MS plans new security system in future Windows

Microsoft Corp. wants to change the fundamental architecture of the PC, adding security hardware prior to the release of the next generation of its Windows operating system around 2004, according to a media report.

The Redmond, Washington, company wants future PCs to contain a security technology called Palladium, and is in discussion with Intel Corp. and Advanced Micro Devices Inc. to develop the chips, according to a report in the July 1 issue of Newsweek magazine published Sunday on the MSNBC Web site. Microsoft owns a stake in MSNBC.

Representatives of Intel and Microsoft contacted in Europe had not heard of the technology.

Among possible applications of the technology are authentication of communications and code, data encryption, privacy control and digital rights management (DRM), according to the report.

While most talk of DRM revolves around music, Microsoft Chairman and Chief Software Architect Bill Gates sees it as more useful for controlling e-mail: Palladium could be used to limit forwarding of messages, or to make them unreadable after a certain time interval has elapsed, the report said.

Microsoft, for one, would benefit from being able to control e-mail in such a way. It has repeatedly fought to keep damaging internal e-mail out of court records in recent cases, including its battle with the nine non-settling states over remedies in its antitrust fight with the DOJ.

The technology needs to be widespread in order to be useful: 100 million devices will have to be shipped "before it really makes a difference," the report quotes Microsoft vice president Will Poole as saying.

Palladium grew out of a skunk-works project looking for ways to secure information stored on machines running Windows and became an official Microsoft project in October 2001, according to the report.

The first versions of Palladium "will be shipping with bugs," the report quotes one of the project's cofounders, Paul England, as saying.

Microsoft's record on software security has been heavily criticized in the past, and in January of this year the company announced a new emphasis on trustworthy computing in an effort to clean up its image. This news was soon followed by word that its software developers would stop writing new code while they audited their existing code for security flaws.

Microsoft has long maintained that keeping its source code under wraps makes its software more secure than open-source software such as rival operating system Linux, where anyone can inspect the source code and see its flaws. A recent report from a Microsoft-funded think tank, the Alexis de Tocqueville Institution, claimed that government use of open-source software represents a threat to national security.

Proponents of open-source software say this openness makes it more secure, as there is a greater chance that flaws will be fixed and that users will be more aware of the necessity of upgrading to a fixed version of the software.

Advocates of more/ open software development may be winning the argument. According to the Newsweek report, Microsoft will publish the source code to its Palladium system in an effort to be more transparent.

Publishing source code openly is not the same as declaring it to be "open source." According to the Open Software Initiative, open source software must be freely distributable by third parties, including as part of derivative works, without restriction or payment.

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon