RE: "Wild and Crazy": Interview with Palladium's Mario Juarez
pasward writes: > In other words, when the MB is fried because of some freak > electrical surge, I'm screwed, because I can't put the HD > into another machine and get the data off it? You will probably need to re-install the OS from CDROM on the new machine. Which shouldn't be a big problem, since chances are that you didn't do a large amount of customization on the 3DES encrypted OS binary, anyway. As for your application data, you typically should be able to go back to the application vendor, assuming your maintenance license is current, to have the vendor re-bind your data file encryption keys to the new TPM. I am not aware of any such plans for non-user generated data, such as purchased entertainment content, but then requiring the user to repurchase such data when changing motherboards is not incompatible with the content providers' business models. --Lucky Green - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: "Wild and Crazy": Interview with Palladium's Mario Juarez
-- On 2 Jul 2002 at 15:45, [EMAIL PROTECTED] wrote: > In other words, when the MB is fried because of some freak > electrical surge, I'm screwed, because I can't put the HD into > another machine and get the data off it? Only that data that you choose to associate with that specific computer. This is a very useful privacy protecting feature. Of course another use of that feature, more useful to large corporations and less useful to yourself is that those corporations can sell you programs and entertainment content that can only be read on that machine, and ceases to exist when that machines trusted chip is fried -- they can sell you data that will be associated with that particular computer, even though you would prefer it not to be so associated. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 8KpRBENoQKtlOVgNYunEkBsAkozcXsuf8zdGwPdq 2hetBbJ6k4/vezSEkl/kwNQeBMLsRrLE3f+cbtQvn - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: "Wild and Crazy": Interview with Palladium's Mario Juarez
From: [EMAIL PROTECTED] > <[EMAIL PROTECTED]> writes: > > In other words, when the MB is fried because of some freak electrical > > surge, I'm screwed, because I can't put the HD into another machine > > and get the data off it? > > What's wrong with your backups? :-) > > This is like a problem Windows already has: if you move a disk onto > different hardware, more often than not you can't boot because the > wrong Hardware Adaptation Layer info is in the disk's boot sector. At > least you can recover the data by mounting it as a second disk. What's wrong is the backups are presumably encrypted in a way that requires the cooperation of MS to read it on a machine other than the originator. I'm not at all likely to become US president but if I were I'd consider this an issue worth nuking Redmond for in office hours with no warning. -- ## # Antonomasia ant notatla.demon.co.uk # # See http://www.notatla.demon.co.uk/# ## - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: "Wild and Crazy": Interview with Palladium's Mario Juarez
I think his comment is can you cannot backup the key. Maybe the answer is that the key is in the processor and you must 1. get a new identity whenever you change processor chips and 2. that moving disks from machine to machine is not possible, only plaintext copy. Seems workable to me :^( On Tue, 2002-07-02 at 16:08, [EMAIL PROTECTED] wrote: > <[EMAIL PROTECTED]> writes: > > In other words, when the MB is fried because of some freak electrical > > surge, I'm screwed, because I can't put the HD into another machine > > and get the data off it? > > What's wrong with your backups? :-) > > This is like a problem Windows already has: if you move a disk onto > different hardware, more often than not you can't boot because the > wrong Hardware Adaptation Layer info is in the disk's boot sector. At > least you can recover the data by mounting it as a second disk. > > /ji > > - > The Cryptography Mailing List > Unsubscribe by sending "unsubscribe cryptography" to > [EMAIL PROTECTED] > -- - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
Re: "Wild and Crazy": Interview with Palladium's Mario Juarez
<[EMAIL PROTECTED]> writes: > In other words, when the MB is fried because of some freak electrical > surge, I'm screwed, because I can't put the HD into another machine > and get the data off it? What's wrong with your backups? :-) This is like a problem Windows already has: if you move a disk onto different hardware, more often than not you can't boot because the wrong Hardware Adaptation Layer info is in the disk's boot sector. At least you can recover the data by mounting it as a second disk. /ji - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
"Wild and Crazy": Interview with Palladium's Mario Juarez
R. A. Hettinga writes: > Juarez: You have the ability to establish the notion of trusted code which > can't be observed or modified. Moreover, information on your machine, which > is living in one of those vaults or one of the sub-vaults, or as storage on > your disc can be encrypted with machine specific secrets so that they are > functionally useless if they are stolen. [For example,] if the hard drive > gets pulled or copied. In other words, when the MB is fried because of some freak electrical surge, I'm screwed, because I can't put the HD into another machine and get the data off it? - The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
