Microsoft Scales Down Palladium

bonch writes "Formerly known as Palladium, Next Generation Secure Computing Base (NGSCB) will not be fully available in Windows Longhorn after all. Instead, Longhorn will offer "the first part of NGSCB: Secure Startup," says Jim Allchin, Microsoft's group vice president for platforms. However, most hardware will not support this technology on release."

Reporting the obvious

[MrMickS]

Given that the majority of PCs out there don't have the necessary hardware to support the feature isn't this just an obvious statement. Reading the article its clear that the hardware isn't in a state to support the feature yet. It does hint that Longhorn will make use of the hardware should it be present.

So rather than this being something pulled from Longhorn it's just being emphasised that having a system with the TPM chip isn't a requirement for running Longhorn.

Re:Soo.....

[0x461FAB0BD7D2]

IIRC, WinFS will support a file existing in multiple locations or folders.

There's more here, but it's not too detailed. It seems they're assigning folders to files rather than storing files in a folder-like hierarchy.

This is similar to the storing your emails in folders (like in Hotmail, Yahoo, etc.) vs labeling your emails (Gmail).

Re:TP-M my ass.

[GIL_Dude]

Not un-recoverable. Just not recoverable by the thief who took your machine. The only folks that will be turning this feature on are enterprises (like the one I work in) where many machines are stolen (yes, even desktops - we had an entire small office in south Africa burglarized recently - took 29 desktops). We lose many notebooks per year and nobody really knows what files were in temp, etc. For us, there will be the ability to do recovery keys, and even re-install windows (using a trusted mechanizm - not something easy to do for the thief on the street). All the IBM notebooks have had TPM modules for a couple of years. The HP 7600 is shipping with one. About time we make use of this stuff.

Re:Secure Startup

[GIL_Dude]

File system level encryption does solve this if you are talking about Pointsec, Mobile Armor or a product in that Genre. However, these products typically have a real problem: their pre-boot environments for authenticating to the encryption system lack the ability to expand the range of authentication methods (for example most of them do not work with Smart Cards today - the ones that do, work only with a limited set and maybe not with PCCard readers only USB. They also tend to not have a network connection in pre-boot so that they cant check CRL's on certificates. Decide to add biometrics and you are just out). So this will subsume the feature into windows such that the pre-boot is a thing of the past and any supported authentication method will work for the encryption as well as the OS. Long overdue.

Re:TP-M my ass.

[John+Hasler]

> All nonprofits rely on donations to survive, and
> I can bet that a LOT of donations are going to
> start rolling in to them from certain
> organizations involved in content creation and
> distribution.

"Nonprofit" is not a synonym for "charity". A nonprofit (or not for profit) corporation is simply one whose charter provides that it is not to distribute any profits to anyone: it exists for a purpose other than directly making money. Most charities are nonprofits, but so are trade associations, standards groups, and similar organizations. Groups such as TPM get their money from fees paid by members and are expected to act in the interests of those members.