I read this article on Trusted Computing over the past few days. It is from 2003 - six years ago.
What has happened since then?
It is hard to imagine that Trusted Computing will actually work. The worst case is that it does not work and it is bolstered by legal requirements to use it and prohibitions against anything that reduces its effectiveness. This would include prohibitions against investigations into how it works, its strengths and weaknesses and any alternatives such as already exist in the DMCA legislation in the US. This would also include prohibition of anything that could be used to investigate how Trusted Computing works and any communication of information about how it works. Such legislation has been proposed in other cases.
The emperor may have no clothes, but that will be OK because it will be illegal to look at his clothes or communicate anything other than the official statements about his clothes.
2 comments:
Not much has happened in the TC world since then. Neither the apocalyptic predictions nor the utopian ones have come true.
The vast spectre of Trusted Computing has been reduced to Microsoft's disk encryption product Bitlocker using the TPM chip to protect your password.
Intel has a technology called TXT or Trusted Execution that works with the Xen open-source virtualization software to set up secure virtual machines. Theoretically these could be used to enforce DRM and other "evil" technologies, or perhaps more optimistically they could enable futuristic technologies like secure Internet voting. It's a bit ironic that the most sophisticated developments have come from the open source world, such as the TPM device driver and Trousers software package on Sourceforge, coming soon to a distribution near you.
IMO the biggest reason for TC's failure is the general unreliability of software. You can launch a secure VM and make sure it can't fake its identity, but the OS running in the VM is pretty much guaranteed to have enough bugs to punch your security curtain full of holes. If you limit the size of the software to small enough that there's a good chance it's not buggy, then it's not powerful enough to do interesting things. Quite a dilemma.
Thanks for your comment.
Your point about the quality of non-trivial software is a good one, and experience to date suggests that it is extremely difficult to create software that is secure.
It would be good to see open-source solutions to some of the "security" issue, including DRM. Tools that worked without abusing the systems they are installed on would be a good thing, particularly if they allowed rights holders to protect their rights without preventing others exercising theirs.
One of the problems with the solutions I have seen (actual or proposed) is that they prevent or seriously inhibit the exercise of many legitimate rights in addition to preventing rights abuse.
Post a Comment