Wikipedia

Trusted Computing Group: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
mNo edit summary
turned ext links to refs
Line 29:
==Criticism==
{{more2|Trusted Computing#Criticism}}
The group has faced widescale opposition from the [[free software]] community on the grounds that the technology they are developing has a negative impact on the users' privacy and can create customer [[vendor lock-in|lock-in]], especially if it is used to create [[Digital rights management|DRM]] applications. It has received criticism from the [[GNU|GNU/Linux]] and [[FreeBSD]] communities, as well as the software development community in general. Significant backlash amongst the Trusted Computing Group was present during [[Richard Stallman]]'s speech at the [[Hackers on Planet Earth]] conference in July 2006, in New York. Richard Stallman and the [[Free Software Foundation]] have also criticized the group publicly in other speeches. The criticism calls Trusted Computing "Treacherous Computing" instead and warns that vendors can lock out software that is not officially signed by specific vendors, rendering it unusable.<ref>[http://www.gnu.org/philosophy/can-you-trust.html "Can you trust your computer?"] by [[Richard Stallman]], from the [[GNU Project]] website</ref>
{{Unreferenced section|date=May 2008}}
The group has faced widescale opposition from the [[free software]] community on the grounds that the technology they are developing has a negative impact on the users' privacy and can create customer [[vendor lock-in|lock-in]], especially if it is used to create [[Digital rights management|DRM]] applications. It has received criticism from the [[GNU|GNU/Linux]] and [[FreeBSD]] communities, as well as the software development community in general. Significant backlash amongst the Trusted Computing Group was present during [[Richard Stallman]]'s speech at the [[Hackers on Planet Earth]] conference in July 2006, in New York. Richard Stallman and the [[Free Software Foundation]] have also criticized the group publicly in other speeches. The criticism calls Trusted Computing "Treacherous Computing" instead and warns that vendors can lock out software that is not officially signed by specific vendors, rendering it unusable.
 
Privacy concerns with the TCG revolve around the fact that each TPM has a unique keypair, called the "endorsement key", that identifies the platform. In initial versions of the TPM (version 1.1), the TCG addressed privacy concerns by suggesting the use of a "Privacy CA" that could certify [[pseudonymity|pseudonymous]] machine credentials. By having separate credentials for interacting with different parties, actions could not be linked, and so some level of privacy is provided. However, this requires trust in the Privacy CA, who could still link pseudonyms to the common, identifying machine credential. Since this left unresolved privacy concerns, version 1.2 of the TPM specification introduced "[[Direct anonymous attestation]]": a protocol based on the idea of a [[zero-knowledge proof]] which allows a TPM user to receive a certification in such a way that the Privacy CA would not be able to link requests to a single user or platform, while still being able to identify rogue TPMs.
 
Privacy concerns for TPM were heightenheightened when [[Christopher Tarnovsky's]] presentation ["Deconstructing a Secure Processor" at [[Black Hat]] 2010]. [[Christopher Tarnovsky]] presented methods to access and compromise the Infineon TPM non-volatile memory capacity which contains user data.-- at [[User:Zeroandones|ZeroandonesBlack Hat]] (2010.<ref>[[User talkhttps:Zeroandones|talk//media.blackhat.com/bh-dc-10/video/Tarnovsky_Chris/BlackHat-DC-2010-Tarnovsky-DeconstructProcessor-video.m4v]]) 13:43,by 9Christopher FebruaryTarnovsky 2010from (UTC)Flylogic.net</ref>
 
==[[ISO]] Standardization efforts ==
Line 205 ⟶ 204:
 
==External links==
<!--==========================({{NoMoreLinks}})============================
| PLEASE BE CAUTIOUS IN ADDING MORE LINKS TO THIS ARTICLE. WIKIPEDIA |
| IS NOT A COLLECTION OF LINKS NOR SHOULD IT BE USED FOR ADVERTISING. |
| |
| Excessive or inappropriate links WILL BE DELETED. |
| See [[Wikipedia:External links]] & [[Wikipedia:Spam]] for details. |
| |
| If there are already plentiful links, please propose additions or |
| replacements on this article's discussion page. Or submit your link |
| to the relevant category at the Open Directory Project (dmoz.org) |
| and link back to that category using the {{dmoz}} template. |
=========================({{NoMoreLinks}})=============================-->
* [http://www.trustedcomputinggroup.org/ TCG website], with a [http://www.trustedcomputinggroup.org/blog blog]
* [http://www.gnu.org/philosophy/can-you-trust.html "Can you trust your computer?"] by [[Richard Stallman]], from the [[GNU Project]] website
* [http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html Trusted Computing FAQ] by [[Ross J. Anderson (professor)|Ross Anderson]]
 
* [https://media.blackhat.com/bh-dc-10/video/Tarnovsky_Chris/BlackHat-DC-2010-Tarnovsky-DeconstructProcessor-video.m4v] by {{Christopher Tarnovsky]] from [[Flylogic.net]]
 
[[Category:Trusted computing]]
Retrieved from "https://en.wikipedia.org/wiki/Trusted_Computing_Group"