Slashdot Mirror


Microsoft Scales Down Palladium

bonch writes "Formerly known as Palladium, Next Generation Secure Computing Base (NGSCB) will not be fully available in Windows Longhorn after all. Instead, Longhorn will offer "the first part of NGSCB: Secure Startup," says Jim Allchin, Microsoft's group vice president for platforms. However, most hardware will not support this technology on release."

16 of 475 comments (clear)

  1. So... by madaxe42 · · Score: 5, Interesting

    What, exactly, is Longhorn going to do? They seem to have dropped more features from it than there were in the first place!

  2. Soo..... by Richard_at_work · · Score: 4, Interesting

    What exactly is Longhorn still bringing to the table at its release? I used to look forward to Longhorn when I ran Windows, because it was supposed to contain all these new and wonderful technologies, then I got tired of waiting and .... well, my .sig says it all really.

  3. Microsoft is totally dropping the ball by Anonymous Coward · · Score: 5, Interesting

    Microsoft is totally dropping the ball. Not that I'm complaining. But giving previews of software that's so bad that they have to threaten those that publish screenshots? Dropping important features?

    I tell you, if IBM sunk $1 billion dollars into making a single grandma-usable Linux distribution, it'd be the best $1 billion they ever spent. That's a pipe dream, but seriously, if nobody capitalizes on this, it's a total missed opportunity to break the Microsoft monopoly.

    In my opinion, the software is ready. KDE is all set to go. We've got office applications, dtp, multimedia, internet, databases... If somebody could fix CUPS, make software installation simple, and populate all the most important configurations in one area and give them easy-to-use and consistently-designed wizards (that the experienced users could of course ignore), this thing would be ready. Not World of Warcraft ready, maybe, but ready enough. Hell, I'd buy it in two seconds.

    The problem is, you need someone with deep pockets to finance all the boring aspects of making a unified-feeling distribution and fixing all the intricate bits (like CUPS or whatnot), but if they did, and slapped a big old IBM on the cover, it'd be dynamite. And having IBM on it would probably add a center juggernaut quality that might make hardware companies more interested in doing proper driver support.

  4. Re:TP-M my ass. by Ashtead · · Score: 4, Interesting
    In other words, no more pulling out a drive to virus-scan it then replacing it or replacing a drive on an OEM machine - that won't allow it to boot.

    Probably right about the virus-scan. Outside the machine, the drive probably will look like it is full of garbage.

    However, I don't think replacement will become impossible. If the machines won't allow replacement disks, this means that a disk failure will result in a useless machine; this will probably also get in the way of people wanting to add disks -- and the people wanting to put Linux on a second-hand machine will cry foul -- so this is going to fly as well as those boat-anchors those machines would become.

    And this iteration of Longhorn at least will not require these chips... you won't have to buy new motherboards just now. But, perhaps further down the line this may become a required peripheral for Longhorn, but this will not be until most motherboards have it in place.

    It looks like mostly a way of keeping stuff on hard-drives secret. As such this is not so bad in view of how frequent notebook-theft is, or how big the security problems of second-hand equipment are.

    --
    SIGBUS @ NO-07.308
  5. Steve Jobs - Balls of steel by skingers6894 · · Score: 3, Interesting

    Is anyone else amused at the timing of the release of Tiger? By all accounts it was ready to go a month ago.

    WINHEC finishes and then Tiger is released. Longhorn is shown to be an investment in distant future mediocrity and Tiger is released tomorrow.

    1. Re:Steve Jobs - Balls of steel by michaeldot · · Score: 3, Interesting
      WINHEC finishes and then Tiger is released. Longhorn is shown to be an investment in distant future mediocrity and Tiger is released tomorrow.

      Interesting point. It's a possibility, but is there much crossover though?

      The sort of people WinHEC is for are very committed Win32 API developers. They aren't necessarily interested in anything else, Linux, OS X, or any other *nix, whether its tech is inviting or not.

      These folk have years invested in the Windows architecture and WinHEC helps them prepare for the future of THEIR platform.

      If the timing had been a more general consumer or business focussed conference, where it was important to grab the hearts and minds of potentially swinging technology pundits, then the deliberate timing theory might have more weight.

      I think the so-called "looks over the shoulder" the Windows camp gives OS X are largely mythical. Apple's relevance is very small in the grander scheme of things, is it not?

      Maybe you've got a point though. The topics of WinHEC itself did seem to address future developments in Windows that are currently strengths of OS X.

