Vitanuova for 2002 July 5 (entry 1)

The Microsoft meeting

(I am omitting some "sensitive" material, but none of what I omit is material which I think would embarrass Microsoft or expose it to criticism. No part of the meeting was under an NDA or confidentiality agreement.)

Please don't attribute anything below to Microsoft, e.g. in a news article; instead, you should call them to confirm it. I'm just giving my impressions and my understanding based on some fairly sparse notes.

• Peter Biddle at Microsoft began thinking around 1997 about how to protect his bits when they were on someone else's computer. (He was Microsoft's representative at CPTWG and in the DVD-CCA, and was somewhat skeptical of the technical efficacy of software-based DRM.)
• His view, and the view of some of his colleagues, was that they ultimately did not know how to enforce a policy for the use of information when it was kept and used on somebody else's PC. The PC platform did not seem to support this.
• In thinking about this, he decided that "a blob is a blob". ["Blob" is a database term for "binary large object", and roughly means "file", "data structure", or "sequence of bits whose internal structure is unanalyzed".] So, it was not appropriate to think about protecting some bits more than others, or enforcing some kinds of policies but not others. So the protection of privacy was the same technical problem as the protection of copyright, because in each case bits owned by one party were being entrusted to another party and there was an attempt to enforce a policy. Technologically, this could not be done securely with software alone.
• It is hard to imagine how, in software alone, one part of the functionality of a general-purpose operating system can be protected from another part of the functionality of a general-purpose operating system. The existing PC architecture does not support this kind of compartmentalization. Consequently, a virus could potentially access or capture any kind of data (including very sensitive personally identifiable information, financial and medical records, etc.), and redistribute it over a network.
• Similarly, an emulator or debugger could be used to extract copyrighted material and redistribute it or use it contrary to policy.
• The view of some people working on Palladium is that it's appropriate to create technology which would permit each creator of any kind of digital information to set and enforce any policy whatsoever for the use of that information. (If you don't want to abide by the policy, you don't have to accept the information.) There are various subtleties here and some debate about public policy, but the basic assumption is that you have a right to control, if you wish, how other people will use bits you create.
• [Omit some discussion of business models, DRM, file sharing, legislation, etc.]
• Microsoft does not have the desire or means to control any information which is input into a computer via a means beyond the scope of DRM or Palladium (in unencrypted formats such as MP3), and intends to continue supporting such formats.
• Microsoft employees have a broad variety of opinions on legal and technical issues related to copyright enforcement. The company's position is that the use of DRM should be purely voluntary (in the sense in which the industry uses that term; they do not have a public position that the DMCA's anticircumvention provisions need to be modified).
• Microsoft wants to compete with proprietary platforms which offer DRM [to publishers], such as proprietary consumer electronics platforms. Microsoft believes that, if it did not support DRM at all, it would be at a competitive disadvantage relative to proprietary platforms which did.
• The Palladium architecture has been under development since around 1997, and Microsoft holds or has filed for some patents which cover portions of it. At least one of the inventors of the Digital Rights Management Operating System patent is working on Palladium, although we did not discuss whether the DRM OS patent is related to Palladium, whether Microsoft is writing an operating system using the techniques disclosed in that patent, or whether the DRM OS patent covers any parts of Palladium.
• Palladium is distinct from TCPA and has technical differences from TCPA. It has some architectural points in common with TCPA, including, most significantly, the use of "trusted hardware" within a PC in order to establish a root of trust. Both TCPA and Palladium require modifications to existing PC hardware architecture in order to work. In addition, they both require modifications to software in order to use trust features. Both are intended to run existing "untrusted" software without any modifications.
• Palladium would, inter alia, add a new opcode and a new operating mode to the CPU. A portion of the enforcement resides within the CPU itself.
• Microsoft assumed as a design criterion for Palladium that existing versions of Windows should be able to run on a Palladium PC, as should existing Windows applications, as should existing non-Windows operating systems like Linux. There is no attempt to stop people from booting whatever code they currently use or may write in the future. In addition, the hardware trust features can potentially be used by specially-adapted software, regardless of what operating system is running. It is possible to imagine that a Palladium-hardware-aware version of Linux could be created and could make full use of Palladium's hardware features in order to achieve trust comparable to the Windows implementation. Microsoft is only writing an implementation for Windows, but plans to publish all the technical details. (Microsoft has not yet decided about patent policies or stated whether an operating system which used Palladium hardware features would necessarily infringe any of Microsoft's Palladium patents.)
• Microsoft, like chemists, calls Palladium "Pd" for short.
• I'm going to type ":abbr pd Palladium" in vi so that I can stop typing "Palladium" all the time. Hooray for :abbr!
• The initial version of Palladium will require changes to five parts of the PC's hardware. Changes will be required to the CPU, the chipset (on the motherboard), the input devices (e.g. keyboard), and the video output devices (graphics processor). In addition, a new component must be added: a tamper-resistant secure cryptographic co-processor, which Microsoft calls SCP or SPP.
• Although the SCP is tamper-resistant, it is likely that a skilled attacker with physical access to the inside of a Palladium PC can still compromise it or subvert its policies in some way. One possible attack is one I discussed with Ross Anderson last week: you can replace the system RAM with special RAM which allows its contents to be read or modified by an external circuit.
• So it is possible that an attacker with physical access can still compromise the system, even though the SCP is meant to be tamper-resistant, partly because other components (like RAM) are less robust against modification. Palladium primarily defends effectively against two classes of attacks: (1) remote network-mounted attacks (buffer overflows and other programming flaws, malicious mobile code, etc.), because even if some malicious code is installed in one part of the system, it still can't effectively subvert the policy of another part of the system, and (2) local software-based attacks, including things like using a debugger to try to read a program's internal state while it's executing or to try to subvert its policy. Thus, Palladium can probably guarantee that you can't write or download any software (and nobody else can write or upload to you any software) which would compromise the policy of software running locally which is making use of Palladium trust features.
