The neutrality of this article is disputed.
Palladium was Microsoft's codename for their new "trusted computing" architecture. In 2003, Microsoft reacted to the negative publicity surrounding the Palladium operating system by dropping the name "Palladium". They now refer to it as the "next-generation secure computing base" (NGSCB).
Under Palladium, the Microsoft operating system, working with a secure cryptoprocessor embedded in the PC, will create a new class of applications which have special powers and protections and which run side by side with ordinary code. The stated aim is to fix the problems of current computer insecurity, and to create new kinds of distributed applications, where each component can know and trust the operation of other parts of the system, even when they are running on remote computers.
Opponents characterise it as an attempt to control the market for computer hardware and software, thus entrenching and extending Microsoft's existing desktop computer operating system and software monopoly. Opponents have also characterised it as an attempt to leverage this monopoly into a monopoly over Digital Rights Management, and hence effective control over the content delivery industry. They further fear that the Palladium platform will eventually control all aspects of computer operation, including web browsing and E-mail.
Microsoft has patent protection on several concepts relating to their "Digital Rights Management Operating System", although it is not clear at this point which of them will be part of Palladium when it is finally fielded.
A sidenote: the Palladium initiative is supposedly named after the Palladium, a legendary statue in ancient Troy. Supposedly, while the statue was safe, so was the city. Legend tells us that Troy fell to a Trojan horse attack.
Table of contents |
2 Criticism 3 Virus Cure? 4 External links |
Based on current information, NGSCB (Palladium) would work in the following ways:
If the above functionality of TCPA/NGSCB were in the final product, it would have the following drawbacks:
On August 28 2003 Microsoft made an announcement saying that to combat the thread of future viruses like SoBig.F NGSCB was needed.
Simon Conant, a 'security expert' (quoted verbatim from the source article, the UK Metro) working for Microsoft said 'We need to go back to the drawing board with a brand new architecture for the PC'.
This argument has several flaws in it:
The FAQ goes on to describe the contribution of NGSCB against viruses in more modest terms: "However, the NGSCB architecture does provide features that can be used by an antivirus program to help guarantee that it has not been corrupted. The antivirus software can be grounded in such a way that it can bootstrap itself into a protected execution state, something it cannot do today."
A conspiracy theorist view on this is that Microsoft have deliberately left the flaws in Outlook/Outlook Express so that an email virus can cripple a computer and Microsoft can then announce NGSCB as the saviour. Certainly there is no valid reason for an incoming email to have access to a client's address book (the primary way the email viruses spread).
Functionality of TCPA/NGSCB
Criticism
Virus Cure?
Microsoft is not presently making strong claims that NGSCB would solve the virus problem. In their Technical FAQ linked from the Microsoft NGSCB page, they say, "Since the nexus and NCAs do not interfere with the operation of any program running in the regular Windows environment, everything, including the native operating system and viruses, runs there as it does today. Therefore, users are still going to need antivirus monitoring and detection software in Windows".External links