Microsoft: Truly trustworthy computing still years away

Microsoft: Truly trustworthy computing still years away

Nearly a year after Microsoft Corp. held a companywide stand-down to address security and reliability problems in Windows, its chief technology officer today predicted it would take until the end of the decade for the company's trustworthy computing initiative to bear fruit.

'That's the right time horizon,' Craig Mundie said at Microsoft's Government Security Summit in Washington.

Microsoft in February called a halt to Windows programming to concentrate on fixing past problems. The halt lasted nine weeks, cost the company an estimated $100 million and delayed the release of .Net server. Mundie touted improvements Microsoft has made in the way it develops and releases software but said most of the work being done at this stage is remedial.

'Many of the things we are working on cannot start with a clean sheet of paper,' he said. Many existing software elements get rolled over into new products, and introducing products developed entirely under the new initiative is years away, he said.

Palladium is the code name for the new security architecture that will be incorporated in Microsoft's next version of Windows. Under Palladium, core components of the operating system will work on a new open PC hardware platform that will ensure system integrity and information protection, providing strong authentication for machines, software and users, Mundie said. Palladium-compliant hardware is expected to be available in 2004, with deployment beginning the following year.

It probably will not be before 2008 that enough new hardware and software is deployed to provide trustworthy computing, Mundie said. Even then, new platforms will have to interoperate with less secure legacy systems, creating potential bottlenecks in the secure exchange of information. There now are 500 million computers running six generations of Windows software worldwide, Mundie said, and it will be a long time before those systems are replaced with trustworthy platforms.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.