Pondering Palladium

This is one of those columns I really wish I didn't need to write. Whenever I mention Microsoft Corp. I inevitably hear from someone who thinks that I am just Microsoft-bashing. Frankly, I'd love to avoid the subject of Microsoft altogether, but there's no way to ignore the company as long as it tries to undermine the growth of open source.

And that is precisely what I see happening with the advent of Palladium, the new Microsoft technology that the company claims will finally bring security to the PC industry. Palladium reportedly will create a security framework starting at the hardware level. Indications are that it will extend to non-Microsoft operating systems and software, including open-source OSes such as Linux and the BSDs (Berkeley Software Designs).

Has Microsoft so fully exhausted its own supply of bugs that it needs to tackle the problem of insecure hardware? Hardly. If that were so, my inbox would not continually fill with e-mails bearing the Klez virus from people using Microsoft software.

Does Microsoft have such superior security technology that we can expect other systems to benefit from the company's vast knowledge of the subject? If so, I don't think Gartner would have called for businesses to abandon Microsoft's IIS (Internet Information Server) as a corporate Web server due to its many security problems.

No, this does not strike me as merely an effort to improve security. This is an effort to establish control. Total control. And despite statements claiming that the user will be in control, I doubt it will play out that way.

Consider the fact that the EULA (end-user license agreement) on a recent patch for Windows Media Player already gives Microsoft the right to install digital rights management software on your machine and disable software on your system. The emphasis now is not on giving users more power. And it isn't likely to get any better.

Reports say that Microsoft will reveal some of the source to its Palladium code. Unfortunately, that does not mean that either the code or the technology will be usable by open source. The adoption of a restrictive license or royalty system -- either would make implementation incompatible with most open-source licenses -- would prevent open source from employing the technology. And that could give Microsoft the right to disable any open-source software on your machine due to a supposed "lack of security" -- even if no Microsoft OS resides on the box.

Why would anyone trust a single entity to provide the software that will control which programs can run on your machine? Especially when that entity has a vested interest in your running its software and not its competitors'.

It's time for a change. It's time for IT departments everywhere to take back control of their computing. Vote with your budget dollars. And remember that nothing returns total control to your IT department more than open source.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

More about GartnerMicrosoft

Show Comments