Tesugen

Palladium

I’ve been reading the Slashdot discussion on Microsoft’s Palladium to see what people have to say about it – see here. There’s much bias, of course. I think it’s important to try to see clearly in this matter. It is an important issue.

Some Slashdot writers fear that Palladium will make it impossible for other OS’s than Windows to run on PC hardware. They suspect that once Palladium is in place, Windows won’t run on non-Palladium computers. And since Palladium encrypts the link from the keyboard and the link to the display, and this is protected by an MS patent, perhaps they won’t be documented and finding out how they work would require reverse engineering, which in turn might be a patent infringement. Some also suspect that Microsoft’s Xbox, which is hardwired not to run any “OS” other than Microsoft’s, can be seen as a forerunner to Palladium. I’m not capable of determining how likely this is, though.

Then there’s this issue about Palladium only running “signed” executables, that is that they have a digital signature attached, which is generated by the software company’s private key, so that you can verify with their public key that it (a) comes from that company and (b) hasn’t been modified on the way. Someone called magic writes on Slashdot about how the two default “root certificates” in Internet Explorer are from Microsoft and VeriSign. This means that anything signed by keys generated by these two companies are deemed “safe”.

But would Microsoft issue keys to competitors? And what about VeriSign, who has a strategic partnership with Microsoft? Sure, in IE you can add additional root certificates, but this isn’t something that the average user would do. And will the root certificates be “soft” in Palladium, with all talk about how security must be embedded in the hardware to be effective? This could in fact mean that Palladium will have two “hard-coded” root certificates: one from Microsoft and one from VeriSign.

And as for “digital rights management” (DRM), this will too be embedded in the hardware, checking digital content for watermarks and denying transport if classified as “stolen”. The article said that Palladium will actually allow “fair use”, but whose definition applies?

For instance, Palladium might allow you to send out e-mail so that no one (or only certain people) can copy it or forward it to others. Or you could create Word documents that could be read only in the next week. In all cases, it would be the user, not Microsoft, who sets these policies.

The user, in the case of music, movies, e-books, etc, would be the publisher. I remember reading an interview with Lawrence Lessig (see here) where he said that he’d bought Aristotle’s Politics as an Adobe eBook, “but the Adobe eBook reader forbids me from printing any pages of the book because the permissions have been set to disable any printing.” Aristotle died 322 B.C. and his works isn’t covered by the copyright. So, if Adobe protects “their” rights in the case of texts that since long exists in the public domain, what about new content? Will they allow you to “consume” it more than once? Which of your fair use rights will they allow you to exercise? Any?

The above was posted to my personal weblog on June 25, 2002. My name is Peter Lindberg and I am a thirtysomething software developer and dad living in Stockholm, Sweden. Here, you’ll find posts in English and Swedish about whatever happens to interest me for the moment.

Posted around the same time:

The seven most recent posts:

  1. Tesugen Replaced (October 7)
  2. My Year of MacBook Troubles (May 16)
  3. Tesugen Turns Five (March 21)
  4. Gustaf Nordenskiöld om keramik kontra kläddesign (December 10, 2006)
  5. Se till att ha två buffertar för oförutsedda utgifter (October 30, 2006)
  6. Bra tips för den som vill börja fondspara (October 7, 2006)
  7. Light-Hearted Parenting Tips (September 16, 2006)
Bloggtoppen.se