WIRED ON FRIDAY: PC users - prey to viruses, worms and trojans - can also be adept at internet piracy. Microsoft has plans to stop both, writes Danny O'Brien
Personal computers are - despite, it sometimes seems, all their best efforts - their owner's slaves. As the owner, you have complete freedom to install and run any software on your own PC made by anyone, for any purpose. They are general-purpose machines waiting to do your bidding.
It hasn't always been this way. Until the 1970s, it was the manufacturers - firms such as IBM - that decided what could be loaded onto their machines. Handing over control meant home computers could grow to be flexible enough to cope with whatever was thrown at them - and it meant owners could throw whatever they wanted on their PCs. It was what put the "personal" into personal computer, what allowed Microsoft wrest control from IBM, and the thousands of firms in Silicon Valleys, Glens, Isles and Bogs to blossom.
But there are a few situations where the complete power of the home user is a weakness too. After all, you can run anything you want on these machines and, in turn, those programs can do anything they want, too.
Now Microsoft has begun leaking its plans for a solution to these problems. Palladium is an ambitious project to transform the PC industry. You won't see Palladium-enabled software for perhaps four or five years but already some wonder if the solution isn't worse than the problems it solves.
But what problems are those? What could be wrong with leaving every decision on how to run a PC to the person who bought it? Well, one trouble that has emerged over the past few years is "malware" - viruses and worms and trojans that can infiltrate computers by tricking the owner into executing them. Users who click on an interesting looking e-mail or download an infected file can be hoodwinked to give code access to their machines.
And owners can, they say, fall into error - albeit perhaps only moral error. You're listening to a music file you've bought online. The software you're using to listen is designed to play the song only once, then delete it. To listen again, you'll have to pay again. Except that you - as master of all you compute - have another program running on your PC that intercepts the audio of this program and saves it as an MP3 while it is being played. After all, you're in control, right?
These scenarios, malware and unauthorised copying are increasingly common. They're what Microsoft's Palladium aims to solve.
Here's Microsoft's plan: in every future home PC, there will be a master control chip controlled by Palladium. This hardware can be used to set aside a zone where only trusted software may run. The software is known to be dependable because it has been vouchsafed by a consortium of companies, led by Microsoft and Intel. Lesser programs on your PC will not be able to see the data inside this sanctum. And when you talk to programs running within the sanctum, nothing else within the computer will be able to eavesdrop. Malware won't get in: Hollywood's music and video players can run within it without fear of interference. It's like a safe haven in the open chaos of your PC.
Palladium has security experts excited and concerned in roughly equal amounts. For those whose jobs depend on protecting valuable data, the apparent inviolability of Microsoft's Palladium is a tempting gift - and a blessed release from the uncertainties of the modern machine. It could keep the most secret files inaccessible even from those with access to the machine. Credit card information could be stashed there. You could send a file to a friend, confident that only they could open it on their own PC (their Palladium would be the place permitted to view it). The possibilities are new and tempting.
Others worry about the change in the balance of power Palladium represents.
The success of the PC has always relied on it being open for anyone to program - Palladium effectively shuts down that access to a chosen few. Microsoft is already a convicted monopolist. Could this company really be trusted to manage a private club on everyone's desktop?
Mr Ross Anderson, the highly respected security researcher and computer scientist at Cambridge University, demurs. He says: "I expect the most significant economic effect [of Palladium] will be to strengthen the position of incumbents in information goods and services markets at the expense of new entrants. This may mean a rise in the market cap of firms like Intel, Microsoft and IBM but at the expense of innovation and growth generally."
Apart from the business impact, there's the effect on the individual PC user. From the outside, Palladium won't look much different from existing Windows programs. And it's not as if there isn't a little well-placed paranoia in modern Windows. Programs from the internet can only be run after Windows has given dire warning of its dangers. In Windows XP, programs that have access to the deepest parts of the operating system have to be verified and "signed" by Microsoft before they can be installed.
The difference is that until now, those safeguards could always be overridden by the owner. If you wanted to run a program Microsoft didn't like the look of, you still could.
But Palladium can't afford that kind of manual override. Hollywood wants to play its movies and music in an uncopyable environment (as Palladium offers) - but it's not Far East pirates that they're trying to beat. PC owners are exactly the suspects who might breach that barricade.
In this case, it's not others that Palladium protects Microsoft and its friend from. It's you.
It's clear that Palladium has advantages as well as disadvantages. Some, especially those running competing companies, will declaim against trusting Microsoft too much. But then, it's not as if we don't trust them with our data every day.
But after Palladium, will we continue to do so - especially now they don't seem to trust us anymore?
