Well then they’re fucking morons, aren’t they, rather neatly proving my point that people in general are not going to take the responsibility for their own safety as you keep insisting. In fact, I take that back; I know many highly intelligent people who don’t patch their computers. People, in general, can not be trusted to take care of their own security, hence the emphasis in SP2 upon security by default. No, MS can not force them to install something they don’t want, and lo and behold they haven’t. They don’t have the right to, and I don’t see how they could. They do have the power and the right to ensure that people can’t download it from unsafe sites, and have done so. You present a ludicrous proposition, which is that if MS don’t do something outside their power to protect their reputation and software security, then they shouldn’t do things that are in their power. I can’t imagine the stink you’d kick up if MS did try and force-install their updates.
You’ve repeatedly and deliberately stated the utter falsehood that MS are going to stop you running third-party software, and have wilfully ignored all of the evidence to the contrary (which, remember, is all of it), instead preferring the masterful argument that “it’s the sort of thing they do”. You’ve thrown out red herring after red herring about the music industry, browser standards and even motorcar conspiracies, all in a bizarre effort to prove that Microsoft are up to no good. You’ll forgive me if after all this time trying to get you to acknowledge just a smidgen of fact that I’m giving in to a touch of hyperbole here and there.
Oh, and just for the hell of it:
This sounds like a large case of miscomprehension. The only fundamental difference between 64 and 32 bit processors is the length of their instruction and data words (one has words 64 bits long, one 32). There’s plenty of research into proven-safe software (where the safety can be dynamically checked at runtime or the code can be supplied with mathematical proof of its safety), but none of these technologies have any dependence on the number of bits the processor uses; it could be 47 for all it matters. At most maybe MS meant that it’s computationally expensive (which is generally true) and that it’ll take next-gen hardware to run it usably (which is also quite likely). It’s also possible that they’re talking about the AMD “no execute” instruction implemented in the x86-64 instruction set, since they’ve apparently moved over a lot of their future security plans to make use of this.
In fact, here’s an interesting article. What were we panicking about again? I thought this naughty hardware was going to render third-party software impossible! And yet here I am, with a computer containing a chip with the NX flag (the apparent foundation of the future authentication system), and somehow I’m able to develop my own software, install and run Linux in native 64 bit, and all without breaking sweat. It’s technology developed by AMD, and adopted by Microsoft. At present only Linux will run on it natively, pending the release of XP 64 bit. Will you accept this as proof that Microsoft are not out to stop me running other people’s software? Please?
Not quite true, actually (it’s late here); that should read “future safe software environment”, since the NX flag is intended to greatly help in eliminating buffer overruns by marking areas of memory as “no execute”, and is not an authentication technology. Nonetheless, the NX flag appears to be forming the foundation of Microsoft’s future security strategy (witness Intel’s rush to shoehorn it into their architectures), and as such is a whole lot less insidious than it’s been made out to be.
I don’t know about you, but I get really annoyed at all the efforts made to protect me from other people’s stupidity. You know, not only those absurd warning labels which have started appearing on products that say things like, “Do not use hair drier while showering.” Or the safety switches which put you at more risk than the danger they’re trying to protect you from? At one job we had a conveyor start alarm which could deafen you if you happened to be near it when it went off. When I pointed out that this was kind of hazardous, I was told there was nothing which could be done about it, since OSHA regulations required it to be located where it was and to operate at that volume. Given that M$ is now shipping SP2 so that it turns all of the security features on, because of the dangers posed by people not knowing what steps to take to protect themselves, if large numbers of people don’t bother to install the various patches, I can easily see M$ incorporating mandatory patch installs into Longhorn. Which, IMHO, would be a good thing, certainly better than preventing people from using third party sources to download patches.
And you repeatedly ignored the instances of M$ taking advantage it’s domination of the market place to screw with third party software companies. Hence the numerous anti-trust suits against M$.
Could be. I’ll take your word for it.
From your link
And
So they haven’t entirely shelved the idea, just delayed it’s implementation. Of course, they might discard it all together or someone might figure out a workaround, but as they say, hope for the best, plan for the worst.
