Feeds

MS recruits for Palladium microkernel and/or DRM platform

So is it cool and elegant, DRM, or both?

  • alert
  • submit to reddit

Internet Security Threat Report 2014

Microsoft's efforts to disassociate Palladium from DRM seem to have hit their first speed bump. Some voices within the company (and we currently believe these voices to be right and sensible) hold the view that Palladium has to be about users' security if it's to stand any chance of winning hearts and minds, and that associating it with protecting the music business' IP will be the kiss of death. So they'll probably not be best pleased by the Microsoft job ad that seeks a group program manager "interested in being part of Microsoft's effort to build the Digital Rights Management (DRM) and trusted platforms of the future (Palladium)."

Oh dear. It's one of a clutch of Palladium job ads currently up on the site, and is the most blatantly off-message one. While the authors of Microsoft's discussion white paper on Palladium say, "Palladium will not require Digital Rights Management (DRM) technology, and DRM will not require Palladium... They are separate technologies," the author of this ad continues: "Our technology allows content providers, enterprises and consumers to control what others can do with their digital information, such as documents, music, video, ebooks, and software. Become a key leader, providing vision and industry leadership in developing DRM, Palladium and Software Licensing products and Trust Infrastructure Services. If you are looking for an opportunity to get in on the ground floor of a critical new area for MS and a position with autonomy and growth, then this is an ideal position."

Content providers controlling their documents, music, video, ebooks, a critical new area for MS, oh dear oh dear. And we quite liked: "Additional responsibilities include defining the industry..." Gosh, the whole industry? That's a responsible job, but we thought Microsoft was supposed to have given this sort of thing up. The post will also "include collaboration and technology sharing across CSBU [Content Security Business Unit, whose bag Palladium is] and with other MS teams, such as Office, STS, Avalon, CLR, Windows Media Foundation, eHome, Pocket PC, Mira, MSXML, GXA, and .Net Framework."

There's a handy list of current MS teams for you, people. So Windows Media is a Foundation now, and what's an Avalon when it's at home, anyone?

Job two, SDE lead, is much more on message and quite interesting, as it provides some clues about the way Palladium will be built. "What is Palladium? We are a windows team working on new, trust-oriented Windows features, re-architecting and re-developing the Windows PC platform from the hardware up. We will dramatically enhance the level of Security available to any customer who wishes to enhance the Privacy, Security, and Data/Content Protection aspects of their applications. We will offer customers a very high level of data protection, no matter where they live, who they are, or what they are trying to protect." Aside from that Data/Content Protection, it's almost unworrying. Here's the techie bit:

"Own lean and mean team of 4 senior developers building the very guts of this new security software. This is one of the very few opportunities to build a micro-kernel from scratch. We’re keeping everything that’s cool about a micro-kernel and nothing that’s not. Responsibilities include: abstraction of hardware from the security modes of the new CPUs to cryptographic input devices, process control, from laying out the image in memory, to providing system services, from providing memory management to interrupt handling, from a debugger to the fundamentals of structured exception handling. No file system, no networking, nothing complicated, only elegant. This is a dream job."

Indeed it is. The approach sounds similar to the one the early NT development team took, before marketing started maiming the thing.

Also wanted is a secure application architect, who "will be responsible for application strategy and design. The Secure Application Architect will work with development, marketing and internal and external customers to identify trusted application scenarios that will be supported. He/she will then be responsible for executing the strategy: providing support and guidance for application developers, and working with the internal Palladium team to ensure that the necessary system services and infrastructure are in place." So this one could be the nark. Apply here, here or here. ®

Internet Security Threat Report 2014

More from The Register

next story
Be real, Apple: In-app goodie grab games AREN'T FREE – EU
Cupertino stands down after Euro legal threats
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Microsoft: Your Linux Docker containers are now OURS to command
New tool lets admins wrangle Linux apps from Windows
Bada-Bing! Mozilla flips Firefox to YAHOO! for search
Microsoft system will be the default for browser in US until 2020
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
Soz, web devs: Google snatches its Wallet off the table
Killing off web service in 3 months... but app-happy bonkers are fine
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Internet Security Threat Report 2014
An overview and analysis of the year in global threat activity: identify, analyze, and provide commentary on emerging trends in the dynamic threat landscape.