  6. "world peace and cheap antigravity"! by NZheretic · · Score: 4, Interesting
    1994 : Cairo Takes OLE to New Levels
    The next version of Windows NT, code-named Cairo and targeted for release sometime in 1995, will be built around the concepts of objects and component software. It will have a native OFS (Object File System) and distributed system support.
    1995 : Signs to Cairo
    Cairo, Microsoft's object-oriented successor to Windows NT, will begin beta testing in early 1996 for release in 1997. Although Microsoft is not revealing the full details of Cairo yet, there are enough clues within current Microsoft OSes to yield a good idea of how it might work.
    1996 : Unearthing Cairo
    At the first NT developers conference in 1992, Bill Gates announced that Cairo would arrive in three years and would incorporate object-oriented technologies, especially an object file system. Since then, we've seen Windows NT 3.1, NT 3.5, NT 3.51, and most recently NT 4.0. None is object oriented, none has an object file system, none is Cairo. It seems that Cairo is Microsoft's sly way of promising the world. "Will we see Plug and Play in NT?" "Oh yes, of course, in Cairo." "Will NT ever produce world peace and cheap antigravity?" "You bet -- in Cairo."
  7. Truth in Advertising? by argent · · Score: 5, Interesting

    If Microsoft was going to start naming operating systems consistently, then... let's see...

    Windows 2000 -> Windows NT 5.0
    Windows XP -> Windows NT 5.1
    Longhorn -> Windows NT 6.0 or Windows NT 5.2?

    Or maybe even Windows NT 5.11?

    1. Re:Truth in Advertising? by mcbridematt · · Score: 5, Interesting

      True. Leaked builds have had NT 6.0 for ages. NT 5.2 is WinServer2003 AFAIK.

      DEVELOPER RANT: don't use if (win_version == nt5.1) use if (win_version >= nt51). It sucks, when I played around with the LH Alpha leaks, a lot of software didn't work out of the box because they didn't know what NT 6.0 is. Your firm may go bankrupt long before the LH release but don't go screwing your customers of any forwards compatibility.

      But congrats to the Mozilla devs for having good native UI integration - Mozilla looks really good under LH 3653 and LH 4008 and the plex theme.

      And among all the talk about LH being souped up XP in the past few days, isn't this feature called Aero still under lock and key? Or have M$ Shafted that too?

  8. For those wondering what Microsoft HAS been doing by Anonymous Coward · · Score: 3, Interesting

    For those wondering what Microsoft has been "doing" for the last 12 months, and how they are spending their billions in revenue. since it's clearly not about "product development", one hint was given by Eben Moglen, who says they have been hiring lawyers for the last 12 months and using them to shake down companies for cash in advance who use free software over "potential" patent disputes. In other words extorcion and racketeering. But you can read about this .

  9. Stripped? by dJOEK · · Score: 4, Interesting



    Is anyone here keeping a list of things that were supposed to be in Longhorn but aren't gonna be?

    --
    Exercise caution when modding this message up: the author acts like a jerk when his karma is excellent.
  10. Six years for Microsoft to implement my solution by NZheretic · · Score: 3, Interesting
    Google Usenet for "Trusted boot sequence" and the earliest recorded instance is in the thread on About Hybris and all worms:
    >further, don't count on that system being able to stop all code from
    >executing - it won't stop bootsectors,

    Solution - Trusted boot sequence
    (This would, to be truly secure, require a jumber on motherboard to be shorted for Flash-BIOS to be upgraded ) Flash-Bios checksums MBR bootsector, booting a rescue system on fail. MBR bootsector ( lilo etc ) checksums selected OS's required boot files, booting a rescue system on fail. OS boot system checksums ... well you get the drift.

    A rescue system could be netbooting from a trusted server, signed rescue partition/file or signed bootable cd-rom/DVD.

    Yes, NZheretic is David Mohring
  11. Re:TP-M my ass. by builderbob_nz · · Score: 3, Interesting

    Probably right about the virus-scan. Outside the machine, the drive probably will look like it is full of garbage.

    Speaking as a computer tech who make money out of cleaning up viruses that would be a real bitch :(

    Also, if it relies on a chip on the motherboard, what happens if the m/b gets toasted? Would all the data be history?

    --

    Karma? Hey I just call it as I see it.
  12. DEVELOPER RANT - Version checking. by argent · · Score: 5, Interesting

    DEVELOPER RANT: don't use if (win_version == nt5.1) use if (win_version >= nt51).

    DEVELOP RANT: don't use OS version tests if you can use feature tests instead.

    Not a comment specifically directed at you, I don't know if you do this, but I keep running into software on all platforms that doesn't run on older versions even when patches, service packs, hotfixes, software updates, backported libraries, or compatibility fixes have removed the dependency on the specific OS version they hardcoded into the application.

