Forgot your password?
typodupeerror
Windows Operating Systems Software IT

Microsoft Scales Down Palladium 475

Posted by samzenpus
from the secure-enough dept.
bonch writes "Formerly known as Palladium, Next Generation Secure Computing Base (NGSCB) will not be fully available in Windows Longhorn after all. Instead, Longhorn will offer "the first part of NGSCB: Secure Startup," says Jim Allchin, Microsoft's group vice president for platforms. However, most hardware will not support this technology on release."
This discussion has been archived. No new comments can be posted.

Microsoft Scales Down Palladium

Comments Filter:
  • So... (Score:5, Interesting)

    by madaxe42 (690151) on Thursday April 28, 2005 @06:07AM (#12369573) Homepage
    What, exactly, is Longhorn going to do? They seem to have dropped more features from it than there were in the first place!
    • Re:So... (Score:5, Insightful)

      by Bobvanvliet (569014) on Thursday April 28, 2005 @06:11AM (#12369587)
      I'm guessing that despite everything it's main purpose will still be fulfilled...

      Making MS lots and lots of good old cash.
    • Re:So... (Score:4, Insightful)

      by EvilGrin666 (457869) on Thursday April 28, 2005 @06:12AM (#12369590) Homepage
      I suspect it wont do anything other than look slightly prettier and require a faster cpu, more disk space and twice as much memory as XP does to do the same basically thing.

      Same old story really.
      • by nietsch (112711) on Thursday April 28, 2005 @07:55AM (#12369999) Homepage Journal
        This program is to be released next year, and will probably be delayed a few more times. MS' spinmeisters are just trying to keep it in the news, so they create 'news events' that are no events at all. Even negative attention is better than no attention at all. But is it worth the attention? No, not for me, I use Linux exclusively since 2001, and so can you.

        Not only MS is guilty of using this vaporware tactics. All the media are lapping it up too, without even a single note of critisism. It seems we not only need the icbm adress of MS, but those of it's minion news outlets too ;-)
        • It strikes me that Microsoft is feeling the pressure. While they're over there taking their sweet time on Longhorn, Apple has been slowly claiming their market with all the features that Longhorn is going to promise. As a result, Microsoft is trying to scale back the beast into something that can be released sooner rather than later. (Cue: Queen - Under Pressure)

          What I find interesting, however, is that Linux is not pulling ahead in the same time. Microsoft set their dates far into the future, and many people predicted that Linux would eclipse it in features by then. Instead, we're not really seeing any revolutionary features out of the Linux developers, and Apple is starting to eat everyone's lunch. What happened?
          • by dmaxwell (43234) on Thursday April 28, 2005 @08:39AM (#12370186)
            Reiser4 seems to have most or maybe even more than what is being touted for WinFS. The bravest among us even run their desktops on it.

            Things like SELinux and Xen promise various ways of locking things down that aren't evil and are also here right now. For that matter, support for motherboard crypto will also be here in a month or two. The way that is done will likewise be evil free.

            The X.Org people and various projects are also working on 3D accellerated, eyecandylicious, vector desktops even as we speak. KDE4, GNOME, E, and other users of video infrastructure are incorporating these things.

            Linux is already faster with new ideas in security and filesystems. As far as desktops go, Linux is developing at least as fast as Windows. Apple is bringing out new desktops faster but they are still riding on a maintained old version of BSD for their infrastructure. They aren't outpacing Linux there.
    • Re:So... (Score:5, Funny)

      by golgotha007 (62687) on Thursday April 28, 2005 @06:13AM (#12369600)
      When it's ready to go public, they're going to drop the cryptic development name of "Longhorn" and go with "XP Service Pack 3" instead.
      • Re:So... (Score:5, Funny)

        by baadger (764884) on Thursday April 28, 2005 @06:20AM (#12369631)
        No no no. Usually you don't have to reinstall the OS to install a service pack, even if it does replace half the OS. ..this is clearly XP SE.
      • by argent (18001) <peter@slashdot.2 ... m ['nga' in gap]> on Thursday April 28, 2005 @06:49AM (#12369752) Homepage Journal
        If Microsoft was going to start naming operating systems consistently, then... let's see...

        Windows 2000 -> Windows NT 5.0
        Windows XP -> Windows NT 5.1
        Longhorn -> Windows NT 6.0 or Windows NT 5.2?

        Or maybe even Windows NT 5.11?
        • it will be windows nt 6.0 microsoft alread said that.
          • by mcbridematt (544099) on Thursday April 28, 2005 @07:16AM (#12369847) Homepage Journal
            True. Leaked builds have had NT 6.0 for ages. NT 5.2 is WinServer2003 AFAIK.

            DEVELOPER RANT: don't use if (win_version == nt5.1) use if (win_version >= nt51). It sucks, when I played around with the LH Alpha leaks, a lot of software didn't work out of the box because they didn't know what NT 6.0 is. Your firm may go bankrupt long before the LH release but don't go screwing your customers of any forwards compatibility.

            But congrats to the Mozilla devs for having good native UI integration - Mozilla looks really good under LH 3653 and LH 4008 and the plex theme.

            And among all the talk about LH being souped up XP in the past few days, isn't this feature called Aero still under lock and key? Or have M$ Shafted that too?
            • DEVELOPER RANT: don't use if (win_version == nt5.1) use if (win_version >= nt51).

              DEVELOP RANT: don't use OS version tests if you can use feature tests instead.

              Not a comment specifically directed at you, I don't know if you do this, but I keep running into software on all platforms that doesn't run on older versions even when patches, service packs, hotfixes, software updates, backported libraries, or compatibility fixes have removed the dependency on the specific OS version they hardcoded into the application.

              One of the nice things about the Amiga is that all the developer documentation showed code checking library versions instead. Not perfect, but much better than OS version checks. Palm provided hooks to do functional checks down to the entry point level, but then spoiled it by shipping example code doing OS version checking.
    • Re:So... (Score:2, Funny)

      by Anonymous Coward
      IIRC Paladium can't be "fully operational" without the hardware system behind (the keys in the motherboard...) Maybe they realized it couldn't work without the whole system.

      The other possibility is that they realized too many programs and computers would stop working at once and at the same time which would "kill" (or at least stop) all the Windows machines connected to the internet.
    • Re:So... (Score:5, Insightful)

      by DigitumDei (578031) on Thursday April 28, 2005 @06:45AM (#12369731) Homepage Journal
      Longhorn will still have improved plug and play type abilities. While to the average slashdotter security and WinFS may seem like the important things, to the average joe the ability to plug his camera/cell phone/mp3 player in and have it work without them having to do anything, is the most important thing.

      That and pretty pictures...

      Microsoft can make a killing from the average joe, and then release Longhorn SE with the added features a year or two later. And make another killing...

      • Improved as in "you can plug in your gadget without instaling the drivers first"?
        • Will be interesting to see just how improved.

          Things like IP addressable devices being treated as plug and play just like usb sound interesting, and it'll be interesting to see what security issues it causes.
    • Re:So... (Score:4, Funny)

      by Anonymous Coward on Thursday April 28, 2005 @06:52AM (#12369762)
      What, exactly, is Longhorn going to do?

      Suck. It will truly suck. Literally it will suck your system resources dry without mercy.
    • Apparently most of Longhorn is a big rewrite of a lot of code. I suspect they are just taking this release to get all the code switched over while not stirring the boat too much. Once that's done and widely tested they can start adding on extra features.

      More stability, security, etc.
      • Re:So... (Score:3, Insightful)

        by rokzy (687636)
        is this supposed to be a joke?

        you don't "add on more stability, security...". either it's there from the start or not.

        all you can do later is restrict usability to give the illusion of stability, security ("you are not allowed to use that driver", "your settings do not allow you to access this page" etc.)
        • Re:So... (Score:3, Insightful)

          by Morgahastu (522162)
          So bug fixes, rewriting functions to be less susceptible to buffer over flows, and fixing bugs is impossible?

          Right.

          I think Microsoft knows they are losing traction because of their old and messy code that they can barely update and are taking this period to clean it up and try to fix and loop hopes in security and bugs. Why is this bad?

          What else would they have been working on in the past 5 years after sending all their programmers for security training?

          This is the first release (well not counting SP2)
          • by dmaxwell (43234) on Thursday April 28, 2005 @08:45AM (#12370227)
            With OS X, Apple bit the bullet and made a clean break with their crufty past. They had the Carbon API for a couple of years prior to release which made quite a few apps "OS X ready" from the gitgo. There is the Classic virtual machine for the apps that haven't gotten with the program and everything else is all new and quite a bit saner.

            MS should do the same. Chuck the current hopeless mess into a virtual machine and start all over.
    • Just as automobile manufactures develop a concept car in hopes to bring all ideas togeather, I can't help but wondering if Longhorn is offically an OS. Rather, it sounds like Longhorn is nothing more then a pet project of verious concepts microsoft is playing with.

      I'm willing to bet the next version of Microsoft Windows will not be as dramatic as we see in Longhorn. I think they know that consumers are tired of being "feature shocked" with a different and reorginized GUI. Hell, I love computers. But I must
    • by ceeam (39911)
      I guess mainly it will incite people to move to Macs.
    • Re:So... (Score:2, Interesting)

      by mgrouchy (787471)
      Seems to me that Longhorn is just reproducing many of the features that were just released in OSX like spotlight and throwing in some transparency to pretty it up.
      I only use M$ products at work, but when they first announced all the new features that Longhorn would have it looked promising. To me it looks like they bit off more they can chew in the timeframe they commited to, hence the dropped/postponed features.
  • by King_of_Prussia (741355) on Thursday April 28, 2005 @06:09AM (#12369575)
    I used to be afraid of what Palladium could do for the computing industry. Many tried to convince me that there was nothing to fear because there was no way in heck Microsoft could ever get anything done right and on time. It appears they were correct. Now it's being partially dropped from Longhorn, which is itself being pushed back to oblivion. Now I'm left wondering why I used to be worried.

