[iwar] [fc:MS.to.eradicate.GPL,.hence.Linux]

From: Fred Cohen (fc@all.net)
Date: 2002-06-27 05:28:05
Next message: Fred Cohen: "[iwar] [fc:Information.Security.Moves.Front.And.Center.For.Corporations]"
Previous message: Charles Preston: "[iwar] al qaeda and SCADA"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <200206271228.g5RCS5j22652@red.all.net>
To: iwar@onelist.com (Information Warfare Mailing List)
Organization: I'm not allowed to say
From: Fred Cohen <fc@all.net>
Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com
Precedence: bulk
Date: Thu, 27 Jun 2002 05:28:05 -0700 (PDT)
Subject: [iwar] [fc:MS.to.eradicate.GPL,.hence.Linux]
Reply-To: iwar@yahoogroups.com
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 8bit

MS to eradicate GPL, hence Linux
By Thomas C Greene in Washington
Posted: 06/25/2002 at 17:38 EST

Yesterday, as we all know, Microsoft fed an 'exclusive' story about its new
'Palladium' DRM/PKI Trust Machine to Newsweek hack Steven Levy (a guy who
writes without irony of "high-level encryption"), presumably because they
trusted him not to grasp the technology well enough to question it
seriously. His un-critical announcement immediately sparked a flurry of
articles considering what this means to the Windows user base.

And that's as it should be. But my question is, what does it mean to the
Linux user base? 

Well, of course no one knows yet; the Levy article is long on generalized
promises but very short on details. We know that some hardware element will
be involved -- some hardened slice of silicon on the mobo which will
identify the computer and the user, and recognize other computers and their
users. It, or a companion chip, will interface with some manner of PKI,
current or future, so that only 'authorized' applications may run with
privileges. MS wants us to think that the 'authorizer' will be the user, but
we know better: there will undoubtedly be a DRM element in it, and its
authorizations will override yours. There will also be a networking
component, involving an elaborate PKI and vast data warehouses run by MS and
its trusted partners.

So let's say Intel and AMD begin shipping Palladium-compliant boards as MS
begins shipping the software to OEMs and shops. And let's say that the
Redmond spin campaign, persuading users that this is actually for their
benefit, takes hold, and consumer demand for the scheme begins to grow and
eventually becomes a de facto standard, like SSL today, for example.

Got root? 
All right then, how do we get Linux and open-source servers and apps to work
with networks using this master scheme? What changes will be necessary?

The first thing that comes to mind is the difficulty of getting my Apache
Web server to work seamlessly with Harry Homeowner's Windoze box when he
comes to my site for some eminently trustworthy business. Everything I
download to him (and this may even include Web pages -- the scheme is that
far-reaching) will have some manner of digital cert which MS and its family
of cronies will have established beforehand. I don't see a problem here. The
certs will be embedded in the content and I'm merely providing space for it
to reside. Even pages and images can be digitally signed and Harry's box can
simply accept them or not according to rules he's worked out for himself.

But what if Harry needs to transact business and/or send me something? Then
I think it gets tricky for two reasons. First, I have to be able to assure
him that I can't read what he sends (and neither can the script kiddies who
root my site monthly), and second, I'll probably have to pass part of it
along 'safely' (as defined by MS) to some other network under Redmond
suzerainty where the bulk of Harry's whole life's data is stored and
continually updated. And of course I'll need access to that data so I can be
sure Harry is Harry and his Mark of the Beast (or whatever MS will call his
Uniform Identifier) is valid.

So to validate Harry, and to update his Master Data File -- two bits of
business integral to the Palladium scheme -- I'll need hardware, an OS and a
server compliant with Redmond specs. Now MS says they're going to make the
sources to the core of this technology open. But considering Microsoft's
white-knuckled terror of Linux and open source products in general, combined
with its established penchant for mining its products with hidden little
pissers for the competition, I don't think it's paranoid to imagine that I
may have to turn to a packaged product from a major MS partner/collaborator
or a Linux distributor who's gone to the bother of obtaining certs for the
kernel and the apps. But either way we'll have major GPL problems, as we'll
see below. Indeed, this is going to be something of a reductio ad absurdum.

This certification scheme will rip the guts out of the GPL. That is, the
minute I begin tinkering with my software, my ability to interface with the
Great PKI in the Sky will be broken. I'll have a Linux box with a GPL, all
right; but if I exercise the license in any meaningful way I'll render my
system 'unauthorized for Palladium' and lose business. So instead, I imagine
I'll be turning to my vendor for support, updates, modifications and
patches. And I'll be dependent on them for support services at whatever
price they can wheedle out of me because I dare not lose my Palladium
authorization. I wonder if the cost of ownership of an open-source system
will actually be lower than the cost of a proprietary system under such
circumstances. 

If MS can't wipe out Linux, at least they can throw their marketing might
and obscene quantities of cash into the project of castrating and
controlling it by rendering the commons hostile to Linux users who still
have their balls. They can in a sense create a huge market for open/closed
hybrids, just as I imagined above: a system that comes with a GPL which I
dare not exercise, and with considerable costs of both purchase and
ownership. Even Dell might get into the castrated Linux act when they see
what sort of stranglehold the Palladium scheme will enable them to place on
it. 

