Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×
Security The Internet

Researchers Looking at Alternatives to Palladium 221

Posted by CowboyNeal from the trust-and-distrust dept.
An anonymous reader writes "Some folks at Stanford have been looking at an alternative architecture for doing trusted computing (ala Palladium) based on using Virtual Machines. They presented a brief paper describing their work a couple weeks ago at the USENIX Workshop on Hot Topics in Operating Systems . In their paper they also discuss a bunch of non-DRM applications of Trusted Computing such as distributed firewalls, improving P2P security, preventing DDOS, and even strengthening civil liberty protections."
This discussion has been archived. No new comments can be posted.

Researchers Looking at Alternatives to Palladium More

Researchers Looking at Alternatives to Palladium

Comments Filter:

  • Well for a start. (Score:1, Funny)

    by Anonymous Coward
    The alternative will need a decent clock [kde.org]

  • There's nobody stoping... (Score:5, Insightful)

    by Anonymous Coward on Thursday June 05, 2003 @06:10PM (#6127555)
    Anybody from trusting anybody else now. We could create distrib-firewalls if we wanted to.

    The fact is DRM takes away the PEOPLES' rights to choose who to trust.

    • Re:There's nobody stoping... (Score:4, Insightful)

      by Keeper ( 56691 ) on Thursday June 05, 2003 @06:20PM (#6127623)
      That's a backwards statement.

      DRM lets you send stuff to people you don't trust, because you trust that the software will prevent the people you do not trust from taking actions you wish to prevent.

      It has nothing to do with defining who YOU trust.

      • Re:There's nobody stoping... (Score:4, Insightful)

        by interiot ( 50685 ) on Thursday June 05, 2003 @06:27PM (#6127678) Homepage
        DRM in the hands of monopolies is a way to take things away. DRM in the hands of corporations who value control above anything else is a way to take things away.
        • Yup. Amazing, corporations want to keep you from copying the stuff they sell and giving it away to all your friends. Go figure.

          If you don't like it, don't use it. I won't buy anything that "limits" my fair rights uses. If everyone else takes the same stance, it'll flop and the industry will move on to another way to screw people. If people do accept it and it becomes the defacto standard, I'll just have more money in my bank account to put towards a new car...

          • Re:There's nobody stoping... (Score:5, Insightful)

            by Jordy ( 440 ) <jordan@@@snocap...com> on Thursday June 05, 2003 @07:04PM (#6127924) Homepage
            No, corporations want to control what you do with the works they sell you, something copyright nor first sale doctrine does not give them the right to do.

            For instance, a book publisher can not sell you a book you're not allowed to resell. They also can not forbid you from reading a book more than once or reading the book to your child.

            DRM enables copyright holders to completely eliminate used sales and move the entire world to a pay-per-view world. Even more, it allows the copyright holders to have a perpetual copyright; one that will never expire for as long as the work is encrypted.

            You will not "own" anything. Sure technically you own your DRM'ed digital music downloads, but just try to resell them.

            The "value" of DRM'ed goods is significantly less than physical goods, but people won't realize that until laws get put in place forcing retailers to mark these goods as such.
          • The downsides of DRM have been discussed a lot already, but I'll briefly go over the side effects: companies get more economic control as a side effect to DRM systems (region coding), companies get to dictate which devices and from which companies you get to play their content on, allowing them to dictate additional restrictions other than purely anti-piracy ones, and companies regard the loss to the public domain as an unimportant side effect at best and probably simply a benefit.
          • " Yup. Amazing, corporations want to keep you from copying the stuff they sell and giving it away to all your friends. Go figure.
            "

            But they do it at the cost of your freedom. They could keep us from copying their stuff by making it explode upon purchase, to, but at what point do you say its ust not worth it?

            disclaimer: I did read your second paragraph, and I agree with you fully. I'm just replying because I know you're not the only one that feels that way
      • DRM lets you send stuff to people you don't trust, because you trust that the software will prevent the people you do not trust from taking actions you wish to prevent.

        Well ya, you're right, but in the case it's be used, we are the people the RIAA, MPAA and everyone else doesn't trust. We, being anyone with any form of access to a computer.

