The Trusted Computing Platform Alliance (TCPA) is an initiative by Intel and others which opponents charge could allow digital rights management technology into personal computers, removing their ability to act as general-pupose computers and making them into a "trusted computing platform". "Trusted" software protects data from examination or modification by other software on the computer as well as from the computer user himself.
Founder members of the TCPA are Compaq, HP, IBM, Intel and Microsoft. In 2003, TCPA disbanded and reformed as the Trusted Computing Group (TCG), retaining the TCPA documents and specifications.
Microsoft has now announced the Palladium operating system initiative, which is their attempt to present a "trusted computing" solution to the problems of computer insecurity. Palladium has since been renamed NGSCB, the Next Generation Secure Computing Base. It is expected to be a part of the next major Microsoft operating system release, codenamed Longhorn.
The key technical features of trusted computing are: sealed storage, where data can be encrypted in such a way that it can only be decrypted if the computer is in the same hardware and software configuration as when it was encrypted; and remote attestation, whereby the computer can securely and reliably report its software configuration to remote systems. The Microsoft version also adds "curtained memory", which protects trusted software and data from being examined or modified; and secure I/O, protecting keyboard data and video memory from examination. These features allow computers to retain backwards compatibility and act as general purpose systems, while allowing trusted software to carve out its own sphere of protection and run unmolested by either other software or the user himself.
Members of the TCPA present the initiative as beneficial to the consumer, increasing security for storing files and other data, as well as authentication information such as cryptographic keys. Proponents also see trusted computing as potentially allowing consumers to use their PC as a home entertainment centre, with the content protection features giving providers the confidence to make their data widely available on the internet. Critics counter that this initiative like other such initiatives suffers from the problem of enhancing the economic power of providers at the expense of consumers.
The choice of the term "trusted computing" is controversial, with some experts pointing to the principle in computer security that a "trusted system" is one that you are forced to trust, not one that is particularly trustworthy. Trusted computing architects claim otherwise, that the name means that a computer can be trusted as to its hardware/software configuration. This is a requirement to see this computer as a Trusted client.
Opponents of the TCPA represent it as a movement towards preventing competition in the computer industry, and deleterious to the rights of the individual. They also charge that it represents a threat to free software. A critique of the TCPA can be found in Ross Anderson's paper Security in Open versus Closed Systems - The Dance of Boltzmann, Coase and Moore.
Anderson states that:
One way in which this might happen would be if a sucessful PR and lobbying campaign to label "non-trusted" systems as insecure made it impractical or illegal to connect "non-trusted" systems to the Internet. This would cause the market to "non-trusted" computers to collapse, making "trusted" systems the only form of computers available for general-purpose use.
The competition concerns above have raised comments that the TCPA initiative may be illegal under antitrust legislation. However, previous events in the computing industry have shown that antitrust laws have not been effective to contain Microsoft's previous behavior.
Trusted Computing devices are designed to only give signed code full privileges, which means that the device is essentially controlled by the code signer, not by the device owner.
Sometimes security problems, even in the "trusted code" show up, like the one in the XBox, which temporarily allow the owner or anybody who can use the crack to gain full control over the device, but as such problems can be fixed by firmware updates, this is not going to be a permanent situation.
Intel appears to have announced a project called "LaGrande"(at least they are working on it) which appears to be Intel's part of the TCPA plan. It could turn a PC with a LaGrande-CPU and -chipset into a device which is half an XBox.
External links