Microsoft: 'Trusted Windows' still coming, trust us

Redmond scales back an ambitious security plan, but some pieces will still show up in the next Windows.

After nearly a decade, Microsoft's vision for how to protect especially sensitive information within Windows remains largely that--a vision.

For years, the software giant has promised to deliver a secure way to shuttle around key bits of information. Once known as Palladium and more recently dubbed the Next Generation Secure Computing Base, or NGSCB, the approach was once a key part of Longhorn, the next version of Windows. Although the first piece of that is arriving in Longhorn, it's only a thin sliver of what Microsoft has been working toward since describing its idea of "trusted Windows" a decade ago.

In the next version of Windows, which Microsoft chairman Bill Gates will show off on Monday at a company sponsored conference, Microsoft will use the concepts of NGSCB to ensure that Windows-based machines start up without interference. The primary benefit of such an approach is that if a laptop is lost or stolen, the data can't be accessed simply by booting the machine up using another operating system.

News.context

What's new:
Microsoft has scaled back an ambitious security plan, but some pieces will show up in the next Windows.

Bottom line:
Although early concerns have eased up, worries over the cost and hardware requirements involved in protecting sensitive information within Windows have forced the company to again alter its plans.

More stories on this topic

"If you lose your laptop in a taxi, no one is going to get at your data," Windows chief Jim Allchin said in a recent interview. "The hardware is not going to let you boot that software, and there is a way for us to do full-volume encryption."

That may indeed be a popular feature, but it's a far cry from Microsoft's broader plan, which was to use NGSCB systemwide as a secure vault for particularly sensitive information such as passwords or bank records. Such information would be kept in hardware and then securely transmitted between a computer's components, such as memory, hard drive and monitor.

The change, Microsoft says, is the result of customers telling the software maker that they didn't want to have to rewrite their applications.

"We revisited our approach," said Selena Wilson, director of product marketing in Microsoft's security unit, adding that the company's decision was to "give customers something that is easy to implement now and upgrade over time."

Microsoft's plans for NGSCB have been shifting for some time . The company demonstrated a prototype of the technology two years ago, but by that point there were already concerns that it could harm consumers or that it would give Microsoft too much leverage over businesses.

Although some of those concerns have eased as Microsoft has revamped the technology, more practical worries over the cost and

Tags:
Security
About the author

    During her years at CNET News, Ina Fried has changed beats several times, changed genders once, and covered both of the Pirates of Silicon Valley. These days, most of her attention is focused on Microsoft. E-mail Ina.

     

    Discuss Microsoft: 'Trusted Windows' still coming,...

    Conversation powered by Livefyre

    Show Comments Hide Comments
    Latest Articles from CNET
    Quirky's Ben Kaufman steps down as CEO