Skip to navigation
   
Simon Bisson & Mary Branscombe's Blog
RSS

You say Express Gate, I say Palladium

By Simon Bisson & Mary Branscombe in Editorial

Posted in Futures, Silicon, virtualisation, Hardware, Laptop, Mobile, Security, Intel, Microsoft on July 28, 2008 at 12:41 pm

Permalink | Author Profile

Imagine a second, simpler operating system on your PC with fixed features, so it’s more secure - after all, if you can’t add more programs you can’t add a virus either. It would have to start up quickly, so that Windows wasn’t waiting for it, so it would be ideal for listening to music and watching video. I’m not thinking about virtualization per se, although that’s one way to achieve something similar; this is two operating systems side by side, both with access to the PC hardware, but one of them does much more limited and circumscribed things.

Can you tell what it is yet?

No, actually, I’m not talking about Palladium - sorry, Microsoft Next Generation Secure Computing Base. That grew out of an attempt to reassure Sony that it would be OK to allow DVD movies to play on a PC without piracy becoming endemic and turned into a much more useful and visionary idea about using public key cryptography not to identify people but to secure machines. It would have been a good way to implement the DRM it was associated with in the public eye, though wouldn’t have forced it on anyone who didn’t want to run it. Palladium loaded a secure piece of software called the TOR that acted as a secure area that could only run trusted code (written to public APIs), where the apps would be invisible to the main OS - all secured by the machine-specific key in your TPM and some new technology from Intel.

12345
Not yet rated
Loading ... Loading ...

Previous Post | Next Post

 
 
Comments

Comment by steven Sprague - August 7, 2008 on 5:49 pm

Great article. You should also point out that the TPM which is now on about 150 million pcs is a fantastic way to have a common authentication platform for all web services. This will be the technology that kill UID and PW. Every VPN and Wireless access point be putting the keys in the TPM. It works today, Its easy to do however most IT professionals haven’t tried. Best Practice is all software certificates need to be moved to hardware.

Steven Sprague

Comment by Simon Bisson & Mary Branscombe - August 7, 2008 on 6:44 pm

Good point Steve; I actually like Intel’s notion of a trusted PC and a trusted platform as the root of trust for user identity feeding into an Internet identity layer (I’m a big fan of Kim Cameron’s infocard approach). But how do we get things to move forward? So far I’ve found nothing mainstream but fingerprint password vaults that actually use TPM in the real world (and vPro, but that still seems to be in demo mode)…

Make a comment

* required

* required

We stop spam using reCaptcha.
Type the words below and click Submit Comment.

