Thought for the day: One key to rule them all

Hard-hitting IT columnist Simon Moores gives his personal take on the hot issue of the day.Speaking at last week's Net Project's...

Hard-hitting IT columnist Simon Moores gives his personal take on the hot issue of the day.Speaking at last week's Net Project's "Trusted Computing Masterclass", in London, Alan Cox, lead Linux kernel developer asked: "Can you trust a convicted monopolist?"

What was being discussed was a vision of the future involving a new kind of hardware and cryptographic chips. When incorporated into a personal computer, the hardware would only permit approved and validated software to run against "trusted information".

This architecture, specified by the Trusted Computing Alliance of Intel, HP, Microsoft and IBM, is fast becoming a reality. It represents a fundamental component of Microsoft's plans for the future of the Windows operating system.

A framework of trust is essential if the industry is to move forward and create a foundation for an information economy. However, concerns remain over digital rights management (DRM) and the ability to control access to software through licensing enforcement.

Alan Cox suggested that we need to think very seriously about the legislation. While DRM protects intellectual property, it also allows companies to switch off software, "without due process and legal review", Cox added.

But while DRM is an important piece of the trusted computing puzzle, the largest part involves the question of who determines trust.

With on-chip processors and greater protection, who owns the keys and who says what can and cannot be executed on a device?

Will it be Microsoft with its new Palladium architecture and, if so, would you also trust the people it works with? This is a big deal in places such as China and Saudi Arabia", who may be concerned with Microsoft's relationship with the US government.

"Key ownership is everything", says Cox and, borrowing from Lord of the Rings, added: "One key to rule them all and in the darkness bind them."

But perhaps we've got it wrong. Since I wrote my last column on Microsoft's Palladium strategy, I have spent time with Microsoft's vice-president, Mike Nash and John Manferdelli, the general manager of the Windows Trusted Platform Technologies, and my opinion has changed.

It was Manferdelli's job to argue Microsoft's corner against Alan Cox and he painted a rather different picture of Microsoft's plans for trusted computing than those that many people suspect they might have.

He said "Palladium is about machine integrity and not about Microsoft controlling the keys to everyone else's content. We're reluctant to depend on what we don't trust and today's PCs were not designed with security as a priority," he added.

Palladium, like the licence management in Windows Media Player, is a concept that can be turned on or off by the user. It offers a secure execution environment, but according to Manferdelli, the four important "trust" elements to consider when it's turned on are:

  • You know who or what it is and it's not an imposter

  • You know its state and it has been properly initialised

  • You know that it can't be tampered with

  • You know that your communications with it are private and tamper proof

Palladium appears to represent a way to escape from numerous risks that surround today's computing. It can only work with the commitment of the entire industry towards the development of a trusted computing architecture.

There are many issues to be resolved where trusted relationships are concerned. If we're honest, the industry is in a huge mess of its own making.Times are likely to become worse before they become better. Each month sets a new record of security breaches in one form or another.

As I write this column, I can see an attempt to scan my own system from the Internet and I would much prefer a future without spam and the constant risk of information theft.

If, as Manferdelli suggests, Palladium is an answer, then that's fine by me. If the open-source community can do better, then let market forces decide on what the shape of trusted computing will be in five years. It has to be better than an atmosphere of little or no trust at all.

Click here to read the report >>

What is your view?
You have heard the arguments for and against Palladium. Has this changed your view? Tell us in an e-mail >> reserves the right to edit and publish answers on the Web site. Please state if your answer is not for publication.

Zentelligence Setting the world to rights with the collected thoughts and opinions of the futurist writer, broadcaster and Computer Weekly columnist Simon Moores.

Read more on Antivirus, firewall and IDS products