• Although hardware attacks can work, they are probably not portable from one machine to another. This is especially interesting for users of DRM -- even though one user can launch an expensive and successful attack, that user can't publish an inexpensive software-based technique or HOWTO which would enable others to reproduce this attack cheaply. (Cue reference to Bunnie's X-BOX reverse engineering paper, where he suggests that his inexpensive attack on the X-BOX can yield portable techniques which can be used by others inexpensively, but that the X-BOX could have been designed so that his attack was not readily portable to other machines.)
• Palladium's changes to the CPU allow it to be placed into a new mode where certain areas of memory are restricted via a technique called "code curtaining" to an ultra-privileged piece of code called the "nub" or "TOR". ("Nub" is the Palladium team's term for this code, and "TOR", for "Trusted Operating Root", is the official public term.) The nub is a kind of trusted memory manager, which runs with more privilege than an operating system kernel. The nub also manages access to the SCP.
• The SCP is an 8-bit tamper-resistant cryptographic smart-card which contains unique keys, including public keypairs (2048-bit RSA), and symmetric keys for AES in CBC mode. These keys are unique per machine and the SCP does not reveal them to anything outside the SCP's security perimeter. It also contains a variety of other cryptographic functionality, including SHA-1, RSA, AES, and other cipher implementations, a small amount of memory, and a monotone counter. The SCP can do a number of cryptographic protocols. It also contains a thing called a PCR. (I think that stands for "platform configuration register".)
• When you want to start a Palladium PC in trusted mode (note that it doesn't have to start in trusted mode, and, from what Microsoft said, it sounds like you could even imagine booting the same OS in either trusted or untrusted mode, based on a user's choice at boot time), the system hardware performs what's called an "authenticated boot", in which the system is placed in a known state and a nub is loaded. A hash (I think it's SHA-1) is taken of the nub which was just loaded, and the 160-bit hash is stored unalterably in the PCR, and remains there for as long as the system continues to operate in trusted mode. Then the operating system kernel can boot, but the key to the trust in the system is the authentication of the nub. As long as the system is up, the SCP knows exactly which nub is currently running; because of the way the CPU works, it is not possible for any other software to modify the nub or its memory or subvert the nub's policies. The nub is in some sense in charge of the system at a low level, but it doesn't usually do things which other software would notice unless it's asked to.
• Palladium's authenticated boot is simpler than TCPA's version, because only a single hash (or "measurement", in TCPA language) is taken. Palladium does not attempt to "measure" the hardware, BIOS, boot loader, OS kernel, etc., or at least not within the SCP. In TCPA, several separate hashes will be taken and stored in secure registers.
• The nub interfaces with other software on the system by means of programs (outside the nub) called trusted agents (or TAs). The TAs can implement sophisticated policies and authentication methods, where the nub (and SCP) just implement fairly simple primitives. A TA can also communicate with user-space programs (at least, that will be a feature of Microsoft's nub; other people can write their own nubs which can support different kinds of TAs or even do without TAs entirely). The TAs are protected by hardware from one another and from the rest of the system.
• Even PCI DMA can't read or write memory which has been reserved to a nub's or TA's use (including the nub's or TA's code). This memory is completely inaccessible and can only be accessed indirectly through API calls. The chipset on the motherboard is modified to enforces this sort of restriction.
• The SCP provides a feature called "sealed storage" by means of two API calls (called SEAL and UNSEAL). The Microsoft nub provides more complicated wrappers around these calls; using the Microsoft wrappers, you can have features like "migration strategy" or "migration policy" (allowing at least three different policies for how encrypted data can be moved from one machine to another). If a TA running on a system in trusted mode wants to use sealed storage, it can call into the APIs implemented in the nub.
• Sealed storage is implemented by means of encryption (sealing) or decryption (unsealing) with a symmetric cipher (probably AES in CBC mode). When the SCP is given data to seal, it's given two arguments: the data itself and a 160-bit "nub identifier" (which is the SHA-1 hash of some nub and so uniquely identifies that nub).
• Sealing is performed by prepending the nub identifier to the data to be sealed, and then encrypting the result with a private symmetric key -- I want to call this the "platform-specific key", which varies from machine to machine and is secret. (I don't remember whether "platform-specific key" is Microsoft's term for this.) That key is kept within the SCP and is a unique identifier for the machine which performed the sealing operation.
• The SCP actually also prepends a random nonce to the data to be sealed before encryption (and discards the nonce upon decryption). This is a clever privacy feature which prevents someone from creating an application which "cookies you" by recording the output of sealing an empty string (and then using the result as a persistent unique identifier for your machine). A program which tried to "cookie you" this way would find that, because of the random nonce, the result of sealing a given string is constantly completely different, and no useful information about the identity of the machine is revealed by the sealing operation.
• After encryption, the SCP returns the encrypted result as the return value of the SEAL operation.
• When an SCP is given encrypted data to UNSEAL, it internally attempts to decrypt the encrypted data using its platform-specific key. This means that, if the encrypted data was originally sealed on a different machine, the UNSEAL operation will fail outright immediately. (You can't take a sealed file and transfer it to another machine and unseal it there; because the platform-specific key is used for encryption and decryption, and can't be extracted from the SCP, you can only UNSEAL data on the same machine on which it was originally SEALed.)