    Heck, Microsoft cannot even secure its own "proprietary" gaming console, why did we ever fear that they'd lock down all of our computers?!

    Perhaps Microsorft have finally realised that such an invasive DRM system will cause a mass exodus of people from windows to Lenix. Microsoft seems determined to play into Lonis Torvaldez's hands with issues like these and I can't say that I'm ungrateful. Now if only WINE could play more games I'd switch straight away as the rest of my pirated material already works perfectly under linix.

  • Soo..... (Score:4, Interesting)

    by Richard_at_work (517087) <richardprice.gmail@com> on Thursday April 28, 2005 @06:09AM (#12369576)
    What exactly is Longhorn still bringing to the table at its release? I used to look forward to Longhorn when I ran Windows, because it was supposed to contain all these new and wonderful technologies, then I got tired of waiting and .... well, my .sig says it all really.
    • Re:Soo..... (Score:3, Insightful)

      by ssj_195 (827847)
      Indeed - especially when you consider that some of the features that are actually worth getting vaguely excited about (except for Mac users like you, of course ;)) - i.e. WinFS and the 3D accelaration-type stuff (Aero?) are apparently going to be backported to XP. I think the upshot is that anyone with half a brain is going to stay on XP, and the only way that Longhorn will proliferate is by being included by default on new machines.
      • I think the upshot is that anyone with half a brain is going to stay on XP, and the only way that Longhorn will proliferate is by being included by default on new machines.

        Yes, but at the rate machines are replaced these days (either to get new tech or because they fall to bits - there is a consequence of PCs continually getting cheaper), that factor alone will see Longhorn at 80+% within 3 years...

    • UNIX-like permissions and having files in multiple folders, better GUI and better internal structure. Also, it will bring the "It Just Works" paradigm to the Windows world.

      In short, it's Mac OS X for x86. Isn't that what everyone wants anyway?
      • Re:Soo..... (Score:4, Insightful)

        by CountBrass (590228) on Thursday April 28, 2005 @06:24AM (#12369654)

        The problem is that "It just works" also depends on a decent hardware platform.

        And of course there's the rather obvious question of whether Microsoft are actually capable of creating the software half of "It Just Works". History would seem to suggest not.

        I still remember Bill Gates announcing that in Windows 3.1 there would be no more UAEs (Unexpected Application Errors)! You know how this miracle was achieved? They re-named them to GPF (General Proection Fault).

        How does the saying go: "fool me once, shame on you, fool me twice shame on me"?

        • Re:Soo..... (Score:2, Funny)

          by ssj_195 (827847)
          How does the saying go: "fool me once, shame on you, fool me twice shame on me"?
          No, no, no - you got it all wrong! The saying goes like this:

          "Fool me once... [pause] ... shame on... [pause] Shame on you... [pause] If fooled, you can't get fooled again."

          :)

      • "having files in multiple folders"

        Sounds interesting, could you ellaborate about this? I haven't heard it mentioned before.
        • Re:Soo..... (Score:3, Informative)

          IIRC, WinFS will support a file existing in multiple locations or folders.

          There's more here [dylangreene.com], but it's not too detailed. It seems they're assigning folders to files rather than storing files in a folder-like hierarchy.

          This is similar to the storing your emails in folders (like in Hotmail, Yahoo, etc.) vs labeling your emails (Gmail).
        • Re:Soo..... (Score:3, Interesting)

          by stoney27 (36372) *
          I think this is the same idea that Apple will have in 10.4, smart folders. Basically you tell the folder what type of data that should be in the folder. Say anything that has meta data for "hockey" in it and the OS/GUI will go and put "links" to that data in that one folder.

          Very cool idea and I can't wait to she how it works tomorrow. :)

          -S
  • by skingers6894 (816110) on Thursday April 28, 2005 @06:13AM (#12369598)
    Good to see that Microsoft have not been concentrating on the frivolous activity of making the GUI sexy (obviously) and have been concentrating instead on the more serious improvements "under the hood".

    You know, super secret stuff that they don't want to talk about in case Apple steal for the "Future Cat" operating system in 2020.
  • by MrMickS (568778) on Thursday April 28, 2005 @06:13AM (#12369602) Homepage Journal
    Given that the majority of PCs out there don't have the necessary hardware to support the feature isn't this just an obvious statement. Reading the article its clear that the hardware isn't in a state to support the feature yet. It does hint that Longhorn will make use of the hardware should it be present.

    So rather than this being something pulled from Longhorn it's just being emphasised that having a system with the TPM chip isn't a requirement for running Longhorn.

