Who should trust “Trusted Computing”?

Most PC devices can connect to network resources, either on a public (Internet) or private network.  The Trusted Computing Group has developed standards for “Trusted Computing”, which has a specialised meaning.  With “Trusted Computing”, PC behaviour is enforced by standards and technologies that shift the root of trust from software to hardware embedded in the device.  For example, PCs with a TPM (Trusted Platform Module) could have hardware preset by the supplier:

  • to restrict the operating system versions;
  • to restrict software to specific versions;
  • to provide encrypted access to data stores;
  • to measure and report on the integrity of platform, including the BIOS, disk MBR, boot sector, operating system and application software.

In a corporate environment with a private network, it increases confidence in the integrity of the system.  Hardware identification of the end-points increases levels of information assurance is a benefit and could justify the complex processes of TPM deployment.  There is a case for extending the use of TPMs into more mobile devices.  Such reasons have led to mandation for business communications with the US DoD.

However, before anybody thinks of mandating “Trusted Computing” for the general public, let’s look at some of the implications.  Depending on how the standards are deployed, both PCs and mobile devices could lose flexibility, freedoms and privacy.  The superficial attraction of improved security on private networks could constrain the use of public networks and deter innovation.

Many areas of concern are reviewed in Wikipedia:

  • In order to trust anything that is authenticated by or encrypted by a TPM … , one has to trust the company that made that chip, the company that designed the chip, those companies allowed to make software for the chip, and the ability and interest of those companies to not compromise the process;
  • “Trusted Computing” (TC) would have an anti-competitive effect in the IT market;
  • TC can support remote censorship;
  • Software suppliers can make it much harder for to switch to competitors’ products;
  • TC-protected documents may be unreadable by competitive software;
  • Digital rights management technology could prevent users from freely sharing and using potentially copyrighted files without explicit permission;
  • A user who wanted to switch to a competing program might find that it would be impossible for that new program to read old data;
  • With remote attestation, a website could check the Internet browser being used and refuse to display on any browser other than the specified one;
  • The migration section of the TPM specification requires that it be impossible to move certain kinds of files except to a computer with the identical make and model of security chip;
  • Users unable to exercise legal rights, under headings such as fair use, public interest or whistle-blowing;
  • Users vulnerable to vendor withdrawal of service;
  • Users unable to override restrictions even if confirmed to be physically present to allow the computer to use a secure I/O path to another user;
  • Loss of anonymity could have a chilling effect on political free speech, the ability of journalists to use anonymous sources, whistle blowing, political blogging and other areas where the public needs protection from retaliation through anonymity;
  • TPM hardware failure creates the possibility of a user being irrevocably cut-off from access to private information.

The risk is that “Trusted Computing” becomes mandated without a full debate of these concerns before incorporation into government policy.  When you look at the list of financial supporters of “Trusted Computing”, many have a lot to gain from anti-competitive application of the standards.  Arguments for policies and regulations that might curtail current liberties should be balanced against those from less well-financed champions of Open Source, Open Rights, Open Internet and Civil Liberties.  We must avoid the scenario where honest citizens, without TPMs installed in their communications devices, could be locked out of using digital public services.


Leave a Comment »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Blog at WordPress.com.

%d bloggers like this: