Anonymous writes in favor of palladium arguing that it is optional, so
all is ok.
On Wed, Jul 13, 2005 at 12:15:21AM -0700, cypherpunk wrote:
> This is precisely the security model which has so many people upset:
> the system owner (the network admin) is giving up control over his
>
At 11:47 AM 7/12/2005, Tyler Durden wrote:
How secure can I make a Java sandbox from the rest of the network I'm on?
Can I make it so that my network administrator can't see what I'm typing?
In other words, a secure environment that's sitting on an insecure machine.
There's the "network" and
an insecure machine.
Although you asked about "Reverse Palladium" what you really want is
Palladium itself. This is precisely the security model which has so
many people upset: the system owner (the network admin) is giving up
control over his machine, running software which he cannot contr
Well not with java ...? Any keylogger would catch what you type; or
any mouse-logger could catch what you click.
You could either attempt to remove/bypass keyloggers with a
lower-level language, or type in code.
...
-- Michael
On 7/13/05, Tyler Durden <[EMAIL PROTECTED]> wrote:
> How secure can
How secure can I make a Java sandbox from the rest of the network I'm on?
Can I make it so that my network administrator can't see what I'm typing? In
other words, a secure environment that's sitting on an insecure machine.
And of course, there's a short term 'solution' (which will work until t
r 2003:
Microsoft will claim
that Palladium is good for you, Richard Stallman asks your help in telling
the truth
http://www.nyfairuse.org/action/palladium";
for-what-Microsoft-does-today-with-the-primitive-hard-DRM-in-Xbox="http://x
box-linux.sourceforge.net/docs/remotedelete.
For some updated news about NGSCB, aka Palladium, go to the Microsoft
NGSCB newsgroup page at
http://communities.microsoft.com/newsgroups/default.asp?icp=ngscb&slcid=us.
This might be a good forum for cypherpunks to ask questions about
Palladium.
There was a particularly informative postin
On Thu, Oct 23, 2003 at 11:59:47AM -0700, Major Variola (ret) wrote:
> And virii that infect the immune system can be fun too --imagine a virus
> infecting your antiviral program. HIV for Windows.
Or a virus that modifes your other programs to make them appear to
be known virii. You'd have to t
.
You could be talking about biology as well.
Any system which hides code from reverse engineering will
>make this process more difficult. To the extend that
Palladium/TCPA/NGSCB
>hides code, and to the extent it succeeds at this hiding, the more it
>encourages new and more pervasive v
make this process more difficult. To the extend that Palladium/TCPA/NGSCB
hides code, and to the extent it succeeds at this hiding, the more it
encourages new and more pervasive viruses.
Cheers - Bill
-
Bill Frantz
I have seen this *five* times already - is there some sort of wierd mailing
loop in action?
I am fairly certain I haven't sent it five times spread out over two
days
at Friday, January 31, 2003 2:18 AM, Peter Gutmann
<[EMAIL PROTECTED]> was seen to say:
> More particularly, governments are likely to want to explore the
> issues related to potential foreign control/influence over domestic
> governmental use/access to domestic government held data.
> In othe
It looks like Palladium (or whatever it's called this week) is of concern not
just to individuals but to governments as well (the following text forwarded
from elsewhere):
-- Snip --
Governments would want to explore the implications of the use and
retention of government-held informatio
On Fri, 13 Dec 2002, Nomen Nescio wrote:
> According to the message below, Palladium will not include a "serial
> number revocation list", "document revocation list", or similar
> mechanism to delete pirated music and other unauthorized content.
> These claims hav
According to the message below, Palladium will not include a "serial
number revocation list", "document revocation list", or similar
mechanism to delete pirated music and other unauthorized content.
These claims have been made most vocally by Ross Anderson in his TCPA
FAQ, htt
I've thought of some non-DRM uses of TCPA/Palladium technology
1. Electronic voting machines (as in Brazil)--that way you can tell that the
vote totals that are communicated to you were indeed generated using the
authorized software. I still think there should be an auditable paper
trai
this
forces the user to use some hardware hacking.
They disclaimed explicitly in the talk announce that:
| "Palladium" is not designed to provide defenses against
| hardware-based attacks that originate from someone in control of the
| local machine.
However I was interested to know exac
I've been trying to figure out whether the following attack will be
feasible in a Pd system, and what would have to be incorporated to prevent
against it.
Alice runs "trusted" application T on her computer. This is some sort of
media application, which acts on encoded data streamed over the
intern
are hacking.
