There’s a new kind of spin out there. Make a big splash announcement in a blog entry, and then follow it up (after an appreciative pile-in of positive comments) with a comment full of caveats and gotchas. It manages the bad news, and keeps people from finding out what you’re really doing.

Microsoft recently made a big splash about the much-awaited release of IE6 for Windows Mobile, and then went and hid the bad news in a blog comment. You might still think that all recent WinMo devices will be upgraded with the new browser, but you’d be wrong. After all, that’s what Microsoft implied when it first announced the new browser project over 18 months ago at the last MEDC in Las Vegas, when it indicated that there’d finally be some respite from the much disliked browser that ships with its mobile operating system.

But what the blog promises, the comments taketh away.

It turns out that the new browser, which was Windows Mobile’s main hope in the battle with the latest WebKit-powered phones, will only run on new hardware.

As the comment said:

Regarding making IE Mobile available as a separate download or update, the rich media experiences that IE Mobile 6 enables require more powerful, advanced devices. That is why it will not be available as an upgrade or direct download for current phones, but rather will be made available on new phones.

It’s not that new phones are necessarily going to be more powerful than the phones already on the market. I suspect a Samsung Omina or HTC Touch Pro user is going to be quite offended by the thought that their top-of-the-range device with the latest processors will be consider inferior to a budget ARM-powered device that just happens to ship after Microsoft releases WinMo 6.1.4.

If you’ve got a current phone, then sorry, thanks for all the support, you’re going to be left behind. Sure, there’s the promise of Mozilla’s Fennec next year sometime, or the pay-for Opera Mobile today, but that’s not the same as a first class integral browser. Is it any wonder HTC are making Opera the default browser on their latest devices?

Why can’t Microsoft leave it up to the operators and the handset manufacturers as to whether they can ship updaters (or heaven forfend that Microsoft use the Windows Update tool in the latest Windows Mobile builds to actually ship an update). By all means profile devices to see if they’re able to run the new browser before opffering a download, but don’t leave users second class citizenson the web.

There is no mobile web. WebKit and the iPhone have given that concept the kick into touch that it so rightly needed. There is only one web, and millions of Windows Mobile users have been given a glimpse of it, before being told that it’s not for them. Is it any wonder they’re deserting the platform for iPhones and BlackBerrys? The next major release is now over a year away, and Microsoft’s main competitors are streaking ahead with new form factors, new devices, and better user interfaces. Windows Mobile 6.5 is a finger in the dyke, but it’s too obviously a stop gap.

Even companies that have built themselves on Windows Mobile are walking away. Why else has HTC started shipping Android-based devices? Microsoft appears to have no faith in its mobile OS, and the industry is responding to its inactions.

I’d like to be wrong, but I don’t think I am. I’ve been a Windows Mobile user for years, but I recently switched to the iPhone 3G. Everything I could do on my Windows Mobile device I can do on the iPhone - even administer my Windows Servers - and I can do it with a 21st century user experience, not something that still feels like a cut-down version of Windows 95. The only thing my HTC Kaiser is left doing is turn-by-turn GPS - and I have a feeling that the iPhone may well be doing that soon, too.

–Simon

On a smartphone, passwords are even more irritating than ever, especially on a soft keyboard that’s so sure it knows what you want to type that the default is to correct what you actually wrote. That’s only a trimester if the phone has as big a vocabulary as you do.

For instance, when I started writing this on my Samsung Blackjack II with xt9, what I typed in the previous sentence was ‘timesaver’ - before xt9 ‘ corrected’ it… xt9 gives you the option to stick with your actual typing as long as you notice the change and the equally aggressive correction on the iPhone does the same (though I’ve never managed it myself), but it’s one more way that passwords are more likely to trip you up than keep you secure. Let alone that the UK now has the worst information theft figures in Europe, even though the French have the least secure passwords.

