One of the most exciting aspects of Longhorn is its optional integration with Palladium, Microsoft's technology for realizing its Trustworthy Computing vision. Palladium--now called Next Generation Secure Computing Base (NGSCB)--is basically a secure run-time environment for Windows and other operating systems that allows a coming generation of software applications and services to protect the end user from privacy invasion, outside hacking, spam, and other electronic attacks. Palladium requires special hardware security chips and microprocessors (which will be made by Intel and AMD) and doesn't interfere with the normal operation of the PC. That is, Palladium-based PCs will still operate normally, working with legacy operating systems and applications. But specially-made Palladium applications and services will offer a range of features of functionality not found in the non-Palladium world, and if the initiative is successful, we'll one day be running only Palladium-based software.
If you're familiar with the .NET model, you might be aware of the notion of "managed" and "non-managed" (or legacy) code. Palladium will institute a similar model for PC software, where a trusted execution mode is used for Palladium applications and services and the old, "untrusted" mode is used for legacy code.
Microsoft designed Palladium around the following ideals:
Palladium will tell you who you're dealing with online, and what they're doing. It will uniquely identify you to your PC and can limit what arrives (and runs on) that computer. Information that comes in from the Internet will be verified before you can access it.
Palladium protects information using encryption to seal data so that "snoops and thieves are thwarted." The system can maintain document integrity so that documents can't be altered without your knowledge.
Palladium stops viruses and worms. The system won't run unauthorized programs, preventing viruses from trashing your system.
Palladium stops spam. Spam will be stopped before it even hits your email inbox. Unsolicited mail that you might actually want to receive will be allowed through if it has credentials that meet your user-defined standards.
Palladium safeguards privacy. In addition to the system's ability to seal data on your PC, Palladium can also seal data sent across the Internet using software agents that ensure the data reaches only the proper people. Newsweek reports that the agent has been nicknamed "My Man," a goof on ".NET My Services," "My Documents," and other similar names at Microsoft.
Palladium controls information after it's sent from your PC. Using Digital Rights Management (DRM) technology, Palladium can be used to securely distribute music, movies, and other intellectual property securely over the Internet. Movie studios and the recording industry could use this technology to let their customers exercise their fair use rights to copy audio CDs and movies, for example. "It's a funny thing," says Bill Gates. "We came at this thinking about music, but then we realized that e-mail and documents were far more interesting domains." Gates says that Palladium could ensure that email designated as private could not be forwarded or copied to other people, for example. Or, the Newsweek reports reads, "you could create Word documents that could be read only in the next week. In all cases, it would be the user, not Microsoft, who sets these policies."
You can find out more about Palladium in my WinInfo article, Microsoft's Secret Plan to Secure the PC, which was written when this initiative was first revealed. But remember, there is a ton of misinformation about Palladium on the Internet ("It will require proprietary Microsoft changes to TCP/IP," "It won't run on Linux," and other similar claptrap), but most of that is completely untrue. People fear what they don't understand, but Palladium is about securing the PC and protecting your privacy, plain and simple. Microsoft isn't trying to usurp your PC.
