AARG!Anonymous wrote: > Adam Back writes: > >>I have one gap in the picture: >> >>In a previous message in this Peter Biddle said: >> >> >>>In Palladium, SW can actually know that it is running on a given >>>platform and not being lied to by software. [...] (Pd can always be >>>lied to by HW - we move the problem to HW, but we can't make it go >>>away completely). >> > > Obviously no application can reliably know anything if the OS is hostile. > Any application can be meddled with arbitrarily by the OS. In fact > every bit of the app can be changed so that it does something entirely > different. So in this sense it is meaningless to speak of an app that > can't be lied to by the OS. > > What Palladium can do, though, is arrange that the app can't get at > previously sealed data if the OS has meddled with it. The sealing > is done by hardware based on the app's hash. So if the OS has changed > the app per the above, it won't be able to get at old sealed data.
I don't buy this: how does Palladium know what an app is without the OS' help? Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ Available for contract work. "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff