Rupert Goodwins' Diary

Thursday 11/03/2004A long day at Microsoft's London HQ, and it's our own fault. MS has realised that one of the problems it has with digital rights management is bad press -- to be precise, we don't understand what it is, what it's for, how it works or why anyone would want it.

Thursday 11/03/2004
A long day at Microsoft's London HQ, and it's our own fault. MS has realised that one of the problems it has with digital rights management is bad press -- to be precise, we don't understand what it is, what it's for, how it works or why anyone would want it. But we do think it's probably a bit suss.

Microsoft has also realised that wheeling out marketing people to persuade us hard-bitten hacks is rarely a recipe for success. So -- somewhat unusually -- we have two fresh-faced young programmer types from the project itself to talk to a select group of the UK's most cynical tech scribblers, plus a handful of other MS employees along to watch the entertainment.

There are more than six hours of briefing scheduled, which seems excessive to start off with but soon proves inadequate. Presented with people who know what they're talking about, our crack team of inquisitors dig in with glee: not a slide goes past on the projector without a discursive question or five. To their credit, Team MS starts off with a proper bit of expectation adjustment: what the Rights Management Services does isn't hack proof, it isn't all-inclusive and it isn't the greatest thing since bakeries acquired the slicer. In fact, at one point it seems that the marketing slogan should be "RMS: It's Better Than Nothing". Remarkable frankness from the chaps at the codeface, and it's welcome.

But some things don't change. Slide after slide emphasise the open standards on which RMS is built -- as swarms of keys and certificates flood the diagrams and document flowcharts, it's easy to overlook the little thing in the middle that mediates the whole business. The Lockbox is a chunk of code that actually does the decryption and key management on a client: it's been carefully safeguarded so as not to run under a debugger or a virtual machine, is resistant to any analysis or fiddling, and it runs under pure Windows only. As unopen as you get: "but you can always write one for another operating system", Without Microsoft's consent? "Er, no. You'll need a business relationship with us."

Oh well. Never mind. Trusted computing still means trusting Microsoft to run the shop --and this from a company that has just released a security patch which ruins spam filters in Outlook, effectively giving users the choice between exposure to dangerous code or exposure to spammy pop-up message overload.