This is bad this is very bad! This is having big brother in your CPU! How about a complete boycott on all hardware!? We'll see how far this will last! Watch the computer industries collapse! ... I got better idea, BOYCOTT WINDOWS!
Since MS WIndows seems to be the main part in all of this.
 
read it it's scary very scary! MS wants complete control of your computer! And sooner or later you will have to pay a monthly fee to use it with a MS OS.
 
"MS Palladium protects IT vendors, not you - paper
By John Lettice
Posted: 06/28/2002 at 05:27 EST
 
 
Ross Anderson of Cambridge University has published a lengthy and informative paper/FAQ on Palladium, the Trusted Computing Platform Alliance (TCPA), their relationship and their implications. His take is that Microsoft's Palladium, soft-announced by the company earlier this week, will be built on TCPA hardware, adding some extra features as it goes along. Some of these features, he notes, will the there in order to make the package look more attractive, while some of the components of Palladium are already shipping in Xbox and WinXP.  
 
TCPA itself provides for a monitoring component to be included in future PCs. In phase one Anderson expects it to be an add-on chip on the motherboard, but further down the line it will be in the CPU. It's more crackable as an add-on, as you could conceivably get around it by monitoring bus traffic, but once it's in the CPU this becomes a lot harder, and he speculates about the likely effects in the event of TCPA/Palladium being to all intents and purposes uncrackable.  
 
Aside from providing the music business with workable DRM, it would also allow software companies to lock in their users. The more Palladium/TCPA-enabled apps there are, the more this will be the case, and it will also have the tendency to favour existing players while locking out new entrants.  
 
Anderson refers to the chip as the "Fritz" chip, after senator Fritz Hollings who has been "working tirelessly" to make TCPA compulsory. On boot, Fritz "checks that the boot ROM is as expected, executes it, measures the state of the machine; then checks the first part of the operating system, loads and executes it, checks the state of the machine; and so on. The trust boundary, of hardware and software considered to be known and verified, is steadily expanded. A table is maintained of the hardware (audio card, video card etc) and the software (O/S, drivers, etc); if there are significant changes, the machine must be re- certified. The result is a PC booted into a known state with an approved combination of hardware and software. Control is then handed over to enforcement software in the operating system - this is presumably Palladium if your operating system in Windows."  
 
Note the similarities here to what Xbox is doing already.  
 
"Once the machine is in this state, Fritz can certify it to third parties: for example, he will do an authentication protocol with Disney to prove that his machine is a suitable recipient of 'Snow White'. The Disney server then sends encrypted data, with a key that Fritz will use to unseal it. Fritz makes the key available only so long as the environment remains 'trustworthy'. For this purpose, 'trustworthy' means that the media player application won't make any unauthorised copies of content."  
 
That's an example of the sort of procedure you'd encounter when the system is applied to the entertainment business. However, TCPA-enabled applications will likely have their security policies administered by remote servers, and this has other implications. What you're allowed to read could be censored for reasons other than copyright, so for example the scientologists might "convince a court that a certain document should be banned [and] get an order against a policy server." So to what extent could unpalatable and leaked documents be banned or disappeared?  
 
It will be possible to turn TCPA off, but if it achieves critical mass then this will mean you don't have access to TCPA-enabled applications, which may isolate you a tad. "If the applications that use TCPA / Palladium are more attractive to the majority of people, you may end up simply having to use them - just as many people have to use Microsoft Word because all their friends and colleagues send them documents in Microsoft Word."  
 
Anderson elaborates this, based on how this control has been used in the past:  
 
"TCPA appears designed to maximise the effect, and thus the economic power, of such plays. Given Microsoft's record of competitive strategic plays, I expect that Palladium will support them. So if you control a TCPA-enabled application, then your policy server can enforce your choice of rules about which other applications will be allowed to use the files your code creates. These files can be protected using strong cryptography, with keys controlled by the Fritz chips on everybody's machines. What this means is that a successful TCPA-enabled application will be worth much more money to the software company that controls it, as they can rent out access to their interfaces for whatever the market will bear. So there will be huge pressures on software developers to enable their applications for TCPA; and if Palladium is the first operating system to support TCPA, this will give it a competitive advantage over GNU/Linux and MacOS with the developer community."  
 
