From: yossarian at planet.nl (yossarian)
Subject: Trustworthy Computing Mini-Poll

>> Palladium will have an option to turn certain features "off", says
>> MS, so you can run programs deemed untrusted, outside the sandbox. If
>> there is a mechanism to turn features off, they differ from TCPA,
>> that is mandatory.

>Sounds great, doesn't it?
>What would you choose:
>1. Run without Palladium, but your MS Office, IE and Windows update
>might not work since your computer is considered insecure.
>2. Active Palladium.

I think i might run w/o Palladium - and search the net for cracked windows
updates, they are availale now, so why should'nt they be in the future? I
never thought it useful upgrading to a newer office since 2000, so why
should I do so in the future?

>> The only thing unclear for want of funcspecs is if I will be able to
>> take files out of the sandbox. If they want to make the systems
>> 'backwards compatible', there must be such a feauture.

>If the system is backwards compatible, what's the point with Palladium?
>It's like the "improved security" of XP or .NET server: they still use
>the NTLM-hash so LC still works.

Let's turn the question around a bit: if it is not backwards compatible, how
am i going to upgrade a 150.000 usr network? This answers your question on
XP and .NET as well - getting secure means big bang migrations. But these
are rarely feasible. So there must be a backwards compatability on some
levels, such as network authentication, which can be turned off later. Of
course, we forget, but we can't blame MS for that. Same goes for Palladium,
a system msut not only be secure, it should be useable, including during
migrations.

/Yossarian

Powered by blists - more mailing lists