They disclaimed explicitly in the talk announce that:
| "Palladium" is not designed to provide defenses against
| hardware-based attacks that originate from someone in control of the
| local machine.
However I was interested to know exactly how easy it would be to
defeat
"Palladium sets up a separate trusted virtual computer inside the PC
processor, with its own OS, called Nexus, and it own applications, called
agents."
Holy crap. So does this mean that MS Windows 2005 with Palladium operating
will take about 15 minutes to boot up? Will "Age of
Would someone at MIT / in Boston area like to go to this and send a
report to the list? Might help clear up some of the currently
unexplained aspects about Palladium, such as:
- why they think it couldn't be used to protect software copyright (as
the subject of Lucky's patent)
- are t
> Of course, those like Lucky who believe that trusted computing technology
> is evil incarnate are presumably rejoicing at this news. Microsoft's
> patent will limit the application of this technology.
In what way is "in the desktop of almost every naive user" a usefully
limited application?
ironment.
>
> What AARG! is failing to mention is that Microsoft holds that Palladium,
> and in particular Trusted Operating Root ("nub") implementations, are
> subject to Microsoft's DRM-OS patent. Absent a patent license from
> Microsoft, any individual developer,
Peter Biddle writes:
> Pd is designed to fail well - failures in SW design shouldn't result in
> compromised secrets, and compromised secrets shouldn't result in a BORE
> attack.
Could you say something about the sense in which Palladium achieves
BORE ("break once run
tion, authentication, or the sealing of data.
P
- Original Message -
From: "Nathaniel Daw" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "Cypherpunks" <[EMAIL PROTECTED]>
Sent: Tuesday, September 17, 2002 3:01 PM
Subject: Re: but _is_ the pentium
proach to improve this situation (protect the user from the
risks of trojaned device drivers and too large and complex to
realistically assure security of OSes) one could run the OS itself in
ring0 and a key store and TOR in ring-1 (the palladium approach).
Some seem to be arguing that you don't
Here is a functional block diagram of the Palladium software, based on
a recent presentation by Microsoft. My notes were a bit sketchy as I
rushed to copy down this slide, so there may be some slight errors.
But this is basically what was shown. (Use a monospace font to see
it properly
The difference between us knowing the rats out of the bag and EVERYONE knowing.
Clipper-type strategies reflect a certain peculiar view about the nature of
communications in the global marketplace. It is one thing to suppose that
the United States government be free to intercept all communicatio
http://www.theregister.co.uk/content/4/26812.html
MS to intro product key check in WinXP SP1 WPA
By John Lettice
Posted: 26/08/2002 at 16:38 GMT
Microsoft has released details of the changes being made in Windows Product
Activation (WPA) with WinXP Service Pack 1. As expected, SP1 will fail to
i
Bruce Schneier wrote about Palladium:
> Basically, Pd is Microsoft's attempt to build a trusted computer, much as I
> discussed the concept in "Secrets and Lies" (pages 127-130); read it for
> background).
Actually his discussion in the book is about traditional &quo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Thursday 15 August 2002 19:53, Trei, Peter wrote:
> Take off your economic hat, and try on a law-enforcement one.
>
> With DMCA, etal, the tools to get around TCPA's taking of your
> right to use your property as you please have been criminalized.
> Russell Nelson[SMTP:[EMAIL PROTECTED]] writes:
>
> You're wearing your programmer's hat when you say that. But the
> problem isn't programming, but is instead economic. Switch hats. The
> changes that you list above may or may not offer some security
> advantages. Who cares? What really ma
Adam Back writes:
> So there are practical limits stemming from realities to do with code
> complexity being inversely proportional to auditability and security,
> but the extra ring -1, remote attestation, sealing and integrity
> metrics really do offer some security advantages over the curre
some
> distinctions between client and server platforms -- for example high
> end Intel chips with larger cache etc intended for server market by
> their pricing. You could imagine the TCPA/Palladium support being
> available at extra cost for this market.
>
> But the remai
At 07:30 PM 8/12/2002 +0100, Adam Back wrote:
>(Tim Dierks: read the earlier posts about ring -1 to find the answer
>to your question about feasibility in the case of Palladium; in the
>case of TCPA your conclusions are right I think).
The addition of an additional security ring with
At 09:07 PM 8/12/2002 +0100, Adam Back wrote:
>At some level there has to be a trade-off between what you put in
>trusted agent space and what becomes application code. If you put the
>whole application in trusted agent space, while then all it's
>application logic is fully protected, the danger
--
On 12 Aug 2002 at 16:32, Tim Dierks wrote:
> I'm sure that the whole system is secure in theory, but I
> believe that it cannot be securely implemented in practice and
> that the implied constraints on use & usability will be
> unpalatable to consumers and vendors.
