-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I figured this was probably going on, but the following article is my first confirmation. WAVE, some of you might remember, was started by a former NatSemi Chairman back before the internet got popular. It was going to be a dial-up book-entry-to-the-screen content control system with special boards and chips patented to down to it's socks. Sort of like 3Com, I'm sure. First I heard about it was, ironically, in a 1990-ish Peter Huber article in Forbes, touted as the Next Big Thing. (Convergence, don'tcha know...) This is same Peter Huber who wrote the Geodesic Network, which, along with bearer financial cryptography, is a cornerstone of the way I look at the universe. Paradoxes abound, boys and girls. In the meantime, WAVE Systems stock has been listed, then de-listed, then re-listed, and, God only knows what it is now. I even got an offer from that Chairman and Grey Eminence of WAVE to come speak to FC97, if we comped him, of course. As General Chair of the conference I had to gently let him know that FC was a peer-reviewed conference, and if his tech people wanted to send a paper and it got accepted by the Program Committee, (a whole bunch of top-drawer cryptographers, lawyers, and bankers), they were perfectly welcome, and, he, like I, could sit in the audience, watch the talks, and hit the beach in the afternoon with everyone else. Never got anything back for some reason. :-). We even got the DivX guys presenting papers that first (and second) year, so content control was never an issue, though I expect that trade-secret skullduggery certainly was. Which makes sense. WAVE's stockholders, called WAVEoids by themselves and others, are practically millennial in their belief that WAVE will conquer the world and the company's failure to date is due to a giant short-seller's conspiracy of some kind. Lots of Secret Sauce there, somewhere... If BillG has swallowed this stuff, hook, line, and sinker, as someone has noted before, then, frankly, he must have access to better drugs than most of us. It also means that he's grasping at conceptual straws, economically, and if he persists in following this folly to the bitter end, his dream of software-kudzu world domination will finally choke his company once and for all. So, be careful what you wish for, Bill. On a geodesic network, no central node can route all the information. Like Gilmore says about censorship on the same network, any putative top of an internet pyramid chokes instead, and the network simply routes around it. The paradox in all of this is that only way that crypto to the screen is going to work is if the screen is literally *buying* the content shown on that screen, for cash, in a raw commodity market of some kind. And, if *that's* really the case, there's no need for IP law in what amounts to information commodity market in perfect competition, not a monopolistically competitive market requiring brands, patents, and copyrights. Finally, such a system cannot use a book-entry-to-the-device system, because the cheapest cash will be done without identity at all. In such a world digital "rights" "management", and content "control" are contradictions in terms, if not preposterous notions on their face. Cheers, RAH -----BEGIN PGP SIGNATURE----- Version: PGP 7.5 iQA/AwUBPRqKFsPxH8jf3ohaEQLhkACgrjzGqd+sWTRURTPB/pOBBRclTykAoMLT 93jOFpW8m0p7u7i8c8FO6W/N =iwOs -----END PGP SIGNATURE----- http://www.extremetech.com/print_article/0,3998,a=28570,00.asp ExtremeTech Palladium Clues May Lie In AMD Motherboard Design June 26, 2002 By: Mark Hachman A two-year-old whitepaper authored by AMD and encryption firm Wave Systems may offer additional clues to the design of PCs incorporating Palladium, Microsoft's new security initiative. Wave, based in Lee, Mass., has partnered with Microsoft rival Sun Microsystems, Hewlett-Packard, Verisign and RSA Data Systems, among others, in creating the EMBASSY verification system, originally pitched as a tool for e-commerce. In August of 2000, Wave and AMD authored a whitepaper on how the solution could be integrated into a motherboard using AMD's Athlon microprocessor, which a Wave executive said is now entering field trials overseas. "Wave and AMD are developing a Trusted Client reference platform to enable trust and security to be delivered to the PC," the whitepaper reads. "By integrating Wave's EMBASSY Trusted Client system into AMD's Athlon motherboard reference design, we will deliver a template for building cost optimized Trusted Client PCs." The paper is authored by researchers Kevin R. Lefebvre and Bill Chang of Wave, and Geoffrey Strongin, who is spearheading AMD's Palladium work. Strongin said Monday that the company had begun work on a Palladium-type solution before Microsoft approached the company. AMD and Wave announced a partnership in March 2000. Wave's board of directors includes George Gilder and Nolan Bushnell, the founder of Atari. The whitepaper, forwarded to ExtremeTech by reader and consultant Andreas W. Kuhn, contains many similarities to Palladium's potential feature set: the ability to sell multimedia content by the chapter or track, the possible ability to block spam by accurately verifying the sender and recipient of a message; increased privacy, and serving as a trusted client. However, the AMD-Wave whitepaper also postulates the need for multiple protection schemes, something that Microsoft's limited public statements have not addressed. "Furthermore, support needs to be provided for multiple protection schemes, since there will clearly be several schemes available and content creators will demand the flexibility to