• If the decryption is successful, the SCP performs a second check: it examines the nub identifier which resides within the decrypted data. The nub identifier was specified at the time the data was originally SEALed, and indicates which nub is allowed to receive the decrypted data. If the nub identifier for the decrypted data is identical to the nub identifer which is currently stored in the PCR (which is the SHA-1 hash of the currently-running nub on the machine at the moment UNSEAL was called), the UNSEAL is successful and the decrypted data is returned to the calling nub. However, if the nub identifier does not match the contents of the PCR, the SCP concludes that the nub which is currently running is not entitled to receive this data, and discards it.
• Thus, sealing is specific to a physical machine and also specific to a nub. Data sealed on one machine for a particular nub cannot be decrypted on a different machine or under a different nub. An application which trusts a particular nub (and is running under that nub) can seal important secret data and then store the resulting sealed data safely on an untrusted hard drive, or even send it over a network.
• If you reboot the machine under a debugger, there is no technical problem, and you can debug the software which created the encrypted file. However, since you aren't running the proper (non-debugger-friendly) nub, the debugger will work, but the UNSEAL call won't. The SCP will receive the UNSEAL call, examine the PCR, and conclude that the currently-running nub is not cleared (so to speak) to receive the sealed data. Your applications can only decrypt sealed data if they are running under the same machine and under the same software environment within which they originally sealed that data!
• This is remarkably clever. When you are running under a trusted nub, your applications can use the SCP to decrypt and process data, but you can't run software which subverts a TA's policy (because the nub will not permit the policy to be subverted).
• When you are not running under a trusted nub, you can run software which subverts a TA's policy (because the nub isn't able to prevent it), but your applications will no longer be able to decrypt any sealed data, because the SCP won't be willing to perform the decryption.
• There is a long discussion of how you can make a backup, or upgrade your system, or migrate your software and data to a new system, etc. The default with sealed storage is that any sealed data will be unusable when migrated to a new system. (Thus Ross Anderson mentioned that you can't easily leak a document to a reporter, because if the document is sealed for use only on your PC, the reporter's PC will be unable to decrypt the document.)
• The Microsoft nub provides wrappers around the SCP's sealing features which allow the software which performs the sealing operation to specify a migration policy at the time the sealing operation is originally performed. The migration policy can be (approximately) one of the following, at the software's sole option: (1) Migration is prevented entirely, and the data must die with the current PC where it was created. (2) Migration is permitted upon some kind of authentication by a local user (e.g. a password) which will decrypt or command the decryption of data temporarily in order to permit it to be migrated. (3) Migration is permitted with the assistance and consent of a 3rd party -- e.g. in DRM applications, the DRM software might have to "phone home" to get consent and decryption keys which will permit a file to be decrypted temporarily in order to permit it to be migrated. This last option might be called a key escrow application, although it's not technically parallel to something like the Clipper Chip, because it doesn't facilitate wiretapping or threaten communications privacy.
• Palladium's modifications to input and output hardware will prevent software from doing certain kinds of monitoring and spoofing, as well as "screen scraping". A program will be able to ask Palladium to display a dialog box which can't be "obscured" or "observed" by other software, and Palladium hardware can enforce these conditions. And there is a way to be sure that input is coming from a physical input device and not spoofed by another program. This is probably also comparable to the "physical presence detection" in TCPA, which tries to ascertain whether a user is physically present (which is a requirement in order for certain security-sensitive things to happen).
• The secure output features also permit, e.g., a DVD player program to prevent other software from making screen captures. The initial version of Palladium does not control audio output in this way, so you can still record all sound output via something like TotalRecorder. (Microsoft also has an initiative called Secure Audio Path which could potentially restrict that, but SAP isn't part of Palladium proper. The Palladium secure output features are currently totally video-specific.)
• We didn't talk much about the details of how TAs communicate with user-space programs, which is key to how a programmer would actually use Palladium features. We also didn't talk about whether there is some kind of authentication of a kernel or precisely which traditional kernel features are taken over by the nub. Microsoft did say that most things which are currently in the kernel will remain in the kernel.
• In principle, nub and kernel are independent, so a non-Microsoft kernel could run on a Microsoft nub, or vice versa. Patent and copyright issues might prevent this from being done in practice, but it is apparently technically possible within the design of Palladium.
• Microsoft's nub, including its source code, will be published for review by anyone who wants to examine it, in order to allow all of Microsoft's claims about its security properties to be verified. There is no part of Palladium's design or code which needs to be kept secret, although each SCP will contain secret cryptographic keys loaded at the time of its manufacture. Microsoft will encourage non-Microsoft people to read and discuss its nub. You will also be able to create your own nub, except that changing the nub will (as discussed above) prevent previously-sealed data from being decrypted.
• If you choose to allow people on the network to tell which nub you are running, they can probably find out in a way you can't fake (using a cryptographic protocol). You can refuse to tell them, but if you do choose to tell them, you will not be able to lie about it (except maybe if you know a way to tamper with the hardware). This is like TCPA; critics note that many entities which use Palladium might assume by default that any non-Microsoft nub is untrustworthy, which would make it very inconvenient to change your nub from the Microsoft-supplied default.
• Your nub's identifier is not a unique identifier for your machine, because it is the same as everyone else's nub. Palladium does not create any remotely-visible unique identifier for your machine, and actually contains some features to try to avoid inadvertently disclosing a unique identifier. There is a concept of an "identity server" which is a separate service which issues you some kind of identity credential which uses Palladium and may or may not reveal particular personal information. (I didn't get a lot of details on how identity servers would work or who would run them.)
• Microsoft suggests that Palladium is flexible enough that many entities could use it to create their own policies, judgments, certification services, etc. That part of the discussion reminded me in some ways of PICS and P3P, although Palladium has a more robust technical enforcement mechanism than either of those standards.