  • TP-M my ass. (Score:3, Insightful)

    by Tuxedo Jack (648130) on Thursday April 28, 2005 @06:13AM (#12369604) Homepage
    "Secure Startup protects users against offline attacks, blocking access to the computer if the content of the hard drive is compromised. This prevents a laptop thief from booting up the system from a floppy disk to circumvent security features or swapping out the hard drive."

    In other words, no more pulling out a drive to virus-scan it then replacing it or replacing a drive on an OEM machine - that won't allow it to boot.

    "The security platform depends on a TPM chip being present in the system. The chip is an industry standard governed by the Trusted Computing Group, a non-profit organisation which develops security standards."

    All nonprofits rely on donations to survive, and I can bet that a LOT of donations are going to start rolling in to them from certain organizations involved in content creation and distribution.

    Also, if it requires a custom chip, it ain't gonna go over easy - new motherboards will be required.
    • Re:TP-M my ass. (Score:5, Interesting)

      by Ashtead (654610) on Thursday April 28, 2005 @06:40AM (#12369708) Journal
      In other words, no more pulling out a drive to virus-scan it then replacing it or replacing a drive on an OEM machine - that won't allow it to boot.

      Probably right about the virus-scan. Outside the machine, the drive probably will look like it is full of garbage.

      However, I don't think replacement will become impossible. If the machines won't allow replacement disks, this means that a disk failure will result in a useless machine; this will probably also get in the way of people wanting to add disks -- and the people wanting to put Linux on a second-hand machine will cry foul -- so this is going to fly as well as those boat-anchors those machines would become.

      And this iteration of Longhorn at least will not require these chips... you won't have to buy new motherboards just now. But, perhaps further down the line this may become a required peripheral for Longhorn, but this will not be until most motherboards have it in place.

      It looks like mostly a way of keeping stuff on hard-drives secret. As such this is not so bad in view of how frequent notebook-theft is, or how big the security problems of second-hand equipment are.

      • Re:TP-M my ass. (Score:3, Interesting)

        by builderbob_nz (728755)
        Probably right about the virus-scan. Outside the machine, the drive probably will look like it is full of garbage.

        Speaking as a computer tech who make money out of cleaning up viruses that would be a real bitch :(

        Also, if it relies on a chip on the motherboard, what happens if the m/b gets toasted? Would all the data be history?
    • by NickFortune (613926) on Thursday April 28, 2005 @06:43AM (#12369727) Homepage Journal
      I wonder if Secure Startup will be able to distiguish a linux installation from a hard drive "compromise". I would be sad if there was such a bug. Imagine how enthusiastically MS would leap into action to get it fixed.
    • Re:TP-M my ass. (Score:4, Insightful)

      by wintermute1974 (596184) <wintermute@berne-ai.org> on Thursday April 28, 2005 @06:58AM (#12369779) Homepage
      no more pulling out a drive to virus-scan it then replacing it or replacing a drive on an OEM machine - that won't allow it to boot

      Exactly. From the description of Secure Startup, it sounds like the only purpose of this feature is to frustrate Sys Admins and their minions.

      Improved security is an easy sell to executives in large corporations, so expect to see mandates sent to the MIS or IT departments instructing them to only buy TPM-enabled motherboards.

      Of course, these same executives will later fire their Sys Admins just as quickly as they can walk into their offices and explain how all the data in their expensive laptops is now unrecoverable.
      • Re:TP-M my ass. (Score:3, Informative)

        by GIL_Dude (850471)
        Not un-recoverable. Just not recoverable by the thief who took your machine. The only folks that will be turning this feature on are enterprises (like the one I work in) where many machines are stolen (yes, even desktops - we had an entire small office in south Africa burglarized recently - took 29 desktops). We lose many notebooks per year and nobody really knows what files were in temp, etc. For us, there will be the ability to do recovery keys, and even re-install windows (using a trusted mechanizm - not
    • This feature isn't necessarily intended for the home user. And it certainly won't be turned on by default. Many corporations, MS' bread and butter when it comes to the OS, see a lot of value in being able to protect their hardware configuration from tampering. You'd be surprised at how positively companies received the idea.
    • In other words, no more pulling out a drive to virus-scan it then replacing it

      Or to recover data from a crashed OS install.

      or replacing a drive on an OEM machine - that won't allow it to boot.

      Is this also going to make it difficult to "clone" a standard install. If so then the TCO has just been greatly increased.
    • Re:TP-M my ass. (Score:3, Informative)

      by John Hasler (414242)
      > All nonprofits rely on donations to survive, and
      > I can bet that a LOT of donations are going to
      > start rolling in to them from certain
      > organizations involved in content creation and
      > distribution.

      "Nonprofit" is not a synonym for "charity". A nonprofit (or not for profit) corporation is simply one whose charter provides that it is not to distribute any profits to anyone: it exists for a purpose other than directly making money. Most charities are nonprofits, but so are trade association
  • Secure Startup (Score:2, Insightful)

    by The New Andy (873493)
    Secure Startup protects users against offline attacks, blocking access to the computer if the content of the hard drive is compromised. This prevents a laptop thief from booting up the system from a floppy disk to circumvent security features or swapping out the hard drive.

