You say Express Gate, I say Palladium
By Simon Bisson & Mary Branscombe in Editorial
Posted in Futures, Silicon, virtualisation, Hardware, Laptop, Mobile, Security, Intel, Microsoft on
Imagine a second, simpler operating system on your PC with fixed features, so it’s more secure - after all, if you can’t add more programs you can’t add a virus either. It would have to start up quickly, so that Windows wasn’t waiting for it, so it would be ideal for listening to music and watching video. I’m not thinking about virtualization per se, although that’s one way to achieve something similar; this is two operating systems side by side, both with access to the PC hardware, but one of them does much more limited and circumscribed things.
Can you tell what it is yet?
No, actually, I’m not talking about Palladium - sorry, Microsoft Next Generation Secure Computing Base. That grew out of an attempt to reassure Sony that it would be OK to allow DVD movies to play on a PC without piracy becoming endemic and turned into a much more useful and visionary idea about using public key cryptography not to identify people but to secure machines. It would have been a good way to implement the DRM it was associated with in the public eye, though wouldn’t have forced it on anyone who didn’t want to run it. Palladium loaded a secure piece of software called the TOR that acted as a secure area that could only run trusted code (written to public APIs), where the apps would be invisible to the main OS - all secured by the machine-specific key in your TPM and some new technology from Intel.
Comment by steven Sprague - August 7, 2008 on 5:49 pm
Great article. You should also point out that the TPM which is now on about 150 million pcs is a fantastic way to have a common authentication platform for all web services. This will be the technology that kill UID and PW. Every VPN and Wireless access point be putting the keys in the TPM. It works today, Its easy to do however most IT professionals haven’t tried. Best Practice is all software certificates need to be moved to hardware.
Steven Sprague
Comment by Simon Bisson & Mary Branscombe - August 7, 2008 on 6:44 pm
Good point Steve; I actually like Intel’s notion of a trusted PC and a trusted platform as the root of trust for user identity feeding into an Internet identity layer (I’m a big fan of Kim Cameron’s infocard approach). But how do we get things to move forward? So far I’ve found nothing mainstream but fingerprint password vaults that actually use TPM in the real world (and vPro, but that still seems to be in demo mode)…
Make a comment
Tag cloud
Archives
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
Most commented posts
- The ColdFusion Renaissance
17 comments
- Java's SSVAGENT.EXE: training the monkey
- Responsible disclosure? Not quite, VMware
- At sixes and Windows 7s
- The LHC isn
- Wubi Tuesday
- Employees are our most valuable asset (snigger)
- When will Windows Live stop treating CardSpace as the unwanted stepchild?
- Not very open, not very social
- The best mobile game ever
Highest Rated Blog Posts
- Songs of distant satellites (100%)
- Nobody knows what Web 2.0 really is (100%)
- Log in and lock in (100%)
- Top tips for speeding up Vista (100%)
- Mommy, why is there a home server in the office? (100%)
- Employees are our most valuable asset (snigger) (100%)
- Locking down IT or blocking creativity (100%)
- Consumer BlackBerrys are good for business (100%)
- HD Trek (100%)
- Join the (beta) community (100%)

