What price for ‘trusted PC security’?
What price for ‘trusted PC security’?
You can now buy “trusted computers”, but can we really trust the PC vendors, asks technology analyst Bill Thompson. If you have recently bought an IBM ThinkVantage computer, a Dell Optiplex, or one of a whole range of laptops from Toshiba, HP/Compaq or Samsung then you may have got more for your money than you realised. Inside your shiny new PC is an extra chip called the trusted platform module (TPM) that can be used for a range of hardware-based security features. Eventually the TPM will be built into the main processor itself, and if the trusted computing group has its way then you will find one in every piece of hardware you own, from mobile phones to TV set top boxes to children’s toys. But for the moment it is a separate piece of hardware, providing enhanced security features to programs that know how to use them. And as part of a well-designed network system, it can provide a lot more security than we enjoy today. A big advantage of the TPM is that it is hardware-based. At the moment most of us rely on software to keep our information safe and secure. It might be password-protected user accounts, data encryption programs or a firewall, but it all relies on program code running on an inherently insecure processor. Hardware security is less common, even if it is a lot safer. This is partly because it is more expensive to give someone a smartcard than a password, but also because its more work for users, systems administrators and managers. As a result we settle for second best. So when it comes to computer security, trusted systems could be a major step forward. After all, if you have a laptop that will only run programs that have been digitally signed then it will be a lot harder for virus writers to get their malicious code to run. And if all your files are locked automatically then even if you get your computer stolen your personal data will be safeguarded. At the moment support for trusted hardware is not built into major operating systems. Instead you have to use special software, like HP’s ProtectTools or Wave Systems’ Embassy. This provides file encryption, password management and identity protection, usually for business users who connect to company networks. Full support for the trusted computing specification will not be available from Microsoft until the next release of Windows, “Longhorn”. This will include what Microsoft, in a typical act of obscurantism, calls the “Next Generation Secure Computing Base”, and it will give user-level programs access to the trusted computing hardware. When that happens we can expect to see a lot of publicity around the new capabilities, and no doubt the Windows security centre will encourage users to turn on their trusted computing capability just as they turn on their firewall. However there is a downside to the increased security from viruses, spyware and data theft that this will provide. Because the trusted computing base is also used to make digital rights management (DRM) systems more secure, this will give content providers a lot more control over what we can do with music, movies and books that we have bought from them. We have seen recently how allowing digital rights management services into our lives can lead to unwelcome consequences. Users of Apple’s iTunes used to be able to stream the music they had brought to up to five other iTunes users, a great way of letting your mates discover your music collection. But the latest version of iTunes limits this capability, just as an earlier upgrade reduced the number of times you could burn a selected playlist of purchased songs to a CD. Another took away the ability to play songs downloaded from Real’s Harmony service on your iPod. Apple can do this because they wrote the software and they control the rights management. Once it is embedded in trusted hardware it will be even harder for dedicated programmers to find their way around these restrictions and give us back the fair use rights that should be guaranteed under copyright law. Similarly, users of TiVo digital video recorders have found that they cannot record some shows, and other programmes that they have recorded are automatically deleted after a day. This happens because of changes that TiVo have made to their software, and the users cannot control it. One wonders whether hardware-based DRM will work for those who believe that locking-down digital content is a bad idea, and that the flexibility of copyright law is something that should be embraced and not taken away. It will not work because of the fundamental flaw at the heart of the system: in order for the purchaser to view the content it has to be unlocked. Once it is unlocked then someone, somewhere, will figure out a way to make a copy of the unlocked version. And once an unlocked version leaks onto the network it will be uncontrollable. The efforts going into DRM would be much better spent building efficient distribution services, finding business models that are based on trusting your customers, and offering high quality downloads at fair prices. What we want is not so much a trusted computing platform as a trusted customer platform. The record companies and the film industry need to recognise that most of us, most of the time, will pay a reasonable amount for good quality material. They will benefit more by building a market in which I can share songs with my friends, record shows I want to watch later, and burn CDs for my kids; a market which respects the spirit of copyright law and does not seek to replace it by restrictive contracts or end user agreements. We need to ensure that trusted computing remains under the control of the users and is not used to take away the freedoms we enjoy today. Bill Thompson is a regular commentator on the BBC World Service programme Go Digital.