James Maguire answers this question about Microsoft's Next Generation Secure Computing Base (NGSCB, formerly named Palladium) in this osOpinion article, "Palladium's Dirty Little Secret."
NGSCB is intended to make sure only trusted applications can run on your PC. But this is the question: trusted by whom?
It appears that the apps must be trusted by Microsoft or another third party. That is, the software will be on your PC, but if a user has NGSCB turned on, the decision about what's trusted will be made by someone else. I'm beginning to feel uneasy.
In theory, you will be able to control your computer by turning NGSCB off.
But here's where it gets tricky. The problem with turning off your NGSCB is that you can't read NGSCB documents that colleagues send you. Once a business buys into NGSCB, all its employees and all its partners must opt in, because document-sharing is critical to the enterprise.
Which points to a bigger problem. If a business wants to communicate with another business that uses NGSCB, it must use the system. If NGSCB is built into Windows itself -- and it reportedly will be -- then any business that wants to collaborate with any other Windows-based business must use it. Just guessing, but I'll predict that OSes other than Windows (like Linux) will have a hard time competing in the NGSCB environment.
That sure helps Microsoft retain its market share, doesn't it? So NGSCB is an effective protection system, after all. But all it protects is Microsoft's market dominance.
Here is Maguire's conclusion.
The NGSCB situation reminds me of a phrase I learned in my Latin lessons as a school boy. The Roman poet Juvenal worried that the Centurions, whose job was protecting Rome, might themselves pose a security risk. "Sed quis custodiet ipsos custodes?" he asked. ("But who will guard the guards?")
Source: James Maguire, for osOpinion, May 16, 2003
12:03:08 PM Permalink