Microsoft Kills Off Its Trustworthy Computing Group

← Back to Stories (view on slashdot.org)

Microsoft Kills Off Its Trustworthy Computing Group

Posted by timothy on Friday September 19, 2014 @11:42AM from the but-you-can-totally-trust-it dept.

An anonymous reader writes Microsoft's Trustworthy Computing Group is headed for the axe, and its responsibilities will be taken over either by the company's Cloud & Enterprise Division or its Legal & Corporate Affairs group. Microsoft's disbanding of the group represents a punctuation mark in the industry's decades-long conversation around trusted computing as a concept. The security center of gravity is moving away from enterprise desktops to cloud and mobile and 'things,' so it makes sense for this security leadership role to shift as well. According to a company spokesman, an unspecified number of jobs from the group will be cut. Also today, Microsoft has announced the closure of its Silicon Valley lab. Its research labs in Redmond, New York, and Cambridge (in Massachusetts) will pick up some of the closed lab's operations.

64 of 99 comments (clear)

Min score:

Reason:

Sort:

Good by sexconker · 2014-09-19 11:46 · Score: 1, Funny

Trusted computing was always destined to be vaporware. Nobody wanted it.
1. Re:Good by mark-t · 2014-09-19 11:52 · Score: 1
  
  I agree, but I think that the article is talking about something different than that.
  
  --
  File under 'M' for 'Manic ranting'
2. Re:Good by ihtoit · 2014-09-19 12:34 · Score: 5, Informative
  
  yep, they're completely different animals.
  Trustworthy computing: ensuring reliability and integrity of the user experience
  Trusted computing: securing the system against the user.
  
  --
  Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
3. Re:Good by WorBlux · 2014-09-19 14:14 · Score: 1, Offtopic
  
  How else can you verify the integrity of firware + bootloader + kernel? It seems like a useful thing to me, if I'm the one who gets the keys.
4. Re:Good by smittyoneeach · 2014-09-19 14:20 · Score: 1
  
  If you like your trusted computing, you can keep your trusted computing.
  
  --
  Get thee glass eyes, and, like a scurvy politician, seem to see things thou dost not.--King Lear
5. Re:Good by David_Hart · 2014-09-19 15:24 · Score: 1
  
  Trusted computing was always destined to be vaporware. Nobody wanted it.
  Except for the armed forces and DOD....
  I could be wrong, but I thought that Trusted Computing was originally developed for the military. Only afterwards was it corrupted to include DRM, etc...
6. Re:Good by CanEHdian · 2014-09-19 15:33 · Score: 1, Offtopic
  
  Oh, the MPAA, RIAA and BSA were screaming for it... the "trust" in "trusted computing" was that you as a "trusted computer" user could be trusted not to get around any kind of Digital Restrictions Management system... to be introduced once your head is already firmly stuck in the noose.
  
  --
  When the copyright term is "forever minus a day", live every day like it's the last.
7. Re:Good by mlts · 2014-09-19 16:00 · Score: 3, Insightful
  
  I found that this technology has two edges to it. The first is its use for DRM, but the second is something I've found useful.
  A TPM chip can come in handy with BitLocker. It means that brute forcing a drive's password becomes not an option, as an attacker is faced with the full 128 or 256 bit keyspace of AES. Unless an attacker can uncap the TPM chip, brute forcing a password will only cause the chip to lock due to excessive attempts and not allow access in any way.
  It also provides peace of mind. With a TPM + PIN + USB flash drive, if my laptop gets stolen, if I have the USB flash drive on my keychain, I know the laptop's contents are protected. Even if the keychain is stolen, there is still the PIN which has to be guessed. If the MBR or BIOS are modified, it will be detected, and not allow the machine to boot. Not 100% security (XKCD rubber hoses and cold RAM attacks will beat it for example), but good enough.
  Problem is that this type of technology to ensure malware hasn't tampered with the boot process tends to be far more often used to keep legitimate people out of their device rather than to allow legitimate device owners to keep control of their data.
8. Re:Good by Anonymous Coward · 2014-09-19 17:39 · Score: 1
  