Or to say the same thing
I think you are making incorrect presumptions about how you would use
Palladium hardware to implement a secure DRM system. If used as you
suggest it would indeed suffer the vulnerabilities you describe.
The difference between an insecure DRM application such as you
describe and a secure DRM
ments to
prevent it from happening. The main one is economic, the secondary
one is that we don't need it - you can buy hardware that does the same
thing off the shelf and plug it in to any generic PC.
If the authors of Palladium want their software to work, they should
look at the commercia
feasibility in the case of Palladium; in the
case of TCPA your conclusions are right I think).
On Mon, Aug 12, 2002 at 10:55:19AM -0700, AARG!Anonymous wrote:
> Adam Back writes:
> > +---++
> > | trusted-agent | user mode |
> > |space | app spac
Mike Rosing wrote:
> The difference is fundamental: I can change every bit of flash in my BIOS.
> I can not change *anything* in the TPM. *I* control my BIOS. IF, and
> only IF, I can control the TPM will I trust it to extend my trust to
> others. The purpose of TCPA as spec'ed is to remove my
oment
of TOR launch? And what, if anything, does my version fail to accomplish
that we know that Palladium can do?
> Integrity Metrics in a given level are computed by the level below.
>
> The TOR starts Trusted Agents, the Trusted Agents are outside the OS
> control. Therefore a remo
David Wagner wrote:
> Ben Laurie wrote:
>
>>Mike Rosing wrote:
>>
>>>The purpose of TCPA as spec'ed is to remove my control and
>>>make the platform "trusted" to one entity. That entity has the master
>>>key to the TPM.
>>>
>>>Now, if the spec says I can install my own key into the TPM, then ye
On Mon, Aug 12, 2002 at 01:52:39PM +0100, Ben Laurie wrote:
> AARG!Anonymous wrote:
> > [...]
> > What Palladium can do, though, is arrange that the app can't get at
> > previously sealed data if the OS has meddled with it. The sealing
> > is done by hardware bas
AARG!Anonymous wrote:
> Adam Back writes:
>
>>I have one gap in the picture:
>>
>>In a previous message in this Peter Biddle said:
>>
>>
>>>In Palladium, SW can actually know that it is running on a given
>>>platform and not being lied to
Adam Back wrote:
[...]
> - It is always the case that targetted people can have hardware
> attacks perpetrated against them. (Keyboard sniffers placed during
> court authorised break-in as FBI has used in mob case of PGP using
> Mafiosa [1]).
[...]
> [1] "FBI Bugs Keyboard of PGP-Using Alleged
oops, finger slip that should be
http://www.garlic.com/~lynn/2001h.html#61 security proportional to risk
aka 2001h.html not 2002h.html
[EMAIL PROTECTED] on 8/10/2002 11:25 pm wrote:
small discussion of security proportional to risk:
http://www.garlic.com/~lynn/2002h.html#61 security propor
small discussion of security proportional to risk:
http://www.garlic.com/~lynn/2002h.html#61 security proportional to risk
slightly related
http://www.garlic.com/~lynn/2001j.html#5 E-commerce security
http://www.garlic.com/~lynn/2001j.html#54 Does "Strong Security" Mean
Anything?
also slight
AARG!Anonymous writes:
> I'd like the Palladium/TCPA critics to offer an alternative proposal
> for achieving the following technical goal:
>
> Allow computers separated on the internet to cooperate and share data
> and computations such that no one can get access
- Original Message -
From: "Eugen Leitl" <[EMAIL PROTECTED]>
> Can anyone shed some light on this?
Because of the sophistication of modern processors there are too many
variables too be optimized easily, and doing so can be extremely costly.
Because of this diversity, many compilers use s
On Sat, 10 Aug 2002, Marcel Popescu wrote:
> Now I know the general opinion of AARG, and I can't say I much disagree. But
> I want to comment on something else here, which I find to be a common trait
> with US citizens: "it can't happen here". The Chinese gov't can do anything
> they like, becau
On Sat, 10 Aug 2002, R. Hirschfeld wrote:
> A trivial observation: this cannot be true across hardware platforms.
Untrue, just use a VM. Open Boot Forth would do nicely.
> TCPA claims to be "platform and OS agnostic", but Palladium does not.
Have fun in that there tarpit.
