>> Palladium will have an option to turn certain features "off", says >> MS, so you can run programs deemed untrusted, outside the sandbox. If >> there is a mechanism to turn features off, they differ from TCPA, >> that is mandatory.
>Sounds great, doesn't it? >What would you choose: >1. Run without Palladium, but your MS Office, IE and Windows update >might not work since your computer is considered insecure. >2. Active Palladium. I think i might run w/o Palladium - and search the net for cracked windows updates, they are availale now, so why should'nt they be in the future? I never thought it useful upgrading to a newer office since 2000, so why should I do so in the future? >> The only thing unclear for want of funcspecs is if I will be able to >> take files out of the sandbox. If they want to make the systems >> 'backwards compatible', there must be such a feauture. >If the system is backwards compatible, what's the point with Palladium? >It's like the "improved security" of XP or .NET server: they still use >the NTLM-hash so LC still works. Let's turn the question around a bit: if it is not backwards compatible, how am i going to upgrade a 150.000 usr network? This answers your question on XP and .NET as well - getting secure means big bang migrations. But these are rarely feasible. So there must be a backwards compatability on some levels, such as network authentication, which can be turned off later. Of course, we forget, but we can't blame MS for that. Same goes for Palladium, a system msut not only be secure, it should be useable, including during migrations. /Yossarian _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html