UK Government Pushing For 'Trusted Computing' 291
Motor writes "As has long been expected — we are now beginning to see governments pushing for the use of so-called 'trusted computing' — chips installed in all computers that effectively remove control of the PC from its owner. While there may be security advantages to some of the ideas, few can doubt that it represents a fundamental shift in the IT world. A radical move away from an open technology landscape and towards a system that denies all access unless you have the right credentials. Governments will demand the right credentials to access their services — meaning approved software stacks (i.e Windows) with the right digital signatures. Vernor Vinge had it right ."
No, Thank You, Dear Government (Score:5, Insightful)
Comment removed (Score:5, Insightful)
Re:No, Thank You, Dear Government (Score:5, Insightful)
These are making the public safe online and ensuring the country is one of the best in the world for online business; making the UK more resilient in the face of cyber attack and better able to protect its interests; proving a more "open and vibrant" cyber security environment; and having the knowledge, skills and capability to underpin these.
"Building the most resilient cyber defences in the world will not help if you are suffering from intellectual property theft," he said. "Trusted computing underpins security and can underpin growth, providing confidence in transactions, expanding markets and making them function more efficiently."
The first quoted sentence is the usual self congratulating typical for British politicians, nothing to see here, move along.
The second part of the quote starts with divulging who is sponsoring this 'action'.
Bah!
Re: (Score:2)
My Linux machine is well-protected and I don't need your meddling nor do I need Microsoft's.
That is indeed one of the reasons why this will not work: there are people using all kinds of different OSes, including all the mobile ones, desktop OSes and whatnot. If the UK government were to only allow devices with the trusted computing built-in both the hardware and software they'd be instantaneously removing access for everyone who is used to using mobile devices to access those services.
Another case of government not understanding technology, yet still pushing everyone to adopt it.
In politics "this will not work" is not the same thing as "this will not happen". More often, it is the opposite.
Thank you, Governments, you corporate sled bitches (Score:2)
That is indeed one of the reasons why this will not work: there are people using all kinds of different OSes, including all the mobile ones, desktop OSes and whatnot. If the UK government were to only allow devices with the trusted computing built-in both the hardware and software they'd be instantaneously removing access for everyone who is used to using mobile devices to access those services.
Another case of government not understanding technology, yet still pushing everyone to adopt it.
oh, i think it understands that part alright. if you have TPM and signing keys to it you can run whatever you like. this is pretty cool feature for servers and workspace hardware. if you have the keys, that's it.
BUT the whole point here is not about technology so much as about taking away people's access to the hardware they supposedly own (which, coincidently, would also nicely decrease number of "kinds of different OSes" people use and even number of their versions). and there are a looot of organizations
Too many issues (Score:4, Insightful)
There are too many issues of lock-in and lock-out associated with so-called "Trusted Computing", in particular the potential to block users from installing their operating system of choice on the hardware they own.
So far the TPM initiatives deployed by the vendors have failed one after the other. X-Box, PS3, smart phones -- every TPM system I know of to date has failed to provide the protection promised, while restricting freedom of choice by the general public.
As a result, the only ones who really benefit from TPM are those who want to implement hardware DRM (digital restrictions management.) I'm not willing to give up my software freedoms to support the media companies.
Re: (Score:2)
That is indeed one of the reasons why this will not work: there are people using all kinds of different OSes
This is one of the reasons why it will be done anyway. It's an excuse for governments to supply more customers to their most valuable constituents. They don't know or care about open source or your freedom.
Re: (Score:2)
No worries, Mate! Linux users will figure out a hack soon enough. In fact - the criminal element probably already has an angle on it. Criminal kingpins in Russia discussing this article with criminal kingpins in America:
Russian: So, the UK thinks they can block us?
American: No, I don't believe that they think that - they are just challenging us to get more creative.
Russian: You mean, something like counterfeit chips?
American: For starters, yes. We just get some knockoffs made in China, and program them
Re: (Score:3)
Mobile devices are not a problem. Looked how locked down the iPad and iPhone are. That fits right in with the spirit of trusted computing.
You realize that according to figures that you can on the web jailbroken iPhones constitute from 10 to 30% of the market? And those are certainly "conservative" estimates, because judging from iOS piracy rate ([1] [tuaw.com] [2] [reddit.com]) percentage of jailbroken iDevices should be much larger!
Re:No, Thank You, Dear Government (Score:4, Interesting)
The right question to ask is: what proportion of people who bought iPhone or iPad would have still bought them if they were non-jailbreakable?
Re: (Score:3)
Re: (Score:2)
So that leaves...just linux? :P
Re:No, Thank You, Dear Government (Score:4, Interesting)
Linux can use TPM just fine.
It's one of those double edged swords - you can indeed, create a trusted platform. The question is, where does the trust reside?
Despite all the the hoo-haa about MS pushing Secure Boot for Windows 8 machines, part of me thinks it's a good thing - it will help to prevent a certain class of rootkit. The downside is that I don't trust MS not to abuse the feature to make it harder to load other operating systems on your machine. A colleague of mine was impressed enough with a certain LiveUSB this week that he intends to try it out on his ageing, ailing, overcrufted Windows machine at home. If Secure Boot was enabled on his machine, this would not have been possible.
Given the amount of software on my Windows machine at work devoted to snooping on what software I run, what files I have on my drive, and what websites I visit, the attitude is that my employer does not trust ME. To be honest, I wouldn't trust the average user not to foul up their computer. I might even welcome a trusted platform, if it meant that all this cruft went away and I could devote the resources to actually doing my job... but as a software developer, I can't run in an completely trusted environment, by definition, I have to be able to run software that has not been approved by our IT department, because I'm writing it.
Re: (Score:2)
Actually TPM allows protection in both directions. It works a bit like banks' systems. With a TPM you can secure a laptop, give it out to anyone, and you can set it up so they won't be able to break the encryption even if they know the passwords.
If you work for a company, you can give out VPN credentials to idiots that are uncopyable. If they get infected with a virus, the VPN won't come up.
I've consulted for a bank, and here's the dream : full offline money. If you have a TPM they will manage your account
Re:No, Thank You, Dear Government (Score:5, Insightful)
Re:No, Thank You, Dear Government (Score:5, Interesting)
Easily, if you hold the keys. The trick is the keys that sign the boot image need to be in your control.
Google does this with their CR-48 Chromebook. It will only boot Google-signed images. But, there is a small switch in the battery compartment to put it into developer mode where it'll boot any image.
I *LIKE* TPM, as long as I generate the signing keys for the images. Then it'll boot what *I* tell it, and not necessarily what MS or the gov't, or anyone else tell it to.
It ensure that *I* can trust my computer. Screw what they want to trust.
Re: (Score:2)
Well, the CR-48 doesn't quite do what you say you want.
In secure mode it only boots their OS. In developer mode it will boot anything. There is no option to only boot "your" OS.
I think that trusted computing is fine, as long as I control the keys in the computer. Oh, and if I get a copy of the private keys associated with any public keys that are pre-loaded in the thing (not a big deal from a security standpoint - they just need to assign a unique keypair to each PC).
Re: (Score:2)
You are correct in that it doesn't suit my needs. However, several laptops do in that they have TPM chips included, but uninitialized. You can initialize them and create the keys. This is optimal.
I really don't mind the government mandating having a lock -- so long as *I* and not *they* have the key.
Re: (Score:2)
Ah, but why would the government mandate a lock and leave it up to you to do something with it?
There's no point in that. If you really want a TPM you can go and buy a computer with one, there's no need to globally impose having it on the entire population (which won't come for free, btw).
The only point in requiring it is that there's something for the government in it, and most likely not to your benefit. Even if you do want a TPM you should oppose the government's attempt to introduce it, because it will s
Re: (Score:2)
damage from tpm hurts a free society because it allows unilateral control from authority without sufficient mitigating oversight. that's why an imperfect system is best if a free society is the end goal.
control over your own hardware is only part of the issue.
Re: (Score:2)
That would require a function to set the acceptable pubic key(s) through the BIOS. I have never seen such a feature. They are always hardcoded in ROM or stored in the TPM module.
Re: (Score:2)
Exactly. There are functions available to load the keys into the TPM module upon initialization. https://rhn.redhat.com/errata/RHEA-2008-0391.html [redhat.com]
Re: (Score:3)
Nothing is unbreakable. Intel's TPM works basically the same way game console lockout chips do, with some enhancements - and you'll notice that there's a thriving market in modchips and softmod hacks. Worst-case, Linus would've had to reverse-engineer and break the TPM. Best-case, you go to a jailbreakme.com-like site and disable it entirely from software.
Re: (Score:2)
You miss the point. MS and friends don't care what a bunch of geeks do with their systems, they are interested in locking down the mass market who wouldn't have the faintest of fuzzies there is even a problem.