> Date: Fri, 9 Aug 2002 19:30:09 -0700
> From: AARG!Anonymous <[EMAIL PROTECTED]>
> Re the debate over whether compilers reliably produce identical object
> (executable) files:
>
> The measurement and hashing in TCPA/Palladium will probably not be done
> on
Re the debate over whether compilers reliably produce identical object
(executable) files:
The measurement and hashing in TCPA/Palladium will probably not be done
on the file itself, but on the executable content that is loaded into
memory. For Palladium it is just the part of the program
finition is far more useful and appropriate in
> really understanding what TCPA/Palladium are all about. Adam, what do
> you think?
Just because you can string words together and form a definition doesn't
make it realizable. Once data is in the clear it can be copied, and no
rules can cha
--
On 9 Aug 2002 at 17:15, AARG! Anonymous wrote:
> to understand it you need a true picture of TCPA rather than the
> false one which so many cypherpunks have been promoting.
As TCPA is currently vaporware, projections of what it will be,
and how it will be used are judgments, and are not
you need a true picture of TCPA rather than the false one
which so many cypherpunks have been promoting. Earlier Adam offered a
proposed definition of TCPA/Palladium's function and purpose:
> "Palladium provides an extensible, general purpose programmable
> dongle-like functionalit
On Thu, Aug 08, 2002 at 09:15:33PM -0700, Seth David Schoen wrote:
> Back in the Clipper days [...] "how do we know that this
> tamper-resistant chip produced by Mykotronix even implements the
> Clipper spec correctly?".
The picture is related but has some extra wrinkles with
"James A. Donald" wrote:
>
> --
> On Wed, 7 Aug 2002, Matt Crawford wrote:
> > > Unless the application author can predict the exact output of
> > > the compilers, he can't issue a signature on the object code.
> > > The
>
> On 9 Aug 2002 at 10:48, Eugen Leitl wrote:
> > Same version of comp
I'm not surprised that most people couldn't produce a matching PGP
executbales - most compilers (irrespective of compiler optimisation
options etc) include a timestamp in the executable.
Regards,
Sam Simpson
[EMAIL PROTECTED]
http://www.samsimpson.com/
Mob: +44 (0) 7866 726060
Home Offi
On Fri, 9 Aug 2002, David Howe wrote:
> It doesn't though - that is the point. I am not sure if it is simply
> that there are timestamps in the final executable, but Visual C (to give
> a common example, as that is what the windows PGP builds compile with)
> will not give an identical binary, eve
> Same version of compiler on same source using same build produces
> identical binaries.
It doesn't though - that is the point. I am not sure if it is simply
that there are timestamps in the final executable, but Visual C (to give
a common example, as that is what the windows PGP builds compile w
On Wed, 7 Aug 2002, Matt Crawford wrote:
> Unless the application author can predict the exact output of the
> compilers, he can't issue a signature on the object code. The
Same version of compiler on same source using same build produces
identical binaries.
> compilers then have to be inside
Anonymous wrote:
> Matt Crawford replied:
> > Unless the application author can predict the exact output of the
> > compilers, he can't issue a signature on the object code. The
> > compilers then have to be inside the trusted base, checking a
> > signature on the source code and reflecting it
I would like to again thank the Palladium team, in particular Peter
Biddle, for participating in yesterday's panel at the USENIX Security
conference on Palladium and TCPA.
Unfortunately I do not have the time at the moment to write up the many
valuable and informative points made durin
Anon wrote:
> You could even have each participant compile the program himself,
> but still each app can recognize the others on the network and
> cooperate with them.
Matt Crawford replied:
> Unless the application author can predict the exact output of the
> compilers, he can't issue a signatur
> Date: Thu, 8 Aug 2002 21:55:40 +0200
> From: "R. Hirschfeld" <[EMAIL PROTECTED]>
>
> > Date: Wed, 7 Aug 2002 12:50:29 -0700
> > From: AARG!Anonymous <[EMAIL PROTECTED]>
>
> > I'd like the Palladium/TCPA critics to offer an alternativ
Subject: Obscure Palladium facts?
In 1971 the Pentagon proposed to Nixon that a special
gadget be fitted to everyone's telly, whereby the President could turn on
every set in the country in a time of emergency.
