The Palladium Paradox
Why we have everything to fear about the next operating system out of Redmond.
When Microsoft announced its entry into the “trusted computing” arena in June, the requisite witticism within the IT industry was that putting “Microsoft” next to “trusted” is an oxymoron. Four months later, many smirks have disappeared as the plans progress and the true significance of code-name Palladium becomes ever more clear.
The software, which is slated for future versions of the Windows operating system, looks on paper to be an all-good system for increasing privacy and security. The consequences of its deployment in the real world, however, will likely be decreased user control over the contents of their computers and a serious increase in Microsoft’s stranglehold on desktops.
Palladium is a big deal. It will require a major re-jiggering of how computers are built and run, with changes to hardware, software and even the data itself. First, it establishes a secure computing space, which means that as a computer starts up, the software will verify that the hardware components such as hard drives can’t be read by unauthenticated programs under any known circumstances. Palladium will also check the computer’s central processing unit’s serial number before kicking into operation; both Intel and AMD have already said they’re willing to include such identification. Before any program is run, Palladium will make sure it’s authenticated via a digital certificate. Stored data will be encrypted and will only be decrypted by authenticated programs. Apparently, however, it will not require a new mousepad.
Although Microsoft touts Palladium as a way to keep computers virus free and to give users control over what information they give out, critics were quick to notice that it just so happens to be an ideal platform for the management of digital content-MP3s, ebooks, digital movies, etc.-after it’s been downloaded onto someone’s computer. As Peter Biddle, the Palladium Product Unit Manager, explained to me last week, Palladium isn’t a digital rights management (DRM) platform in the traditional sense; it does, however, enable DRM systems to govern content after it has entered a client computer. But Palladium isn’t really an enabler. After all, users can already agree to a variety of rules governing what they can do with digital content. For example, I can buy an MP3 and agree not to copy it. No one needs Palladium to enter into such agreements. Palladium isn’t an enabler. It’s an enforcer.
One potential upside of Palladium may be that it will remove fears that currently keep content producers-oh, heck, let’s just get it over and call them “Hollywood”-from opening up the digital floodgates and distributing their wares digitally. No longer will they have to worry that the MP3 I download will find its way out of my Palladium-enhanced PC vault and into the post-Napster file-sharing black market using an “unauthorized” program like Kazaa. Hollywood will still have to worry about other ways digital content will wriggle free, but the leakage from legal, digitally-transmitted content will be patched. (Biddle surprised me by saying that Palladium-protected sound files will be played through the normal media players, making the sound stream susceptible to capture; videos however will be playable only with a secure Palladium player.)
Of course, there are always Macs or Linux operating systems, right? After all, Microsoft so far has not said whether Palladium will only be for Windows. But here’s where it gets really scary. If Hollywood sees 100 million machines running Palladium that can’t copy the files they sell (excuse me, license), they will be sorely tempted to release digital content in formats only Palladium can unlock. Palladium becomes the preferred player for digital content. The dreaded unholy alliance between Microsoft and Hollywood becomes real.
Paranoia? Sure, but consider the following. Microsoft is avidly pursuing the merger of television and PCs, making the download of digital content not just something for lonely geeks. Second, how else can the overkill security features of Palladium be explained? Computers can be kept virus free without locking down hardware. Precious few viruses spread by people sneaking into houses and injecting bugs directly onto hard drives. Finally, Microsoft has not done the simple and obvious thing to do to convince the user community that Palladium isn’t all about becoming Hollywood’s best pal: Make Palladium multi-platform so that you don’t have to use Windows if you want to view the latest Bruce Willis blockbuster on your computer or TV-computer combo.
Trusted computing from a convicted monopolist that would lock up mainstream content? Even if Microsoft had any credibility as a provider of secure systems (it doesn’t), Palladium should worry us.