Back in the Spring of 2003, I wrote a column discussing Microsofts Trusted Computing initiative (the name of which had just been changed from Palladium to Next-Generation Secure Computing Base). In that column, I talked about the need to be wary whenever Microsoft used the word “security” in conjunction with “trusted computing.”
If one looked at the design and intent of NGSCB, it quickly became clear that its goal wasnt to secure systems from attacks by hackers, worms and viruses. As I said two years ago, “NGSCBs main purpose is to make sure users such as yourself arent pirating Microsofts or partners software or any other copyrighted content—even if that means taking over your system remotely and removing or disabling the offending untrusted software.”
I received plenty of reader responses in support of that column, but I also received some that said that I was making much ado about nothing, that no vendor would ever abuse trusted computing features—Microsofts or anyone elses—and that trusted computing would never be used to limit a users software or hardware capabilities.
At any rate, Microsoft sure seemed worried about the many criticisms it was receiving about NGSCB, as the company pulled back on some of its plans and toned down discussions of NGSCB in the marketplace. But that doesnt mean that Microsoft pulled back the strategy. To a large degree, Microsofts method of flying NGSCB under that radar has worked because I rarely hear anyone talking about trusted computing nowadays. But we shouldnt let our attention stray, as trusted computing is still out there, and Microsoft and its partners are still working diligently on it.
Before I throw NGSCB completely onto the fire, though, there are good elements to trusted computing. The core Trusted Platform Modules, if used properly, can be of help in many situations, offering greater hardware-based security for keys and tokens. But the operative words here are “if used properly.”
In all the white papers and FAQs at www.trustedcomputinggroup.org, it sounds like the vendors that have signed on to this initiative want to do only good with this technology and would never think of doing anything that would limit users rights and access.
But, as always, actions speak louder than words, and from news that has come out in the last few months, I think we should still be worried about vendors abusing trusted computing.
Example No. 1 is a little something that Microsoft has in store for its lucky customers who upgrade to Vista next year: PVP-OPM (Protected Video Path-Output Protection Management), a technology that, while not a specific part of NGSCB, clearly shows where Microsofts loyalties lie. What does this great thing do? It looks to see what type of monitor you have attached to your PC, and, if it doesnt like it, it will prevent you from watching DVDs and other digital content or will downgrade the quality of this content.
Cool! I feel so much more protected. Its great to know that my own PC will work against me if I dont upgrade to a new Big Brother-enabled monitor.
Example No. 2 is the current Sony DRM (digital rights management) root-kit fiasco. The fact that Sony installed a dangerous Trojan-like program on unwitting user systems is bad enough, but imagine if this type of program were installed under the protective wings of trusted computing.
Would we have even found out about it? Could it have been uninstalled? This is the kind of thing some vendors will use trusted computing for—no matter what they say in white papers and FAQs.
Because, remember, we arent the customers of trusted computing—the corporations that hold the content rights for movies, music, games and software are the actual customers. No, were the untrusted enemy who is naive enough to think that we have control over the hardware and software that weve purchased and that we have some kind of fair-use rights.
When it comes to trusted computing, dont trust it. After all, it doesnt trust us.
Labs Director Jim Rapoza can be reached at firstname.lastname@example.org.