Trusted Computing
The term Trusted Computing refers to a computer hardware and software design paradigm pioneered by the Trusted Computing Group that aims to make personal computers more secure.
The term Trusted Computing refers to a computer hardware and software design paradigm pioneered by the Trusted Computing Group that aims to make personal computers more secure.
The technology ensures that a computer only runs trusted software, and only communicates to other computers that are also running trusted software.
Trusted Computing has the potential to increase computer security, but is also controversial because it transfers some control of a computer away from the user to a “trusted” third party. Trusted computing hardware technology includes a encryption key which the user cannot access. Additionally, the technology relies on the third-party to decide whether a computer's configuration is acceptable. In most cases, these third-parties are the persons and companies who create a computer's hardware and software.
Many critics worry that this third-party control is prone to abuse and will harm computer users’ freedoms. The technology grants significant powers to the Trusted Computing Group, manufacturers and commercial software developers, who together exert control over what software applications and websites can be trusted. Some predict that the technology will pave the way for anti-competitive behavior in the software marketplace, harming consumers.
Today, adoption of this technology is widespread throughout the personal computer industry, with most major players now shipping personal computers with Trusted Computing capabilities.
Industry practice is currently to ship personal computers with Trusted Computing disabled, leaving the decision to enable the technology to the consumer. However, should the technology become even more widespread, consumers may have no option but to enable it. All computers without the technology could be left outside of the network of trust, thus having a severely limited ability with communicate to other computers.
Note: The information provided in this document is of a general nature and does not constitute legal advice. Moreover, it addresses only some issues involved with trusted computing. If you have questions about how trusted computing interacts with the law in a particular situation, you should consult a local lawyer.
FAQs
Resources
General Information
- Trusted Computing: Promise and Risk: Seth Schoen, a staff technologiest at the Electronic Frontier Foundation (EFF), provides an overview of Trusted Computing technologies and outlines many of the pros and cons.
- Trusted Computing : A Public Policy Perspective: A Staff Working Paper of the European Commission discusses the public policy issues surrounding Trusted Computing.
- Trusted Computing Group FAQs: The Trusted Computing Group is the organization responsible for establishing the industry standards and specifications for Trusted Computing technologies. They provide an FAQ addressing various issues and questions.
- Trusted Computing: An Animated Short: A short online film highlighting the dangers of Trusted Computing.
Security Analyses of Trusted Computing
- 'Trusted Computing' Frequently Asked Questions: In this FAQ, security expert Ross Anderson analyses many of the security drawbacks of Trusted Computing.
- Why TCPA: A report from the Global Security Analysis Lab of IBM Watson Research that discusses how Trusted Computing technologies might address modern security threats.
Trusted Computing Technologies
- Learn more about BitLocker Drive Encryption: A description of Microsoft's Trusted Computing drive encryption technology.
- Next Generation Secure Computing Base (NGSCB): NGSCB is Microsoft's secure computing architecture.
- TrouSerS FAQ: TrouSerS is an open-source Trusted Computing software stack for the linux operating system.
Trusted Computing in the News
- What price for 'trusted PC security'?: A BBC News article on some of the common concerns with Trusted Computing.
- Hardware security sneaks into PCs: C-NET News article on the introduction of Trusted Computing technologies into the hardware of computers by the major PC manufacturers.