An attack on paypal --> secure UI for browsers

[Anonymous]

Joseph Ashwood writes:

> Ok what flavor of crack are you smoking? Because I can tell from here that's 
> some strong stuff. Downloading random DLLs that are given complete access to 
> private information is one of the worst concepts that anyone has ever come 
> up with, even if they are signed by a "trusted" source. Just look at the 
> horrifically long list of issues with ActiveX, even with WindowsXP (which 
> hasn't been around that long) you're already looking at more than half a 
> dozen, and IIRC win95 had about 50. This has less to do with "windows is 
> bad" than with "secure programming is hard." Arbitrarily trusting anyone to 
> write a secure program simply doesn't work, especially when it's something 
> sophisticated. 

You clearly know virtually nothing about Palladium.  NCAs do not have
"complete access to private information".  Quite the opposite.  Rather,
NCAs have the power to protect private information such that no other
software on the machine can access it.  They do so by using the Palladium
software and hardware to encrypt the private data.  The encryption is
done in such a way that it is "sealed" to the particular NCA, and no other
software is allowed to use the Palladium crypto hardware to decrypt it.

In the proposed usage, an NCA associated with an ecommerce site would seal
the data which is used by the user to authenticate to the remote site.
The authentication data doesn't actually have to be a certificate with
associated key, but that would be one possibility.  Only NCAs signed by
that ecommerce site's key would be able to unseal and access the user's
authentication credentials.  This prevents rogue software from stealing
them and impersonating the user.

> Now for the much more fundamental issue of your statement. Palladium will 
> never "download site-specific" anything. Palladium is a hardware technology, 
> not a web browser. 

If you read the entire message it was clearly referring to a
Palladium-enabled web browser.  And Palladium is more than a hardware
technology; it includes hardware and software components.

> I will refrain from saying Paladium is a bad idea, simply because I see some 
> potentially very lucrative (for me) options for it's use. 

Fine, at least you admit you're a whore.  But you'll probably do even
better if you learn how it actually works.  Seriously, have you read any
of the documents linked from http://www.microsoft.com/resources/ngscb/?