Re: (Score:3)
I suppose you could work in a virtual environment.
Re: (Score:2)
Are there copyable idiots, too? :-)
Re: (Score:2)
Yes they're called pop stars
Re: (Score:2)
Yes they're called pop stars
Technically, pop stars are just easily reproducible. We'd need more advanced cloning technology to actually copy them, and if we do make copies of Britney Spears, I'm leaving the country.
Re: (Score:3)
Not to me. Why would I want it? If the bank likes it, it's profitable for them, but that doesn't mean it's necessarily profitable for me.
Offline payments also seem largely unnecessary given how the internet is increasingly available anywhere.
Also there are a lot of potential pitalls. If you transfer money to me offline, can the money disappear if the computers are never synchronized?
Re: (Score:2)
All idiots are copyable, and most have been.
Re: (Score:2)
In general TPM's allow fully disconnected trust relationships.
The government drone quoted in the article clearly states this has nothing to do with security and everything to do with DRM and controlling what is on your system.
From the fine article:
Owen Pengelly, deputy director of policy at the Office for Cyber Security and Information Assurance in the Cabinet Office..."Building the most resilient cyber defences in the world will not help if you are suffering from intellectual property theft," he said.
Re: (Score:2)
That sounds like a pretty
Re: (Score:2)
Yeah, a friggin' QuickTime movie. Brilliant.
Re: (Score:2)
Or just don't download it at all. "I don't have a problem with it. Therefore, your criticism is invalid!"
Re: (Score:2)
My Linux machine is well-protected and I don't need your meddling nor do I need Microsoft's
But is it your Linux machine or does it belong to your employer, your school, or your parents?
If your employer and others allow external access to secured internal systems, services and data, can they insist on dealing only with known, trusted, machines?
The Linux machine with no network access is, for all practical purposes, a doorstop.
Re: (Score:2)
Re: (Score:2)
Re:No, Thank You, Dear Government (Score:5, Informative)
Re:No, Thank You, Dear Government (Score:5, Informative)
Thanks for the link.
Okay, I read. I followed the included link http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html [cam.ac.uk] and read it, then spent another couple of hours reading more from a few of the links included in that article. At first blush there is some seriously horrifying stuff going on, much of it masquerading under the simplified banner of "think of the children"-style of emotional appeal but whose ultimate goal, and real appeal to the powers that be, is ultimately profit and control. Then it gets worse, IMO.
To me the warning of the dictum latterly attributed to Lord Acton (?) of "Power corrupts; absolute power corrupts absolutely." applies. [I suspect that that thought precedes written language.] If the power exists, it will be used - similar to yet farther reaching than "The 400" effectively control the US economy concomitant with its realpolitik. (I came across an article yesterday about researchers using systems analysis to determine that 1381 multi-nationals effectively controlled the planet's economy, all sans benefit of conspiracy but rather merely efficiency, but cannot find the link just now - science 2.0, perhaps; it was interesting reading, and it doesn't require a tin-foil hat to accord it some credence.)
So, if I have this a-rightly: TC does not, or will not, eventually, require more than a CPU and, at root, certain few government keys. It will be independent of OS, BIOS or UEFI, separate on-board chip, application code, what have you. Non-TC CPUs will be isolated to unconnected hobbyists; there will be no Internet functionality independent of approved TC CPUs. By extension, it will not even be possible to have private electronic-based communication amongst "ourselves" using PGP and such, because non-TC comms will not make it through any of various Internet intermediaries. And I suggest not counting on darknet.
http://en.wikipedia.org/wiki/Trusted_Computing_Group [wikipedia.org] gives a quick look at the initial industry players.
At the moment, so far as I know, volume production of chips is not a trivial or easily hidden activity; further, absent genuine keys or imaginary effective counterfeits, independent and free electronic interaction will not be possible. If you think that's a gloomy overthink, it was worse before I read the comics section.
What with proprietary formats and such, DRM, DMCA, etc. - tip of the iceberg and all that - I see this as a snowball rolling down an endless slope such that the only hope is that "the" singularity when it may happen might prove a more benign overlord or, perhaps, even companion of sorts. Meanwhile, let's continue to have fun. It's only cradle to grave, right?
On the off-chance anyone got this far: sorry for the long post. I first read on some of this back in the early 90's, and found it to be sufficiently scary and depressing then after doing a bit of extrapolation.