We talked about lots of other things, but that's all I have notes on.

I also wrote a message to the cryptography list in response to someone who wondered whether Palladium would prevent you from writing your own programs and scripts:

> * or are not able to use shell scripts (at least not in
>   trusted context). This means a
>   strict separation between certified software and data.

The latter is closest to what's intended in Palladium. Individual programs using Palladium features are able to prevent one another from reading their executing or stored state. You can write your own programs, but somebody else can also write programs which can process data in a way that your programs can't interact with.

The Palladium security model and features are different from Unix, but you can imagine by rough analogy a Unix implementation on a system with protected memory. Every process can have its own virtual memory space, read and write files, interact with the user, etc. But normally a program can't read another program's memory without the other program's permission.

The analogy starts to break down, though: in Unix a process running as the superuser or code running in kernel mode may be able to ignore memory protection and monitor or control an arbitrary process. In Palladium, if a system is started in a trusted mode, not even the OS kernel will have access to all system resources. That limitation doesn't stop you from writing your own application software or scripts.

Interestingly, Palladium and TCPA both allow you to modify any part of the software installed on your system (though not your hardware). The worst thing which can happen to you as a result is that the system will know that it is no longer "trusted", or will otherwise be able to recognize or take account of the changes you made. In principle, there's nothing wrong with running "untrusted"; particular applications or services which relied on a trusted feature, including sealed storage (see below), may fail to operate.

Palladium and TCPA both allow an application to make use of hardware-based encryption and decryption in a scheme called "sealed storage" which uses a hash of the running system's software as part of the key. One result of this is that, if you change relevant parts of the software, the hardware will no longer be able to perform the decryption step. To oversimplify slightly, you could imagine that the hardware uses the currently-running OS kernel's hash as part of this key. Then, if you change the kernel in any way (which you're permitted to do), applications running under it will find that they're no longer able to decrypt "sealed" files which were created under the original kernel. Rebooting with the original kernel will restore the ability to decrypt, because the hash will again match the original kernel's hash.

(I've been reading TCPA specs and recently met with some Microsoft Palladium team members. But I'm still learning about both systems and may well have made some mistakes in my description.)

I'm also ignoring, for the time being, my attacks on Peter Biddle's "a blob is a blob" and "privacy = content protection" claims. That topic is interesting to me, but not necessarily urgent for people who are looking for more information on Palladium. But you should read his and Paul England's presentations from WinHEC.

---

Links from other weblogs:

Sat Nov 15 14:43:33: Free gay chat with video. from Free gay chat with video.

Free gay chat with video.

Sat Nov 15 16:27:25: Highest poker australia. from Highest poker australia.

Highest poker australia. Australia poker.

Sun Nov 16 01:12:27: Australia poker. from Highest poker australia.

Highest poker australia. Australia poker.

Sun Nov 16 10:02:17: Tramadol hci online buy cheap tramadol hci online. from Buy tramadol online cod.

Buy tramadol.

Sun Nov 16 18:48:10: Australia poker. from Australia poker.

Highest poker australia.

Mon Nov 17 12:50:39: Australia poker. from Australia poker.

Australia poker.

Tue Nov 18 05:01:46: Buy tramadol. from Buy tramadol.

Buy tramadol.

Tue Nov 18 23:38:03: College loan corporation. from College loans not teri loan.

College loans not teri loan.

Wed Nov 19 13:01:10: Buy no phentermine prescription. from Phentermine no prescription.

Phentermine without a prescription. No prescription phentermine. Phentermine 37.5 180 doses no prescription. Phentermine prescription. Buy phentermine online no prescription. Phentermine no prescription.

Thu Nov 20 08:50:29: Live gay live gay sex free gay live video sex chat. from Free gay chat with video.

Free gay chat with video. Calico film music design free gay video chat guys.

Fri Nov 21 07:44:15: Phendimetrazine order phentermine adipex tramadol. from Order tramadol.

Brand ultram order ultram tramadol pain medicine. Phendimetrazine order phentermine adipex tramadol. Order tramadol.

Fri Nov 21 09:02:33: Buy hydrocodone online. from Buy hydrocodone no prescription.

Buy hydrocodone online. Buy hydrocodone on the internet. Buy hydrocodone without a prescription.

Sat Nov 22 15:16:11: Highest poker australia. from Highest poker australia.

Highest poker australia. Australia poker.

Sun Nov 23 18:57:16: Golden river online casino. from Craps strategy from golden palace online casino.

Craps strategy from golden palace online casino.

Mon Nov 24 04:25:10: Order tramadol. from Brand ultram order ultram tramadol pain medicine.

Brand ultram order ultram tramadol pain medicine. Phendimetrazine order phentermine adipex tramadol. Order tramadol.

Mon Nov 24 14:43:26: Buy auto insurance online. from Cheapest auto insurance online.

Cheap auto insurance online. Online auto insurance quotes. Auto insurance online. Cheapest auto insurance online.

Mon Nov 24 23:07:58: Drugs online cheap hydrocodone buy. from Drugs online cheap hydrocodone buy.

Hydrocodone ovwenight cheap no medical records.

Tue Nov 25 14:43:38: Cheap phentermine free sh. from Buy cheap phentermine cod.

Cheap phentermine. Buy cheap phentermine onli ne. Phentermine cheap. Buy cheap phentermine online. Cheap phentermine free sh. Cheap phentermine diet pill.

Tue Nov 25 23:08:39: Metformin for antidepressant weight gain. from Antidepressant drugs.

Antidepressant solution. Withdrawl from antidepressant. Drug holidays for antidepressant. Morphine addiction antidepressant. Pregnizone and antidepressant drug interaction. Allegra antidepressant effect. Movie antidepressant.

Fri Nov 28 03:06:10: Discount phentermine. from Discount phentermine.

Discount phentermine. Discount phentermine prescription. Discount online phentermine.

Mon Dec 01 19:09:36: Free ringtone canada. from Free ringtone downloads for samsung.

Mp3 ringtone free wap.

Fri Dec 05 22:49:10: Online casino games. from Online baccarat casino games.

Online casino games. Play free casino games online. Play online casino games. Free online casino games. Awp casino games online.

Sat Dec 06 20:46:03: Buy hydrocodone no prescription. from Hydrocodone no prescription.

Prescription drug hydrocodone apap 7.5 325 tb. Hydrocodone without prescription. Buy hydrocodone no prescription. Purchase hydrocodone without a prescription. Hydrocodone no prescription. Buy hydrocodone without a prescription.

Sun Dec 07 05:21:01: Denver ephedra lawyer. from Colorado ephedra lawyer.

Ephedra weight loss products. Firelean with ephedra.

Sun Dec 07 19:25:39: Buy tramadol online cod. from Buy tramadol online cod.