It’s funny watching dipshits flame MS for the most retarded shit. Sure, there are valid reasons to hate Microsoft, but this isn’t one of them. It’s also pathetic watching people like Tuckerfan not being able to admit when they’re wrong, and just dragging it on and on.
So you don’t want them to stop unsafe, unlicensed distribution of their copyrighted code (such horrific meddling!) but you do want them to install software on your machine without your permission (great idea!)? Pardon me while I scoff. You’re sick of being protected from their stupidity, but, erm, want to be protected from their stupidity? Think these things through, won’t you?
Argh! Do you have any idea what the “compartmentalising” technology is? Any at all? No? Then why the hell are you treating it like demonspawn? This is just ridiculous. “Plan for the worst,” my arse; this is more like “assume the worst has already happened and blame MS anyway.” For what its worth, I believe it’s a sandboxing technology which allows programs to be run in their own isolated memory space so they can’t interfere with the rest of the system. It, too, is not an authentication technology, which is the bit of NGSCB which has been shelved. Think of it as a more advanced, higher level version of NX.
This is what I mean about your approach here. You’re not making the slightest effort to find out what any of these terms or technologies mean or do; you’re just picking out key words and reacting to them in the worst possible way. Your talk of a “workaround” is so much ludicrous fluff, because it’s been made totally clear from the earliest draft papers that the technology would have been optional, at the user’s discretion. There was a workaround from the beginning: do nothing.
I do. That’s why I didn’t disable automatic updates, and why I run third party software to protect myself. Lot’s of folks don’t.As you keep yammering on about, this is a security issue, and since I find the thought of M$'s software doing automatic updates far less intrusive than them shutting down a third party source for the patch I prefer that. You don’t deal with third party software sources, and apparently don’t want M$ to do forced automatic updates. Looks like each one of us has picked our poisons, don’t you think?
Yeah, but even just a few years ago, few people would have predicted that P2P software would have become the widespread phenomenom that it is. Hiram Maxim thought that the machine gun would make war too horrific for it to continue, even the atomic bomb hasn’t stopped warfare, only slowed the death toll. Just because the official plans don’t include it at present, doesn’t mean that they won’t be included later.
Yes, but the “do nothing” approach can prevent you from accessing programs and files generated in the protected mode.
And you’re trying to bait me for what reason? You’re the last poster I’d expect to be moving under a bridge any time soon, yet in this thread you’ve displayed a distinct lack of the intelligence and wit you’re known for. Rather than going after me with articulate criticism as you usually do with posters you disagree with, you’re taking cheap shots. I would think that you could do better.
My position is that I want to control my property (namely, my computer) and I want Microsoft to control their property (namely, their rights over their own software). You want MS to control your property, and yet for some reason not control their own. I know which sounds more sensible to me.
So, in summary; we can’t know exactly what will happen, so you’ll ignore all of the evidence anyway and make up whatever you feel like? Well, okay, but the rest of us will carry on trying to work out what we think will happen based on the bleeding facts, and what we know about the technology. If you know so little about any of this that you’re reduced to analogies about the freaking atom bomb, then may I suggest that you’re a wee bit out of your depth? You’ve persistently ignored any attempt to deal with the technical truth, and these red herrings are really irritating, since they’re completely irrelevant.
No, it can bloody not. You know not what you say. You are making this shit up. It is Not True. Lies. Bullshit. A LOAD OF STEAMING MARMOSET POO. For the last fucking time, because apparently you either can’t read or are poking pencils into your cerebellum for fun:
From the very start this was the case, and now it doesn’t even freaking exist. Will you fucking well stop insisting that it’s somehow locking you out of your own computer, because it bloody well isn’t.
A troll isn’t merely someone who makes personal attacks, but also one who makes pointless and retarded arguments and continues arguing even when shown that there is a very good reason against your opinion. I’m not telling you to accept it, but it would be a good idea to let your ego and/or blind hatred slide for a bit and stop being such an asshat.
