Toner News Mobile › Forums › Toner News Main Forums › MICROSOFT REVEALS HARDWARE SECURITY PLANS
- This topic has 0 replies, 1 voice, and was last updated 9 years, 8 months ago by Anonymous.
-
AuthorPosts
-
AnonymousInactiveMicrosoft
reveals hardware security plans
April 2005:Can trusted computing hardware deliver security
without locking out competition ?
The next version of Windows,
codenamed “Longhorn,” will have security features to take advantage of the
trusted computing hardware now showing up in the marketplace, Microsoft
executives announced on Monday.
THE Software giant plans to deliver encryption features and
integrity checks to insure that computers, such as notebooks, that are
disconnected from a network are not affected by malicious programs. Called
Secure Startup, the feature will appear in Microsoft’s forthcoming version of
its operating system, known as Longhorn, and represents a much smaller subset of
the security features that the software giant had originally intended to build
into the system software.“We remain fully committed to the
vision of creating new security technology for the Microsoft Windows platform
that uses a unique hardware and software design to give users new kinds of
security and privacy protections in an interconnected world,” Selena Wilson,
director of product marketing for Microsoft’s Security Business and Technology
Unit, said in statement. “The changes we are making can be characterized as an
evolution of that original vision.”Secure Startup will combine
full-volume encryption, integrity checks and the hardware-based Trusted Platform
Module (TPM) to detect malicious changes to the computer and protect the user’s
data if the laptop is stolen, the software giant stated at its annual Windows
Hardware Engineering Conference (WinHEC). The Trusted Platform Module is a
standards-based hardware design created by the Trusted Computing Group, of which
Microsoft is a member. (SecurityFocus’s parent company, Symantec, is a
contributing member of the group.)While the technologies, once known
as Palladium and now called the next-generation secure computing base (NGSCB),
will help companies and consumers lock down their computers and networks,
concerns remain that the hardware security measures could also be used to
lock-in consumers to a single platform and restrict fair uses of
content.With homegrown integrity and
security features being added by a variety of devices by companies aiming to
lock out competition using the Digital Millennium Copyright Act (DMCA), the
specter of another hardware-based security feature worries some
information-system experts.Innovation could suffer if reverse
engineers are locked out from tinkering with devices, said Dan Lockton, a
graduate student at the University of Cambridge whose thesis focuses on the
effects of technologies created for controlling information.The fear is that “we’re moving to a
stage where the customer no longer has control over the product he or she has
bought or the products (created) using that device,” Lockton said.Printer maker Lexmark attempted to
block generic ink cartridge makers from reverse engineering its simple hardware
security scheme for validating legitimate cartridges. A federal appeals court
overturned in October an initial win for Lexmark and allowed chip-maker Static
Control to continue making the chips that made generic ink cartridges compatible
with Lexmark printers.“It is definitely clear that some of
the content owners themselves are trying to use the technology to erode some of
the fair use allowances that have historically been granted by the courts,” said
William Arbaugh, assistant professor of computer science for the University of
Maryland at College Park. “We have to be vigilant in order to stop that
tactic.”The Electronic Frontier Foundation,
an Information Age civil rights group, has also criticized the technology as
potentially undermining fair use rights.However, Microsoft’s Wilson stressed
that the software giant intends to increase user security, not reduce the
control the user has over their computer.“We have always been very clear that
NGSCB was never designed to be a system that would ‘lock-in’ users or decrease
the flexibility of the Windows computing experience,” she said. “Our vision has
always been to provide benefits in terms of security, privacy, and system
integrity while preserving the flexibility of Windows.”If Microsoft – and more importantly,
third-party content providers – give consumers full control over how the
technology is used in their systems, the security benefits could significantly
increase the protection of PC data, the University of Maryland’s Arbaugh
said.“This technology could be used for
some really heavy handed digital-rights management (DRM) but it can also be used
for some great improvements in security,” he said. “I think finding that sweet
spot will be a technical challenge as well as a policy
challenge.” -
AuthorApril 27, 2005 at 10:28 AM
- You must be logged in to reply to this topic.