04.23.09
The Bill Gates “Security as a Lock-in”: Thy Name is TPM?
Introduction to “Trusted Computing”:
Summary: Microsoft uses the Windows zombies disaster to promote computing whose operation can be controlled by remote authorities
BASED ON A MEMO that we shall publish one day in the future, Bill Gates intended to use “security” as a lock-in mechanism. It is very common — not just when it comes to Microsoft for that matter — to use “security” as an excuse for seizing greater control. We saw it when comes to OOXML very recently.
It’s no exaggeration to say that Microsoft totally dropped the ball when it comes to security. According to the following new report which stems from Microsoft friend and pusher for software patents in Europe (namely Finjan [1, 2, 3, 4, 5, 6]), even governments are severely impacted by this.
Botnet ‘ensnares government PCs’
[...]
The Cabinet Office would not give details of what the compromised machines had been instructed to do, nor the names of the different government departments that had been infiltrated.
This one particular report mentions Windows, but many similar reports so characteristically do not; they must be too shy. And here we have another new report from a security conference where Microsoft proposes ineffective cure for a disease it created. Microsoft uses this catastrophe to promote TPM, which would have many devastating effects.
Regarding this article, says one person:
The most successful security model would be to deny all Windows computers connection to the Internet. There, all done. No more viruses, no more spam, no more bot nets.
Another says that “this stuff is scary” and the last message explains what Microsoft could be up to.
I don’t mind TPM as long as *I* get to control it. I’ll even be willing to *permit* it to participate in Microsoft’s chain of trust, as long as I can also use it to boot my own OS that *I* trust.
Prediction… As soon as new PCs come with TPM that trusts only Microsoft, we’ll see just how trustworthy that whole business/software model is. It’ll either get cracked, or the market will head in the other direction. It isn’t just Freedom-Heads here, it’s also companies that want to control their own images. Customer-controlled TPM is good for them as well as me. Microsoft-controlled TPM is good only for Microsoft.
As we showed before, IBM may be trying to do the same thing to Linux, so we are appending some information below. █
_______
[1] IBM Brings Trusted Computing to Linux
The architecture involves the “Trusted Platform Module” (TPM) chip that provides hardware storage of private keys, making it impossible for hackers to spoof computer systems. Any attempts to hack into the system would change the system code, which could be easily detected. By adding a new feature to Linux, the research team has successfully performed security checks that go above and beyond checking the first few steps in powering on the system, the feature designed by TCG. The new solution validates the operating system kernel and all application software running on the system.
[2] Cisco, Microsoft, Others Get Together On Security
Microsoft, Cisco Systems and the open-standards Trusted Computing Group each developed their own NAC approaches, which use a variety of software and hardware to boost network security.
[3] Why the world needs openness, not interoperability.
This NAC/NAP lovefest would be laughable if it weren’t such a kick-in-the-teeth to the rest of the industry, enterprise IT, and all Internet users. A Cisco/Microsoft oligopoly stalls implementation, stifles innovation, and makes the network less secure. In this way, Cisco and Microsoft are standing in the way of progress.
[4] Trusted Or Treacherous Computing?
Microsoft describes how to revoke rights to render based on ‘who the user is, where the user is located, what type of computing device or other playback device the user is using, what rendering application is calling the copy protection system, the date, the time, etc.’ Someuch for Microsoft’s you-should-have-control assurances.
[5] The Future of Trusted Linux Computing
TC With User Freedom At Helm. The idea of TC in the Linux world is actually a fairly reasonable one. Providing a root-locked, buttoned down environment that system administrators will be able to control the security of the controlled network and those workstations within it.
With the absence of proprietary code in the mix, users will indeed, find themselves more inclined to trust their own administrators to make the best choices under such a controlled environment.
[6] Root-locked Linux for the masses
Eddie Bleasdale, open source evangelist and the man behind NetProject, has a new plan. Secure, managed desktop computing: Linux for the non-techies.
At the heart of the Trusted Computing Project is a £200 black box, about the size of those funny little Mac boxes, running a root-locked Ubuntu distribution. The user pays an annual fee of £50 for secure support from a proper Linux geek.
