FC: Microsoft's Palladium news roundup, criticism, and more

From: Declan McCullagh (declanat_private)
Date: Fri Jun 28 2002 - 08:31:00 PDT

  • Next message: Declan McCullagh: "FC: Why NYC Time Warner is right to send nastygrams: "It's theft!""

    Politech has been slow to discuss this since I was in Moscow when Steven 
    Levy's article appeared. Here it is:
    Other coverage:
    Date: Tue, 25 Jun 2002 19:56:15 +0200
    From: Lars Gaarden <larsgat_private>
    To: declanat_private
    Subject: On Palladium
    perhaps the following could be of interest to Politech:
    If you are to believe recent articles in the mainstream media,
    MicroSoft is working on the final solution to computer security and
    online privacy.
     From the news articles it sounds like the core of Palladium is designed
    as a system that computer security professionals call a "Trusted
    Trusted Systems have existed for several years, and are generally used
    by NSA and other organizations to protect classified information. One
    real-world example of a somewhat-trusted system is the Java sandbox.
    When your browser downloads a Java applet, you want to know that it
    is restricted - for example, that it can't access the disk and obtain
    a copy of your mailbox. To achieve this the Java interpreter runs the
    applet in a virtual sandbox and denies the applet access outside this
    The difference between a Java sandbox and a true Trusted System is that
    java is a pure software environment - the Java interpreter can't verify
    itself to make sure that it has not been altered in a way that would
    compromise the sandbox. In security lingo - the Trusted Computing Base
    which implements the Trusted System is not protected from tampering.
     From the description of Palladium, it sounds like it will have some
    additional hardware support in order to verify itself.
    So, Palladium will be a tamper-resistant black box inside your computer.
    Now, what can this be used for and why would we want this in the next
    computer we buy?
    According to MicroSoft, Palladium will supposedly seal information from
    attackers, block viruses and worms, eliminate spam, and allow users to
    control their personal information even after it leaves their computer.
    That sounds nice, but what does this imply?
    Information sealing:
    To protect your own information from hackers sounds like the only
    good feature of Palladium. I can put my credit card number, documents
    and other information inside the black box and control which software
    is allowed to access this information. Still, there are encryption
    programs out there today from companies like PGP that provides similar
    Malware blocking:
    Viruses and worms are basically just software. Malicious software, but
    still just software. And as such, they are virtually indistinguishable
    from other software applications. In order to block malware, you need a
    system where only 'approved' software is allowed to run. Approved
    software will be software signed by a key that the Palladium system
    trusts. That leaves us with one problem - who gets to decide which
    software is approved and which is not? Surely we can't give this power
    to the end-user that habitually click 'ok' on any security warning in
    order to see the latest cool mail attachment. As Melissa and other
    worms/viruses have shown in the past, this won't increase system
    security one bit. What MicroSoft is saying is that we are supposed to
    trust them to be the benevolent dictator that decides which software to
    trust. How will hobbyists or small ISVs get their applications signed?
    It sounds like MS is using the malware scare as a means to force feed us
    a system where only MicroSoft-approved code can run.
    Spam elimination:
    How do you eliminate spam? You can use certain heuretics to discover and
    block at least a portion of spam, but it is practically impossible to
    eliminate it using the current Internet e-mail system. A system like
    Palladium won't make traditional spam recognition any easier. However,
    it provides a secure key that can be used to sign your own email
    messages and it can verify the signatures from other Palladium users. It
    sounds like MS' 'solution' to spam is to classify all non-Palladium-
    signed email as spam and let only mail signed by senders that you have
    approved through. In MicroSoft's spam-free world, only Longhorn users
    can send e-mail to eachother.
    External control of information:
    Finally, you can control your personal information after it leaves your
    computer. Sounds nice until you rephrase it: if I receive content from
    your 'black box', you can set restrictions on this content and my 'black
    box' will make sure I can't do anything to the content that you don't
    want me to. This is exactly the kind of thing that Hollywood and the
    large music companies have been asking the technology companies to give
    them, and MS is providing it under the guise of protecting privacy.
    Palladium isn't a solution to computer security and privacy, it is a
    system designed to strengthen MicroSoft's control over the operating
    system platform and to make Windows the platform of choice for DRM-
    protected digital content.
    From: Amos Satterlee <asatterleeat_private>
    To: "'declanat_private'" <declanat_private>
    Subject: ATdS and MS
    Date: Thu, 27 Jun 2002 11:01:44 -0400
    The Alex de Tocqueville Society says open source is a terrorist threat.
    They're paid for by MS. So far, so good.
    Then I ran into an interview with the MS lead for the Palladium initiative.
    "Juarez: ... As a side note, we will publish the source code on that Trusted
    Operating Root. We will make sure that people have the opportunity to really
    go deep on that and kick the tires and know that what we're doing in there
    is what we say we are doing."
    Date: Thu, 27 Jun 2002 13:42:45 -0500 (CDT)
    From: Mihai Christodorescu <mihaiat_private>
    To: Declan McCullagh <declanat_private>
    Subject: Ross Anderson on Palladium and TCPA
    In-Reply-To: <>
    	Ross Anderson posted a FAQ on TCPA and Palladium on his website:
    	As far as I can tell the FAQ is based on his paper presented at
    the conference on Open Source Software Economics in Toulouse on the 20th
    June. The paper can be downloaded from this URL:
    	Although his analysis is slightly biased (his main premise being
    that content providers, given the DRM tools proposed by TCPA and
    Palladium, will try to screw the users as much as possible), I tend to
    agree with the questions he raises. We need more checks and balances in
    the proposed technical solution, so that users, content providers, and
    computer companies (both HW and SW) can reach an equilibrium. As it stand
    now, TCPA looks like a conspiracy between computer companies and content
    companies, all against thieves, I mean computer users.
    	Furthermore, I am very curious to know the reasoning behind the
    timing of Microsoft's Palladium announcement. It might just be an attempt
    to preempt the SSSCA/CBDTPA(?) before it is made into law, by offering a
    computer industry-backed solution to the complaints of the content
      Mihai Christodorescu -- mihaiat_private - http://www.cs.wisc.edu/~mihai
        The man of knowledge must be able not only to love his enemies but also
      to hate his friends.                                - Friedrich Nietzsche
                 -- Feed the machine that burns in your head. --
    To: declanat_private
    From: sorgeat_private
    Subject: Microsoft's Palladium
    Date: Fri, 28 Jun 2002 00:55:07 -0400
    that's scary.
    Fear of Big Brother in Microsoft technology
    From: "Frawley, Alfred C." <afrawleyat_private>
    To: "'Declan McCullagh'" <declanat_private>
    Subject: FW: I Told You So
    Date: Fri, 28 Jun 2002 11:00:52 -0400
    Hi Declan:  you might find this of moderate interest  (posted on a crypto
    JUNE 27, 2002
    I Told You So
    Alas, a Couple of Bob's Dire Predictions Have Come True
    By Robert X. Cringely
    Just over three years ago I wrote a column titled "Cooking the Books: How
    Clever Accounting Techniques are Used to Make Internet Millionaires." It
    explained how telecom companies were using accounting tricks to create
    revenue where there really was none. Take another look at the column (it's
    among the links on the "I Like It" page), and think of Worldcom with its
    recently revealed $3.7 billion in hidden expenses. Then last August, I
    wrote a column titled "The Death of TCP/IP: Why the Age of Internet
    Innocence is Over." Take a look at that column, too, and think about
    Microsoft's just-revealed project called Palladium.
    The end is near.
    Sometimes I'd rather be wrong, but it's a no-brainer to guess that
    accountancy, which has apparently become something of an art form or
    interpretive dance, could have a dark side. And you'll never lose money
    betting for Microsoft and against Microsoft's competitors and customers.
    Let's concentrate on the Microsoft story. Last August, I wrote of a rumor
    that Microsoft wanted to replace TCP/IP with a proprietary protocol -- a
    protocol owned by Microsoft -- that it would tout as being more secure.
    Actually, the new protocol would likely be TCP/IP with some of the reserved
    fields used as pointers to proprietary extensions, quite similar to Vines
    IP, if you remember that product from Banyan Systems. I called it TCP/MS in
    the column. How do you push for the acceptance of such a protocol? First,
    make the old one unworkable by placing millions of exploitable TCP/IP
    stacks out on the Net, ready-to-use by any teenage sociopath. When the Net
    slows or crashes, the blame would not be assigned to Microsoft. Then ship
    the new protocol with every new copy of Windows, and install it with every
    Windows Update over the Internet. Zero to 100 million copies could happen
    in less than a year.
    This week, Microsoft announced Palladium through an exclusive story in
    Newsweek written by Steven Levy, who ought to have known better. Palladium
    is the code name for a Microsoft project to make all Internet communication
    safer by essentially pasting a digital certificate on every application,
    message, byte, and machine on the Net, then encrypting the data EVEN INSIDE
    YOUR COMPUTER PROCESSOR. Palladium compatible hardware (presumably chipsets
    and motherboards) will come from both AMD and Intel, and the software will,
    of course, come from Microsoft. That software is what I had dubbed TCP/MS.
    The point of all this is simple. It may actually make the Internet somewhat
    safer. But the real purpose of this stuff, I fear, is to take technology
    owned by nobody (TCP/IP) and replace it with technology owned by Redmond.
    That's taking the Internet and turning it into MSN. Oh, and we'll all have
    to buy new computers.
    This is diabolical. If Microsoft is successful, Palladium will give Bill
    Gates a piece of every transaction of any type while at the same time
    marginalizing the work of any competitor who doesn't choose to be
    Palladium-compliant. So much for Linux and Open Source, but it goes even
    further than that. So much for Apple and the Macintosh. It's a militarized
    network architecture only Dick Cheney could love.
    Ironically, Microsoft says they will reveal Palladium's source code, which
    is little more than a head feint toward the Open Source movement. Nobody at
    Microsoft is saying anything about giving the ownership of that source code
    away or of allowing just anyone to change it.
    Under Palladium as I understand it, the Internet goes from being ours to
    being theirs. The very data on your hard drive ceases to be yours because
    it could self-destruct at any time. We'll end up paying rent to use our own
    Can you tell I think this is a bad idea?
    What bothers me the most about it is not just that we are being sold a bill
    of goods by the very outfit responsible for making possible most current
    Internet security problems. "The world is a fearful place (because we
    allowed it to be by introducing vulnerable designs followed by clueless
    security initiatives) so let us fix it for you." Yeah, right. Yet Palladium
    has a very real chance of succeeding.
    How long until only code signed by Microsoft will be allowed to run on the
    platform? It seems that Microsoft is trying to implement a system that will
    enable them, once and for all, to charge game console-like royalties to
    software developers.
    But how will this stop the "I just e-mailed you a virus" problem? How does
    this stop my personal information being sucked out of my PC using cookies?
    It won't. Solving those particular problems is not Palladium's real
    purpose, which is to increase Microsoft's market share. It is a marketing
    concept that will be sold as the solution to a problem. It won't really
    Let's understand here that not all Microsoft products are bad and many are
    very good. Those products serve real customer needs and do so with genuine
    purpose, not marketing artifice. But Palladium isn't that way at all. This
    is NOT about making things better for the user. This is about removing the
    ability for the end user to make decisions about how his or her computer
    functions. It is an effort by Microsoft to take literal ownership of
    Internet technology, Microsoft's "embrace and extend" strategy applied for
    the Nth time, though on a grander scale than we've ever seen before. While
    there is some doubt that the PC will survive a decade from now as a product
    category, nobody is suggesting the Internet will do anything but grow and
    grow over that time. Palladium assures that whatever hardware is running on
    the network of 10 years from now, it will be generating revenue for
    Microsoft. There is nothing wrong with Microsoft having a survival
    strategy, but plenty wrong with presenting it as some big favor they are
    doing for us and for the world.
    What's saddest about this story is that it could be positive. The world is
    a dangerous place and finding ways to make people responsible for what they
    do on the Net is probably good, not bad. I just don't think we have the
    right people on the job.
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    Like Politech? Make a donation here: http://www.politechbot.com/donate/

    This archive was generated by hypermail 2b30 : Fri Jun 28 2002 - 10:55:28 PDT