Shit, I had a post typed out and lost it by crashing Opera. Here’s the condensed version:
I’m running XP 32-bit, since the 64-bit version of XP is still in beta, and doesn’t have sufficient driver support to be usable yet. I have a copy of the preview version (provided free of charge, incidentally), and installed it when the PC was new to have a look. It seemed to work okay, although I didn’t spend much time on it. It certainly ran fine, but I need a reliable system to work on. I am running Linux natively in 64-bit, though, and that’s what I’m typing this post in. Both systems are backwards compatible, i.e. 32-bit software will run quite happily (mainly because that’s how the chip is designed). If there’s something I can’t compile on this machine (which happens occasionally), I can just build it on another Linux box and copy it across.
I’m taking a guess at where you’re going with this question, and would like to point out that XP 64-bit is just a port; it implements no new technology past that which is necessary for the execution of 64-bit binaries. To the best of my knowledge, it will not make use of the NX flag (too much work for a short-term port for hardware that hardly anyone has, yet).
Interesting, I didn’t know that there was a preview version available (though I thought that might be the case). Not surprised that there’s been no use of the NX flag, since M$ has pretty much pulled everyone off of everything to bang out SP2 (a wise move, I think). And what’s your reason for using Opera? Primarily security or is it one of functionality?
Bit o’ both, but mainly the latter, since I patch the PC regularly anyway. It means I don’t get any spyware or popups, but the tabbed browsing and mouse gestures are things you can’t stop using once you’ve started. IE is a functionless piece of rubbish, as well it might be since its development has been essentially stopped for the last 2 years or so. I’m led to believe they’re now intending to release an IE 7 at some point, but that’s just hearsay, and I have no info on what it might contain. I think the recent CERT advisory and Gartner release suggesting that the best fix for the latest IE flaw was simply to use a different browser shook them up somewhat :).
Pardon me for being a Doubting Thomas, but this is the first time I’ve ever seen anyone come out in favor of Palladium/TCPA anywhere. Now, granted, I don’t read the industry trade publications like Badger probably does, but I also don’t get my news from www.billgatesisaneviloverlord.com either. Nor can I recall having any dealings with Badger on these boards before, so I’m not necessarily going to take his word for it, no matter what links he might provide (nor would I expect Badger to treat my posts any different). Anytime, anyone says, “Trust me, I have your best interests at heart.” I immediately reach for my steel undies with the heavy duty padlock. Now, if I had the time, I’d happily post links to everything that I’ve read, seen, and heard which states that Palladium/TCPA is a bad idea, and I’m sure that if Badger had the time to go through and refute them all, he would, but I’m sure that I can safely speak for both of us when I say that we don’t have that kind of time at our disposal. Now, if all that makes me a fool and troll in your book, then I suggest you do us both a favor and put me on your “Ignore” list. Oh, and if the things I’ve stated never come to pass, feel free to open up a “I Told You So” thread.
Badger, I switched Opera after Nutscrape came out with that gawdawful 6.0 version. Damn thing hammered my PCs resources so hard that the lights dimmed every time I launched it. Really, my biggest beef with M$ is that they just can’t do security very well. I’m not certain if it’s because they don’t take it as seriously as they need to, or if they’ve got too many irons in the fire at one time. I think that we’d all be better served if they spun off their other programs and simply concentrated on making the best OS they possibly can.
Right, but this is why I have real trouble with the premise of your OP. MS have recently acknowledged their security failings, and consequently are making a lot of new functionality available for free. At the very most one can say that their actions were too cautious (although I disagree, obviously). Given that the takedown didn’t actually inconvenience anyone (the servers hosting the network install that was shared are more than coping, it seems), and has some genuine technical and security reasoning behind it, it seems churlish to then turn around and complain that MS are now being too careful. They’re trying to rebuild (or just build) their reputation for security, which you believe is their biggest failing. Their action here was entirely consistent with that motive. Give them a chance, eh?