        So the question (or just one of the main) is, Why should I invest in a platform that will keep me from copying/burning/reading/deleting/modifing/anythin g else you c

        • So the question (or just one of the main) is, Why should I invest in a platform that will keep me from copying/burning/reading/deleting/modifing/anythin g else you could possible ever want to do you data? Do I want to plainly accept the fact that people selling me content dont trust me to get out the Wal-mart parking lot without trying to steal their intellectual property?

          Because it isn't YOUR DATA?

          Forget the RIAA and MPAA for a moment. The world does not revolve around geeks ripping DVDs and CDs. Sta

          • Re:There's nobody stoping... (Score:5, Interesting)

            by Amazing Quantum Man ( 458715 ) on Thursday June 05, 2003 @07:47PM (#6128215) Homepage
            No, I want to talk about the RIAA and MPAA. Specifically the MPAA.

            I saw an ad for a DVD that said "Own [some movie] today on DVD". It did not say, "License [some movie]".

            Therefore, they are selling me a copy of that movie. By the doctrine of First Sale, it is mine to do with as I wish, including cracking the CSS or region coding, folding, spindling, or mutilating, reselling to someone else.

            The only thing that I may not do is reproduce it for other people, since I don't hold the copyright.
      • Actually, it refers to your trusting the system, because you MUST trust it. It has nothing to do with how you feel about it. Here's an analogy: I give you my car keys. You drive away in my car. You are a trusted person. Are you a trusted person because I gave you my car keys? Not in this terminology. In this terminology, you are a trusted person because you HAVE my car keys, and I have no choice but to trust that you'll bring them back. Basically, trusted systems are bad. If you have zero trusted
        • Ok, so if you don't trust the system, don't use it. Nothing is forcing you to make all of the content YOU create DRM enabled.

          Your analogy doesn't make any sense to me. In order to HAVE the car keys, they must be given to you first. If you must be trusted in order to be given the car keys, then having the car keys implies that you are trusted.

          If you have zero trusted systems, you have zero points of failure, and 100% security.

          So you've got zero systems setup at home then? :p There is no such thing a

    • Re:There's nobody stoping... (Score:1, Insightful)

      by Anonymous Coward
      Actually what keeps you from trusting just anybody now is the total openness of the PC architecture.
    • Why would anybody want to create a distributed firewall?
    • The fact is DRM takes away the PEOPLES' rights to choose who to trust.

      Wrong, DRM gives everyone the power to choose who to trust. That's why you hate it - because you don't want the content companies to have the power to choose whether or not to trust you!

      But the shoe fits both feet. You also gain the power to choose who to trust. For example, you could join a P2P network and choose whether to let people in with clients that are going to cheat, send bogus data and flood the net. It's your decision.

      A

    • DRM != Trusted Computing (Score:4, Insightful)

      by hughk ( 248126 ) on Friday June 06, 2003 @07:14AM (#6130643) Journal
      DRM is just one application of a trusted platform. The others are benign, ensuring that only software that you trust can take certain actions like intercepting keystrokes or sending Email.

      The problem is that the trusted layer *must* be small so that it can be completely verified. Applications can't be so easily verified and it would still be possible to compromise Outlook, for example to send unwanted EMail. All the signature does is to say that the software hasn't been modified, but we know that applications don't need bad code to misbehave, they only need the right kind of bad data. Once the code has been signed, it must be signed again verey time it is patched. A far from simple logistical problem.

      OTOH, smaller code may be more easily verified - so a driver for a Smart Card reader could be protected, as could SSL. However a programmer can still make a mistake and allow the code to be compromised.

  • DRM is not automatically bad! (Score:3, Interesting)

    by Thinkit3 ( 671998 ) * on Thursday June 05, 2003 @06:11PM (#6127561)
    One good example is the google puzzle contest I'm sure many tried. You downloaded the .pdf before, and got a password when the time started. While nobody should go to jail for cracking the password, it was an example of a good (not evil) use of DRM.

