Silicon Valley Sleuth, an insider's view from Silicon Valley
 A blog from vnunet.com

January 2008
Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    


Other blogs
PCW Inter@ctive
Your views, your comments, your say

Security Watchdog
Sniffing out IT security
issues

The test bed
The hottest products, news and gossip from PCW's
Labs.

IT Sneak
IT Sneak Blog rummages in the dustbin of IT events.

Backbytes
An irreverent and offbeat look at the lighter side of technology

InterActive Home
Your complete guide to home entertainment technology

Taking Stock
Gags and Gossip from Accountancy Age.

Gizmodo
The gadgets weblog.



« WiNHEC: An auxiliary display for your laptop (VIDEOBLOG) | Main | Beware the Tablet revolution (WinHEC) »

WinHEC: The Longhorn stripping continues

Microsoft has pulled yet another feature from Longhorn. When the operating system ships in 2006, the Next Generation Secure Computing Base (NGSCB – the most impossible acronym in the industry. But Microsoft will let you pronounce it as Engscub) will be a mere sliver of the old promise.

The only feature that will be available is Secure Startup:
A technology that protects users against offline attacks, blocking access to the computer if the content of the hard drive is compromised. This prevents a laptop thief from swapping out the hard drive or booting up the system from a floppy disk to circumvent security features.

The system's security was supposed to come from compartments, separated areas within the OS that would prevent a virus from spreading itself freely through the system. The technology is still under development, but won't be available until 2007-8.

Manuel Novoa, a distinguished technologist and security architect at HP's Personal Systems Group, told vnunet.com that when the OS ships, users will get a version of NGSCB that is "NGSCB with a delay".

But it gets better. The security features in NGSCB rely on a special security chip, the trusted platform module (TPM). But most systems that ship today don't have that chip. And the chip isn't even a requirement for systems to receive the official label that they are ready for Longhorn under Microsoft's "Ready PC" programme.

So even if you have Longhorn, and even if you have a Longhorn ready PC, chance are that your system won't be able to support NGSCB. How's that for taking computer security seriously?

April 26, 2005 at 08:40 AM | Permalink

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/t/trackback/24766/2345369

Listed below are links to weblogs that reference WinHEC: The Longhorn stripping continues:

Comments

Good. NGSCB is one of the most evil things ever conceived.

Posted-by: Mike S | 27 Apr 2005 05:23:49

WINDOWS98se was a super operating system-
easy to get back to DOS--The very best
operating system!
Has MS lost the way? Are they just trying to force people to buy all new equipment?

Posted-by: bill gibbons | 27 Apr 2005 11:36:26

*** ***** ******

Comment removed for use of profanities
SV Sleuth

Posted-by: Billy Bob | 28 Apr 2005 03:05:00

Incramental , thats the way to make people accept this NGSCB. Put it in a little at a time and people wont know untill its to late. I refuse to buy a NGSCB computer.

Posted-by: Zilk | 28 Apr 2005 13:33:10

Is this an editorial or real journalism? Your thinly veiled hostility towards Microsoft is blurring your view of the situation.
MS seems to be providing some leadership here and its the hardware vendors that are dragging their feet and who are not "taking computer security seriously".

Posted-by: DamonP | 2 May 2005 21:32:08

RE: Damon:
This is "a view" as the top of this page states - so that would make it opinionated or editorial.
I take offence to the notion that I am hostile to Microsoft, or would be to any other software company. Hostility, much like software religion, prevents you from having a clear view. I'll point out Microsoft's mistakes as much as I'll point out Apple's and open source's.

You can make the argument that the hardware industry is to blame here. But Microsoft could easily have made the Trusted Platform Module part of the "Ready PC" requirements. The changes to NGSCB that Microsoft made last year could have been implemented with just the TPM. Microsoft chose not to do that for whatever reason, which makes Microsoft responsible for delivering an OS that is less secure than it previously promised. Microsoft set expectations and then back peddled on those. I fail to see what is biased about that.
Would hardware vendors have opted out of the "Ready PC" programme if it included a requirement for the TPM? The answer is probably yes.
But at least it would have created clarity for consumers who think they are buying a system that is ready for Longhorn, only to find out later that it isn't.

Posted-by: SV Sleuth | 3 May 2005 02:57:06

Post a comment






 

Useful links: About | Privacy policy | Terms & conditions | Top of the page
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503