The most significant beneficiaries, he argues, will not be the content industries, but the incumbents in the IT business. "I expect the most significant economic effect will be to strengthen the position of incumbents in information goods and services markets at the expense of new entrants. This may mean a rise in the market cap of firms like Intel, Microsoft and IBM - but at the expense of innovation and growth generally. The majority of the innovations that spur economic growth are not anticipated by the manufacturers of the platforms on which they are based; and technological change in the IT goods and services markets is usually cumulative. Giving incumbents new ways to make life harder for people trying to develop novel uses for their products will create all sorts of traps and perverse incentives."  
 
TCPA could also, as argued here the other day, undermine the GPL. Modified code would still be covered under the GPL, but " it will not make full use of the TCPA features unless you have it signed, and have a certificate that enables you to use the TCPA Public Key Infrastructure (PKI). That is what will cost you money (if not at first, then eventually).  
 
"Even if a philanthropist does a not-for-profit secure linux, the resulting product would not really be a GPL version of a TCPA operating system, but a proprietary operating system that the philanthropist could give away free. (There are still issues about who would pay for use of the PKI that hands out user certs.)"  
 
"People believed that the GPL made it impossible for a company to come along and steal code that was the result of community effort. That may have been the case so long as the processor was open, and anyone could access supervisor mode. But TCPA changes that. Once the majority of PCs on the market are TCPA-enabled, the GPL won't work as intended."  
 
He concludes: "TCPA and Palladium do not so much provide security for the user, but for the PC vendor, the software supplier, and the content industry. They do not add value for the user. Rather, they destroy it, by constraining what you can do with your PC - in order to enable application and service vendors to extract more money from you."  
 
You have been warned. The full document, which you should read several times a week until further notice, is available here. ®"
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
 
<A HREF="http://www.anandtech.com/mysystemrig.html?id=9933" target="_new"> My Rig </A>

To be honest I have never understood what is the idea behind Palladium, nor what it is, and why it's bad.
I would read this if I'd knew more...!
 
--
  Intel and AMD sitting under a tree, P-R-O-C-E-S-S-I-N-G!  

Read the faq then ...  
<A HREF="http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html" target="_new">http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html</A>
 
To sum it up it's about invasion of your rights.
 
to read how it works read below. it's in the FAQ:
"4. How does it work?  
 
TCPA provides for a monitoring component to be mounted in future PCs. The likely implementation in the first phase of TCPA is a `Fritz' chip - a smartcard chip or dongle soldered to the motherboard.  
 
When you boot up your PC, Fritz takes charge. He checks that the boot ROM is as expected, executes it, measures the state of the machine; then checks the first part of the operating system, loads and executes it, checks the state of the machine; and so on. The trust boundary, of hardware and software considered to be known and verified, is steadily expanded. A table is maintained of the hardware (audio card, video card etc) and the software (O/S, drivers, etc); if there are significant changes, the machine must be re-certified. The result is a PC booted into a known state with an approved combination of hardware and software. Control is then handed over to enforcement software in the operating system - this is presumably Palladium if your operating system in Windows.  
 
Once the machine is in this state, Fritz can certify it to third parties: for example, he will do an authentication protocol with Disney to prove that his machine is a suitable recipient of `Snow White'. The Disney server then sends encrypted data, with a key that Fritz will use to unseal it. Fritz makes the key available only so long as the environment remains `trustworthy'. For this purpose, `trustworthy' means that the media player application won't make any unauthorised copies of content."
 
<A HREF="http://www.anandtech.com/mysystemrig.html?id=9933" target="_new"> My Rig </A>

Hmm,
 
And I'm still fuzzy on the whole concept but I had some thoughts maybe someone who knows could clarify for me.
 
1.) The article makes a big deal about remote server authentication for the porposes of dealing with any media. What prevents someone from "spoofing" this authentication? Basically just running in a signal that says to the CPU, "Ok doing that function is fine?"  
 
