Security SIG: Whitfield Diffie on InfoSec and EFF on Palladium



  • Presenters

    Whitfield Diffie (bio), Vice-President and Fellow - Sun Microsystems
    Seth Schoen (bio), Staff Technologist, Electronic Frontier Foundation

    InfoSec Presentation Overview

    The first trans-Atlantic radio transmission a century ago gave rise to the modern field of information security. We will look at its progress in its first century and speculate on its direction in the next century.

    Palladium Presentation Overview

    Microsoft's Next-Generation Secure Computing Base (NGSCB or Palladium) will be included in a future version of the Windows operating system. Employing a unique hardware and software architecture, NGSCB will create a protected computing environment inside of a Windows PC-a "virtual vault" that will sit side by side with the regular Windows environment to enable new kinds of security and privacy protections for computers.

    NGSCB is a key milestone on the journey towards Trustworthy Computing, and it is up to developers and security professionals to ensure that we arrive at the right answer for the digital community -- One that balances the user's own privacy, the computer owner's control, computer security, and the protection of Intellectual Property rights.

    EFF's position is that it may be helpful to add hardware features to the PC to improve security, but improving security should always be seen as a matter of enhancing the platform owner's knowledge of and control over the state of the platform. It should not be stretched to include enforcing policies against the platform owner or giving third parties information which helps them enforce policies against the platform owner. Current trusted computing design proposals have gone astray by including support for security models in which the platform owner is treated as an adversary; as a result, these features will be abused to the detriment of computer owners. This problem can be remedied easily by adding features to help platform owners override policies they disapprove.

    About The Presenters:


    First Speaker: Whitfield Diffie -Sun Microsystems

    Whitfield Diffie is vice-president and Fellow at Sun Microsystems, where he has been employed since 1991. As Chief Security Officer, Diffie is the principal exponent of Sun's security vision and is responsible for developing Sun's strategy to achieve that vision.

    Best known for his 1975 discovery of the concept of public key cryptography, Diffie spent the 1990s working primarily on the public policy aspects of cryptography and has testified several times in the Senate and House of Representatives. His position - in opposition to limitations on the business and personal use of cryptography - is the subject of the book, _Crypto_, by Steven Levy of Newsweek. Diffie and Susan Landau are joint authors of the book _Privacy on the Line_, which examines the politics of wiretapping and encryption and won the Donald McGannon Award for Social and Ethical Relevance in communications Policy Research and the IEEE-USA award for Distinguished Literary Contributions Furthering Public Understanding of the Profession.

    Diffie is a fellow of the Marconi Foundation and is the recipient of awards from a number of organizations, including IEEE, The Electronic Frontiers Foundation, NIST, NSA, the Franklin Institute and ACM.

    Prior to assuming his present position in 1991, Diffie was Manager of Secure Systems Research for Northern Telecom, where he designed the key management architecture for NT's PDSO security system for X.25 packet networks.

    Diffie received a Bachelor of Science degree in mathematics from the Massachusetts Institute of Technology in 1965, and was awarded a Doctorate in Technical Sciences (Honoris Causa) by the Swiss Federal Institute of Technology in 1992.


    Second Speaker: Seth Schoen -Electronic Frontier Foundation

    Seth Schoen is one of the lead developers of the LNX-BBC rescue system (formerly the Linuxcare Bootable Business Card). He worked as a Senior Linux Consultant at Linuxcare for two years; he has also been an intern at Toronto Dominion Bank and at the Lawrence Berkeley National Laboratory. His long-time interest in civil liberties led him to his current position as Staff Technologist at the Electronic Frontier Foundation, a non-profit organization based in San Francisco. He has been active in the Bay Area free software community since he moved to the Bay Area in 1997 from Massachusetts.

    Seth has been studying trusted computing for over a year, conducting over a dozen meetings with Microsoft, Intel, AMD, and representatives of the former TCPA and current TCG promoters, as well as independent experts. Seth prepared EFF's position on trusted computing.

    Based in San Francisco, EFF is a donor-supported membership organization working to protect our fundamental rights regardless of technology; to educate the press, policymakers and the general public about civil liberties issues related to technology; and to act as a defender of those liberties. Among our various activities, EFF opposes misguided legislation, initiates and defends court cases preserving individuals' rights, launches global public campaigns, introduces leading edge proposals and papers, hosts frequent educational events, engages the press regularly, and publishes a comprehensive archive of digital civil liberties information at one of the most linked-to websites in the world:

    Event Logistics


    Nokia Internet Communications
    323 Fairchild Dr.
    Mountain View, CA 94043


    6:30-7:00pm registration/networking/refreshments/pizza
    7:00-9:00pm presentation and discussion


    $15 at the door for non-SDForum members
    No charge for SDForum members
    Free to TiE members during the months of Nov/Dec.
    Please call 408.494.8378 for student memberships
    No registration required

    More on the Security SIG....