One month later, Microsoft offers Palladium details

During the month since Microsoft Corp. announced Palladium, the new plan to marry hardware and software security inside every Windows PC has been hailed as either a potential savior or a scourge for computer security and user freedom.

Details about Palladium, which remains years from mass deployment, have been sketchy and are bound to change, but Microsoft is now providing more information about the system, what it will do and what it won't.

Palladium will create a "trusted space" within a PC where certain applications and operations can run. Palladium will require a security chip, as well as rewritten software designed to take advantage of the chip. Because the "trusted space" will be separate from Windows, Palladium should be able to better protect sensitive information and stop the spread of viruses and the like, according to Microsoft. The system will also allow users to create documents that expire after a certain amount of time or are limited in how they can be shared, Microsoft has said.

The initial reaction to Microsoft's announcement was mixed, with critics charging that the system would curtail users' ability to control their own PCs, possibly removing fair use rights related to music and movie files and that it could even further Microsoft's operating system monopoly.

Those reactions are not the rule, according to Microsoft.

"The responses overall have been very positive," said Mario Juarez, group product manager for the content security business unit at Microsoft. "Almost nobody has taken issues with the premise that systems need better integrity."

Nonetheless, Microsoft is taking pains to clarify exactly what Palladium is and is not.

"Palladium is not DRM (Digital Rights Management), but it's a great platform for building DRM on," Juarez said. Palladium was initially linked to a series of patents granted to Microsoft on a "Digital Rights Management operating system" and it remains unclear how those patents will play into the system. DRM is a technology that allows content owners to place on their work restrictions that can control how the files are shared and copied.

Palladium is also not a technology that Microsoft hopes will permanently lock down content such as movies and music by tying such content to DRM, Juarez said.

"We absolutely believe that anything of any value will be brought into the clear," that is, made available through various means without content protections, he said. Palladium isn't designed to lock down content permanently because "we don't want that to happen," he said.

Palladium will also not be open source, despite some reports and conjecture at its announcement. Instead, Microsoft will publish the Palladium source code in much the same way as it currently offers its shared source program -- as a way to allow programmers to inspect the code, Juarez said.

Because the system will be shared source, rather than open source, programmers will not be allowed to modify the code or port it to other platforms, he said.

"We don't want people to necessarily create derivative works (from this)," he said. Publishing the code will let programmers "verify that what we say is happening is (in fact) happening."

Giving developers a way to verify the code is a key step, said Laura Koetzle, infrastructure research analyst at Forrester Research Inc. in Cambridge, Massachusetts.

"If they want people to actually trust that this operating system does what they say, it has to be transparent," she said.

While "shared source is a good start," Koetzle said that "open sourcing it is probably the right public relations move" since having a third party create a Palladium system would be a major credibility boost for the technology.

Peter Lindstrom, senior security strategies analyst at the Hurwitz Group Inc. in Framingham, Massachusetts, isn't so sure that these steps are necessary.

He predicts that "six months after the specs for the hardware chips are available (along with) the source, there will be a Linux version that does the same thing."

All of that is still distant, however, as Palladium won't likely see release for years. To that end, Microsoft plans to publish its first Palladium road map this fall, Juarez said. The road map will include when the company will release Palladium SDKs (Software Development Kits), when important public meetings about the technology will occur and other information.

Koetzle expects the Palladium road map to be a long one.

"I think (it will be released in) 2006 if they're lucky," she said.

"You're talking silicon here and that always takes forever," she said, referring to the required security chip.

Palladium will be an opt-in system, meaning that it will ship in PCs turned off and users will have to turn it on to gain its benefits, said Alan Geller, group program manager for Palladium.

Geller knows the challenge of getting new users to adopt Palladium won't be easily solved.

"It's a huge challenge for us to make this powerful, but easy ... accessible to people who aren't technical at all," Geller said.

"It better be pretty simple and easy and painless" for the average user because Microsoft wants "to reach the people who haven't bought a computer yet because they're afraid of it," he said.

Geller expects that users will embrace such an easy-to-use system without much hesitation, he said.

"The biggest downside is they have to go out and buy a new computer," he said.

Microsoft will provide a way for users to transfer their data from one Palladium system to another, he said, adding that the mechanism for that transfer has not been decided. Because Palladium will tie content to the specific hardware of each PC, there had been concern about whether content could be moved when PC components or full systems were upgraded.

The major question hovering over Palladium, though, is why users will want to turn it on, said Forrester's Koetzle.

"I don't see any demand-side drivers for this," she said. "What's in it for consumers?"

The system makes sense for Microsoft, for PC makers and for companies that control copyright digital content, since it will help them all sell more of their products, she said. But the system doesn't make sense for consumers, she said.

"What do consumers want that they can't have (unless they use Palladium)? The answer is nothing," she said. "I have a hard time seeing Palladium as a selling point."

Microsoft needs to find compelling applications that will cause consumers to want to use Palladium, as well as find third parties interested in creating those compelling applications, she said.

Offering new levels of system security may be compelling enough to persuade some users to switch, said Hurwitz's Lindstrom.

"This is the stuff for 30 years security folks have been saying we need in mainstream computing," he said.

Beyond that, "I think it's critical that Microsoft pushes forward with it because it's probably the only way they're going to get out from under their security vulnerability overhead," he said.

Despite Juarez and Geller's assurances, questions still persist about whether Microsoft, a company that has been hit by a torrent of security vulnerabilities in recent years, can make such a sweeping security system work.

Those questions have been answered for Juarez and Geller. Microsoft has emphasized security more over the last year, with the launch of is Trustworthy Computing initiative and other steps, Juarez said.

"Microsoft has shown that when it recognizes the strategic importance of something ... it tends to respond effectively," he said. "This is critical for Microsoft to succeed in its vision."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Sam Costello

Show Comments

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers


This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang


It really doesn’t get more “gaming laptop” than this.

Jack Jeffries


As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr


The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?