Palladium tech up for discussion, says MS security chief
And if users don't buy it, it dies...
Unaccountably, Microsoft seems to have forgotten to invite The Register to Tech Ed in Barcelona this week, but we're pleased to see some useful information making it into the public prints. Yesterday, IDG News correspondent Gillian Law obtained some useful information about Palladium from Microsoft UK chief security officer Stuart Okin.
First of all, we do not get the impression that Okin is entirely pleased by the release of information about Palladium last week. Details, he claims somewhat bizarrely, were "leaked or squirrelled out by a journalist." Well, indeedy-doody, Stuart. The knowledge that Newsweek writer Steven Levy infiltrated Microsoft with photographer Brian Smale, secretly took posed photos of the development team then surreptitiously obtained on-the-record quotes from numerous Microsoft execs from Bill Gates down puts an entirely different complexion on the article. And its presence on Microsoft's 'links to things written about us that we like' page must surely be some kind of clerical error.
We jest, of course. What we think Okin is really alluding to here is the age-old Microsoft internal battle between the marketing droids, who see their role as being to get nice, excited write-ups of Microsoft products, and the techies, who wish the droids would stop making overhyped promises they won't be able to keep. So maybe it's significant that one of the new breed of Microsoft security czars is showing signs of lining up with the techies.
Palladium being presented as a complete, 'solve all your security problems magic bullet' is most certainly premature. Okin tells Law that it's still in "consultation mode," that white papers will be out by the end of this month, and that Microsoft will proceed after getting feedback from this.
Palladium, which will combine security chip (which is expected to migrate onto the CPU in a future rev) with a public and private key system, could be important for DRM, but "its prime function is to ensure security and privacy." Look at it from the security czar's point of view, and you can see how important it is to ram home that message, even to genuinely believe it. These people have been specifically hired by Microsoft to clean up the company's security act, and if they're not to operate merely as fig-leaves, they may actually have to resist Palladium and similar being used for DRM. So more interesting internal tensions here.
The technology will be switched off by default, he guarantees this, and it will be "an opt-in technology" that "will live or die by user acceptance." It will also be licensed to any software company that wants it, but their software would need to be certified. Price, terms and conditions, and the certification process are all potential gotchas here and in our view Microsoft will have to be a lot more open and responsive than it has been in the past as regards licensing, if it genuinely wishes to achieve broad support.
Palladium hardware will not, Okin tells IDG, ship until 2004-2005, and applications for it won't be around until two years later. That certainly puts it in the Longhorn window, but it's not clear why, if it's initially going to use a separate chip, hardware can't be shipped fairly swiftly.
Hardware of this sort already exists, in the shape of the AMD-Wave reference design; this may, we're informed even have been demoed at WinHEC. The public line at the moment, however, is that AMD and Intel are working with Microsoft on Palladium, and although Wave may still be in there under the covers, it's not apparent in the publicity.
The schedule (and the participants list) may of course have been disrupted by Intel coming late to the party again, but marketing considerations will also have an influence. Microsoft could, now, add support for DRM to its existing OS software, make its buddies in the music business very happy, trash it own reputation (no really, it's still possible to do this) and destroy any chance of Palladium succeeding. So it really does have to take its time and (this is the tricky but) be thoughtful, subtle and flexible. Hmm... ®
Sponsored: Network DDoS protection