"Palladium" and TCPA

[Ross Anderson]

Quentin

You can be sure that M$ and friends will use whatever pressures they can
to ensure that they escape legal liability for bugs. You can also be sure
that Palladium won't solve problems like viruses and spam. These are
application issues rather than O/S problems.

Information about Palladium continues to pour in. I can confirm that
there will be mechanisms to revoke content as well as keys; needed, so
Hollywood says, to trash any widely distributed bootleg, and capable of
being indexed by file contents, ID of signing key, ID of machine that
created it, and a number of other options (or combinations). I discussed
this with Lucky Green yesterday and he came up with the delightful term
`document revocation list'. This will clearly get used to suppress porn,
then libel, then goodness knows all what - and bear in mind that a US
court has ruled the Fishman affidavit the copyright of the Scientologists.
How can you expect that it won't appear on everyone's DRL?

There are also going to be mechanisms for secure time. These are needed,
we're told, so that corporations in future can cause all emails to
evaporate after a fixed period of time. Clearly, this would have been of
great help to M$ in the antitrust case, and Arthur Andersen too. (Are you
comfortable with the public policy aspects of this?)

Secure time is also intended to enable offline application rental. In
future, instead of paying $200 for office you might pay 50c per hour. This
can be enforced online simply enough; offline, Fritz comes to the rescue.

There's much, much more. 

Ross