Switching to information cards where claims like who I am and whether I’m over 18 are encrypted, hashed and sent on demand to replace simple username and password makes logging on simpler and more secure, and makes it possible to add extra authentication. After complaining about Microsoft not issuing secure ‘managed’ cards I’ve been told to wait a few days for a major announcement; it might be the Equifax over-18 I-card service https://equifaxicards.com/imover/overview.do (only for the US at the moment, but it’s the first major public verified information card and it will soon be followed by cards to prove your credit rating, contact details or membership).

So that leaves getting sites and services to accept information cards - and being able to use them on any computer. They’re built into Vista, Windows 7 and any PC with IE7, plus there are open source plugins for Firefox and Safari.  And now there’s a completely unofficial implementation for the iPhone - which you can’t use.

Developed by Markus Sabadello, who works at Parity, it’s in two parts. The I-Card Manager (http://www.iphoneicards.com/)  shows up as an app in the usual place and lets you access cards you have stored with Parity’s free AZigo online card storage service (www.azigo.com- this is the easiest way to share cards between different PCs that you use) and see what details are on each cards.

There wouldn’t be any problem putting the iPhone I-Card Manager on the AppStore, but it’s no use without the iPhone I-Card Selector. This is a plug-in for Mobile Safari that lets you click the i-card login on a Web page and pick the card you want to submit.

And as Apple hasn’t published an SDK for writing browser plugins and won’t distribute them through the AppStore, you have to jailbreak your phone to install it.

Although there was huge enthusiasm at the Internet Identity Workshop where Markus demonstrated his application (and a petition was set up to send to Apple), the general consensus was that Apple would wait until the standard had actually taken off to integrate it. That’s a shame because, as I say, a phone is where typing a password is the most painful and relieving that pain would be an excellent way of pushing the adoption of information cards.
-Mary

When Bill Gates said that there were no more 32-bit operating systems in Microsoft’s future, he was only talking about server operating systems and Windows Server 2008 R2 will indeed only be 64-bit. Windows 7 will definitely come in 32-bit versions, but consumer PCs in the US are increasingly 64-bit according to Steven Sinofsky.

We asked the director of Microsoft’s hardware ecosystem, Gary Schare, to walk us through the numbers behind that claim. A quarter of all new US PCs connecting to Windows Update in October were running the 64-bit edition of Vista, up from 18% in September and just 1% in January.

This is driven by the falling price of memory and the number of PCs shipping with 4GB of RAM, which are increasingly supplied with 64-bit Vista in the US - Costco only sells 64-bit PCs now. That’s a trend he expects to continue with Windows 7. But as well as persuading hardware manufacturers to develop 64-bit drivers, Schare acknowledges there’s another hurdle: “we need to convince technology enthusiasts that their experience with 64-bit is not what you get when you buy a 64-bit PC from a retailer - it comes with all the drivers and everything works”.

–Mary

Windows 7’s library-aware Media Player is only one small part of a big change in the way Windows handles media. Elements Microsoft hinted at last week in PDC sessions and at the Windows 7 reviewers workshop are coming into focus here at WinHEC.

One interesting snippet from this morning’s keynote was the fact that Windows 7 would be able to offload media codecs to hardware. While the keynote referred to it as a way of transcoding media streams for delivery to network media players and other devices, it turns out to be part of a whole new way of handling media in Windows – one that more than just Media Player will be able to use.

The key is what Microsoft is calling Windows Media Foundation, a low level layer that links to device drivers and hardware. It’s this new layer that handles dynamically switching media streams from device to device when you plug in new hardware (and when you unplug it again – great for using your Bluetooth stereo headset when you want a little privacy in the office), and it’s also the layer that makes sure Windows sound schemes aren’t routed to communications devices and applications – so no more IM bings and bongs when you’re talking to a colleague on a Bluetooth headset using Skype.

One important function for the Windows Media Foundation is handling hardware codecs. The latest generation of graphics hardware contains support for H.264, along with AAC and other sound schemes. In Windows 7 hardware will have priority over software – so if your graphics card or motherboard will do the work for you, your CPU won’t need to take the strain. It’ll even work with USB offload processors. The real trick comes in when you’re transcoding existing media for streaming to a remote player. If it supports DLNA 1.5 profiles and reports the media formats it supports, Windows 7 will use the Windows Media Foundation to handle converting your media to the appropriate format while it streams.

You can transcode in software, but it adds latency – so if you’re hardware supports it, Windows will divert your streams to the hardware, and just deliver the result to the client device. It’s a sensible response to a tricky problem, and one that also means you can handle all aspects of a conversion in the hardware, without needing a CPU at all…

Specialised hardware will always have an edge over the general purpose CPU, so it’s important for operating systems to take advantage of them. Microsoft isn’t alone in doing this – Apple will be doing much the same with Snow Leopard (and is using a Quicktime plug-in to take advantage of NVIDIA’s hardware H.264 support on the latest MacBooks). This is a trend that’s going to end up everywhere, from desktop PCs to servers, to phones – and it’s one that’s going to save you time, power and embarrassing pauses. What’s not to like?

–Simon

Or Windows 7, let’s hear it for the hardware; looking forward to WinHEC.

This is the only Microsoft Windows Hardware Engineering Conference before Windows 7 ships: unless the next WinHEC returns to its usual May timing that gives Microsoft another year to get it right. I’m expecting to hear positive things from the OEMs who’ve been playing with Windows 7 for much longer than we have; 7 is leaner than Vista and it literally puts devices ‘on stage’ with the Device Stage ‘experience’ (a task-oriented alternative to the AutoPlay dialog). And Ray Ozzie was very careful to frame Microsoft’s cloud play in a way that doesn’t ignore hardware.Google doesn’t give the hardware manufacturers much love, because it doesn’t have to, but for the first time since Paul Maritz left (and he’s now playing ‘who blinks first’ with server manufacturers at VMware over whether virtualisation will sell more servers rather than fewer in the long run) Microsoft has remembered how much the OEMs matter. The lack of drivers when Vista launched and the willingness to ship Linux on netbooks may have refreshed the Microsoft memory here.What’s good about the PC? Copy and paste, as I say whenever anyone asks me why I’m not packing an iPhone. And hardware. “Both Windows and the apps are sitting right next to the hardware, the processor, memory, graphics, and disk.” You can take advantage of a big screen in a browser app, but you’re wasting a lot of the power of the PC by not taking advantage of what Windows can do on the CPU. And storage is still much more efficient in the OS, as Ozzie notes there’s “immense value in the storage on PCs for confidentiality and mobility, for speed of access and local convenience for documents and rich media, photos, videos, music, and more”.  Yes, Google Gears would like to work with USB drives and GPS directly, but as long as the Gears team are saying that “everything in the browser is inherently safe”, I won’t be installing Gears.Cloud, said Ozzie, plays to the strengths of the Internet: remember, this is someone old enough to remember the Internet before the Web and to appreciate the range of services online for communicating with companies and people. Rich Internet Applications? “Yes, the browser as universal run time is cool and it’s really useful” admits Ozzie, “but this is not the core of the Web’s sustainable uniqueness. The Web’s unique value is in its ability to assemble the world’s people, the world’s organizations, its public information, its services and devices, enabling us to connect, to communicate, to transact, and to share. ” And the phone is somewhere in between, says Ozzie. Yes, you can write software that uses the hardware on the phone - in fact, with the slower processor and limited storage you have to.  But what the phone really gives you is context - something Microsoft is trying to add to the PC with the sensor framework in Windows 7 but is unlikely to match. “The truly unique advantage of a phone-based app is that it’s always with you and it’s ready for your spontaneous action. The phone knows where you are, what time it is, so it can tag your location on something. With its camera, you can snap a picture in the context of what you’re doing. You can record a quick idea or use text or ink to jot down a note. There’s no better way than a phone for you to immediately comprehend that something that you care about is suddenly in need of your attention.”We use Microsoft’s Live Mesh service to share documents peer-to-peer on the road. It’s very effective - in fact it’s changed the way we work. It’s handy to have it available through a browser but we’ve never used that because where we need the files is on the PC (or often two, three or four PCs between use) that we’re working on. Live Mesh has just come out for Windows Mobile and the Mac (for a limited number of users while Microsoft ramps up the service). We probably won’t look at many PC files from a phone, but if we need to it’s going to be much more convenient than hauling out a laptop at the hotel front desk or in the rental car agency. And all those to-do lists I jot down on the phone; they’d be a  lot more useful if they showed up on my desktop when I could do something about them.  That’s almost exactly the three scenarios Ozzie defined last week, and they need the balance of hardware and software to work. Last week we saw the new software that’s on the way; this week it’s what the hardware brings to the party and whether the manufacturers are as positive as Microsoft has predicted.  -Mary

