Feeds

MS to micro-manage your computer

'Palladium' they call this scheme

  • alert
  • submit to reddit

New hybrid storage solutions

A recent MSNBC article by techno-pundit Steven Levy discusses Microsoft's plans for a new computer operating environment (code-named "Palladium") that links hardware, software, and data into a neat package, allegedly more secure and convenient for users.

Or, putting it in simpler terms, it's Microsoft's answer to fixing everything that's wrong with computing today.

According to Levy, Palladium is a hardware and software combination that will supposedly seal information from attackers, block viruses and worms, eliminate spam, and allow users to control their personal information even after it leaves their computer. It will also implement Digital Rights Management (DRM) for movies and music to allow users to exercise 'fair use' rights of such products. Palladium will essentially create a proprietary computing environment where Microsoft is the trusted gatekeeper, guard, watchstander, and ruler of all it surveys, thus turning the majority of computing users into unwilling corporate serfs and subjects of the Redmond Regime.

Isn't it ironic that the company responsible for nearly every major computer security problem, virus, and backdoor -- thanks to its poor software development and testing among other factors -- is now heralding its ability to make everything right in a stroke? One might sense this is a manufactured problem resulting from Microsoft's inability to develop effective software in the first place. As is commonly known, the single most significant factor contributing to the dismal state of today's internet security is Microsoft's complacency, rather than hackers, crackers, and pirates. As I mentioned in an earlier article, we're vulnerable because Microsoft makes it so damn easy for the bad guys to cause mischief. (It's also a result of lazy or incompetent system administrators, poor network design, and clueless executives and Congressfolk, but that's another essay.)

Contrary to Levy's fear-mongering remarks and naively positive spin on the need for Palladium to protect us, the Internet is not all evil. In fact, the Internet is safer than many parts of our physical world. It does, however, represent an evolution in social control, something that evokes fear in the hearts of established entities of such control: corporations, media, and governments. Hence the desire to trump up any number of reasons -- real or perceived -- to beguile the public and garner support for ways to maintain social control and profit margins at once. This technical tool of social control follows on the heels of the CBDTPA, TCPA, and DMCA, and other controversial legislative efforts.

As such, Levy's article is full of sensational soundbytes, including one particularly fear-mongering paragraph: "An endless roster of security holes allows cyber-thieves to fill up their buffers with credit-card numbers and corporate secrets. It's easier to vandalize a Web site than to program a remote control. Entertainment moguls boil in their hot tubs as movies and music are swapped, gratis, on the Internet. Consumers fret about the loss of privacy. And computer viruses proliferate and mutate faster than they can be named."

Vandalizing a website happens most often not because of the skills of the vandal, but rather a combination of poor system administration coupled with notoriously buggy, easily-exploitable Web site software such as Microsoft's Internet Information Server. From what I've seen over the years, you probably don't even need opposable thumbs to break into IIS. Palladium won't help here, but more competent system administrators and much more secure server software (such as Apache or WebStar) most certainly would.

Regarding the potential of stealing credit cards numbers, you've got a greater chance of losing your wallet or purse walking around town than a cyber-thief stealing your credit card from a webserver. What people forget in the hype is that despite the immense pain in the ass associated with canceling credit cards and re-authorizing charges on a new one, people are not responsible for losses over $50 provided they promptly report the loss to their credit card issuer. I've had my card stolen on-line, but I haven't run away in terror about the chances it could happen again. Again, Palladium won't be of benefit to me -- my credit card company already protects me and limits my liability.

Perhaps the most sinister part of Microsoft's concept (something that Levy glosses over) is that it "stops viruses and worms. Palladium won't run unauthorized programs, so viruses can't trash protected parts of your system." True, Windows-based viruses do proliferate and mutate quickly, but it's because Microsoft products are so interlinked and poorly-configured. If Microsoft would only allow users to display e-mail in plain text, ninety per cent of 'viruses and worms' would be eliminated. Yet to hear Redmond tell it, what we really need is some expensive and Draconian ghost in the machine to break applications of which the company, or its partners, or the government, or Hollywood, disapproves.

In short, under the feel-good guise of 'enhanced security' and 'new features for customers' (and despite being found guilty of monopoly), Microsoft still wants to rule all it surveys. In essence, Palladium can be interpreted as Microsoft's attempt to play God. Again.

With this announcement, Microsoft competitors and independent programmers should be gearing up for another court case, as this concept reeks of Redmond's historic anti-competitive tactics in the marketplace. Savvy consumers should be very concerned that Palladium will mean that their computers and information are no longer under their positive control but rather under the omnipresent surveillance and enforcement of a third party more interested in turning a profit than empowering their customers to think and act for themselves. The computer will essentially become a tool of surveillance, judgment and control over users, rather than a tool of innovation, communication, and enlightenment.

Given the pervasiveness of computers in modern society, the worldwide social ramifications of Palladium are enormous. Consider the ability of one entity -- in this case, Microsoft -- to dictate acceptable behavior and content (remember Smart Tags?) in service of its own commercial aspirations. If your behavior or actions are deemed 'unacceptable' by such a third party, you could find yourself impotent on the global stage. So you'd better toe the party line and be a good little Windows user.

Palladium represents a modern 'innovation' which could lead to a Digital Dark Age: a period of innovative stagnation where the majority of the world's computing population will become unwitting subjects and indentured servants to the profiteering desires of the new corporate ruling class, and Microsoft the enforcer.

One wonders if Palladium error messages will include a computer-generated audio clip of Bill Gates announcing, "I'm sorry [USERNAME], I'm afraid I can't do that....?"

The first step in any revolution is the seizure of the lines of communication to hinder the target population's ability to communicate and exchange information amongst themselves. Palladium has the ability to do just that, and convert the open fabric of the modern computing environment into a closed, proprietary domain under the rule of Redmond.

Under the Palladium concept -- despite the marketing spin and hype -- the danger is that you will be asked (though not directly) to pledge allegiance to Microsoft and its dismal record of security and reliability while unwittingly relinquishing your ability to remain an independent person in cyberspace. In essence, you'll go back to the future instead of forward to innovation and enlightenment.

Personally, I prefer being the one in charge of my computer and not subordinate to it or its vendors. I also prefer Camelot over Redmond...which goes a long way explaining why I don't run Windows.

Thomas C. Greene contributed to this article (and he doesn't run Windows either).

© 2002 InfoWarrior.org, all rights reserved.

Security for virtualized datacentres

More from The Register

next story
Not appy with your Chromebook? Well now it can run Android apps
Google offers beta of tricky OS-inside-OS tech
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
NHS grows a NoSQL backbone and rips out its Oracle Spine
Open source? In the government? Ha ha! What, wait ...?
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.
Secure remote control for conventional and virtual desktops
Balancing user privacy and privileged access, in accordance with compliance frameworks and legislation. Evaluating any potential remote control choice.