Conspiracy Theory
If Palladium delivers on its promise, it could be a very powerful security feature; and it would be easy enough to use so that the average user could take advantage of its capabilities.
But many security experts are skeptical as to Microsoft's true intentions behind the development of Palladium. While it may enable users to utilize strong security technologies, it could also be used by vendors to tightly "bind" customers to their product line in the future.
Dr. Ross Anderson, leader of the Computer Security Group at Cambridge University, says: "The real threat of TCPA/Palladium is an economic one. In information goods and services markets, the value of a customer is often their total switching cost. Palladium offers the prospect of pushing up these switching costs dramatically. For example, if Word were ever to be seriously threatened by Staroffice, and everyone were using TCPA/Palladium PCs, then Microsoft could roll out a policy change to the effect that Word documents would be sealed using keys that would be accessible to 'good' applications such as Excel, but not to 'bad' applications such as Star[office]."
It is important to note that this is not strictly a Microsoft issue. Palladium is really just Microsoft's implementation of specifications developed by a larger body called the Trusted Computing Platform Alliance (TCPA). Founded by IBM, Compaq, HP, Intel, and of course Microsoft, the TCPA contains over 180 member companies including others like Novell, AMD, Adobe, Dell, Motorola, and Tripwire.
In the same way that Microsoft could lock down Word documents to "trusted" applications, HP could just as easily force its printers to output low resolution documents if a genuine HP color cartridge was not used in the printer. This would certainly make some customers angry, but when you consider that HP makes its "printer" money on accessories, losing a customer who isn't purchasing their brand of cartridges is not really losing that much.
Echoing Anderson's sentiments, Bruce Schneier opined "this [Palladium] has nothing to do with security; it has everything to do with protectionism."
These 180 companies are not all developing this project from a core of Evil Conspiracy; I'm sure that many have the best interests of their customers at heart. Microsoft's Mario Juarez believes in the project, and I think the excitement in his voice when he speaks of it is genuine. There are certainly lots of good things that could come out of a system like this.
But even if only the best of intentions go into the development of Palladium today, we have no idea what future management at Microsoft may choose to do with it tomorrow. And that is what we have to watch.
From:
http://online.securityfocus.com/columnists/93