  • a Good Thing (Score:5, Insightful)

    by trans_err ( 606306 ) <ebenoist@ g m a i l . com> on Thursday June 05, 2003 @06:12PM (#6127564) Homepage
    Rather this alternative to Palladium does or doesn't work at the fact that OTHER companies are looking into creating this kind of system makes the future of Palladium-esque systems look a lot better. Competition is a Good Thing and handing the reigns to microsoft with out look bad is a bad thing, microsoft or not a company should not have that much power. If this market becomes more diversified we will see better products, rather from microsoft or not, and people will start listening to the peanut gallery ranting for a better system.

    • Re:a Good Thing (Score:5, Insightful)

      by Knife_Edge ( 582068 ) on Thursday June 05, 2003 @06:31PM (#6127711)
      "microsoft or not a company should not have that much power"

      Microsoft does have the power to do whatever they want with their operating system. Yet, for some reason that does not matter to me. I am not forced to use it, see? As long as there are some alternatives (and there are right now if you are willing to learn), I will be fine. More people need to be made aware of the alternatives, is all.

      And to everyone who says, but what if Microsoft and some media companies get together to make some kind of system that ensures that content distributed in this system could only be used in extravagantly restrictive ways?

      Well, darn, I guess I will not buy that content. I suppose I will just continue consuming media in all the other ways it is available to me that are easier and cheaper.

      Some guy asked a better 'what if' recently in another discussion on Palladium. What if systems using this technology are required to access the Internet?

      Oh, Microsoft controls the Internet now?

      This is just another silly copy protection scheme, nothing more. As are any alternative silly copy protection schemes. Take the tinfoil hats off, folks.
      • Some guy asked a better 'what if' recently in another discussion on Palladium. What if systems using this technology are required to access the Internet?

        I can't really see that happening anytime soon. The Internet was designed to be open, for anyone to be able to connect to it. Palladium and the Internet Protocol are quite incompatible, in purpose if not in technology, and any attempt to graft one onto the other is going to be messy at best.

        Besides, with so many Unix/Apache servers out there, many bei

      • I used to believe the same thing, however, over time I have realized that this approach _doesn't work_. People (as a whole) are DUMB! And while _I_ won't buy highly restrictive content, others _will_. The reality is that I don't make a very big difference. This normally wouldn't bother me except some of the content that comes out, I want. By having less restrictive, better implemented alternatives, at lease _I_ have a better chance of having some more freedoms with the content I would _like_ to see.

      • Some guy asked a better 'what if' recently in another discussion on Palladium. What if systems using this technology are required to access the Internet? Oh, Microsoft controls the Internet now?

        No, but what if your ISP required a Palladium-signed ID to sign on? Or your company VPN required a Palladium key to permit remote access? Never mind the prospect of requiring Pd elements to view online content, which to most users is "the Internet".

        The danger is not in the tool, it's in the deployment. Lock-in

      • Some guy asked a better 'what if' recently in another discussion on Palladium. What if systems using this technology are required to access the Internet?

        Did you even read the PDF? That is exactly what they describe. They want to replace IP (internet protocol) with IPsec (secure).

        This is just another silly copy protection scheme, nothing more.

        It's a huge issue because it isn't just about music sales and movie sales. Everything on computers and on the internet is subject to "copy protection".

        Did you co

  • Too bad... (Score:5, Insightful)

    by PS-SCUD ( 601089 ) <.moc.oohay. .ta. .ttocsnamronretep.> on Thursday June 05, 2003 @06:14PM (#6127576) Journal
    One is proposed by some folks in Stanford, the other is proposed by Microsoft and Intel.

    Guess which one is going to matter?

    • Re:Too bad... (Score:3, Interesting)

      by 56ker ( 566853 )
      It's not usually a case of which one matters (which is subjective) but the case of which one is most popular. As with Windows - if something becomes popular it can have a runaway success.... people trust computers too much at the moment anyway - most don't understand gigo and assume that information on a computer is infallible. :/

    • Re:Too bad... (Score:4, Insightful)

      by Knife_Edge ( 582068 ) on Thursday June 05, 2003 @06:33PM (#6127731)

      "One is proposed by some folks in Stanford, the other is proposed by Microsoft and Intel.

      Guess which one is going to matter?"

      Neither.

