Free Republic
Browse · Search
News/Activism
Topics · Post Article

Skip to comments.

Cryptographers sound warnings on Microsoft security plan
EE Times ^ | April 15, 2003 | Rick Merritt

Posted on 04/21/2003 3:19:08 PM PDT by Eala

SAN FRANCISCO — Just three weeks before Microsoft Corp. publicly details plans to create a secure operating mode for Windows PCs, two top cryptographers have raised concerns about Microsoft's approach. Whitfield Diffie, a distinguished engineer at Sun Microsystems Laboratories, said an integrated security scheme for computers is inevitable, but the Microsoft approach is flawed because it fails to give users control over their security keys. Ronald Rivest, an MIT professor and founder of RSA Security, called for a broad public debate about the Microsoft move.

Microsoft first tipped its plans, formerly code-named Palladium, about a year ago. Since then some details have emerged about the concepts for what Microsoft now calls the next-generation secure computing base (NGSCB, pronounced "enscub").

Microsoft has detailed its plans to as many as 30 partners under non-disclosure agreements. The company plans to unveil the full technical details and partnerships behind its plans at the Windows Hardware Engineering Conference in early May.

The Microsoft approach “lends itself to market domination, lock out, and not really owning your own computer. That's going to create a fight that dwarfs the debates of the 1990's,” said Diffie as part of a broad panel discussion on cryptography at the RSA Conference here Monday (April 14).

“To risk sloganeering, I say you need to hold the keys to your own computer,” added Diffie to strong applause for the audience of several hundred security specialists.

“We should be watching this to make sure there are the proper levels of support we really do want,” said Rivest.

“The right way to look at this is you are putting a virtual set-top box inside your PC. You are essentially renting out part of your PC to people you may not trust,” said Rivest in an interview after the panel.

“We need to understand the full implications of this architecture. This stuff may slip quietly on to people's desktops, but I suspect it will be more a case of a lot of debate,” he added.

Rivest said some experts have discussed setting up a forum in technical society for such a debate, but he was unaware of any current moves to do that. Likewise Diffie said he was not aware of any specific alternative to NGSCB in the works at Sun.

“You want a standard, not competing approaches for something like this,” Diffie added.

Sun once considered but rejected the notion of releasing a computer that would not boot without the presence of a cryptographically signed operating system. The process of selling the computer would have been similar to a cryptographic transaction of handing over security keys to the end user.

In Microsoft's NGSCB approach, users would have to consciously evoke a secure operating mode that would be turned off by default. New instructions in the CPU as well as changes in the memory controller would help carve out a protected space in main memory to load a small, secure operating system kernel.

The PC approach also depends on a $5 encryption and flash module that assists authentication and identification functions based on stored keys and hashed values. NGSCB also requires secure channels between a keyboard and main memory and between a display interface and a graphics chip and its frame buffer.

Holding pattern

Microsoft has made no decisions about when it will put the new functionality into Windows while it waits on availability of many of the specially modified components it requires from companies such as Intel and AMD collaborating on the effort. “We are running many functions now in emulation,” said Stephen Heil, a security evangelist at Microsoft.

Microsoft has also not finalized decisions about how it will license the NGSCB technology and make it open for others to review. “Its an important series of decisions we need to make that will have broad importance for NGSCB and Microsoft. We are focusing on that now” said Mario Juarez, a group product manager for NGSCB at Microsoft.

“We've got a number of different licensing buckets. It's kind of like a Venn diagram,” added Heil.

Over the past six months, Microsoft has created a group of at least 100 developers working on NGSCB as part of a broad new security business unit at Microsoft under Mike Nash. “An awful lot of what has happened [in the last nine months] is just filling out the team into a fully functioning product group. There's been a lot of work spent hiring,” said Juarez.

Microsoft hopes its WinHEC presentations on security—as much as 18 hours of talks over three days—will end debates about whether the approach will work and begin the task of engaging a broader group of developers on the nuts and bolts of building it out, said Amy Carroll, a group product manager in the new security group.


TOPICS: Crime/Corruption; Technical
KEYWORDS: borg; microsoft; monopoly; ngscub; palladium; resistanceisfutile; security; surrenderordie; windows
Navigation: use the links below to view more comments.
first 1-2021-22 next last
This arrived in EETimes e-mail today, despite the date.
1 posted on 04/21/2003 3:19:09 PM PDT by Eala
[ Post Reply | Private Reply | View Replies]

To: Eala
“To risk sloganeering, I say you need to hold the keys to your own computer,” added Diffie to strong applause for the audience of several hundred security specialists.

