Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Microsoft Businesses DRM Security Your Rights Online

Microsoft Kills Off Its Trustworthy Computing Group 99

An anonymous reader writes Microsoft's Trustworthy Computing Group is headed for the axe, and its responsibilities will be taken over either by the company's Cloud & Enterprise Division or its Legal & Corporate Affairs group. Microsoft's disbanding of the group represents a punctuation mark in the industry's decades-long conversation around trusted computing as a concept. The security center of gravity is moving away from enterprise desktops to cloud and mobile and 'things,' so it makes sense for this security leadership role to shift as well. According to a company spokesman, an unspecified number of jobs from the group will be cut. Also today, Microsoft has announced the closure of its Silicon Valley lab. Its research labs in Redmond, New York, and Cambridge (in Massachusetts) will pick up some of the closed lab's operations.
This discussion has been archived. No new comments can be posted.

Microsoft Kills Off Its Trustworthy Computing Group

Comments Filter:
  • Good (Score:2, Funny)

    by sexconker ( 1179573 )

    Trusted computing was always destined to be vaporware. Nobody wanted it.

    • by mark-t ( 151149 )
      I agree, but I think that the article is talking about something different than that.
      • Re:Good (Score:5, Informative)

        by ihtoit ( 3393327 ) on Friday September 19, 2014 @07:34PM (#47951167)

        yep, they're completely different animals.
        Trustworthy computing: ensuring reliability and integrity of the user experience
        Trusted computing: securing the system against the user.

        • Exactly. Microsoft tried to secure the software against the users, and tried to tell everyone it was more plain security.

          I'm glad users didn't swallow it. MS's lame attempt at confusing everyone got the ridicule and hate it so richly deserved.

          • by lgw ( 121541 ) on Friday September 19, 2014 @11:32PM (#47952015) Journal

            Had TC been an open standard, it could have been a great thing. Think: locking down one VM such that no virus can taint it, which you can then use to scan the rest of the system with assurance that the results are valid.

            But instead it was a joke. I was doing standards work while the TC "standard" was being hammered out, and while they were in the same Hotel as real ISO standards work, you had to be there from a member company and sign an NDA to even listen to the discussions. We didn't take them seriously (the normal ISO/INCITS rules are that anyone who shows up can participate, you only need to be from a paying company to vote, and that minutes are always public).

    • Re: (Score:2, Offtopic)

      by WorBlux ( 1751716 )
      How else can you verify the integrity of firware + bootloader + kernel? It seems like a useful thing to me, if I'm the one who gets the keys.
      • by Anonymous Coward

        But you wont get those keys - that's the whole problem.

    • If you like your trusted computing, you can keep your trusted computing.
    • Trusted computing was always destined to be vaporware. Nobody wanted it.

      Except for the armed forces and DOD....

      I could be wrong, but I thought that Trusted Computing was originally developed for the military. Only afterwards was it corrupted to include DRM, etc...

      • Re:Good (Score:4, Insightful)

        by mlts ( 1038732 ) on Friday September 19, 2014 @11:00PM (#47951925)

        I found that this technology has two edges to it. The first is its use for DRM, but the second is something I've found useful.

        A TPM chip can come in handy with BitLocker. It means that brute forcing a drive's password becomes not an option, as an attacker is faced with the full 128 or 256 bit keyspace of AES. Unless an attacker can uncap the TPM chip, brute forcing a password will only cause the chip to lock due to excessive attempts and not allow access in any way.

        It also provides peace of mind. With a TPM + PIN + USB flash drive, if my laptop gets stolen, if I have the USB flash drive on my keychain, I know the laptop's contents are protected. Even if the keychain is stolen, there is still the PIN which has to be guessed. If the MBR or BIOS are modified, it will be detected, and not allow the machine to boot. Not 100% security (XKCD rubber hoses and cold RAM attacks will beat it for example), but good enough.

        Problem is that this type of technology to ensure malware hasn't tampered with the boot process tends to be far more often used to keep legitimate people out of their device rather than to allow legitimate device owners to keep control of their data.

        • During boot, Windows will write log entries to the TPM. Every time a module or driver is loaded, the signature, hash code etc. is written to the TPM.