define their own protection requirements," the whitepaper says. In an interview Tuesday morning, John Callahan, vice-president of marketing for Wave, said Wave had spent over $120 million developing the EMBASSY system, only to see Microsoft's Palladium system receive all the attention. "It's tremendously ironic," he said. The whitepaper can not be considered a roadmap to the design of a Palladium-enabled PC, although it is one practical solution. The whitepaper was written at around the time the Trusted Computing Platform Association (TCPA) was formed in the fall of 2000; both Wave and AMD belong to the TCPA. And, while Palladium uses some form of CPU-level processing of security algorithms, the AMD-Wave whitepaper's example seems wholly tied to an off-chip security processor, the EMBASSY. "It closely tracks with what's been enunciated (by Microsoft)," Callahan said. "It's a hardened solution with a software OS As most people in the industry know, most people said software alone would do the job. We've had to put up with a lot of slings and arrows." Wave's EMBedded Application Security System (EMBASSY) is actually an embedded microprocessor of undisclosed complexity, which contains secure non-volatile memory, secure I/O, a secure real-time clock, and operating system. Wave currently sells the chip as part of a "cryptographic service provider kit," which uses a small client terminal to encrypt data like email. However, the chip can be sold into a variety of applications. According to the whitepaper, the reference design allows for the running of secure boot, TCPA integrity metrics, strong user authentication, and secure BIOS upgrades. "We will also provide the Wave EMBASSY metering application to support various commerce models for consumer entertainment content," the whitepaper adds. The EMBASSY device remains active throughout the entire boot process, hanging off the Low-Pin Count (LPC) bus--the replacement for the ISA bus--and connected to the core logic's south bridge. AMD's Strongin hinted that AMD would license any necessary intellectual property to other chipset makers, continuing the chip company's cooperation with other chipset vendors. Block diagram of AMD-Wave motherboard design click on image for full view When activated, EMBASSY asks for some identifying information from the user-whether from a smart card reader, secure keypad, or other biometric device-which is then transferred securely into the EMBASSY's memory. Fingerprint readers, a class of biometric devices, have already been easily defeated, however. "This configuration allows the EMBASSY Device to be active throughout the entire bootup process, thus capable of performing a Secure Boot," the whitepaper reads. "The root of trust within this configuration is the system BIOS where during the bootup process the BIOS will perform a self test and pass the trusted EMBASSY OS to the EMBASSY Device. At that time, the EMBASSY Device will perform the data collection of the system parameters during bootup and crosscheck the collected information with the trusted information stored within the EMBASSY Device's secure memory. If there are any discrepancies found, the system will alert the end user and appropriate action can be taken." The chip also works to prevent defeating the chip at the BIOS level. "With the EMBASSY Device in this configuration, an upgrade of the BIOS requires the system to go through the EMBASSY Device, allowing the EMBASSY Device to validate the upgrade process before the BIOS ROM is reflashed," the whitepaper adds. According to Callahan, the system is in trials with NEC Computers' Packard Bell division, which sells PCs in Europe, Asia, and Latin America, but not in the U.S. A spokeswoman for Packard Bell in the United Kingdom could not be reached by press time for confirmation. "The test is just coming on line," Wave's Callahan said. Microsoft's Palladium: A New Security Initiative June 25, 2002 By: Mark Hachman and Sebastian RupleyPC Magazine In a move that seeks to extend Microsoft's newfound company-wide focus on security to future versions of the Windows operating system and to hardware products, Microsoft officials are discussing a new initiative, code-named Palladium. Palladium involves new security components to be built into Windows, but it also depends heavily on hardware makers--including Intel and AMD--building in Palladium functionality to their products. While none of the new features and products will arrive this year, the effort appears to be a large-scale push toward a new breed of software- and hardware-driven security standards. Mario Juarez is group product manager of the Palladium product team at Microsoft. Juarez's team falls under the Windows operating system group. "Palladium is a code name for a set of features for the Windows operating system," said Juarez. "It involves a new breed of hardware and applications in tandem with a rearchitecture of the Windows operating system. It's designed to give people greater security, personal privacy and system integrity." In addition to new core components in Windows that will move the Palladium effort forward, Microsoft is working with hardware partners to build Palladium components and features into their products. "The new hardware architecture involves some changes to CPUs which are significant from a functional perspective," says Juarez. "There will also be a new piece of hardware called for by Palladium that you might refer to as a security chip. It will provide a set of cryptographic functions and keys that are central to what we're doing. There are also some associated changes under the chipset, and the graphics and I/O