Tramadol online at lowest price on the web. Buy tramadol online cod.

Mon Dec 08 04:34:39: Phentermine no prescription free shipping. from Order phentermine prescription.

No prescription phentermine. Phentermine no prescription. Buy phentermine no prescription.

Mon Dec 08 14:29:25: How long does it take for prozac to wear off. from Prozac and pregnancy.

Prozac and alcohol. Prozac nation movie. Menopause prozac. Prozac used for. Prozac weight gain. Prozac.

Mon Dec 08 23:47:27: Ultram abuse. from Ultram.

Buy ultram cheapest site. Ultram tramadol. Buy ultram international pharmacy. Ultram.

Tue Dec 09 08:19:05: Instant payday loan. from Instant payday loan.

No faxing payday instant payday loan. Instant payday loan.

Tue Dec 09 18:17:47: Cheap tramadol prescriptions online. from Buy tramadol online from discount pharmacy store.

Buy tramadol at a cheap price online. Cheap tramadol prescriptions online.

Wed Dec 10 02:49:19: Best casinos guide. from Aicpa industry audit guide on casinos.

Best casinos guide. Aicpa industry audit guide on casinos. Miami south florida casinos aol city guide. Online casino guide and online casinos news. Bigcasinolist com a world guide to casinos.

Wed Dec 10 11:26:58: Cheap phentermine. from Cheap phentermine.

Cheap phentermine.

Wed Dec 10 20:17:07: Connecticut ephedra attorneys. from Hartford ephedra attorneys.

Ephedra is it legal. Ephedra. Herbal stimulant ephedra alternative. Georgia ephedra attorneys. Ephedra ban illegal to posses.

Thu Dec 11 04:55:41: Phentermine dosage. from Phentermine.

Cheap phentermine. Adipex phentermine vs. Phentermine pill.

Thu Dec 11 18:32:53: Guaranteed no faxing payday loans. from Payday loans.

Payday loans. No faxing needed payday loans.

Fri Dec 12 03:16:10: Online casino guide and online casinos news. from Aicpa industry audit guide on casinos.

Aicpa industry audit guide on casinos. Casinos aicpa audit and accounting guide. Online casino guide and online casinos news. Bigcasinolist com a world guide to casinos.

Fri Dec 12 16:06:41: Phentermine 37 5mg. from Phentermine 37 5mg.

37.5 90 phentermine no fees. Buy phentermine 37.5 overnight. Phentermine 37.5. Phentermine 37 5. Phentermine 37.5 mgs. Phentermine 37.5 grams cheap no doctor. Best prices on phentermine 37.5 mg without rx.

Sat Dec 13 00:43:56: Ephedra. from Fat burners with ephedra.

Ephedra solaray. Buy ephedra online drugstores yellow swarms. Ephedra cla products. Stacker with ephedra. Diet ephedra pill. Ephedra.

Sat Dec 13 16:24:56: Order valium. from Order valium.

Order valium.

Sun Dec 14 01:50:58: Ephedra. from Ephedra.

Ephedra products. Ephedra is it legal. Ephedra based. Ephedra appeite suppress. Lipodrene with ephedra. Thermogen ephedra. Ephedra. Ephedra bulk.

Sun Dec 14 16:28:30: Amoxicillin for your pet. from What is amoxicillin used for.

Amoxicillin. Amoxicillin online homepage.

Mon Dec 15 02:04:19: Percocet addiction. from Percocet.

Percocet signs of abuse. No prescription percocet. Long term use of percocet.

Mon Dec 15 20:05:59: Purchase ephedra online. from Where can i purchase ephedra.

Georgia ephedra attorneys. Colorado ephedra lawyer. Hunt on for ephedra substitutes cbs news. Ephedra.

Tue Dec 16 04:51:08: Amoxicillin. from Amoxicillin for acne.

Can i have a beer if i m taking amoxicillin. Amoxicillin no prescription.

Tue Nov 17 16:06:26: Pam cooking spray. from Pam cooking spray.

Pam cooking spray.

Tue Nov 17 20:54:10: Pioneer cooking. from Pioneer cooking.

Pioneer cooking.

Wed Nov 18 17:56:37: Cooking materials. from Cooking materials.

Cooking materials. Kitchen and cooking materials.

Thu Nov 19 09:24:55: Heating with cooking stove. from Heating with cooking stove.

Heating with cooking stove. Best heating and cooking wood stove.

Fri Nov 20 06:59:23: Cooking patty pan squash. from Cooking patty pan squash.

Cooking patty pan squash.

Wed Dec 16 09:59:49: Microwave cooking chart. from Microwave fresh vegetable cooking chart.

Microwave cooking chart. Time chart for microwave cooking.

Mon Dec 21 22:32:28: Freezer bag cooking. from Freezer bag cooking boiling.

Freezer bag cooking boiling. Freezer bag cooking.

Tue Dec 22 22:04:12: Cooking bacon in oven. from Cooking bacon in the oven.

Cooking bacon in oven. Cooking bacon in the oven.

Sat Dec 26 00:54:45: French cooking terms. from French cooking terms.

French terms used in cooking. French cooking terms.

Thu Jan 28 23:55:07: Cooking school camping recipes. from Cooking school camping recipes.

Cooking school camping recipes. Camping cooking recipes.

Fri Jan 29 10:17:19: Cooking california lobster. from Cooking lobster tails.

Cooking lobster. Cooking lobster tails. Lobster cooking. Cooking lobster tail.

Sun Jan 31 16:08:06: Bbq cooking grids. from Bbq cooking grids.

Bbq cooking grids.

Mon Feb 01 12:09:33: Cooking lutenica. from Cooking lutenica.

Cooking lutenica.

Tue Feb 02 16:34:42: Cooking with marijuana. from Cooking with marijuana.

Cooking with marijuana. Marijuana oil cooking recipe. Marijuana cooking recipes.

Wed Feb 03 08:52:02: No cooking chocolate candy recipes. from Chocolate candy recipes no cooking.

