Next-Generation Secure Computing Base
The Next-Generation Secure Computing Base (NGSCB; codenamed Palladium
Part of the
NGSCB was subject to much controversy during its development, with critics contending that it would impose restrictions on users, enforce
NGSCB differed from technologies Microsoft billed as "pillars of Windows Vista"—Windows Presentation Foundation, Windows Communication Foundation, and WinFS—during its development in that it was not built with the .NET Framework and did not focus on managed code software development.[8][14] NGSCB has yet to fully materialize; however, aspects of it are available in features such as BitLocker of Windows Vista, Measured Boot of Windows 8,[15] Certificate Attestation of Windows 8.1,[16] and Device Guard of Windows 10.[17]
History
Early development
Development of NGSCB began in 1997 after
During WinHEC 1999, Biddle discussed intent to create a "trusted" architecture for Windows to leverage new hardware to promote confidence and security while preserving backward compatibility with previous software.[27] On October 11, 1999, the Trusted Computing Platform Alliance, a consortium of various technology companies including Compaq, Hewlett-Packard, IBM, Intel, and Microsoft was formed in an effort to promote personal computing confidence and security.[28] The TCPA released detailed specifications for a trusted computing platform with focus on features such as code validation and encryption based on integrity measurements, hardware-based key storage, and machine authentication; these features required a new hardware component designed by the TCPA called the "Trusted Platform Module" (referred to as a "Security Support Component",[9] "Security CoProcessor",[5] or "Security Support Processor"[5] in early NGSCB documentation).
At WinHEC 2000, Microsoft released a technical presentation on the topics of protection of privacy, security, and intellectual property titled "Privacy, Security, and Content in Windows Platforms", which focused on turning Windows into a "platform of trust" for computer security, user content, and user privacy. Notable in the presentation is the contention that "there is no difference between privacy protection, computer security, and content protection"—"assurances of trust must be universally true".[2] Microsoft reiterated these claims at WinHEC 2001.[29] NGSCB intended to protect all forms of content, unlike traditional rights management schemes which focus only on the protection of audio tracks or movies instead of users they have the potential to protect which made it, in Biddle's words, "egalitarian".[2][30]
As "Palladium"
Microsoft held its first design review for the NGSCB in April 2002, with approximately 37 companies under a
Microsoft PressPass later interviewed John Manferdelli, who restated and expanded on many of the key points discussed in the article by Newsweek. Manferdelli described it as evolutionary platform for Windows in July, articulating how "'Palladium' will not require DRM, and DRM will not require 'Palladium'.[26] Microsoft sought a group program manager in August to assist in leading the development of several Microsoft technologies including NGSCB.[34] Paul Otellini announced Intel's support for NGSCB with a set of chipset, platform, and processor codenamed "LaGrande" at Intel Developer Forum 2002,[35][36] which would provide an NGSCB hardware foundation and preserve backward compatibility with previous software.[37]
As NGSCB
NGSCB was known as "Palladium" until January 24, 2003 when Microsoft announced it had been renamed as "Next-Generation Secure Computing Base." Project manager Mario Juarez stated this name was chosen to avoid legal action from an unnamed company which had acquired the rights to the "Palladium" name, as well as to reflect Microsoft's commitment to NGSCB in the upcoming decade. Juarez acknowledged the previous name was controversial, but denied it was changed by Microsoft to dodge criticism.[38]
The Trusted Computing Platform Alliance was superseded by the Trusted Computing Group in April 2003.[39] A principal goal of the new consortium was to produce a TPM specification compatible with NGSCB; the previous specification, TPM 1.1 did not meet its requirements.[19][40] TPM 1.2 was designed for compliance with NGSCB[41] and introduced many features for such platforms.[42] The first TPM 1.2 specification, Revision 62 was released in 2003.[43]
Biddle emphasized in June 2003 that hardware vendors and software developers were vital to NGSCB.
Microsoft also announced details related to adoption and deployment of NGSCB at WinHEC 2003, stating that it would create a new value proposition for customers without significantly increasing the cost of computers; NGSCB adoption during the year of its introductory release was not anticipated and immediate support for servers was not expected.
