Wave Systems Corp. (fka WAVXQ)

[awk]

70 million "Prescott" Processors in 2004


Prescott to Be the Fastest Ramping Processor in Intel’s History?

http://www.xbitlabs.com/news/cpu/display/20031122191756.html

300mm Wafers and 90nm Process Can Do Wonders!
by Anton Shilov
11/22/2003 / 07:24 PM

Although Intel Corporation is likely to miss its initial time-to-market by about three quarters with its new Pentium 4 processors code-named Prescott, the company is still quite optimistic about its next-generation chip. Sources close to the company said on Saturday that Intel is confident its Prescott processor will be the fastest ramping CPU in the company’s history because of thinner 90nm manufacturing process as well as 300mm wafers.

The Pentium 4 processor with SSE3 technology also known under internal code-name Prescott is on track to be released commercially in the first quarter of next year. According to Intel’s president Paul Otellini, the Santa Clara, California-based chipmaker expects to ship around 70 million of its new Prescott microprocessors made using 90nm fabrication process in 2004. The ramp is expected to be very rapid and shipments of CPUs with Prescott cores inside are projected to account for 60% of all Pentium shipments as well as 40% of all Celeron shipments next year, the firm expressed its hopes during a meeting with analysts in New York on Thursday.


What is Prescott?


Making Computing Trustworthy

http://www.pcmag.com/article2/0,4149,1357910,00.asp

By John Clyman
November 11, 2003

Windows XP is a more secure and reliable OS than the 9x generation. But a stream of vulnerabilities, patches to fix them, and worms that exploit them shows how far Microsoft still has to go. Improving security isn't a just question of fixing bugs and design oversights. It also means developing a platform that gives designers and users a cohesive set of capabilities that can make secure, trustworthy computing practical.

Microsoft's strategy will continue to be to review its code for problem areas and to issue patches and corrections, and to begin doing more development using the managed-code features of the .NET Framework to help prevent common errors that can compromise security. In the longer term, the company is working on an ambitious new infrastructure—formerly known as Palladium and now called by the awkward acronym NGSCB (pronounced "ing-scub," short for Next-Generation Secure Computing Base).

Although NGSCB has been derided as a Big Brother mechanism for enforcing licensing restrictions and implementing strict DRM (digital rights management) technology, it's designed to provide opt-in capabilities to ensure that applications are what they claim to be, that their roles and permissions are suitably restricted, and that strong cryptographic techniques can be reliably employed to establish a trusted platform for secure information exchange and transactions.



To use NGSCB features, you'll need a motherboard with the SSC/TPM (Secure Support Component/Trusted Platform Module), a processor and chipset that support NGSCB, and modified peripheral hardware. On the processor and chipset side, Intel has discussed its plans for LaGrande technology, which will provide capabilities such as protection of secure memory even from DMA (direct memory access) engines. Intel will build LaGrande technology into chips beginning with the upcoming Prescott CPU and support chipset.

NGSCB provides an additional mode that future software will optionally switch into when it needs to perform sensitive tasks. Imagine a three-layer cake with hardware devices at the bottom, kernel-mode software (such as the core OS) in the middle, and user-mode software such as applications on top. NGSCB conceptually splits each layer into two sides.

The left-hand side, where today's hardware and software exist, works as before, while the right-hand side is a secure space. Typical applications will run on the left-hand side until they need a secure service, then switch briefly to the right-hand side to fulfill that need.

Four key capabilities become available on the right-hand side: secure I/O, sealed storage, strong process isolation, and attestation (digitally signed program identification).

Secure I/O means that every bit of information flowing between input/output devices and the system is both encrypted (and thus difficult to snoop) and cryptographically signed (so it can't be altered en route). In initial versions of NGSCB, the secure I/O path specifically encompasses USB devices, including keyboards and mice; the CPU and chipset; graphics controllers; and the pathways that connect them. Protecting information at each of these stages means that malicious software can't, for example, monitor keystrokes or crawl video memory to observe what's being written to the screen.

Sealed storage is cryptographically secure disk storage that can be locked or unlocked only by particular keys—so one application can't peek into the contents of another application's sealed storage space without authorization. Strong process isolation similarly means that software can't examine or co-opt memory used by other software. And attestation provides a mechanism to make sure each application is what it says it is, by recording a cryptographic checksum that becomes invalid if the application changes in any way. The idea is to ensure that specified data can be accessed only by an application with explicit permission—and also that no application has been compromised by, say, a Trojan horse. This level of security should work not just on individual systems but also in the context of networked machines.

Managing these capabilities and providing applications with an API is the nexus, a component that runs on the right-hand kernel layer. Microsoft intends to ship a basic nexus with Longhorn—but what if you don't trust Microsoft?

First, using nexus and NGSCB capabilities at all will be an opt-in affair. Additionally, Microsoft plans to open its nexus source code to critical review from academics and other limited audiences. As a further alternative, third parties could create replacement nexuses. Such third-party nexuses need not be restricted to Windows devices, so it's conceivable that NGSCB-enabled Windows clients could establish secure relationships with NGSCB-enabled Linux or Solaris servers, should support for those environments become available.

The NGSCB user experience is largely undefined, though Microsoft acknowledges that an effective UI is crucial. Security is only as good as the weakest link in the chain, and that weak link is often users and the decisions they make. Today, for example, spyware proliferates because unsuspecting users browsing the Web often simply click on "Yes" when faced with Authenticode dialog boxes. An intriguing aspect of NGSCB is the opportunity for third-party trust brokers to certify applications, letting businesses delegate decisions to a trusted outside entity.

NGSCB is no magic bullet, but it holds promise for enabling hardware, OS, and application developers to work together to provide much stronger walls between applications and to plug many of the opportunities for sensitive information to be leaked. And this notion should make system administrators sleep a bit easier.