mailing list archives
Re: Trustworthy Computing Mini-Poll
From: "yossarian" <yossarian () planet nl>
Date: Sat, 28 Dec 2002 13:51:06 +0100
Palladium will have an option to turn certain features "off", says
MS, so you can run programs deemed untrusted, outside the sandbox. If
there is a mechanism to turn features off, they differ from TCPA,
that is mandatory.
Sounds great, doesn't it?
What would you choose:
1. Run without Palladium, but your MS Office, IE and Windows update
might not work since your computer is considered insecure.
2. Active Palladium.
I think i might run w/o Palladium - and search the net for cracked windows
updates, they are availale now, so why should'nt they be in the future? I
never thought it useful upgrading to a newer office since 2000, so why
should I do so in the future?
The only thing unclear for want of funcspecs is if I will be able to
take files out of the sandbox. If they want to make the systems
'backwards compatible', there must be such a feauture.
If the system is backwards compatible, what's the point with Palladium?
It's like the "improved security" of XP or .NET server: they still use
the NTLM-hash so LC still works.
Let's turn the question around a bit: if it is not backwards compatible, how
am i going to upgrade a 150.000 usr network? This answers your question on
XP and .NET as well - getting secure means big bang migrations. But these
are rarely feasible. So there must be a backwards compatability on some
levels, such as network authentication, which can be turned off later. Of
course, we forget, but we can't blame MS for that. Same goes for Palladium,
a system msut not only be secure, it should be useable, including during
Full-Disclosure - We believe in it.
Re: Trustworthy Computing Mini-Poll yossarian (Dec 28)