Microsoft turns to emulators for security demo

Microsoft Tuesday demonstrated its closely watched Next-Generation Secure Computing Base security technology for the first time, but had to fall back on emulators because critical hardware parts were not ready yet.

NGSCB, formerly known by its Palladium codename, is a combination of hardware and software that creates a second operating environment within a PC that is meant to protect the system from malicious code by providing secure connections between applications, peripheral hardware, memory and storage.

Microsoft says the technology could be a boon for its customers, though critics have argued that it will curtail users' ability to control their own PCs and could erode fair-use rights for digital music and movie files.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Microsoft Tuesday demonstrated its closely watched Next-Generation Secure Computing Base security technology for the first time, but had to fall back on emulators because critical hardware parts were not ready yet.

NGSCB, formerly known by its Palladium codename, is a combination of hardware and software that creates a second operating environment within a PC that is meant to protect the system from malicious code by providing secure connections between applications, peripheral hardware, memory and storage.

Microsoft says the technology could be a boon for its customers, though critics have argued that it will curtail users' ability to control their own PCs and could erode fair-use rights for digital music and movie files.

Microsoft in March said it planned to show NGSCB here at its Windows Engineering Hardware Conference (WinHEC) in New Orleans working on real hardware and not emulators. The company now says it has to show the hardware makers its software in action before they place their "multimillion-dollar bets" on NGSCB, said Peter Biddle, product unit manager at Microsoft's security business unit.

"We are committed to have a beta of NGSCB less than a year from now and then we are expecting to run on real hardware," Biddle said. Microsoft's goal is to include NGSCB in Longhorn, the successor to Windows XP planned for release in 2005.

NGSCB includes a new software component for Windows called a "nexus," and a chip that can perform cryptographic operations called the Security Support Component (SSC). NGSCB also requires changes to a PC's processor and chipset, representatives for Microsoft chip partner Intel said Tuesday.

Microsoft did have early versions of keyboards with encryption technology for its anticipated demonstration at WinHEC Tuesday, but key hardware parts were missing as Intel was not ready to demo the processor, chipset and SSC for NGSCB, a technology bundle it calls LaGrande.

"The critical point of the hardware is not what we showed today," said Kevin Corbett, marketing and strategic planning director at Intel's desktop platforms group. "At a later date you may see the hardware," he said. Intel may have more news at the Intel Developer Forum in September, a year after LaGrande was unveiled, he hinted.

In the first demonstration of how NGSCB would operate, Microsoft showed how programs protected by the technology would not work if tampered with by an attacker, and how a red flag would come up if communications were intercepted by a malicious hacker - played by a Microsoft engineer clad in a red T-shirt with a picture of a skull.

The demonstration was limited to attempts to rewrite simple programs and capture instant message traffic using the SubSeven hacker tool. Many of the NGSCB hardware functions were emulated.

The demonstration was nevertheless significant, Microsoft's Biddle said. "We have a code base and that code base includes a nexus. It is real code," he said. It is early code, though, and by no means ready for commercial deployment, and it would not do anything without the supporting hardware, he added.

The IDG News Service is a Network World affiliate.