Talk:Next-Generation Secure Computing Base

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Computing  
WikiProject icon This article is within the scope of WikiProject Computing, a collaborative effort to improve the coverage of computers, computing, and information technology on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
 ???  This article has not yet received a rating on the project's quality scale.
 ???  This article has not yet received a rating on the project's importance scale.
 
WikiProject Microsoft  
WikiProject icon This article is within the scope of WikiProject Microsoft, a collaborative effort to improve the coverage of Microsoft on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
 ???  This article has not yet received a rating on the project's quality scale.
 ???  This article has not yet received a rating on the project's importance scale.
 

See /archive 1 for old discussion (which was previously at Talk:Palladium operating system)

Trademark law fallacy[edit]

Correct me im I'm wrong, please.

From the opening paragraph:Microsoft claimed it was because a book publisher of the same name wouldn't allow them to use "Palladium" -- my understanding of trademark law is that if the trademark is for two products from different industry categories, that is in different trademark categories (in this case IT and print-publishing), then its perfectly legal; but my understanding comes from the OSI's claim, not from a formal law text.

So can anybody confirm wether my understanding is correct or not? --Lemi4 18:08, 1 Jan 2005 (UTC)

That's certainly the way trademarks work, but there's always some interpretation involved - for instance, [I think] the browser now known as Firefox was said to be infringing the trademark of a BIOS maker because they were called "Phoenix" and had a product called a "browser"; I'm not sure what it was, but it certainly wasn't a web browser. - IMSoP 20:56, 2 Mar 2005 (UTC)
There's is a book publisher called Palladium Books, and they are known for being dicks when it comes to intellectual property. Why Microsoft would not stick with the name when they seamed, to this non-lawyer at least, to have a very good case and when they can certainly afford the legal fees I can't say. Seano1 05:37, 1 September 2005 (UTC)
Microsoft may have considered it to just be not worth the hassle of going in a (possibly) prolonged fight with Palladium Books over the name. - PeytonWestlake 14:28, 17 November 2005 (UTC)
One suspects that the name 'Palladium' had lost favour at Microsoft and this was a handy excuse to stop using it :) - Lezek
I suspect it is both. Let's not forget the long legal wrangling between Apple and the other Apple. The simple fact is, it's unlikely to be worth for a company like Microsoft to keep a name that's trademarked in some other area even if there seems to be no immediete risk. Either change name or buy out the trademark. Nil Einne 03:30, 14 November 2006 (UTC)
Palladium did turn out to be an Achilles' heal (ahem) for the Troyans...88.77.133.4 (talk) 08:10, 26 October 2009 (UTC)
It also may not be as simple as completely saying that Microsoft and their Palladium are in completely different industry categories from Palladium Books: Palladium Books makes tabletop roleplaying games, which compete directly with games associated with Microsoft products (FASA Corporation's Shadowrun and Mechwarrior series). Complicating matters further, the Macross/Robotech series license has already been the subject of lawsuits between Microsoft and Harmony Gold regarding the Mechwarrior series. So it's exactly the kind of complicated litigation that Microsoft would probably want to avoid, especially if they have hopes of releasing more Mechwarrior games without further legal issues. 71.123.143.51 (talk) 10:02, 1 December 2010 (UTC)

Major rewrite[edit]

This article has been a serious mess for several years, as have been in need of a major rewrite for some time. This is probably at least in large part due to the amount of information and misinformation that has spread about NGSCB and Trusted Computing. For just about every piece of information about the system, there is some conflicting piece of information, often from the same source.

I have spent the last couple of days rewriting this and have tried to verify my facts and keep everything as accurate and neutral as possible. It is differentiated from the article on Trusted Computing because it refers specifically to the Microsoft implementation, although it has been necessary to restate some facts from the Trusted Computing article to keep this one readable and informative.

In rewriting this, I have removed a lot of information that I considered poorly written (and myself somehow unable to rewrite well), inaccurate, out of date or unsupported. I have no doubt been overzealous in some cases, but I trust that other Wikipedians will be co-operative in integrating inappropriately removed material into this edit, rather than simply blindly reverting it.

