Thought of the day: Is Palladium worth the wait?

Hard-hitting IT columnist Simon Moores gives his personal take on the hot issue of the day.I've been trying to get to grips with...

Hard-hitting IT columnist Simon Moores gives his personal take on the hot issue of the day.I've been trying to get to grips with Palladium, Microsoft's solution to a problem of its own making, namely security or the lack of it, in the Windows environment.

Palladium isn't something you'll find in a box of any kind for some time to come, as it's still far more of a blueprint than a reality and will rely on specially designed hardware security chips and microprocessors from Intel and AMD.

In fact, Palladium is, fundamentally, a secure and encrypted run-time environment for Windows and other operating systems. It will allow the next generation of "Palladium-aware" software applications and services to protect the user from every conceivable nasty that can be thrown at a personal computer if the Palladium function, like a light switch, is turned on.

This doesn't mean to say that the threat of viruses, or compromised privacy, or even spam will disappear overnight. It simply means, as I understand it, that Palladium will introduce a secure and encrypted environment under Windows that will prevent untrusted code of any kind from executing.

When a new generation of PCs arrives sometime after 2004, with Microsoft's next version of Windows XP, "Longhorn" and Palladium capability, it will usher in a new era of "trusted" services, which should, in theory, make Microsoft a synonym for security.

Without delving much deeper into the detail of Palladium, there does seem to be a catch that has attracted my curiosity. In order to achieve what it has in mind, Microsoft will have to eliminate all the insecure elements that compromise its software and change its file structure.

So does this mean we wave goodbye to ActiveX controls and macros? After all, the Microsoft environment as it exists today is riddled with security problems, and so the only viable solution must surely involve some kind of rewrite of the architecture, drawing a line between Windows today and Windows tomorrow? The kind of break we saw between DOS and OS/2 more than decade ago.

To be honest, I don't know many of the answers yet and the Palladium/Longhorn combination has implications that go far beyond the question of simple PC security. We all want and need trusted computing and if we're realistic, it's not going to be with us in any dramatic form until 2005 at the earliest.

In between, Microsoft needs to stop Linux from nibbling away at its customer base and will continue to do what it does best, using smoke and mirrors to distract customers away from today's problems in the anticipation of a solution appearing just over the horizon.

In the meantime, and, given all the embarrassing examples of failure that followed this year's Trusted Computing initiative, I wonder if Microsoft has the luxury of time available to develop the Palladium project before the next really big security disaster dents its credibility beyond the point of no return.

What is your view?
Can you afford to wait for Microsoft's next security initiative? Tell us in an e-mail >> reserves the right to edit and publish answers on the Web site. Please state if your answer is not for publication.

Zentelligence Setting the world to rights with the collected thoughts and opinions of the futurist writer, broadcaster and Computer Weekly columnist Simon Moores.

Read more on Antivirus, firewall and IDS products