    • Re:Too bad... (Score:4, Insightful)

      by El ( 94934 ) on Thursday June 05, 2003 @06:34PM (#6127740)
      So, that's why we're all running Microsoft Bob instead of the X Window System -- 'cause a big bad corporation can set a standard, while a Univerity can't?

      • Bob was an OS?? (Score:3, Interesting)

        by freeweed ( 309734 )
        I naively thought that Microsoft's main operating system was Windows - you know, that thing that runs on 90-something percent of desktops worldwide?

        Wasn't Bob basically Clippy the first?
    • Last time I've checked boys after Stanford were hired by Microsoft and Intel. Conclusion? They propose alternatives only for being noticed and hired.

  • Vulgar Slang (Score:4, Interesting)

    by jabbadabbadoo ( 599681 ) on Thursday June 05, 2003 @06:17PM (#6127596)
    palÂlaÂdiÂum2 ( P ) Pronunciation Key (p-ld-m)

    1) A safeguard, especially one viewed as a guarantee of the integrity of social institutions: the Bill of Rights, palladium of American civil liberties.

    2) A sacred object that was believed to have the power to preserve a city or state possessing it.

    I believe that city is called Microsoft.
    "Bill of Rights"... whaaaahahaha.
    ---
    At any rate, I have only one more word to say about Palladium. You can read all about that word here [reference.com]

  • Faking out Palladium? (Score:5, Interesting)

    by Asprin ( 545477 ) <gsarnold@yUMLAUTahoo.com minus punct> on Thursday June 05, 2003 @06:22PM (#6127645) Homepage Journal

    Moreso, would it be possible to fake out Palladium-dependent software by running it in an emulator that simulates the undelying Palladium subsystem?

    What does a program REALLY KNOW about where it lives?

    Wow, This is JUST like "The Matrix".
    • A program doesn't necessarily know where it lives, but it is possible to tell if it's talking to a black box that's been signed by Intel's private key, which is probably good enough.
    • ah yes, it probably would be possible, but then, you would be "circumventing a security device" and would surly get sued under the DMCA.

      That said, palladium will probably be cracked/reverse engineered withing months or weeks of its release. at which point, microsoft will blow a head gasket and demand the immediate execution of whoever is responsible.

      We need to fight this technology. I know it will be possible to turn it off at first, but this will surely cease to be possible. what palladium and other DR

  • Trusted Computing good, DRM bad. (Score:3)

    by autopr0n ( 534291 ) on Thursday June 05, 2003 @06:23PM (#6127651) Homepage Journal
    I'd be happy with Trusted computing as long as I got to be the one who did the trusting, not some outside entity.
    • No, what you want is to be the "Trusted" not the "Trusting".

      Imagine this scenario as an obtuse analogy...

      You're driving home late one night in the middle of nowhere when your car breaks down. You walk
      to the nearest farm. The farmer is friendly and offers to put you up for the night.
      Down the hall from where you are staying is the farmer's "Horny-Young-Minx-of-a-Daughter[tm]".
      You could easily wait for the farmer to fall asleep, and sneak into his daughter's bedroom.

      You are the "Trusted", the farmer i
  • Some folks at Stanford have been looking at an alternative architecture for doing trusted computing (ala Palladium) based on using Virtual Machines.

    We have that today. It's called JAVA. (Trolls, take a hike. Even Kreskin doesn't know when Java's dying.)

    • As far as I know, Java haven't got any DRM capabilities.

      As for the security of Java, I've singlehandedly hacked the VM to be able to get at private functions and variables of other peoples classes. If I can do that, then who knows what evil hackers might do?

      Think about it.. what if the only security your bank is utilizing is that your PIN is a private class variable?

      • You can access private methods and such via reflection as long as there is no security manager preventing you. Add a security manager and *BAM* ultra-secure system. As for hacking the VM binaries, that's a problem in any solution. The point is that code inside the VM is secure.

  • Other uses.. (Score:2, Interesting)

    by Ancil ( 622971 )
    In their paper they also discuss a bunch of non-DRM applications of Trusted Computing
    I can think of one off the top of my head: Trusted clients for multiplayer games.
    • > Trusted clients for multiplayer games

      Given all the effort that was put into aimbot network proxies, reverse engineering
      graphic card drivers etc, I don't think that this will hold.