          When the OS is up and running a client can request the TPM to issue the collected log entries, digitally signed with a key residing in the TPM. The boot log is then sent to a "health certificate" server. The health certificate server can inspect the log (after verifying its authenticity thjrough the signature) to see if any untrusted or known malicious software

    • Re: (Score:2, Offtopic)

      by CanEHdian ( 1098955 )

      Oh, the MPAA, RIAA and BSA were screaming for it... the "trust" in "trusted computing" was that you as a "trusted computer" user could be trusted not to get around any kind of Digital Restrictions Management system... to be introduced once your head is already firmly stuck in the noose.

    • Trusted computing was always destined to be vaporware. Nobody wanted it.

      Untrue. The big media companies want it so they can controll your media use. Consider that MS got a patent which would allow them to tell how many people (in the home) viewed a movie at once. The big media companies would just LOVE to charge you each time an individual "consumes" their product. No more copy ownership just a constant income source to the media corp.

      Corporate Big Brother is just as dangerous as the government form.

  • by symbolset ( 646467 ) * on Friday September 19, 2014 @06:50PM (#47950949) Journal
    Now that they have made all their software trustworthy there is no more need for the group, right? Declare victory and go home.
    • by Phroggy ( 441 )

      Now that they have made all their software trustworthy there is no more need for the group, right? Declare victory and go home.

      That's what they did when IE6 won the browser war!

  • by Hsien-Ko ( 1090623 ) on Friday September 19, 2014 @06:54PM (#47950977)
    Microsoft products will get easter eggs again?
  • by Anonymous Coward

    I've never shorted a stock; but every time this new guy makes a move I think about it. OMG... a cloud of mobile things... totally not MS's core comp. It's like what they did to Flickr. It's the same kind of stupid trend following. It's just that it's on a much, Much, MUCH larger scale. If this one craters like I think it might, it'll be taught in business schools for the next 50 years as "what not to do".

    Oh sure, a lot of people on /. would like to see MS crater; but be careful what you wish for. Do y

    • Oh sure, a lot of people on /. would like to see MS crater; but be careful what you wish for. Do you really want AAPL to be the A no. 1 tech company for EVERYTHING, including your workstation?

      Microsoft have no connection whatsoever to my workstation or what I run on it. Now explain to me how their demise is going to change that.

    • by Ol Olsoc ( 1175323 ) on Friday September 19, 2014 @07:35PM (#47951171)

      Oh sure, a lot of people on /. would like to see MS crater; but be careful what you wish for. Do you really want AAPL to be the A no. 1 tech company for EVERYTHING, including your workstation?

      I bash Microsoft here as much as anyone else - but No, I don't want Microsoft to go away.

      I want MIcrosoft to stop making awful Operating systems. We know they can do it, because XP was excellent, W7 almost as good.

      I want Microsoft to not have Updates bitch up computers.

      I want Microsoft to change their "We know what's best for you dammit!" attitude, and ignore feedback. Both Vista and W8 had people begging them not to go there.

      If you've read enough of Slashdot, you'll have noticed that every complaint about MSFT is attacked by "energetic fans" shouting that the complaint is invalid, that the person complaining is an idiot. How long is that supposed to work?

      After moving to Unix-like OS' I apparenly stopped being an idiot, because I have none of the same problems I had on any Microsoft OS - and that includes XP, which I liked. Like I said, eventually people will get tired of that crap.

      What I would like to see is a vibrant Microsoft, one that understands the customer, and the market. Why, that might even entice me to buy another computer with their Operating system on it.

      • by Zontar The Mindless ( 9002 ) <plasticfish@info.gmail@com> on Friday September 19, 2014 @08:37PM (#47951435) Homepage

        XP was excellent

        That's what inspired me to switch to Linux full-time, I'll say that much for it.

        • by tsa ( 15680 )

          You think XP was bad, but Win95 made me switch to Linux. And Linux made me switch to OSX 10 years later.

        • XP was excellent

          That's what inspired me to switch to Linux full-time, I'll say that much for it.

          Same goes for me, I also moved full-Linux as XP was such a trash can. Came back when Windows 7 was released.

      • by Kjella ( 173770 )

        I want MIcrosoft to stop making awful Operating systems. We know they can do it, because XP was excellent, W7 almost as good. (...) I want Microsoft to change their "We know what's best for you dammit!" attitude, and ignore feedback. Both Vista and W8 had people begging them not to go there.

