Why is corporate adoption of the trusted computing standard still very low when over 70% of new computing devices have built-in trusted platform modules (TPMs)?
Trusted Computing, and its various implementations, have been a perennial topic since the mid 1990s, writes Rolf von Roessing, international vice-president at ISACA. The first initiative, such as the "Clipper chip" met with grass-roots resistance, and subsequently industry resistance, as many thought this a misdirected attempt at government supervision and surveillance. While the technology has undergone several cycles today, this latent suspicion is very much alive. When companies introduced TPM modules and related devices as a standard in personal computers and laptops, a substantial number of companies outside the United States purchased machines without the trusted computing hardware, simply because of concerns regarding privacy and security.
Both the architecture and the design of TPM-related device are highly controversial, as opponents point out the risks related to privacy, market monopolies, misuse of digital rights management and many others. More pragmatically, the operating system support for the TPM has not been fully implemented to date, as witnessed by failed initiatives such as Palladium. Most importantly, Windows Vista as one of the leading operating systems did not support the trusted computing models and architecture.