-=PCTechTalk=- (Fwd) [Win2kPowerUsers] Volume 2, Number 23 / July 2, 2002
- From: "Grant Karpik" <gkarpik@xxxxxxxxx>
- To: pctechtalk@xxxxxxxxxxxxx
- Date: Tue, 2 Jul 2002 13:51:45 -0700
Worth a read:
------- Forwarded message follows -------
From: "Serdar Yegulalp" <serdar@xxxxxxxxxxxxxxxxxxx>
To: <gkarpik@xxxxxxxxx>
Date sent: Tue, 02 Jul 02 16:02:29 -0400
Subject: [Win2kPowerUsers] Volume 2, Number 23 / July 2, 2002
Windows 2000 Power Users
Volume 2, Number 23
July 2, 2002
By Serdar Yegulalp (serdar@xxxxxxxxxxxxxxxxxxx)
*************************ADVERTISEMENT**************************
Missing Your Winmag.com Newsletter Authors? Don't!
Jim Powell's The Office Letter: http://www.officeletter.com/
Serdar Yegulalp's Newsletter: http://www.win2kpowerusers.com/
Fred Langa's LangaList: http://www.langa.com/
Karen's Power Tools at http://www.karenware.com/
Jason Levine's Toolbox: http://www.jasons-toolbox.com/
Mike Elgan's Mike's List: http://www.mikeslist.com/default.htm
John Woram's Newsletter: http://www.woram.com/letter/index.htm
Scot Finnie's Newsletter: http://www.scotfinnie.com/newsletter/
*****************************************************************
In This Issue:
- Palladium: (Dis)Trustworthy?
Palladium: (Dis)Trustworthy?
I had other material scheduled for this week, but I've pushed it back
in
favor of an analysis of Microsoft's latest future project, Palladium.
(To all those who wrote to me in the last couple of weeks -- regarding
laptop repair, the spam issue, and so on -- I do thank you in advance.
I'm still sifting through a lot of that mail and I plan on offering
another issue later this week.)
Of all the things Microsoft has announced recently, this is the one
which makes my hair stand on end the most fiercely. Microsoft was
originally mum about Palladium, but news has leaked out (courtesy of
journalist Steven Levy), and now it's all over the place. And it's not
pretty.
Put simply, Palladium is a system architecture -- odds are it's going
to
be part of the next version of Windows -- with built-in DRM (digital
rights management) and cryptography features, called a "trusted
computing platform." Palladium requires hardware that's designed
specifically for it -- a chipmaker would need to devise a CPU, chipset
and motherboard that is Palladium-compatible. Not only that, but I'm
assuming everything else in the PC, from the disk controllers to the
graphics cards, would also have to be replaced. This means that every
aspect of the system -- everything -- would be protected with
cryptographic control. Programs that aren't Palladium-approved don't
run. Data that isn't copy-approved can't be copied.
Microsoft insists, however, that Palladium is just an architecture;
it's
content-neutral. You can implement as much or as little of it as you
wish. That's a nebulous promise to me, especially since about all I
can
glean from this is peril, not promise. Several key issues do come to
mind.
1. Totally new hardware and software is required. Not only is this
expensive and in many cases impractical, but it's exasperating and
smells of a locked-hands policy. Imagine not being able to upgrade
anything -- drivers, software, everything -- on your PC because the
only
future versions available are Palladium-only. Who wants to pay --
possibly pay more -- for something which allows you to do less?
2. Censorship and freedom of information. While I am no pirate and I
don't defend them, the idea of pre-emptively making it impossible to
copy anything without certification is appalling. As someone else
pointed out, treat ordinary people like thieves and they'll become
thieves. (On that note, the new CD copy-protection initiatives are a
joke; they're expensive, they create more problems than they solve, and
they're disgustingly easy to defeat. Not only that, but the music
industry is talking out of both sides of its mouth when it tries to
ascribe hard loss numbers to piracy, which is by its definition nearly
impossible to get hard numbers on.)
3. Microsoft. Again, I don't need to go very far to spell this out,
but
given how Microsoft has come under heavy fire for being monopolistic,
how is this supposed to make them any less of a bully in the eyes of
the
government? And, as David Coursey pointed out, why should we trust
Microsoft to come up with some proprietary closed-ended scheme that's
ostensibly for our protection? Wouldn't we be better off with an open
standard, if we were going to do something like this at all? Why give
Microsoft the keys to the digital kingdom?
To think that Microsoft came up with this in response to criticisms
that
Windows is insecure would be funny if it wasn't so true. Clearly, one
of the better ways to address that would have been to simply police
their code better, but now it seems they're more interested in a
baby-and-bathwater solution. If Palladium is being sold as a way to
stop viruses, for instance, I don't buy it for a second. Every
security
system can be cheated; all it takes is time and diligence -- and
there's
a whole subculture of crackers who would be itching to do exactly that.
Notice how Microsoft (and just about every press pundit who writes
about
Palladium) never talks about this basically being handcuffs for your
PC.
They talk about security. Security's a two-edged sword, and if you go
by the old quote about those who give up liberty for security deserving
neither, you're probably quite on track.
One of the joys of owning a PC is being able to do what you want with
it
-- including making modifications to it that the designers never
intended. Now that appears to be the next big enemy in the digital
world, because God knows people who are allowed to run just any old
program on their computer could be doing something illegal.
In my opinion, Palladium's promise of security is about as appealing as
voluntarily going to prison to avoid being charged with a crime (or
attacked by a criminal) -- and we all know how safe and trustworthy
prisons are. It is not even a remotely fair tradeoff; it is, quite
simply, blackmail.
The only way to make this even remotely palatable is to make it an
option - something that can be turned off, permanently, or something
that is only available in a specific edition of the OS that is not the
only version. There is also a good deal of time to register one's
feelings about the idea -- Palladium itself probably won't appear for
several more years at least. But I have the feeling we're going to
need
that time, because of all the ideas Microsoft has come up with, this
one
is fraught with the direst implications.
On a side note, remember the Intel CPU ID number controversy? In 1998
Intel started rolling out a software-addressable extension to their
processors, which allowed you to query the CPU for a unique serial
number. Public outcry against the idea forced Intel to ship with the
ID
number disabled. No OS or program I know of uses it, and it was in
fact
one of the big reasons a number of friends of mine ditched Intel
systems
to go to AMD-based PCs. Microsoft appears to be on the verge of making
the same sort of mistake, one which is not so much technologically
ill-conceived as simply tasteless. "The last thing I want," one of my
friends remarked, "is to have my PC branded with the Mark of the
Beast."
I'll be reporting back more on this as time goes by -- and as always,
speak your mind in e-mail. I suspect my mailbox will be melting from
this one. If Product Activation inspired resentment, this will
probably
inspire revolt.
Serdar Yegulalp
Editor, Windows 2000 Power Users Newsletter
http://www.win2kpowerusers.com/
Personal site: http://www.thegline.com
To unsubscribe from this newsletter, send an email from the address you
wish to remove to: win2k-unsubscribe@xxxxxxxxxxxxxxxxxxx
------- End of forwarded message -------
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
...a cat is a diagram and a pattern of subtle air...
Grant Karpik
gkarpik@xxxxxxxxx
To unsub or change your email settings:
//www.freelists.org/webpage/pctechtalk
To access our Archives:
http://groups.yahoo.com/group/PCTechTalk/messages/
//www.freelists.org/archives/pctechtalk/
Other related posts:
- » -=PCTechTalk=- (Fwd) [Win2kPowerUsers] Volume 2, Number 23 / July 2, 2002
