December 15, 2005

Do you trust your computer?

Already over 20 million PCs worldwide are equipped with a tiny security chip called the Trusted Platform Module, designed by Trusted Computing Group, an industry consortium including Microsoft, Intel, IBM, HP and AMD. But once merchants and other online services begin to use it, the TPM will do something never before seen on the Internet: provide virtually fool-proof verification that you are who you say you are. The chip permanently assigns a unique and permanent identifier to every computer before it leaves the factory and that identifier can’t subsequently be changed.

A 'trusted' computer does not mean a computer that is trustworthy. The Trusted Computing Group describes "Technical Trust" this way: "an entity can be trusted if it always behaves in the expected manner for the intended purpose." Critics characterize a trusted system as a system you are forced to trust rather than one which is particularly trustworthy.

Trusted computing:
  • Unique machine/CPU is identified using certificates
  • Encryption is performed in the hardware
  • Data can be signed with the machine's identification
  • Data can be encrypted with the machine's secret key

Why trusted computing is bad:
  • Users can't change software
  • Users don't control information they receive (DRM, restricted sharing)
  • Users don't control their data (sealed storage)
  • Loss of Internet Anonymity


Trusted Computing video
{ 3 min 30 sec - credits http://www.lafkon.net/tc/ }.


Can you trust your computer? (great essay by Richard Stallman)