11 July 2002. Thanks to Z.
Original source, now pulled: http://www.msnbc.com/news/770551.asp
(from top to bottom) Brian Willman,
John Manferdelli, Paul Englund [sic], and
Peter Biddle of Microsoft are helping to
make PCs more secure
An exclusive first look at Microsofts ambitious-and risky-plan to remake the personal computer to ensure security, privacy and intellectual property rights. Will you buy it?
By Steven Levy, NEWSWEEK
July 1 issue [Published June 24, 2002]
In ancient Troy stood the Palladium, a statue of the goddess Athena. Legend has it that the safety of the city depended on that icons preservation. Later the term came to mean a more generic safeguard.
SOMETHING THAT cries for a safeguard: the world of computer bits. An endless roster of security holes allows cyber-thieves to fill up their buffers with credit-card numbers and corporate secrets. Its easier to vandalize a Web site than to program a remote control. Entertainment moguls boil in their hot tubs as movies and music are swapped, gratis, on the Internet. Consumers fret about the loss of privacy. And computer viruses proliferate and mutate faster than they can be named.
Computer security is enough of a worry that the software colossus Microsoft views it as a threat to its continued success: thus the apocalyptic Bill Gates memo in January calling for a Trustworthy Computing jihad. What Gates did not specifically mention was Microsofts hyperambitious long-range plan to literally change the architecture of PCs in order to address the concerns of security, privacy and intellectual property. The plan, revealed for the first time to NEWSWEEK, is... Palladium, and its one of the riskiest ventures the company has ever attempted. Though Microsoft does not claim a panacea, the system is designed to dramatically improve our ability to control and protect personal and corporate information. Even more important, Palladium is intended to become a new platform for a host of yet-unimagined services to enable privacy, commerce and entertainment in the coming decades. This isnt just about solving problems, but expanding new realms of possibilities in the way people live and work with computers, says product manager Mario Juarez.
Because its ultimate success depends on ubiquity, Palladium is either going to be a home run or a mortifying whiff. We have to ship 100 million of these before it really makes a difference, says Microsoft vice president Will Poole. Thats why the company cant do it without heavyweight partners. Chipmakers Intel and Advanced Micro Devices have signed on to produce special security chips that are integral to the system. Its a groundswell change, says AMDs Geoffrey Strongin. A whole new class of processors not differentiated by speed, but security. The next step is getting the likes of Dell, HP and IBM to remake their PCs to accommodate the system.
Its one of the most technically complex things ever attempted on the PC, says Gartner analyst Martin Reynolds. And the new additions will make your next computer a little more expensive. Will the added costor a potential earlier-than-otherwise upgradebe worth it? Spend a day or two with the geeks implementing Palladiumthrilled to be talking to a reporter about the projectand youll hear an enticing litany of potential uses.
* Tells you who youre dealing withand what theyre doing. Palladium is all about deciding whats trustworthy. It not only lets your computer know that youre you , but also can limit what arrives (and runs on) your computer, verifying where it comes from and who created it.
* Protects information. The system uses high-level encryption to seal data so that snoops and thieves are thwarted. It also can protect the integrity of documents so that they cant be altered without your knowledge.
* Stops viruses and worms. Palladium wont run unauthorized programs, so viruses cant trash protected parts of your system.
* Cans spam. Eventually, commercial pitches for recycled printer cartridges and barnyard porn can be stopped before they hit your inboxwhile unsolicited mail that you might want to see can arrive if it has credentials that meet your standards.
* Safeguards privacy. With Palladium, its possible not only to seal data on your own computer, but also to send it out to agents who can distribute just the discreet pieces you want released to the proper people. Microsofties have nicknamed these services My Man. If you apply for a loan, youd say to the lender, Get my details from My Man, which, upon your authorization, would then provide your bank information, etc. Best part: Da Man cant read the information himself, and neither can a hacker who breaks into his system.
* Controls your information after you send it . Palladium is being offered to the studios and record labels as a way to distribute music and film with digital rights management (DRM). This could allow users to exercise fair use (like making personal copies of a CD) and publishers could at least start releasing works that cut a compromise between free and locked-down. But a more interesting possibility is that Palladium could help introduce DRM to business and just plain people. Its a funny thing, says Bill Gates. We came at this thinking about music, but then we realized that e-mail and documents were far more interesting domains. For instance, Palladium might allow you to send out e-mail so that no one (or only certain people) can copy it or forward it to others. Or you could create Word documents that could be read only in the next week. In all cases, it would be the user, not Microsoft, who sets these policies.
