Hardware security sneaks into PCs

Millions of workers will get the latest in PC security this year--but they won't get the full benefit.

The three largest computer makers--Dell, Hewlett-Packard and IBM--have started selling desktops and notebooks with so-called trusted computing hardware, which allows security-sensitive applications to lock down data to a specific PC.

But Microsoft's plans to take advantage of the technology have been delayed, meaning the software heavyweight likely won't get behind it until the release of Longhorn, the Windows update scheduled for next year.

News.context

What's new:
The top three PC makers have started selling models with encryption hardware, even though Microsoft's software for the technology has hit delays.

Bottom line:
That leaves hardware makers in a rare position: They are leading Microsoft, rather than working to support one of the software giant's initiatives.

More stories on this topic

That leaves hardware makers in a rare position: They are leading Microsoft, rather than working to support one of the software giant's initiatives.

"Our success is not dependent on Microsoft," said Brian Berger, executive vice president at security company Wave Systems and the marketing chair for the Trusted Computing Group. "When Microsoft comes on board with some of what they have talked about, it will be that much better, but this is not a Microsoft-centric activity."

The Trusted Computing Group, the industry consortium that sets specifications for the specialized hardware, has had to rely on other software makers to demonstrate the benefits of running a trusted PC.

Largely a footnote in 2004, the technology is set to take off this year, with the top three PC makers shipping laptops and desktops equipped with hardware security. Dell, the last holdout, announced that it had added the security technology to its latest line of notebooks on Feb. 1. In 2005, more than 20 million computers will ship with the trusted platform module, up from 8 million in 2004, according to estimates from research firm IDC.

The technology locks specialized encryption keys in a data vault--essentially a chip on the computer's motherboard. Computers with the feature can wall off data, secure communications and identify systems belonging to the company or to business partners. That means companies can improve the security of access to corporate data, even when the PC is not connected to a network.

Microsoft is a significant proponent of trusted computing. When it first publicized plans in 2002 to create a security technology known as Palladium, it said that its software component might be released as early as the end of 2004.

At the time, digital-rights advocates raised concerns that the technology could be used by software makers and media companies to control people's PCs, putting Microsoft on the defensive. The dispute even led the

[wrwjpn]

This is what we expect

from MS. Thet will get to it when they can, maybe.
They are the innovators of 'Trusted Computing', NOT.

Come on you MS drones tell me when we will see Longhorn and how great it will be if and when we get it.

[catchall]

No one need to

tell you MS bashing drones anything. Regardless of what MS does or does not do, your ready to hold them accountable for anything you can make up.

As the story points out, this is one of the FEW times that the hardware companies have lead MS on a feature, and you know what? My guess is the companies in question will have a solution that works with Windows as it stands. So we get all the benifits without having to wait for Longhorn.

[Richard G.]

Great, more Big Brother

First we have Intel with their CPU IDs burned onto all their chips, so you can be uniquely identified wherever you go using the Web. Now we have this "Trusted" computing inititive, which prevents you from using your own encryption keys.

So not only can my every move be monitored, now all my "encrypted" data can be read, without my control to use a different encryption method. Nice. I can't even trust my own PC anymore.

Oh well, at least Linux is around for use. Windows is little more than a video game platform anyways.

[catchall]

Missing the point

This is hardware they are talking about, so Linux offers no protection. If a content provider requires hardware decryption to use the content, you have little choice, regardless of which OS you choose to install.
And please, Windows is used on over 90% of the desktops world-wide, and is also heavly used on the server side, especially in small to mid sized companies. It is far more then a video game platform.

[Andrew J Glina]

PIII

The PSN was never unique. It was just rare. The whole PSN debate got way out of hand so Intel did the smart thing and just dropped it.

[System Tyrant]

Turning this into a MS vs Linux debate

I understand this to mean that computer are going to come with the hardware ability to encrypt and protect content on a pc. Outside of the fact that you will require software support to use it I'm not seeing where this is a Linux vs MS.

My question here is what happens when you need to move the data because your motherboard crashes? Does the OS have to support it or can it be used just by application?