NGSCB was among the topics discussed during Microsoft's PDC 2003 with a pre-beta software development kit, known as the Developer Preview, being distributed to attendees.[10] The Developer Preview was the first time that Microsoft made NGSCB code available to the developer community and was offered by the company as an educational opportunity for NGSCB software development.[66] With this release, Microsoft stated that it was primarily focused on supporting business and enterprise applications and scenarios with the first version of the NGSCB scheduled to ship with Windows Vista, adding that it intended to address consumers with a subsequent version of the technology, but did not provide an estimated time of delivery for this version.[8][66] At the conference, Jim Allchin said that Microsoft was continuing to work with hardware vendors so that they would be able to support the technology,[67] and Bill Gates expected a new generation of central processing units to offer full support.[68] Following PDC 2003, NGSCB was demonstrated again on prototype hardware during the annual RSA Security conference in November.[69]
Microsoft announced at WinHEC 2004 that it would revise NSCB in response to feedback from customers and independent software vendors who did not desire to rewrite their existing programs in order to benefit from its functionality;[11][70] the revision would also provide more direct support for Windows with protected environments for the operating system, its components, and applications, instead of it being an environment to itself and new applications.[71] The NGSCB secure input feature would also undergo a significant revision based on cost assessments, hardware requirements, and usability issues of the previous implementation.[72] There were subsequent reports that Microsoft would cease developing NGSCB;[73][74] Microsoft denied these reports and reaffirmed its commitment to delivery.[14][75] Additional reports published later that year suggested that Microsoft would make even additional changes based on feedback from the industry.[6][76]
Microsoft's absence of continual updates on NGSCB progress in 2005 had caused industry insiders to speculate that NGSCB had been cancelled.[77] At the Microsoft Management Summit event, Steve Ballmer said that the company would build on the security foundation it had started with the NGSCB to create a new set of virtualization technologies for Windows,[78] which were later Hyper-V. Reports during WinHEC 2005 indicated Microsoft scaled back its plans for NGSCB, so that it could to ship Windows Vista—which had already been beset by numerous delays and even a "development reset"—within a reasonable timeframe; instead of isolating components, NGSCB would offer "Secure Startup" ("BitLocker Drive Encryption") to encrypt disk volumes and validate both pre-boot firmware and operating system components.[12][79][80][81] Microsoft intended to deliver other aspects of NGSCB later.[3] Jim Allchin stated NGSCB would "marry hardware and software to gain better security", which was instrumental in the development of BitLocker.[81]
Architecture and technical details
A complete Microsoft-based Trusted Computing-enabled system will consist not only of software components developed by Microsoft but also of hardware components developed by the Trusted Computing Group. The majority of features introduced by NGSCB are heavily reliant on specialized hardware and so will not operate on PCs predating 2004.
In current Trusted Computing specifications, there are two hardware components: the
Secure storage and attestation
At the time of manufacture, a cryptographic key is generated and stored within the TPM. This key is never transmitted to any other component, and the TPM is designed in such a way that it is extremely difficult to retrieve the stored key by reverse engineering or any other method, even to the owner. Applications can pass data encrypted with this key to be decrypted by the TPM, but the TPM will only do so under certain strict conditions. Specifically, decrypted data will only ever be passed to authenticated, trusted applications, and will only ever be stored in curtained memory, making it inaccessible to other applications and the Operating System. Although the TPM can only store a single cryptographic key securely, secure storage of arbitrary data is by extension possible by encrypting the data such that it may only be decrypted using the securely stored key.
The TPM is also able to produce a
Curtained memory
NGSCB also relies on a curtained memory feature provided by the CPU. Data within curtained memory can only be accessed by the application to which it belongs, and not by any other application or the Operating System. The attestation features of the TPM(Trusted Platform Module) can be used to confirm to a trusted application that it is genuinely running in curtained memory; it is therefore very difficult for anyone, including the owner, to trick a trusted application into running outside of curtained memory. This in turn makes reverse engineering of a trusted application extremely difficult.
Applications
NGSCB-enabled applications are to be split into two distinct parts, the NCA, a trusted module with access to a limited
The reason for this split is that the Windows API has developed over many years and is as a result extremely complex and difficult to audit for security bugs. To maximize security, trusted code is required to use a smaller, carefully audited API. Where security is not paramount, the full API is available.
