Adam Agnew agnew@cs.umd.edu writes:
The one in question is 6,185,678 http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=...)
That was an interesting read. At least I now have an idea of what Bill was thinking of. Most interesting is that there is not a mechanism for the trust to go both ways. In particular how is the loaded code to know it is running on a trusted system.
In addition there are some fundamental things in his description that I would simply not implement as described. Nastily extending DHCP and TFTP when IPsec could be used. And in general I don't think any trust is needed at all of the Network Packets. Just the loaded image needs to carry a signature that can be verified.
And the description does not address when the system has exploitable bugs. In particular systems like the X-box can be compromised with buffer overflows and other security standard security holes. Allowing an untrusted application to gain special privileges on the machine.
This is not to say that strong/trusted integrity checks of the components of the system are a bad idea. But rather to show that simply loading trusted components does not give a secure system. That requires only trusting bug free software which as an engineering assumption is impossible.
And from my understanding, it's owned by the U of Penn and comes down to their decision when an open source implementation can be released.
The universities playing with ``IP'' and stifling innovation... Sigh.