Comments on: Don't trust trusted computing: Microsoft's Next Generation Secure Computing Base http://www.homelandstupidity.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/ Protect yourself from government gaffes, bureaucratic blunders and incumbent incompetence Mon, 06 Feb 2012 16:25:45 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: James D http://www.homelandstupidity.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1709 James D Mon, 05 Feb 2007 21:12:29 +0000 http://www.ioerror.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1709 Why is it that the owner of the computer not allowed the keys needed to encrypt/decrypt their own data? Why is the owner not allowed to decide which programs to trust and which not? Why is the owner not allowed to decide what configuration they would like their computer to maintain? Possibly (Allowed=Trusted?) Bootstrapped systems are nothing new and they are very secure, however this is paradigm shift in home computer security. This will Prevent the user from gaining full access to their own machine. Read the EULA (End User Licence Agreement) for Vista. In the information security community the words 'trust' and 'trustworthy' have a more subtle meaning than in common parlance. The proper definition is that a trusted system or component is one whose failure can break the security policy, while a trustworthy system or component is one that won't fail. Why is it that the owner of the computer not allowed the keys needed to encrypt/decrypt their own data? Why is the owner not allowed to decide which programs to trust and which not? Why is the owner not allowed to decide what configuration they would like their computer to maintain? Possibly (Allowed=Trusted?)

Bootstrapped systems are nothing new and they are very secure, however this is paradigm shift in home computer security. This will Prevent the user from gaining full access to their own machine. Read the EULA (End User Licence Agreement) for Vista.

In the information security community the words ‘trust’ and ‘trustworthy’ have a more subtle meaning than in common parlance. The proper definition is that a trusted system or component is one whose failure can break the security policy, while a trustworthy system or component is one that won’t fail.

]]> By: Informática post-2007: lo que nos depara el futuro cercano » TheRZone http://www.homelandstupidity.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1708 Informática post-2007: lo que nos depara el futuro cercano » TheRZone Thu, 08 Jun 2006 06:41:30 +0000 http://www.ioerror.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1708 [...] Don’t trust trusted computing [...] [...] Don’t trust trusted computing [...]

]]> By: Blog of helios http://www.homelandstupidity.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1707 Blog of helios Thu, 25 May 2006 00:34:21 +0000 http://www.ioerror.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1707 <strong>MS Assaults Customers with First Wave of Attacks...</strong> If you have one efferent neuron still firing between your ears, you would do well to read this. Damn the politics...it's the content. We Tried to warn you. Sometimes we were not overly kind in doing so. Other times we just came right out a... MS Assaults Customers with First Wave of Attacks…

If you have one efferent neuron still firing between your ears, you would do well to read this. Damn the politics…it’s the content.

We Tried to warn you.

Sometimes we were not overly kind in doing so.

Other times we just came right out a…

]]> By: Windows Vista under control of Hollywood - Homeland Security or Homeland Stupidity http://www.homelandstupidity.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1706 Windows Vista under control of Hollywood - Homeland Security or Homeland Stupidity Sun, 01 Jan 2006 05:46:29 +0000 http://www.ioerror.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1706 [...] Find out more about Microsoft’s Next-Generation Secure Computing Base, of which the Protected Media Path is a part. Filed under: Windows, Internet, Privacy [...] [...] Find out more about Microsoft’s Next-Generation Secure Computing Base, of which the Protected Media Path is a part. Filed under: Windows, Internet, Privacy [...]

