Daily Cup of Tech

An interesting perspective on trusted computing:

The one thing that the video does not point out is whether or not the user is knowledgeable enough to decide what is a threat and what is trustworthy.

Similar Posts:

• Stop the World! I Wanna Get Off!
• Root Out Rootkits With New Freeware
• Howto Be A Walking TV
• Awesome Find #1: Amazon EC2 So Simple a Poet Can Use It
• Security Video - Hijacking a WiFi Access Point

If you found this post useful, why don't you buy me a cup of coffee to show your gratitude?

Trackback link - http://www.dailycupoftech.com/2007/09/25/who-chooses-whom-you-trust/trackback/

 

7 Responses to “Who Chooses Whom You Trust?”

1. RobertC Says:
   September 25th, 2007 at 7:34 am

   Open DNS has worked well for some of my clients who do not know the risks associated with going to untrusted areas of the Net. It isn’t perfect, and if http://www.threatstop.com/ and open dns were to team up, it might be a better system all around.
   Just my 2 cents, which is worth even less than that now that the American dollar is tanking

2. Matthew Musgrove Says:
   September 25th, 2007 at 9:52 am

   This video is no longer available.

3. chrono13 Says:
   September 25th, 2007 at 9:54 am

   That video has been removed.

   The original site is http://www.lafkon.net/tc/

4. Bruno Miguel Says:
   September 25th, 2007 at 9:58 am

   Hi. The video is no longer available

5. Tim Fehlman Says:
   September 25th, 2007 at 10:18 am

   Sorry about that! It should be working now!

   Tim

6. Hal Says:
   September 27th, 2007 at 2:54 pm

   Here is the script for the video short as I transcribed it. I will comment on it afterwards:

   Trust. Trust is the personal belief in correctness of something. It is the deep conviction of truth and rightness, and cannot be enforced. If you gain someone’s trust, you have established an interpersonal relationship, based on communication, shared values and experiences. Trust always depends on mutuality.

   This process has been reshaped by the computer industry. Now, a microchip does that task for you. The industry calls it Trusted Computing. This chip will be in computers, notebooks, servers, PDAs, cell phones, game units, dvd players, set top boxes, …. and it will be in your devices, too.

   What has Trusted Computing to do with trust? Let us show you.

   In a Trusted Computing environment, the major goal is to protect us from potential threats. The original Trusted Computing idea is designed to let you decide what to consider as threats, and what to consider trustworthy. You can control by your own personal conviction. Trusted Computing sounds great, doesn’t it?

   The industry’s interpretation of the Trusted Computing idea looks quite similar. Aiming at the same: to find threats, and make computing trustworthier. The main difference is that you cannot decide by your own what is trustworthy and what is not. Because they already decided for you. And they already decided not to trust you.

   So, if they don’t trust you, why should you trust them?

   Trusted Computing sounds great. Is it?

7. Hal Says:
   September 27th, 2007 at 3:05 pm

   Now, I know a lot about Trusted Computing. I have worked in security for years and although I am not affiliated with TCG I have studied their documents and specifications.

   I find this movie to be highly inaccurate in its brief description of what TC is. The authors claim that you will not be able to decide who to trust, and that “they” (the industry?) has decided not to trust you.

   In fact, TC is a technology to allow computers to prove their integrity and system state, and to lock data to that state so it is inaccessible if the computer is altered in certain ways. Even across a network it will be possible for a computer to prove that it is running in a certain hardware and software configuration. This means that you will be able to decide which other computer systems to trust, and other people will be able to decide whether to trust your computer. This would have applications such as e-voting, where the voting server could tell if your computer had been hacked to steal or alter your vote; P2P or MMORPG networks which could tell if all the members were running legitimate software clients; and many others. It could also facilitate DRM by allowing a server to tell if it was about to download content to a hacked client.

   The bottom line is that everyone is still free to decide who to trust. It’s true that you can’t hack your own computer without other people being able to tell if you try to join a TC-aware network or service. This is the germ of truth about “not trusting you”. But at the same time this protects you, because it means that when you decide to trust a remote system, you are protected against the owner hacking that system.

   Unfortunately there is no really good and unbiased information available on the net about Trusted Computing. Ironically the video directs you to againsttcpa.com, which is a completely moribund site that’s been idle since about 2004. For now you could do worse than consult the Wikipedia; it’s not completely unbiased but does make some attempt to present all sides.

8. Blux 2.0 Says:
   October 4th, 2007 at 1:51 am

   Daily Cup of Tech

Leave a Reply