jump to navigation

The meaning of Trusted Computing March 9, 2007

Posted by TSAI HONG-BIN in Diary.

Days before I had a survey of TPM (Trusted Platform Module) by the request of some customers. They want to know whether Linux can utilize TPM to secure the bootstrap and HDD, how much effort … sort of things. In addition to simply reply “positive,” I threw back a question to them: “What is the exact thing you want to protect? boot loader? kernel? memory? or your application run upon the system?”

Mr. Schoen had made a great review about Trusted Computing. http://www.eff.org/Infrastructure/trusted_computing/20031001_tc.php He clearly described what Trusted Computing can do, what is that to against and also gave an insightful review about the constraints tethered to consumers as a debate.

As Mr. Schoen said, it is impossible to “secure” your computer by implanting a single chip or installing a piece software. A TPM alone cannot protect everything a user may expect, it is the collaboration of hardware, operating system and the application that help protect sensitive data being disclosed. Besides, at the design phase of a project, the security policy most go with the objectives, so that we are able to design the enforcement scheme to protect the target. Trusted computing here as a mechanism to ensure that the bootloader, operating system, application software are executed as we expected, is a great work. So, what’s bad about it?

Mr. Schoen had addressed a great question in his article. It’s about consumers’ freedom (right?) of choosing software they favored. It is true that to protect software from being surreptitiously altered (by malicious code or virus), to prevent users from disclosing their private information to illegitimate party without knowledge, the proposal of “attestation” mechanism by Trusted Computing consortium seems to be a must. However, it is also true that if the protection is done by authenticating software (Attention! it’s not you call to authenticate a piece of software or not), we may lose the power to choose software we preferred. Somehow, software design house that is not wealthy enough to “bribe” a certificate (like ISO?) may be choked off. Examples given in Mr. Schoen’s article are browsers and Samba. I too believe that by applying Trusted Computing, we probably no longer have alternative browser but IE. So does this all imply that Trusted Computing as whole is an information technology conspiracy? Well, maybe. In the worst case, I just keep my old PC and install Linux anyway.

But technology is neutral, it has no evil or good. We had argument above about users’ freedom is because we let the users have choice. Since the platform we were talking about is an open system, users always have rights to choose software run upon it. And that’s why Trusted Computing in an open system looks so much like a custodial officer that restrain users from using “unauthorized” stuff. Those who were meant to be protected now become prisoned. So if it indeed is a dictatorial idea to apply Trusted Computing to an open system, how about a close one? or a semi-open system? If Trusted Computing doesn’t seem to be beneficial to consumers, why don’t we just admit the fact and let it benefits to everyone? Now I am talking about embedded systems.

Embedded systems usually provide services to users with embedded applications. One may give simple command through whatever the vendor gives you to alter its configurations, but has no way to play it like a PC. A single embedded system may not do all the works you do on PC, but if it is broken, you’ll be really mad. What I’m trying to bring on the table, are routers, firewalls, wireless access points, cell phones..etc. Most of people rely on routines performed by these devices to do the job without awareness that these devices may as well be exposed in an open environment that adversaries may hack them as a resource to perform a further attack. A 2 seconds disconnection may not be considered an abnormality, a jitter can do that too. But it could be a signal of successful hacking. So, if Trusted Computing can do attestation against altered software, why don’t we apply it to embedded system? “It will raise the cost!” you may say, but once there is a large-scale planned attack over the software on routers, you’ll get rich~.



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: