MI-80

Back in early 2003 I was reading about Microsoft's Palladium initiative, later renamed the Next-Generation Secure Computing Base (NGSCB), and especially the fact that Trusted Computing really should not be mentioned in the same sentence as security. Well come a few years later and that is truer than ever. If you ever looked at NGSCB, it is soon clear that its intent is not to secure our computers from others, but rather to secure content providers from us. While the white papers and overviews often talk about how great Trusted Computing is, they often leave out how it is really being implemented. Do not get me wrong, Trusted Computing does have potential. If used properly it can perform very well concerning encryption keys being stored in hardware (Core Trusted Platform Modules), which is much harder to break than traditional software based systems. Unfortunately the only plans meeting my definition as used properly has been the Linux distribution Gentoo, which has laid out their plans for the user optional implementation of Trusted Computing support. Unfortunately for everyone else, the upcoming wide deployment of Trusted Computing has more to do with locking the flexibility of your computer down and nothing to do with security.

Advocates of Trusted Computing are often quoted as stating how no company would abuse Trusted Computing or use it to limit the end user, as that just wouldn't fly in today’s market. Sadly as the course has progressed all market pressure has done has toned down the open discussion. Over the past few years, it has widely fallen from scrutiny. The biggest problem today is not Trusted Computing itself, but that developers have been so successful in slowly preparing deployment without a larger public outcry.

The looming black eye the large developers are preparing will be coming in the fall of 2006. Both Microsoft's Vista operating system and Apple's Mac OS X 10.5 will include technologies with various names such as Protected Video Path-Output Protection Management (PVP-OPM). This wonderful technology looks to see if your monitor is High-bandwidth Digital Content Protection (HDCP) compliant. If not, high-definition content such as next generation DVD's will be downgraded in quality. That's right, even your 30 inch Apple Cinema display you just paid $2,500 for will be artificially handicapped by the next releases of Windows and OS X, all because the signal can't be properly encrypted from the back of your PC to your monitor. Do you feel safer knowing this is how Trusted Computing is helping you?

The biggest confusion people have with Trusted Computing is that they make the mistake of thinking it is meant to secure end-users. Real-world implementations of Trusted Computing have little to do with securing your desktop, reversely it has to do with closing the "hole" you have in being able to use it as you please. The security comes in that content providers can trust your PC to obey their commands, to not play their pirated content, etc. We are actually the untrusted evil doers who Trusted Computing is meant to stop. The only thing I can say about Trusted Computing is not to trust it, because it does not trust us.