Uses and scenarios
NGSCB enables new categories of applications and scenarios. Examples of uses cited by Microsoft include decentralized access control policies; digital rights management services for consumers, content providers, and enterprises; protected instant messaging conversations and online transactions; and more secure forms of machine health compliance, network authentication, and remote access.[5] NGSCB-secured virtual private network access was one of the earliest scenarios envisaged by Microsoft.[82] NGSCB can also strengthen software update mechanisms such as those belonging to antivirus software or Windows Update.[83]
An early NGSCB privacy scenario conceived of by Microsoft is the "wine purchase scenario," where a user can safely conduct a transaction with an online merchant without divulging
"The concept of machine identity actually gives you the ability to do things like strengthen antivirus updates because you can start creating circumstances where you sort of create a little secure partition, or secure space within the PC, and that can let you do things like work around rootkits. [...] A lot of what is happening in the arms race of security today is an attempt to subvert an operating system so that the operating system is no longer behaving in the manner in which it was either designed or the user wants—without the user knowing—right? And in other cases, it's about creating a fake user which then does things on your behalf—which are not really on your behalf: spends your money, gives away your data, gives away personally identifiable information. So anything that lets you create a stronger, more immutable identity combination like: "this is the machine, this is the software, this is the operating system, this is the service, this is the user" is something that can benefit users because things that work on chiseling into those spaces are less effective."
— Peter Biddle.[83]
WinHEC 2004 scenarios
During WinHEC 2004, Microsoft revealed two features based on its revision of NGSCB, Cornerstone and Code Integrity Rooting:[71]
- Cornerstone would protect a user's login and authentication information by securely transmitting it to NGSCB-protected Windows components for validation, finalizing the user authentication process by releasing access to the SYSKEY if validation was successful. It was intended to protect data on laptops that had been lost or stolen to prevent hackers or thieves from accessing it even if they had performed a software-based attack or booted into an alternative operating system.[71]
- Code Integrity Rooting would validate boot and system files prior to the startup of Microsoft Windows. If validation of these components failed, the SYSKEY would not be released.[71]
BitLocker is the combination of these features; "Cornerstone" was the codename of BitLocker,[85][86] and BitLocker validates pre-boot firmware and operating system components before boot, which protects SYSKEY from unauthorized access; an unsuccessful validation prohibits access to a protected system.[87][88]
Reception
Reaction to NGSCB after its unveiling by Newsweek was largely negative. While its security features were praised,
After NGSCB's unveiling, Microsoft drew frequent comparisons to Big Brother, an oppressive dictator of a totalitarian state in George Orwell's dystopian novel Nineteen Eighty-Four. The Electronic Privacy Information Center legislative counsel, Chris Hoofnagle, described Microsoft's characterization of the NGSCB as "Orwellian."[102] Big Brother Awards bestowed Microsoft with an award because of NGSCB.[84] Bill Gates addressed these comments at a homeland security conference by stating that NGSCB "can make our country more secure and prevent the nightmare vision of George Orwell at the same time."[103] Steven Levy—the author who unveiled the existence of the NGSCB—claimed in a 2004 front-page article for Newsweek that NGSCB could eventually lead to an "information infrastructure that encourages censorship, surveillance, and suppression of the creative impulse where anonymity is outlawed and every penny spent is accounted for."[104] However, Microsoft outlined a scenario enabled by NGSCB that allows a user to conduct a transaction without divulging personally identifiable information.[84]
"We are not going to use Palladium to make our customers—our favorite people—angry at us."