Some of these ideas arent newtheyre part of the promise of public key cryptography, discovered 25 years back. Palladium is a dead-serious attempt to finally make it happen, with a secure basis and critical mass. But it didnt start that way. In 1997, Peter Biddle, a Microsoft manager who used to run a paintball arena, was the companys liason to the DVD-drive world. Naturally, he began to think of ways to address Hollywoods fear of digital copying. He hooked up with Softie researchers Paul England and John Manferdelli, and they set up a skunkworks operation, stealing time from their regular jobs to pursue a preposterously ambitious ideacreating virtual vaults in Windows to protect information. They quickly understood that the problems of intellectual property were linked to problems of security and privacy.
They also realized that if they wanted to foil hackers and intruders, at least part of the system had to be embedded in silicon, not software. This made their task incredibly daunting. Not only would they have to build new secrecy functions into Windows (without messing up any programs that run on the current versions), but then theyd have to convince the entire industry to, in effect, update the basic hardware setup of the PC.
Intel originally turned down the idea before eventually embracing it. AMD had already been thinking along similar lines, and eagerly signed on. Biddles virtual team kept working, and in October 2001, it became a formal green-lighted project.
As now envisioned, Palladium will ship in
a future version of Windows. (Perhaps in the next big revision, due
around 2004.) By then the special security chips will be rolling out of the
fabs, and the computer makerssalivating at an opportunity to sell more
boxeswill have motherboards to accommodate them. There will also be
components that encrypt information as it moves from keyboard to computer
(to prevent someone from wiretapping or altering what you type) and from
computer to screen (to prevent someone from generating a phony output to
your monitor that can trick you into OKing something you hadnt intended
to). Only certain applications will access the part of Windows (nicknamed
the nub) that performs Palladiums functions with the help
of the security chipeverything else will work exactly the same.
The first adopters will probably be in financial services, health care and governmentplaces where security and privacy are mandated. Then will come big corporations, where information-technology managers will find it easier to control and protect their networks. (Some employees may bridle at the systems ability to ineluctably log their e-mail, Web browsing and even instant messages.) I have a hard time imagining that businesses wouldnt want this, says Windows czar Jim Allchin.
Finally, when tens of millions of the units are in circulation, Microsoft expects a flood of Palladium-savvy applications and services to spring upthats when consumers will join the game.
None of this is a cinch. One hurdle is getting people to trust Microsoft . To diffuse the inevitable skepticism, the Redmondites have begun educational briefings of industry groups, security experts, government agencies and civil-liberties watchdogs. Early opinion makers are giving them the benefit of the doubt. Im willing to take a chance that the benefits are more than the potential downside, says Dave Farber, a renowned Internet guru. But if they screw up, Ill squeal like a bloody pig. Microsoft is also publishing the systems source code. We are trying to be transparent in all this, says Allchin.
Others will note that the Windows-only Palladium will, at least in the short run, further bolster the Windows monopoly. In time, says Microsoft, Palladium will spread out. We dont blink at the thought of putting Palladium on your Palm... on the telephone, on your wristwatch, says software architect Brian Willman.
And what if some government thinks that Palladium protects information too much? So far, the United States doesnt seem to have a problem, but less tolerant nations might insist on a back door that would allow it to wiretap and search peoples data. There would be problems in implementing this, um, feature.
Other potential snags: will Microsoft make it easy enough for people to use? Will someone make a well-publicized crack and destroy confidence off the bat? I firmly believe we will be shipping with bugs, says Paul England. Dont expect wonders until version 2.0. Or 3.0. Ultimately, Palladiums future defies prediction. Boosting privacy, increasing control of ones own information and making computers more secure are obviously a plus. But there could be unintended consequences. What might be lost if billions of pieces of personal information were forever hidden? Would our ability to communicate or engage in free commerce be restrained if we have to prove our identity first? When Microsoft manages to get Palladium in our computers, the effects could indeed be profound. Lets hope that in setting the policies for its use, we keep in mind the key attribute of the woman embodied in the first Palladium. Athena was the goddess of wisdom.
© 2002 Newsweek, Inc.