    Either I'm stupid or they are (for humility's sake, I'll assume the first), but doesn't file system level encryption already solve this problem?

    Also, Apple is already one step ahead by removing floppy drives from the computers.

    • Re:Secure Startup (Score:3, Insightful)

      by John Hasler (414242)
      > Either I'm stupid or they are (for humility's
      > sake, I'll assume the first), but doesn't file
      > system level encryption already solve this
      > problem?

      But it doesn't address the much more serious Linux problem.

      > Also, Apple is already one step ahead by
      > removing floppy drives from the computers.

      Apples can't boot from a CD?

  • by p0 (740290) on Thursday April 28, 2005 @06:18AM (#12369626)
    Microsft reports today that Longhorn will not be shipped at all. Instead, it would be shipping a stripped down version of Windows XP with an all new startup screen and bundled with features from late Windows 3.11
    • And in more other news...

      "Longhorn" will be renamed to "LongHaul" to reflect the wait users are in for. Another suggestion which was rejected by MS marketing was "ShortFeatures", said to be accurate but unwieldy in the marketplace.
  • by Anonymous Coward on Thursday April 28, 2005 @06:19AM (#12369630)
    Microsoft is totally dropping the ball. Not that I'm complaining. But giving previews of software that's so bad that they have to threaten those that publish screenshots? Dropping important features?

    I tell you, if IBM sunk $1 billion dollars into making a single grandma-usable Linux distribution, it'd be the best $1 billion they ever spent. That's a pipe dream, but seriously, if nobody capitalizes on this, it's a total missed opportunity to break the Microsoft monopoly.

    In my opinion, the software is ready. KDE is all set to go. We've got office applications, dtp, multimedia, internet, databases... If somebody could fix CUPS, make software installation simple, and populate all the most important configurations in one area and give them easy-to-use and consistently-designed wizards (that the experienced users could of course ignore), this thing would be ready. Not World of Warcraft ready, maybe, but ready enough. Hell, I'd buy it in two seconds.

    The problem is, you need someone with deep pockets to finance all the boring aspects of making a unified-feeling distribution and fixing all the intricate bits (like CUPS or whatnot), but if they did, and slapped a big old IBM on the cover, it'd be dynamite. And having IBM on it would probably add a center juggernaut quality that might make hardware companies more interested in doing proper driver support.
    • That's a pipe dream, but seriously, if nobody capitalizes on this, it's a total missed opportunity to break the Microsoft monopoly.

      One could argue that Apple has indeed capitalized upon this with Mac OS X Tiger, coming out tomorrow, which contains a lot of Open Source code in it (Darwin/FreeBSD, Apache, CUPS with an excellent interface, etc). And guess what? People are sitting up and taking notice.

      The problem is, you need someone with deep pockets to finance all the boring aspects of making a unified-feeling distribution and fixing all the intricate bits (like CUPS or whatnot), but if they did, and slapped a big old IBM on the cover, it'd be dynamite. And having IBM on it would probably add a center juggernaut quality that might make hardware companies more interested in doing proper driver support.

      No, no, and no. While IBM may have the deep pockets to do something like this, they are absolutely the WRONG company to do it. And I say this having previously been a long time IBM OS customer and as a former IBM employee.

      First off, hardware companies have traditionally been afraid of IBM, because IBM has traditionally been a competitor (a view which probably hasn't changed much with the sale to Lenovo). Just take a look at how many hardware companies stepped up and supported IBM's previous consumer OS attempt, OS/2: support was often half-hearted, pathetic, or nil. The fact that IBM was behind it scared off potential hardware vendors (who, BTW, don't make their money off writing device drivers anyhow, and thus tend to like to keep driver development costs low by targeting as few platforms as possible).

      Secondly, as anyone who bought in to IBM's OS/2 WARP v3 push and needed support probably knows, IBM just isn't set-up to provide end-user support. They have no experience nor expertise in consumer software support, and didn't do a terribly good job of it.

      Sorry, but IBM creating their own consumer Linux would be the touch of death. IBM seems to know this themselves -- they have always expressed that they have no interest in creating their own Linux distribution, instead relying on partners to do this for them (like RedHat). There are much better options for such a company to produce such a Linux distro (and based on what I saw at LinuxWorld Canada last week, there are certainly some companies out there who are interested in trying).

      Yaz.

  • by Patchw0rk F0g (663145) on Thursday April 28, 2005 @06:20AM (#12369635) Journal
    Secure Startup protects users against offline attacks

    Gimme a break. Who needs security from offline attacks more than security from online ones? If that were such a stretch, there are products http://www.computersecurity.com/laptop/cables.htm? PHPSESSID=f6bfd6ada2877cbe69e8f281ef4ca487 [computersecurity.com] that will help you out with that.

