Quantcast
PCWorld.com is upgrading some back-end systems. Some site features, such as user registration, may be temporarily unavailable.
Subscribe to magazine

Microsoft Shows PC Security Tools

Software giant says its Palladium technology will be released with Longhorn.

Joris Evers, IDG News Service

  • 0 Yes
  • 0 No

NEW ORLEANS -- Microsoft demonstrated its closely watched Next-Generation Secure Computing Base security technology for the first time Tuesday, but had to fall back on emulators because critical hardware parts were not ready yet.

NGSCB, formerly known by its code name Palladium, combines hardware and software to create a second operating environment within a PC, protecting the system from malicious code by providing secure connections between applications, peripheral hardware, memory, and storage.

According to Microsoft, the technology could be a boon for its customers, though critics have argued that it will curtail users' ability to control their PCs and could erode fair-use rights for digital music and movie files.

Hardware Holdup?

In March Microsoft announced that it planned to show NGSCB here, at its Windows Hardware Engineering Conference (WinHEC), working on real hardware and not emulators. The company has decided, however, that it must show the hardware makers its software in action before they place their "multimillion-dollar bets" on NGSCB, said Peter Biddle, product unit manager at Microsoft's security business unit.

"We are committed to have a beta of NGSCB less than a year from now, and then we are expecting to run on real hardware," Biddle said. Microsoft's goal is to include NGSCB in Longhorn, the successor to Windows XP planned for release in 2005.

NGSCB includes a new software component for Windows called a "nexus," and a chip called the Security Support Component (SSC) for performing cryptographic operations. NGSCB also requires changes to a PC's processor and chip set, representatives for Microsoft chip partner Intel said Tuesday.

Microsoft did have early versions of keyboards incorporating encryption technology for its anticipated demonstration at WinHEC Tuesday; but key hardware parts were missing, as Intel was not ready to demonstrate the processor, chip set, and SSC--a technology bundle it calls LaGrande--for NGSCB.

"The critical point of the hardware is not what we showed today," said Kevin Corbett, marketing and strategic planning director at Intel's desktop platforms group. "At a later date you may see the hardware," he said. Intel may have more news at the Intel Developer Forum in September, a year after LaGrande was unveiled, he hinted.

PC Protection

In the first demonstration of how NGSCB would operate, Microsoft showed how programs protected by the technology would not work if an attacker tampered with them, and how a red flag would come up if a malicious hacker--played by a Microsoft engineer clad in a red T-shirt bearing a picture of a skull--intercepted communications.

The demonstration was limited to attempts to rewrite simple programs and capture instant message traffic using the SubSeven hacker tool. Many of the NGSCB hardware functions were emulated.

Even so, the demonstration was significant, Microsoft's Biddle said. "We have a code base, and that code base includes a nexus. It is real code," he said. On the other hand, it is early code and by no means ready for commercial deployment; and it won't do anything without the supporting hardware, he added.

Gartner research director Martin Reynolds agreed with Biddle.

"I am much more worried about the software being on time than about the hardware," said Reynolds, who is based in San Jose, California. Reynolds does not expect NGSCB-capable hardware to appear until mid-2004, he said.

Cause for Concern

WinHEC attendees who watched the demonstration remained a bit apprehensive about NGSCB, fearing that it could compromise user freedom and act as a Trojan horse for strict DRM (Digital Rights Management) technologies.

"As a home PC user, I would not buy an NGSCB-equipped PC until I knew what kinds of applications it supports," said Jean-Francois Schultz, a security analyst with French smart card company Gemplus SA. "It could be a big DRM tool."

Wendy Seltzer, a staff attorney with San Francisco civil liberties group the Electronic Frontier Foundation, came to WinHEC to learn more about NGSCB, but repeated her organization's concerns about the technology.

"We are concerned about it being used against the PC user. The trusted computer may be turned against you the owner of the computer and favor the entertainment companies," she said.

Redmond, Washington-based Microsoft sees its Professional Developer Conference in October as the next major milestone for NGSCB. WinHEC runs until Thursday, May 8, with many more hours of sessions scheduled to be devoted to the technology.

  • Recommend this story?
  • 0 Yes
    0 No
  • Great year-end deals
    for small business!

  • Get 24/7 live remote AT&T Tech Support 360* service along with select Lenovo* PCs (with Intel® Core™ 2 Duo processors) and save up to 200!

    Learn more

  • HP EliteBook* 6930p Notebook with Intel® vPro™ technology and a free HP Basic Docking Station - $641 instant savings!

    Learn more

  • *Other names and brands may be claimed as the property of others. ©2009 Intel Corporation. Intel, the Intel logo, vPro and Core trademarks of Intel Corporation in the United States and other countries. All rights reserved.

Dell End of Year Deals

People who read this also read:

  • 15 Minutes to a Secure Business Get the Secure in 15 toolkit starting with the "15 Minutes Month-at-a-Glance" calendar. McAfee will send you additional tools and tricks to stay protected around the clock.
  • A Buyer's Guide to Data Protection Implementing data protection products and processes can be daunting. Make the right decisions by exploring what is available and what makes sense for your organization. Use this simple guide to evaluate different vendor offerings.

Sponsored Links