No cooking chocolate candy recipes. Chocolate candy recipes no cooking.

Wed Feb 03 17:41:20: Turkey breast cooking. from Turkey breast and cooking time.

Cooking turkey breast. Turkey breast cooking. Turkey breast cooking time. Turkey breast cooking directions. Cooking a turkey breast.

Sat Feb 06 08:07:03: Irish cooking school. from Irish cooking school.

Irish cooking school. Irish cooking recipes.

Sun Feb 07 22:51:10: Cooking network. from Campfire cooking rfd network.

Home cooking network. Food network cooking q amp a. Cooking network. Food network almost home cooking. Food network paulas home cooking.

Thu May 27 15:21:39: Vicodin. from Next day delivery vicodin.

Vicodin.

Fri May 28 21:19:48: Ativan. from Ativan.

Ativan. Rme ativan. Ativan half life. Order ativan online consultation. Ativan medicine.

Sat May 29 02:10:20: Adderall xr side effects. from Adderall.

Adderall coupon. Adderall hematuria. Adderall side effects. Snorting adderall effects. Adderall xr heart. Adderall.

Sat May 29 19:00:16: Diazepam no prescription needed. from Diazepam no prescription needed.

Diazepam withdrawal. Diazepam. Diazepam no prescription needed. Cheap diazepam.

Sun May 30 20:29:20: Vicodin. from Signs of vicodin addictio.

Vicodin.

Mon May 31 20:36:29: Tadalafil. from Tadalafil.

Tadalafil. Stamina rx tadalafil. Generic tadalafil us pharmacy. Buy tadalafil. Tadalafil fedex.

Tue Jun 01 23:28:19: Azithromycin endocytosis. from Azithromycin buy.

Plus azithromycin. Azithromycin buy. Azithromycin. Azithromycin for urethritis.

Wed Jun 02 20:44:19: Lorazepam. from Lorazepam.

Lorazepam. Can xanax be replace with lorazepam.

Thu Jun 03 21:23:10: Soma sun pilates. from Soma.

Soma next day. Soma drug test. Effects of soma. Buy cheap soma. Buy soma online. Soma.

Fri Jun 04 22:05:32: Ativan data. from Ativan.

Ativan dosage. Ativan.

Sat Jun 05 16:28:18: Butalbital. from Purcase butalbital with no prescription.

Butalbital apa caffeine tablets.

Sun Jun 06 08:29:05: Hair loss nizoral. from Nizoral 2 armour.

Nizoral cream and pills at the same time.

Sun Jun 06 23:37:46: Atlanta accutane attorneys. from Accutane lawyers southern california.

Accutane attorneys. Georgia accutane lawsuits. Connecticut accutane lawyers. Accutane acne treatment http. Accutane message boards. Accutane.

Mon Jun 07 23:14:51: Fioricet plain pill. from Fioricet.

Generic fioricet low prices amp fast delivery. Fioricet. Fioricet free shipping. Cheapest fioricet.

Tue Jun 08 17:44:34: Abilify. from Abilify.

Abilify. Abilify causing mouth sores.

Tue Jun 08 22:57:33: Oxycodone extraction. from Oxycodone.

What is oxycodone. Oxycodone withdrawl symptoms. Buy oxycodone. Drug oxycodone.

Wed Jun 09 16:45:57: Ativan. from Lorazepam ativan information and resources.

Www.weird skin sensations from rx ativan. Ativan. Ativan side affects. Ativan no prescription.

Thu Jun 10 09:50:17: Oxycontin addiction. from Oxycontin addiction.

Oxycontin addiction. Oxycontin.

Fri Jun 11 09:40:10: Prilosec. from Prilosec suspension.

Prilosec. Prilosec coupons. Prilosec alzheimer's.

Sat Jun 12 00:38:57: Tramadol. from Comparative potencies of opioids tramadol.

Canine tramadol. Tramadol. Tramadol no rx 180 pills.

Sun Jun 13 01:40:35: Atarax side effects. from Atarax.

Atarax itching. Holistic supplement for atarax. Atarax side effects.

Sun Jun 13 17:17:59: Commit suicide on xanax. from Buy generic xanax information.

Buy xanax. 2mg xanax order. Xanax. No prescription xanax. Xanax side effects. Buy cheap xanax without prescription.

Mon Jun 14 09:19:19: Oxycodone. from Buy oxycodone without prescription.

Oxycodone dosages. Oxycodone withdrawl symptoms. Oxycodone stomach problems. Oxycodone side effects. Oxycodone with apap. Oxycodone. 80 my oxycodone.

Tue Jun 15 01:21:03: Imodium. from Imodium.

Imodium. Directions for taking imodium advanced.

Tue Jun 15 17:31:19: Crestor. from Side effects of crestor.

Crestor weakness tired. Wyoming crestor attorney. Crestor. Crestor problems. Crestor side effects ratings and patient comments.

Wed Jun 16 09:30:51: Atarax. from Anticholinergic effects of atarax.

Atarax 25mg. Holistic supplement for atarax. Atarax side effects. Atarax.

Thu Jun 17 01:06:51: Adderall in mexico. from How much adderall can you inject.

Buy wholesale adderall. Buy adderall without a prescription. Adderall.

Thu Jun 17 17:59:17: Butalbital in pregnancy. from Butalbital.

Butalbital vicoprofen. Butalbital order online. Fiorinal butalbital aspirin caffeine for migraines. Butalbital order. Cheap butalbital. Butalbital. Side effects of butalbital.

Fri Jun 18 10:24:06: Compare darvocet and percocet. from Percocet withdrawal.

Percocet. Order percocet online.

Sat Jun 19 12:14:13: Diflucan. from Diflucan.

Diflucan side effects. Diflucan. Diflucan rebate.

Sat Jun 19 20:25:10: Oxycodone. from Oxycodone addiction.

Oxycodone morphine abuse.