As far as Windows on 90% of computers. Here at my office our main server is a Netware Server and we have one Windows Server Used only for SQL Server. Our workstation are all Windows XP, but I am activily proding our venders for Linux solutions. Out side of the workstation OS we don't use any other Microsoft products.

I'm not trying to bash Microsoft, but I am trying to move away from them. I don't know if we will ever completly get rid of Microsoft, but we can try. Competition is good so in my opinion having a choice of platforms is a really good thing.

[catchall]

You are right

This is not about MS or Linux (or Apple for that matter); it is about controlling content. Where are you able to view what. This has uses in the business environment (company documents, sensitive emails, ect) and in the home as well (DRM). The frightening part is that no one seems to have much of a road map for how this will be used, but the hardware is being put in place anyway. How much control does this give my OS provider? My Company? Good questions.

[Michael Grogan]

I am sooooo glad...

...that I build my own systems, use AMD processors and will give up computing before I ever buy Longhorn : )

[Andrew J Glina]

Time

I do the same thing, but we might change our mind when certain web content/features are only enabled when you have the correct motherboard features. Time will tell.

[Raife]

It's worse than that...

The makers of 'network-routers' have already integrated "Trusted Computing" requirements into their equipment. With the flip of a switch, you could, virtually-overnight, find yourself unable to access the Internet at all, ...unless you're using "Trusted hardware" running "Trusted software".

Not only that, but despite what some manufacturers have claimed, many technical-aspects of "Trusted Computing" are nothing more than hard 'DRM' enablers (which, in fact, have already been integrated into 'motherboard BIOSes', 'sound cards', 'storage-devices', etc.) and will finally allow large 'media-interests' and a certain (M)ajor (S)oftware company to completely 'lock-down', 'perpetually-charge-for', and rigidly 'tie' "...content" to specific a specific piece of hardware.

Let alone the 'privacy' nightmare of being unable to use any 'digital-media', or 'service', without being mercilessly 'identified', 'tracked' and 'monitored'.

And, yes, Microsoft clearly does hope to use it as a 'product' (and even a 'version') 'lock-in' tool.

[Steve Bryan]

Don't eat this dog food

For businesses that have legitimate uses for this sort of technology it is fine for them to purchase it. On the other hand a person has to have a significant disregard for his own interests to buy in to this technology for hoome use. I have no inclination to purchase any equipment that gives control over my computer to outside parties whose permission I have to seek. As for content that requires the use of this sort of technology they can shove it where the sun don't shine. Like the other DRM encrusted standards they've tried, they won't get a penny of my money and I hope they fail as badly as SACD, DVD-Audio and the other failed attempts.

They can push whatever "standards" they want, but that does not mean people have to buy it. As long as it is clearly labeled and shunned like the plague (as it deserves) it can turn into the next costly 'Big Brother' attempt that falls short in the market. The most important battle will be to get this stuff accurately labeled.

I tell you what....

The biggest fight will be getting the news out there to the general public about this technology. Letting the normal users know, in a very simple way, what potential this technology has to be misused and abused in the home environment. As a Sysadmin I like this for the institution I work for, but as a previous reader stated, I don't see the point on a home user.

This could lead to all sorts of privacy concerns. The idea that anyone can read my encrypted documents without my consent due to a "probable cause" scenario has me feeling like I am in a big brother'esque landscape of constant monitoring and analyzation. Which frankly, makes my skin crawl.

[Johnny Mnemonic]

This is not "DRM"...

I could be wrong, but, the previous posts assume
that this is some industry attempt at "watching"
us. TCG has recently been included in the latest
Linux Kernel. As per the TCG web page:

<a class="jive-link-external" href="https://www.trustedcomputinggroup.org/about/" target="_newWindow">https://www.trustedcomputinggroup.org/about/</a>

"The primary goal is to help users protect their
information assets (data, passwords, keys, etc.)
from compromise due to external software attack
and physical theft."

[George Cole]

information assets

<a class="jive-link-external" href="http://www.analogstereo.com/mercedes_e_class_owners_manual.htm" target="_newWindow">http://www.analogstereo.com/mercedes_e_class_owners_manual.htm</a>