Any smart people with non-smart-ass ideas on how to deal with this? I'm a bit more than curious, even 'tho, at 64, it may not be personally relevant for long.
Re: (Score:2)
Re: (Score:2)
You can certainly do that. I just don't think it's easy to set up. There have been security papers, even, where people have configured Linux servers where the TPM on the server could prove to a client that the server's boot chain and software stack are verified. (Efficient? No.)
Re: (Score:2)
So if you want to play that movie or clip on mplayer instead of Windows Media Player, you're of course free not to divulge any information that you're using mplayer - but if the site doesn't get a signed "I'm using Windows Media Player" token, it won't play the video clip in question. That freedom, like the freedom to work or not to work, is worthless if there's an imbalance of power - if all the
Sad to see another country cutting its own throat (Score:3)
Re: (Score:2)
Re: (Score:2)
There are actually decent arguments that we should go back to having the Senators represent the states. I'm not aware of ANY decent arguments that this kind of thing should be mandated.
(The primary argument that the Senators should represent the states is that the Senate has gotten in the habit of mandating that the states do something, but not providing any funding to implement the requirement. If you demand that something be done, you ought, at minimum, to be required to pay for it's being done.)
Re: (Score:2)
Re: (Score:3)
The European Union is specifically not a country, not for any intents or any purposes. What the EU has is a common foreign policy and a system of rules that minimizes the impact of national borders on commerce.That's it. And the common foreign policy is on top of the foreign policy of each member state, not a replacement for it. The EU is much more a loosely federated club with very lax rules and even laxer enforcement.
Wanna know what a weak federal government looks like? Look at the EU.
Re: (Score:2)
Unless you read the UK tabloids in which case the EU is akin to the USSR and has its evil tentacles interfering in all aspects of our lives.
Re: (Score:2)
Yeh the EU so doesn't have any elections. Apart from the ones it does have every five years [wikipedia.org]. You Europhobes need to come up with a new song.
Re: (Score:2)
And the UK isn't europe!
Re: (Score:2)
Since Europe is not a democracy (since the unelected commission holds final authority, overriding everyone else's)
You read too many British tabloids.
The EU Commission answers to the governments that appointed the members.
As a matter of fact, many European countries have a government that is not directly elected but governs in the name of the elected parliament.
To make it clear to a UK audience, the members of such a government are appointed by the elected parliament, they are not members of the parliament.
It is an unholy alliance of the French and Brits that veto's any attempts to give such powers to the democratic
Re: (Score:2)
Capriciously enforcing unjust laws does NOT justify keeping around the mechanism by which bad laws are produced....
Security? (Score:2)
Will handing Microsoft that kind of power make the internet more secure?
Re: (Score:2)
Will handing Microsoft that kind of power make the internet more secure?
The first time industry handed them TPM, they provided BItlocker. So the answer is probably "yes".
Even if you rightly hate Microsoft for other reasons, this doesn't seem to be one.
Re: (Score:3)
Except that BitLocker, like other such programs, is susceptible to a cold-boot attack. http://en.wikipedia.org/wiki/BitLocker_Drive_Encryption [wikipedia.org]
Re: (Score:2)
Non sequitur. Your car and house's locks are susceptible to a lot of attacks, likely anything from picking to drilling out the lock, or breaking in through a window. That doesn't stop the locks from being useful.
The point is that from track record, Microsoft seems to not take advantage of TPM to do DRM lock-in, but instead provide features that arguably can be of value to the end user. Much as I like bashing Microsoft, I won't prematurely bash them over this.
Re: (Score:2)
Point taken. But if people can't install Linux on their PCs, what alternative will they to Windows?
Two words... (Score:5, Insightful)
Fuck. Off.
I will be the final arbiter of what runs on MY computers. Not some nebulous "trusted computing" that is in the back pocket of proprietary software conglomerates. There's no point in it unless the real agenda is to wrest control from users' hands. (The recent "secureboot" crap for Windows 8 is a prime example.) It's my computer. It's my data. It's not yours. It won't ever be yours. And no amount of fearmongering will convince me you have my best interests in mind.
Kiss my ass. No, really. Not on the left cheek, not on the right cheek, but RIIIIGHT in the MIDDLE.
Re: (Score:2)
You have the most appropriate response I've read so far. The notion of this is ridiculous!
There is not enough *wrong* with our current tech to necessitate this bullshit.
The best response is outrage, and th UK people should burn this idea to the ground and reprimand those pushing it!
