It sounds like an April Fools joke, but last week Microsoft revealed plans to revamp its entire product line, starting with Windows, presumably to ensure a safe, happy, and peaceful existence for all its customers. Code-named Palladium, after the statue of Athena that used to guard the ancient city of Troy, this Microsoft initiative will combine software and hardware solutions to solve such problems as privacy invasion, computer hacks, security vulnerabilities, spam, and more. If you were hoping to see Microsoft settle into a more staid and relaxed upgrade cycle, then Palladium might serve as a wakeup call. If Palladium is even remotely successful, it will change the computing landscape far more than other Microsoft "bet the company" initiatives, including Microsoft .NET.

Rumors about Microsoft working with hardware vendors to integrate Digital Rights Management (DRM) technology into hardware such as PCs and hard disks first emerged last year. But last week, a Microsoft-sponsored report in "Newsweek" revealed that these plans are far more extensive than originally thought. Now expected to become part of the next Windows version (code-named Longhorn), Palladium will require a new PC hardware architecture—with backing from both Intel and AMD—as well as Microsoft's software hooks. The system will reportedly improve user and corporate control of private information, while dramatically expanding protection against the Internet-based attacks that are becoming increasingly common today.

Arguably, Palladium is a somewhat natural extension to the increasingly escalating series of security announcements and initiatives that Microsoft has introduced in the past 12 months. But Big Brother concerns aside, Palladium also requires a hefty bit of comarketing with the company's partners, massive endorsement and rollout of the technologies at the enterprise level, and finally, widespread acceptance in the consumer space. For Palladium to be successful, it must simply be part of the next Windows and be open to competitors. "We have to ship 100 million \[copies of Palladium\] before it really makes a difference," says Microsoft Vice President Will Poole.

Here's what we know about Palladium so far.

  • Palladium is far-reaching and not simply another Windows upgrade. Longhorn, once thought to be a point-release update to Windows XP, has taken on new importance, and Microsoft will delay its release until 2004 or 2005. "This \[technology\] isn't just about solving problems, but expanding new realms of possibilities in the way people live and work with computers," says Palladium Product Manager Mario Juarez. Also, Microsoft will need to extensively upgrade key applications such as Office to make them compatible with Palladium. Office 11, due next year, won't meet Palladium's requirements.
  • Palladium's hardware components require a new class of microprocessors and supporting chips that, for the first time in the PC space, will differ by security, not by speed. Major PC companies such as Dell, Hewlett-Packard (HP), and IBM will need to sign on for Palladium to be successful. Eventually, Microsoft will port the technology to other platforms, including smart cell phones, palm-sized devices and, presumably, Linux- and Mac-based PCs.
  • Palladium is complex technology and likely to be expensive. Unless Microsoft and its hardware partners subsidize the costs—which would be wise, given Microsoft's contention that today's security vulnerabilities are undermining its growth—Palladium might be a tough sell in any but the most security-conscious environments.
  • Think Trustworthy Computing. Palladium is, in essence, the realization of Microsoft Chairman and Chief Software Architect Bill Gates' "Trustworthy Computing" memo. Palladium systems will verify that you're you, limit what you download to and execute on your computer, and can verify where programs and other attachments came from and who sent them. Palladium can protect your data, both on your PC and after you've sent the data over the Internet. Using high-level encryption, Palladium can ensure that only the recipients you specify can open information you send. Likewise, Palladium can protect document integrity, preventing others from altering data you created.
  • Palladium will stop viruses, worms, and spam. The technology will prevent the startup of unauthorized applications, protecting your system from Internet-based attacks, and will stop unsolicited email before it reaches your PC, unless the email meets the credentials you establish.
  • Palladium will protect your privacy. In addition to local data protection, Palladium will use software agents to distribute your data only to the correct people. This agent—code-named "My Man"—can't access your data, only authenticate other users for access, which prevents intruders from hacking the agent.
  • Palladium will offer built-in DRM. In a nod toward the recording industry and other companies that want to securely distribute copyrighted content, Palladium will include DRM technology that will let users exercise their fair-use rights with music and other data they've legally purchased. Interestingly, although digital music was the original reason for this DRM integration, Microsoft says that applying DRM to email and other sensitive inhouse documents makes even more sense. This technology will enable users to send email that only certain individuals can read and that no one can forward or copy.

Palladium will initially suffer from the same problems early Tablet PC users face: Data interoperability with "traditional" PCs will be quite trying. But Microsoft isn't worried. In fact, Microsoft Group Vice President Jim Allchin says that Palladium is a natural for the enterprise, Microsoft's initial target market. "I have a hard time imagining that businesses wouldn't want \[Palladium\]," Allchin says.

But I think the problem with Palladium, besides its current vagueness, is trust. Say what you will about Microsoft, but a groundswell of distrust for the company is growing, thanks to the seemingly endless number of security vulnerability announcements it must make. If we're supposed to trust Microsoft with securing our data in the future, the company must first prove that it's up to the task today.