  But you wont get those keys - that's the whole problem.
9. Re:Good by Mathinker · 2014-09-19 22:36 · Score: 2
  
  I always thought that he should have made it a $5.38 wrench, instead...
10. Re:Good by Insanity+Defense · 2014-09-20 02:46 · Score: 1
  
  Trusted computing was always destined to be vaporware. Nobody wanted it.
  Untrue. The big media companies want it so they can controll your media use. Consider that MS got a patent which would allow them to tell how many people (in the home) viewed a movie at once. The big media companies would just LOVE to charge you each time an individual "consumes" their product. No more copy ownership just a constant income source to the media corp.
  Corporate Big Brother is just as dangerous as the government form.
11. Re:Good by Blaskowicz · 2014-09-21 06:38 · Score: 1
  
  What about a linux system with BIOS password, grub password, root password other than "root" or blank and encrypted file system? I guess that's evil.
Mission accomplished by symbolset · 2014-09-19 11:50 · Score: 4, Funny

Now that they have made all their software trustworthy there is no more need for the group, right? Declare victory and go home.

--
Help stamp out iliturcy.
1. Re:Mission accomplished by Phroggy · 2014-09-20 09:53 · Score: 1
  
  Now that they have made all their software trustworthy there is no more need for the group, right? Declare victory and go home.
  That's what they did when IE6 won the browser war!
  
  --
  $x='S24;r)>63/* h@<5+oZ)32"5cz';$me='phroggy'x$];
  $x=~y+ -xz+\0-Tx+;print$_^chop$me for split'',$x;
Does this mean.... by Hsien-Ko · 2014-09-19 11:54 · Score: 3, Funny

Microsoft products will get easter eggs again?
I've never shorted a stock by Anonymous Coward · 2014-09-19 11:58 · Score: 1

I've never shorted a stock; but every time this new guy makes a move I think about it. OMG... a cloud of mobile things... totally not MS's core comp. It's like what they did to Flickr. It's the same kind of stupid trend following. It's just that it's on a much, Much, MUCH larger scale. If this one craters like I think it might, it'll be taught in business schools for the next 50 years as "what not to do".
Oh sure, a lot of people on /. would like to see MS crater; but be careful what you wish for. Do you really want AAPL to be the A no. 1 tech company for EVERYTHING, including your workstation?
The only silver lining I see here is that CEOs might wake up and realize what they're doing wrong. They'll stop doing what everybody at the cocktail party says, and concentrate on their core customers and competencies; but for MS it might not come until post Chapter 11.
1. Re:I've never shorted a stock by Zontar+The+Mindless · 2014-09-19 12:15 · Score: 2
  
  Oh sure, a lot of people on /. would like to see MS crater; but be careful what you wish for. Do you really want AAPL to be the A no. 1 tech company for EVERYTHING, including your workstation?
  Microsoft have no connection whatsoever to my workstation or what I run on it. Now explain to me how their demise is going to change that.
  
  --
  Il n'y a pas de Planet B.
2. Re:I've never shorted a stock by Ol+Olsoc · 2014-09-19 12:35 · Score: 4, Interesting
  
  Oh sure, a lot of people on /. would like to see MS crater; but be careful what you wish for. Do you really want AAPL to be the A no. 1 tech company for EVERYTHING, including your workstation?
  I bash Microsoft here as much as anyone else - but No, I don't want Microsoft to go away.
  I want MIcrosoft to stop making awful Operating systems. We know they can do it, because XP was excellent, W7 almost as good.
  I want Microsoft to not have Updates bitch up computers.
  I want Microsoft to change their "We know what's best for you dammit!" attitude, and ignore feedback. Both Vista and W8 had people begging them not to go there.
  If you've read enough of Slashdot, you'll have noticed that every complaint about MSFT is attacked by "energetic fans" shouting that the complaint is invalid, that the person complaining is an idiot. How long is that supposed to work?
  After moving to Unix-like OS' I apparenly stopped being an idiot, because I have none of the same problems I had on any Microsoft OS - and that includes XP, which I liked. Like I said, eventually people will get tired of that crap.
  What I would like to see is a vibrant Microsoft, one that understands the customer, and the market. Why, that might even entice me to buy another computer with their Operating system on it.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
3. Re:I've never shorted a stock by Zontar+The+Mindless · 2014-09-19 13:37 · Score: 4, Insightful
  