2.) In a related question. I haven't seen anything yet but what prevents someone from "cracking" WindowsXP's similar registration/authenication system? I don't know what the program is looking for exactly but I know it's supposed to receave a long string of authenication information from the Microsoft server when you register. So what's to prevent someone from creating a dummy authentication?
 
3.) Now that I'm thinking about it. Can somsone tell me where I can find more information about this subject. Particularly the kind used in Windows/OfficeXP? I'm sure Microsoft is fairly mum about what exactly it's doing and playing it up as a good thing for obvious reasons, but I'm starting to worry about them doing what this article suggests that they'll make you pay to reauthenicate your operating system every six months or so. A subscription based OS. (Shudder) Makes me want to go to Lenux. But as the article points out. Whatever has market mass is what is going to win.
 
I feel my civil rights being trampled on as I type.

if it's on the cpu it makes it much more difficult to crack. That would be like hacking into L2 cache and gutting that out. But now you got a problem as more software titles support this evil TCPA or whatever it is the less software you have at your disposal. Making your computer virtually useless.
 
The people have the power. The people decide on what is popular and what goes and what stays. Only you and i and the rest of you can make a difference. The way to talk to companies is with money. Thats all they care about; money.  
 
Simply boycott computers. Instead of buying a new motherboard or a new cpu or whatever save it up for a 55 inch HDTV. Or a new car stereo. What about that jersey you always wanted but it's 149.95. Boycott anything with the MS logo or anything that uses the TCPA. learn and understand what it is. Spread it around and make it known.  
 
This is very evil.
 
Boycotting and spreading information is a powerful tool.
 
<A HREF="http://www.anandtech.com/mysystemrig.html?id=9933" target="_new"> My Rig </A>

ok now that i got that settled ...
 
basicly it gives vendors control of your computer. You no longer own your computer.  
 
understand now?
 
<A HREF="http://www.anandtech.com/mysystemrig.html?id=9933" target="_new"> My Rig </A>

This is very, very stupid. When will IT vendors realise they are sh*tting in their own nests? I already boycott Windows, and with the new license schemes being enforced now, many organisations are looking to other alternatives too. If hardware vendors get onboard with this sort of thing, it will only inspire the same reaction. We - their customers(!) - will find other alternatives.
 
Sounds like a good reason to support sources that support you. I won't start a free software rant here, but I guess it's implied :-) It might even be a good reason to support initiatives like OpenCores.org and other free hardware projects.
 
Having said that, it shouldn't come as any surprise to anyone that this happens. MS owns (0wnz?) at least a part of most major ISPs around much of the world and has been setting this up for a while now. The majority of punters don't know any different - to them, Windows IS the computer/internet/email. It's gonna be a hard thing to stop.  
 
edit: While I'm at it, this was posted on bsdvault today - <A HREF="http://bsdvault.net/article.php?sid=527&mode=&order=0" target="_new">http://bsdvault.net/article.php?sid=527&mode=&order=0</A>
 
It's about a significant change to the EUL for Windows Media Player.  
 
" * Digital Rights Management (Security). You agree that in order to protect the integrity of content and software protected by digital rights management ("Secure Content" ), Microsoft may provide security related updates to the OS Components that will be automatically downloaded onto your computer. These security related updates may disable your ability to copy and/or play Secure Content and use other software on your computer. If we provide such a security update, we will use reasonable efforts to post notices on a web site explaining the update. "  
 
Thanks to <A HREF="http://www.slashdot.org" target="_new">slashdot</A> for the link.
 
MS 0wnz j00.
 
<i>Do I look like I care?</i><P ID="edit"><FONT SIZE=-1><EM>Edited by poorboy on 06/30/02 09:05 PM.</EM></FONT></P>

<A HREF="http://www.microsoft.com/presspass/features/2002/jul02/07-01palladium.asp" target="_new">Interview with John Manfredlli, General manager for the Microsoft "Palladium" Unit</A>.
 
Scary stuff.
 
New hardware required.......$$$
 
Check <A HREF="http://www.microsoft.com/PressPass/features/2002/jul02/0724palladiumwp.asp" target="_new">this stuff</A> out!!!
 
