03 December, 2006

Better Security May Not Be Better

There is an excellent article posted by the Electronic Frontier Foundation that describes how poorly implemented security is not better security. Trusted Computing: Promise and Risk by Seth Schoen reminds me a lot of DRM. The direction of two organizations, Microsoft Next-Generation Secure Computing Base or NGSCB and Trusted Computing Platform Alliance or TCPA, want to put restrictions in place that could force you to use certain software by certain manufacturers.

Of the fours security areas: (1) memory curtaining; (2) secure input and output; (3) sealed storage; and (4) remote attestation, remote attestation could be a problem. Developers could force you to use certain software in order to use their system. The author recommends adding an owner override to prevent problems.

Read the article yourself to learn more.

No comments: