Adam Back says:
Providing almost no hardware defenses while going to extra-ordinary
efforts to provide top notch software defenses doesn't make sense if
the machine owner is a threat.
So maybe the Palladium folks really mean it when they say the purpose
of Palladium is not to enable DRM?
I doubt
Remote attestation does indeed require Palladium to be secure against
the local user.
However my point is while they seem to have done a good job of
providing software security for the remote attestation function, it
seems at this point that hardware security is laughable.
So they disclaim in
On Tue, Oct 22, 2002 at 04:52:16PM +0100, Adam Back wrote:
So they disclaim in the talk announce that Palladium is not intended
to be secure against hardware attacks:
| Palladium is not designed to provide defenses against
| hardware-based attacks that originate from someone in control of
On Tue, 22 Oct 2002, Rick Wash wrote:
Hardware-based attacks cannot be redistributed. If I figure out how
to hack my system, I can post instructions on the web but it still
requires techinical competence on your end if you want to hack your
system too.
While this doesn't help a whole lot
At 4:52 PM +0100 10/22/02, Adam Back wrote:
Remote attestation does indeed require Palladium to be secure against
the local user.
However my point is while they seem to have done a good job of
providing software security for the remote attestation function, it
seems at this point that hardware
Software-based attacks are redistributable. Once I write a program
that hacks a computer, I can give that program to anyone to use. I
can even give it to everyone, and then anyone could use it. The
expertise necessary can be abstracted away into a program even my
mother could use.
On Sun, Oct 20, 2002 at 10:38:35PM -0400, Arnold G. Reinhold wrote:
There may be a hole somewhere, but Microsoft is trying hard to get
it right and Brian seemed quite competent.
It doesn't sound breakable in pure software for the user, so this
forces the user to use some hardware hacking.
They
At 10:52 PM +0100 10/21/02, Adam Back wrote:
On Sun, Oct 20, 2002 at 10:38:35PM -0400, Arnold G. Reinhold wrote:
There may be a hole somewhere, but Microsoft is trying hard to get
it right and Brian seemed quite competent.
It doesn't sound breakable in pure software for the user, so this
At 7:15 PM +0100 10/17/02, Adam Back wrote:
Would someone at MIT / in Boston area like to go to this [see end] and send a
report to the list?
I went. It was a good talk. The room was jam packed. Brian is very
forthright and sincere. After he finished speaking, Richard Stallman
gave an
Would someone at MIT / in Boston area like to go to this and send a
report to the list? Might help clear up some of the currently
unexplained aspects about Palladium, such as:
- why they think it couldn't be used to protect software copyright (as
the subject of Lucky's patent)
- are there plans
10 matches
Mail list logo
