Schneier on Security: Trusted Computing Best Practices: "August 31, 2005
Trusted Computing Best Practices
The Trusted Computing Group (TCG) is an industry consortium that is trying to build more secure computers. They have a lot of members, although the board of directors consists of Microsoft, Sony, AMD, Intel, IBM, SUN, HP, and two smaller companies who are voted on in a rotating basis.
The basic idea is that you build a computer from the ground up securely, with a core hardware 'root of trust' called a Trusted Platform Module (TPM). Applications can run securely on the computer, can communicate with other applications and their owners securely, and can be sure that no untrusted applications have access to their data or code.
This sounds great, but it's a double-edged sword. The same system that prevents worms and viruses from running on your computer might also stop you from using any legitimate software that your hardware or operating system vendor simply doesn't like. The same system that protects spyware from accessing your data files might also stop you from copying audio and video files. The same system that ensures that all the patches you download are legitimate might also prevent you from, well, doing pretty much anything.
(Ross Anderson has an excellent FAQ on the topic. I wrote about it back when Microsoft called it Palladium.)"
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment