IP: The Big "Secret" -- Palladium

[Dave Farber <dave () farber net>]

The Big Secret

An exclusive first look at Microsoft¹s ambitious-and risky-plan to remake
the personal computer to ensure security, privacy and intellectual property
rights. Will you buy it?

By Steven Levy
NEWSWEEK     

            July 1 issue ‹  In ancient Troy stood the Palladium, a statue of
the goddess Athena. Legend has it that the safety of the city depended on
that icon¹s preservation. Later the term came to mean a more generic
safeguard.     
             
              HERE¹S SOMETHING THAT cries for a safeguard: the world of
computer bits. An endless roster of security holes allows cyber-thieves to
fill up their buffers with credit-card numbers and corporate secrets. It¹s
easier to vandalize a Web site than to program a remote control.
 Entertainment moguls boil in their hot tubs as movies and music are
swapped, gratis, on the Internet. Consumers fret about the loss of privacy.
And computer viruses proliferate and mutate faster than they can be named.

Computer security is enough of a worry that the software colossus Microsoft
views it as a threat to its continued success: thus the apocalyptic Bill
Gates memo in January calling for a ³Trustworthy Computing² jihad. What
Gates did not specifically mention was Microsoft¹s hyperambitious long-range
plan to literally change the architecture of PCs in order to address the
concerns of security, privacy and intellectual property. The plan, revealed
for the first time to NEWSWEEK, is... Palladium, and it¹s one of the
riskiest ventures the company has ever attempted. Though Microsoft does not
claim a panacea, the system is designed to dramatically improve our ability
to control and protect personal and corporate information. Even more
important, Palladium is intended to become a new platform for a host of
yet-unimagined services to enable privacy, commerce and entertainment in the
coming decades. ³This isn¹t just about solving problems, but expanding new
realms of possibilities in the way people live and work with computers,²
says product manager Mario Juarez.

Because its ultimate success depends on ubiquity, Palladium is either going
to be a home run or a mortifying whiff. ³We have to ship 100 million of
these before it really makes a difference,² says Microsoft vice president
Will Poole. That¹s why the company can¹t do it without heavyweight partners.
Chipmakers Intel and Advanced Micro Devices have signed on to produce
special security chips that are integral to the system. ³It¹s a groundswell
change,² says AMD¹s Geoffrey Strongin. ³A whole new class of processors not
differentiated by speed, but security.² The next step is getting the likes
of Dell, HP and IBM to remake their PCs to accommodate the system.

        ³It¹s one of the most technically complex things ever attempted on
the PC,² says Gartner analyst Martin Reynolds. And the new additions will
make your next computer a little more expensive. Will the added cost‹or a
potential earlier-than-otherwise upgrade‹be worth it? Spend a day or two
with the geeks implementing Palladium‹thrilled to be talking to a reporter
about the project‹and you¹ll hear an enticing litany of potential uses.
        * Tells you who you¹re dealing with‹and what they¹re doing.

 Palladium is all about deciding what¹s trustworthy. It not only lets your
computer know that you¹re you , but also can limit what arrives (and runs
on) your computer, verifying where it comes from and who created it.

        * Protects information. The system uses high-level encryption to
³seal² data so that snoops and thieves are thwarted. It also can protect the
integrity of documents so that they can¹t be altered without your knowledge.

        * Stops viruses and worms. Palladium won¹t run unauthorized
programs, so viruses can¹t trash protected parts of your system.
   
                * Cans spam. Eventually, commercial pitches for recycled
printer cartridges and barnyard porn can be stopped before they hit your
inbox‹while unsolicited mail that you might want to see can arrive if it has
credentials that meet your standards.

        * Safeguards privacy. With Palladium, it¹s possible not only to seal
data on your own computer, but also to send it out to ³agents² who can
distribute just the discreet pieces you want released to the proper people.
Microsofties have nicknamed these services ³My Man.² If you apply for a
loan, you¹d say to the lender, ³Get my details from My Man,² which, upon
your authorization, would then provide your bank information, etc. Best
part: Da Man can¹t read the information himself, and neither can a hacker
who breaks into his system.

        * Controls your information after you send it . Palladium is being
offered to the studios and record labels as a way to distribute music and
film with ³digital rights management² (DRM). This could allow users to
exercise ³fair use² (like making personal copies of a CD) and publishers
could at least start releasing works that cut a compromise between free and
locked-down. But a more interesting possibility is that Palladium could help
introduce DRM to business and just plain people. ³It¹s a funny thing,² says
Bill Gates. ³We came at this thinking about music, but then we realized that
e-mail and documents were far more interesting domains.² For instance,
Palladium might allow you to send out e-mail so that no one (or only certain
people) can copy it or forward it to others. Or you could create Word
documents that could be read only in the next week. In all cases, it would
be the user, not Microsoft, who sets these policies.

