Whatever happened to Microsoft's DRM plan?

Updated 12:00 p.m. Thursday with additional Trusted computing Group comment.

Early this decade, Microsoft weathered unrelenting criticism over a controversial set of technologies known as Palladium, which the company envisioned as creating a kind of secure vault to store passwords or medical records.

Academics warned it could "support remote censorship" and blacklists, likening Palladium to the Soviet Union's efforts to register typewriters and fax machines. Privacy activists predicted it would hand Microsoft "an unprecedented level of control" over the world, and free software doyen Richard Stallman solemnly dubbed it "treacherous computing."

It worked, kind of. Microsoft retreated by doing what any large bureaucracy tends to do in response to such a kerfuffle: it gave its problem a new name. Palladium became the awkwardly-titled Next-Generation Secure Computing Base, or NGSCB, (and the group Microsoft coalesced around the initiative changed its name from Trusted Computing Platform Alliance to Trusted Computing Group) and critics mostly moved on to worry about the recording industry and other threats to digital liberties instead.

Since then, the NGSCB--once derided as "nagscab"--has existed in an odd kind of technological purgatory. One report in 2004 said that Microsoft has "killed" NGSCB, which the company quickly denied later the same day. CNET News.com published a story in 2005 quoting Microsoft as saying NGSCB was "still coming."

After six years, the supposed world-striding colossus of a technology that once sparked so much fuss (one reviewer said it might become "either Santa or Satan") is much diminished. NGSCB never did live up to its early promise--or what critics would have said was its early threat as a digital rights management tool that would restrict how people consume content on their PCs and lock them into one vendor.

"It has changed from something that was very revolutionary and grandiose into something much more modest," said Andrew Jaquith, a senior analyst at Yankee Group.

And then came BitLocker
NGSCB does live on, manifesting itself in a Microsoft technology called BitLocker, a Microsoft spokesman confirmed.

BitLocker, Microsoft's only product to come from the Trusted Computing effort, is a feature in Windows Vista Enterprise, Vista Ultimate, and Windows Server 2008 that encrypts the disk drive to protect against data theft or exposure if the computer is lost or stolen. (Trusted Computing should not be confused with Trustworthy Computing, which is Microsoft's effort to improve the security of its own products and is largely considered to be successful.)

While it is useful, BitLocker hasn't taken the computing world by storm yet, or even been enough to justify upgrades to Vista, said Rob Helm of Directions on Microsoft.

"BitLocker hasn't been the rage anybody expected, although there is a strong case for using that feature on laptops," he said. In addition, plenty of third-party products--many offering whole disk encryption--exist.

Bruce Schneier, crypto researcher, author, and chief security technology officer of BT, was one of the more vocal critics when Microsoft first unveiled its Trusted Computing plans in 2002. In 2005, he was still beating the drum, writing that Microsoft was attempting to stall, and possibly get Vista exempted from a best practices document for the Trusted Computing Group that addressed many of the critics' concerns.

The Best Practices Principles (PDF), which was written in 2003 and eventually published in 2005, gives consumers some control over disabling the functionality, allows devices to support multiple users, adds privacy protections, and calls for interoperability and portability of data.

"We were concerned that users were able to opt in and not be controlled from above," said Susan Landau, a distinguished engineer at Sun Microsystems who worked on the Best Practices document after Sun joined the Trusted Computing Group. Sun was not a member of the Trusted Computing Platform Alliance.

"The public criticism certainly created pressure," especially when it conflicted with consumer privacy guidelines in Europe and elsewhere, she said.

"I think it's interesting that the (Trusted Computing Group) technology is continuing, but the big DRM push, so far, has not happened," Landau said.

Putting trust in a module
The centerpiece of the Trusted Computing Group is the Trusted Platform Module, a microcontroller that stores keys, passwords, and digital certificates in a secure, isolated area. They are widely distributed in computers from Dell, Fujitsu, Gateway, Hewlett-Packard, Intel, Lenovo, Toshiba, and others, but most people don't even know they are there. BitLocker makes use of the Trusted Platform Module.

Microsoft has "convinced a lot of hardware manufacturers to put the chips in computers and they're in a lot of computers, but they're not doing anything," Schneier said. "The question is what are they going to do with the chips? How is Dell feeling these days?"

A Dell spokesman did not return a call seeking comment. Even Scott Rotondo, president of the Trusted Computing Group, acknowledges that the Trusted Platform Modules need more applications.

"A lot of them haven't been utilized fully and in some cases not at all," said Rotondo, who works as a senior staff engineer in Solaris Security Technologies at Sun. "The supporting infrastructure has been slow to materialize."

"It stands to reason that there might be frustration on the part of hardware manufacturers," Rotondo said, likening it to a "chicken and egg situation."

"We need to really make use of these things before the hardware manufacturers get tired and take them away," he added.

Trusted Platform Modules "have not yet fulfilled their potential, but Microsoft and other companies are working on it," the Microsoft representative said.

A Trusted Computing Group spokeswoman said on Wednesday that the organization is not focused on DRM and that applications that use the TPM include secure e-mail, multifactor authentication, password management, and single sign-on. The group is also working to extend the concepts of hardware-based security to storage, network security, and mobile devices, she said.