As for the whole TCPA issue, well, I don’t expect you to take my word as gospel (and indeed I said as much, somewhere up there). It would be nice if you’d at least acknowledge that MS never even proposed making the system compulsory, though. Even if you think it’s the sort of sneaky thing they’d do, it just wouldn’t be in their interests. For example, they sell development software (and very nice development software, I might add, at least IMHO). If I want to develop an application using Visual Studio, under the compulsory version of TCPA, I would have to submit my software to the root authority for signing every single time I compiled it. They’d have to verify it, sign it, and send it back, then I’d be able to run it and discover my latest carefully-crafted bug. I’m working on a project today which I estimate I’ve compiled at least 50 times since lunch. Can you see how this is simply unworkable? It’s not just a case of “MS could do it if they wanted, and even if they say they won’t.” If they did what you claim they want to do, their computers would be completely unusable. It doesn’t matter if you’re the most powerful software company in the world; you can’t force people to buy $2000 machines that don’t work.
However, the underlying principle of TCPA is one of the two primary methods (as I see it) of eliminating dangerous code. The first (the approach TCPA proposed) is to use a system of trust, whereby some organisation certifies that the software is indeed safe. This is not proof; the organisation must be considered sufficiently trustworthy that their assurance is all that is needed to accept software as good. This organisation is the root authority, and crucially, it need not be unique. The technology involved merely allows the user to know for certain that the root authority has indeed signed the software he is running. The hardware aspect is a way of making the chain of trust more secure. Trust in this sense is not “well, I think they’re okay”, it’s an expression of mathematical certainty in some fact; in this case that the root authority has signed the code.
I fundamentally believe that we need a trust infrastructure in the sense defined above. The assurance that a sender is who he says he is would be a hugely valuable tool in eliminating spam, for example. I really can’t wait until a digital certificate is something that every computer user finds as commonplace as their password (although I hope to god they take more care of them). Only then can I start rejecting out of hand any email that isn’t signed. It does raise the question of who administers such a system, and I quite agree that this is a concern. A closed system in which a single company administers certificates is not one I’d like to see, but TCPA was not an effort by a single company, but rather a standards consortium. My ideal is an open system in which any body is free to issue certificates, but where there emerge several whose reputations earn them trust (and some of them would inevitably be free, just as there are free PGP repositories). At this point you can start rejecting email signed with certificates from dodgy certificate authorities, filtering email from unknown ones, and automatically accepting email signed by a trusted authority. It’d be great. Unfortunately, I think the sort of paranoia that erupted over TCPA is going to put this sort of thing back by quite a while. It’s all very well being cautious over who’s going to run such a system, but it’s quite another to scream blue murder until the entire thing is shelved. There’s such a thing as too sceptical, y’know.
The second approach to software safety is the more direct, but vastly more difficult task of ensuring that dangerous code simply can’t run (or can only run in a zone where it can’t make trouble). This includes technology from something like the NX bit, which is a bit crude (but certainly a vast improvement), to full-blown mathematical proofs of safety (which are a long way off). And, as we’ve seen, even this gets mixed up in the general whiff of paranoia, because you get rumours about 64-bit processors containing naughty new technology, etc. etc., and believe me, there is nothing about the NX bit that can hamper consumers (you really can take my word on this one). Anyway, that’s enough visionary babble. My basic point is that there’s a lot of very sound thinking behind these ideas, and you’d do well to at least consider it before jumping off the deep end.
Blimey, that was a long post, directly contradicting your point about how much time we have on our hands :). Man, I’m bored. Anyway, I think that’s going to be my last word on the matter, since I’ve probably irreparably convinced anyone bored enough to have made it this far that I’m a horrible, horrible geek. I’m just trying to get across the idea that there’s more to this stuff than MS trying to screw you; many people have spent a lot of years working on and researching this stuff, and it’d be a shame to see it get ignored on account of kneejerk rejections of the unknown.
