At 01:50 AM 08/29/2002 +0100, Paul Crowley wrote: >I'm informed that malware authors often go to some lengths to prevent >their software from being disassembled. Could they use Palladium for >this end? Are there any ways in which the facilities that Palladium >and TCPA provide could be useful to a malware author who wants to >frustrate legitimate attempts to understand and defeat their software?
Hey, that's clever. If the Palladium and/or TCPA stuff is designed generally enough that anybody can use it, then certainly malware authors can do so just about as well as copy-protection-ware authors or spyware authors can. (If it's designed so that only Officially Licensed Trusted Developers can have the keys they need, then malware authors will have to write their code the old-fashioned way.) The more interesting question, I suspect, is how much access a TCPA or Palladium program has to the surrounding environment - is it a platform that makes it easy for the consumer to trust programs written to run on it not to mess up their machines, or is it *only* to let authors trust the machines not to examine or change their programs? --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]