But the same technology that enables this kind of protection is also what worries many of NGSCBs critics. They say the tight control over the PCs interaction with applications could easily lead to onerous digital-rights-management-style restrictions on content use and could give Microsoft and other vendors the ability to dictate which applications users can run. "If some set of mandatory access controls for e-mail become a popular corporate application under Windows [Server] 2003 and mandatory access controls eventually require a [Trustworthy Computing] platform, then corporate users may also have little choice but to migrate," said Ross Anderson, a professor of security engineering at Cambridge University, in Cambridge, England, in a new paper on NGSCB and similar technologies to be published later this month."The interesting thing to me is that Microsoft has pushed the hardware vendors to implement thingsfor example, trusted pathsthat the defense community has wanted for years. The underlying hardware that supports Palladium can definitely support trusted computing without all of the baggage that Ross and others point out," said Bill Arbaugh, assistant professor of computer science at the University of Maryland at College Park and the co-author of one of the seminal papers on the kind of architecture Microsoft is proposing. "Whether or not the software vendors do that is another issue and one that I cant answer," he said. "I will say that myself and others plan to develop open-source software that utilizes these features once they are released. Security technology, like most technology, is a double-edged sword in that effective DRM requires originator control over the material. The defense and government users very much want to have effective originator control, and privacy rights advocates do as well, i.e., it would be nice if I could release my private information in a way that I continued to control who, how and when it was accessed." Other observers say that while many initial concerns about Microsofts being able to remotely control what software runs on users machines have proved unfounded, the NGSCB technology would give vendors and others more control over end-user machines than they currently have. "There are elements of control, but theyre not as fine-grained as people think," said Seth Schoen, staff technologist at the Electronic Frontier Foundation, in San Francisco. "Still, reliable remote attestation and sealed storage means that someone not sitting in front of a computer gets control over it while its doing a certain thing." "As hardware becomes more tamper-proof, that becomes more worrisome," Schoen added. "And a lot of businesses are very concerned about vendor lock-in. NGSCB would allow vendors to achieve lock-in deliberately. That doesnt exist today."
"In fact, they may have even less choice than music subscribers," Anderson added. "Music fans can always go out and buy new CDs, as they did when CDs replaced vinyl; but if many corporate and official communications and records come to be protected using cryptographic keys that cannot conveniently be extracted from embedded mandatory access control mechanisms, then companies may have no choice but to follow the [Trustworthy Computing] mechanisms that protect and control these keys."