Peter Biddle[113]
After the release of Anderson's report, Microsoft stated in an NGSCB
In response to concerns that NGSCB would take control away from users for the sake of content providers, Bill Gates stated that the latter should "provide their content in easily accessible forms or else it ends up encouraging piracy."[117] Bryan Willman, Marcus Peinado, Paul England, and Peter Biddle—four NGSCB engineers—realized early during the development of NGSCB that DRM would ultimately fail in its efforts to prevent piracy.[101] In 2002, the group released a paper titled "The Darknet and the Future of Content Distribution" that outlined how content protection mechanisms are demonstrably futile.[118] The paper's premise circulated within Microsoft during the late 1990s and was a source of controversy within Microsoft; Biddle stated that the company almost terminated his employment as a result of the paper's release.[101] A 2003 report published by Harvard University researchers suggested that NGSCB and similar technologies could facilitate the secure distribution of copyrighted content across peer-to-peer networks.[119][120]
Not all assessments were negative. Paul Thurrott praised NGSCB, stating that it was "Microsoft's Trustworthy Computing initiative made real" and that it would "form the basis of next-generation computer systems."[121] Scott Bekker of Redmond Magazine stated that NGSCB was misunderstood because of its controversy and that it appeared to be a "promising, user-controlled defense against privacy intrusions and security violations."[89] In February 2004, In-Stat/MDR, publisher of the Microprocessor Report, bestowed NGSCB with its Best Technology award.[122] Malcom Crompton, Australian Privacy Commissioner, stated that "NGSCB has great privacy enhancing potential [...] Microsoft has recognised there is a privacy issue [...] we should all work with them, give them the benefit of the doubt and urge them to do the right thing."[123] When Microsoft announced at WinHEC 2004 that it would be revising NGSCB so that previous applications would not have to be rewritten, Martin Reynolds of Gartner praised the company for this decision as it would create a "more sophisticated" version of NGSCB that would simplify development.[124] David Wilson, writing for South China Morning Post, defended NGSCB by saying that "attacking the latest Microsoft monster is an international blood sport" and that "even if Microsoft had a new technology capable of ending Third World hunger and First World obesity, digital seers would still lambaste it because they view Bill Gates as a grey incarnation of Satan."[125] Microsoft noted that negative reaction to NGSCB gradually waned after events such as the USENIX Annual Technical Conference in 2003,[71] and several Fortune 500 companies also expressed interest in it.[71][126]
When reports announced in 2005 that Microsoft would scale back its plans and incorporate only BitLocker with Windows Vista, concerns pertaining erosion of user rights, vendor lock-in, and other potential abuses remained.[12][80][127][128] In 2008, Biddle stated that negative perception was the most significant contributing factor responsible for the cessation of NGSCB's development.[129]
Vulnerability
In an article in 2003, D. Boneh and D. Brumley indicated that projects like NGSCB may be vulnerable to timing attacks.[130]
See also
- Microsoft Pluton
- Secure Boot
- Intel LaGrande
- Trusted Computing
- Trusted Platform Module
- Intel Management Engine
References
- ^ a b c d e Levy, Steven (June 24, 2002). "The Big Secret". Newsweek. Newsweek LLC. Retrieved January 30, 2015.
- ^ a b c Biddle, Peter; Peinado, Marcus; England, Paul (2000). "Privacy, Security, and Content in Windows Platforms". Microsoft. Archived from the original (PPT) on April 2, 2015. Retrieved January 30, 2015.
- ^ a b c Microsoft. "Shared Source Initiative Home Page". Microsoft. Retrieved January 30, 2015.
- ^ Carroll, Amy; Juarez, Mario; Polk, Julia; Leininger, Tony (2002). "Microsoft 'Palladium': A Business Overview" (PDF). Microsoft. Retrieved May 3, 2015.
- ^ a b c d e f Aday, Michael. "Palladium" (PDF). Microsoft. Retrieved January 30, 2015.
- ^ CBS Interactive. Retrieved January 30, 2015.
- ^ England, Paul; Lampson, Butler; Manferdelli, John; Peinado, Marcus; Willman, Bryan (July 2003). "A Trusted Open Platform" (PDF). IEEE Computer Society. Retrieved September 25, 2015.
- ^ a b c d Kaplan, Keith; Cram, Ellen (2003). "Next-Generation Secure Computing Base - Overview and Drilldown" (PPT). Microsoft. Retrieved January 30, 2015.
- ^ a b c d e f Microsoft. "Next-Generation Secure Computing Base - Technical FAQ". TechNet. Retrieved February 16, 2015.
- ^ a b c "A Review of Microsoft Technology for 2003, Preview for 2004". News Center. Microsoft. December 15, 2003. Retrieved January 30, 2015.
- ^ Network World. IDG. Archived from the originalon November 18, 2005. Retrieved January 30, 2015.
- ^ a b c Sanders, Tom (April 26, 2005). "Longhorn security gets its teeth kicked out". Incisive Media. Retrieved January 30, 2015.
- CBS Interactive. Retrieved August 18, 2015.
- ^ a b "Microsoft: Palladium is still alive and kicking". eWeek. QuinStreet. May 5, 2004. Retrieved January 30, 2015.
- ^
MSDN. Retrieved January 30, 2015.