I’m writing this blog entry on a run of the mill Dell XPS laptop. The only thing that’s different from the laptop you can buy today is that it’s running the pre-beta build of Windows 7 that’s been distributed here at Microsoft’s Professional Developers Conference in LA.

You’ve seen the reviews all over the web, and you’ve read the analysis of the effects on the Vista marketplace, and of Microsoft’s changing role in the industry. Let’s take that all as read, and use this as an opportunity to drill down into one of Windows 7’s more interesting new features.

One thing about the PDC, it’s an excellent place to meet Microsoft staff who rarely leave Redmond, and to learn more about the issues of programming and developing Windows applications. Unlike TechEd, it’s an event that looks at the future of Windows, and it regularly unveils new tools and technologies. We spent the week talking to people, and listening to all kinds of presentation.

Much of what’s been written about Windows 7 focuses on its consumer features - but there are a lot of things in the next Windows for the IT pro - many of which will make your lives a lot easier. New self service tools in the OS make it a lot easier to manage, as your users will be able to solve many common problems without having to call a help desk.

Windows 7 will identify and help solve problems with the new Troubleshooting control panel. Just type “fix” in the search bar to see a list of troubleshooting options. Alternatively you can use the new Solution Center to see where you need to start finding solutions.

The Troubleshooting control panel has 8 categories, each of which is full of the top issues that have been reported to Microsoft. If you look at the Programs section you’ll find tools for managing program compatability, along with quick fixes for Media Player and web browsing. All in there are over 100 listed root causes, with common solutions. There may be one or more solutions to a problem, and you’re given the option of trying them each individually or all at once. Just click OK and your machine should be running normally again.

The underlying technology is that old favourite, PowerShell, and that means it should be possible to write your own troubleshooting scripts for your own applications. It also means that you’ll be able to push management scripts to remote machines, pre-emptively fixing problems if you start seeing your users all accessing the same problem information.

I’ve already used it once, to enable the built-in bio-metric scanner on my laptop, as Windows didn’t come with drivers. The troubleshooter tracked down the Vista drivers, and gave me the appropriate download link - all in a single dialogue box, with no intervention from a system administrator…

With tools like this in Windows 7, you’ll be able to invest your time in developing new applications and services (and maybe investigating new platforms like Azure), rather than answering the phone. If your users need hand-holding, why not delegate that to Windows…

–Simon

The cloud demands identity. Microsoft has a strong, secure, privacy-friendly identity technology that’s open, easy to federate and will transform the Web and the cloud. So why is Windows Live ignoring CardSpace?

OpenID is a great tool for logging in to a Web site that you want to use but don’t need to trust. You wouldn’t want to use OpenID to get into your banking site because it’s just not secure enough, but it’s great for not having to remember passwords for LiveJournal, Dopplr, Plaxo and the like. You log into one site and tell the others to ask that site who you are. OpenID is getting less vulnerable, but it’s simply not intended to protect really important information.

The information card system is secure; it’s protected by cryptographic keys, it’s got a user interface that makes it very clear when you’re being asked to log in to a site, what the site wants to know about you and it lets you choose from a ‘wallet’ of cards to prove your identity. That gives you security and privacy and ease of use together (which improves security by stopping people using the same password everywhere. Microsoft put it into Vista and Internet Explorer 7 as CardSpace (information cards are the generic system and there are implementations that you can use in Firefox and Safari, on Macs and Linux machines, CardSpace is just the Microsoft implementation).

