Recall: Trusted Computing allows data to dictate what Operating System and Application is used to access it
This, in turn, has many implications.
Positive
- Allows large corporations to specify how their data is used.
- In particular, it is now possible to specify policies like: "you can view this document, however you can not take screen shots, print it, or mail it to other people."
- It is also possible to specify policies like: "this document can only be opened on this particular computer" or "this document can only be opened inside of the company network"
- Above policies can guarantee that even if industrial espionage occur, the data is still encrypted and not readable to the digital thiefs.
- New highly secure operating systems: Microsoft's Palladium,
Linux's Trousers.
- Microsoft's Palladium is still in development and we do not have much details on it.
- However, in the open source case, having the TPM verify the Bios means that it's hard to place rootkits in the BIOS.
- Having the BIOS verify the OS means it's hard to place root kits in the OS.
- Having the OS verify the Application means it's hard to place trojans in applications.
- Protection against computer viruses. (TPM can verify Bios, Bios can verify OS, OS can verify applications -- hard for viruses to attack.)
- Protection against stealing data. Is Data is properly sealed, even if it's stolen, the digital thief can't open it.
- Online transactions: The ability for Banks to verify that you're running a secure operating system and a secure browser over a secure network rules out attacks like:
- Eliminates online cheating in game by verifying OS / Application.
Negative:
- Loss of privacy and control for the end-user through malicious features. Imagine someone at a large corporation that your TPM chip reports to who sees all the contents on your computer. Microsoft Windows had a feature that reported back all the software on a users computer.
- Corruption:
- Currently, emails have email traces. However, with Trusted Computing, email messages can be properly sealed so that they can not be opened at a later time.
- This makes it harder to track insider trading -- a trader can view the message, act upon it, and at a future point, no longer be able to open the message. This protects the corrupt 'manager' over the traders. In particular, when the trader is investigated, he/she has no way to open the sealed the message to prove that the manager ordered the trade. (This generalizes to other illegal activities as well).
- The concentration of power in large corporations and government, which is undemocratic. Every operation on your computer may require explicit permission from a large corporation or government.
- Loss of competition in the software industry. Less space for free and open source software to operate. If Microsoft decides to prohibit non Microsoft software from opening documents through trusted computing, then software like Open Office would not exist.
Suggested Public Policy
Trusted Computing is a young concept which industry promotes and the general public distrusts. However, we don't know the comprehensive effects of trusted computing yet. Research shows that there are merits to the concept. Trusted Computing should be given an environment to develop until we understand how to apply its merits better.- Trusted Computing should neither be prohibited nor enforced, but it should be regulated because of sensitive issues of trust and privacy.
- The owner of the computer should decide whether to enable the Trusted Computing Chip when purchasing computers. This way, owners could choose to delegate their trust to certain corporations and enjoy the benefits of trusted computing such as verification.
- The trusted computing chip on certain computers must have the option of being turned on and turned off at the user's will. So when a user accesses websites and documents that require verification, the trusted computing chip can help verify the user. When the user wants privacy, the user can simply take out the chip.