Unhhh, M$ thinks that only the hardware is yours. Everything else is on a conditional license from M$. Once you understand that, then all else follows.

2 posted on 04/21/2003 3:27:16 PM PDT by glorgau
[ Post Reply | Private Reply | To 1 | View Replies]

To: Eala
The idea with Palladium is to make it impossible for users to know what's running on their PC's. Anyone with the right combination of inside knowledge about Palladium's workings would thus be able to create all sorts of fun malware applications that would be invisible even on a core dump.
3 posted on 04/21/2003 3:27:50 PM PDT by supercat (TAG--you're it!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Eala
All this means is that people who get excited about stuff like this (some small percentage of the computer using population) will just use Linux or BSD. And the people who don't care (most people) will just do as they always do.
4 posted on 04/21/2003 3:28:10 PM PDT by dark_lord
[ Post Reply | Private Reply | To 1 | View Replies]

To: Eala
Whitfield Diffie, a distinguished engineer at Sun Microsystems Laboratories

With a name like Whitfield, how can one not be distinguished?

5 posted on 04/21/2003 3:30:46 PM PDT by Constitutionalist Conservative (http://c-pol.com)
[ Post Reply | Private Reply | To 1 | View Replies]

To: supercat
Sounds like a hacker's dream come true.
6 posted on 04/21/2003 3:32:46 PM PDT by Paul C. Jesup (I prefer the motto.. In God We Trust)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Eala
Part of this could be a result of the executive branch "working with" microsoft to resolve the legal problems they were having.

In any case, the government refuses to be excluded from the comings and goings on our computers and the internet. Just like most MS idiotware that does everything for you whether you want it to or not.... it's for our own good.

7 posted on 04/21/2003 3:38:26 PM PDT by AAABEST
[ Post Reply | Private Reply | To 1 | View Replies]

To: Eala
And how far are we from having to pay a monthly fee to use software, or else it quits working?

Actually, the seeds for the destruction for any large organization are already planted within itself. Sooner or later, Microsoft will do something that will open the door to their competitors.

I use Microsoft products because they meet my needs at a price I am willing to pay, but there is a price I am not willing to pay, at which point I will look for something else.

...or just toss the computer out, and get my life back. :-)

8 posted on 04/21/2003 3:52:29 PM PDT by CIB-173RDABN
[ Post Reply | Private Reply | To 1 | View Replies]

To: Eala
My hubby knows Whitfield Diffie. He and WhitDiff were part of the Cypherpunks scene in the mid-1990's.

Interesting article.
9 posted on 04/21/2003 4:02:54 PM PDT by demnomo
[ Post Reply | Private Reply | To 1 | View Replies]

To: Constitutionalist Conservative
Yeah, but his nickname is WhitDiff. :) Go figure...
10 posted on 04/21/2003 4:04:02 PM PDT by demnomo
[ Post Reply | Private Reply | To 5 | View Replies]

To: Constitutionalist Conservative
With a name like Whitfield, how can one not be distinguished?

Whitfield Diffie is one of the half dozen or so top cryptographers in the world.

So9

11 posted on 04/21/2003 4:20:56 PM PDT by Servant of the Nine (We are the Hegemon. We can do anything we damned well please.)
[ Post Reply | Private Reply | To 5 | View Replies]

To: dark_lord
All this means is that people who get excited about stuff like this (some small percentage of the computer using population) will just use Linux or BSD.

They may not have the option; one of the ultimate requirements of the Palladium system is a "secure" boot process, so the BIOS won't even load a non-conforming, non-signed operating system. Thus, you can't even use another operating system unless it is signed by the central authority, who may have no desire or obligation to do so.

And thanks to DMCA-type laws (supported mostly by Democrats like Hollings, who are in the pockets of the entertainment media, but which have some stupid Republican backers as well), any attempt to create a work-around would be a felony.

12 posted on 04/21/2003 4:21:26 PM PDT by Technogeeb
[ Post Reply | Private Reply | To 4 | View Replies]

To: Eala
mmmm.. sounds interesting..