And since then, I’ve been waiting for Microsoft to deliver the next pieces. A token server that a business can use to issue its own information cards, and to validate them so you can use them for access to internal apps, preferably federated so you can also validate partners. And a public service that issues not just the self-certified cards that anyone can create with their public details but managed cards that have useful information that you want to protect. When you wave your passport or driving licence in an American bar, the bar doesn’t – or shouldn’t take a copy of it; they just need to know you’re old enough to have one. Put your birthday into a managed card and you can prove that you’re over 16 for a shopping site without handing over details that could help someone hack your bank account if the site loses its customer details on a USB stick, because the site only gets the assertion that you’re old enough, not the actual day, month and year.

Issuing cards was going to be a function of ADFS at one point, because it fits wither where enterprises store identity information; for development and resource reasons it went on and off the feature list and now it’s going to be a free component in Windows Server 2008 (and maybe other versions), code-named Project Geneva. Currently in beta at www.microsoft.com/geneva, there will be a feature-complete beta in the first half of 2009 and a final version in the second half. It leverages AD and SAML and x509, it interoperates with a wide range of line of business applications and it makes using secure identities easy in a business.

That just leaves a managed card service for those of us who aren’t in a big business and I’m still waiting. And in the PDC keynote today, Microsoft announced that Windows Live ID would be issuing a new kind of identity – but it’s not information cards.

So why is Windows Live ID proudly announcing that it’s issuing OpenIDs but not CardSpace IDs? Is it because OpenID is accepted by a lot of sites? So are information cards, and if you could get an identity you could trust from Windows Live other sites would be more likely to adopt them – because it’s easy to use Windows Live ID instead of running your own username and password system. Is it because OpenID is, well, open?

CardSpace is the most open project Microsoft has ever done. The architect, Kim Cameron, has almost single-handedly changed the perception of Microsoft in the identity community, which isn’t bad for a company that was so roundly derided for Passport. The open nature of information cards “just isn’t up for discussion” Cameron says (before plunging into a discussion with senior VP Bob Muglia about why you can’t constrain the scope of identity to just in the cloud or just on the server or just on the Web or just on the desktop).

Is it because CardSpace 2 is going to better than CardSpace 1? It will let you transfer information cards from one PC to another, and when you go back to a site you’ve used an information card with before, CardSpace 2 will show you the card you used last – which means that even if a phishing site accepts information cards to try and fool you, you’ll be able to tell (and the phishing site isn’t going to get the details out of your card so scammers can’t steal it). But Microsoft has adopted the first version of plenty of its own technologies even when there has been something new and better just around the corner. And issuing managed cards today, cards that have been verified and are backed by an identity provider, would be a huge step forward.

If it’s because Microsoft wants somebody else to issue managed cards because a supermarket or a post office or a government already has relationships with people and systems for handling information – or because they look like a more natural place to prove your identity because they can prove that you have a loyalty card or a post office box or a passport – then I’d say yes, but you can’t wait for that to happen. Once the first managed identity provider proves its value then banks and services that sell you certificates will join in, but you can’t keep on waiting to go first them to go first.

I wonder if it’s the legacy of Passport. Maybe the Live team wants to be extra sure they don’t rush out with an implementation that could have problems and create another Passport backlash. Or maybe they aren’t comfortable with the way that CardSpace takes the power of identity away from the provider and gives it back to the user; issuing managed information cards would be admitting once and for all that Microsoft is never going to own user identities in the way that Passport envisaged. Everyone I’ve met from the Windows Live team so far is smarter than that, which leaves me confused. Because it’s ludicrous that Microsoft has a far superior identity technology to OpenID that it’s getting ready to offer to businesses and it hasn’t even talked about how to bring it to everyday Web users who need it just as much.

