if they want to, I don’t care about them anymore.
>>Besides I have hardware that will work for at least 10 more years, and the software I have will never stop working. At least I won’t have to be affected if I want to continue using computers.
So you plan to be dead in ten years or what? What if you want to get a new computer in ten years and it’s illegal to sell a non-Palladium motherboard in the North America and most of the rest Westernized world? Everyone is banking on the idea that there will be a market for non-Palladium motherboards and manufacturers willing to make them, and that may not be the case. It’s not like just anybody can shimmy up a CPU and BIOS chips in their basement. If a large corporation with the equipment and resources isn’t willing to do it, you’re out of luck and so are we all.
So you plan to be dead in ten years or what? What if you want to get a new computer in ten years and it’s illegal to sell a non-Palladium motherboard in the North America and most of the rest Westernized world?
If it becomes illegal, then I’ll simply stop using computers, at least the way I use them now. It will be pretty hard to live in the regular western world and not interface with a computer once in a while, but you know what I mean.
10 years is a short time, but a lot of things can happend, especially if you consider asias role in the industry.
PS. My initial plan was to be dead within 2 years, but I just have too many things to finish off before that happends.
Besides, how would they be able to make it illegal? What is a motherboard exactly? and what is a computer? would a pocket calculator be required to have palladium? or a car?
I just don’t see how they would be able to enforce people to use it by making non-Palladium equipment illegal.
@rain
I agree!
But seriously, what are the chanses of palladium-free equipment would be banned from the market. really!
Buy AMD or a PPC, run linux (or why not a AmigaOS compatible
or whatever… in ten years a lot of things can happen.
>> Besides, how would they be able to make it illegal? What is a motherboard exactly? and what is a computer? would a pocket calculator be required to have palladium? or a car?
I just don’t see how they would be able to enforce people to use it by making non-Palladium equipment illegal.
You people really can´t believe that sort of things can actually happen…?
Where I live the national broadcasting law (or maybe it is the movie industry national law doesn´t really matter now) states that the country is in the zone 4 regarding DVDs and therefore it is not permitted to sell disc from other zones. So if you have one, you are on the bad side of the story, as simple as that… all it takes in an industry with the will ($$$) to convince a few senators to vote the law.
Sure, they will not come after you for having a zone 1 dvd, like they wouldn´t do it for a pirate copy of an OS, BUT you are still going against the law, AND if some day for any stupid reason, like someone who didn´t like they way you looked at him/her decides to go after you, well you are not as clean as you might like.
This is not against Rain or anyone in particular, but I reallly can´t believe that so many people is unable to look a bit beyond today and try to see the kind of world our children and grandchildren will have to live in.
That makes me terribly sad…
no flames intended.
IBM is one of the founders of the TCPA and AMD already announced that they will develop TCPA/Palladium-ready chips. VIA is also a member of the group.
Unless some unknown CPU maker from China shows up, I think we will have to adopt that technology against our will.
As for the ban of Palladium-free equipment, there’s a senator in the US (Fritz Hollings) that tried to make TC mandatory in all customer electronic. His bill failed and he’s retiring soon (if he didn’t already) but I’m pretty sure that someone else will eventually show up to push the same bill until it’s accepted… Of course, this will make Palladium mandatory only in the US but I’m pretty sure that most western countries (Both Americas & Europe) would eventually adopt it for some reason or another.
From what I understand, TCPA and Palladium are quite different.
Think of TCPA as a firewall for software – it sits between you and your software and nothing can run unless you specify that it is allowed to.
This is fine – and actually makes a lot of sense to me.
Palladium is a layer between you and tcpa where instead of you making up the rules – palladium does it for you.
That’s where it gets scary.
(I could be way off – but that is how I understand it)
With many Governments in the West other than USA looking to OSS alternatives and open standards, I think there is a chance Palladium can be bypassed or killed altogether. Then there are chip fabs starting in China and other parts of Asia which will be able to provide Palladium free material. Need to use our rights as consumers and voters in “Democracies” (sometimes I wonder about the power of democratic citzenry seems to be fading in the glow of coporate power) to kill off such stupid ideas.
Palladium was renamed Trusted Computing Platform Alliance when the word Palladium picked up a bad rap, nothing further. They are the same thing. MS made a big mistake giving such an onerous technology a catchy name, and corrected that by making it cumbersome so it would be harder to discuss.
