On Fri, 13 Jun 2003, Nomen Nescio wrote:
Apparently you neglected to read http://www.microsoft.com/resources/ngscb/NGSCB_Overview.mspx, where Microsoft says (as they have repeated many times) "Customers and partners need reliable ways to ensure the quality of technology that addresses the critical needs met by NGSCB. That's why Microsoft will make available for public review the source code of the core piece of enabling software in NGSCB, called the 'nexus,' so it can be evaluated and validated by third parties for both security and privacy considerations."
So why isn't it open for review *before* it's finalized? Might it give too many people an idea of what's really wrong with it?
Therefore some educated person (obviously not you, at least not yet) will in fact be able to perform their own examination of the trusted part of the OS, since it will have its source code published for exactly this sort of review.
Let's see it now. Not after it's finisihed.
Microsoft's legacy software is all extremely complex. Palladium is taking a different approach, aiming at simplicity and transparency.
I want the drugs you are on dude. You have a very rosy picture, and it seems all your inputs have been hijacked by supreme chemicals!
The Nexus, which is the micro-kernel for the trusted components (NCAs), will be published for review. Its tasks are relatively few and well defined, nothing like the massive Windows OS. That is what Microsoft has gained by architecting Palladium as they did, with the new "trusted" CPU mode, which allows side-by-side operating systems to run. On the left hand side (LHS) we find the legacy Windows OS and applications. On the right hand side (RHS) we find the Nexus acting as the OS, and the NCAs acting as the applications.
And in the mean time the user can't control their own computer.
The brilliance of Palladium is that the LHS can't touch the RHS, because of hardware protection. At one stroke, the new trusted mode is insulated from bugs in the Windows OS, device drivers and applications. It in effect allows the designers to start with a clean piece of paper and produce a simple micro-kernel (the Nexus) whose only job is to service the NCAs. This is a manageable task and, in conjunction with public review, there is good reason to hope and expect that the Nexus will be secure. If so then NCAs will indeed run in a mode where they are protected from other software components (including other NCAs).
Very nice drug induced rant. Too bad reality doesn't work that way. Who owns the hardware? The user or the RIAA? True hardware protection means the user is protected from Microsoft, not the other way around.
Your comments above make it clear that you are not at all acquainted with the material in those documents. If you're going to pretend to be a security expert (remember when you advocated ECB mode for the XML encryption effort?!!), you could do worse than spending a few hours studying these documents closely. It's very likely that NGSCB will be a central technology for security in the next two to ten years or even longer. This is undoubtedly an area where security consulting could be lucrative. Sadly, even "experts" of your caliber can probably be very successful in this area. But you'll have to do your homework.
Palladium changed to NGSCB and will morph to something else and something after that. It won't ever fly because the user can't control their own machine. Trust is a two way street. Until Microsoft learns to trust their customers, nobody will trust Microsoft. What we do in person we can do on a computer. We can con each other in person, so we'll be able to con each other with computers. That's how reality works, and no hardware or laws is going to change that. Instead of trying to wave a magic wand while everyone is on lsd, it'd be better if Microsoft and the RIAA came out with their own hardware for the specific purpose of DRM sales. Everyone would know who owns the hardware because they'd just rent it instead of buying it. IBM is already on the right track for this. Microsoft has yet to get it. Patience, persistence, truth, Dr. mike