Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft Stalling TCG Best Practices Document?

Posted by ScuttleMonkey on from the security-getting-in-the-way-of-profit dept.

It doesn't come easy writes "Bruce Schneier (of Counterpane Internet Security) suspects Microsoft doesn't want the recently Trusted Computing Group published best practices document: Design, Implementation, and Usage Principles for TPM-Based Platforms to apply to Vista. The reasons are mostly speculation at the moment but Bruce implies further investigation will be forthcoming..."

5 of 163 comments (clear)

  1. Link to actual blog entry by Anonymous Coward · · Score: 5, Informative

    Trusted Computing Best Practices.

    PLEASE can we stop linking to the entire stupid hierarchy of news.com.com.com.com, zdnet, cnet and other stupid useless sites like that? Schneier is a big boy, he can handle /. - and if not, there's always coral.

  2. The IEEE P1667 open alternative by IPAQ2000 · · Score: 3, Informative

    This makes so much more sense

  3. Re:The DRM factor. by mopslik · · Score: 4, Informative

    People have voted with their dollars (& pounds, euros, etc). Apple's DRM is simple and consistant unlike MSFT's which change per song. Apple has sold over a half a billion dollars worth of songs. The rest combined barely equal a tenth of that.

    I'd warrant that a backlash against Microsoft's DRM isn't what's fueling Apple sales. More likely:

    1. The iPod is THE "wow" music player to have these days
    2. Heavy marketing by Apple
    3. Songs are cheap

    I know a number of iPod owners, an DRM doesn't even cross their minds.

  4. Re:TCG Bashing? by robertjw · · Score: 5, Informative

    I'm not sure of the writer's bias

    Bruce Schneier is a security expert with a practical perspective on security analysis. I subscribe to his newsletter, and near as I can tell, he's not particularly biased for or against Windows. He is very vocal about the balance needed between individual rights and security concerns. He also regularly points out security measures and implementations that are just for show.

    I read the article and it doesn't seem like he's bashing TCG at all. Appears more like he has issues with Microsoft wanting to release VISTA as a approved TCG OS without actually following the best practices document.

    --
    Find coupons in Greeley
  5. Re:No lasting effect. by nacturation · · Score: 3, Informative

    If Microsoft actually had to comply to someone else's standard, then there would actually be interoperability.

    In this case, the standard defines how it should work and what it should do. Microsoft can *implement* this in any way that they choose. In no way does this imply that adhering to the standard will promote interoperability. Think of it this way: a security standard might say that "door locks should be of sufficient strength and complexity that it would withstand 500 pounds of force and take an experienced lockpick a minimum of 30 minutes to pick". Adhering to this standard doesn't mean that one vendor's keys will work with another, nor that the locks will even fit on your brand of door.

    --
    Want to improve your Karma? Instead of "Post Anonymously", try the "Post Humously" option.