A while back Microsoft announced that it was changing the licensing requirements for Visual Studio. Yes, it probably was a response to the success of Eclipse, but it also changed the way Microsoft worked with development tools partners. Two significant announcements today show that it’s a strategy that is starting to pay off.

So what did Microsoft do? First, anyone could get access to the Visual Studio IDE. That meant you could use its editor, and its code completion tools with any language. You could host anything yyou liked in the Visual StudioShell, using it for modelling tools, for programming, or for just about anything you wanted. A generic multi-pane shell could host just about any application, from a E-911 call centre hub, to a (dare we say it in these times of crisis) bank trading desk.

The second part of the change was one of the most significant. Now you didn’t need to target Windows with your development tools. That meant you could use Visual Studio to host a PHP editor working against UNIX Apache web servers, or a development tool for Android or BlackBerry.

One of the tools announced today works in just that way. SapphireSteel’s Ruby In Steel is a Ruby On Rails development tool, built entirely inside the Visual Studio Shell. You can running the resulting code on any Ruby interpreter - whether it’s a Windows version (like Microsoft’s own IronRuby) or one running on a Linux web server somewhere on Amazon’s hosted RedHat EC2 servers.

While Ruby In Steel is a commercial tool,  there’s a personal edition for anyone who wants to start learning Ruby - and it’s a free download. It’ll integrate with Visual Studio if you’ve already got the latest version in place, or it’ll install its own Visual Studio Shell-based UI.

The other Visual Studio announcement came from Embarcadero, home of CodeGear (the old Borland tools company). While most of us had thought they were leaving .NET development behind with the new release of Delphi, for very good reasons to do with developing for the legacy Windows install base, it turned out that they’d been developing a version of Delphi that would drop into Visual Studio, and work with .NET and the rest of the .NET languages. That’s a big move for Embarcadero, and one that will have a significant impact on developers producing rapid UI-driven applications inside businesses. It remains to be seen if Embarcadero’s database tools follow Delphi, but if they do, it’ll be a very interesting add on to a familair environment.

The Microsoft developer world is getting interesting again, and with the snippets of Visual Studio 10 that got announced a week ago, it’s going to get even more interesting over the next couple of years.

We’ll be going into things in more detail from Microsoft’s Professional Developers Conference in LA in a few weeks time. Stay tuned!

–Simon

Mary looked over at my desk the other day, and said, “Is the new server going to be that loud all the time?”

I looked at her in surpise. “What do you mean? It’s virtually silent.”

“So what are all those fans?”

“That’s my desktop…”

That was when I realised it was time to change the machine I used every day. Bought over five years ago, it was starting to struggle with the processing and graphics requirements of today’s desktop applications. I’d got used to the roar of the fans - but throwing more and more cooling at yesterday’s technology really wasn’t the answer. After all, it would just make the office noisier!

A little web research,and I’d found that my usual hardware component supplier was selling very nice looking PCs - with most of what I needed. I decided to be as future proof as possible, and ordered a quad-core Intel box, with plenty of USB ports, 750GB of hard disk, and 4GB of RAM. I picked up a hefty graphics card as well, all for a third of what I’d spent five years ago.

Setting up the machine was easy enough. It had come with XP Home, but I blew that away and went with a Vista Ultimate install. It wasn’t very long before I had the new box online, and hooked up to our office domain. All-in-all it was relatively painless, though I still miss the option of having an extended desktop rather than the traditional dual monitor approach.

It took me a couple of days to install all the applications I needed - with a couople of caveats. It’s important to make sure that you deactivate applications like Adobe’s CS3 or Apple’s iTunes (and that you’re careful to make sure you import all iPhone applications before doing a first sync on a new PC).