    One of the nice things about the Amiga is that all the developer documentation showed code checking library versions instead. Not perfect, but much better than OS version checks. Palm provided hooks to do functional checks down to the entry point level, but then spoiled it by shipping example code doing OS version checking.

  13. Re:So what *will* Longhorn offer then? by Shaper_pmp · · Score: 3, Interesting

    But there's so much more that we could do with ordinary computing. I can think of half-a-dozen things we could be doing, without any trouble at all. Fuck Trusted Computing and DRM, and fuck sucking up to Big Content - whatever happened to genuine developments and refinements in basic computer use?

    For just one example, where's the scriptability of compiled apps? I'm not talking about built-in VBA (hackcoughspit), but something more like Apple's system (SmallTalk? I dunno), or DCOP in KDE or GNOME (I forget which - a linux-based colleague once wowed me with how compiled, native, window-manager apps could be hooked by external scripts which received input and controlled the apps' behaviour.

    Sure, ActiveX was a step in that direction, but it's not a "default" part of any Windows app - you have to code for it specifically and it's a nightmare. It's also a pile of shite, and insecure to boot.

    I want to be able to write a script to hook when a certain colleague comes on-line in MSN Messenger, and automatically MSN him a file (fuck, I'd settle for only being alerted when someone from a certain group came on-line, but no-go). I want to be able to hook the end of a CD-burn and shutdown my machine. Or play a sound. I want to be able to script additional user-actions tied to a specific menu item in a specific program, or tied to a single menu item in every program that offers that menu item.

    I know all these things can be done, either using kludgy workarounds, different apps or using VB/WSH/JS and ActiveX objects, but every solution is different. Nothing works the same. Most programs are entirely unscriptable, unless the programmer specifically tries to offer that functionality.

    I want Visual Studio to expose DCOP-style scripting hooks for every app, unless you specifically turn it off (and even then, that shouldn't be easy). I want a proper, documented, sensible scripting language (or languages). .NET would look vaguely interesting, if it wasn't now an empty marketing catch-all buzzword for vendor lock-in. They could have done it right and created a genuinely next-generation interface, but instead it's late, buggy, ill-designed and ultimately just one more attempt to tie you to MS.

    Sure, I can hear the calls now - "but users won't use those features - who even understands scripting apart from a few hackers, sysadmins and power users?"

    But that's your fucking answer right there - the early adopters and pioneers, the people who advise on business-systems upgrades, and the people who bridge the gap and educate their fellow "ordinary users" so the skills trickle-down until everyone understands it. Fifteen years ago, who used and understood e-mail, or the internet? Hackers and sysadmins. And now?

    Linux is successful because it's designed for hackers. Sure, it can be retrofitted for normal users too, but the reason it's still around is the thousands of hackers who tinker and play with it.

    Microsoft is successful because of their enormous marketing budget, and their canny (and, to be fair, illegal) business practices. I'd even go so far as to say MS is successful in spite of their technology - it's generally inferior to FOSS, in my opinion, because they'll compromise on The Right Thing for marketing and vendor lock-in reasons.

    If I were MS I'd be making my UI as scriptable and hackable as possible in an attempt to steal Linux's thunder. They've currently got the basic-user-desktop sewn up, although it's under attack from FLOSS. If they had any sense at all they'd be courting the hackers and power-users, to actually attack FLOSS where it hurt.

    Build it and they will come.

    --
    Everything in moderation, including moderation itself
  14. What is secure startup ? by OeLeWaPpErKe · · Score: 4, Interesting

    Secure startup is making remote attestation of the software configuration possible.

    What does it do ?

    If a remote website asks your pc "do you run windows Longhorn ?" it will not be possible to lie. You can not give an answer at all if you choose not to, but you cannot claim you run windows longhorn without actually running windows longhorn.

    Why is this useful ? DRM. The way to avoid DRM is to (for example) run a display driver that captures images and prints them out. So now the remote website can ask you "what version/configuration of windows are you running, please specify your display driver."

    You can choose to respond in 3 ways :
    -> not at all -> access denied
    -> you can lie -> lie is detected -> access denied
    -> you can tell the truth -> access granted

    Obviously, in the last case, you are totally at the mercy of their software, which is obviously the whole point of Secure startup.

    With secure startup websites that only want microsoft browsers visiting them (your bank, your employer, ...) will be able to enforce that policy. IE-only will be enforced by the hardware inside your computer itself, and it will not be circumventeable.