Palladium was renamed Trusted Computing Platform Alliance when the word Palladium picked up a bad rap, nothing further. They are the same thing. MS made a big mistake giving such an onerous technology a catchy name, and corrected that by making it cumbersome so it would be harder to discuss.
Wrong! Palladium was renamed to “Next Generation Secure Computing Base” or NGSCB for short. Check your facts before posting.
For more information on the name change, see this:
http://www.theregister.co.uk/2003/01/27/bad_publicity_clashes_trigg…
See what I mean about changing it to a cumbersome, hard to remember term to make it harder to discuss? Good job, Microsoft.
>> or NGSCB for short
Catchy.
Read Professor Anderson’s TCPA FAQs, the most authoritative source on this issue.
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
You may also be interested in this:
http://www.againsttcpa.com/index.shtml
This isn’t a done deal and it isn’t too late to stop it. If these companies realize that they will not sell hardware, they will not do it. Now it’s the time to mount a real grassroots campaign around the world. Write to corporate headquarters of all the major hardware makers, write to your local newspaper, contact TV and tell them that the right to tinker, learn and share are being taken away to protect obsolete and anti-competitive practices.
This can be stopped! You have to believe it in your heart that you can stop it and then act upon that belief!
This tech attracts unsubstantiated fear and misinformation everytime it’s mentioned.
NGSCB isn’t an implementation of the TCPA spec, though it expected that version 1.2 of the trusted platform module will be compatable with it.
The NGSCB kernel can be implemented on any system.
It isn’t specific to Windows, nor does it control what software you can run on your system or what OS you boot.
On a computer that has NGSCB-compatable hardware enabled, and an version of Windows that supports NGSCB(could also be another OS, but the OS API implementation would likely differ), the system would boot as usual, and you would use Windows as usual, running any software you choose, just as is done currently.
The NGSCB support in Windows is provided in the form of APIs that application developers must choose to use. If an NGSCB-supporting app is run, the NGSCB kernel is first started, then the app is started.
NGSCB is intentionally limited (especially in Version 1)in the functionality it provides in order to limit the amount of code that has to be checked for security vulnerabilities. Conceptionally, MS splits Windows into the left-hand (Windows) and right-hand (NGSCB) sides. Left-hand side apps can’t touch data or applications running on the right-side w/o going through NGSCB, and being given permission by the NGSCB app that is running or stored data on the right-side.
NGSCB apps will be coded as regular Windows apps and only use the NGSCB APIs for parts that need the extra security (a credit card entry dialog in a banking app for example). The features offered are things like sealed storage, not allowing other applications to co-opt the NGSCB app, not allowing malicious apps to fake UI/cover NGSCB dialogs, disabling screen scrapers/keyloggers, etc. NGSCB has no control over the left-side (Windows) other than mediating access from left-side apps to right-side apps/data.
Regular apps, files, etc., work as they always have, with no requirement that they be signed or protected. Video and input device drivers will likey need to be signed for the NGSCB parts of apps to work (to protect against spoofing, logging, etc.).
Info on NGSCB is available here:
http://www.microsoft.com/resources/ngscb/archive.mspx
http://download.microsoft.com/download/3/8/1/38198a72-294d-46c3-93b…
and the TCPM (version 1.2) here:
https://www.trustedcomputinggroup.org/
@n4cer:
Video and input device drivers will likey need to be signed for the NGSCB parts of apps to work
That’s exactly the point. Your drivers and your kernel will need to be signed. You will not be able to do that yourself, because the “secured application” will not trust you. So forget about self-written or self-compiled drivers/kernels/kernel modules. You are at mercy of your OS vendor, whom you have to trust. This is not a problem for Windows users, or most Mac users, because they use vendor supplied binaries anyway. But is is a problem for any GNU system, because it collides with your freedoms.
Palladum does not scare me, i think Microsoft & any other company that implememnts this technology in their products is shooting theirself in the foot, many many people will simply refuse to buy computers with this technology…
There is an interesting take on this story athe the Reg:
http://www.theregister.co.uk/2004/05/06/microsoft_managed_code_reth…
It looks like MS is admitting it wont have Palladium/NGwhatever ready for Longhorn because of what corporate users want – Rah!!!
But that they are still pushing ahead to try and sort out the technology in a way that would keep corporate users happy – Boo !!!
Seems like both takes on the story were right.
