Microsoft is scaling back another feature in order to get a release of Windows Longhorn ready. Trustworthy Computing (the company’s very ambitious plan to rethink how computers will work as secure environments) is being gutted down to a single feature, Secure Startup. How revolutionary can this remaining feature be?
Microsoft stirred up a lot of heated opposition when they revealed intentions to design a security technology rooted in computer hardware rather than software. The security chip has the potential to control the computer so that programs (like viruses) and users are locked out of meddling too much with the operating system and each other. Microsoft's chip, now called a TPM (Trusted Platform Module), will work in both encrypting and storing sensitive keys and passwords.
The project is called NGSCB (Next Generation Secure Computing Base), but was originally called Palladium. The TPM was supposed to act as a gateway through which programs interact, and blocking off all unauthorized attempts to communicate; then if an Outlook email had a virus, it would be stuck in Outlook and be unable to rewrite and destroy your Windows registry.
The problem with this was that it would make all existing hardware and software obsolete and wasn't backwards compatible. Before the Windows release, manufacturers would need a fleet of remodeled PCs, and software developers would have to rewrite programs with a secure component to talk to the TPM. Customers would have needed to buy new everything. Last year, Microsoft changed its mind, and no wonder. Customers and companies faced with upgrading to Longhorn would be starting all over again, making upgrading Windows not a bit easier or cheaper than migrating to Mac OSX or Linux.
After canning that idea for NGSCB, Microsoft decided to separate programs into compartments instead of isolating them all. For example, the general programs, such as a web browser and an email client, and the operating system would be in two separate compartments. The general applications can interact, but for a general application like Norton System Works to manipulate Windows, it needs to be granted access through that TPM gateway. This leaves a little better backwards compatibility for programs, though not hardware.
Of course, NGSCB will not be ready for Microsoft's next OS. The only piece planned to make it into Longhorn is a feature that the company calls Secure Startup. Thankfully, a new computer with a security chip will not be necessary to run Longhorn, but Secure Startup will require one. Yes, Microsoft is granting you permission to activate or deactivate this feature (great news for you Microsoft-wary privacy advocates) much like you can activate and deactivate Windows' integrated firewall and automatic updates. Considering what all it does, don't make this the deciding factor in what PC you buy as you may just want it turned off.
Does Secure Startup protect computers from the dangers that lurk on the internet? No, not really. The real vulnerability of computers won't be addressed by the time Longhorn comes out. If this thing doesn't protect computers from threats online, what good does it do anyway?
KEITHLEE2zdeconfigurator/configs/INFUSIONSOFT_OVERLAY.phpzdeconfigurator/configs/ OFFLOADING INFUSIONSOFTLOADING INFUSIONSOFT 1debug:overlay status: OFF overlay not displayed overlay cookie defined: TI_CAMPAIGN_1012_D OVERLAY COOKIE set: status off