[lug] Fwd: PKI, the Mark, and Palladium

Greg Smith gsmith51 at mindspring.com
Thu Jul 18 20:56:50 MDT 2002



MS to eradicate GPL, hence Linux
By Thomas C Greene in Washington
Posted: 25/06/2002

"Yesterday, as we all know, Microsoft fed an 'exclusive' story about its new
'Palladium' DRM/PKI Trust Machine to Newsweek hack Steven Levy (a guy who
writes without irony of "high-level encryption"), presumably because they
trusted him not to grasp the technology well enough to question it
seriously. His un-critical announcement immediately sparked a flurry of
articles considering what this means to the Windows user base.

"And that's as it should be. But my question is, what does it mean to the
Linux user base?

"Well, of course no one knows yet; the Levy article is long on generalized
promises but very short on details. We know that some hardware element will
be involved -- some hardened slice of silicon on the mobo which will
identify the computer and the user, and recognize other computers and their
users. It, or a companion chip, will interface with some manner of PKI,
current or future, so that only 'authorized' applications may run with
privileges. MS wants us to think that the 'authorizer' will be the user, but
we know better: there will undoubtedly be a DRM element in it, and its
authorizations will override yours. There will also be a networking
component, involving an elaborate PKI and vast data warehouses run by MS and
its trusted partners."

-[snip]- see link for rest of story


TCPA / Palladium FAQ (Frequently Asked Questions)
Version 1.0 - 9 July 2002
Ross Anderson


"2. What does TCPA / Palladium do, in ordinary English?

"TCPA / Palladium will also make it much harder for you to run unlicensed
software. Pirate software can be detected and deleted remotely. It will also
make it easier for people to rent software rather than buying it; and if you
stop paying the rent, then not only does the software stop working but so
may the files it created. For years, Bill Gates has dreamed of finding a way
to make the Chinese pay for software: Palladium could be the answer to his

"There are many other possibilities. Governments will be able to arrange
things so that all Word documents created on civil servants' PCs are `born
classified' and can't be leaked electronically to journalists. Auction sites
might insist that you use trusted proxy software for bidding, so that you
can't bid tactically at the auction. Cheating at computer games could be
made more difficult.

"There is a downside too. There will be remote censorship: the mechanisms
designed to delete pirated music under remote control may be used to delete
documents that a court (or a software company) has decided are offensive -
this could be anything from pornography to writings that criticise political


"10. OK, so TCPA stops kids ripping off music and will help companies keep
data confidential. It may help the Mafia too, unless the FBI get a back
door, which I assume they will. But apart from pirates, industrial spies and
activists, who has a problem with it?

"A lot of companies stand to lose out. For example, the European smartcard
industry looks likely to be hurt, as the functions now provided by their
products migrate into the Fritz chips in peoples' laptops, PDAs and third
generation mobile phones. In fact, much of the information security industry
may be upset if TCPA takes off. Microsoft claims that Palladium will stop
spam, viruses and just about every other bad thing in cyberspace - if so,
then the antivirus companies, the spammers, the spam-filter vendors, the
firewall firms and the intrusion detection folk could all have their lunch

"There are serious concerns about the effects on the information goods and
services industries, and in particular on innovation, on the rate at which
new businesses are formed and on the likelihood that incumbent companies
will be able to hang on to their monopolies. The problems for innovation are
well explained in a recent New York Times column by the distinguished
economist Hal Varian.

"But there are much deeper problems. The fundamental issue is that whoever
controls the Fritz chips will acquire a huge amount of power. Having this
single point of control is like making everyone use the same bank, or the
same accountant, or the same lawyer. There are many ways in which this power
could be abused.

[end excerpt]

Don't believe anything you read on the Net unless:
1) you can confirm it with another source, and/or
2) it is consistent with what you already know to be true.
To subscribe send message to mailto:majordomo at efga.org and type
"subscribe scan" in the BODY. To be removed type "unsubscribe scan".
For additional instructions see http://www.efga.org/about/maillist.html
                  ScanThisNews is Sponsored by S.C.A.N.
            Host of the "FIGHT THE FINGERPRINT!" web page:

More information about the LUG mailing list