On Thu, 13 Mar 2003, Hermes Remailer wrote:
> The following comes from Microsoft's recent mailing of their awkwardly > named "Windows Trusted Platform Technologies Information Newsletter > March 2003". Since they've abandoned the Palladium name they are forced > to use this cumbersome title. > > Hopefully this will shed light on the frequent claims that Palladium will > limit what programs people can run, or "take over root" on your computer, > and similar statements by people who ought to know better. It is too > much to expect these "experts" to publicly revise their opinions, but > perhaps going forward they can begin gradually to bring their claims > into line with reality. The Xbox will not boot any free kernel without hardware modification. The Xbox is an IBM style peecee with some feeble hardware and software DRM. A Palladiated box is an IBM style peecee with serious hardware and software DRM. So, a fortiori, your claim is false. oo--JS. > > An Open and Interoperable Foundation for Secure Computing > > By John Manferdelli, General Manager, Windows Trusted Platform Technologies > Microsoft Corporation > > The Next-Generation Secure Computing Base (NGSCB) is part of Microsoft’s > long-term effort to deliver on our vision of Trustworthy Computing. We > are pleased that independent observers and many journalists continue > to show interest in NGSCB and what it will enable. While much of the > response has been positive, especially among analysts, security experts > and people concerned with privacy, we recognize that there are still > questions about NGSCB, and still a great deal of misunderstanding and > speculation around our intentions. > > In this newsletter I’d like to set the record straight on one of the more > common and persistent concerns, specifically that the NGSCB architecture > will limit the things that people can do with computers by forcing them > to run only “approved” software, or software that is digitally signed. > In fact, NGSCB intends to do no such thing. It is important to understand > that NGSCB is operating system technology. Just as anyone can build a > program to run on Windows today using widely-published APIs, they will > be able to build new programs tomorrow that take advantage of the NGSCB > architecture when it is included in a future version of Windows. How these > new programs are built — and what they will require of the user — are > questions for the application developer to answer. But NGSCB inherently > has no requirements forcing approval of code, digital signatures, or > any other such qualifying mechanism. NGSCB will run any software that is > built to take advantage of its capabilities, and it will only run with > the user’s approval. Moreover, even when NGSCB is running, programs that > are not using NGSCB features will operate just as they do today. It is > true that NGSCB functionality can be used by an application (written by > anyone) to enforce a policy that is agreed to by a user and a provider, > including policies related to other software that the application can > “load.” Such a policy could, for example: > > - Govern how private information is used by software > - Prevent malicious code from snooping private information, stealing keys, > or corrupting important information (i.e., banking transaction data) > - Govern how intellectual property running inside the application can > be used > > Policies like these could be set by the user at his or her sole > discretion, or they could be set in a manner mutually agreed to by > a user and one or more parties. However, NGSCB does no screening of > application components or content, and if any “screening” took place, > it would be within the isolated bounds of an application running under > NGSCB. Moreover, no NGSCB application can “censor” content played by > another NGSCB application. > > Policy in the Hands of the User > > The extent to which the NGSCB will be beneficial will largely depend on > the wisdom of the policies that people choose to embrace. We are designing > NGSCB to give individuals visibility to the policies available to them > in the programs they run, as well as control over how they proceed. By > offering new features to enhance privacy, security and system integrity, > we can foresee NGSCB enabling a wide range of beneficial scenarios, > including the following: > > - Helping to protect personal medical information > - Preventing a bad application from interfering with a banking transaction > - Preventing viruses from harming programs or data > - Preventing unauthorized people or applications from accessing a computer > remotely and carrying out unauthorized actions > > My colleagues and I appreciate your interest in the work we are doing. We > know we still have a lot of work to do, and value the beneficial influence > that discussion and debate provide as we strive to deliver trustworthy > computing technologies. > > - John Manferdelli --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