Well, I’m not entirely convinced that they are taking security as seriously as they need to. After all, one of their reasons (though certainly not the only reason, I’m sure [and I don’t doubt that they have legitimate reasons]) for doing a gradual rollout is their concern that their servers wouldn’t be able to handle the load. Now, I don’t care how big a proponent you are of any software system, you have to admit that all of them do have their bugs from time to time, so even if M$ checks every line of code to the Nth degree before they release it, situations will arise where they’re going to have to issue a large number of patches all at once. It might be because of a glitch, some new hot piece of technology that everyone is simply dying to have, a former programmer with M$ has figured out a hack for Longhorn (that only someone intimately familiar with the source code could do) and is using it to steal credit card numbers, or, and this is the worst possibility of all, IMHO, that Federal regulations require some kind of back door be installed in the OS so that they can monitor all of us for “terrorist activity.” It seems to me that the should have the capability of allowing 50%+ of the users of the affected software be able to download it and install it within 48 hours of it becoming available. Yes, I realize that this means that they could have a large number of servers being unused for extended periods of times, but there are ways to do this and make it profitable for the company (they could, as IBM does, rent server space on an “on-demand” basis). If they’re not willing to do this, and they’re unwilling to use some of the methods suggested by folks, in this thread, which would give them control, then I don’t think that they should be too surprised if someone decides to take matters into their own hands. It may be their right to shut those folks down (and while there’s some debate about that, I’ve stared at enough copyright law to know that you can pretty much find support for anything in it, provided you pay your lawyer enough money), but I don’t think that it’s the best solution to the problem.
And while I’m not saying that you’re wrong in how a compulsory system would work, I can see how a compulsory system would operate differently than you describe. I know that M$ provides details on it’s source code to the various software companies, and that if the average joe off the streets calls M$ up and asks for those same details, they’re going to be told “Nothing doing.” (And rightly, so, I might add.) So I can see them providing modified software to software vendors which allows them to compile and run in “protected mode” without constantly submitting and resubmitting their software for verification. Now, it might be entirely possible that the hardware’s designed so that there’s no way this could happen, but I doubt it (simply because I don’t think that anything can be made totally fool proof). I know that at cellphone companies during training, they give their employers fake ESN numbers for phones, so that the employees can learn how to activate the phones. In a compulsory model, software vendors (in theory) could use a fake verification signature for testing purposes, and then submit the final version for verification.
All well and good, and I certainly hope that it works as you describe. Now, am I correct in saying that the primary purpose of this set up is to help prevent piracy and virus attacks? Or is it going to serve as protection against malware in general as well? The reason I ask this is because of the contoversy over the “Google bar” pop-up blocker, which apparently isn’t all that it’s cracked up to be (I don’t know, I use Proxomitron myself), in that it’s giving out information which people wish it wouldn’t. If the TCPA is set up to block malware, and a “reputable” company comes along with a piece of malware buried in its verified code (which you agree to, as detailed in line 300 billion of the EULA) of a program, like Adobe Acrobat (to pick on someone else for a change), and word of that gets out, it shoots the credibility of TCPA right out the window. Because people will be screaming, “You said TCPA is supposed to protect me from spyware and it didn’t!” even though the real purpose of TCPA is simply to prevent joe hacker from creating malware or pirating MP3s.
You know, I don’t have that much problem with spam, and I really don’t know why. It might be that the spammers know I’m broke, so they’re wasting their 1/1000000000000th of a cent in sending me the spam, or it might be something else. IAC, I don’t think that anyone other than spammers would disagree with the statement that the elimination of spam is a good thing. However, I don’t think that the spammers are going to take the matter lying down. Certainly the Federal “Do Not Call List” hasn’t eliminated the telemarketing industry, not only because people haven’t “Opted In” on the list, but because there’s a variety of legal loopholes in the law (still, it’s a big improvement). I wish I could remember the details, but I can recall hearing about someone coming up with a new encryption system which was uncrackable and could safely be used for security purposes, only to discover that folks didn’t need to crack the encryption system, they only needed to copy it (since it was a seperate part) and append it to whatever it was they were doing. Now, TCPA may not work like that, but if it’s sold to consumers as a safe guard against spam, and the spammers manage to find either a software or legal work around for the “problem,” we’re back to where we started (actually, a little worse, since people will be angry at not only the spammers and the companies that sold them the software/hardware combination which was supposed to protect them from it). Mind you, something has to be done about spam, because it’s clearly a huge problem, but so far, none of the proposed solutions I’ve heard about sound any more workable than the whole nuclear arms race where each side keeps building up and building up until one of the parties declares bankruptcy first. (And with our luck, it’ll be the good guys that go belly up and not the spammers.)
