Applied Cryptography, Second Edition, Bruce Schenier. John Wiley & Sons, 1996.
This book, by famous security expert Bruce Schenier, talks about fundamental cryptographic algorithms, including both public and private key systems. It focuses less on the mathematical derivations and more on practical uses. As such, it's a useful book for understanding the technical details behind Trusted Computing.Can you trust your computer?
http://www.gnu.org/philosophy/can-you-trust.htmlStallman, the vocal originator of GNU, FSF, Emacs, and the open source movement, calls Trusted Computing "Treacherous Computing". In this article, he argues how trusted computing fundamentally moves the control of the computer away from the user and into the hands of external parties. He raises examples of what Treacherous Computing can do, how TC can eliminate free operating systems (by preventing them from being installed), and in general how it restricts liberaties.
Palladium and the TCPA
http://www.schneier.com/crypto-gram-0208.htmlTCPA is the spec. Palladium is Microsoft's proprosed implementation. In this article, Bruce Schenier points out why Microsoft wants TCPA and how it violates the "First Sale Doctrine". He also points out the devious definition of a "trusted computer" and Microsoft's business links to RIAA/MPAA.
A movie about trusted computing
http://www.lafkon.net/tc/A non-technical, short movie about trust and how trust is shifted in trusted computing. We'll link to this (because movies are cool), but it lacks real technical meat.
DRM Based on Trusted Computing Chips
http://yro.slashdot.org/article.pl?sid=06/02/19/070202A slashdot article. Apparently, Lenovo already has thinkpads with builtin trusted computing chips (which accesses the fingerprint sensor.)
The Digital Imprimatur
http://www.fourmilab.ch/documents/digital-imprimatur/Good explaination of Trusted Computing. Great quote: "in the current jargon, has little or nothing to do with traditional concepts of software reliability or data security. Instead, it refers to an effort to embed end-to-end validation of the origin and integrity of data into computing hardware and system software." Talks about the positive, consumer benefits of TC -- micropayments, secure internet; also problems -- end of anonymity.
TrouSerS -- The open-source TCG Software Stack
http://trousers.sourceforge.net/We're still digesting this article. It appears to be an open source project, based on Linux, taking advantage of the TPM chips already in machines, to provide all the consumer-level advantages of TPM w/o any of the negatives.
OLS: Linux and trusted computing
http://lwn.net/Articles/144681/An article on Linux and trusted computing. What's cool about this is that it talks about how (assuming Linux can be installed on future TC machines) TC can be used to improve Linux security by protecting application/OS from each other. Linked to the TrouSerS site above.
TCG Specification Architecture Overview
https://www.trustedcomputinggroup.org/downloads/TCG_1_0_Architecture_Overview.pdfBest formal technical explaination we've found on trusted computing (from an official source). The details are a bit weak, but good diagrams we can pull for our website.
Wikipedia Entry on Trusted Computing
http://en.wikipedia.org/wiki/Trusted_computingGood informal analysis on the non-technical aspects of trusted computing and its implications on society including positives uses such as (copied verbatim):
- Digital rights management
- Identity theft protection
- Preventing cheating in online games
- Protection from viruses and spyware
- Protection of biometric authentication data
- Verification of remote computation for grid computing
TECHNOLOGY; A Safer System For Home PC's Feels Like Jail To Some Critics
http://query.nytimes.com/gst/fullpage.html? res=9805E2DD143AF933A05755C0A9659C8B63&scp=5&sq=%22trusted+computing%22&st=nytThis article gives the general public one of the first glimpses of trusted computing and how it may affect their everyday lives. This article discusses both sides of the argument and shows how untested the concept of trusted computing is.