- ^
MSDN. Retrieved March 6, 2015.
- ^ Thomson, Iain (April 23, 2015). "Windows 10 Device Guard: Microsoft's effort to keep malware off PCs". The Register. Situation Publishing. Retrieved April 25, 2015.
- Schoen, Seth (July 5, 2002). "Palladium summary". Archived from the original on August 2, 2002. Retrieved January 30, 2015.)
{{cite web}}
: CS1 maint: unfit URL (link - ^ a b c d Merritt, Rick (July 15, 2002). "Microsoft scheme for PC security faces flak". EE Times. UBM plc. Retrieved January 30, 2015.
- ^ a b "Microsoft, allies gear to reshape copyright debate". Daily Times. Reuters. September 9, 2002. Archived from the original on March 4, 2016. Retrieved September 1, 2015.
- ^ LaMacchia, Brian. "An Overview of Palladium" (PPT). Microsoft. Retrieved February 17, 2015.
- ^ Barr, Adam (July 9, 2002). "TCPA and Palladium: Sony Inside". Kuro5hin. Retrieved January 30, 2015.
- Microsoft Corporation
- Microsoft Corporation
- ^ Lampson, Butler. "Cirriculum Vitae" (DOC). Microsoft. Retrieved January 30, 2015.
- ^ a b "Q&A: Microsoft Seeks Industry-Wide Collaboration for Palladium Initiative". News Center. Microsoft. July 1, 2002. Retrieved January 30, 2015.
- ^ Nash, Mike (2003). "Microsoft Directions In Security: Making It Real". Microsoft. Archived from the original (EXE) on August 8, 2003. Retrieved February 16, 2015.
- ^ Gorman, Ray (October 11, 1999). "Compaq, Hewlett Packard, IBM, Intel, and Microsoft Announce Open Alliance to Build Trust and Security into PCs for e-business". IBM. Retrieved February 16, 2015.
- ^ Biddle, Peter; Peinado, Marcus; Flanagan, Dennis (2001). "Privacy, Security, and Content Protection". Microsoft. Archived from the original (PPT) on June 26, 2017. Retrieved January 30, 2015.
- ^ Biddle, Peter. "Re: Privacy-enabling uses for TCPA - MARC". MARC. Retrieved May 1, 2015.
- Ziff Davis Media. Archived from the originalon March 29, 2019. Retrieved January 30, 2015.
- Ziff Davis Media. Retrieved January 30, 2015.
- ^ Rooney, Paula (June 25, 2002). "Channel Positive About Microsoft Palladium Security Project". The Channel Company. Retrieved January 30, 2015.
- ^ Lettice, John (August 13, 2002). "MS recruits for Palladium microkernel and/or DRM platform". The Register. Situation Publishing. Retrieved January 30, 2015.
- ^ "Paul Otellini Keynote -- IDF Fall 2002". Intel. September 9, 2002. Retrieved February 16, 2015.
- ^ Greene, Thomas (September 10, 2002). "Intel's new chip for security Renaissance". The Register. Situation Publishing. Retrieved February 16, 2015.
- ^ Girard, Luke; Jones-Ferron, Mike (2003). "LaGrande Technology & Safer Computing Overview" (PDF). Intel. Archived from the original (PDF) on December 17, 2003. Retrieved March 6, 2015.
- CBS Interactive. Archived from the originalon August 10, 2011. Retrieved March 29, 2019.
- EETimes. UBM plc. Retrieved February 16, 2015.
- ^ Biddle, Peter (August 5, 2002). "Re: Dangers of TCPA/Palladium" (TXT). Retrieved February 16, 2015.
- ^ a b "Privacy-Enabling Enhancements in the Next-Generation Secure Computing Base". Microsoft. 2003. Archived from the original (DOC) on December 28, 2005. Retrieved February 21, 2015.
- ^ Heil, Stephen; Zeman, Pavel (2004). "TPM 1.2 Trusted Platform Module And Its Use In NGSCB". Microsoft. Archived from the original (PPT) on August 27, 2006. Retrieved February 21, 2015.
- ^ Trusted Computing Group. "Trusted Computing Group - TPM Main Specification". Retrieved February 21, 2015.
- ^ Fisher, Dennis (May 5, 2003). "Microsoft to Get More Control of the PC?". eWeek. QuinStreet. Retrieved January 30, 2015.