Appropriate Orwell quote (Score:2)
"Nothing was your own except the few cubic centimetres inside your skull"
George Orwell 1984.
Re: (Score:2)
But also this: I don't care WHAT bullshit controls they attempt to put on a motherboard, someone will have a hack to completely defeat it within a week of it's release. Suck it, fascist government assholes!
Re: (Score:2)
There's no point in it unless the real agenda is to wrest control from users' hands.
I agree. From the article:
"Building the most resilient cyber defences in the world will not help if you are suffering from intellectual property theft," he said. "Trusted computing underpins security and can underpin growth,..."
The "he" in the above quote is Owen Pengelly, deputy director of policy at the Office for Cyber Security and Information Assurance in the Cabinet Office. They are actually being surprisingly forthrigh
Re: (Score:2)
Why stop at the CPU? If it comes to that, eventually there will be enough sufficiently pissed off and motivated individuals to make their own internet. It might take a long time if the 'old' internet becomes locked down and unusable for such subversive uses, but it too will happen eventually. The only way this could be stopped is if society itself goes into totalitarian lockdown and you can't even freely associate with people face to face. Not saying the above is impossible, but that's a few steps beyond only having absolute control over our toys.
Governments won't allow a "dark internet" to exist in any significant size, manner, or form. What are you going to use to transfer the data with? Existing internet infrastructure? A key part of the whole "Trusted Computing" plan is to eventually deny the ability to connect *anything* to the existing 'net unless it has TPM running.
Wireless mesh networks of some kind? The FCC and their equivalents in other countries will quash that right away. The key point of "Trusted Computing" is to deny access to alternat
Re: (Score:2)
As arab spring has proved, it's significantly more difficult to enforce totalitarian rule when internet is free. TPM is a key element in locking internet down from the client's side.
Re: (Score:2)
It sounds like you are indeed predicting the 'society goes into totalitarian lockdown' scenario. If that did come to pass, the side issue of ending up with an absolutely controlled and censored internet (enabled to technologies such as TPM) would no longer be worth worrying about.
What I am saying is that eliminating the ability of people to freely and anonymously communicate is one of the necessary first steps toward governments enacting a non-free society.
Once that goal of eliminating the freedom to anonymously communicate is accomplished, the other steps towards a totalitarian society will become like dominoes falling at an ever-increasing rate, with the death of free & anonymous communications as the first domino.
This is more of a warning and a reminder of the lessons of hist
There is an intellectual property-security complex (Score:5, Interesting)
Actually, no, Richard Stallman had it right [gnu.org] long before Vernor Vinge.
DRM has never been about getting paid, it has always been about keeping control. And for all the shit Microsoft got about Palladium, the Apple zealots sure turned a 180 in 2007.
But the zealots are right about one thing - the iPhone is the future of computing. And that future is a boot stamping on a human face, forever.
Re: (Score:3)
Re: (Score:2)
I agree on all counts except for one thing ... If you click through to the article (Vinge had it right), she's talking about his idea that it rises slowly without any disaster to get people to go for it. Surely Vinge built on ideas from others, everyone does. But they're specifically talking about how accepting we all are (will be?) toward it. In his Rainbows End, a character specifically says that we traded freedom for safety, implying that it was a willing transition.
I'm reminded of the main title sequence for that Babylon 5 spinoff "Excalibur", where the Technomage Galen intones, "Whom do you trust? Whom do you serve?"
RIght now, I trust my computer systems because I know they serve me, and only me. If that changes, computing will be a very different place, although the bulk of humanity may never realize it.
Re: (Score:2)
> I'm reminded of the main title sequence for that Babylon 5 spinoff "Excalibur", where the Technomage Galen intones, "Whom do you trust? Whom do you serve?"
Wow... you mangled the quote and added bad grammar.
"Who do you serve and who do you trust? [youtube.com]"
Choosing to use who and whom
Re: (Score:2)
> I'm reminded of the main title sequence for that Babylon 5 spinoff "Excalibur", where the Technomage Galen intones, "Whom do you trust? Whom do you serve?"
Wow... you mangled the quote and added bad grammar.
"Who do you serve and who do you trust? [youtube.com]"
Choosing to use who and whom
{sigh} Grammar Nazis.
I cut & paste it from somebody else that mangled it.
TPM (Score:3)
Because the certificate authorities have a really proven track record.
Also, it really helps against buffer overrun exploits which in now way is a common thing...
