Why Intel loves Palladium
Who remembers PSN?
Remember the Processor Serial Number? We do - this was Intel's attempt to embed a unique ID in every CPU. Switched on at the launch of the Pentium III in February 1999, the PSN was a public relations disaster, prompting torrents of abuse from mostly sensible people, who feared the implications of PSN for consumer privacy.
The PSN was to be used to identify users in ecommerce and Web sites or chat rooms. In other words, it was a proto Digital Rights Management (DRM) hardware tool.
Intel's Pat Gelsinger, then a mere Veep, now elevated to the exalted rank of CTO, was a champion. He told the RSA Data Conference in 1999, "unless you're able to deliver the processor serial number, you're not able to enter that protected chat room".
Gelsinger/Intel's thinking on PSN is set out in this speech entitled A Billion Trusted Computers.
PSN may have gone away - temporarily. But the big themes remain.
Intel has been squirreling away in the background, first with the Trusted Computing Platform Alliance, teaming up with fellow founders Microsoft, Compaq,HP and IBM. Now there are 180 member companies of the TCPA, including AMD, Novell, Nvidia, Infineon, and just about every significant IT security vendor. This is broad church.
And now Intel has come out in support for Microsoft's Secure PC initiative, dubbed Palladium.
The Palladium pitch is security first - no more spam or viruses - and DRM second. The Register's John Lettice surveyed the battleground yesterday. (MS DRM OS, retagged 'secure OS' to ship with Longhorn?). Could this be, as Reg reader 'The Joyce Police' dubs it, Windows 1984?
To get to there we have to start from here. And it's not exactly clear where 'here' is, so far as Palladium is concerned.
Palladium and the TCPA are related, but separate initiatives and details, especially for the latter, make for a very thin gruel.
Microsoft outed Palladium only this weekend by granting Newsweek the softest of softball exclusives. AMD and Intel were named as supporters of Palladium, but how - the article did not say. The obvious guess is some form of unique CPU ID and encryption. But is the latter to be hardware or software? AMD's Geoffrey Strongin's comments in the Newsweek article that Palladium will mean slightly more expensive PCs hinted that encryption would be etched into the hardware.
And so it proves, according to a quicker-off-the blocks-than-Maurice Greene blockbuster from ExtremeTech in association with PC Magazine etc.
To date, it's the best primer we've got on Palladium - the boys from Ziff have done their homework.
Here's a snatch:
"The approach outwardly seems to mimic that of the Trusted Computing Platform Alliance, whose specification was finalized in January 2001. TCPA calls for the creation of a "Trusted Platform Module"(TPM), a discrete cryptographic processor residing on the PC's motherboard that contains a unique digital signature.
"Palladium, on the other hand, uses a PC's microprocessor to run some form of low-level encryption, and can also use a TPM-like module for additional encryption, according to Geoffrey Strongin, AMD's platform security architect."
The Extremetech piece makes it plain that AMD is a driver not passenger on the Palladium steam-roller. Intel has told us too that it is a strong supporter of Palladium. Microsoft is the architect incarnate, although its lamentable record on anything to do with security does not engender confidence on this score.
Unfortunately, it's too much to hope for incompetence.
It looks like Pat Gelsinger's advocacy for processor serial numbers will pay off after all these years. Only this time it's bigger, much, much bigger. ®
Sponsored: Becoming a Pragmatic Security Leader