A list of concerns I have about my own edit which I feel unable to correct:

  • Although the TPM can only store a single cryptographic key securely, secure storage of arbitrary data is by extension possible by encrypting the data such that it may only be decrypted using the securely stored key.: I assume that arbitrary data is not in fact decrypted by the TPM (its limited processing abilities would surely make the transaction far too slow), but that secondary keys are stored encrypted, decrypted by the TPM, passed to the trusted application and then used by the trusted application to do the actual decryption of the target data. Since I am not familiar with the exact mechanism, and the above is simply an educated guess, I have glossed over it in the article :). That said, I have just noticed an article[1] that seems to explain the process in greater depth, and confirms at least some of my speculations.
  • The original article focused on the potential use of NGSCB as a DRM technology. This is clearly not its only use, but all the same I have only listed DRM under 'uses' for now. This badly needs fixing with some other example uses. (Actually, I can easily correct this one for myself, but am out of time for now).

If someone could fix the above problems, or confirm here that they are not problems, I would be grateful. --Lezek

Trademark issue edits[edit]

User:66.92.75.2 removed the sentence "However, this interpretation is inconsistent with trademark law in the US, in which it is usually possible for two or more marks to be held on the same name so long as the rights-holders do not use the marks for trade in the same industry.", on the basis that the possibility of using NGSCB to strengthen copy protection on e-books is a potential crossover area between the business of Microsoft and Palladium books.

I find this an extremely weak argument, because NGSCB itself has nothing inherently to do with DRM or e-books and simply provides secure storage, curtained memory and secure remote attestation. While these things can certainly be built upon to implement secure DRM on e-books (along with many other distasteful things), there is no evidence to suggest that Microsoft would ever have marketed technology which directly implements DRM under the Palladium moniker, and so no evidence to suggest that trademark law would have been a realistic issue.

It is in my opinion far more likely that Palladium was merely an internal codename which was always destined to change, that the name lost favour within Microsoft, that it was changed for political reasons, or any combination of the above.

If someone disagrees adequately to remove the sentence again, however, I will see no need to put it back. --Lezek 04:52, 20 November 2005 (UTC)

Palladiation[edit]

Just encountered this article. Palladiation. Is (or was since the name change) this a real word in use? Since there are no links that that article and google only finds a few hits. Mostly to wiki mirrors. If not, I will put it up for AFD. Garion96 (talk) 19:40, 27 November 2005 (UTC)

Please do. It sounds like someone's pet neologism to me --Lezek 04:24, 28 November 2005 (UTC)
Ok, will do. It's up for afd now. Garion96 (talk) 03:28, 8 December 2005 (UTC)

Looks like Microsoft still says the technology will combat viruses[edit]

I just went to referenced article, and searched for word "virus" and the article says that NGSCB was created primarly for that purpose. I don't know what their site was saying before, but right now that sentence on wikipedia seems to be false. Takeda

Microsoft merely claims that the technology will help antivirus programs, etc, prevent themselves from being corrupted. Specifically, the article says: "With respect to viruses, the contribution from the NGSCB architecture is more straightforward. Since the nexus and NCAs do not interfere with the operation of any program running in the regular Windows environment, everything, including the native operating system and viruses, runs there as it does today. Therefore, users are still going to need antivirus monitoring and detection software in Windows as well. However, the NGSCB architecture does provide features that can be used by an antivirus program to help guarantee that it has not been corrupted. The antivirus software can be grounded in such a way that it can bootstrap itself into a protected execution state, something it cannot do today." [[2]]

Contemporaneity[edit]

"and so will not operate on contemporary PCs." Contemporary means what in this case- PC 2001? MarkMLl (talk) 12:55, 1 June 2008 (UTC)

  • Most modern PCs have a TPM (TCPA spec). According to http://www.research.ibm.com/gsal/tcpa/tcpa_rebuttal.pdf, NGSCB/Palladium requires more hardware than just TPM. TPM provides only sealed key storage that can only be accessed if the software environment is the same as when it was set up (i.e., no rootkits or major OS changes). TPM does not provide curtained memory or as much cryptographic coprocessing as NGSCB seems to require. 24.60.192.190 (talk) 07:19, 22 January 2009 (UTC)

Is NGSCB dead?[edit]

I've spent a hour searching the MSDN site and have not found anything mentioning ngscb or nexus kernel since march 2004. I also searched for curtained memory. Nothing. With two major OS versions (Vista and 7) completed since NGSCB was described, and still no appearance of its features, I suspect that it is dead. It is at least dormant.

Of course, Vista and 7 have the bitlocker drive encryption feature, which depends on the Trusted Computing Module (TPM), but NGSCB was a much larger proposal than mere drive encryption.

Leotohill (talk) 14:39, 11 July 2009 (UTC)

Maybe reference the old page, if it still exists? It seems factual that their page isn't updated, but speculative as to why. My 2¢.

Mmernex (talk) 13:34, 13 July 2009 (UTC)