The usual bollocks, in other words.
Re: (Score:2)
Because the certificate authorities have a really proven track record.
Also, it really helps against buffer overrun exploits which in now way is a common thing...
The usual bollocks, in other words.
Yes, and in fact they're probably the ones who will accidentally subvert the whole thing on a Biblical scale some day, with some drain-bamaged "revenue enhancement" scheme like their ill-fated 404 redirects.
Re: (Score:2)
Why would a trusted computing architecture use "has a code signing cert issued by a CA" as a rule? They're cheap and they only provide accountability, not security. That rule isn't even sufficient for Windows drivers -- you need a cert issued by one of the CAs that's been counter-signed by Microsoft.
It al depends who holds the key (Score:2)
I would welcome a system with a strong wall against the installation of malicious software but ultimately the owner of the device should be in control.
And just as much I realise the vast majority of (Windows/ OSX) computer users find it out of their league to decide what is safe or unsafe software, a devilish dilemma!
Yet no more devilish than handing this over to the aforementioned bureaucrats.
Re: (Score:2)
And just as much I realise the vast majority of (Windows/ OSX) computer users find it out of their league to decide what is safe or unsafe software, a devilish dilemma!
Not really. There's no particular reason that an operating system can't be reasonably safe on the Internet. The only "dilemma" here is whether or not you choose to use the mainstream operating system (Windows) or something else that's more secure. Yes, I know, Microsoft has come a long way with security, but they still have a ways to go, and as long as they're the dominant desktop OS they'll have a bull's eye painted on their backs. If you want security, and don't really need Microsoft compatibility (and in
RTFA (Score:5, Informative)
The article quite clearly states that the government wants *its own* computers to have TPM installed, it doesn't mention anything about home users.
Re: (Score:2)
The article quite clearly states that the government wants *its own* computers to have TPM installed, it doesn't mention anything about home users.
Not yet.
Re: (Score:2)
The article quite clearly states that the government wants *its own* computers to have TPM installed, it doesn't mention anything about home users.
Not yet.
But the government most certainly is allowed to secure the systems that it owns and uses. It's even good practice! Same for anyone else, of course. The problem comes at the point when one person tries to take control away from another, and that's without regard for whether the oppressor is government, corporate, or anything/one else. The only true distinguishing feature of a government in this regard is its size; evil is as evil does.
In any case, I propose to worry about other things first. Like the economy
Re: (Score:2)
The article quite clearly states that the government wants *its own* computers to have TPM installed, it doesn't mention anything about home users.
I'm not sure which article you read. The original post links to the one at this address: http://www.guardian.co.uk/government-computing-network/2011/oct/21/cyber-security-strategy-trusted-computing [guardian.co.uk]
That one says nothing about putting it on government computers, and has these points implying that they are talking about privately owned computers.
These are making the
Not for you (Score:5, Informative)
What services are these? (Score:2)
Governments will demand the right credentials to access their services
When I want something from the government, I'll might be obliged to use their approved interface. But when the government wants something from me, they'll have to use mine. Paying my taxes, for example. If Windows crashing becomes a plausible excuse for not filing a return, the gov't is going to have a serious revenue problem on its hands.
Realistically, the revenue department will always have to allow paper returns for this reason. And the staff required to process them. The only way to minimize this requi
Re: (Score:2)
Yeah, right. What they'll do is to send you a certified letter saying you have a week to pay your taxes, or else. You might be able to convince them a bit longer, but the excuse won't work indefinitely. If you don't pay, they'll just give you a big fine, in addition to forcefully collecting the owed tax from your bank account.
Re: (Score:2)
Uh, more like they'll send you a certified letter saying that you're already past-due, and please file and don't forget to add the following fine to your payment.
The next step will be a police officer knocking on your door.
I doubt a tax agency is going to resort to polite reminders.
"government's leading IT security officials" (Score:2)
I.E. No-one who could actually present a bill before parliament.
This has come up before and it'll come up again, but it's not gonna happen. If this was anything more than an unnamed bureaucrat saying "this would be handy" then it might pique my interest but otherwise it's no different from an MI5 spook saying that tracking everyone's browsing would be useful to the security services.
By that I mean yes, it would be useful, but even if it was technically possible parliament wouldn't consent to such nakedly dr
Friends of friends (Score:2)
It's easy to improve security this way (Score:2)
It's easy to imporve security by taking away most of the functionality, but in most cases it isn't worth it.