  XP was excellent
  That's what inspired me to switch to Linux full-time, I'll say that much for it.
  
  --
  Il n'y a pas de Planet B.
4. Re:I've never shorted a stock by MillionthMonkey · 2014-09-19 13:49 · Score: 1
  
  My grandmother isn't going to want to buy a PC and configure Linux herself. She'll just get an Apple. Once enough users move to Apple, we'll all have to learn Objective C and our workstations will be a bunch of ipads.
5. Re:I've never shorted a stock by Kjella · 2014-09-19 15:09 · Score: 2
  
  I want MIcrosoft to stop making awful Operating systems. We know they can do it, because XP was excellent, W7 almost as good. (...) I want Microsoft to change their "We know what's best for you dammit!" attitude, and ignore feedback. Both Vista and W8 had people begging them not to go there.
  Maybe there's a hint there? Conservative, experimental, conservative, experimental... As long as people keep arguing if the old or new version of Windows is better, I don't think Microsoft worries. You are free to skip a version you know.
  
  If you've read enough of Slashdot, you'll have noticed that every complaint about MSFT is attacked by "energetic fans" shouting that the complaint is invalid, that the person complaining is an idiot. How long is that supposed to work?
  Do a s/MSFT/Linux/g and there's plenty OSS apologists too. Particularly because you got one team saying "Linux is so free and great, it's totally ready for the desktop and you should try it out" but when you have a problem the other team says "Yeah well you got it for free, so STFU and be grateful". I'm on Windows 7 now and I'm guessing sometime soon Microsoft needs to release another "classic" desktop for conservative enterprises so they can plan their migration before the 2020 EoL. Having Linux around as a plan B is nice but for gaming Windows rules supreme, regardless of whether Linux has a Steam client or not.
  
  --
  Live today, because you never know what tomorrow brings
6. Re:I've never shorted a stock by the_B0fh · 2014-09-19 15:17 · Score: 1
  
  I want MIcrosoft to stop making awful Operating systems. We know they can do it, because XP was excellent, W7 almost as good.
  Funny how time changes things. Or time changes people into Stockholm Syndrome victims? I remember when XP first came out and it was ridiculed for being Windows the Teletubbies edition, and how people laugh at HotFix #1 being released on the release date of XP, and how Microsoft had previously declared that there's no more buffer overflows in Windows, and of course, HotFix #1 was for a buffer overflow....
7. Re:I've never shorted a stock by mlts · 2014-09-19 15:50 · Score: 1
  
  There was one major feature, and two "features" added to XP:
  1: The zone/firewalling support. This is actually useful just to keep dodgy apps from opening up a port or ensuring nothing can connect directly. Third parties like Zone Alarm had this functionality, but would keep prompting the user for every single connection, so eventually users would just click "allow all and don't bug me", and be done with it.
  2: Secure Audio Path, where anything protected with WMA's DRM could only play on a stack of signed audio drivers.
  3: Activation.
  Of course, there were some other minor tweaks here and there, but the leap from W2K to XP wasn't groundbreaking. Windows 3.11 to Windows 95 was a major leap in virtually everything. The second greatest leap was with the server side -- Windows 2000 Server from NT Server was a nice leap for servers because the whole model of NT domains was changed to be a lot more scalable.
  The reason why XP was considered decent is because it was out for a long time and people got used to it. On the server side of the house, Windows Server 2003 is still supported until July 14 of next year... but most places have moved to at least Windows Server 2008 if not newer just because of the better security in more recent versions.
8. Re:I've never shorted a stock by jd2112 · 2014-09-19 15:58 · Score: 1
  
  I want MIcrosoft to stop making awful Operating systems.
  Windows 8/8.1 and Server 2012 aren't bad operating systems. They are just hobbled with hideous user interfaces.
  