system through the USB port--all designed to create a comprehensive security environment." The approach outwardly seems to mimic that of the Trusted Computing Platform Alliance, whose specification was finalized in January 2001. TCPA calls for the creation of a "Trusted Platform Module"(TPM), a discrete cryptographic processor residing on the PC's motherboard that contains a unique digital signature. Palladium, on the other hand, uses a PC's microprocessor to run some form of low-level encryption, and can also use a TPM-like module for additional encryption, according to Geoffrey Strongin, AMD's platform security architect. "When you fire the system up," Juarez says, "you'll choose to run this particular 'secure processing environment' which we call the Trusted Operating System Root. You might think of this as a micro-kernel that manages trusted code in a way that's physically isolated from the rest of the system, so it's inherently impervious to things like viruses." Via the Trusted Operating System Root, says Juarez, users will be able to create and deploy secure services through software agents. "You can create an environment where you determine what information about you gets revealed to others, such as personal information in an online transaction, or information about your hardware that needs to be revealed to a network you're operating with. We're trying to create this in such a way that there is no architectural limitation on what you can get these agents to do." Cryptography is key to the effort with the software agents, Juarez says. "We're looking at the usual suspects there, including current deployments of public-key cryptography as well as some powerful symmetrical processing cryptography systems. However, we're going to try to approach cryptography in a new and powerful way." Compliant Hardware If Palladium is built upon a TCPA model, then it's possible that the specific hardware used within the PC will also be used to identify it, as Microsoft's Windows Activation regulation already does. "Once the data is sealed inside the TPM with a storage key, the sealed data can only be accessed from this hard drive with this platform configuration," reads a statement on Intel's Web site discussing the TCPA. According to Juarez, Intel and AMD are among several microprocessor vendors participating with Microsoft in developing Palladium-aware products. Juarez says several dozen other companies have been contacted to participate. National Semiconductor, which was the first company to publicly announce the manufacture of a TPM, is "fully supporting Palladium from a hardware perspective," according to a company spokeswoman. She declined to comment further, citing NDA restrictions with Microsoft. Members of the Palladium alliance described their efforts as necessary. "The TCPA's been around for a while; there's been a million press releases, but no one's really cared about it," said a spokesman for Intel, which declined to make an executive available to address Palladium questions. For his part, AMD's Strongin said that his company had independently worked to extend the TCPA/TPM model before Microsoft approached it. The biggest single difference between TCPA and Palladium, according to Strongin, is that in Palladium, "trusted processing" is taking place on the main CPU. Strongin declined to discuss any details of a redesign, but said the "differences between what's in microcode and what's not in microcode is not a terribly important one--it's a behavioral effect." "There will be new modes and new instructions," Strongin said. "'Extensions' is a better term." AMD uses a set of instructions called 3DNow! to accelerate 3D and other multimedia functions. The "Palladium component" will leverage AMD's work on the TPM, Strongin said. He added that AMD would probably license the component to other chipset manufacturers. "We also look to the infrastructure (providers) to provide support for this," Strongin added. Wave Systems Corp. was involved with both the design of the National SafeKeeper TPM component and with the Internal Security, Trust and Privacy Alliance, which released an open, policy-configurable framework in late May, spearheaded by Carnegie-Mellon University. Representatives of Wave Systems were unavailable for comment; the ISTPA's director, Kevin O'Neill, declined to comment on Palladium. AMD's Strongin said its Palladium component was done entirely in-house, and the development was "fairly mature". He would not say when the chip would be brought to market, however. "We'll be there when we're needed to be," Strongin said. Microsoft has been sharpening its focus on security all year. In January of this year, in an internal memo to all Microsoft employees, Microsoft chairman and chief software architect Bill Gates called for a sweeping shift in Microsoft's company focus, toward better security. The contents of the memo were covered by PC Magazine's sister publication eWeek. In addition to several security-related announcements made in recent months, Microsoft has also been pushing forward with a broad-based plan for protecting online identities, although its Passport technology has raised privacy concerns. Privacy and Digital-Rights Management Currently, some of the issues surrounding Palladium--how digital-rights management will be applied to e-mail and media files, Palladium's apparent ability to block spam, and the reaction of the public and of PC and consumer-electronics companies--are simply not known. Executives said they've tried to factor in all of these concerns in what will undoubtedly be an intensely sensitive issue. Privacy is a top concern of the Palladium