Murdoch's Sky TV can remove reception of their own channels from anyo
> I'd like the Palladium/TCPA critics to offer an alternative proposal
> for achieving the following technical goal:
> Allow computers separated on the internet to cooperate and share data
> and computations such that no one can get access to the data outside
> the l
> Date: Wed, 7 Aug 2002 12:50:29 -0700
> From: AARG!Anonymous <[EMAIL PROTECTED]>
> I'd like the Palladium/TCPA critics to offer an alternative proposal
> for achieving the following technical goal:
>
> Allow computers separated on the internet to cooperate and sh
I anticipate my Remailer/Mint/APster application,Cryptosporidium will be
IPO ready soon as GUI detail tidy up the interface.My upcoming trial next
week will not delay this as I've delegated the task of bringing the project
up to speed on Mongo.Thats why you haven't heard from him for a while.Be
>>Frightened words of a dying man suffering from reality overload.
<<
Yes but what do you think of what Tolstoy said?
"First the Metal Storm
[wired.com]the videos page
, now this!
Soon Australians will be able to fly up to
anyone,HyShot homepage.
 anywhere in the world, within minutes, and the
Possibly no connection,its late in the day here...I can feel a 'regime
change' coming
on...http://www.infoshop.org/inews/stories.php?story=02/08/01/5792459
""The views you have acquired about Darwinism, evolution, and the struggle
for existence won't explain to you the meaning of your life and
Nomen Nescio wrote:
> Ben Laurie wrote:
>
>>Albion Zeglin wrote:
>>
>>>Similar to DeCSS, only one Palladium chip needs to be reverse engineered and
>>>it's key(s) broken to virtualize the machine.
>>
>>If you break one machine's key:
&
eb \|/
+ v + :I want a refund!|site, and you must change them very often.
[EMAIL PROTECTED] http://www.sunder.net
On Thu, 11 Jul 2002, Albion Zeglin wrote:
> Similar to DeCSS, only one Palladium chip needs to be reverse engineered and
> it's key(s) broken to virtualize t
Ben Laurie wrote:
> Albion Zeglin wrote:
> > Similar to DeCSS, only one Palladium chip needs to be reverse engineered and
> > it's key(s) broken to virtualize the machine.
>
> If you break one machine's key:
>
> a) You won't need to virtualise it
&
Similar to DeCSS, only one Palladium chip needs to be reverse engineered and
it's key(s) broken to virtualize the machine. Simulate a Pentium VI in Java and
all extant code could be accessed. Similarly, is Microsoft's signing keys were
cracked then any code could be signed.
If th
http://slashdot.org/articles/02/07/07/133222.shtml?tid=109
--
--
When I die, I would like to be born again as me.
Hugh Hefner
[EMAIL PROTECTED]
At 10:07 PM 06/26/2002 -0700, Lucky Green wrote:
>An EMBASSY-like CPU security co-processor would have seriously blown the
>part cost design constraint on the TPM by an order of magnitude or two.
Compared to the cost of rewriting Windows to have a infrastructure
that can support real security? M
[2nd Repost]
Lucky asks:
> I am looking for a quote by a TCPA or Palladium principal that states
> that TCPA and/or Palladium will be voluntary or optional. Google was not
> helpful. Did anybody on here run across such a quote in one of the
> interviews recently published? Please
[Repost]
Lucky asks:
> I am looking for a quote by a TCPA or Palladium principal that states
> that TCPA and/or Palladium will be voluntary or optional. Google was not
> helpful. Did anybody on here run across such a quote in one of the
> interviews recently published? Please inc
Bob wrote quoting Mark Hachman:
> The whitepaper can not be considered a roadmap to the design
> of a Palladium-enabled PC, although it is one practical
> solution. The whitepaper was written at around the time the
> Trusted Computing Platform Association
> (TCPA) was formed
file formats.
>From Steven Levy's article:
"A more interesting possibility is that Palladium could help introduce
DRM to business and just plain people. It's a funny thing," says Bill
Gates. "We came at this thinking about music, but then we realized that
e-mail and documents
terms, if not preposterous notions on their
face.
Cheers,
RAH
-BEGIN PGP SIGNATURE-
Version: PGP 7.5
iQA/AwUBPRqKFsPxH8jf3ohaEQLhkACgrjzGqd+sWTRURTPB/pOBBRclTykAoMLT
93jOFpW8m0p7u7i8c8FO6W/N
=iwOs
-END PGP SIGNATURE-
http://www.extremetech.com/print_article/0,3998,a=28570,00.a
Interesting Q&A paper and list comments. Three
additional comments:
1. DRM and privacy look like apple and speedboats.
Privacy includes the option of not telling, which DRM
does not have.
2. Palladium looks like just another vaporware from
Microsoft, to preempt a market like when MS prom
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
Ross
86 matches
Mail list logo