Tuesday, August 30, 2005

Microsoft Watch: Something fishy's going on

Bruce Schneier writes in a special to C|Net News:

The Trusted Computing Group is an industry consortium that's trying to build more secure computers.

It has a lot of members, although the board of directors consists of Microsoft, Sony, Advanced Micro Devices, Intel, IBM, Sun Microsystems, Hewlett-Packard and two smaller companies that are voted in on a rotating basis.

The basic idea is that you build a computer from the ground up securely, with a core hardware "root of trust" called a Trusted Platform Module, or TPM. Applications can run securely on the computer, communicate with other applications and their owners securely, and be sure that no untrusted applications have access to their data or code.

This sounds great, but it's a double-edged sword. The same system that prevents worms and viruses from running on your computer might also stop you from using any legitimate software that your hardware or operating system vendor simply doesn't like. The same system that protects spyware from accessing your data files might also stop you from copying audio and video files. The same system that ensures that all the patches you download are legitimate might also prevent you from, well, doing pretty much anything.


Post a Comment

<< Home