- CBS Interactive. Retrieved January 30, 2015.
- ^ Bekker, Scott (May 6, 2003). "Palladium on Display at WinHEC". Redmond Magazine. 1105 Media Inc. Retrieved January 30, 2015.
- Ziff Davis Media. Retrieved January 30, 2015.
- ^ Network World. IDG. Retrieved January 30, 2015.
- ^ Evers, Joris (March 26, 2003). "Microsoft plans Palladium demo in May". Computer World. IDG. Retrieved January 30, 2015.
- ^ Microsoft (May 7, 2003). "At WinHEC, Microsoft Discusses Details of Next-Generation Secure Computing Base". Microsoft. Retrieved January 30, 2015.
- Ziff Davis Media. Archived from the originalon March 4, 2016. Retrieved January 30, 2015.
- ^ a b Krill, Paul (June 19, 2003). "Microsoft readies kit for security initiative". InfoWorld. IDG. Retrieved January 30, 2015.
- ^ CBS Interactive. Retrieved January 30, 2015.
- ^ Evers, Joris (May 8, 2003). "WinHEC: Microsoft expects slow adoption for NGSCB". InfoWorld. IDG. Retrieved January 30, 2015.
- ^ Evers, Joris. (May 9, 2003). "WinHEC: Palladium for servers a long way out". InfoWorld. IDG. Retrieved January 30, 2015.
- ^ Biddle, Peter; Kirk, David (2003). "Trusted Graphics and NGSCB". Microsoft. Archived from the original on August 8, 2003. Retrieved December 2, 2015.
{{cite web}}
: CS1 maint: unfit URL (link) - ^ Microsoft (2003). "Trusted Platform Technologies". Windows Hardware Engineering Conference. Archived from the original on June 20, 2003. Retrieved January 30, 2015.
- Ziff Davis Media. May 9, 2003. Retrieved January 30, 2015.
- ITWorld. IDG. Archived from the originalon December 8, 2015. Retrieved January 30, 2015.
- ^ Business Wire (May 7, 2003). "Atmel and Microsoft Demonstrate New Secure USB Keyboard Prototype at WinHEC 2003" (Press release). Retrieved January 30, 2015.
{{cite press release}}
:|author=
has generic name (help) - ^ a b Linden, Marielle (May 6, 2003). "Fujitsu Components and Comodo Demonstrate the Future of Secure Input at WINHEC 2003". Fujitsu. Archived from the original on December 6, 2015. Retrieved January 30, 2015.
- Comodo Group (2003). "SIDEN TC4000 Cost Optimized Security Solution (NGSCB Compatible)"(PDF). Retrieved November 22, 2014.
- ^ SafeNet (May 6, 2003). "SafeNet Supplies Encryption Technology to Microsoft for its Next-Generation Secure Computing Base Demonstration". Retrieved January 30, 2015.[permanent dead link]
- BusinessWire. May 6, 2003. Retrieved December 6, 2015.
- ^ Evers, Joris (June 12, 2003). "Microsoft takes 'Palladium' on tour". InfoWorld. IDG. Retrieved January 30, 2015.
- ^ NetworkWorld. IDG. Retrieved January 30, 2015.
- ^ "Speech Transcript – Jim Allchin, Microsoft Professional Developers Conference 2003". News Center. Microsoft. October 27, 2003. Retrieved January 30, 2015.
- ^ a b Lettice, John (October 28, 2003). "NGSCB, aka Palladium, in next generation of CPU, says Gates". The Register. Situation Publishing. Retrieved January 30, 2015.
- ^ "Microsoft Details New Security Innovations at RSA Conference 2003, Europe". News Center. Microsoft. November 4, 2003. Retrieved January 30, 2015.
- ^ Sanders, Tom (May 6, 2004). "Microsoft shakes up Longhorn security". Incisive Media. Retrieved January 30, 2015.
- ^ a b c d e f Biddle, Peter (2004). "Next-Generation Secure Computing Base". Microsoft. Archived from the original (PPT) on August 27, 2006. Retrieved January 30, 2015.
- ^ Wooten, David (2004). "Securing the User Input Path on NGSCB Systems". Microsoft. Archived from the original (PPT) on May 9, 2006. Retrieved September 12, 2015.
