Palladium: What's in a Code Name?
On the way to trustworthy computing
August 8, 2002
Early this year, Microsoft launched "Trustworthy Computing," an initiative designed to elevate trust in computing systems. To that end, Microsoft has sent many employees to training classes to learn how to write more secure code. However, gauging by the number of security bulletins the company has issued, the effort hasn't yet borne fruit. Users have had to deal with several serious problems in some of Microsoft's core products, including Windows OSs, Microsoft SQL Server, and Microsoft IIS. Even so, an excerpt from a recent email that Microsoft Chairman and Chief Software Architect Bill Gates wrote places some responsibility for the many vulnerabilities elsewhere. Gates writes that although the Internet helps people and businesses use technology to reach their potential, "Ironically, it is the growth of the Internet and the advent of massive computing systems built from loose affiliations of services, machines, communications networks and application software that have helped create the potential for increased vulnerabilities."
In June, Microsoft announced a new element of its Trustworthy Computing initiative, code-named Palladium. As you might recall, Palladium is the name of a sacred image kept in the temple of Athena at Troy. According to some sources, the Palladium was either an image of Athena or an image Athena made of her playmate Pallas. According to legend, Zeus sent the Palladium to Dardanus, the founder of Troy. Supposedly, as long as the Palladium stood at Troy, no one could conquer the city. However, as we know, attackers did succeed in conquering and subsequently destroying Troy, by using the Trojan horse.
According to Microsoft, the "new Palladium" offers hardware-based protection to computer systems. The company claims that Palladium will "give individuals and groups of users greater data security, personal privacy, and system integrity. In addition, Palladium will offer enterprise customers significant new benefits for network security and content protection." According to a document on the company's Web site, the challenge that Palladium will meet is to build reliable, integral solutions; make improvements to computing platforms that enable greater opportunities; bolster confidence in computing; and continue to support backward compatibility.
How will this new architecture work? At the hardware level, Palladium will have three components: Trusted space, Sealed storage, and Attestation. At the software level, Palladium will have two components: the Trusted Operating Root (TOR) and Trusted Agents. After TOR establishes Trusted space, attackers won't be able to reach the TOR. Sealed storage is memory space used to store secrets that nontrusted programs can't retrieve. Attestation is a mechanism that lets users expose selected information from within sealed storage. As a core component of Windows OSs, TOR is designed to provide basic services to trusted agents (i.e., programs or aspects of programs and services capable of storing information in trusted memory space). According to Microsoft, Palladium will provide protection from the keyboard through the PC to the monitor--and render spyware, virus, and other nuisances ineffective. (I'm not sure how the Federal Bureau of Investigation--FBI--will react to losing the ability to sniff data on users systems, but something tells me that spyware will operate under Palladium-enabled systems even if it requires a court order.) Nevertheless, the bottom line is that to take advantage of Palladium, everyone must purchase new computer hardware and software that supports the technology.
Microsoft states that it will develop the Palladium code in an open-source environment, which at first seems an about-face for the company. Microsoft has criticized open-source software as a basically insecure way of developing good code. But the company obviously wants to use the momentum of open-source development (which software such as Linux drives) to bolster public support for Palladium, which seems to be a typical Microsoft tactic: If you can't beat them, assimilate them.
Robert X. Cringely wrote an interesting column about Palladium. According to Cringely, "[Palladium] may actually make the Internet somewhat safer. But the real purpose of this stuff, I fear, is to take technology owned by nobody [such as TCP/IP] and replace it with technology owned by [Microsoft]. That's taking the Internet and turning it into MSN ... This is diabolical. If Microsoft is successful, Palladium will give Bill Gates a piece of every transaction of any type while at the same time marginalizing the work of any competitor who doesn't choose to be Palladium-compliant. So much for Linux and Open Source, but it goes even further than that. So much for Apple and the Macintosh."
Let's hope Microsoft's Palladium doesn't end with the fall of a "great city" (i.e., the Internet) at the hands of devious tricksters who somehow deliver a Trojan horse that crushes a society into submission. Let me know what you think about the Palladium element of the Trustworthy Computing initiative.
About the Author
You May Also Like