initiative, AMD's Strongin said. When Intel tried to place a unique identification string within its Pentium CPUs, privacy advocates were outraged at the potential ability of a Web site to discover exactly who was accessing it, rather than getting access only to a semi-anonymous IP address. Strongin originally said that the Palladium policy would be opt-out rather than opt-in, but changed his stance when asked for clarification. "We're neutral on opt-in or opt-out," he said. "It's very fundamentally different than when the Pentium processor contained a serial number that was open and accessible. (In Palladium), when you have things turned on any ID is cryptographically protected, and is not identifiable to the Web." But Strongin also said he hoped that security and privacy were not mutually exclusive. AMD is a member of the ISTPA, he said. "We are extraordinarily sensitive to privacy issues, and the missteps in this space," he said. "All that is forewarned and forearmed... When you turn cookies off you have a lousy Web browsing experience. The key is to have cookies on, have good privacy and be protected from attacks that exploit cookies." Additionally, Microsoft has been involved in the TCPA, along with partners such as Compaq, Hewlett-Packard, Intel and IBM, for several years. According to the mission statement posted at the TCPA Web site, the alliance's goal is to "drive and implement TCPA specifications for an enhanced HW- and OS-based trusted computing platform that implements trust into client, server, networking, and communication platforms." There are over 170 member companies in the TCPA, and regular meetings. However, Microsoft's Juarez is quick to emphasize that Palladium is a much more forward-looking effort for the company than anything that's gone before, for Microsoft. "This is not TCPA," says Juarez. "This is a forward looking thing that's very much designed to meet needs tomorrow, as the world becomes more interconnected. This initiative won't reach full steam tomorrow or next year, but Palladium will be built into a future version of Windows. It's too early to say specifically when that will happen." Juarez also says Microsoft continues to believe in the goals of the TCPA, and characterizes Palladium as a complementary effort. "We think we're raising the bar on security, not lowering the bar on privacy," AMD's Strongin said. "Palladium": Microsoft Revisits Digital-Rights Management June 24, 2002 Microsoft Corp. has apparently revisited the concept of digital-rights management, leaking a story of a new "Palladium" security initiative to Newsweek magazine. The Newsweek article details a three-level array of hardware encryption within the PC and other devices, tied together by Microsoft-certified services. As of press time, neither Microsoft nor any software or hardware developers had officially confirmed the story. The software, according to Newsweek, promises to: ensure trustworthiness, apparently through hardware identification; protect information through hardware encryption; stop viruses, worms, and spam, although exactly how was not really detailed; safeguard privacy, through a Passport-like system, called, seriously, "My Man", that would theoretically allow consumers to release certain specified bits of data about themselves; and a means of "controlling your information after you send it," a digital-rights management program that also is not wholly explained. Palladium is apparently supported by both Advanced Micro Devies Inc. and Intel Corp., who, according to the magazine, have pledged to make "components' which will support the initiative. It was not clear whether the components would be something more than a microprocessor with a unique identifier, which Intel tried before being shouted down by privacy experts, or a chipset development program. "As now envisioned, Palladium will ship "in a future version of Windows." (Perhaps in the next big revision, due around 2004.)," Newsweek said. "By then the special security chips will be rolling out of the fabs, and the computer makers-salivating at an opportunity to sell more boxes-will have motherboards to accommodate them. There will also be components that encrypt information as it moves from keyboard to computer (to prevent someone from wiretapping or altering what you type) and from computer to screen (to prevent someone from generating a phony output to your monitor that can trick you into OKing something you hadn't intended to). Only certain applications will access the part of Windows (nicknamed "the nub") that performs Palladium's functions with the help of the security chip-everything else will work exactly the same." ExtremeTech will have more details as they become available. Microsoft's Palladium: Security for whom? June 24, 2002 By: Brett Glass Software giant Microsoft today leaked the first bits of information about a comprehensive security scheme called "Palladium" -- named after a statue of the goddess Athena (also called Pallas) which guarded the gates of the legendary city of Troy. According to an MSNBC article penned by veteran computer industry author Steven Levy, Palladium will involve designing copy protection and digital rights management directly into the silicon of a new generation of PCs -- much as it was into Microsoft's XBox video game system. But the new scheme will go several steps farther. Data will be encrypted not only as it moves from machine to machine, but also as it moves between components of the machine (e.g. from the video card to the monitor). The article also mentions provisions for "disappearing" e-mail, which can no longer be read after a certain date, and agents