- ^ Bangeman, Eric (May 5, 2004). "Microsoft kills Next-Generation Secure Computing Base". Ars Technica. Condé Nast. Retrieved January 30, 2015.
- ^ Rooney, Paula (May 5, 2004). "Microsoft shelves NGSCB project as NX moves to center stage". The Channel Company. Retrieved January 30, 2015.
- Penton. Retrieved January 30, 2015.
- ^ Liang, Ping (August 19, 2004). "What to expect from Microsoft's NGSCB plan". Computerworld. IDG. Retrieved June 26, 2015.
- PCWorld. IDG. Archived from the originalon June 13, 2015. Retrieved January 30, 2015.
- ^ Microsoft (April 20, 2005). "Steve Ballmer: Microsoft Management Summit". Microsoft. Retrieved January 30, 2015.
- ^ Evers, Joris (April 25, 2005). "Microsoft delays bulk of next-generation security plan". Computerworld. IDG. Retrieved June 26, 2015.
- ^ Symantec. Archived from the originalon September 24, 2015. Retrieved January 30, 2015.
- ^ PC Magazine. Ziff Davis. Archived from the originalon June 13, 2015. Retrieved June 11, 2015.
- ^ Becker, Phil (June 26, 2002). "Interview with Palladium's Mario Juarez". Digital Identity World, LLC. Archived from the original on May 2, 2003. Retrieved March 14, 2015.
- ^ a b "Peter Biddle - BitLocker, Security in Windows Vista". Channel9. Microsoft. July 11, 2006. Retrieved March 13, 2015.
- ^ a b c Cannon, JC (2003). "Trustworthy Computing in Action: Privacy at Microsoft". Microsoft. Archived from the original (PPT) on June 14, 2015. Retrieved March 14, 2015.
- ^ Thurrott, Paul (September 9, 2005). "Pre-PDC Exclusive: Windows Vista Product Editions". Supersite for Windows. Penton. Archived from the original on April 2, 2015. Retrieved March 14, 2015.
- ^ Ourghanlian, Bernard (2007). "Plongée en aux profondes" (PPTX). Microsoft TechDays. Microsoft. Retrieved September 4, 2015.
- ^ Microsoft (April 22, 2005). "Secure Startup - Full Volume Encryption: Technical Overview" (DOC). Retrieved March 14, 2015.
- ^ Microsoft (April 21, 2005). "Secure Startup - Full Volume Encryption: Executive Overview" (DOC). Retrieved June 9, 2015.
- ^ a b Bekker, Scott (July 7, 2003). "Palladium: Don't Fear the Nexus". Redmond Magazine. 1105 Media Inc. Retrieved June 10, 2015.
- ^ a b Schneier, Bruce (August 15, 2002). "Palladium and the TCPA". Retrieved July 26, 2015.
- ^ Public Broadcasting Service. Retrieved June 11, 2015.
- ^ Forno, Richard (June 24, 2002). "MS to micro-manage your computer". The Register. Situation Publishing. Retrieved June 11, 2015.
- ^ Markoff, John (June 30, 2003). "A Safer System for Home PC's Feels Like Jail to Some Critics". The New York Times. Retrieved July 10, 2015.
- ^ Cambridge University. Retrieved June 11, 2015.
- ArsTechnica. Condé Nast. Retrieved July 10, 2015.
- ^ "Germans fear Microsoft's 'trusted' Palladium technology". TVTechnology. Retrieved June 10, 2015.[permanent dead link]
- ^ Greene, Thomas (June 25, 2002). "MS to eradicate GPL, hence Linux". The Register. Situation Publishing. Retrieved June 11, 2015.
- ^ McMillan, Robert (January 15, 2003). "Microsoft's Power Play". Linux Magazine. IT Business Edge. Archived from the original on June 12, 2008. Retrieved June 11, 2015.
{{cite web}}
: CS1 maint: unfit URL (link) - ^ Lettice, John (June 24, 2002). "MS DRM OS, retagged 'secure OS' to ship with Longhorn?". The Register. Situation Publishing. Retrieved June 11, 2015.
- ^ Lettice, John (October 30, 2003). "Longhorn as the next Microsoft desktop domination play". The Register. Situation Publishing. Retrieved June 11, 2015.
- ^ ArsTechnica. Condé Nast. Retrieved June 10, 2015.