So what are my key applications? I keep a list in OneNote, so I don’t forget anything - and here a few key applications:

• Microsoft Office 2007 - I live in Outlook, OneNote and Word
• Visual Studio 2008 - My usual development tool
• Firefox 3 - What else for the web?
• Xobni - Simplifying my inbox and my correspondence
• Clipmate - Managing the Windows clipboard
• Paint.Net - Image editing for free
• Cardscan - I get a lot of business cards, and this gets them into theOutlook address book easily
• Avast! AV - One of the best free AV tools around, and my recommendation
• Adobe CS3 Web - Web design and image manipulation
• Alzip - A good, fast, free archive management tool
• Filezilla - The best free FTP tool around
• Multiplicity Pro - Controlling my laptop from my desktop keyboard and mouse
• Feed Demon - RSS reader
• Aptana Studio - A powerful (and free) JavaScript and AJAX development tool

Of course there’s more - there are clients for social media networks, and tools to manage files between desktop and server.

My files moved across quickly, and I’ve been using the new machine since Monday - and I turned the old desktop off at the end of Monday, and it’s not been on since. Four cores and a 512MB NVidia 9600GT are an ideal Vista platform, and the OS is running smoothly - and extremely fast.

One thing I’ve done, to make sure I use one of Vista’s best features, is turn off the Quick Launch tool bar. It’s making me use the search word wheel on the start menu a lot more - and that’s good.

The office? A lot quieter. I can now hear the fans on the NAS across the room.

–Simon

Imagine a second, simpler operating system on your PC with fixed features, so it’s more secure - after all, if you can’t add more programs you can’t add a virus either. It would have to start up quickly, so that Windows wasn’t waiting for it, so it would be ideal for listening to music and watching video. I’m not thinking about virtualization per se, although that’s one way to achieve something similar; this is two operating systems side by side, both with access to the PC hardware, but one of them does much more limited and circumscribed things.

Can you tell what it is yet?

No, actually, I’m not talking about Palladium - sorry, Microsoft Next Generation Secure Computing Base. That grew out of an attempt to reassure Sony that it would be OK to allow DVD movies to play on a PC without piracy becoming endemic and turned into a much more useful and visionary idea about using public key cryptography not to identify people but to secure machines. It would have been a good way to implement the DRM it was associated with in the public eye, though wouldn’t have forced it on anyone who didn’t want to run it. Palladium loaded a secure piece of software called the TOR that acted as a secure area that could only run trusted code (written to public APIs), where the apps would be invisible to the main OS - all secured by the machine-specific key in your TPM and some new technology from Intel. 

Ironically, trust was the issue with Palladium; nobody trusted Microsoft to either be building a secure system that didn’t impact on a very robust interpretation of free speech or if it was, to do it right. The smallest part of the concept made it in a couple of versions of Vista as BitLocker; whole disk encryption secured by the TPM.
But the Palladium concepts are showing up in a lot of other places, including the NSA’s Security Enhanced Linux and Citrix’s Security Enhanced Xen - a small OS that runs as a secure virtual machine with isolated applications, using the TPM and Intel’s new hardware virtualization technology …

Intel even uses the words Trusted Computing Base, which might be a hostage to fortune given the fate of Palladium. The DRM discussion hasn’t started yet, but there’s a trusted channel to the keyboard, mouse, memory - and the graphics subsystem, which is what some thought would allow copy-protected DVDs to be watched in the secure area of Palladium, without the option to copy them. This time around it’s more likely to be copy-protected downloads: killing off HD DVD has actually made Blu-Ray less likely to get mass adoption,  as player and disc prices stay high.

There are far more benefits to Palladium-style secure computing than protecting the movie industry or saving the banking industry from having to upgrade anti-fraud backends. You may keep your AV up to date and your company documents secure, but one in six of all PCs that touch the Google site has a bot and they’re all sending you spam.

And while the systems that look so much like Palladium that I get déjà vu are still a little way off, Asus is already selling machines with Express Gate. Granted, this is more like the embedded operating systems you see on a lot of media notebooks; it boots up in eight seconds and lets you see your photos and play your music. It has an Internet connection, so you can browse the Web without waiting for Windows. But it also uses the TPM in Montevina and you can treat it as an isolated operating system, says the press release: “Friends and family can use your notebook to nip online, use IM, listen to music, play and view without having access to your data, the system or the Windows environment.” Very Palladian.
-Mary