Okay UK government, you first! (Score:2)
Before they start pushing out essentially untested technologies onto the public, shouldn't they test it on themselves first? If it does indeed offer "something better" let them test it on themselves and their own infrastructure first. Check to see that everything runs as it should and if not, what adjustments are needed to make it work. And most importantly, identify how it can be done fairly and without excluding various parties from participating in the marketplace.
If it can't be done without fairness
Job Creation (Score:2)
This sounds like it will start an industry. Companies building devices capable of having ID codes changed, much like a MAC address, will find themselves a large customer base.
"Security advantages" hahahahaahah (Score:3, Insightful)
underground crime networks wouldnt blink an eye and would not waste even a '0-day' before they hack them to their advantage.
Politicians are stupid from an i.t. perspective. They shouldnt be allowed to talk on anything i.t.
Do not panic (Score:3)
No need to panic: this is a suggestion from an UK civil servant. Even if it did became policy one day the work would be farmed out to a least-cost supplier, the project would be 5 years overdue and 6 times over budget. If it ever made it into anyone's home it would be cracked by 12 year old in her lunch break :-)
He was just preaching to the choir (Score:3)
Speaking at a seminar on the subject organised by Wave Systems,
Wave Systems' entire business model is built around DRM-enforcement hardware, a business model they've been failing with for at least a decade (they also have backing with lots of venture capital from companies hoping it'll eventually pay off big, so they can afford to to continue to fail for years to come). Since he was speaking at an event they sponsored then of course he's going to endorse "trusted" computing. It was just a sound bite to keep the sponsors happy and make sure they covered his speaking fees and lunch bill, nothing more.
Re: (Score:2)
What? I don't know of a single product that Wave sells that is DRM-related, at least using the copyright protection definition of the term. Most of Wave's products are related to managing full disk encryption systems, like Bitlocker or self-encrypting drives.
Re: (Score:2)
What? I don't know of a single product that Wave sells that is DRM-related
As I said, they haven't been very successful at it, but they've been trying really, really hard for more than a decade. Read their technical docs and business plans for the last ten years or so...
It's a step towards TV (Score:2)
Where you sit drooling and not involved, I mean come on... that was the ideal right? Stupid drooling and desiring to buy and be like those on TV.
That declined with the Internet, and of course the loss of financial control and distribution of media.
The powers that be don't like the Internet right wikileaks?
If ( when? ) this takes place. (Score:2)
Then its the beginning of the end for most of us, and the computer world as we know it. I hope you like your 'appliances' ( like ipads and various locked down phones, and toasters ) as that is all we will have soon.
Re: (Score:3)
This is the entirely wrong way to think. Like most technologies, this one has good uses and bad uses. To ban a technology because of bad uses is no different whether it's you doing it or a government doing it.
Lack of TPM is a deal breaker for many businesses and individual - being able to encrypt a laptop in a way that the HD can't be used if removed from the machine, and can't be booted without verifying biometric data against the TPM signed data means that even with the machine, it's just a brick withou
Re: (Score:3)
The first time around, privacy advocates were concerned that TPM would be used by the big corps to lock in the sofware more efficiently than any dongle, and create a DRM hell. But it didn't, because the vast majority of users aren't interested in paying extra for such a feature. But those who are haven't changed the playing field.
You, my friend, are either blindly naive or an idiot. The article blatantly and clearly states that primary purpose of this is to create DRM hell. The only reason it hasn't so far is that any products that use this are FAR less useful than products that don't use it and thus worth much less to the market. A nice government mandate will eliminate any ability of the market to make choices about such things. This has NOTHING to do with security. It has everything to do with control and the governments and esta
Re: (Score:2)
We will create and use our own internet and if you have one of those chips on your computer, we'll disable your access to it.
And no one will give a damn.
The geek tends to spiral into ever-narrowing circles of influence.
Windows 7 Sins. The Other OS on the PS3. The "Walled Garden" of the iOS. Dead-end protests every one of them
Re: (Score:3)
The UK does not produce anything except some biscuits and cereals (biscuits = cookies).
They are way down on the list of things we make; our pharmaceutical, engineering, chemical and booze industries are much bigger. Here's a moderately recent list of UK exports. [google.com]
Re: (Score:2)
We have a saying "Count your fingers after you have shaken hands with a Britisher".
Janis Ian once said something similar: "I always check my wallet when leaving a record company executive's office" or words to that effect.