which, like Microsoft's current Passport "Wallet," could keep your personal information available for distribution to third parties. The system is claimed to protect against viruses and worms via "code signing," used in Microsoft's XBox and also in its ActiveX controls for Internet Explorer and other products. While Levy's article doesn't delve into the technical details of the proposed scheme, a careful reading suggests that Palladium is not so much about security for computer users as about the security of the income streams of Microsoft and large content providers. These companies will be empowered to lock up software and content, making it effectively "self destruct" unless you pay additional money (either "per view" or by subscription). The article claims that encryption of data as it travels between peripherals will protect against keyboard sniffers and other snooping devices. Alas, this is not a strong argument for the scheme, because, as described in a recent PC Magazine article, it is relatively simple to embed a keystroke sniffer entirely within a keyboard ahead of the encryption circuitry. Nor will software sniffers be impossible to produce, unless Microsoft sees fit to prohibit any and all monitoring, remote control, or remote administration software -- including its own! -- from being deployed on the new platform. While it may not be effective against snooping, end-to-end hardware encryption is right at the top of media moguls' wish lists. Members of organizations such as the RIAA and MPAA hope to prevent the creation of any copy of digital media -- even those which consumers are legally entitled to make under the doctrine of "fair use" -- by encrypting audio and video until the very instant they reach your speakers and screen. The Privacy Question Palladium, like most digital rights management (DRM) schemes, raises privacy concerns as well. Microsoft has already made Microsoft Office and Windows XP stop working if you don't surrender personal information for inclusion in its massive databases. XP nags consumers to insert still more private data to Microsoft's Passport system, which has already been shown to be have serious weaknesses (see Further Reading) and whose "single sign-on" puts all of your eggs in one basket. (If the account is cracked, everything in your wallet is exposed.) Windows Media Player, which implements some of Microsoft's DRM schemes, was shown not long ago to be keeping a list of titles that users played -- and sending that information back to Microsoft (see Further Reading). And the system as a whole is under the control of a company whose business practices, as revealed by evidence in the recent antitrust case against the software giant, do not inspire consumer confidence. The promise of disappearing e-mail also raises the question of whether Palladium would do good or ill. Who would benefit the most from such a feature: an ordinary citizen who tracks his correspondence with friends and family? Or a corporate executive (such as Microsoft's own Bill Gates or Jim Allchin) who wishes that the sort of paper trail that was revealed in the Microsoft-DoJ case had somehow conveniently evaporated? How about the executives at Enron, Qwest, Global Crossing, Waste Management, Rite-Aid, and other companies that were engaged in market manipulation, or shady accounting practices? Another Hurdle for Software Developers Palladium could also tie the hands of software developers, forcing them to seek permission from Microsoft before publishing products for the new computer systems. (Video game manufacturers, including Microsoft itself, routinely do this.) This could limit consumer choice: Would Microsoft willingly grant permission for the development of alternative operating systems (such as OpenBSD, which is generally regarded as far more secure than Windows) to run on these new machines? Would Microsoft require developers to sign exclusive contracts, promising that they would not develop for other platforms, before their code could be "signed" so that it ran on the new machine? And would the code signing system really protect against viruses and worms? Malware often works not by introducing new programs into the system, but by issuing malicious commands in, or through, existing ones. Microsoft reported in 2001 that Verisign had been duped, by someone posing as a Microsoft employee, into issuing keys in Microsoft's name. Such keys could be used to make a malicious ActiveX control, script, or program appear as if it had originated from Microsoft. (The scam went unreported for more than 6 weeks, after which Microsoft posted an advisory warning that it posed a "grave risk.") The code signing system used in Microsoft's XBox -- though embedded in hardware -- was recently broken by a student tinkering in his spare time. (See Xbox Security Defeated.) The ultimate motivation for Microsoft's Palladium, however, could well be US Senator Fritz Hollings' CBDPTA (formerly the SSSCA) -- a bill, promoted by the entertainment industry, which would require copy protection to be built into virtually every product containing a microprocessor. What if the CBDPTA passed... and Microsoft was, conveniently, the only entity willing (or, due to patents, able) to produce an operating system that met its requirements? The announcement of Palladium sets the stage for Microsoft, which previously opposed the bill, to change its stance, supporting legislation that would make it illegal for consumers to use products that did not have built-in digital handcuffs. This, most of all, should be what concerns consumers about Palladium. -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'