Digg this story   Add to del.icio.us  
Trust us, Microsoft asks in secure computing push
Frank Bajak, The Associated Press 2002-11-20

A global powerhouse famous for steamrolling competitors is now asking us to trust it as a crucial government partner in information security.

That powerhouse, Microsoft, is pushing a new set of security tools at an opportune moment -- when the nation is buffeted by terror warnings and a case of war jitters.

Company executives are on a charm offensive now that their antitrust settlement is judiciary-approved. They say their priority is to make safe the transition from PC-based to portable computing.

In plain old capitalist English, this means Microsoft already locks us into its rules on the desktop computer. Why not be similarly bound on your cell phone, on wireless networks or perhaps on your "smart" wristwatch?

CEO Steve Ballmer said in a speech last week that he believes we're "on the verge of a new era of partnership for our industry and government."

In nearly the same breath, he told a Washington audience: "Security is fundamentally an issue about a community of criminals looking to steal people's identities, break into banks, even terrorize the Internet."

Skeptics might interpret that as Ballmer preparing us for a new era where government and Microsoft, evoking the common good, diminish our technical liberties just as Attorney General John Ashcroft is shrinking our civil liberties.

That's not true, objects Craig Mundie, Microsoft's chief technology officer and a senior vice president.

Mundie is jetting around talking up Microsoft's post-9/11 Trustworthy Computing initiative and, over breakfast at a midtown hotel, he sought to assure me that it will mean software that is neither intrusive nor constricting.

The goal is to make online life secure, reliable and private. It's all about a chain of trust, he said.

In order to transact online business with you, I need to trust you. If I do, I can agree to let your e-mail into a safe compartment of my computer. We can also transact confidential business within its confines.

That's the plan, at least.

Microsoft and its industry partners, led by Intel, will provide the tools. If we choose not to use the tools, we simply turn them off. Mundie says we wouldn't want to do that, though, because "it will sort of be like pulling the plug on the machine. It's there but it doesn't do much."

If this idea disturbs you that's probably because you agree with skeptics who figure the whole initiative aims to guarantee that big media companies keep control of movie and music distribution in a digital world.

Microsoft is already cooperating closely on this with Hollywood. The Movielink films-on-demand venture launched last week uses Microsoft technology in so-called digital rights management.

That's a nice euphemism for letting Disney, Sony and other owners of digital entertainment decide precisely how we can use it.

What's so bad about all this? Surely creative people should have the right to protect their works from digital piracy.

Well, yes, but what if Warner Bros. decides it doesn't want you to copy a song from one computer in your house to another? Or to a portable device so you can listen while traveling?

Some technologists fear that Microsoft's secure computing initiative, called Palladium, could almost unilaterally determine how this gets done.

Mundie knows it won't be easy persuading us that Microsoft has our best interests at heart, but he's got some time.

Palladium won't fully appear until Microsoft's next Windows version emerges in 2004, though some of its features could trickle into current operating systems via updates that Microsoft installs automatically over the Internet if you grant permission.

Mundie says Palladium, though still technically undefined, will be "a low-level set of instructions" in hardware that will include some "primitive software". Under its settlement with the Justice Department, the company is obliged to share some of the code.

Microsoft will also need to prove to skeptical nations such as France, China and Germany that Palladium will not include back-door access to U.S. spy agencies. Such fears are already pushing some countries to embrace open-source Linux software.

Mundie assured me Microsoft has no intention of compromising Palladium with such a Trojan Horse.

We'll be counting on Mundie to keep his word.

    Digg this story   Add to del.icio.us  
Comments Mode:


Privacy Statement
Copyright 2010, SecurityFocus