Palladium -- trivially weak in hw but "secure in software"?? (Re: palladium presentation - anyone going?)
Remote attestation does indeed require Palladium to be secure against the local user. However my point is while they seem to have done a good job of providing software security for the remote attestation function, it seems at this point that hardware security is laughable. So they disclaim in the talk announce that Palladium is not intended to be secure against hardware attacks: | "Palladium" is not designed to provide defenses against | hardware-based attacks that originate from someone in control of the | local machine. so one can't criticise the implementation of their threat model -- it indeed isn't secure against hardware based attacks. But I'm questioning the validity of the threat model as a realistic and sensible balance of practical security defenses. Providing almost no hardware defenses while going to extra-ordinary efforts to provide top notch software defenses doesn't make sense if the machine owner is a threat. The remote attestation function clearly is defined from the view that the owner is a threat. Without specifics and some knowledge of hardware hacking we can't quantify, but I suspect that hacking it would be pretty easy. Perhaps no soldering, $50 equipment and simple instructions anyone could follow. more inline below... On Mon, Oct 21, 2002 at 09:36:09PM -0400, Arnold G. Reinhold wrote: > [about improving palladium hw security...] Memory expansion could be > dealt with by finding a way to give Palladium preferred access to > the first block of physical memory that is soldered on the mother > board. I think standard memory could be used. I can think of simple processor modifications that could fix this problem with hardware tamper resistance assurance to the level of having to tamper with .13 micron processor. The processor is something that could be epoxyied inside a cartridge for example (with the cartridge design processor + L2 cache housings as used by some Intel pentium class processors), though probably having to tamper with a modern processor is plenty hard enough to match software security given software complexity issues. Adam -- http://www.cypherspace.net/
Re: Palladium -- trivially weak in hw but "secure in software"?? (Re: palladium presentation - anyone going?)
> Software-based attacks are redistributable. Once I write a program > that hacks a computer, I can give that program to anyone to use. I > can even give it to everyone, and then anyone could use it. The > expertise necessary can be abstracted away into a program even my > mother could use. > > Hardware-based attacks cannot be redistributed. If I figure out how > to hack my system, I can post instructions on the web but it still > requires technical competence on your end if you want to hack your > system too. > > While this doesn't help a whole lot for a DRM goal (once you get the > non-DRM version of the media data, you can redistribute it all you > want). I think this assumption may be incorrect. In order for content providers to "win" the DRM fight it seems like they need to address two issues. First, put up a big enough barrier for most users that circumventing access controls is infeasible, or simply not worth it. Second, put up a big enough barrier for most users that gaining access to copies of media with the access controls removed is either infeasible, or simply not worth it. I believe tamper resistant hardware solves the first problem, even if, as Adam conjectures, all that is required to access media protected by Palladium is a $50 kit (which remember, you can't obtain legally) and some hardware hacking. This seems to rule out well over %99 of the media consuming public. The problem of obstructing the distribution of media is really a different topic. I think that solving this problem is easier than most folks think. Again, you don't have to totally stop it P2P, or that kid in the shopping mall selling copied CD's. All you have to do is put up big enough technical and legal barriers that the general public would rather just pay for the media. While it may be the case that Palladium is not a serious barrier to the average CS graduate student, Cypherpunk, or even the home user who has a modicum of hardware clue, I don't think this will kill it as an effective technology for supporting DRM, assuming that the software cannot be broken. --Tal
Re: Palladium -- trivially weak in hw but "secure in software"??(Re: palladium presentation - anyone going?)