   
Tag cloud

IDF radeon Motorola phone management electricity price CUDA terabytes O'Reilly city green IT Hugh Thompson Mono BitLocker Secunia bletchley park context Tom Hogan SBS office politics target anti-trust ucsd Google Spreadsheets oracle CERN wes DisplayLink ClipMate lawsuit designer EMC Jeff Hawkins Previous Versions forensics Numenta TechEd 2008 HSPA biometrics html national museum of computing police fault mapping spam mobility firewall NVIDIA business technology optimisation cisco RAZR support Gears rc ubuntu flash drive uninstall fibre Pal security paradox Windows Server 2008 how do I get the back off? mms 2009 CardSpace isp Corsair Opteron timezones accelerator geotagging search demo transcoding Enterprise 2.0 codec netbook project disk hibernation anti-virus conference hard drive ProCurve MWC HP wubi clean install logitech backhaul security HTC streaming media wireless USB aws Netscan iPass IO Mini-Note keyboard identity metasystem secure SMB 2 icons IT automation task bar microsoft security essentials OEM TouchSmart Toshiba Portege R500 web 2.0 expo business multiple monitors moblin parallel computing geocaching LHC Itanium Frauenhofer user interface UMPC thermo vmware Quest acquisitions 2.0 Web 2.0 CPU ipsec docking station Reqall citrix data loss prevention geneva hold music green printing routing 2009 beta Visual Studio politics cloud service google online applications macbook email meaning Trolltech cloud computing d2c robot culture Crossfader microsoft research mobile Linux market share voice recognition cosmic rays Bill Gates NAS Bing netiquette DOSBox Vodafone HTML 5 Treo Pro active digitiser open source data centre history rich client IBM yahoo old software high performance computing MacBook Air etech security theatre spam fighting credit crunch Delphi magic mobile data tariffs Greasemoneky Nokia data wave laptop accessories legacy fingerprint scanner Windows 7 vs Windows Vista business technology automation exchange distributed computing relocation WWW business model competition BES Ruby On Rails Mark Hurd RIM navigation bandwidth CIO webkit OQO display BBC telecoms Windows Mobile IT policy Wyse IM annotation SSD business continuity bombe numbers trends tablet Tablet PC ruggedized ribbon voice CTO installation i-mate IT transformation connectivity interoperability video hardware macro people licensing Windows Live AskEraser desktop. PC Mercury VSSAdmin mobile broadband Fire Eagle demo09 eu mobile working p2v QWERTY Windows Server wildfire camera Volume Shadow Copy system management ontier netbooks semiotics Sony community calit2 Beacon virtualisation offload ANR WPF Loki maps phone settings pgp productivity Gartner Ask.com mysql exabytes 3G O2 congestion charge RBL xT9 Mozilla information cards Barracuda fonts beta test database WEI whitelist mobile Google Sets dual display office RIA turing web2expo future in review case bug IT value Qualcomm cam applications hierarchical temporal memory HSDPA server ports advertising Salesforce RSA 2008 iPhone ultraportable wifi installer upgrade migration gamer mainframe media center OFCOM Magny-Cours london toshiba visualisation Trampoline rtm server sprawl ipv6 Wimbledon geek tourism HMT Skyfire BT SKU Dell Tripit Xobni development international roaming cold fusion Bill Cheswick FUD office 2010 Silverlight mscape Ray Ozzie 64-bit information apps deperimeterization traffic hacking optical interconnects Live Mesh collaboration data loss mobile network identitity Istanbul mobile ofcom network .NET Embarcadero pen computing regulations amazon goview lost server social networking patent Moonlight flash Tombstone Objects Adobe Tablet Kiosk isps bbc iplayer outlook cellcrypt natural interface DSL Trend Micro Ruby screencam power supply augmented reality machine learning tennis mash-up merger DOS amherst windows business intelligence Internet Explorer 8 T-Mobile deborah adler system center data tariff legislation web AuthenTec navteq EEE windows server 2008 r2 images co-processor direct access nvision08 emulator downturn data centre transformation education cloud Palladium browser Seagate GPL identity theft Netscape fingerprint anti-patterns vulnerabilities bolt conferences Microsoft Girl Geek Dinners tele atlas utilities application compatibility Google Large Hadron Collider Intel remove back utility LiveID privacy winhec2008 MAX usb encryption Location SP1 catalyst Java venture capital GPS AMD battery life processors monitor fire information rights management screen colossus todo list cables M&A Asus MIX innovation ikea gaming bea thin client infrastructure Smartbook evernote ATI DLP network Hp 2710p AIR mythbusters power saving 965 GPU ADFS 2.0 moscow hdmi MIX08 MRDA virtual desktop training design benchmark setup analytics Dopplr Express Gate enterprise architecture hyper-v claims power safend Internet Explorer NexT Active Directory user experience Safari greenplum ec2 no signal Vista flex october MacWorld 2008 pixetell management disaster recovery teched WinHEC software Acrobat Pro BlackBerry Internet gameboard Firefox NGSCB sun dvi ballmerbot christmas dual boot MING Facebook control panel RSS search private cloud atom Apple public cloud regulation griffin Palm cracking Google IO malware Opsware media IIW2008b smartphone CES troubleshooting consolidation Opera Eee PC virus gabriola it pro Tim Berners-Lee Linux insert SIM drivers instant messaging Credentica g-2 appstore switch windows 7 pre-boot developer Xen futura social engineering OpenID open verdana Lenovo disk space power cuts g-1 Nuance quiz workflow SapphireSteel service oriented enterprise enterprise Chrome lockdown storage Jeff Jones T9 appzero patch Tuesday networks TSA bugs performance Protected View Clear RX Verbatim twitter adfs hp microsoft research android
Advertisement

   
Archives

   
Most commented posts

   
Highest Rated Blog Posts

Advertisement