Security improvements promised by trusted computing Alliance may come at a price. Bill Goodwin reports
Trusted computing is perhaps one of the most radical developments in desktop computing since IBM launched its first PC back in the 1980s.
The technology is championed by a consortium of the world's leading IT players which includes Microsoft and Intel. It will have far-reaching consequences for the way organisations use and deploy information technology.
Suppliers that back the trusted computing concept promise better desktop security; better protection from viruses and spam, genuinely secure e-commerce and the ability for businesses to guarantee the confidentiality of data and documents.
Yet many observers are wondering whether the real beneficiaries of the proposed Windows/Intel trusted computing platform will be not the end-users but the suppliers themselves.
Critics fear that rather than giving users more choice, the technology could lock them ever more deeply into the Wintel market dominance.
Judging from the poor turnout at last week's Trusted Computing Masterclass, the first major conference to be held on the subject in the UK, the implications of the technology have yet to appear on the radar screens of the UK's overworked IT professionals.
"The British computer industry is sleepwalking into a potential disaster," said masterclass organiser, Eddie Bleasdale, head of Netproject. "There is such a big change coming that if people are not careful, they will find themselves locked into propriety technology."
The ideas behind trusted computing have been around for some years, but the concept came to prominence about three years ago when Compaq, HP, Intel and Microsoft created the Trusted Computing Platform Alliance to develop a secure PC architecture.
The alliance, which numbers about 190 firms, has proposed a Trusted Computing Module (TCM) which will add low-cost encryption and authentication technology to the desktop design.
Microsoft is also developing an operating system technology - Palladium - to run on the TCM architecture. It is designed to help businesses to guard their corporate secrets from the prying eyes of competitors and the destructive activities of hackers and computer virus writers.
Stefek Zaba, a computer scientist at HP labs in Bristol, one of the founding members of the alliance, described the advantages. "Trusted Computing Platform Alliance will give you a better place to store your encryption keys, to put your sensitive documents. The hardware of the PC will give you more help with sensitive information, which you have liabilities to protect. It will help you to comply with data protection and financial services regulations."
Businesses will be able to use the technology to lock down the security of their desktop PCs, Zaba said. In non-secure mode, PCs will function as normal, giving users access to word processing and the Internet. In secure mode, the desktops will only run the software and Internet services that businesses actually want.
The most controversial aspect of the technology is the potential it gives to software developers to create a new generation of applications that will allow business to have unprecedented control over the data they generate.
For example, they will be able to specify who has access to their data, when they can look at it, and what they can do with it. This capability, known as digital rights management, offers some enormous potential benefits for end users.
A pharmaceutical company, for example, could ensure that documents which contain details of clinical trails could only be read by certain employees.
A managing director could also send market-sensitive information to fellow directors in an email that, Mission Impossible-style, would self-destruct after 30 days.
Record and film companies could rent out electronic albums and videos, confident that they will only be played once by the person who paid for them. The same technology could ensure that films are only viewed on approved viewers - a powerful weapon against the piracy that is plaguing the industry.
But the technology presents huge potential dangers. As Alan Cox, Linux developer at Red Hat, and one of the speakers at the Trusted Computing Masterclass said, it is the IT equivalent of atomic power: it can be used constructively, but it also has the potential for great harm.
Trusted computing and Palladium could sweep away all the current safeguards that protect end-users when they are involved in a licensing dispute with their supplier.
"At the moment, I cannot walk into your building, remove my copy of your software and walk out. With digital rights management I can do that," he said.
"Imagine that the people selling you accounting software arrange it so you can't access your data unless your licence is current," said Cox. "If you change your accounting software you might find you can't access your data from five years ago without buying another licence to the old software."
"It is the equivalent of driving along in your car and having your car slam on the brakes, stop and refuse to move because you haven't paid your MoT," he said.
In Microsoft's defence, John Manferdelli, general manager for the Palladium programme, said that digital rights management is not an inherent part of Palladuim. The new operating system will make digital rights easier to enforce, but it is up to suppliers to develop the software to take advantage of it.
"We are not out to screw anyone, but of course someone could," he said. "The answer is the same as with any operating system. You sell someone the operating system and you let them build applications. You can't really control what they do with it. If people start using bad policy, customers will simply say, 'I am not using your stuff, forget it'."
Competition from other suppliers will act as a deterrent to this sort of abuse, said Zeba.
There are already strong remedies for when software monopolies exploit their positions. "Does this technology make it more easy for monopolies to be exploited? I have yet to be convinced that it does," he asked.
Ross Anderson, head of the Computer Laboratory at Cambridge University, is one of the most vocal critics of Palladium. He said that, in practice, users will have little real power if their suppliers abuse the capabilities for digital rights management.
"There is only an illusion of choice here. If Palladium becomes the norm, you will have the choice to use it in the same way that you have the choice whether [or not] to use Windows," he said.
Anderson urged IT directors to think about the consequences of Trusted Com- puting and Palladium now, before it begins to roll out.
"You are going to have to think a lot more carefully and strategically. You have to start thinking, when you commit to new application suppliers, about what sort of terms you keep in the contracts. Is it going to be necessary to put in explicit clauses which compel them to make the data available in an exportable format?"
Why choose Trusted Computing?
- It allows remote secure systems administration of PCs
- Administrators can be sure that the PC follows company security policy
- It allows authentication of users connecting remotely
- A remote PC can check whether the PC it is connecting to may have been compromised
- It improves security of e-commerce by confirming the identity of the connecting PC and that it is a trusted secure platform
The case against Palladium
Technologies such as Palladium raise important questions about censorship and the control of information, says Ross Anderson, head of the computer laboratory at Cambridge University. The platform gives software suppliers tha ability to develop applications which, for the first time, could prevent the public viewing documents and files deemed to be either unacceptable, illegal or in breach of copyright.
By offering the potential to make all electronic copies of a document unreadable, Palladuim and similar technologies could undermine the centuries-old right to disseminate information. It also means that governments may be able to censor the publication of official documents that they regard as politically embarrassing.
Microsoft could, argues Anderson, create applications for Palladium that would selectively disable pirated copies of its software. The same technology could be used to selectively disable all copies of Microsoft Office in China, for example, if political tensions grew. "People should be thinking very seriously about whether they should campaign with their MPs and MEPs about this," Anderson said.