"Wild and Crazy": Interview with Palladium's Mario Juarez
http://www.digitalidworld.com/print.php?sid=74 Interview with Palladium's Mario Juarez By: Phil Becker ([EMAIL PROTECTED]) Topic: Security Posted: Wednesday, June 26 @ 00:00:00 URL: http://www.digitalidworld.com/article.php?id=74 Microsoft made it's Palladium project public and it has caused quite a stir as people seek information. Mario Juarez is the Group Product Manager for the Palladium project. Digital ID World caught up with Mr. Juarez and asked him to fill us in on what Palladium is, how it will work, and how Microsoft sees its deployment strategy. Along the way he addressed the Privacy issues, governmental issues, and provided insight into Microsoft's philosophy about Palladium as well... DIDW: What were the motivations that caused Palladium to happen? What was going on as Microsoft looked at the world that caused them to think it was time to try to address this arena? Juarez: What you had were a core group of wild and crazy guys who I'm just in awe of. They were focused on a small problem, and came up with a big solution. They pretty quickly realized that what they were dealing with was something that had huge implications. These weren't trivial guys. Peter Biddle had been spending his time focusing on hardware issues and he quickly brought in a couple of very senior research architect level guys and a key guy from the NT core base operating system team. They worked on this in their spare time, in their off hours and weekends, and just kept building on it. By sheer force of determination and the belief that they had in the vision, they really pushed this thing. They began to carefully engage Intel and AMD to evangelize them, and eventually win them over. And other forces in the universe have come around to where this has clearly emerged as an idea whose time has come. Because these guys are really good, and they know how to make things happen at Microsoft, they finally, as of last Fall, succeeded in having this established as a product unit. We're now at the phase where we've talked to a lot of other companies, and we've talked to a lot of potential partners, and we've talked to a lot of people in other realms such as privacy, security, government and policy. We've gotten a lot of stakeholders involved in this and now we're trying to do business in a way that's a lot more open. That's why we've decided to take the wraps off at this point. DIDW: So you are saying that this was pushed from the bottom up in the company, as opposed to being part of a larger strategy initiative from above? Juarez: Yes. A lot of things happen like that at Microsoft. DIDW: What is Palladium and how does it fit with TrustBridge, .NET, Passport and all the identity related things Microsoft has going. Juarez: As I'm sure you've gleaned, Palladium is the code name for a set of features in an upcoming version of Windows (Don't know which one yet, don't know when.) We regard it as pretty significantly evolutionary, because for the architecture we've got here - a new breed of hardware, new capabilities in the operating system, and over time new applications and services - we think it will provide some very significant things in the way of security, personal privacy, and system integrity. And I think that the concerns you have around identity-centric computing are going to be well served by [Palladium]. DIDW: Could you give us an overview of Palladium's structure? Juarez: I mentioned system integrity, personal privacy, and enhanced security. In terms of system integrity what we have with Palladium is some new hardware components, actually one new component and some modified components. We have changes to the CPU, changes to the chip sets, and a new security chip that work together with the operating system to create what we call a Trusted Operating Root - the TOR. You can think of the TOR as a kind of micro-kernel. When you turn [the computer] on and the system boots up, it will load the TOR - the Trusted Operating Root. Several things happen upon that load. Space gets physically cleared out and reserved on the chip set (we use the metaphor of calling this a vault.) Think of this as a secure processing environment inside of which you can run code that is "trusted." On that virtual vault, you can build other trusted processes. You can have processes or data that are field installed and trusted in a way that is physically isolated, protected, and not accessible to other things on the machine. It can't be modified or observed, so it's essentially impervious to the kinds of things people think of when they think of software based attacks. By virtue of the way the hardware is working, you get the abilities that the TOR will use to create provability or attestation. The software or hardware can be cryptographically provable to you, to other computers, and to other processes that are happening on the computers - which means that things can be verified. The system can verify that other computers or processes are trust