Bump for later reading

Nefertiti@-->---

13 posted on 04/21/2003 4:36:05 PM PDT by Nefertiti ("Women are meant to be loved, not to be understood." ----Oscar Wilde)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Technogeeb
I doubt Intel will go along with this. Their customers are Dell and the other PC companies. Dell already ships Red Hat Linux as an option. So do others. If Microsoft does get Intel to go with a secure BIOS line, Intel will still sell chips with a different BIOS to enable other OS'es. Because if they don't other chip makers will fill the need.
14 posted on 04/21/2003 4:36:59 PM PDT by dark_lord
[ Post Reply | Private Reply | To 12 | View Replies]

To: Eala
For Bill Gates to be secure, you must be insecure.
For Hollywood to be secure, you must be insecure.
The Palladium strategy provides ZERO VALUE to the end users,
it is wanted ONLY by MS and its associates.
This will allow MS to know everything about, and do anything to
to, your computer.

Pay per keystoke is coming soon for MS customers.
15 posted on 04/21/2003 4:46:28 PM PDT by greasepaint
[ Post Reply | Private Reply | To 1 | View Replies]

To: dark_lord
I doubt Intel will go along with this

They've already signed on, as has AMD. They were a bit concerned about the signing issue, but feel confident that as long as they control the hardware (and thus the "top-level" authority), that it won't be a problem for them.

Dell already ships Red Hat Linux as an option. So do others. If Microsoft does get Intel to go with a secure BIOS line, Intel will still sell chips with a different BIOS to enable other OS'es

If the laws currently being proposed are allowed to pass (and they have a lot of support), Intel won't have an option to offer an alternative, because only "secure" (i.e., those that incorporate so-called digital rights management) operating systems will be legal. Linux could get approval by submitting itself to the signing authority, but it would no longer be the "free" model (i.e., build whatever / whenever you want) any longer.

Because if they don't other chip makers will fill the need.

AMD has already signed on as well, so the only alternative would be Via (whose x86 core is a full generation behind the competition). And if the legislation passes, it would be illegal to import them in any case. Of course, Intel could just sign a copy of Linux (Red Hat or some other distribution), but that won't really solve the fundamental problem, because Intel won't do so unless that particular build incorporates DRM / similar technologies. When systems like this are fully implemented, the days of having full control of your computer are over. You won't even be able to write code from scratch, since it will never run unless you have signing authority, which the corporations can't give out (even assuming they wanted to do so) without breaking the proposed laws.

16 posted on 04/21/2003 5:07:08 PM PDT by Technogeeb
[ Post Reply | Private Reply | To 14 | View Replies]

To: CIB-173RDABN
"And how far are we from having to pay a monthly fee to use software, or else it quits working?"

The between-the-lines text is that RIAA is going to "lock down" your PC so that you cannot copy CDs, MP3s, etc. MS and Intel must be co-opted to make the scheme work.

Of course you can still capture an audio stream but there will be quality degradation--with some noise possibly deliberately injected. Who knows?

--Boris

17 posted on 04/21/2003 6:16:16 PM PDT by boris (Education is always painful; pain is always educational)
[ Post Reply | Private Reply | To 8 | View Replies]

To: demnomo
Yeah, but his nickname is WhitDiff. :) Go figure...

Actually everyone calls him Whit. I have met the man myself. Very impressive guy.

18 posted on 04/21/2003 6:20:09 PM PDT by killjoy
[ Post Reply | Private Reply | To 10 | View Replies]

To: Paul C. Jesup
Sounds like a hacker's dream come true.

It's worse than that. If you don't own the encryption keys, it's not your computer anymore.

Not only will your software expire if you don't pay the rent, all of your documents will be locked up too.

You might have a built-in rootkit that's exploitable by whomever wrote the software.

It would be a marketer's dream come true. Imagine logos, pop-ups, banners all over your screen and you can't turn them off... unless, perhaps, you pay an extra fee.... maybe.

19 posted on 04/21/2003 8:36:04 PM PDT by TechJunkYard (via Blue)
[ Post Reply | Private Reply | To 6 | View Replies]

To: killjoy
Whitdiff is his Cypherpunk nickname. I've met him, too, and he asked to be called just plain Whit. He is impressive.

I believe that he is up for a Franklin Institute award.
20 posted on 04/21/2003 8:36:39 PM PDT by demnomo
[ Post Reply | Private Reply | To 18 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-22 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson