MSFT
pbs.org
Still more.
theregister.co.uk
MS Palladium protects IT vendors, not you - paper
By John Lettice
Posted: 28/06/2002 at 10:27 GMT
Ross Anderson of Cambridge University has published a lengthy and informative paper/FAQ on Palladium, the Trusted Computing Platform Alliance (TCPA), their relationship and their implications. His take is that Microsoft's Palladium, soft-announced by the company earlier this week, will be built on TCPA hardware, adding some extra features as it goes along. Some of these features, he notes, will the there in order to make the package look more attractive, while some of the components of Palladium are already shipping in Xbox and WinXP.
Perhaps the most interesting bits are the descrition of how it will work from start up and the potential for censorship
Anderson refers to the chip as the "Fritz" chip, after senator Fritz Hollings who has been "working tirelessly" to make TCPA compulsory. On boot, Fritz "checks that the boot ROM is as expected, executes it, measures the state of the machine; then checks the first part of the operating system, loads and executes it, checks the state of the machine; and so on. The trust boundary, of hardware and software considered to be known and verified, is steadily expanded. A table is maintained of the hardware (audio card, video card etc) and the software (O/S, drivers, etc); if there are significant changes, the machine must be re- certified. The result is a PC booted into a known state with an approved combination of hardware and software. Control is then handed over to enforcement software in the operating system - this is presumably Palladium if your operating system in Windows."
Note the similarities here to what Xbox is doing already.
"Once the machine is in this state, Fritz can certify it to third parties: for example, he will do an authentication protocol with Disney to prove that his machine is a suitable recipient of 'Snow White'. The Disney server then sends encrypted data, with a key that Fritz will use to unseal it. Fritz makes the key available only so long as the environment remains 'trustworthy'. For this purpose, 'trustworthy' means that the media player application won't make any unauthorised copies of content."
That's an example of the sort of procedure you'd encounter when the system is applied to the entertainment business. However, TCPA-enabled applications will likely have their security policies administered by remote servers, and this has other implications. What you're allowed to read could be censored for reasons other than copyright, so for example the scientologists might "convince a court that a certain document should be banned [and] get an order against a policy server." So to what extent could unpalatable and leaked documents be banned or disappeared?
The conclusion is also pretty simple. The benefits for this do not acrue to the users but to the vendors
He concludes: "TCPA and Palladium do not so much provide security for the user, but for the PC vendor, the software supplier, and the content industry. They do not add value for the user. Rather, they destroy it, by constraining what you can do with your PC - in order to enable application and service vendors to extract more money from you."
Full FAQ at cl.cam.ac.uk
BTW the reg also has a rather worrying change in EULA that Microsoft is sneaking into the "You must do this upgrade" of Windows Media Player:
MS security patch EULA gives Billg admin privileges on your box
By Thomas C Greene in Washington
Posted: 30/06/2002 at 05:56 GMT
If you caught our recent coverage of the Windows Media Player trio of security holes you may have followed a link to the TechNet download site for a patch, or you might have activated Windows Update. If you did the former (though, oddly, not if you did the latter), you would have been confronted with an End User License Agreement (EULA) stating, most ominously, that:
"You agree that in order to protect the integrity of content and software protected by digital rights management ('Secure Content'), Microsoft may provide security related updates to the OS Components that will be automatically downloaded onto your computer. These security related updates may disable your ability to copy and/or play Secure Content and use other software on your computer. If we provide such a security update, we will use reasonable efforts to post notices on a web site explaining the update."
Which boils down to you volunterily surrendering control of your PC to Microsoft and having to right to complain if (when?) they download some buggy virus-laden code onto your PC and break it. |
