• United States

Microsoft takes ‘Palladium’ on tour

Jun 12, 20033 mins

Microsoft is hitting the road with a demo of its much debated Next-Generation Secure Computing Base (NGSCB) in an effort to persuade more people of the merits of the security initiative.

First shown at the Microsoft’s Windows Hardware Engineering Conference (WinHEC) in New Orleans in May, the demo will now go on a small tour. Microsoft will bring it to its Mountain View, Calif., campus for two days and to New York for two or three days, said Mario Juarez, NGSCB product manager at Microsoft.

“We do this because we know we are dealing in these particularly hot arenas of security and privacy and that we need to spend a lot of time addressing this topic,” Juarez said. “We are not building this engine that is taking control of people’s computers, or whatever fantasy people spin.”

NGSCB, formerly known by its Palladium codename, is a combination of hardware and software meant to better secure PCs. For the demonstration, Microsoft uses a first cut of a new Windows software component called a “nexus,” but relies largely on emulators for the hardware side because the critical hardware parts are not ready yet.

NGSCB came out of a Microsoft group working on technology meant to protect the interests of copyright holders called digital rights management (DRM). However, the project has grown into addressing more than DRM by also protecting PCs from malicious code such as viruses by creating a second operating environment secured by hardware and software.

Microsoft says NGSCB could be a boon for its customers, though critics have argued that it will curtail users’ ability to control their own PCs and could erode fair-use rights for digital music and movie files.

Microsoft has already done a lot of evangelizing for NGSCB. Juarez talked to members of the European Parliament in May and met with representatives of consumer advocacy groups in Washington D.C. in June, for example.

“We are building a community, building a variety of relationships among what we know are the key stakeholder groups in what we are doing,” Juarez said.

In the first NGSCB demonstration at WinHEC, Microsoft showed how programs protected by the technology would not work if tampered with by an attacker, and how a red flag would come up if communications were intercepted by a malicious hacker – played by a Microsoft engineer clad in a red T-shirt with a picture of a skull.

The demonstration was limited to attempts to rewrite simple programs and capture instant message traffic using the SubSeven hacker tool.