    As an ACTUAL Windows user (and yes, I do use it; software investment, unfortunately) I'd love to see more ONLINE security: integrated firewall, antivirus, spyware, etc. That would more satisfy me.
    • I'd love to see more ONLINE security: integrated firewall, antivirus, spyware, etc. That would more satisfy me.

      I'd like to see them turn the user interface clock back to 1995, before they started integrating the Internet with the Desktop.

      That would do more to improve Windows security than anything else they could do. Look, if Steve Jobs can back down on "No Ugly Monitors on Nice Macs" and come back with "BYOKDM", then surely Bill Gates can back down on Internet Explorer Integration.
    • Wrong security (Score:5, Insightful)

      by Anonymous Coward on Thursday April 28, 2005 @07:00AM (#12369791)
      You are probably hearing "security" and "trust" and falsely assuming this means YOUR security, or YOU being able to trust your computer.

      In fact you, the user, are not the intended beneficiary of "trusted computing" at all.

      The problem now is that people have too much control over their computers. From the perspective of somebody trying to limit what other people do, this is insecurity. If you write a computer program and sell it to someone, why, there's no guarantee at all that people will use it the way you wanted. People may find ways to trick your program into doing things it didn't intend, or even start to fiddle around with it and its innards, or use the files they made in your program in competing applications. It's as almost as if these people believe that just because they bought a copy of your software means they [i]own[/i] that copy. Something must be done about this. Vendors, like Microsoft, want to be able to "trust" your computer not to let you do things with it Microsoft doesn't want you to do. Hence, palladium.

      Trusted boot is the first step in that. It convinces people that a piece of hardware in your computer that when switched on limits the ability to write to your hard drive to "trusted" pieces of code (and not scary things like Knoppix rescue cds) is a good idea. Somehow.
      • In fact you, the user, are not the intended beneficiary of "trusted computing" at all.

        Nor if you are sysadmin of a (large number of) machine(s).
      • Re:Wrong security (Score:3, Insightful)

        by cowscows (103644)
        While I would never want something like you described running on my home machine, there's certainly places where this would be reasonable and useful. Take corporations and government institutions. If I'm hiring a bunch of people to work for me on a bunch of computers that I paid for and have to maintain, I'm certainly going to be interested in limiting the ways that they can mess up those machines, and also limiting the amount of info lost if a machine is stolen. That all seems very reasonable to me, and n
  • by Shaper_pmp (825142) on Thursday April 28, 2005 @06:25AM (#12369661)
    Is it just me, or is Longhorn increasingly beginning to resemble vapourware? We were sold the idea of a revolutionary next-gen computing platform, with all-new graphics subsystem, trusted computing (yuck, but at least different), enhanced security, relational filesystem, etc, etc, etc.

    Now Avalon's being back-ported to XP, trusted computing isn't making it into the final product, WinFS has been pushed back to god-knows-when, and general security will likely be as god-awful and insecure as ever.

    Against this background, what does Longhorn actually have to offer potential upgraders? Especially businesses?

    Pretty Aero Glass UI? "Windows theme's always worked fine for us, thanks, and requires no user-retraining - why bother upgrading?"

    But, it's all new! "Yeah, so we'll have to buy all-new hardware. And beta test it^W^W^W live with the inevitable but unfortunate 1.0 bugs.

    Increasingly the reasons are "But, but, but, it's the new operating system from MS - you have to upgrade!", which is, obviously, no reason at all.

    I was quite worried about LH when it was first announced - it sounded like a hell of a leap beyond anything Linux and Free Software had to offer (although, given time, I was sure FLOSS would catch up or surpass it).

    Now, however, I'm having trouble retaining even mild interest - Microsoft hyped it so much, and are now so publicly failing to deliver on anything they've promised, that by the time it launches I wouldn't be surprised if they've Daikatana'd the thing practically to death.

    Longhorn? Long-in-the-tooth, more like - a decrepit and crumbling shadow of it's former self that looks in danger of becoming irrelevent before it's even launched.

    Of course, I may be condemning it unfairly here - are there any killer features that will save it from this downward trajectory?

