AARG!Anonymous wrote: >David Wagner writes: >> Standard process separation, sandboxes, jails, virtual machines, or other >> forms of restricted execution environments would suffice to solve this >> problem. > >Nothing done purely in software will be as effective as what can be done >when you have secure hardware as the foundation.
I wasn't thinking of pure software solutions. I was thinking of a combination of existing hardware + new software: use the MMU to provide separate address spaces, and use a secure VM or OS kernel to limit what those processes can do. As far as I can see, this can provide just as much protection against viruses for your bank account as Palladium can. In general, with software and existing hardware working together, I suspect we can already do everything Palladium can do, except for the DRM and related applications founded on taking control away from the owner of the machine. Maybe I'm missing something. Still, it seems to me that Palladium would much more compelling if it left out the tamper-resistant chip and gave up on the semi-coercive DRM-like applications. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]