Hey look, I’m salivating over the prospect of owning a 64-bit machine, and if the software for it is written in such a way, that none of my clock cycles are tied up running anti-virus software, I’ll be a happy camper, provided, of course, that doesn’t prohibit me from running a program which cracks the anti-copying software on a CD I just bought. (No, I don’t pirate music as a hobby, my goal is to have my entire CD collection stored on my hard drive, with networked PCs in every room, so that I can listen to whatever I want, without having to dig through the 300+ CDs I own.) It’d also be nice if there was an easy way for people to stream music to one another, without simply transferring the MP3 or whatever file to the other person’s PC. That way if two people are IMing each other and person A mentions a song that person B’s never heard of, they could let person B hear it without any copyright violations being involved. Or if there was an easy way for a person to get X song streamed to them on demand.
Don’t feel bad, my car died tonight so my plans for the evening are totally shot, and I’m stuck here at home instead of in class. I certainly didn’t mean to come across as stating that I think that a “secured” OS is entirely a bad thing. My worry is that it will prevent me from doing many of the things I do now, as easily as I do now.
Partially true (I believe they were also giving consideration to the wider internet infrastructure; if every XP PC in the world suddenly demanded an 80MB download at once, there’d be more people having trouble than just MS. But this isn’t the reason they issued the takedown; that was because they couldn’t ensure its safety. They clearly decided that the risk of unverified code going out was greater than the risk of having people wait a few more days without it, and it’s not exactly difficult to see why.
It’s not impossible to design such a system, but it would still be unworkable; many more people develop software on Windows than major firms, and MS sell their development environment to these people too. My father, for example, runs a four-man firm that develops high-tech software under Windows. In the scenario you describe, either MS would have to provide “secret mode” to every self-employed developer upwards, in which case it’d be “secret” for about 30 seconds, or all of these people would suddenly be unable to develop under Windows, precipitating an immediate move to a usable alternative (say, Linux). It simply isn’t in MS’s interests to stop people using their computers, and I don’t even see what they stand to gain by doing so. They can’t write all the software in the world, and I’d be very surprised if they even want to.
Depends entirely on the infrastructure setup. What the signature “says” is up to the signing body. It could just mean that the software you’re running is exactly what the authors distributed (i.e. is untampered), it could mean that the signing body runs some sort of certification process which the software has passed. This is what I mean about a flexible, open system. It’s up to root authorities to decide what services they provide, and their reputations will grow accordingly. At its heart, it’s simply providing the end user with more information. If a root authority certified dodgy software, it would quickly find itself out of business.
The problem with spam is that it’s too cheap. A legal solution will never work, IMO; the solution will have to be technical. We either need to create a “trusted” sphere from which we can exclude spammers by reputation (coming back again to the root authority business), or we need to impose a sufficient cost on spam such that it becomes uneconomic. There are lots of ideas for both approaches (such as micro-payments for email “stamps” - this spawned a rumour that Bill Gates was going to start charging us for email, despite MS having nothing to do with the idea), and my personal preference is for the signed email route. Once you only accept signed email, someone’s got to give spammers certificates, and once they do that, you can start tying them down and simply blacklisting them. If spammers want to get a certificate from a reputable authority, they’ll have to pay, and reputable bodies will revoke certificates from users proven to be spamming. Disreputable certificate authorities will be hastily blacklisted.
Well, this you certainly can take my word on, as I have my entire CD collection on my hard disk (emphatically not shared), and the processor hasn’t exploded yet. No AV software either (this isn’t a CPU-level type of thing, really). Going to bed now :).