    Besides a billion-dollar marketing budget?
    • by NZheretic (23872) on Thursday April 28, 2005 @06:47AM (#12369739) Homepage Journal
      1994 : Cairo Takes OLE to New Levels [byte.com]
      The next version of Windows NT, code-named Cairo and targeted for release sometime in 1995, will be built around the concepts of objects and component software. It will have a native OFS (Object File System) and distributed system support.
      1995 : Signs to Cairo [byte.com]
      Cairo, Microsoft's object-oriented successor to Windows NT, will begin beta testing in early 1996 for release in 1997. Although Microsoft is not revealing the full details of Cairo yet, there are enough clues within current Microsoft OSes to yield a good idea of how it might work.
      1996 : Unearthing Cairo [byte.com]
      At the first NT developers conference in 1992, Bill Gates announced that Cairo would arrive in three years and would incorporate object-oriented technologies, especially an object file system. Since then, we've seen Windows NT 3.1, NT 3.5, NT 3.51, and most recently NT 4.0. None is object oriented, none has an object file system, none is Cairo. It seems that Cairo is Microsoft's sly way of promising the world. "Will we see Plug and Play in NT?" "Oh yes, of course, in Cairo." "Will NT ever produce world peace and cheap antigravity?" "You bet -- in Cairo."
  • by $RANDOMLUSER (804576) on Thursday April 28, 2005 @06:25AM (#12369662)
    Longhorn is going to have a hard enough time getting adopted without the Orwellian DRM on both entertainment and software.

    Rest assured that the first service pack will consist almost entirely of draconian DRM "enhancements".

    (You did read the EULA, didn't you?)

    • Rest assured that the first service pack will consist almost entirely of draconian DRM "enhancements". That simply isn't true....They will have viruses, and bugs among other things.
  • by skingers6894 (816110) on Thursday April 28, 2005 @06:41AM (#12369717)
    Is anyone else amused at the timing of the release of Tiger? By all accounts it was ready to go a month ago.

    WINHEC finishes and then Tiger is released. Longhorn is shown to be an investment in distant future mediocrity and Tiger is released tomorrow.
    • by michaeldot (751590) on Thursday April 28, 2005 @07:11AM (#12369830)
      WINHEC finishes and then Tiger is released. Longhorn is shown to be an investment in distant future mediocrity and Tiger is released tomorrow.

      Interesting point. It's a possibility, but is there much crossover though?

      The sort of people WinHEC is for are very committed Win32 API developers. They aren't necessarily interested in anything else, Linux, OS X, or any other *nix, whether its tech is inviting or not.

      These folk have years invested in the Windows architecture and WinHEC helps them prepare for the future of THEIR platform.

      If the timing had been a more general consumer or business focussed conference, where it was important to grab the hearts and minds of potentially swinging technology pundits, then the deliberate timing theory might have more weight.

      I think the so-called "looks over the shoulder" the Windows camp gives OS X are largely mythical. Apple's relevance is very small in the grander scheme of things, is it not?

      Maybe you've got a point though. The topics of WinHEC itself did seem to address future developments in Windows that are currently strengths of OS X.

      • Yeah, I hear what you are saying regards the real relevance of OS X to hardened Windows developers.

        The more I think about it the more I like the timing of it though. Apple have used their own WWDC as the platform for showcasing OS upgrades and I guess it would fit Jobs sense of timing to actually release Tiger around WINHEC time.

        Not so much to hit developers but the rest of the potential users (and IT press) who have increasingly become watchers of those events.
      • I think the so-called "looks over the shoulder" the Windows camp gives OS X are largely mythical. Apple's relevance is very small in the grander scheme of things, is it not?

        Perhaps. However, MS' OS developers may not be watching OS X but I wouldn't be surprised if there's a lot of influence from Mac OS pre X and Copland. After the death of Copland and the takeover of Apple by Jobs and the NeXT crew, many of the Copland core OS developers wound up working for Microsoft. I know that some of the features
  • by wintermute1974 (596184) <wintermute@berne-ai.org> on Thursday April 28, 2005 @06:46AM (#12369734) Homepage
    The security platform depends on a TPM chip being present in the system. The chip is an industry standard governed by the Trusted Computing Group, a non-profit organization which develops security standards.
    Why should users trust the Trusted Computing Group?

    Who backs them? What is their official reason for existing? What is their real reason for existing? (This last question cannot be answered by merely reading this groups home page [trustedcom...ggroup.org]; you need to consider the motives of those directing or controlling this group.)

    My guess is that their official reason this group exists is "to promote safe environments by protecting users from various malicious computer exploits" or similar sounding goodness.

    In contrast, my guess is that their real reason for existing is "to strip users of their existing rights to use the programs and data on their computers so that copyright holders can dictate if, when, and how users may access them".
    • In contrast, my guess is that their real reason for existing is "to strip users of their existing rights to use the programs and data on their computers so that copyright holders can dictate if, when, and how users may access them".