I’d like to believe that with the large market share linux currently has in the server world, and with the market share it’s going to pick up, that there will still be a demand for non-palladium hardware. As long as this is the case, if you are a hardware manufacturer, you cut your own throat by not providing linux compatible hardware. Those using it on servers will have to go to someone other than you now.
Also, the Linux community supposedly has a higher desktop share than Apple. Now whether or not this is actually true (I believe it’s probably pretty close), desktop Linux can be expected to grow in market share (at least some) by the time that Palladium (a fish by any other name is still a fish) comes out. Again, hardware vendors aren’t going to like the idea of not supporting this part of their customer base.
It all comes down to the fact that Linux is making huge inroads in the server arena and making decent inroads into the desktop arena. You don’t simply cut off resources to any part of your installed user base, let alone one that is requested by so many.
and THIS is why i wont be buying longhorn… a true pity, because its the first version of windows every that looks like it will be worth the price tag.
How people forget the fact that the software must be written to use that piece of technology to be of any use. If a media company chooses not to write an application using the new security features, then they’ll have the market place (if there is demand for non-secure content).
It is funny how so many are trying to turn an ant-hill into a mountain by throwing liberal amounts of FUD onto the pile.
The NGSCB kernel (nexus) doesn’t need to be signed, and I appear to be wrong about the drivers. Video and input paths can be protected with special hardware (and even an in-line dongle in the case of the (USB) keyboard). The hardware has a secure mode that it can switch to when an NGSCB app requests. In this mode, it can encrypt the data so that only the intended target can read it. If malicious software in the path tries to snoop the data, it can’t read it, and if the data is changed somewhere along the path, the target will know.
Anyone (with the coding skill) can write their own nexus and use it on their machine and/or distribute it and let other users decide whether it can be trusted. If the distributor publishes the nexus code (this is encouraged), users and/or informal authorities (the FSF or @Stake, for instance, could maintain a list of nexus kernels they have checked and believe to be safe, to help users make a more informed choice) can also check the code before trusting a given nexus. Multiple nexus kernels can be run on a given platform, and the decision of what nexus kernels can run and what apps can use them is left to the user.
From docs:
the TPM comes with a public key certificate signed by the motherboard or TPM manufacturer that is only released to nexuses named by the user as authorized recipients. The public key certificate is the only information that can identify the platform, so each nexus that receives the computer’s certificate (which contains the computer public key) is expected to use it in a manner that is rigorously consistent with a privacy policy set by the user or administrator.
The manufacturer’s certificate (authenticated by its signature) means, informally, “I burned the private key into the motherboard under my published procedure (which ideally also includes losing any trace of the private key). The TPM and the motherboard were manufactured in a manner consistent with my published policy, ensuring the proper security operation of these parts.”
Users can independently choose to:
• Disable all TPM functionality (effectively disabling NGSCB).
• Identify which nexuses can run.
• Specify nexuses that can access the public key certificate for the TPM.
• Name nexuses that have access to PKSeal and PKUnSeal (thereby enabling the Attestation function in NGSCB).
• Name nexuses that are authorized to change the foregoing selections. The hash of nexuses that are authorized to start are set by using a secure user interface (UI), presented by the computer early in the startup sequence. This capability is no longer present after the computer completes the startup, so it cannot be used by malicious code to change settings. This is how the first nexus with the ability to present a UI for the user to modify an approved-nexus list is specified.
Users cannot make these selections through standard software because it can be subject to a software attack.
Because of the importance of nexus source code, it will be made available for inspection, and so will the procedures designed to assure that the hash of the nexus can be verified against the source code producing it.
http://www.microsoft.com/resources/ngscb/documents/ngscb_tcb.doc
http://www.microsoft.com/resources/ngscb/documents/NGSCBhardware.do…
Then there are chip fabs starting in China and other parts of Asia which will be able to provide Palladium free material.
Or maybe not. The TPM can give a lot of power to the one that have the control. Imagine how the president of China would like to hold that much power on his people. I wouldn’t be surprised if they start developing their own implementation of that technology.
NGSCB really is nothing; let’s hope it stays that way. I don’t see a need for it and it’s only purpose could be to limit freedom and act as a revenue source for MS.
I can’t think of any reason for a driver or any app needing to be signed. Anyone ever have a spoofed driver? The only thing a signed driver does is put money into MS’s bank account. It doesn’t assure a better driver that’s for sure and it doesn’t gurantee anything. Give me $250k a shot and I’ll sign all your apps and drivers too.
The Register was correct- NGSCB should be renamed to the “Devil’s Spawn”.
