Slashdot Mirror

← Back to Stories (view on slashdot.org)

Big 3 Roll Out 'Trusted Mobile Platform'

Posted by timothy on from the weeble-wobble dept.

An anonymous reader writes "In an effort to enhance the security of 'advanced' e-commerce services in mobile devices and guard against viruses and other software attacks, NTT DoCoMo, Intel, and IBM have jointly released a security specification known as the 'Trusted Mobile Platform.' The spec is said to define a set of hardware and software components that can be built into devices to provide varying degrees of security. Implementation of the platform is said to consist of applying well-established, strong security techniques to hardware and software architectures, resulting in a trusted execution environment that protects the device at boot time and during device operation. The hspec is available ere."

3 of 9 comments (clear)

  1. This isn't good for business by HotNeedleOfInquiry · · Score: 3, Interesting

    This isn't good for anybody

    Old Seinfeld line..

    --
    "Eve of Destruction", it's not just for old hippies anymore...
  2. One Word: by Anonymous Coward · · Score: 1, Interesting

    Bad Idea(TM)

    Here's why:

    "Trusted Computing" provides a computing platform on which you can't tamper with the application software, and where these applications can communicate securely with their authors and with each other. The original motivation was digital rights management (DRM): Disney will be able to sell you DVDs that will decrypt and run on a TC platform, but which you won't be able to copy. The music industry will be able to sell you music downloads that you won't be able to swap. They will be able to sell you CDs that you'll only be able to play three times, or only on your birthday. All sorts of new marketing possibilities will open up.

    TC will also make it much harder for you to run unlicensed software. In the first version of TC, pirate software could be detected and deleted remotely. Since then, Microsoft has sometimes denied that it intended TC to do this, but at WEIS 2003 a senior Microsoft manager refused to deny that fighting piracy was a goal: `Helping people to run stolen software just isn't our aim in life', he said. The mechanisms now proposed are more subtle, though. TC will protect application software registration mechanisms, so that unlicensed software will be locked out of the new ecology. Furthermore, TC apps will work better with other TC apps, so people will get less value from old non-TC apps (including pirate apps). Also, some TC apps may reject data from old apps whose serial numbers have been blacklisted. If Microsoft believes that your copy of Office is a pirate copy, and your local government moves to TC, then the documents you file with them may be unreadable. TC will also make it easier for people to rent software rather than buy it; and if you stop paying the rent, then not only does the software stop working but so may the files it created. So if you stop paying for upgrades to Media Player, you may lose access to all the songs you bought using it.

    For years, Bill Gates has dreamed of finding a way to make the Chinese pay for software: TC looks like being the answer to his prayer.

    There are many other possibilities. Governments will be able to arrange things so that all Word documents created on civil servants' PCs are `born classified' and can't be leaked electronically to journalists. Auction sites might insist that you use trusted proxy software for bidding, so that you can't bid tactically at the auction. Cheating at computer games could be made more difficult.

    There are some gotchas too. For example, TC can support remote censorship. In its simplest form, applications may be designed to delete pirated music under remote control. For example, if a protected song is extracted from a hacked TC platform and made available on the web as an MP3 file, then TC-compliant media player software may detect it using a watermark, report it, and be instructed remotely to delete it (as well as all other material that came through that platform). This business model, called traitor tracing, has been researched extensively by Microsoft (and others). In general, digital objects created using TC systems remain under the control of their creators, rather than under the control of the person who owns the machine on which they happen to be stored (as at present). So someone who writes a paper that a court decides is defamatory can be compelled to censor it - and the software company that wrote the word processor could be ordered to do the deletion if she refuses. Given such possibilities, we can expect TC to be used to suppress everything from pornography to writings that criticise political leaders.

    The gotcha for businesses is that your software suppliers can make it much harder for you to switch to their competitors' products. At a simple level, Word could encrypt all your documents using keys that only Microsoft products have access to; this would mean that you could only read them using Microsoft products, not with any competing word processor. Such blatant lock-in might be prohi

  3. Re:False argument by Anonymous Coward · · Score: 1, Interesting

    I partially agree with you but I think that if "good-enough" security was a good enough mainstream deterrent then such a large satellite TV grey/black market wouldn't exist. Initially figuring out how to hack a card, from what I understand, required equipment worth millions to do and yet despite the difficulty of it there are a lot of suppliers out there.

    Mind you, not every Tom, Dick, and Harry is doing it and while it certainly isn't as common as something like sharing an mp3 via peer-to-peer software, it's not exactly uncommon either.

    Your second point was something I hadn't even thought of before. Thanks for bringing it up. :) Very interesting way of looking at things.

    My original comment was meant to be a cynical/snarky look at a tech that will be a pointless obstacle to those who keep their ears open. I do appreciate the reply, though.