Microsoft: Palladium Fears Are Based On Rumor, Speculation
Palladium, formally known as Next Generation Secure Computing Base, is technology that Microsoft says will make computers trustworthy. It will use a security processor attached to a PC motherboard, along with a subsystem of the Windows operating system, called the Nexus, to allow users to create a highly secure virtual space to store sensitive data and run sensitive applications.
That's what Microsoft says. But critics suspect a hidden agenda to prevent PCs from running Linux and other competing operating systems, force application developers to pay fees to Microsoft to write Windows applications, and gain control over users' data.
Ross Anderson, a member of the computer science faculty member at the University of Cambridge, England, said that Palladium is Microsoft's plan to make it expensive for users to switch from Microsoft applications.
"The object of the exercise for Microsoft is that Palladium will make it harder to switch from Office to OpenOffice," said Anderson, who holds the post Reader in Security Engineering at the university. "All the documents you create in Office will be likely to sealed to keys tied to the platform and tied to Microsoft technology."
Attempts to break the encryption on documents to allow them to be used by other applications will be illegal under the U.S. Digital Millennium Copyright Act, the same law that makes it illegal to crack DVD encoding, and the similar provisions in proposed European Union legislation, Anderson said. "These laws make it an offense to possess technology that will circumvent copyright protection mechanisms," Anderson said.
Likewise, other application vendors will be able to use Palladium to encrypt data to block conversion to a competitor's data format. Application vendors would be able to charge users to convert data to a new format, creating barriers to entry of new vendors, Anderson said.
Microsoft critics on Slashdot threads and technology Weblogs have expressed similar fears ever since Microsoft disclosed Palladium plans over the summer: they fear that Palladium will be used to block installation of other operating systems, especially Linux, on PCs; that developers will be charged to write Palladium applications; that Microsoft will be able to remotely delete files from user PCs, and that Palladium is part of a plan between Microsoft and Hollywood entertainment companies to make it impossible for users to copy movies and music -- even perfectly legal copies made from personal use.
It's all a fantasy, says Mario Juarez, NGSCB product manager for Microsoft.
"It is a myth, with no basis in fact for anything that Microsoft has said, done, expressed, intimated or even hinted at," Juarez said.
Bruce Schneier, CTO of security consultants Counterpane Internet Security, said Palladium is still so immature it's hard to pin down any specific criticism of it.
"It's still changing, it's still in research, it's hard to get the details," Schneier said.
He said an August 2002 essay he wrote on Palladium is still his best thinking on the subject.
"There's a lot of good stuff in Pd and a lot I like about it," Schneier wrote. (Pd is the chemical symbol for the element Palladium, and a common shorthand for the technology.) "There's also a lot I don't like, and am scared of. My fear is that Pd will lead us down a road where our computers are no longer our computers, but are instead owned by a variety of factions and companies all looking for a piece of our wallet. To the extent that Pd facilitates that reality, it's bad for society. I don't mind companies selling, renting or licensing things to me, but the loss of power, reach and flexibility of the computer is too great a price to pay."
He also says, "Pay attention to the antitrust angle. I guarantee you that Pd is a way to extend its market share, not to increase competition."
Palladium will allow a computer to be segregated into several partitions, each of which will be able to read and write its own data, some of which can be set up by third parties -- such as entertainment companies -- so that only they can manipulate data on those partitions, Schneier said.
Microsoft won't dare use Palladium to prevent Linux from running, and is unlikely to replace Internet standard protocols with Microsoft proprietary protocols, Schneier said. However, users will likely need a Palladium-enabled device to view copyrighted content.
"Like everything else Microsoft produces, Pd will have security holes large enough to drive a truck through. Lots of them. And the ones that are in hardware will be much harder to fix. Be sure to separate the Microsoft PR hype about the promise of Pd from the actual reality of Pd 1.0," Schneier wrote.
Microsoft will make its first public presentations about the technology at the Windows Hardware Engineering Conference (WinHEC) May 6-8, where the company will have conference tracks, tutorials, and demos of prototype hardware and Palladium technology running on software.
"The fundamental goals that we are shooting at are to bring about an evolution in the Windows operating system involving both hardware and software, to make the computer safer," Juarez said. "We're making the PC platform a place that software and data will be safe from software-based attacks, making sure that people are able to trust a computer today at the same level that they can trust cash machines."
The software Nexus is something like a microkernel that regulates the flow of data on machines and to other connected machines, using cryptography, Juarez said. The Nexus can be switched on and off at user discretion, and is shipped off when the PC ships.
The hardware is the Security Services Component, a security chip on the motherboard that stores unique cryptographic keys to enable the computer to store secrets locally, he said.
Initial applications will likely be in the enterprise, Juarez said. Palladium will help make remote access more secure, by allowing enterprise applications to be accessed only by a specific user -- authenticated through username and password, biometrics or other techniques -- on a secure machine, using a specific application running on that machine. Palladium will also be used to increase transactional security.
Enterprises will be able to encrypt data on the PC in such a way that only specific applications running on specific systems can access the data, Juarez said. Enterprises can designate multiple systems as permitted to access the data, so that users can migrate data to new systems, or for backup purposes.
Juarez would not say when the technology will become available, although he did say that the first Palladium based product might become available within two or three years.
"Getting the job done right is an important thing. This is not a technology where we can wait for version three to get it right, it has to be right out of the gate," Juarez said.
Users will be able to continue to run other operating systems on Palladium-enabled PCs, same as they do today, Juarez said. Moreover, other companies will be able to build the Nexus into other operating systems, although the code will have to be licensed from Microsoft. Juarez said it's not yet decided whether Microsoft will charge money to license the Nexus.
Microsoft will not require application vendors to pay to write Palladium applications. "We don't charge people to write applications in Windows today, and we won't charge them tomorrow," Juarez said.
Users will retain control of their own data, and will be able to convert between application formats without paying the old vendor a conversion fee, Juarez said.
"I can't even imagine where that's coming from," he said. "We've said nothing along those lines, I can't comment on that, because it is not connected to anything we have done."
Palladium is not a digital rights management application -- but Palladium technology will be used to implement DRM technology, the same way applications are written to run on specific hardware and operating systems, Juarez.
And Palladium will not allow Microsoft to delete files from PCs, Juarez said.
This story courtesy of InternetWeek.com.
