Shakespere on Trusted Computing
Glendower. I can call spirits from the vasty deep.
Hotspur. Why, so can I, or so can any man. But will they come when you do call for them?
Every so often I am asked about Trusted Computing as if it was a new idea. On the contrary we have trusted computing today. The problem is that what is Trusted is not Trustworthy. As Hotspur would put it, anyone can make a computer trusted by simply deciding to trust it, the problem is knowing if that trust is well placed or not.
There is a tendency to dismiss the difference as marketting speak. In fact the difference is a core security concern. Security is risk management, not elimination of risk. The term 'trusted' implies a binary condition. The term Trustworthy reminds us that we should always remember to ask for what purpose?
Trustworthy hardware addresses one part of the computer security puzzle - preventing compromise of the operating system platform. That is an important goal and one that will become increasingly important as vendors gradually wring the security bugs out of the critical execution parths in the upper operating system layers. But merely adding a TPM chip does not make the user of the computer invulnerable to attack.
