You've heard of Trustworthy Computing, and the massive corporate remodeling going on at Microsoft where every developer, product manager, and executive assistant has been asked to rethink everything they do in the context of security. Well, that's just the tip of the iceberg. Secretly, the company has been working on a plan to rearchitect the PC from the ground up, to address the security, privacy, and intellectual property theft issues that dog the industry today. Inexplicably, the company pulled an Apple and chose to detail its plans solely to Newsweek, so we only have that one report to work from. But if Newsweek's take on the plan is correct, and consumers and businesses buy into the new devices that would result, the PC landscape will soon change forever.
The plan is code-named Palladium, a reference to a statue of the Greek goddess Athena that one guarded ancient Troy from attack. Palladium involves a number of hardware and software solutions that will, in part, be implemented as part of a future Windows version--possibly Longhorn, due in 2004--that requires specific hardware to work. "This isn't just about solving problems, but expanding new realms of possibilities in the way people live and work with computers," says product manager Mario Juarez.
Microsoft designed Palladium around the following ideals:
Palladium will tell you who you're dealing with online, and what they're doing. It will uniquely identify you to your PC and can limit what arrives (and runs on) that computer. Information that comes in from the Internet will be verified before you can access it.
Palladium protects information using encryption to seal data so that "snoops and thieves are thwarted." The system can maintain document integrity so that documents can't be altered without your knowledge.
Palladium stops viruses and worms. The system won't run unauthorized programs, preventing viruses from trashing your system.
Palladium stops spam. Spam will be stopped before it even hits your email inbox. Unsolicited mail that you might actually want to receive will be allowed through if it has credentials that meet your user-defined standards.
Palladium safeguards privacy. In addition to the system's ability to seal data on your PC, Palladium can also seal data sent across the Internet using software agents that ensure the data reaches only the proper people. Newsweek reports that the agent has been nicknamed "My Man," a goof on ".NET My Services," "My Documents," and other similar names at Microsoft.
Palladium controls information after it's sent from your PC. Using Digital Rights Management (DRM) technology, Palladium can be used to securely distribute music, movies, and other intellectual property securely over the Internet. Movie studios and the recording industry could use this technology to let their customers exercise their fair use rights to copy audio CDs and movies, for example. "It's a funny thing," says Bill Gates. "We came at this thinking about music, but then we realized that e-mail and documents were far more interesting domains." Gates says that Palladium could ensure that email designated as private could not be forwarded or copied to other people, for example. Or, the Newsweek reports reads, "you could create Word documents that could be read only in the next week. In all cases, it would be the user, not Microsoft, who sets these policies."
Few of the concepts behind Palladium are new, but what makes this system unique and--dare I say it--innovative is Microsoft's ability to rally the industry around this technology and push it through to fruition. Leading chip vendors Intel and AMD have signed on to Palladium, though Intel was originally reluctant to join. And though no names are yet available, major Microsoft partners in financial services, health care and government--areas where security is a prime concern--have likely signed up already as well. "I have a hard time imagining that businesses wouldn't want this," says Microsoft Group Vice President Jim Allchin. Once the enterprise is locked in, Microsoft expects Palladium-compatible applications and services to arrive, thus kicking off the inevitable consumer-oriented push.
However, the success of Palladium isn't a given at all. The anti-Microsoft crowd is louder than ever these days, thanks to the company's drawn-out antitrust battle and mounting security concerns. And Palladium would arguably extend Microsoft's OS dominance even further, since it's a Windows-only technology. Microsoft counters this criticism by explaining that Palladium can be ported to other platforms easily enough. "We don't blink at the thought of putting Palladium on your Palm, on the telephone, on your wristwatch," says Palladium software architect Brian Willman. Presumably, Linux and Mac ports would also be considered.
And how will individuals react to news that their every move will be recorded and analyzed? As the shifting security landscape in the post-9/11 world has proven, people are more resilient to such change if the perceived security level is higher. And though a vocal minority will likely find much to complain about--think Slashdot--average consumers, IT administrators and decision makers, and other people responsible for actually paying for this technology will probably support it wholeheartedly. I can already imagine the sort of email responses this article will get--after all, "Microsoft security" is an oxymoron of sorts these days--but I also can feel a grudging inevitability to Palladium, or something like it. Hang on to your seats, folks. Your next PC upgrade may be a completely different beast altogether.
End of Article
This is an interesting article. Link at MSNBC: http://www.msnbc.com/news/770511.asp
Link at Slashdot: http://yro.slashdot.org/yro/02/06/23/1641205.shtml?tid=109
If you see "It's a funny thing," be careful what it is about.
I wonder if people would buy a piece of hardware that implements this security scheme. (Will people have a choice?) Will people say, sorry, If this DVD, or CD or program will only run on Windows or MS hardware, I won't buy it? They probably will, as long as they have a choice.
What happens for independent developers that work on Windows, will they be able to compile programs and run them on their own and customers machine? or should they need to call MS to get a permit to run their programs?
Hypothetical scenario???: 12:01am: Hi, I just modified my program and I need to a new permit granted to continue debugging ... ok ok, you got one but only for your machine until 6am, if you do not get the program running by then call us and we happily will give you another permit.
--- In order to prevent unauthorize runs of software on my machine, I am careful of what I run and allow to run on my machine. I avoid running programs that I am certain about as root. I check for setuid. It is all in there on the thrusty old UNIX and its cousin Linux.
TSK June 23, 2002
So, if they really care about our privacy and the likes, why not better promote digital IDs (to sign/encrypt e-mail messages)? And why is their "preferred" provider (VeriSign) one which charges money for the same thing others (Thawte) don't? For more info see http://office.microsoft.com/assistance/2000/certpage.aspx and get your certificate today if you haven't already :-D
Nick June 23, 2002
How is this different then the telephone company calling us seven days a week to sell us long distance who then turn around and sell us a service to prevent themselves and other solicitors from calling you in the first place?