        Maybe there's a hint there? Conservative, experimental, conservative, experimental... As long as people keep arguing if the old or new version of Windows is better, I don't think Microsoft worries. You are free to skip a version you know.

        If you've read enough of Slashdot, you'll have noticed that every complaint about MSFT is attacked by "energetic fans" shouting that the complaint is invalid, that the person complaining is an idiot. How long is that supposed to work?

        Do a s/MSFT/Linux/g and there's plenty OSS apologists too. Particularly because you got one team saying "Linux is so free and great, it's totally ready for the desktop and you should try it out" but when you have a problem the other team says "Yeah well you got it for free,

        • I think Microsoft is simply wanting to capture the enterprise market, if you capture the office then all other markets will fall into place. If you have to use Microsoft everyday at the office, and Microsoft continues with the "Embrace, Extend, Extinguish" campaign, then only Microsoft will work with Microsoft. If Only Microsoft will work with Microsoft and you are using Microsoft products in the office then you have to teach and use Microsoft in the schools If only Microsoft will work with Microsoft and no
        • I want MIcrosoft to stop making awful Operating systems. We know they can do it, because XP was excellent, W7 almost as good. (...) I want Microsoft to change their "We know what's best for you dammit!" attitude, and ignore feedback. Both Vista and W8 had people begging them not to go there.

          Maybe there's a hint there? Conservative, experimental, conservative, experimental... As long as people keep arguing if the old or new version of Windows is better, I don't think Microsoft worries. You are free to skip a version you know.

          After W8, I stopped using Windows altogether. I am also free to not use them.

          And yes, it is obviously, completely clear-no doubt about-it that Microsoft does not care one bit about their customers.

          Even respectful input is dismissed. A complaint is a gift. Micrsoft has adopted the concept:

          "If we ignore the customer long enough, mayb he'll stop bugging us."

          And you seem to agree with them that it is a good practice. I quit bugging them, they have achieved their goal fo rme at least.

          As for conservat

      • I want MIcrosoft to stop making awful Operating systems. We know they can do it, because XP was excellent, W7 almost as good.

        Funny how time changes things. Or time changes people into Stockholm Syndrome victims? I remember when XP first came out and it was ridiculed for being Windows the Teletubbies edition, and how people laugh at HotFix #1 being released on the release date of XP, and how Microsoft had previously declared that there's no more buffer overflows in Windows, and of course, HotFix #1 was for a buffer overflow....

        • Or time changes people into Stockholm Syndrome victims?

          Yeah, I have seen a clear Stockholm Syndrome developing around XP. :)

      • by jd2112 ( 1535857 )

        I want MIcrosoft to stop making awful Operating systems.

        Windows 8/8.1 and Server 2012 aren't bad operating systems. They are just hobbled with hideous user interfaces.

        • Re: (Score:2, Informative)

          by jones_supa ( 887896 )

          Windows 8/8.1 and Server 2012 aren't bad operating systems. They are just hobbled with hideous user interfaces.

          There's also some new vomit-inducing screenshots of the Start Menu colors [neowin.net] of Windows 9. It's still nice that the menu is coming back, but they seem to be going full-kindergarten in terms of appearance.

          • by jd2112 ( 1535857 )

            Windows 8/8.1 and Server 2012 aren't bad operating systems. They are just hobbled with hideous user interfaces.

            There's also some new vomit-inducing screenshots of the Start Menu colors [neowin.net] of Windows 9. It's still nice that the menu is coming back, but they seem to be going full-kindergarten in terms of appearance.

            Note to self: Wait for WindowBlinds to be ported to Windows 9 before upgrading.

      • by silfen ( 3720385 )

        I want MIcrosoft to stop making awful Operating systems. We know they can do it, because XP was excellent, W7 almost as good.

        Windows remains bloatware: the kernel has too many features, the file system has too many features, the libraries have too many features, the tools are poor, everything talks to everything else, etc. Windows will never be an "excellent" operating system; they'll have to start over.

    • The problem is; as I understand it, is that Microsoft (as well as Apple and Google) have such huge cash reserves that they could afford to operate in the red for YEARS if the board of directors thought it was useful to do so. If Microsoft decided to get really serious about cloud computing and the potential for trusted computing and DRM, they could afford to take really dramatic steps to drive the market in that direction. We've seen the success of Steam and other mandatory connection, micro-transaction bus
  • by TrollstonButterbeans ( 2914995 ) on Friday September 19, 2014 @07:02PM (#47951027)
    And an insult. It was like Microsoft trying to usurp your own computer and tell you what it could do and spy on you too.