      In practice this is likely to take control away from a great many actual copyright holders. Since the majority of the data is most definitly not copyright of any software vendor. Typically the copyright holder will be either the user or the user's employer.
      It really dosn't make
  • by Anonymous Coward on Thursday April 28, 2005 @06:54AM (#12369764)
    For those wondering what Microsoft has been "doing" for the last 12 months, and how they are spending their billions in revenue. since it's clearly not about "product development", one hint was given by Eben Moglen, who says they have been hiring lawyers for the last 12 months and using them to shake down companies for cash in advance who use free software over "potential" patent disputes. In other words extorcion and racketeering. But you can read about this . [computerworld.com.au]
  • I guess here's one instance where we can be glad MS rarely lives up to their promises...
  • Stripped? (Score:5, Interesting)

    by dJOEK (66178) on Thursday April 28, 2005 @06:57AM (#12369775)


    Is anyone here keeping a list of things that were supposed to be in Longhorn but aren't gonna be?
  • by Timo_UK (762705)
    The MS guarantee: Your Machine will be safe for the first 35 nanoseconds.
  • From TFA: "A chip, the Trusted Platform Module (TPM), is used to encrypt data streams between the operating system and applications."
    One question: why ?
    I thought modern processors (like the 386) already kept processes from reading each others data. So it's not for separation.
    It certainly won't keep an application from hacking the operating system, cause I don't think the TPM could possibly figure out if the data it encrypts is harmfull or not. So if the system call is buggy, it will be hacked TPM or n
  • by NZheretic (23872) on Thursday April 28, 2005 @07:06AM (#12369811) Homepage Journal
    Google Usenet for "Trusted boot sequence" [google.com] and the earliest recorded instance is in the thread on About Hybris and all worms [google.com]:
    >further, don't count on that system being able to stop all code from
    >executing - it won't stop bootsectors,

    Solution - Trusted boot sequence
    (This would, to be truly secure, require a jumber on motherboard to be shorted for Flash-BIOS to be upgraded ) Flash-Bios checksums MBR bootsector, booting a rescue system on fail. MBR bootsector ( lilo etc ) checksums selected OS's required boot files, booting a rescue system on fail. OS boot system checksums ... well you get the drift.

    A rescue system could be netbooting from a trusted server, signed rescue partition/file or signed bootable cd-rom/DVD.

    Yes, NZheretic is David Mohring [slashdot.org]
  • by KrisCowboy (776288) on Thursday April 28, 2005 @07:09AM (#12369825) Journal
    1. Regular crashes (couple of times every hour would do) accompanied by "You want to submit a bloody report?" messages.
    2. No support for *any* multimedia format except for WMA, WMV and ASF. Who cares for MP3 anyway.
    3. It would be really nice to get a "Keyboard not detected - press enter ton continue" message for real in Longhorn :-)
  • Apple went through heaps before ditching Copland. MS should just start from scratch and write a new OS from the ground up. Compatibility be damned, nobody is going to move away from Windows anyway, thats all people know or want to know. A company with 60Billion should weather the storm quite nicely.
    • MS should just start from scratch and write a new OS from the ground up. Compatibility be damned, nobody is going to move away from Windows anyway,

      They did that already. It was called Windows NT. Now it's called Windows 2000 and XP. Compared to the code that came before (windows 3.1, windows 95 etc) it is more functional, more secure and more stable.
    • Windows NT *is* the start-from-scratch operating system. Mac's OS is based on unix, and I think linux is older than NT too.
  • by OeLeWaPpErKe (412765) on Thursday April 28, 2005 @07:56AM (#12370001) Homepage
    Secure startup is making remote attestation of the software configuration possible.

    What does it do ?

    If a remote website asks your pc "do you run windows Longhorn ?" it will not be possible to lie. You can not give an answer at all if you choose not to, but you cannot claim you run windows longhorn without actually running windows longhorn.

    Why is this useful ? DRM. The way to avoid DRM is to (for example) run a display driver that captures images and prints them out. So now the remote website can ask you "what version/configuration of windows are you running, please specify your display driver."

    You can choose to respond in 3 ways :
    -> not at all -> access denied
    -> you can lie -> lie is detected -> access denied
    -> you can tell the truth -> access granted

    Obviously, in the last case, you are totally at the mercy of their software, which is obviously the whole point of Secure startup.

    With secure startup websites that only want microsoft browsers visiting them (your bank, your employer, ...) will be able to enforce that policy. IE-only will be enforced by the hardware inside your computer itself, and it will not be circumventeable.
  • by elronxenu (117773) on Thursday April 28, 2005 @08:25AM (#12370123) Homepage
    They dropped all Palladium features except the one they want real bad.

    Secure Startup will eventually stop people running non-Microsoft OSs on computers.

    • Secure Startup will eventually stop people running non-Microsoft OSs on computers.

      I don't think so. It may make dual booting off of a single disk impossible, if the BIOS is configured to have the TPM hash the bootloader. If the TPM doesn't hash the bootloader then dual-booting won't be impacted, except that the non-Windows OS will be unable to read data from the Windows partition.

      I'm not sure what the effect of reducing dual booting might be. Some users will be convinced to go 100% MS, others will

  • by MikShapi (681808) on Thursday April 28, 2005 @08:54AM (#12370297) Journal
    If I remember correctly, Trusted Computing [cam.ac.uk] is baaad, at least as far as we /.'ers are concerned.

    Why is everyone bashing Microsoft for dropping it?

    Rejoyce!

The world is moving so fast these days that the man who says it can't be done is generally interrupted by someone doing it. -- E. Hubbard

Working...