      As soon as a Trusted Computer is enforced on the masses and keeps geeks from doing
      geeky things (cheat on games, watch Startrek, listen to Linkin Park, read NY Times,
      run Linux on XBOX), it will be cracked in no time.

      The past shows that secure AND cheap chips do not exist. Google for the BSkyB
      desaster in UK, if you're not co

  • Viva la Alternatives (Score:3, Interesting)

    by curtlewis ( 662976 ) on Thursday June 05, 2003 @06:31PM (#6127713)
    With all the security patches MS has each week, I must admit I found it rather amusing that they were propsing a secure computing standard with Paladium.

    Personally, I don't think they can pull it off. But with Stanford looking into an alternative now, this means we'll at least have choices down the line. And I'm sure that both sides will look at what each other does and rip off the good ideas.

    Security is important and a verifiable identity is as well. Not just for e-commerce applications, either. Even such simple issues as banning some nimrod that wants to post stupidity on your board can be solved by a solid identity model.

    Hopefully, one of em will pull it off.
    • If you can "ban the nimrod" you don't agree with then you have the power to censor the speech of others. People with the least popular ideas would also (then) have the least ability to make arguments to convince others why they are right. Sounds fine and dandy if it means you can put down the KKK right? So what if "everyone" believes the government on an issue? Then it's OK to "ban" anyone who might speak badly about the government? No, I don't think so.

      I don't trust MS as far as I could throw Bill gates i

  • Palladium,DRM = no trust or rights (Score:5, Insightful)

    by AtariAmarok ( 451306 ) on Thursday June 05, 2003 @06:32PM (#6127719)
    What misleading terms they are. How can Palladium have anything to do with "trust" when they violate trust and anything else by intruding into my computer and controlling my content?

    How can DRM "protect rights" when it denies basic rights of fair use?

    • Re:Palladium,DRM = no trust or rights (Score:5, Informative)

      by .com b4 .storm ( 581701 ) on Thursday June 05, 2003 @06:56PM (#6127879)

      How can DRM "protect rights" when it denies basic rights of fair use?

      Ah, but there's the rub. It's not about protecting YOUR rights, it's about protecting the rights of the big corporations. Well not so much their rights as the "rights" they want - i.e. control over your computer and everything you use it for.



    • Your... content... ?

      The P2P public had the trust of the creative industries--and then Napster came along, and they/we stomped all over that trust. Palladium is trust as in "you can now trust us not to break the law."

      Palladium, as I understand it, makes circumventing the system more trouble than its worth. Which, theoretically, would let us get back to our familiar balance of copyright and individual use.

      How can DRM "protect rights" when it denies basic rights of fair use?

      Fair use is not now and n
      • "Your... content... ?"

        My content. I paid for it. That kind of content. Consider the ad campaign for selling DVD's "Own a Movie Today!"

        "Oh, and you still have as much fair use as anyone did before the digital boom"

        Not really. The real problem is the DMCA. If the DMCA were repealed, DRM would not be a problem.
        • My content. I paid for it. That kind of content. Consider the ad campaign for selling DVD's "Own a Movie Today!"

          You do not own the content, you own the media it's on. You merely license the content and are granted limited rights to view it. You cannot distribute it, make derivative works, copy it for other then personal uses, or perform/display it publically.

          Not really. The real problem is the DMCA. If the DMCA were repealed, DRM would not be a problem.

          Please do explain. I'm guessing you're like ev
          • You do not own the content, you own the media it's on.

            You do own the content. However, copyright law puts a "lien" on the content that generally forbids you to redistribute any copies you make.

            This is similar to how you "own" your back yard, but the local government retains a lien that prevents you from building a garage within 3 feet of the lot line. You are restricted from doing certain things to your yard, but you don't say that you don't own it. Decades of IP creeping featurism have made people forg

            • The contract is not a paper one, it's embedded into the media by placing the (c) [date] and/or further copyright notice and explanation somewhere on the packaging (usually on the back for CDs and DVDs). By purchasing the CD, book or movie you agree to abide by copyright laws because you have seen and acknowledge the rights protecting the work. Ignorance of its existence, otherwise known as ignorance of the law, is not a legit argument either. Even if the media is lacking the notice it is still protected
          • [Not really. The real problem is the DMCA. If the DMCA were repealed, DRM would not be a problem].Please do explain.