    Trustyworthy Computing had the idea that apps could prevent you taking screenshots and assert insane privileges on your own computer.

    It was offensive as hell.
    • by ihtoit ( 3393327 ) on Friday September 19, 2014 @07:30PM (#47951149)

      I thought Trustworthy Computing was a scheme intended to ensure that no part (of the user experience) could fail?

      As opposed to Trusted Computing, which I think is what you're actually referring to here, this instead of protecting the system from failure, secured the system against user violations such as overwriting the bootloader with one that isn't signed (like for instance, replacing or enhancing the BIOS with a signed EFI that prevents the user from installing alternative OSes such as OSX onto a commodity x64 or GNU/Linux onto a MS-subsidised laptop (think £250 deal at PC World. How do you think they get so cheap?)), TPM and TXT which can be used in tandem to lock a software license/instance to a specific machine using a specific hardware setup where the hardware has burned-in unique RSA hashes per device (didn't MS do this with Windows at one point where even replacing a wireless card killed the COA key?), Asshole Detectors (I don't know if this term is in common use, it just sounds cool) such as XBox Live, and vendor lock-in on the pretext of securing a closed network (such as the aforementioned XBox Live, any number of persistent online games such as World of Warcraft...)...

      • secured the system against user violations such as overwriting the bootloader with one that isn't signed (like for instance, replacing or enhancing the BIOS with a signed EFI that prevents the user from installing alternative OSes such as OSX onto a commodity x64 or GNU/Linux onto a MS-subsidised laptop

        Which has not happened. Seriously. All x86 systems have the ability to turn off secure boot.

        • No, all consumer x86 should have that ability. Not that they all actually work properly to the UEFI specs once you do. But on an unlocked platform you should be able to add custom keys. Anyways, some embeded x86 systems can be locked (beside intel allows it only on chips designed to go into DVR's and other embeded devices)
          • No, all consumer x86 should have that ability.

            Yes, as specified by Microsoft themselves. They shouldn't have to say it, but you know the OEMs are lazy as shit and wouldn't offer the option if they could get away with it.

            Not that they all actually work properly to the UEFI specs once you do.

            Meaning what?

            But on an unlocked platform you should be able to add custom keys.

            And you can, I have.

            Anyways, some embeded x86 systems can be locked (beside intel allows it only on chips designed to go into DVR's and other

            • A lot of the UEFI systems with secure boot, it's either Secure boot + UEFI or legacy boot. It gets difficult to make unsecured boot on UEFI. But poor firmware implementation is nothing new.
      • I seem to be one of 10 people commenting incorrectly.

        Which goes to show how bad Microsoft is at marketing.

        And because of this flaw, they can't make any products in-house and will have to pay $2.5 billion to buy a game with Nintendo 64 style block graphics from the 1990s.

        Either way, if as you say, they wanted to make sure "no part of the user experience could fail", they failed that goal when they shipped Windows 8.

        In their pursuit to ensure a good user experience, perhaps they had a plan for spammers a
        • by lgw ( 121541 )

          The engineers working on Windows 8 knew the Metro UI was crap for the PC. The usability studies all showed that the Metro UI was crap for the PC. It was senior management that forced the issue over the protests of those involved.

          The reason I have hope for MS yet is the result from all that. The entire management chain responsible for that, right through the CEO, all of them gone. Gates, Ballmer, Larson-Green, and middle managers below her well fired or moved away from PC computing. Someone, somewhere, d

        • If Microsoft, or anybody else, cared for the UX, we wouldn't have to relearn how to do the same old things every time a new edition of their systems is released.

          When you read user experience, think about user lock-in through interfaces. Everything coming from MS Apple Canonical Gnome et al. will be understandable.

    • by sphealey ( 2855 )

      - - - - - Trustyworthy Computing had the idea that apps could prevent you taking screenshots - - - - -

      While I personally agree with your point, organizations with strong security requirements have to at least attempt to forestall the Ivan Vorpatril security hole.

      sPh

  • by Anonymous Coward

    I think someone "missed" the punchline to all of this.. they handled the MS Security Updates notifications and the Patch Update communications.

