| Trusted Computing is perhaps one of the most | | | | more for the administrator than the employee, |
| misunderstood (willfully misunderstood, to be frank | | | | however. The TNC, Trusted Network Connect, has a |
| about it) emergent technologies for computer security. | | | | whole bunch of protocols defined around IF-MAP, |
| The misunderstanding starts from Wikipedia's entries | | | | Interface For Metadata Access Protocol, that allows |
| on Trusted Computing, and continues through hundreds | | | | clients to be queried as to their state, and for other |
| of articles and blogs. There are, of course, valid | | | | network devices to talk amongst themselves about |
| objections on the basis of that it is a closed chip, and | | | | the state of the network. Although designed for the |
| although it could be implemented using Open Source | | | | corporate network, in a home environment it could for |
| software who is to say that there are no hidden | | | | instance detect someone hacking your networked |
| backdoors in the implementation. However, a similar | | | | toaster and close down sufficient services to stop |
| argument can be made for just about any computer | | | | your toaster frying the rest of your house. |
| system available, so if you can get past that mental | | | | 4. Digital Rights Management |
| block, here are five great reasons to get excited about | | | | Oh look, I said the bogey word, DRM, that sends |
| Trusted Computing. | | | | opponents of Trusted Computing into fit of indignation. |
| 1. Trusted Computing-based Full Disk Encryption | | | | However, the fact of the matter is that media |
| There are a number of free (TrueCrypt being the | | | | companies want to deliver content over the network |
| most well-known) and paid-for software-only solutions | | | | to you, but don't want you doing what you want with it, |
| to realising full disk encryption, but recently there has | | | | as they've spent a good deal of money making the |
| been a lot made of the Evil Maid attack, where a PC | | | | content. Trusted Computing and the Trusted Platform |
| left alone in a hotel room is booted off an external | | | | Module in your network-connected set-top box, and |
| drive in order to steal the password. However, Joanna | | | | you have a system that has the potential to fulfil the |
| Rutkowska from Invisible Things Labs has described | | | | "better than free" mantra, like iTunes has done for |
| how Microsoft's BitLocker full disk encryption solution | | | | music. |
| may be easily enhanced so that the user can easily | | | | 5. Mobile phone security |
| see that their computer has been hacked. If this Evil | | | | Currently, some cell phones like the BlackBerry have |
| Maid attack is not a major concern, the Trusted | | | | excellent security, ones like the iPhone claim they have, |
| Computing Group has defined the Opal specification | | | | and yet more have little or none. However, Trusted |
| that implements full disk encryption on the drive | | | | Computing defines the Mobile Trusted Module, a |
| hardware, circumventing any performance concerns | | | | security chip (or some software running in a |
| that software solutions have. There is no good reason | | | | highly-trusted and secure mode performing the same |
| why the next drive you buy should not support the | | | | function) that adds the same features as the TPM |
| Opal specification. | | | | plus a few extras suitable to the music world. Now, the |
| 2. Unified secure login to your favourite sites | | | | mobile operator can have rock-solid DRM for their |
| The OpenID initiative has produced a method to log | | | | ring-tones (yes, you may roll your eyes too at that |
| into many sites with a single password while keeping | | | | comment!), but more importantly your mobile banking |
| that password managed in one central location. This is | | | | can be as secure, if not more secure, than PC banking. |
| a great initiative, but for wider adoption, and for | | | | The National Security Agency of the US is even |
| adoption by entities such as banks that have higher | | | | rumoured to be looking at this for who knows what... |
| security requirements, and for adoption by users | | | | So, there are five great reasons to get exciting about |
| themselves who have higher security requirements, | | | | Trusted Computing. In some of the cases above it |
| Wave Systems have taken this one step further by | | | | may not seem like your friend, but Trusted Computing |
| protecting these passwords with a Trusted Platform | | | | is certainly not your enemy, unless of course you are |
| Module, so that the servers on the other end can be | | | | a hacker! The people working on these Trusted |
| assured who the user really is as the password is | | | | Computing standards are very talented guys and few |
| backed with the guaranteed identity from the TPM, | | | | if any of them, not even the Microsoft guys I know, |
| and the user can be assured that access to the | | | | are out to get you and lock you into their products. |
| services can only be made from the computer with | | | | Indeed, the TPM specification bends over backwards |
| the TPM installed. | | | | to maintain your privacy at the expense of |
| 3. Network assurance | | | | functionality! |
| This feature is a great one for corporates, perhaps | | | | |