Sun Jun 20 11:56:31: Benicar reviews. from Benicar side effects.

Benicar.

Mon Jun 21 03:14:23: Lortab no prescription. from Lortab prescription online.

Lortab withdrawal. Lortab. Lortab addiction. How to snort lortab.

Mon Jun 21 19:59:28: Azithromycin and aids patients. from Buy azithromycin doxycycline.

Azithromycin alcohol. Azithromycin.

Tue Jun 22 11:26:06: Imodium for kids. from Ph level of imodium.

Imodium. Imodium a-d. Imodium 2 mg 12 ea johnson johnson. What is in imodium.

Wed Jun 23 04:01:07: Ambien. from Ambien side effects.

Generic ambien.

Wed Jun 23 20:14:01: Allegra withdrawal. from Allegra side effects.

Allegra drumset. Allegra and geographic tongue. Allegra goodman. Allegra beck healthy.

Thu Jun 24 19:57:42: Neurontin and kidney problems. from Neurontin.

Neurontin and depression. Life of side-effects on neurontin. Neurontin anxiety. Neurontin 100mg. Neurontin arm numbness. Neurontin. Neurontin side effects.

Fri Jun 25 20:38:11: Prevacid. from Generic brand prevacid.

Prevacid--side effects. When is best time to take prevacid. Prevacid solutab. Prevacid.

Sat Jun 26 15:10:33: Inderal. from Inderal.

Inderal for varrucae treatment. Inderal side effects. Inderal. Recent shortage of rx inderal la. Inderal la. Inderal ptsd.

Sat Jun 26 20:23:54: Diflucan 806. from Diflucan.

Diflucan. Diflucan rebate. Sex during diflucan.

Sun Jun 27 13:17:14: Duphaston. from Duphaston.

Duphaston.

Mon Jun 28 06:01:38: Tamiflu. from Buy tamiflu.

Buy tamiflu. Tamiflu.

Mon Jun 28 21:19:50: Aricept. from Aricept plant.

Effectiveness of aricept. Aricept plant bulb. Aricept and namenda.

Tue Jun 29 14:16:19: How to use clomid. from Clomid and twins.

Normal fsh levels for clomid challenge. Clomid stats multiple pregnancy. Clomid success rates. Starting clomid without provera.

Wed Jun 30 05:43:07: Diovan com mechanism of action. from Avelox diovan contraindicated.

Diovan generic. Diovan com mechanism of action. Overdose on diovan. Diovan used for. Diovan. Diovan hct.

Wed Jun 30 21:30:38: Robaxin. from Robaxin.

Robaxin side effects. Robaxin. Robaxin generic. Robaxin dosage.

Thu Jul 01 14:12:46: Avelox diovan contraindicated. from Diovan generic.

Is diovan an ace inhibitor. Diovan blood pressure medication. Diovan. Side effects of diovan medicine. Diovan hct.

Fri Jul 02 05:22:20: Atacand hct prices. from Atacand.

Atacand.

Fri Jul 02 23:46:29: The making of premarin. from Premarin vaginal cream.

Civil suits premarin prempro ongoing. Premarin. The making of premarin. History of premarin.

Sat Jul 03 07:41:08: Kamagra. from Kamagra.

Kamagra usa. Kamagra.

Sat Jul 03 12:57:55: Keflex. from Keflex.

Keflex drug interaction. Keflex. What is keflex used for. Keflex derived from sulfur.

Thu Jul 29 12:19:32: Clomid. from Clomid early ovulation.

Clomid no pregnancy.

Fri Jul 30 03:49:52: Adipex p phentermine ecureme com. from Adipex.

Adipex p phentermine ecureme com.

Fri Jul 30 19:31:33: Fioricet. from Fioricet.

Fioricet watson. How long does fioricet show up in blood work. Fioricet free shipping. Fioricet lexapro. Fioricet information from drugs com. Cheapest fioricet.

Sat Jul 31 07:33:30: Amoxicillin shelf life. from Amoxicillin pregnancy.

Amoxicillin safe when pregnant.

Sat Jul 31 19:43:29: Azithromycin skin rash treatment. from Azithromycin syrup patent.

Stronger than azithromycin. Azithromycin. Azithromycin 1g. Azithromycin overdose.

Sun Aug 01 16:54:28: Cheap viagra. from Buy viagra uk.

Cheap viagra. Discount viagra.

Sun Aug 01 23:46:16: Ephedra. from Ephedra products for sale.

Denver ephedra attorney. Ephedra near herb. Ephedra. Diet fuel ephedra.

Mon Aug 02 14:45:40: Soma muscle relaxant. from Drug soma cause any sexual side effects.

Soma side effects. Soma drug history. Best online pricing for soma. Coupons for soma by chicos. Soma labs serogen.

Tue Aug 03 02:40:17: Clomid. from Buy clomid.

Clomid multiple pregancy. Clomid. Clomid and false pregnancy. Clomid success rates. 5 onths on clomid. Clomid and twins.

Tue Aug 03 04:45:08: Ativan medicine. from Order ativan online consultation.

Lorazepam ativan information and resources. Can you give ativan to a dog.

Tue Aug 03 16:56:22: Cheapest cialis. from Cialis.

Buy cialis online.

Wed Aug 04 06:26:06: Ambien. from Ambien addiction.

Ambien online. Ambien. Discount ambien. Ambien hallucinations dizziness.

Wed Aug 04 18:50:27: Alprazolam long term use. from Alprazolam gaba.

Alprazolam. Cheap 2mg alprazolam.

Wed Aug 04 21:50:45: Ephedra pills. from Where to buy ephedra.

Twinlab diet fuel with ephedra. Ephedra ban illegal to posses.

Thu Aug 05 09:54:11: Adderall side effects. from Buy adderall online.

Snorting adderall. Inject adderall. Adderall.

Thu Aug 05 13:56:26: Lorazepam. from Conversion table lorazepam to valium.

Lorazepam. Buy lorazepam.