    This was predictable after the August and September debacles.. they already knew they're jobs were gone..

    Developers who claim the code is "Self Documenting" should not be allowed to wield sharp objects at your servers.

    All patches will have to be defaulted off.. or you might as well abdicate to the Cloud.. good luck holding them Accountable for "anything".

    • Re: (Score:2, Interesting)

      by Anonymous Coward

      "MS Security Updates notifications and the Patch Update communications" (TwC Security Comms") has been moved over to corporate marketing (CorpCom) under Frank X. Shaw, notorious for his distain for security and his repeated attempts to kill any comms that admitted any flaw/vuln/issue ever. Same guy who dismisses all vuln researchers as "criminals" -- including all partners who do bug bounties or consultants who produce workarounds for customers .

      After today, don't expect to get any honesty out of Microsoft

  • by Anonymous Coward

    "The security center of gravity is moving away from enterprise desktops to cloud and mobile and 'things' "

    This has been microsoft's goal since they announced Windows 8 and it's bad. The cloud is not trustworthy, it was shown to not be many times over and no sane enterprise will allow the cloud to take over local desktops/servers.

    • The cloud is not trustworthy, it was shown to not be many times over and no sane enterprise will allow the cloud to take over local desktops/servers.

      Unless it's cheaper. Then as long as nothing happens, managers get bonuses for the savings their decisions have earned the company, and if something does, it's an unforeseeable event that was the fault of some evil haxor.

  • - - - - - the industry's decades-long conversation around - - - - -

    "Conversation" is bad enough, but what does the word "around" in this type of sentence even mean? That the conversation never actually gets anywhere or accomplishes anything specific, but just circles 'around' and 'around' a problem that should be analyzed, detailed, and solved (or firmly documented as unsolvable or uneconomic)?

    sPh

    • Around in this context means next to and including.

      The subjects over lap somewhat but do not completely encompass the concept.

  • This is great news on one hand, but a sad reminder of how some of the core ideas behind this "technology" have advanced. I remember when the first bits of information on "Palladium", as it was called at the time, started to leak out. There was a lot of talk about how software companies could lock down their applications to restrict their use or make them disappear from the device on a whim. Also there was speculation about how the government could use it to track and watch everything done on the device. Wel
    • by JayTech ( 935793 )
      Why is this modded offtopic? Ah yes, because some define "Trustworthy Computing" as exclusively meaning a platform that has gained trust by the user. But you have to look at the whole picture. Security was always the first "pillar" of the "Trustworthy Computing" initiative. Protected execution and secure I/O were features Microsoft desperately wanted to incorporate into their code - the thinking being if the code couldn't be modified in ways the programmers never intended, then users *could* completely trus
  • ...or does anyone else get a slight chub hearing that M$ is not doing so hot anymore? Will there be a day that the M$ lawyers get the axe, and all this BS about their licenses will go away too? I don't mean that I'm glad to hear of the job losses, but I mean come on, we're talking about some of the brightest people in the world. They should be able to use their brains in ways to make a living - even if that means that the computing world gets better due to lack of restriction by M$ on these people's abili
    • by sgage ( 109086 )

      "Is it just me, ...or does anyone else get a slight chub hearing that M$ is not doing so hot anymore? "

      It's just you. But whatever turns you on...

    • Are you kidding me? Microsoft might as well be IBM. They have such a huge installed base of corporate buyers, they could shovel out garbage for 2 decades and make $40 billion a year.

      They could make Steven Elop their CEO, and even he couldn't begin to run Microsoft into the ground.

      In fact, they should just to prove that their company is so entrenched that even an idiot could run it.

      And they could drive home the point, by having one run the company just to show the world!
  • I'm guessing the desktop isn't the enviable real estate it once was. They're probably going to fumble around in the mobile space some more. The last time they were caught this flat-footed by a new technology, IBM was trying to start up competition with them on the desktop and Microsoft's position was quite strong. They just had to... borrow... the TCP/IP stack from BSD and they were good to go. They just had to poke IBM in the eye a couple of times to convince them to go elsewhere. I suspect they'll find Go
  • Fuck you dice and your bogus planted "stories". That's my answer.
  • I don't trust myself to comment...

No spitting on the Bus! Thank you, The Mgt.

Working...