At 4:52 PM +0100 10/22/02, Adam Back wrote: Remote attestation does indeed require Palladium to be secure against the local user. However my point is while they seem to have done a good job of providing software security for the remote attestation function, it seems at this point that hardware security is laughable. I think the most important phrase above is "at this point." Palladium is still being designed. I'd argue that the software/firmware portion is the trickiest to get right. It seems rational for Microsoft to let that design mature, then analyze the remaining hardware threats and turn the hardware engineers loose to try to plug them. Palladium has to be viewed in the larger context of a negotiation between Microsoft and Hollywood (I include here all the content owners: movie studios, recording industry, book publishers, etc. ). Hollywood would prefer a completely closed PC architecture, where consumers' use of the computer could be tightly monitored and controlled. They perceive general purpose computing as we know and love it to be a mortal threat to their continued existence. Keeping the content of DVDs and future media locked up is not enough in their eyes. They want all material displayed to be checked for watermarks and blocked or degraded if the PC owner hasn't paid for the content. Microsoft wants to preserve general purpose computing because it realizes that in a closed architecture, the OS would become a mere commodity component and the consumer electronics giants would eventually displace Microsoft. On the other hand, Microsoft needs Hollywood provide the kind of content that will drive PC sales and upgrades. The base line PC platform of today or even two years ago is powerful enough for most consumers and businesses. People are keeping their PCs longer and not upgrading them as often. Most everyone who wants a PC (at least in North America) already has one. Microsoft needs something new to drive sales. I expect Microsoft and Hollywood to haggle over the final specs for Palladium PCs and no doubt additional hardware protection measures will be included. The actual spec may well be kept secret, with NDA access only. Hollywood will hold two strong card at the table: its content and the threat of legislation. I'm sure Senator Hollings is watching developments closely. The big question in my mind is how to get PC consumers a place at the bargaining table. It seems to me that PC consumers have three tools: votes, wallets and technology. The Internet is well suited to political organizing. Remember the amount of mail generated by the modem tax hoax? Consumer boycotts are another powerful threat, given how powerful and upgradable existing computer already are. Technology can provide an alternative way to gain the benefits that will be touted for controlled computing. Anti-virus and anti-DDS techniques come to mind. Also, since I expect an eventual push to ban non-Palladium computers from the Internet, alternative networking technology will be important. The Palladium story is just beginning. Arnold Reinhold
Re: Palladium -- trivially weak in hw but "secure in software"?? (Re: palladium presentation - anyone going?)
On Tue, Oct 22, 2002 at 04:52:16PM +0100, Adam Back wrote: > So they disclaim in the talk announce that Palladium is not intended > to be secure against hardware attacks: > > | "Palladium" is not designed to provide defenses against > | hardware-based attacks that originate from someone in control of the > | local machine. > > so one can't criticise the implementation of their threat model -- it > indeed isn't secure against hardware based attacks. > > But I'm questioning the validity of the threat model as a realistic > and sensible balance of practical security defenses. > > Providing almost no hardware defenses while going to extra-ordinary > efforts to provide top notch software defenses doesn't make sense if > the machine owner is a threat. This depends. I would say this is an interesting threat model. It makes the attacks non-redistributable. Software-based attacks are redistributable. Once I write a program that hacks a computer, I can give that program to anyone to use. I can even give it to everyone, and then anyone could use it. The expertise necessary can be abstracted away into a program even my mother could use. Hardware-based attacks cannot be redistributed. If I figure out how to hack my system, I can post instructions on the web but it still requires techinical competence on your end if you want to hack your system too. While this doesn't help a whole lot for a DRM goal (once you get the non-DRM version of the media data, you can redistribute it all you want), it can be very useful for security. It can help to eliminate the 'script kiddie' style of attackers. Rick
Re: Palladium -- trivially weak in hw but "secure in software"??(Re: palladium presentation - anyone going?)
On Tue, 22 Oct 2002, Rick Wash wrote: > Hardware-based attacks cannot be redistributed. If I figure out how > to hack my system, I can post instructions on the web but it still > requires techinical competence on your end if you want to hack your > system too. > > While this doesn't help a whole lot for a DRM goal (once you get the > non-DRM version of the media data, you can redistribute it all you > want), it can be very useful for security. It can help to eliminate > the 'script kiddie' style of attackers. Not really. It depends on what they are exploiting. Does every piece of code need to be validated all the time? Once a program is running, does something running in its code space get revalidated or soes it just run? I don't see how paladium stops buffer overflows or heap exploits or format bugs or any of the standard exploits that are in use today. (Not without crippling the entire system for bot the user and the programmer.) It seems to change little for script kiddies if the machines are going to communicate with other systems. (Unless the DRM holders will control who and how you can connect as well. And they just might do that as well...) The perveyors of this also claim it will stop spam and e-mail viruses. They only way it can do that is by making paladium based systems incompatable with every non-DRM machine on the planet. (So much for getting e-mail from your relatives!) The only problem this hardware seems to solve is shackling the user into what data they can see and use. If Microsoft follows their standard coding practices, the script kiddie problem will not go away with this technology. It will probably increase. And it will be illegal to effectivly stop them.