Palladium I spoke with my excellent friend, who is also the Security expert at Well Regarded IT Analysis Firm, about Microsoft's Palladium plans. The info out there is pretty different from what she told me, but I trust her opinion, so here's the skinny: Palladium works by including a new piece of hardware (called a nub) that stores a public key. The CPU can talk to the nub to see what the public key is and use it to support secure authentication. Note: like Microsoft's CLR, "unsafe" or "unauthenticated" code can be executed, it'll just be "unauthenticated".

This means that locally compiled GPL executables can run after all, as can old "unauthenticated" software. This also means that Palladium will do nothing to protect users from viruses, worms, etc. which will simply autoexecute in Outlook just as they always have. But users don't care about security much anyway.

So what will Palladium actually do? It'll let content producers distribute content that then cannot be redistributed. Palladium will broker a transaction between RIAA servers and your own and transfer encrypted binaries over the network that must have that specific CPU's public key to execute. To be honest, I have no problem with content owners locking up their precious bits ever more tightly, it'll just encourage open alternatives so long as people are allowed to also distribute stuff that's free. And Palladium (as of yet) seems to allow that.