But here's the diabolical bit. Linux distributors are going to lose big time
if they remain faithful to the GPL. Palladium will either break the GPL, or
if not, break Linux.

Harry's lament 
I fully expect to see Linux on the desktop growing rapidly in the next
several years. The major distros like SuSE and Mandrake are coming along
nicely with classic Harry features like automatic updates. Hardware
detection is getting better by the day. Open Office is rapidly approaching
the point where it imports from and exports to MS office without difficulty.
The 2.4.x kernel is finally showing signs of the 2.2.x's legendary
stability. The KDE desktop is looking sharp and working nicely now with
version 3.0. Mozilla is coming along wonderfully. And now Red Hat says it
intends to commit seriously to the desktop market.

As the obstacles to Windows migration fall away, inherent virtues like
better security and privacy (your Linux box does not automatically connect
to servers at Microsoft whenever you search your hard disk, for example),
freedom to configure, redemption from the MS update crack-addiction, and low
cost of ownership will strike more chords with the computing public.

This terrifies MS as much as the enterprise Lintel phenomenon. And it's not
just cost rationale at play here. There's a revelation in store for users
once they have something to compare their Windows eXPerience against. As
home users come to use and understand Linux, they'll automatically begin to
perceive what a parasite Microsoft really is.

The answer to this will be more parasitism: Palladium is a means of
infesting the commons with hostile digital fauna. As these new services and
applications become more plentiful, the need for the Linux desktop to deal
with them according to Redmond spec will increase as well.

Kernel hackers will have their hands full figuring that one out. How do you
make Linux interface with a security chip in such a way that untrusted
applications are sandboxed without taking root away from the machine's
owner? I think the answer is, 'you can't,' and I imagine Redmond thinks so
too. And what will Palladium mean to application development? More overhead,
that's what. Certification authorities charge for their services. Some
applications in development may have to be scrapped due to the costs of
certification. 

Eventually, as Palladium contagion spreads, the home Linux box will need
certified open-source apps to run DR-managed content. Here goes the GPL
again. So I've got this certified app. Fine. I've got the sources. Fine.
What happens if I decide to build my own binaries? They won't be certified.
They won't work. So what does the GPL mean to me then? It means I can build,
or modify and build, an application which will lack the digital cert which
it needs in order to run the content it was designed to run. Only the
binaries will be certified (as a moment's reflection will make obvious).
This is a nail in the GPL's coffin. Yes, I can improve the app and give away
or maybe even sell my improved version; but first I have to prove that it
qualifies for certification, and second I have to pay for the cert. And when
I release it, source and all, only the certified binary will function.

The entire concept of root will be out the window. If I build my own or
re-compile my existing kernel, my certs won't work. I won't be permitted to
log in to the Microsoft Digital Empire or any of its numerous colonies
because that little chip on my mobo is going to freak out. Now, perhaps,
even my certified apps will fail to run. And I can no longer present my
Uniform Identifier at the digital immigration turnstiles which MS will be
setting up as I meander through cyberspace. "Sorry, we don't know who you
are; you'll have to turn back...."

So how is this going to work in practical terms? Will the distributors
release certified kernels and apps and utilities? I don't see how they can
avoid it. But what happens to the GPL? Will the certification authorities
simply decline to certify the distro if the kernel sources are included? Or
will the machine simply lose its Palladium authorization and fail to work
properly if the kernel is re-compiled or built from external sources?

Either way, the GPL is perverted. Any kernel, utility, application,
whatever, that's designed to be Palladium compliant will have to be
distributed without certified sources. There's simply no way to ensure that
a source archive can only be used to build compliant binaries, unless GCC is
deliberately broken in some radical way and the security hardware won't
allow other compilers to run (except similarly broken ones).

Will there by a hybrid Linux/hardware package coming out to address this? A
sort of black box -- a desktop appliance not unlike a Palladium-enabled
Windoze box -- with no compiler, and only user privileges, and some sort of
hardware chip that prevents modifications to any of the binaries except by
digitally-signed RPMs pre-approved for Palladium compliance? That means
someone else has root on my machine, and of course it would rip the guts out
of the GPL to boot.

It's the very fact that this appears insoluble to me that helps me realize
that MS has put tremendous, careful thought into it. To make the commons
Linux-hostile, MS is taking dramatic steps to make it GPL-hostile. Very
clever and admirably diabolical.

Time for Tuxers to take the gloves off. �

------------------------ Yahoo! Groups Sponsor ---------------------~-->
Free $5 Love Reading
Risk Free!
http://us.click.yahoo.com/3PCXaC/PfREAA/Ey.GAA/kgFolB/TM
---------------------------------------------------------------------~->

------------------
http://all.net/ 

Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
Next message: Fred Cohen: "[iwar] [fc:Information.Security.Moves.Front.And.Center.For.Corporations]"
Previous message: Charles Preston: "[iwar] al qaeda and SCADA"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
This archive was generated by hypermail 2.1.2 : 2003-08-24 02:46:33 PDT