| ActiveMac | Anonymous | Create a User | Reviews | News | Forums | Advertise |
|
|
|
User Controls |
|
New User |
|
Login |
|
Edit/View My Profile |
|
|
|
|
|
|
|
ActiveMac |
|
Articles |
|
Forums |
|
Links |
|
News |
|
News Search |
|
Reviews |
|
|
|
|
|
|
|
News Centers |
|
Windows/Microsoft |
|
DVD |
|
ActiveHardware |
|
Xbox |
|
MaINTosh |
|
News Search |
|
|
|
|
|
|
|
ANet Chats |
|
The Lobby |
|
Special Events Room |
|
Developer's Lounge |
|
XBox Chat |
|
|
|
|
|
|
|
FAQ's |
|
Windows 98/98 SE |
|
Windows 2000 |
|
Windows Me |
|
Windows "Whistler" XP |
|
Windows CE |
|
Internet Explorer 6 |
|
Internet Explorer 5 |
|
Xbox |
|
DirectX |
|
DVD's |
|
|
|
|
|
|
|
TopTechTips |
|
Registry Tips |
|
Windows 95/98 |
|
Windows 2000 |
|
Internet Explorer 4 |
|
Internet Explorer 5 |
|
Windows NT Tips |
|
Program Tips |
|
Easter Eggs |
|
Hardware |
|
DVD |
|
|
|
|
|
|
|
Latest Reviews |
|
Applications |
|
Microsoft Windows XP Professional |
|
Norton SystemWorks 2002 |
|
|
|
Hardware |
|
Intel Personal Audio Player 3000 |
|
Microsoft Wireless IntelliMouse Explorer |
|
|
|
|
|
|
|
Site News/Info |
|
About This Site |
|
Affiliates |
|
ANet Forums |
|
Contact Us |
|
Default Home Page |
|
Link To Us |
|
Links |
|
Member Pages |
|
Site Search |
|
Awards |
|
|
|
|
|
|
|
Credits |
 |
Big beef: How MS might charge you for security | |
|
||
| Time: 05:46 EST/10:46 GMT | News Source: ZDNet | Posted By: Alex Harris | ||
|
Word from Microsoft's chief technical officer Craig Mundie that the company "may offer security abilities on a paid basis" makes me wonder: How long will it be until MS sells you only as much--or as little--security as you are willing to pay for? Think of it, Microsoft could grade the security of its products the same way the USDA grades beef! Its "choice" server software would be sold only to the finest corporations at premium prices. And its "prime" operating systems would go to people who are willing to pay a little more for a better grade of protection than a "select" version of Windows XP that might come on a new PC. As Microsoft products age and their level of security declines, this grading process might actually make sense. The newest servers and operating systems would obviously be the safest; if they were released in large quantities, hackers might not be able to find their vulnerabilities and exploit them so quickly. | ||
|
Write Comment
Return to News |
Displaying 1 through 25 of 313 Last | Next |
The time now is
8:04:56 AM
ET.
Any comment problems? E-mail us |
| #1 By 6859 (204.71.100.216) at 10/16/2002 8:51:48 AM |
| If I'm paying for their "Grade A" security solution, they damn well better be liable in the event something gets through it. If not, you can kiss Windows (and the licensing I currently pay) goodbye. Security needs to be free or it doesn't work. What kind of insane retard thought this one up? |
| #2 By 2332 (12.105.69.158) at 10/16/2002 10:22:59 AM |
|
Sigh... it's amazing how so many people can get so upset over something that consists of a SINGLE SENTENCE.
What Microsoft is planning on doing is not charging for security patches, or for making their code free from things like buffer overruns... it's for things like ADDITIONAL SECURITY TOOLS. Firewalls software, network intrusion software, and the like. Many companies sell products that do these things, and do you expect them to give them away for free because they are security related? Of course not. Get a grip people. |
| #3 By 3653 (63.162.177.140) at 10/16/2002 10:25:38 AM |
| Wow, usually Ziff-Davis takes a single fact and embellishes. But in this instance, they've taken ZERO facts and embellished. |
| #4 By 135 (209.180.28.6) at 10/16/2002 2:05:36 PM |
|
FinancialWiz - Of course most of what has been written on Palladium is just plain wrong, especially if you are getting your info from the anti-MS crowd.(aka /.)
RMD - Agreed. If they bundled in all that stuff, then they'd be accused of unfairly bundling. |
| #5 By 2459 (24.233.39.98) at 10/16/2002 2:50:15 PM |
|
From what I understand, Palladium will NOT be released as a separate version of Windows that costs more. Palladium features will come standard in Windows. If you don't have Palladium hardware, however, you will not be able to benefit from the Palladium features.