<b>"If I melt dry ice in a bathtub, can I take a bath without getting wet?" - Steven Wright</b>

these people are so full of sh**, im talkin about the microsoft interview... if this palladick thing comes through, my guess would be to use linux or MACs...hehe
 
real philosophy of life: "do onto others what you dont want them do onto you"

yes a boycott would be great in theory. but what about the majority of mindless lemmings that make up computer purchases? the ones that believe anything in the media regardless of how foul it smells. you don't think M* or any company that will see considerable gains from this market it about how "safe" it makes you your computer and your "personal" files. all M* and others have to do is get a few comfort words into the media about this, and it's all over, there won't be a chance. that's what people buy into, things that make them feel safe and easy to do. yes, the people do have the final say, too bad most of em never bother to question anything.
 
masturbation is the first step towards self-awareness.

I might be the only "fool" out there right now to actually see some benefits of this.
 
Although it is scary, and does seem to portray a dark side to most people, I have to admit that if this thing can eliminate or help destroy the hackers, thiefs and virus makers from doing anymore malice at us, I am fully for it. I am sick of the current net world becoming more and more open, vulnerable. So I am partly in favor of this project, just that I will keep a huge eye open with skepticism.
 
Remember, and this applies ALWAYS, to ANYTHING as my teacher told me once: Everything has an advantage AND disadvantage. You will never see one without the other.
 
--
You are about to witness crazy, mindless, eye-gagging, naive programming, welcome to FOX!

First off, Microsoft is a software company. How can they "force" chipmakers to add this spyware hardware???
 
Given enough public outcry the chip makers will back down.
 
Your using WHAT??? (quote from friend when I told him my PC specs)

ie: like someone who buys AOL ??
 
no insult to anyone here who is a happy AOL user but my experiance with the service is terrible, its slow, you are forced to use their browser... Ports for gaming appear throttled and pings are terrible !
 
Yet here in the UK they have a huge user base through their constant advertising that promissessuch things as more information ??  
 
 
Sorry thats my AOL rant over...
 
Tim
 
ps: this is all very worring, yet I agree that a boycott would just no be viable...  
 
I can call you Betty, and Betty when you call me...  You can call me Al

AMD and Intel are already developping and siding with MS.
Fact is, most big time companies WILL want this, IBM, server companies, security departments and governments would never turn down such. Protection from terrorism hacking is the ultimate goal for them, so beleive it or not, Palladium's blue prints are in the hands of most big companies already.
 
Microsoft merely suggested this to them, and if they found it useful, it must be why they took it.
 

This isn't a spyware hardware. They stated it does not send personal information, but rather identifies the hardware. I am not too clear, neither anyone here on how exactly it works, nor how it WILL work.
 

 Apparently you just woke up from a long sleep since 1992!    
 
--
You are about to witness crazy, mindless, eye-gagging, naive programming, welcome to FOX!

I'd like to add I am playing the devil's advocate here on a partial advocation, and probably might be going to counter this whole forum, so *swoop*, I'm putting on my war suit and getting ready!
 
--
You are about to witness crazy, mindless, eye-gagging, naive programming, welcome to FOX!

The Armageddon is near.

Because Intel and AMD are behind it also. But MS is the primary source of this rediculous idea they have. People will never buy into it IF they know what it is!
 
<A HREF="http://www.anandtech.com/mysystemrig.html?id=9933" target="_new"> My Rig </A>

this isn't going to stop viruses/hacks by any means. there isn't nothing out there right now that hasn't been hacked or cracked. for every R&D team out there coming up with a new tech to "foil" malicious users, there are probably 3 teams trying to crack it. so you're saying you never downloaded any mp3's? movies? shareware? i could have sworn i recall you in some of the kazaa/morpheus/etc threads in the other section. if you don't like what it is, then why be online? last time i checked, countries didn't force their citizens to buy computer and surf the net. i always thought of it as a privilege. it's like going outside and worrying about; am i going to fall down? am i going to get cut? is someone going to mug me? will i get into a car accident?  
 
masturbation is the first step towards self-awareness.