Assuming you trust the owner of the computer, the hardware offers effectively no additional security over just constructing the software right. The OS can enforce code signing and similar restrictions, it can construct the same sandboxes for untrusted code, and do everything else paladium claims to do to help the user.

The only thing the OS can't do is to keep secrets from the owner of the machine. Thus the hardware is useful for ligitimate DRM and less legitimate fair use restrictions, preventing piracy by authenticating, etc, under the assumption that it is much harder for the box owner to manipulate the hardware instead of the OS.

This is the biggest tipoff that paladium isn't really intended for the benefit of the users: It doesn't TRUST the machine owner, the machine owner is the enemy. Do we want the systems we buy to not trust us?


[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/96/14402#14402