Also, Palladium does not restrict content. It is a service that runs in parallel with Windows (not below it). It does not control the boot process. It does not check content or make sure you only have protected content. You can run the same unsigned/unprotected code and content you currently run. Palladium is basically an API that developers can utilize to secure their programs against attack from malicious code and provide better security for Windows services. Palladium is not DRM itself, but the combination of hardware and software provides stronger security for DRM services included with Windows. Lastly, Palladium is not the Trusted computing (TCPA) architecture most of you may have seen at http://www.trustedcomputing.org . While it does have some similarities, it is not as restrictive as that spec. As sodablue said, most of the info regarding Palladium that has been written by third parties is just plain wrong. If you really desire the facts about this technology in its current state and as it evolves, go to http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/news/PallFAQ2.asp http://www.microsoft.com/presspass/features/2002/jul02/0724palladiumwp.asp http://www.microsoft.com/PressPass/features/2002/jul02/07-01palladium.asp and send e-mail to pdinfo@microsoft.com, with "subscribe" in the subject line if you want to subscribe to an announce-only mailing list to keep you informed as new information becomes available. |
| #6 By 2459 (24.233.39.98) at 10/16/2002 2:52:52 PM |
|
Taken from the Palladium FAQ:
Q: What is the "Palladium" initiative, anyway? A: The "Palladium" code name refers to both hardware and software changes. Specifically, it refers to a new set of features in the Microsoft® Windows® operating system that, when combined with new hardware and software, provide additional security services to PCs. There are four categories of these features: Curtained memory. The ability to wall off and hide pages of main memory so that each "Palladium" application can be assured that it is not modified or observed by any other application or even the operating system Attestation. The ability for a piece of code to digitally sign or otherwise attest to a piece of data and further assure the signature recipient that the data was constructed by an unforgeable, cryptographically identified software stack Sealed storage. The ability to securely store information so that a "Palladium" application or module can mandate that the information be accessible only to itself or to a set of other trusted components that can be identified in a cryptographically secure manner Secure input and output. A secure path from the keyboard and mouse to "Palladium" applications, and a secure path from "Palladium" applications to a region of the screen When running, "Palladium" provides a parallel execution environment to the "traditional" Windows kernel- and user-mode stacks; "Palladium" runs alongside the OS, not underneath it. The goal with "Palladium" is to help protect software from software; that is, to provide a set of features and services that a software application can use to defend against malicious software also running on the machine (viruses running in the main operating system, keyboard sniffers, frame grabbers, etc). "Palladium" is not designed to provide defenses against hardware-based attacks that originate from someone in control of the local machine. This post was edited by n4cer on Wednesday, October 16, 2002 at 14:54. |
| #7 By 2459 (24.233.39.98) at 10/16/2002 2:58:26 PM |
|
Taken from MS Palladium: A Business Overview (linked in my first post):
A "Palladium"-enhanced computer must continue to run any existing applications and device drivers. "Palladium" is not a separate operating system. It is based on architectural enhancements to the Windows kernel and to computer hardware, including the CPU, peripherals and chipsets, to create a new trusted execution subsystem (see Figure 1). "Palladium" will not eliminate any features of Windows that users have come to rely on; everything that runs today will continue to run with "Palladium." In addition, "Palladium" does not change what can be programmed or run on the computing platform; it simply changes what can be believed about programs, and the durability of those beliefs. Moreover, "Palladium" will operate with any program the user specifies while maintaining security. It is important to note that while today's applications and devices will continue to work in "Palladium," they will gain little to no benefit from "Palladium" services. To take advantage of "Palladium," existing applications must be adapted to utilize the "Palladium" environment or new applications must be written. This software - whether a component of a Microsoft Win32®-based application or a new application - is called a "Trusted Agent." This post was edited by n4cer on Wednesday, October 16, 2002 at 14:59. |
| #8 By 1845 (12.254.162.111) at 10/16/2002 3:57:42 PM |
| How many time have you posted that now, n? One of these days, perhaps, the populous will read it and understand what Palladium is really about. |
| #9 By 2459 (24.233.39.98) at 10/16/2002 4:15:22 PM |
|
I've lost count. :-)
The Business Overview link is new, though (meaning I haven't posted it before). You should check it out. It has a lot of good info. http://www.microsoft.com/presspass/features/2002/jul02/0724palladiumwp.asp so you don't have to find it in the other post. This post was edited by n4cer on Wednesday, October 16, 2002 at 16:16. |
| #10 By 1845 (12.254.162.111) at 10/17/2002 3:09:55 AM |
| For all the supposed running of the United States by large corporations, it sure took long enough to get a shut down ruling in the Napster case. I can't even imagine a case that was more obvious than this one, but it was, what, a year and half at least from filing to the ruling? That doesn't sound to me like the music industry has a lot of sway. |
|
Write Comment
Return to News |
Displaying 1 through 25 of 313 Last | Next |
The time now is
8:04:56 AM
ET.
Any comment problems? E-mail us |
