Original URL: https://www.theregister.com/2002/06/24/ms_to_micromanage_your_computer/

MS to micro-manage your computer

'Palladium' they call this scheme

By Richard Forno

Posted in Software, 24th June 2002 05:05 GMT

A recent MSNBC article by techno-pundit Steven Levy discusses Microsoft's plans for a new computer operating environment (code-named "Palladium") that links hardware, software, and data into a neat package, allegedly more secure and convenient for users.

Or, putting it in simpler terms, it's Microsoft's answer to fixing everything that's wrong with computing today.

According to Levy, Palladium is a hardware and software combination that will supposedly seal information from attackers, block viruses and worms, eliminate spam, and allow users to control their personal information even after it leaves their computer. It will also implement Digital Rights Management (DRM) for movies and music to allow users to exercise 'fair use' rights of such products. Palladium will essentially create a proprietary computing environment where Microsoft is the trusted gatekeeper, guard, watchstander, and ruler of all it surveys, thus turning the majority of computing users into unwilling corporate serfs and subjects of the Redmond Regime.

Isn't it ironic that the company responsible for nearly every major computer security problem, virus, and backdoor -- thanks to its poor software development and testing among other factors -- is now heralding its ability to make everything right in a stroke? One might sense this is a manufactured problem resulting from Microsoft's inability to develop effective software in the first place. As is commonly known, the single most significant factor contributing to the dismal state of today's internet security is Microsoft's complacency, rather than hackers, crackers, and pirates. As I mentioned in an earlier article, we're vulnerable because Microsoft makes it so damn easy for the bad guys to cause mischief. (It's also a result of lazy or incompetent system administrators, poor network design, and clueless executives and Congressfolk, but that's another essay.)

Contrary to Levy's fear-mongering remarks and naively positive spin on the need for Palladium to protect us, the Internet is not all evil. In fact, the Internet is safer than many parts of our physical world. It does, however, represent an evolution in social control, something that evokes fear in the hearts of established entities of such control: corporations, media, and governments. Hence the desire to trump up any number of reasons -- real or perceived -- to beguile the public and garner support for ways to maintain social control and profit margins at once. This technical tool of social control follows on the heels of the CBDTPA, TCPA, and DMCA, and other controversial legislative efforts.

As such, Levy's article is full of sensational soundbytes, including one particularly fear-mongering paragraph: "An endless roster of security holes allows cyber-thieves to fill up their buffers with credit-card numbers and corporate secrets. It's easier to vandalize a Web site than to program a remote control. Entertainment moguls boil in their hot tubs as movies and music are swapped, gratis, on the Internet. Consumers fret about the loss of privacy. And computer viruses proliferate and mutate faster than they can be named."

Vandalizing a website happens most often not because of the skills of the vandal, but rather a combination of poor system administration coupled with notoriously buggy, easily-exploitable Web site software such as Microsoft's Internet Information Server. From what I've seen over the years, you probably don't even need opposable thumbs to break into IIS. Palladium won't help here, but more competent system administrators and much more secure server software (such as Apache or WebStar) most certainly would.

Regarding the potential of stealing credit cards numbers, you've got a greater chance of losing your wallet or purse walking around town than a cyber-thief stealing your credit card from a webserver. What people forget in the hype is that despite the immense pain in the ass associated with canceling credit cards and re-authorizing charges on a new one, people are not responsible for losses over $50 provided they promptly report the loss to their credit card issuer. I've had my card stolen on-line, but I haven't run away in terror about the chances it could happen again. Again, Palladium won't be of benefit to me -- my credit card company already protects me and limits my liability.

Perhaps the most sinister part of Microsoft's concept (something that Levy glosses over) is that it "stops viruses and worms. Palladium won't run unauthorized programs, so viruses can't trash protected parts of your system." True, Windows-based viruses do proliferate and mutate quickly, but it's because Microsoft products are so interlinked and poorly-configured. If Microsoft would only allow users to display e-mail in plain text, ninety per cent of 'viruses and worms' would be eliminated. Yet to hear Redmond tell it, what we really need is some expensive and Draconian ghost in the machine to break applications of which the company, or its partners, or the government, or Hollywood, disapproves.

In short, under the feel-good guise of 'enhanced security' and 'new features for customers' (and despite being found guilty of monopoly), Microsoft still wants to rule all it surveys. In essence, Palladium can be interpreted as Microsoft's attempt to play God. Again.

With this announcement, Microsoft competitors and independent programmers should be gearing up for another court case, as this concept reeks of Redmond's historic anti-competitive tactics in the marketplace. Savvy consumers should be very concerned that Palladium will mean that their computers and information are no longer under their positive control but rather under the omnipresent surveillance and enforcement of a third party more interested in turning a profit than empowering their customers to think and act for themselves. The computer will essentially become a tool of surveillance, judgment and control over users, rather than a tool of innovation, communication, and enlightenment.

Given the pervasiveness of computers in modern society, the worldwide social ramifications of Palladium are enormous. Consider the ability of one entity -- in this case, Microsoft -- to dictate acceptable behavior and content (remember Smart Tags?) in service of its own commercial aspirations. If your behavior or actions are deemed 'unacceptable' by such a third party, you could find yourself impotent on the global stage. So you'd better toe the party line and be a good little Windows user.

Palladium represents a modern 'innovation' which could lead to a Digital Dark Age: a period of innovative stagnation where the majority of the world's computing population will become unwitting subjects and indentured servants to the profiteering desires of the new corporate ruling class, and Microsoft the enforcer.

One wonders if Palladium error messages will include a computer-generated audio clip of Bill Gates announcing, "I'm sorry [USERNAME], I'm afraid I can't do that....?"

The first step in any revolution is the seizure of the lines of communication to hinder the target population's ability to communicate and exchange information amongst themselves. Palladium has the ability to do just that, and convert the open fabric of the modern computing environment into a closed, proprietary domain under the rule of Redmond.

Under the Palladium concept -- despite the marketing spin and hype -- the danger is that you will be asked (though not directly) to pledge allegiance to Microsoft and its dismal record of security and reliability while unwittingly relinquishing your ability to remain an independent person in cyberspace. In essence, you'll go back to the future instead of forward to innovation and enlightenment.

Personally, I prefer being the one in charge of my computer and not subordinate to it or its vendors. I also prefer Camelot over Redmond...which goes a long way explaining why I don't run Windows.

Thomas C. Greene contributed to this article (and he doesn't run Windows either).

© 2002 InfoWarrior.org, all rights reserved.