MS Palladium Technical Talk at Harvard 13
An anonymous reader writes: "On December 4, John DeTreville from Microsoft Research will give a technical presentation about Palladium, Microsoft's Digital Rights Management effort. The talk is open to the public and is a good chance to ask questions."
Versus MIT? (Score:3, Interesting)
(And has Microsoft recovered from the MIT presentation yet?
Re:Versus MIT? (Score:2)
Re:Versus MIT? (Score:1)
Also, I've wondered how the CS depts might be different.
What I would ask... (Score:4, Insightful)
1. How does Microsoft plan to allow non-proprietary Operating Systems access to Paladium media?
(Assuming "we don't" is the first answer:)
2. Why would consumers want to purchase your product that removes rights they have over their own media?
(Correct answer: We're a monopoly and they have no choice in the matter. We're serving our own market interests and not those of our customers. We're using our desktop monopoly to gain a stranglehold on all digital media as well, just as we're not supposed to under antitrust law.)
Re:What I would ask... (Score:3, Informative)
It's not clear what you mean by Palladium media. If you read the linked article [harvard.edu], you see that Palladium has four components. None of them refer to Palladium media per se.
What they do have is attestation, which lets a remote server reliably determine that you are running WMP or some other DRM compliant software before you download. Then WMP can enforce whatever restrictions are specified in the data file. So you could call the media supplied by such a server "Palladium media", and chances are that no, the server won't give you the data if you're not running Palladium - but that's entirely up to the server operator. You can't force him to do what you want, and you can't fool him, thanks to Palladium.
2. Why would consumers want to purchase your product that removes rights they have over their own media?
Now, this doesn't make sense. It's not their own media! The data is on a server belonging to someone else. Palladium gives that server owner more information in deciding whether to let you download it. It allows the server to make sure you're running some software that will follow certain rules. If not, it won't give you the data.
So nobody is taking away rights over your own media. Anything you have today, you can continue to use. What Palladium does is let people decide whether to give you their media, and to do so only if you in effect agree to follow their rules.
In answer to your question about why consumers would want to purchase Palladium computers, the answer is obvious. Server operators won't give the data to people who don't have Palladium. So owning a Palladium computer will be the only way to get entertainment media in the future. Nobody's going to force you to buy one. But some (not all) content creators will refuse to give their content away unless you are running Palladium so that they can be confident that you won't steal their data.
Security improvement ? (Score:4, Insightful)
The user can no longer independently access his own files, thereby considerably DECREASING security, most defineately not increasing.
Re:Security improvement ? (Score:2)
The idea is that only the program which encrypted the file can decrypt it. The file is somehow "locked" to the hash of the program that was running when it was encrypted.
The reason this increases security is two-fold. First, if some malicious program is run, a trojan or a virus infected program, it can't access the data. Imagine that the data is your bank account PIN or credit card number. Right now an Outlook virus could look through your files and find the data. With Palladium this can't happen, because only the banking program can unlock those files.
Second, if the banking program itself gets infected with a virus, its hash will change, and it won't be able to unlock its own files any more! So even a virus which targets the financial software won't be able to steal its sensitive data. In this way, Palladium provides security against a much wider range of malware infections than is possible in computers today.
Another example of improving security would be a multi-player game or P2P system where keeping people from cheating is desirable. In that case it's to everyone's advantage that they can't run a rogue game client or change their data files. By giving up the ability to cheat in this way, the user ultimately gains security because he can participate in the system free from other people cheating as well.
Usually you have to give up something to get something. Giving up the ability to cheat and to break your promises can lead to real gains. If you are offered a download of some data only in exchange for promising not to share it with anyone else, Palladium allows you to make that promise in such a way that you can't go back on your word. This will eventually lead to more valuable data being made available than would be possible in world where cheating is easy and unpreventable.
DRM for new media types (Score:3, Interesting)
I'll go (Score:3, Interesting)
Does anyone have any questions they'd like to have asked?