While initial concerns about misuse of the technologies slowed down the group's efforts, people see legitimate uses for the technology, and digital rights management could be among them, Rotondo said. However, any digital rights management systems would have to maintain a proper balance between the rights of the content owner and the rights of the consumer, he said.

Where Microsoft failed in doing that, Apple has succeeded, according to Paul Saffo, a Silicon Valley-based technology forecaster.

"The biggest thing that has changed in the last five years is iTunes and the iPhone," he said. "The companies got their protection and the consumers got the right to purchase individual songs at a price that was less than the cost of the album."

Don't discount Microsoft just yet, warns Ross Anderson, a security engineering professor at the University of Cambridge's Computer Lab and an early critic of the Trusted Computing Platform Alliance.

Asked if the world has been spared a Microsoft digital rights management machine, Anderson responded in an e-mail: "Wrong--WMP (Windows Media Player) and the surrounding stuff that MS hopes will enable it to do to the HDTV market what Apple did for MP3s."

Saffo joked: "It's like a horror movie; they'll be back."

(CNET News.com's Declan McCullagh contributed to this report.)

[Penguinisto]

So, when the MSFT flack says it'll be like iTunes ("what Apple did for mp3's"), did he mean that it'll be drop-easy to circumvent (like iTunes-purchased music is)? Personally, I think most of what MSFT envisioned died off for two reasons: First, a lot of it died like WinFS did... technically too tangled - even for MSFT - to make workable. The second can be seen as a parallel in Zune. First they tried the ultra-restrictive stuff, then saw that the buying public avoided the product specifically because of draconian measures that treated them like criminals. If MSFT is smart, they'll limit it to as little as they absolutely have to in order to satisfy basic security, and ditch the rest. Of course, this is MSFT, whose customers are no longer the users, but the media conglomerates.

[catch23]

MS does not DRM stuff. Nor does Apple.
Both offer DRM technology that the owners (well... or copyright holders) of material may apply to their content. It is those folks, not MS, that decides what DRM is attached to the content, what the restrictions are, or how easy you can get around it.
That goes for music, video, or documents, whatever. MS doesn't force you to use Bitlocker. You, the end owner of that HD, makes that choice.

You could argue that Apple and MS are 'enablers' or 'conspirators' in this whole DRM train wreck, but they are not the ones calling the shots

[ballmerisanape]

It's in a quiet cell down in the Microsoft dungeon.... right across from Plays For Sure...

[WJeansonne]

Stallman is an avowed Socialist. Why even give him a voice with an issue involving e-commerce or capitalism. Anything the capitalist establishment does to protect its property, Stallman would be sure to reject. And as a reminder, this is the founder of the Free Open Source Sofware movement, in case any of you newbies out there are new to the open source model are unaware of it. Hence, he is your leader, lol!

[johnsin]

I agree, DRM is a mandate that is handed down and or put in place by the content provider/owner. The distributor usually has to adapt a DRM in order to get the license to distribute the content. The only "weird case" of this is will Apple. Since they had their own hardware line.. (like sony).. they pushed for their own DRM.. that way they married the content to their own hardware by using the momentum and leverage of the Labels.. Which was genius.

[amy.licious]

idk how top management peeps @ software cos like microsoft made the ludicrous decision to get involved with the music and film industry's problems to begin with?? unrequested 3rd hand software can't solve the probs of the 21st century entertainment industry ~ the only one who can solve these probs is the entertainment industry ~ the cost for their solutions shd be in and on their products and balance sheets and not on unrequested 3rd hand software vendors'

[wzrobin]

Because microsoft, like intel, is betting large on the idea of a HTPC being the central irreplacable home appliance in the future. Might work, might now, we'll see.

What they should have done was continue having a media center version of windows that had the os level drm, but offer a version where you don't have to get microsoft's permission for your hardware to execute a command for people who don't want os level DRM.

But they got greedy, because there long term hope is to make it much more difficult to change software vendors, as stated in one of the articles above, their own goal is to make it too expensive to move away from them in order to preserve their monopoly.

[kojacked]

THUD. That's the sound of all of the FUD people purported about Vista's DRM being so teriible and how that was Microsoft's fault hitting the floor.

[GrandDuc114]

Elinor, I thought you knew better! Microsoft didn't direct the TCG. It was founded by IBM after IBM, HP and others created the first TPM and realized that it wouldn't be accepted by the industry unless ownership of the intellectual property was open. Microsoft had to be convinced to adopt it for anything. Palladium was a renegade program, and it took a lot of jawboning to bring Microsoft back into the fold.