I have to say that I am looking forward to all of the trusted computing technologies. I am not going to be scared off by the fact that some folks will use it for things that I don’t like.
Its just a tool after all.
“Unless some unknown CPU maker from China shows up, I think we will have to adopt that technology against our will.”
Funny thing is, that actually happened. The CPU is called Red Dragon and IIRC it is x86 compatible. What Russia will do is something i’m wondering about too, i’m rather afraid they’ll just lick ass without standing up and speaking against. Perhaps the world would be better of when the cold war still existed, so we could get that untrusted, communist and Palladium-Free VAX clone…
Also, it depends on wether you want to do with your Free computer. What is needed for one to copy that next-gen DVD over? How long does it takes till this Palladium thing is cracked?
Personally, i expect the Free hardware becoming slightly more popular & expensive among the smarter masses. Free hardware is currently the status quo and involves about anything, ranging from SPARC, Alpha, MIPS till ARM, PPC, x86, x86-64. It is hard to imagine these computers aren’t able to do most current day jobs by then, and even the later models will be sold at less expensive prices given they’re “out of date” by then. Some of the mentioned architectures are _rock stable_ so it might as well be worth it, even 2nd hand. I’ve not read anything about Sun or SGI joining in this effort so i hope they stay alive. OTOH, there’s IBM who tried to make their PPC more open (attractive); let’s see…
Though a problem i foresee is with new software and new media. How would you “use” that? Staying with the old as well? Cracking it? Without a Palladium computer or with? Will it be easy? One Palladium, one without? Isn’t our society driven on popular and new stuff anyway? If the latter combined with a secure, hard to crack design is also combined with a Great Marketing plan of the 1st computer reich, it might as well launch off well. Remember most people are a simplistic herd of sheep. They’ll buy it.
Better check what’s under the hood when you buy that new x64-32/x64-64, it might as well have support for this crap. Do you want it? Need it? Do you really want to support that company???
Smoke and mirrors. In the name of security, so many idiots are willing to give up freedom.
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
Critical thinking is a rarest of finds in these forums.
Funny thing is, that actually happened. The CPU is called Red Dragon and IIRC it is x86 compatible.
Ah, thanks. I knew there was some company that made one but I wasn’t sure of the name. I believe its performance is similar to a 800MHz or 1GHz P3, right? Not bad… but not exceptional either. Anyway, like I said before, I fear that China is also attracted by TC and will probably develop its own scheme. They’re the one with the Great Firewall of China, after all.
I’ve not read anything about Sun or SGI joining in this effort so i hope they stay alive. OTOH, there’s IBM who tried to make their PPC more open (attractive); let’s see…
I wouldn’t be that hopeful…
https://www.trustedcomputinggroup.org/about/members/
SGI isn’t in the list but I don’t think they would be interested to develop cheap hardware for customers.
” I fear that China is also attracted by TC and will probably develop its own scheme. They’re the one with the Great Firewall of China, after all.”
True to an extent but aren’t the Chinese the ones pumping out Region Free DVD players? Also look at Piracy in China which is rampant and the fact that the Gov supports Red Flag Linux. Something tells me that they will bend over backwards for the likes of Microsoft or any other Corporate entity, they just orefere to toy with them.
True to an extent but aren’t the Chinese the ones pumping out Region Free DVD players? Also look at Piracy in China which is rampant and the fact that the Gov supports Red Flag Linux. Something tells me that they will bend over backwards for the likes of Microsoft or any other Corporate entity, they just orefere to toy with them.
That’s why I said that they will probably develop their own TC program. Piracy is rampant in China because it doesn’t profit them. Same thing for movies. However, I’m sure they’re drolling over the possibilites of TC. They might not trust american corporations to follow their program but they might develop their own that would be tailored to their needs, if you know what I mean…
Sorry for mentioning Sun. I couldn’t imagine that… i’m wondering what’ll happen to SPARC now…
Today i read a copy of the local Linux magazine version april 2004. They wrote an article about open hardware, mentioning websites and info about linuxbios.org and opencores.org. What i found interesting is that they provided several reasons of “why open hardware” in the introduction of the article.
One of the reasons was “DRM in hardware”. So yes, when not all companies join in this power grip, or when hardware is open and not too expensive, who knows what happens? The next FLOSS battle to be “FLOSH”? Also, they mentioned the LeonSPARC and some other stuff. Very interesting imo.