The Devil And The Deep Blue Sea

Threat level definition

The Devil And The Deep Blue Sea
Jon Lasser, 2002-07-17

Why Microsoft's Palladium project threatens to send Linux and open-source into exile.

Expand all | Post comment

And the major security goals don't need hardware 2002-07-18
Nicholas Weaver (1 replies)

And the major security goals don't need hardware 2002-07-19
Anonymous

The Devil And The Deep Blue Sea 2002-07-18
Anonymous (6 replies)

The Devil And The Deep Blue Sea 2002-07-18
Anonymous

The Devil And The Deep Blue Sea 2002-07-19
Anonymous

The Devil And The Deep Blue Sea 2002-07-19
Anonymous (1 replies)

The Devil And The Deep Blue Sea 2002-07-23
Anonymous

The Devil And The Deep Blue Sea 2002-07-19
Anonymous

The Devil And The Deep Blue Sea 2002-07-19
Anonymous

The Devil And The Deep Blue Sea 2002-07-22
Anonymous

The Devil And The Deep Blue Sea 2002-07-18
Anonymous

Unbelieveable 2002-07-18
Anonymous (5 replies)

Unbelieveable 2002-07-19
Anonymous (2 replies)

Unbelieveable 2002-07-20
Anonymous

Unbelieveable 2002-07-21
Anonymous

Unbelieveable 2002-07-19
Anonymous

Unbelieveable 2002-07-19
Martin Schoch

Unbelieveable 2002-07-20
Anonymous

Unbelieveable 2002-07-20
Anonymous

The Devil And The Deep Blue Sea 2002-07-18
blacklight (1 replies)

The Devil And The Deep Blue Sea 2002-07-23
Anonymous

Take a chill pill 2002-07-18
Anonymous Bastard (3 replies)

take your own advice 2002-07-19
rsullivan@art-line.com (1 replies)

Re: take your own advice 2002-07-19
Anonymous Bastard (2 replies)

Re: take your own advice 2002-07-19
Anonymous (2 replies)

happy x86 processor world? riiiiight... 2002-07-19
Anonymous (1 replies)

happy x86 processor world? riiiiight... 2002-07-22
Anonymous

Re: take your own advice 2002-07-21
Anonymous

Re: take your own advice 2002-07-19
Anonymous

Re: Take a chill pill 2002-07-19
Jm4n

Take a chill pill 2002-07-21
Anonymous

And they expect JIT Java and .NET compilers to operate? 2002-07-19
Anonymous

The Devil And The Deep Blue Sea 2002-07-19
Anonymous (1 replies)

OSS version of Palladium 2002-07-20
Abri

The Devil And The Deep Blue Sea 2002-07-19
Anonymous

The Devil And The Deep Blue Sea 2002-07-19
SkyLeach

Palladium and buffer overflows 2002-07-19
Anonymous (6 replies)

Palladium and buffer overflows 2002-07-19
Anonymous

Palladium and buffer overflows 2002-07-19
Anonymous

Palladium and buffer overflows 2002-07-20
bufferoverwhelmed

Palladium and buffer overflows 2002-07-20
Anonymous

Palladium and buffer overflows 2002-07-21
Anonymous

Palladium would NOT stop buffer overflows... 2002-07-21
Nicholas Weaver

Pride goeth before a Fall 2002-07-19
Anonymous

Couldn't _anyone_ make a "signature stamp"? 2002-07-19
Mad Ivan

Question - couldn't `trusted´ OSS individuals or organizations create their own keys and sign software? For example, if RedHat signed their kernels and binary distributions, or the Debian organization's key members published keys they created, open-source groups could trust them. For individual end users, it would boil down to "I personally believe (by having met them, or other experience) that 'Joe Blow' writes trustworthy software".

Of course, this doesn't solve the problem of a near-monopolistic group of content providers issuing DRM-locked music/video/.... which would only `trust´ keys generated by Microsoft. Perhaps a rational examination of the market they would be excluding by not trusting keys issued by large, reliable OSS providers could convince them otherwise.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/96/15729#15729

No evidence for these claims 2002-07-19
Tamperbell (2 replies)

No evidence for these claims 2002-07-22
Anonymous

No evidence for these claims 2002-07-23
Anonymous

The Devil And The Deep Blue Sea 2002-07-19
Anonymous

MSFT won't fix Outlook so we must lock hardware? won't work 2002-07-20
Anonymous

Alternate hardware 2002-07-20
Anonymous

The Devil And The Deep Blue Sea 2002-07-20
Anonymous

THE DEVIL AND THE DEEP BLUE SEE 2002-07-20
NSS ( Network Ssecurity Systems)

It's all about trust 2002-07-20
Anonymous

The Devil And The Deep Blue Sea 2002-07-21
Anonymous

The Devil And The Deep Blue Sea 2002-07-22
Anonymous

The Devil And The Deep Blue Sea 2002-07-22
Anonymous (1 replies)

The Devil And The Deep Blue Sea 2002-07-23
Anonymous

The Devil And The Deep Blue Sea 2002-07-22
Anonymous

The Devil And The Deep Blue Sea 2002-07-23
Anonymous (1 replies)

The Devil And The Deep Blue Sea 2002-07-23
Anonymous

I will never buy it and anyone who is smart won't either. 2002-07-23
Anonymous (1 replies)

I will never buy it and anyone who is smart won't either. 2002-07-25
Anonymous

And even money can be forged.... why not code? 2002-07-25
José Azevedo

Copyright and Anti-piracy laws 2002-07-29
Anonymous

It is time for "security enhanced linux" to be put on the front burner NOW! 2002-07-29
100% of distros should be 100% SE Linux

Privacy Statement
Copyright 2009, SecurityFocus