- ^ Morrissey, Brian (June 28, 2002). "Is Microsoft's Palladium a Trojan Horse?". IT Business Edge. QuinStreet. Archived from the original on April 20, 2015. Retrieved June 10, 2015.
- CBS Interactive. Retrieved June 10, 2015.
- ^ Levy, Steven (2004). "A Net of Control". Newsweek. Newsweek LLC. Archived from the original on January 13, 2004. Retrieved June 10, 2015.
- CBS Interactive. Retrieved June 10, 2015.
- ^ BBC News (June 27, 2002). "Microsoft's bid for secure computing". Retrieved June 11, 2015.
- ^ Varian, Hal (July 4, 2002). "New Chips Can Keep a Tight Rein on Consumers". The New York Times. Retrieved June 11, 2015.
- ^ Lettice, John (June 28, 2002). "MS Palladium protects IT vendors, not you – paper". The Register. Situation Publishing. Retrieved June 11, 2015.
- ^ Safford, David (2002). "Clarifying Misinformation on TCPA" (PDF). IBM Research. IBM. Retrieved July 19, 2015.
- ISBN 978-0-215-02953-9.
- BBC. Retrieved July 11, 2015.
- ^ a b Stallman, Richard. "Can You Trust Your Computer?". Free Software Foundation. Retrieved June 11, 2015.
- CBS Interactive. Retrieved July 12, 2015.
- ^ Cullen, Drew (June 25, 2002). "Why Intel loves Palladium". The Register. Situation Publishing. Retrieved July 26, 2015.
- CBS Interactive. Retrieved June 11, 2015.
- CBS Interactive. Retrieved August 24, 2015.
- Sydney Morning Herald (May 12, 2003). "Palladium won't stifle users, says Gates". Associated Press. Retrieved July 10, 2015.
- doi:10.1007/10941270_23. Archived from the original(PDF) on July 17, 2012. Retrieved July 19, 2015.
- ^ Schechter, Stuart; Greenstadt, Rachel; Smith, Michael (May 16, 2003). "Trusted Computing, Peer-To-Peer Distribution, and the Economics of Pirated Entertainment" (PDF). Harvard University. Retrieved June 10, 2015.
- ^ Fisher, Dennis (May 5, 2003). "Microsoft Security Plan Has Gaps, Study Says". eWeek. QuinStreet. Retrieved June 11, 2015.
- ^ Thurrott, Paul (October 20, 2002). "Microsoft Palladium". Windows IT Pro. Penton. Retrieved June 10, 2015.
- Reed Business Information. Archived from the originalon March 17, 2004. Retrieved June 10, 2015.
- ^ Bajkowski, Julian (November 24, 2003). "Privacy commissioner slams music enforcers, cautions on DRM". Computerworld. IDG. Archived from the original on January 25, 2018. Retrieved July 12, 2015.
- ^ Naraine, Ryan (May 12, 2004). "Gartner Hails Microsoft's 'Palladium' Modification". IT Business Edge. QuinStreet. Archived from the original on January 23, 2018. Retrieved July 12, 2015.
- SCMP Group. Retrieved July 12, 2015.
- ^ Brintzenhofe, Keith (2003). "Ecosystem and Opportunities with NGSCB". Microsoft. Archived from the original (EXE) on August 8, 2003. Retrieved July 12, 2015.
- ^ Schneier, Bruce (May 2, 2006). "Microsoft's BitLocker". Retrieved July 12, 2015.
- ^ Spooner, John (May 30, 2006). "Can Microsoft's BitLocker Save Us from Ourselves?". eWeek. QuinStreet. Retrieved July 12, 2015.
- ^ Biddle, Peter. (July 16, 2008). "Perception (or, Linus gets away with being honest again)"
- ^ "Boneh Publications: Remote timing attacks are practical". Retrieved 2014-09-22.
External links
- Microsoft's NGSCB home page (Archived on 2006-07-05)
- Trusted Computing Group home page
- System Integrity Team blog — team blog for NGSCB technologies (Archived on 2008-10-21)
- Security WMI Providers Reference on MSDN, including BitLocker Drive Encryption and Trusted Platform Module (both components of NGSCB)
- TPM Base Services on MSDN
- Microsoft's "Digital Rights Management Operating System" patent
- Development Considerations for Nexus Computing Agents