The Palladium Project

Introduction to the Palladium Project, a new initiative from Microsoft on personal computer security.

Introduction to Palladium

'Palladium' is the working title of a security initiative that is currently under development at Microsoft. Currently in it's infancy, the details of the project are only being drip-fed to the industry by Microsoft who may be guilty of engaging in a 'kite flying' exercise in order to gauge hardware and software developers reactions to their bold new security scheme.

Microsoft are unable to implement this project without widespread support from the computer industry, and convincing developers and, ultimately, end users to hand over their computer security to Microsoft is going to be a difficult task. Intel and AMD (Advanced Micro Devices) have already signed up, but Microsoft have still a long way to go, and by their own optimistic projections there will be no Palladium compatible devices available until at least 2004.

What Palladium Means for the End User

So what is Palladium and what does it mean for you? Palladium is a Digital Rights Management (DRM) tool that operates in your computer at a hardware level, hence the involvement of Intel and AMD. All future PC's (if Microsoft gets it's way) would come with a Palladium master control chip that is separate to the regular processes of the PC and as such is immune to interference. This chip is used to set aside a safe 'zone' on the PC that will only allow trusted software to run; that is software certified as 'safe' by a consortium of computer companies led by Intel and (of course) Microsoft. Microsoft call this zone a Trusted Operating Root (TOR), which is often described using the metaphor of a secure vault.

Other programs on your PC will not be able to access or modify the data in the TOR, and when you input data into this safe zone nothing else will be able to eaves drop, due to the inclusion of secure I/O channels. So-called 'malware' (viruses, Trojan horses, warez etc.) would not be able to run in this inner vault as they would be denied legitimate access rights. In effect, Palladium provides the computer user with a safe location within their computer that is in theory immune to all the mishaps that computers can currently fall victim to.

An Erosion of Computer Freedom?

If Palladium has most security experts excited, it has most privacy watch dogs concerned in equal amounts. After all, who controls Palladium and by default your personal data: Microsoft or you? In this early stage of development, Microsoft claim that the user will have the choice to turn Palladium on or off, but in the finished product I think that this is unlikely to remain. After all, is Microsoft providing increased security for the individual user; or increased anti-copying protection for the Music, Film and Software industries? And if Microsoft is attempting to stop us from creating such illegal copies, then why would Palladium contain an 'off switch'?

The security versus personal freedom debate is always a double edged sword. In order for a force of authority (in this case Microsoft) to increase personal security for the masses (me and you), personal freedom and freedom of movement is always compromised in some way or form. The question is this: do the threats to using your computer securely (viruses, spam, hackers, credit card fraud, insecure/badly designed software etc.) warrant the harsh medicine prescribed by Microsoft in the form of Palladium?

Conclusion

There is no denying that the people at work on the Palladium project are very excited and somewhat idealistic about their work to date, and it's possibilities for the future. Unfortunately history has shown that for every new security feature (in whatever field, computers or otherwise), the criminal mind is just as astute at finding a way around such new innovations. Perhaps Palladium will be an exception, only time will tell.

From an OS (Operating System) point of view, Palladium is truly innovative in that it is the first of it's kind: in effect a new Security Manager for the OS to add to the four traditional managers found in every OS (namely Processor Manager, Memory Manager, File Manager and Device Manager, and for later OS the fifth Network Manager). Due to many elements of this manager being hardware components, however, the hardware is limited to only running a Palladium-compatible OS, which could be seen as a further move by Microsoft against Linux users and the open source community in general.

It is difficult at this early stage to predict the likelihood of Microsoft achieving it's aims with Palladium, it may be too ambitious even for a company of their size, and there is bound to be much opposition to the project, but in the end Microsoft's monopoly of the OS market makes it likely that the next version of Windows will come with some form of Palladium architecture in place, while the majority of end users will hardly even know it is there.

John Collins

I have been writing about web technology and software development since 2001. I am the developer of the Alpha Framework for PHP, and the five.today personal productivity app. I love open source, technology, and economics.