Fri Aug 06 02:53:42: Diet fuel ephedra. from Hartford ephedra lawyers.

Ephedra.

Fri Aug 06 05:24:09: Best online pricing for soma. from Soma petroleum.

Carisoprodol soma drug test. Soma. Coupons for soma by chicos.

Fri Aug 06 16:56:39: Oxycontin. from Oxycontin manufactureres.

Oxycontin. Craigslist oxycontin. Oxycontin crush. Buy oxycontin pills.

Sat Aug 07 05:52:19: Ambien latest side effects. from Ambien.

Ambien side effects. Cheap ambien. Ambien. Ambien addiction. Buy ambien.

Sat Aug 07 17:33:49: Tylenol. from Tylenol rapid release gels description.

Tylenol sinus. Tylenol maker. Tylenol recall. Tylenol.

Sun Aug 08 05:48:08: Alprazolam. from Alprazolam.

Alprazolam no prescription. How to make homemade alprazolam. Alprazolam g 3721. Alprazolam how supplied. Alprazolam.

Sun Aug 08 18:18:58: Rme ativan. from Ativan.

Ativan. Ativan fed ex us pharmacy no prescription. Ativan for neck pain. Ativan without prescription.

Mon Aug 09 06:12:58: Who makes ativan. from Ativan.

Ativan. Ativan purchase. Ativan withdrawal. Ativan use in seizure treatment. Order ativan fast local delivery wholesale price. Ativan without prescription.

Mon Aug 09 18:09:10: Ativan. from Ativan.

Ativan tab. Ativan xanax valuim trial pack.

Tue Aug 10 06:14:41: Ephedra attorneys california. from Ephedra lawyers san diego.

Black ice ephedra. Ephedra solaray. Colorado ephedra lawyer. Diet pills with ephedra. Hartford ephedra attorneys. Ephedra.

Tue Aug 10 18:24:12: Ambien. from Ambien without prescription.

Ambien prescription online overnight us based. Ambien. Ambien addiction.

Tue Aug 10 22:26:16: Define butalbital aspirin and caffeine. from Butalbital.

Butalbital. Butalbital apap caffeine. Can you overdose on butalbital. Butalbital for depression. Butalbital otc.

Wed Aug 11 10:14:34: Ephedra p57. from Ephedra lawyers los angeles.

Buy ephedra. Ephedra effects. Buy ephedra online. Ephedra. Ephedra sinica buy china. What is ephedra. Ephedra p57. Spears ephedra.

Wed Aug 11 14:27:46: Tadalafil. from Tadalafil.

Tadalafil. Generic tadalafil online. Buy tadalafil. Tadalafil fedex.

Thu Aug 12 06:14:30: Diazepam. from Diazepam.

Diazepam. Diazepam online. Diazepam no prescription needed. What does diazepam look like. Cheap diazepam.

Thu Aug 12 18:13:22: Esomeprazole. from Esomeprazole.

Esomeprazole.

Fri Aug 13 06:23:35: Soma. from Cheap soma.

Soma without rx.

Fri Aug 13 19:02:11: Buy synthroid online. from Buy synthroid online.

Synthroid crush. Synthroid. Nuy synthroid online. Buy synthroid online.

Fri Aug 13 22:09:44: Levothyroxine sodium for dogs. from Levothyroxine sodium.

Levothyroxine. Levothyroxine 575 mg.

Sat Aug 14 11:22:36: Perscribed doxycycline for. from Doxycycline.

Doxycycline 100mg. Doxycycline photosensitivity can inflame acne. Doxycycline home remedy. Doxycycline gpnotebook. Doxycycline.

Sat Aug 14 15:03:55: Synthroid. from Synthroid suit.

Synthroid vs levothyroxin. Synthroid.

Sun Aug 15 15:05:45: Buy lortab. from Lortab 7.5-500.

Buying lortab without prescription. What do generic lortab 7.5 look like. Lortab for cheap. Lortab. How long does lortab effects last. Snorting lortab. Lortab during pregnancy.

Mon Aug 16 02:46:38: Amoxicillin clavulanic acid suspension. from Amoxicillin.

Diagram of amoxicillin. Amoxicillin. Amoxicillin for acne. Amoxicillin with no prescription. Amoxicillin itch. Amoxicillin drug interactions. Amoxicillin trihydrate. Amoxicillin and clavulanate potassium. Amoxicillin acne.

Mon Aug 16 07:13:39: Synthroid problems. from Synthroid.

Synthroid side effects. Graphs of synthroid. Synthroid vs levothyroxin. Synthroid problems. Synthroid. Buy synthroid online.

Mon Aug 16 19:28:56: Amoxicillin and alcohol. from Bronchitis and amoxicillin.

Amoxicillin. Amoxicillin dosage. Amoxicillin rebate. Amoxicillin yeast infection. Taking amoxicillin while pregnant. Amoxicillin shelf life.

Mon Aug 16 22:59:30: Oxycontin attorney columbus. from Oxycontin.

Oxycontin look like. Oxycontin. Purchasing oxycontin without a prescription. Oxycontin no prescription. Oxycontin addiction. Birth defects and oxycontin use. Snort oxycontin.

Tue Aug 17 11:31:44: Snorting adderall. from Purchase adderall without prescription.

Adderall without prescription. Adderall. Who makes adderall.

Tue Aug 17 15:13:02: Sibutramine. from Information on sibutramine.

Information on sibutramine. Ionami sibutramine. Sibutramine. 15 mg sibutramine from us pharmacy.

Wed Aug 18 02:32:09: Adipex. from Adipex.

Adipex.

Wed Aug 18 09:15:41: Azithromycin. from Azithromycin.

Azithromycin ok to take with genacol. Azithromycin 20mg ml dosage per pound for cats. Side effects of azithromycin. Azithromycin skin rash treatment. Azithromycin skin rash.

Thu Aug 19 05:34:55: Findpills net search results lortab. from Lortab.

Lortab for cheap. Buy lortab. Lortab online.