Now Playing at the Palladium

Discussion in 'NZ Computing' started by Lawrence D¹Oliveiro, Mar 19, 2005.

  1. Major PC vendors
    <http://news.com.com/Hardware security sneaks into PCs/2100-7355_3-561903
    5.html> have started shipping machines with in-built Palladium/NGSCB
    support. This even though Microsoft has yet to release any official
    software support for the architecture.

    I wonder if this means that the Palladium/NGSCB spec has finally settled
    down, since at last report (in a link from the above item) Microsoft was
    rethinking parts of the whole idea in response to the controversy that
    was raised.

    The most troubling part of the original idea was the "remote
    attestation" feature. This meant that a Palladium/NGSCB-equipped machine
    was able to prove to a remote server that it was running unmodified
    vendor-authorized software, and thereby be allowed to access services
    (e.g. downloaded copyrighted content) that were not available to any
    other software, or any version of the software with unauthorized
    modifications.
    Lawrence D¹Oliveiro, Mar 19, 2005
    #1
    1. Advertising

  2. Lawrence D¹Oliveiro

    Mercury Guest

    Intel was shipping a palladium equiped mobo yonks ago.
    It was readily available - forget which specific model it was - and many
    with intel P4 mobos will have it.

    "Lawrence D¹Oliveiro" <_zealand> wrote in message
    news:...
    > Major PC vendors
    > <http://news.com.com/Hardware security sneaks into PCs/2100-7355_3-561903
    > 5.html> have started shipping machines with in-built Palladium/NGSCB
    > support. This even though Microsoft has yet to release any official
    > software support for the architecture.
    >
    > I wonder if this means that the Palladium/NGSCB spec has finally settled
    > down, since at last report (in a link from the above item) Microsoft was
    > rethinking parts of the whole idea in response to the controversy that
    > was raised.
    >
    > The most troubling part of the original idea was the "remote
    > attestation" feature. This meant that a Palladium/NGSCB-equipped machine
    > was able to prove to a remote server that it was running unmodified
    > vendor-authorized software, and thereby be allowed to access services
    > (e.g. downloaded copyrighted content) that were not available to any
    > other software, or any version of the software with unauthorized
    > modifications.
    Mercury, Mar 19, 2005
    #2
    1. Advertising

  3. Lawrence D¹Oliveiro

    Mercury Guest

    The most valuable part of palladium feature set (IMHO) was the secure
    keyboard data stream - it was supposed to remove the chance of keystroke
    loggers fo any OS that utilised it.


    "Lawrence D¹Oliveiro" <_zealand> wrote in message
    news:...
    > Major PC vendors
    > <http://news.com.com/Hardware security sneaks into PCs/2100-7355_3-561903
    > 5.html> have started shipping machines with in-built Palladium/NGSCB
    > support. This even though Microsoft has yet to release any official
    > software support for the architecture.
    >
    > I wonder if this means that the Palladium/NGSCB spec has finally settled
    > down, since at last report (in a link from the above item) Microsoft was
    > rethinking parts of the whole idea in response to the controversy that
    > was raised.
    >
    > The most troubling part of the original idea was the "remote
    > attestation" feature. This meant that a Palladium/NGSCB-equipped machine
    > was able to prove to a remote server that it was running unmodified
    > vendor-authorized software, and thereby be allowed to access services
    > (e.g. downloaded copyrighted content) that were not available to any
    > other software, or any version of the software with unauthorized
    > modifications.
    Mercury, Mar 19, 2005
    #3
  4. In article <d1h2mg$4uo$>, "Mercury" <>
    wrote:

    >The most valuable part of palladium feature set (IMHO) was the secure
    >keyboard data stream - it was supposed to remove the chance of keystroke
    >loggers fo any OS that utilised it.


    I don't see how it's possible to make that secure. If you can subvert
    the OS (which is easy with Windows), you can still snoop keystrokes
    after they've been decrypted--which has to happen at some point.

    Also you could just open up the keyboard and hide a little circuit in
    there that captures the keystrokes before they're encrypted.
    Lawrence D¹Oliveiro, Mar 19, 2005
    #4
  5. Lawrence D¹Oliveiro

    Rob J Guest

    In article <> in nz.comp on Sun,
    20 Mar 2005 02:25:44 +1300, Lawrence D¹Oliveiro <ldo@geek-
    central.gen.new_zealand> says...
    > In article <d1h2mg$4uo$>, "Mercury" <>
    > wrote:
    >
    > >The most valuable part of palladium feature set (IMHO) was the secure
    > >keyboard data stream - it was supposed to remove the chance of keystroke
    > >loggers fo any OS that utilised it.

    >
    > I don't see how it's possible to make that secure. If you can subvert
    > the OS (which is easy with Windows), you can still snoop keystrokes
    > after they've been decrypted--which has to happen at some point.


    What do you suppose "software trust" is? It's knowing what every
    application in your system is, and as I read it, that's exactly what the
    trend is in operating systems, including Palladium. Signing of drivers is
    but one step along this path.

    > Also you could just open up the keyboard and hide a little circuit in
    > there that captures the keystrokes before they're encrypted.


    But then how does the data get from it to the logger?
    Rob J, Mar 20, 2005
    #5
  6. Lawrence D¹Oliveiro

    Mercury Guest

    The proposition / standard is for the data stream to be encypted between the
    end points (supposedly).

    "Lawrence D¹Oliveiro" <_zealand> wrote in message
    news:...
    > In article <d1h2mg$4uo$>, "Mercury" <>
    > wrote:
    >
    >>The most valuable part of palladium feature set (IMHO) was the secure
    >>keyboard data stream - it was supposed to remove the chance of keystroke
    >>loggers fo any OS that utilised it.

    >
    > I don't see how it's possible to make that secure. If you can subvert
    > the OS (which is easy with Windows), you can still snoop keystrokes
    > after they've been decrypted--which has to happen at some point.
    >
    > Also you could just open up the keyboard and hide a little circuit in
    > there that captures the keystrokes before they're encrypted.
    Mercury, Mar 20, 2005
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?TW8=?=

    Now you see it, now you don't

    =?Utf-8?B?TW8=?=, Sep 26, 2004, in forum: Wireless Networking
    Replies:
    0
    Views:
    455
    =?Utf-8?B?TW8=?=
    Sep 26, 2004
  2. Emrys Davies

    Mike-All is now well now

    Emrys Davies, Aug 11, 2003, in forum: Computer Support
    Replies:
    1
    Views:
    474
    °Mike°
    Aug 11, 2003
  3. Jim Beaver

    Now you see it, now you don't

    Jim Beaver, Mar 15, 2005, in forum: Computer Support
    Replies:
    13
    Views:
    773
    Vanguard
    Mar 16, 2005
  4. Ken

    Now Playing 247: Any Problems?

    Ken, Dec 16, 2003, in forum: DVD Video
    Replies:
    2
    Views:
    654
  5. RA
    Replies:
    1
    Views:
    624
    Peter Potamus the Purple Hippo
    Jul 9, 2008
Loading...

Share This Page