On 7/12/05, Tyler Durden <camera_lumina@hotmail.com> wrote:
How secure can I make a Java sandbox from the rest of the network I'm on? Can I make it so that my network administrator can't see what I'm typing? In other words, a secure environment that's sitting on an insecure machine.
Although you asked about "Reverse Palladium" what you really want is Palladium itself. This is precisely the security model which has so many people upset: the system owner (the network admin) is giving up control over his machine, running software which he cannot control, molest or modify. You, a third party, are protected against the computer's owner. The ability for owners to voluntarily and verifiably give up a degree of control over their computers is anathema to Trusted Computing opponents, the height of evil and a threat to be fought at all costs. The fact that it is voluntary for all concerned means nothing to them. They don't want people even to have the chance to be tempted to utilize this technology, and they will stop at nothing to keep it from coming into existence. So far they have been extremely successful. See http://invisiblog.com/1c801df4aee49232/article/9d481af00c898ae91748f2f0cd97c... for discussion about how to use Palladium to add security to Internet voting applications, even for cases where people are voting on machines owned by others. This is very similar to the threat model in your situation. CP