So the people who have given us poor software development and nonexistent testing are offering us a product to protect us from their nonfeasance (one could argue malfeasance)? "We are sorry, Trustworthy Computing isn't so Trustworthy. But trust us on this one...".
Steven Johnson June 24, 2002
Looks like .Net framework 2.0 in action.
Lynn Eriksen June 24, 2002
I find it sad these days that people take no initiative to keep their computers safe, or even learn about them beyond email and web browsing. Most security issues can be avoided by simply using common sense like Bill Clinton didn't send you an email with an attachment saying "I Love You", or maybe I shouldn't give my bank account number to that guy who has 25 million in an Argentine bank and wants to share.
Before if you got a floppy disk that had a virus the worst that could happen was your machine could go TU. But now in the internet age that virus or trojan you get could shut down a corporate email server, or DDOS attack someone. Of course people are happy to shift the burden of learning simple security and common sense computing to Microsoft because they have never had the opportunity to learn it. Surely their 5 page maunal that came with their computer told them easy ways to avoid problems, or maybe not because most of those 5 pages were Microsoft's EULA agreement.
It's a dream at best but what if people actually took an interest in learning about the computer that they use every day, or going one step further what if Microsoft produced a usable manual to educate users. Nah too expensive, let's keep dumbing down Americans so soon we have a population of automaton computer users who believe that Microsoft actually cares about end users. MS might even get them to believe that Office XP is a much more feature rich version than Office 2000 and is worth the upgrade. What a joke.
Craig June 25, 2002
It appears that Microsoft in its "Trustworty Computing" initiative has determined that it cannot produce a stable, secure OS. Therefore, the only way they can have a secure OS is to push the responsibility of security onto the hardware.
Vic Jenkins June 25, 2002
"The plan is code-named Palladium, a reference to a statue of the Greek goddess Athena that once guarded ancient Troy from attack."
Paul, if you're going to try and give the background to the story, you should finish the story, that the statue of Athena was ultimately stolen and Troy was completely destroyed.
Adam Parker June 25, 2002
I've been in the computer business for almost 8 years and Microsoft has never been safe. One is bound to hear about security patches every few months. It's pretty scary when one has to download security patches more often and regularly than changing ones oil. While there is some truth to the argument that car and Windows comparison, (you know, the one about if cars were made like Windows, one would blow up almost everytime it's started...), is not accurate, but to me, it's pretty darn close.
Palladium does nothing but help track people's usage on the computer. Why? First, Microsoft is carrying such a big target on its back that any new technology that it comes up with, an equally talented and dedicated, if not more talented and dedicated, "team" of hackers would do anything they can to break in. Then, what is Microsoft going to come up with next? Operation Blue Screen so NO ONE can use the computer? But wait, that happens everyday already.
Secondly, let's assume that Palladium does work for the brief period of time before the dawn of the hackers, do you really want people to know who you send email to? I mean, I am almost positive that after Palladium rolls out, someone is going to figure out a way to keep track of the email address because, now, it's that much easier with the Palladium machines.
Anthony Choi June 26, 2002
This reminds me too much of Senator Hollings' (D-Disney) CBDTPA, only now it's coming from Redmond. Has Microsoft become a branch of the US Govt?
“Regardless of what some self-appointed libertarian Internet watchdogs and privacy advocates will try to say, the citizens living in the nineteenth century are nowhere close to being as 'free' as those fortunate enough to be alive now. The privacy advocates are right about Microsoft’s vision of Palladium; it is a technology that wants to turn the Internet from lawless Wild West into an orderly suburban neighborhood. You know, gated communities much like those hypocritical privacy advocates live in.”
You must be a registered user or online subscriber to comment on this article. Please log on before posting a comment. Are you a new visitor?
Register now
An often irreverent look at some of the week's other news, including a shortened work week thanks to the 4th of July, expensive Windows 7 pricing, Bing's modest monthly gains, IE 8 heading to work, Steve Jobs back at Apple, and so much more ...
Get Mark Minasi’s Windows Server 2008 Audio CDs "Windows expert, consultant and best-selling author Mark Minasi shows you if 2008 is right for you and, if so, how to get the most out of it!
Take Control of Your Email Optimize your email storage – Download this white paper to learn key how-to’s in email storage management.
Get Windows IT Pro To Go! The Windows IT Pro Magazine Master CD is a powerful combination of content and convenience. Order now, and save up to 25%--plus you’ll get online access to new articles each and every month! Subscribe today!
Register
Link at MSNBC: http://www.msnbc.com/news/770511.asp
Link at Slashdot:
http://yro.slashdot.org/yro/02/06/23/1641205.shtml?tid=109
If you see "It's a funny thing," be careful what it is about.
I wonder if people would buy a piece of hardware that implements this security scheme.
(Will people have a choice?)
Will people say, sorry, If this DVD, or CD or program will only run on Windows or MS hardware, I won't buy it?
They probably will, as long as they have a choice.
What happens for independent developers that work on Windows, will they be able to compile programs and run them on their own and customers machine? or should they need to call MS to get a permit to run their programs?
Hypothetical scenario???:
12:01am: Hi, I just modified my program and I need to a new permit granted to continue debugging ... ok ok, you got one but only for your machine until 6am, if you do not get the program running by then call us and we happily will give you another permit.
---
In order to prevent unauthorize runs of software on my machine, I am careful of what I run and allow to run on my machine. I avoid running programs that I am certain about as root. I check for setuid.
It is all in there on the thrusty old UNIX and its cousin Linux.
TSK June 23, 2002