According to the message below, Palladium will not include a "serial number revocation list", "document revocation list", or similar mechanism to delete pirated music and other unauthorized content. These claims have been made most vocally by Ross Anderson in his TCPA FAQ, http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html, and by Lucky Green in his DefCon presentation, http://www.cypherpunks.to/.
Instead, the point of Palladium is to create "a decentralized, trusted computing base... whose integrity can be audited by anyone". This is accomplished, as has been discussed at length here and elsewhere, by hardware which can compute a secure hash of software as it loads, and which can attest to this hash via cryptographic signatures sent to remote systems. This functionality allows software to prove to third parties that it is running unmolested, which is the basic functionality provided by Palladium. Unfortunately, the exaggerated and misleading claims in the links above are accepted as truth by most readers, and a false picture of Palladium is virtually universal on the net. Isn't it time for security experts to take a responsible position on this technology, and to speak out against the spread of these falsehoods? > A Few Words About Palladium > By John Manferdelli, General Manager, Trusted Platform Technologies, > Microsoft Corporation > > As you may know, I spent some time on the road in the UK in > November. During my visit, I had the chance to meet some of you at > the "Meet the Technologists" breakfast at the Microsoft Campus in > Reading. Thanks to those of you who were able to attend. It was a great > chance to engage in frank discussions about some of the more controversial > topics surrounding Palladium. > > One of the issues we discussed was whether Palladium would include > mechanisms that would delete pirated music or other content under remote > control or otherwise disable or censor content, files, or programs running > on Windows. The truth is, Palladium will not disable any content or file > that currently runs. Palladium was designed so that no policy will be > imposed that is not approved by the user. Microsoft is firmly opposed to > putting "policing functions" into Palladium and we have no intention of > doing so. The machine owners - whether an individual or enterprise - have > sole discretion to determine what programs run under Palladium. Programs > that run under Palladium, just like programs that run under Windows, > will do whatever they are allowed to do, based on the security settings > on the user's machine. Palladium not only respects existing user controls, > it strengthens them. > > What Palladium does change is the ability for software to be protected > from other software. Palladium will enable and safeguard a decentralized > trusted computing base on open systems. These security-oriented > capabilities in Windows will be enabled by a relatively small change in > hardware, and will help transform the PC into a platform that can perform > trusted operations that span multiple computers under a trust policy that > can be dynamically created and whose integrity can be authenticated by > anyone. In addition, it will preserve the flexibility and extensibility > that contributes so much to the entire PC ecosystem. > > I hope to have an opportunity to meet more of you in the New Year. We'll > keep you posted about Palladium-related industry events and other "Meet > the Technologist" opportunities. > > Happy holidays! > - John Manferdelli > > P.S. While I was in London, I also had the opportunity to speak about > Trustworthy Computing and the Palladium initiative at the Trusted > Computing Masterclass in London. The event included participants from > Hewlett Packard Labs, Red Hat, and Cambridge University, among others. You > can read more about the event at www.netproject.com.