]]> By: Trusted computing? Not with Microsoft - IO ERROR http://www.homelandstupidity.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1705 Trusted computing? Not with Microsoft - IO ERROR Thu, 01 Sep 2005 00:46:35 +0000 http://www.ioerror.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1705 [...] IO ERROR | 2005/08/31 at 20:43:48 | Windows, Internet, Privacy | Trackback URI | Comments via RSS 2.0 | Tags: DRM, Microsoft, trusted computing, Windows Vista A while back I wrote about trustedcomputing and how Microsoft’s implementation, the Next Generation Secure Computing Base, was set to impose onerous restrictions on computer owners, such as preventing them from playing legally purchased media with a player not approved by Microsoft. The post got some scathing criticism from some trusted computing practitioners who missed the point. Trusted computing is not the problem; Microsoft is.Recently the Trusted Computing Group released a best practices document, Design, Implementation and Usage Principles for TPM-Based Platforms. The document, which Bruce Schneier reviewed in detail, says, among other things, that implementations should give the owner ultimate control of their computers and not put up interoperability roadblocks. [...] [...] IO ERROR | 2005/08/31 at 20:43:48 | Windows, Internet, Privacy | Trackback URI | Comments via RSS 2.0 | Tags: DRM, Microsoft, trusted computing, Windows Vista A while back I wrote about trustedcomputing and how Microsoft’s implementation, the Next Generation Secure Computing Base, was set to impose onerous restrictions on computer owners, such as preventing them from playing legally purchased media with a player not approved by Microsoft. The post got some scathing criticism from some trusted computing practitioners who missed the point. Trusted computing is not the problem; Microsoft is.Recently the Trusted Computing Group released a best practices document, Design, Implementation and Usage Principles for TPM-Based Platforms. The document, which Bruce Schneier reviewed in detail, says, among other things, that implementations should give the owner ultimate control of their computers and not put up interoperability roadblocks. [...]

]]> By: Michael Hampton http://www.homelandstupidity.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1704 Michael Hampton Sat, 20 Aug 2005 21:40:23 +0000 http://www.ioerror.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1704 You can strike the sentence "In addition, for those of you playing at home, the TPM as specified and implemented will ultimately place control of your computer in the hands of Microsoft." If you wish. The rest remains true. Microsoft will leverage its own technologies, and its implementation of trusted computing, to prevent you from using your computer in perfectly legal ways. You can strike the sentence “In addition, for those of you playing at home, the TPM as specified and implemented will ultimately place control of your computer in the hands of Microsoft.” If you wish. The rest remains true. Microsoft will leverage its own technologies, and its implementation of trusted computing, to prevent you from using your computer in perfectly legal ways.

]]> By: awkuhn http://www.homelandstupidity.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1703 awkuhn Sat, 20 Aug 2005 20:32:38 +0000 http://www.ioerror.us/2005/07/28/dont-trust-trusted-computing-microsofts-next-generation-secure-computing-base/#comment-1703 "...In addition, for those of you playing at home, the TPM as specified and implemented will ultimately place control of your computer in the hands of Microsoft. As the development of the Next Generation Secure Computing Base progresses, look for Windows technologies such as the Protected Media Path — which will be in Windows Vista — to prevent you from using your computer in completely legal ways..." This comment is just plain wrong. Microsoft is not involved in creating a trust infrastructure but Microsoft will support the Trusted Computing Group"s http://www.trustedcomputinggroup.org infrastructure. Before writing so blatently uneducated and plain wrong statements i w ould urge everybody to go to the above referenced website. Also this is a good read: TCG Best Practices and Principles at http://www.trustedcomputinggroup.org/files/resource_files/59C26ECB-1D09-3519-AD469EA7AFBD2E91/Best_Practices_Principles_Document_V2_0.pdf “…In addition, for those of you playing at home, the TPM as specified and implemented will ultimately place control of your computer in the hands of Microsoft. As the development of the Next Generation Secure Computing Base progresses, look for Windows technologies such as the Protected Media Path — which will be in Windows Vista — to prevent you from using your computer in completely legal ways…”

This comment is just plain wrong. Microsoft is not involved in creating a trust infrastructure but Microsoft will support the Trusted Computing Group”s http://www.trustedcomputinggroup.org infrastructure. Before writing so blatently uneducated and plain wrong statements i w ould urge everybody to go to the above referenced website.

Also this is a good read:

TCG Best Practices and Principles at http://www.trustedcomputinggroup.org/files/resource_files/59C26ECB-1D09-3519-AD469EA7AFBD2E91/Best_Practices_Principles_Document_V2_0.pdf

]]>