Content deleted Content added
add refs to misinformation paper, BEAR, talk about debugging, and correct a few errors |
|||
Line 1:
'''Trusted computing''' is a term coined by the [[Trusted Computing Platform Alliance|TCPA]] referring to the goal of their family of open [[specification]]s to make [[
== Synopsis ==
Line 15:
The main controversy around trusted computing is around this meaning of ''trust''. Critics characterize a ''trusted system'' as a system you are ''forced to trust'' rather than one which is particularly trust''worthy.'' In contrast, Microsoft, in adopting its term ''trustworthy computing'' presumably intends to focus consumers' attention on the allegedly trustworthy aspects of trusted computing systems.
Critics of trusted computing are further concerned that they are not able to look inside trusted computing hardware to see if it is properly implemented or if there are backdoors. The trusted computing specifications are open and available for anyone to review, but implementations are generally not. As well, many are concerned that cryptographic designs and algorithms become obsolete. This may result in the forced obsolescence of TC-enabled computers. For example,
While proponents claim ''trusted computing'' increases security, critics believe that not only will security not be helped, but ''trusted computing'' will facilitate mandatory [[digital rights management]] (DRM), harm privacy, and impose other restrictions on users. Trusting networked computers to controlling authorities rather than to individuals may create [[digital imprimatur|digital imprimaturs]]. Contrast ''trusted computing'' with [[secure computing]] in which [[anonymity]], not disclosure, is the main concern. Advocates of ''secure computing'' argue that the additional security can be achieved without relinquishing control over computer from users to [[superuser|superusers]].
Line 44:
Memory curtaining has the hardware keep programs from reading or writing each other's memory (the space where the programs store information they're currently working on). Even the operating system doesn't have access to curtained memory, so the information would be secure from an intruder who took control of the OS.
Something very similar can be achieved with new software, but doing it in hardware
=== Sealed storage ===
Line 81:
One of the early motivations behind trusted computing was a desire to support stricter [[Digital Rights Management]] (DRM): technology to prevent users from sharing and using copyrighted or private files without permission. Microsoft has announced a DRM technology that it says will make use of trusted computing.
Trusted computing can be used for DRM. An example could be downloading a music file from a band: the band could come up with rules for how their music can be used. For example, they might only want the user to play the file three times a day without paying more money. Also, they could use remote attestation to only send their music to a music player that enforces their rules: sealed storage would prevent the user from opening the file with another player that did not enforce the restrictions. Memory curtaining would prevent the user from making an unrestricted copy of the file while it's playing, and secure output would prevent capturing what is sent to the
Without remote attestation, this problem would not exist. The user could simply download the song with a player that did not enforce the band's restrictions, or one that lets him convert the song to an "unrestricted" format such as [[MP3]].
Line 103:
*[https://www.trustedcomputinggroup.org/home Trusted Computing Group] (TCG) — Trusted computing standards body, previously known as the TCPA.
*[http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html 'Trusted Computing' Frequently Asked Questions] — Anti-TC FAQ by Cambridge University security director and professor [[Ross Anderson]].
*[http://www.research.ibm.com/gsal/tcpa/ TCPA Misinformation Rebuttal and Linux drivers] from the IBM Watson Research - Global Security Analysis Lab
*[http://www.cs.dartmouth.edu/~sws/abstracts/mswm03.shtml Experimenting with TCPA/TCG Hardware, Or: How I Learned to Stop Worrying and Love The Bear. Technical Report TR2003-476, CS, Dartmouth College. December 2003.]
*[http://www.microsoft.com/resources/ngscb/default.mspx Next-Generation Secure Computing Base (NGSCB)] — Microsoft's trusted computing architecture
*[http://www.schneier.com/crypto-gram-0208.html Palladium and the TCPA] — from Bruce Schneier's Crypto-Gram newsletter.
Line 109 ⟶ 111:
*[http://www.gnu.org/philosophy/can-you-trust.html Can you trust your computer?] — essay by the FSF
*[http://tech.blogs.eff.org/archives/000218.html Technically Speaking blog's "Microsoft Meeting" article] -- Explains "sealed storage" in more depth than this article, yet without going into all the mathematics
*[http://www.p2pnet.net/trusted1.html Trust Computing: Promise and Risk], a paper by EFF (Electronic Frontier Foundation) staff technologist Seth Schoen.
[[Category:Cryptography]]
| |||