            The DMCA makes it illegal to "crack" and bypass these copy protection schemes which make it difficult sometimes to even view material on DVD's which you have paid for.

            "You do not own the content, you own the media it's on."

            Then how come they advertise "own a movie today", instead of "own the disc the movie is recorded on"?
    • It's trusted computing because you're trusting it. It can fuck you, and you're trusting that it won't.

      If it didn't have the capacity to screw you over, you wouldn't be trusting it with anything, now would you?

  • Which would you choose. (Score:5, Insightful)

    by xA40D ( 180522 ) on Thursday June 05, 2003 @06:33PM (#6127738) Homepage
    So from MS we get Trusted Computing where "trusted" means trusted by big corporations who want to sell you stuff without any chance of copying.

    From these guys we get Trusted Computing where trusted means trusted by the guys building the network.

    So, which would you choose?
    • So, which would you choose?

      People will choose the one there's content for, which will be the one trusted by the corporations putting out said content.

      The inclination for the average Joe User to become a technological revolutionary sticking it to The Man seems to be overestimated quite frequently here on Slashdot...

  • Real meaning of trusted computing! (Score:5, Insightful)

    by AtariAmarok ( 451306 ) on Thursday June 05, 2003 @06:38PM (#6127771)
    Why is it called "trusted computing" after all, when it violates trust?

    The problem is we are looking at the wrong definition of trust. Most of us have in mind the primary definition: "Firm reliance on the integrity, ability, or character of a person or thing" or "Custody; care"

    You have to look down the list to find the definition of "trust" that fits perfectly with Microsoft, RIAA/MPAA and the Palladium idea:

    "A combination of firms or corporations for the purpose of reducing competition and controlling prices throughout a business or an industry."

    Might as well called it "monopolized computing". Means the same thing.
    • The problem is we are looking at the wrong definition of trust. Most of us have in mind the primary definition: "Firm reliance on the integrity, ability, or character of a person or thing" or "Custody; care"

      But that is the definition they are using. Microsoft feels they can rely on the integrity of a Pallidum-equipped computer system.

      Note that this says nothing about the user of the computer. (Unless you consider MS a user...)

    • Someone mod this guy down? It's not called Trustworthy Computing, it's called Trusted Computing. The definition does not say "Firm reliability", it says "Firm reliance" Do you trust them? Because if you buy one of their machines, you already did. Get it? If you give me your house keys, then find out I'm a thief, until you change your locks, I'm still trusted, even though you know I'm a thief. THAT is what Trusted Computing is all about.
  • ..... is when I see "Researches looking for alternatives to Palladium" I think - well, there's platinum, copper on platinum (mosanto does that), a couple of nickel catalysts.... oh, this is that DRM thingy
    Such is life... technology is conspiring to take away my rights to protect me from myself.

  • Call my a pessimist, but... (Score:3, Interesting)

    by DarkVein ( 5418 ) on Thursday June 05, 2003 @06:48PM (#6127829) Journal

    I find this branch of research and publication somewhat disturbing. As legitimate, morally appealing, uses for this technology appear, the opposition should become less vehemently opposed to the technology. It's the rational reaction for rational people. If you still oppose it, you're probably irrational.

    We're capitalists, however. Civil liberties have not been terribly profitable products in the past. The old-world investors will not invest in end-point civil liberties protection technologies, and will continue to put on blinders to the true value in information networks--their end-points.

    However, perhaps one or two capitalists out there has realized that (1) networks have no inherent value or use on their own, and (2) people are terrified of being ruled by any network. There's a fucking market for civil liberty weapons: tools to defend end-points, tools to protect individual's rights to connect and communicate with any other end-points, tools to insure security and authenticity between any two or more individuals. Justin Frankel's "Waste" is a beautiful start.

    On a related, but off-topic tangent, I've got a new buzz-word: Intellectual Macro-Economics, a way to increase the value of the US dollar.

