Feeds

MS recruits for Palladium microkernel and/or DRM platform

So is it cool and elegant, DRM, or both?

  • alert
  • submit to reddit

Combat fraud and increase customer satisfaction

Microsoft's efforts to disassociate Palladium from DRM seem to have hit their first speed bump. Some voices within the company (and we currently believe these voices to be right and sensible) hold the view that Palladium has to be about users' security if it's to stand any chance of winning hearts and minds, and that associating it with protecting the music business' IP will be the kiss of death. So they'll probably not be best pleased by the Microsoft job ad that seeks a group program manager "interested in being part of Microsoft's effort to build the Digital Rights Management (DRM) and trusted platforms of the future (Palladium)."

Oh dear. It's one of a clutch of Palladium job ads currently up on the site, and is the most blatantly off-message one. While the authors of Microsoft's discussion white paper on Palladium say, "Palladium will not require Digital Rights Management (DRM) technology, and DRM will not require Palladium... They are separate technologies," the author of this ad continues: "Our technology allows content providers, enterprises and consumers to control what others can do with their digital information, such as documents, music, video, ebooks, and software. Become a key leader, providing vision and industry leadership in developing DRM, Palladium and Software Licensing products and Trust Infrastructure Services. If you are looking for an opportunity to get in on the ground floor of a critical new area for MS and a position with autonomy and growth, then this is an ideal position."

Content providers controlling their documents, music, video, ebooks, a critical new area for MS, oh dear oh dear. And we quite liked: "Additional responsibilities include defining the industry..." Gosh, the whole industry? That's a responsible job, but we thought Microsoft was supposed to have given this sort of thing up. The post will also "include collaboration and technology sharing across CSBU [Content Security Business Unit, whose bag Palladium is] and with other MS teams, such as Office, STS, Avalon, CLR, Windows Media Foundation, eHome, Pocket PC, Mira, MSXML, GXA, and .Net Framework."

There's a handy list of current MS teams for you, people. So Windows Media is a Foundation now, and what's an Avalon when it's at home, anyone?

Job two, SDE lead, is much more on message and quite interesting, as it provides some clues about the way Palladium will be built. "What is Palladium? We are a windows team working on new, trust-oriented Windows features, re-architecting and re-developing the Windows PC platform from the hardware up. We will dramatically enhance the level of Security available to any customer who wishes to enhance the Privacy, Security, and Data/Content Protection aspects of their applications. We will offer customers a very high level of data protection, no matter where they live, who they are, or what they are trying to protect." Aside from that Data/Content Protection, it's almost unworrying. Here's the techie bit:

"Own lean and mean team of 4 senior developers building the very guts of this new security software. This is one of the very few opportunities to build a micro-kernel from scratch. We’re keeping everything that’s cool about a micro-kernel and nothing that’s not. Responsibilities include: abstraction of hardware from the security modes of the new CPUs to cryptographic input devices, process control, from laying out the image in memory, to providing system services, from providing memory management to interrupt handling, from a debugger to the fundamentals of structured exception handling. No file system, no networking, nothing complicated, only elegant. This is a dream job."

Indeed it is. The approach sounds similar to the one the early NT development team took, before marketing started maiming the thing.

Also wanted is a secure application architect, who "will be responsible for application strategy and design. The Secure Application Architect will work with development, marketing and internal and external customers to identify trusted application scenarios that will be supported. He/she will then be responsible for executing the strategy: providing support and guidance for application developers, and working with the internal Palladium team to ensure that the necessary system services and infrastructure are in place." So this one could be the nark. Apply here, here or here. ®

SANS - Survey on application security programs

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
IRS boss on XP migration: 'Classic fix the airplane while you're flying it attempt'
Plus: Condoleezza Rice at Dropbox 'maybe she can find ... weapons of mass destruction'
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
New Facebook phone app allows you to stalk your mates
Nearby Friends feature goes live in a few weeks
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.