You've mixed all these different things together. The DRM issue, as the TCG spokesperson said, is really outside the scope of what the organization does. TPMs are currently installed on tens of millions of notebooks, but have not been activated on most. When they are, they tend to be used for user-to-client tasks like authentication (when paired with a fingerprint reader), file and folder encryption (through simple apps; BitLocker could be considered an app in this category, but applying to a whole drive), and password management. Some of the more ambitious projects of the TCG, whose membership consists of pretty much everybody in the computer industry, have not come to fruition, primarily because they involve cooperation on a grand scale, and all the necessary players have not been able to achieve that. For example, Public Key Infrastructure (PKI) requires that parties potentially unknown to each other agree to trust a third party. Who should it be? Verisign? Visa? So, in recent years, the TCG has scaled back its ambitions to things that might be done within a single entity, like Trusted Network Connect (TNC), that allows an IT department to manage mobile clients attaching to a network, determining whether the hardware is authorized, the software load is right and up to date, and the person operating the machine has permission to connect.

I think you let your sources lead you down a primrose path and didn't do enough reporting for this article.

Best regards,

Roger Kay
Endpoint Technologies Associates

[inachu]

If we are trusted that well in the near future does that mean we will still have to have that GAME CD in the tray that is mandatory to play?

[skswave]

The Trusted Platform Module is one of the best tools for any enterprise who wishes to increase the security of their network, Reduce the cost to manage the network and improve user satisfaction. Imagine a world where you open your PC Swipe your fingerprint (that never leaves your PC) and then your PC logs you into the services you need to do your job. The TPM is an authentication device that is compatible with all of an enterprises current networking equipment. As a simple policy statement put all of the KEYS for the enterprise's soft certificates into hardware. This simple action assures the neither a user, an admin, or malware can steal the secret keys on an authorized PC. These tools work today and can be deployed on a full enterprise basis. All of the major VPN and Wireless suppliers support the TPM securing thier access keys on Windows PCs.

Lost in the concern about managing content securly, which requires so much more than securing keys, is the discussion of the need to manage access to all of these wonderful internet services. Roger states the point very clearly above.
Focus on the death of userid and password. It is time to send it on the same path as the 5.25 floppy and the serial port mice (and they'll be easier to throw away) A vendor neutral, Industry standard, globally deployed, common mechanism for securly managing keys is of tremendous benefit to all of us and to all of our kids.
So turn on the TPMs, Secure your network Keys, Stop typing in passwords and lets secure the network.

Key benefits of using hardware to secure the keys
Only authorized PCs on your network.
Authentication Keys can't leave the platform they can be deleted but they will never leave
Works with standard networking solutions out of the box but you have to read the manual
Multiple keys from multiple parties can be stored on a single TPM the Owner of the PC is in charge not the owner of the key. (the owner of the key just knows there are no copies of the keys)
Everybody has a TPM your customers, your users, your vendors, your goverment, your regulators...... Imagine the healthcare system with an interoperable authentication scheme. Imagine your healthcare system without common networking like ethernet.


Thanks for your time

Steven Sprague
CEO
Wave Systems Corp.
Member of the trusted computing group

[fredfoobar]

The sad part about TPM is that it is unnecessary. Any security application that uses TPM can be done just as well without it, and applications that supposedly "can't" be done without TPM (such as Trusted Network Connect) really can be done just as well without TPM. That is, how does a particular network know that a mobile client isn't just acting like it has a TPM? Just read Bruce Schneier's writings on security, and you'll understand what "don't trust the client" really means.

[ssidner]

I am deep into financial cryptography and sit on several financial cryptography standards committee. TPM chips are very much on the minds of anyone in this space, in both PCs and mobile devices. While they may not be used not, they will be. They offer the key cryptographic primitives required for authentication and key distribution, the two hardest problems we face. When critical mass is reached, they will be critical to solving the security mess called The Internet.

[fredfoobar]

ssidner: How would TPM help with authentication? Do you mean that TPM is there to simply crunch the numbers to verify (using public-key encryption) a signed document from someone *else*? Or do you mean the TPM contains information that only it knows and cannot be changed, so that someone else on the Internet can authenticate *you*?

In the first case, in which the TPM is used only for performing mathematical calculations to authenticate someone else, it is unnecessary; we already have software to do that, and it is Free as in Free Speech (so many security-expert eyes have looked at the source code already to ensure that it is secure). Sure, TPM may make the calculations slightly faster (being implemented in hardware), but we still don't *need* it, and it doesn't solve any problem.

In the second case, in which the TPM is used to authenticate *you*, well, how would the remote person identify you in the first place? You would have to give out your identity somehow already, say your public key if you use public-key cryptography. Then how would TPM help in this situation? And how can that *not* be done in software already?

You said that TPM "offer[s] the key cryptographic primitives for ... key distribution". What do you mean by that? Key distribution can be and already *is* done without TPM. I fail to see how TPM is necessary.

So no, I don't accept your implicit conclusion that it will solve "the security mess called The Internet". The reliance on TPM is flawed because it requires that we trust the clients, that we assume that everyone is actually using the TPM the way it is designed (remember that the TPM is just hardware, and it takes software between the TPM and the network to make the whole thing work, and if this software is Windows it is almost guaranteed to be buggy in its implementation, or at least most security-minded people would not trust it as they cannot inspect its inner workings to verify that it works as advertised--security through obscurity is false security), but in reality you cannot trust the clients. Read up on Bruce Schneier's works to understand this.