        Some of these ideas aren¹t new‹they¹re part of the promise of public
key cryptography, discovered 25 years back. Palladium is a dead-serious
attempt to finally make it happen, with a secure basis and critical mass.
But it didn¹t start that way. In 1997, Peter Biddle, a Microsoft manager who
used to run a paintball arena, was the company¹s liason to the DVD-drive
world. Naturally, he began to think of ways to address Hollywood¹s fear of
digital copying. He hooked up with ¹ Softie researchers Paul England and
John Manferdelli, and they set up a skunkworks operation, stealing time from
their regular jobs to pursue a preposterously ambitious idea‹creating
virtual vaults in Windows to protect information. They quickly understood
that the problems of intellectual property were linked to problems of
security and privacy.

        They also realized that if they wanted to foil hackers and
intruders, at least part of the system had to be embedded in silicon, not
software. This made their task incredibly daunting. Not only would they have
to build new secrecy functions into Windows (without messing up any programs
that run on the current versions), but then they¹d have to convince the
entire industry to, in effect, update the basic hardware setup of the PC.

        Intel originally turned down the idea before eventually embracing
it. AMD had already been thinking along similar lines, and eagerly signed
on. Biddle¹s virtual team kept working, and in October 2001, it became a
formal green-lighted project.

        As now envisioned, Palladium will ship ³in a future version of
Windows.² (Perhaps in the next big revision, due around 2004.) By then the
special security chips will be rolling out of the fabs, and the computer
makers‹salivating at an opportunity to sell more boxes‹will have
motherboards to accommodate them. There will also be components that encrypt
information as it moves from keyboard to computer (to prevent someone from
wiretapping or altering what you type) and from computer to screen (to
prevent someone from generating a phony output to your monitor that can
trick you into OKing something you hadn¹t intended to). Only certain
applications will access the part of Windows (nicknamed ³the nub²) that
performs Palladium¹s functions with the help of the security chip‹everything
else will work exactly the same.

        The first adopters will probably be in financial services, health
care and government‹places where security and privacy are mandated. Then
will come big corporations, where information-technology managers will find
it easier to control and protect their networks. (Some employees may bridle
at the system¹s ability to ineluctably log their e-mail, Web browsing and
even instant messages.) ³I have a hard time imagining that businesses
wouldn¹t want this,² says Windows czar Jim Allchin.

        Finally, when tens of millions of the units are in circulation,
Microsoft expects a flood of Palladium-savvy applications and services to
spring up‹that¹s when consumers will join the game.

        None of this is a cinch. One hurdle is getting people to trust
Microsoft . To diffuse the inevitable skepticism, the Redmondites have begun
educational briefings of industry groups, security experts, government
agencies and civil-liberties watchdogs. Early opinion makers are giving them
the benefit of the doubt. ³I¹m willing to take a chance that the benefits
are more than the potential downside,² says Dave Farber, a renowned Internet
guru. ³But if they screw up, I¹ll squeal like a bloody pig.² Microsoft is
also publishing the system¹s source code. ³We are trying to be transparent
in all this,² says Allchin.

Others will note that the Windows-only Palladium will, at least in the short
run, further bolster the Windows monopoly. In time, says Microsoft,
Palladium will spread out. ³We don¹t blink at the thought of putting
Palladium on your Palm... on the telephone, on your wristwatch,² says
software architect Brian Willman.
        And what if some government thinks that Palladium protects
information too much? So far, the United States doesn¹t seem to have a
problem, but less tolerant nations might insist on a ³back door² that would
allow it to wiretap and search people¹s data. There would be problems in
implementing this, um, feature.

        Other potential snags: will Microsoft make it easy enough for people
to use? Will someone make a well-publicized crack and destroy confidence off
the bat? ³I firmly believe we will be shipping with bugs,² says Paul
England. Don¹t expect wonders until version 2.0. Or 3.0. Ultimately,
Palladium¹s future defies prediction. Boosting privacy, increasing control
of one¹s own information and making computers more secure are obviously a
plus. But there could be unintended consequences. What might be lost if
billions of pieces of personal information were forever hidden? Would our
ability to communicate or engage in free commerce be restrained if we have
to prove our identity first? When Microsoft manages to get Palladium in our
computers, the effects could indeed be profound. Let¹s hope that in setting
the policies for its use, we keep in mind the key attribute of the woman
embodied in the first Palladium. Athena was the goddess of wisdom.

For archives see:
http://www.interesting-people.org/archives/interesting-people/