    Here's how it works, in magic-bullet glory: Article 1, Section 8, of the US Constitution provides Congress with the power to increase the artists and scientific wealth of the US, providing a mechanism for doing so (limited terms). The concept is to increase the unlimited common wealth of the US (and probably Humanity), by encouraging the creation of new works. For the last 20 years our cultural wealth has been depleted by private interests, looting the cultural commons, robbing us of the creative wealth to build with. In this, the copyright law is our asset which has been mis-managed, and stopped delivering our wealth. To increase our national cultural wealth, require the creation of new works, and consequently increase foreign confidence in the US dollar, increasing its exchange value, we must repair copyright, patent, and trademark law so that the commons will resume growing, and an immediate idea-influx (through a retro-active term truncation) would have massive midterm-longterm beneficial effects.

    Another aside. One side of the IP arguement sees the limited terms as the promotion of progress. The other side (ours, and the one that wrote the damned Constitution) sees the progress as the effect of limited terms: an increase in common intellectual wealth, with a "necessary evil" to promote the production of those works. Bleh. Communications barriers. And you thought it was so fucking obvious, didn't you?

  • Hey, Alan Cox [usenix.org] will be there as well! ;-)

    (What are the chances of two Alan Coxes in this field of business!? Bummer for the other Alan Cox. Probably often mistaken as Linus' lieutenant...)

  • One posible alternative is ... (Score:4, Interesting)

    by bigjocker ( 113512 ) * on Thursday June 05, 2003 @06:52PM (#6127853) Homepage
    ... not to use any DRM at all ...
    • DRM should be treated like viruses. If we could only get the DMCA out of the way (with its huge $$$ fines for listening to the song you bought on the "wrong" player), we could have Norton and McAfee come out with software that strips all incoming content of DRM just like their other products which remove viruses from incoming files.
  • How would a virtual machine based approach to Trusted Computing such as this be different from a JVM/CLR/equivalent virtual machine executing code signed only by a certain party?
  • I've take class from both Prof. Boneh and Prof. Rosenblum (2 of the 3 names on the paper), and I can tell you that they're some of the most intelligent people I've met. I'd definitely trust anything those guys have to say.
  • My signature reflects my feelings about Trusted Computing. Because Trusted Computing is so easily abused by content producers who want strict control over media consumption, I feel it's potential for harm outweighs most of its benefits.
  • The technologies that this paper are discussing do not take away our abilities to choose who we trust, they simply gives providers of a service a way to choose who they trust. Sure microsoft and the *aa groups are providing services and will use this technology to limit the way we use their services. But that does not take away our privledge to use other services that are less restrictive. It also allows us (the OSS community) to build tools (such as P2P sharing apps) that keep them out.

    So they build t

  • " improving P2P security "

    Wouldn't it be nice if there was a P2P application [earthstation5.com] that had support for SSL, Proxy's and sets tunneling to prevent ISP's from blocking it?
    well thats what the link is. It is still in beta and only available for windows so lets E-mail them [earthstation5.com] about porting it. Or maybe one of you sharp coders is looking for a project. I only know perl so I'm out hehe
  • I did RTFA and what this boils down to is what it says near the end: "Note that our threat model excludes compromise of the underlying tamper-resistant hardware...". Palladium has the same trouble.

    Security through obscurity-and-a-bunch-of-hard-work-to-break-it. Basically, the first time anyone skilled figures out the algorithms for the hardware, they can help someone make an emulator.

    Then, all you need is the key any "trusted" computer uses. So, you brute force crack your own computer's key by having i

  • OK, So Let Me Get This Straight... When MS does it, it's Pure Evil (TM). When Stanford does it, it's Happy Fluffy Bunnies. I'm glad we're all clear on that.

  • Trusted means that your computer is going to behave in a predictable way, that it will just execute the damn program and not fuck with it.

    Is that so horrible? If you can't stand the thought of running a program without screwing with it, then don't try to tell other people that that's what you're going to do.

    All trusted computing means is that you tell other people that you'll run the software cleanly, and they can trust you to tell them the truth. If you can't stand this level of honesty then maybe you

Slashdot Top Deals

"You know, we've won awards for this crap." -- David Letterman

Close