  --
  Any insufficiently advanced magic is indistinguishable from technology.
9. Re:I've never shorted a stock by silfen · 2014-09-19 16:50 · Score: 1
  
  I want MIcrosoft to stop making awful Operating systems. We know they can do it, because XP was excellent, W7 almost as good.
  Windows remains bloatware: the kernel has too many features, the file system has too many features, the libraries have too many features, the tools are poor, everything talks to everything else, etc. Windows will never be an "excellent" operating system; they'll have to start over.
10. Re:I've never shorted a stock by Cinder6 · 2014-09-19 18:19 · Score: 1
  
  Nah. Swift.
  
  --
  If you can't convince them, convict them.
11. Re:I've never shorted a stock by mlts · 2014-09-19 22:13 · Score: 1
  
  Definitely not. It was listed under a "feature" (in quotes) as something that isn't wanted, similar to the DRM stack. In fact, it has gotten worse since XP since you have to have either a KMS server that has Internet connectivity to phone home to MS so machines can activate from it for 180 days, or blow a MAK and activate over the phone.
  I don't understand why MS forced volume activation on businesses. One can find fake KMS servers, and even though it isn't a complex piece of infrastructure, it is another thing that can fail or get hacked. It also doesn't support redundancy at the KMS layer, so it has to go onto a VM cluster with multiple paths or the like. If it drops, it isn't critical, but it can be annoying. There is also the fear that in theory (and this is pure tinfoil hat speculation, mind you), it can be used to shuttle/proxy info/code between clients, the KMS server and the outside world.
  I don't know any other OS that requires activation. Oracle has some of the nastiest licensing around, and their main products have no codes or license keys... the fear of the BSA coming down on a company is good enough. I wish MS followed the same route, and made activation more of a license management system than an infrastructure requirement.
12. Re:I've never shorted a stock by tsa · 2014-09-19 22:23 · Score: 1
  
  You think XP was bad, but Win95 made me switch to Linux. And Linux made me switch to OSX 10 years later.
  
  --
  -- Cheers!
13. Re:I've never shorted a stock by jones_supa · 2014-09-19 23:33 · Score: 1
  
  XP was excellent
  That's what inspired me to switch to Linux full-time, I'll say that much for it.
  Same goes for me, I also moved full-Linux as XP was such a trash can. Came back when Windows 7 was released.
14. Re:I've never shorted a stock by jones_supa · 2014-09-19 23:38 · Score: 1
  
  Or time changes people into Stockholm Syndrome victims?
  Yeah, I have seen a clear Stockholm Syndrome developing around XP. :)
15. Re:I've never shorted a stock by jones_supa · 2014-09-19 23:44 · Score: 1, Informative
  
  Windows 8/8.1 and Server 2012 aren't bad operating systems. They are just hobbled with hideous user interfaces.
  There's also some new vomit-inducing screenshots of the Start Menu colors of Windows 9. It's still nice that the menu is coming back, but they seem to be going full-kindergarten in terms of appearance.
16. Re:I've never shorted a stock by jd2112 · 2014-09-20 01:23 · Score: 1
  
  Windows 8/8.1 and Server 2012 aren't bad operating systems. They are just hobbled with hideous user interfaces.
  There's also some new vomit-inducing screenshots of the Start Menu colors of Windows 9. It's still nice that the menu is coming back, but they seem to be going full-kindergarten in terms of appearance.
  Note to self: Wait for WindowBlinds to be ported to Windows 9 before upgrading.
  
  --
  Any insufficiently advanced magic is indistinguishable from technology.
17. Re:I've never shorted a stock by TheRaven64 · 2014-09-20 03:06 · Score: 1
  
  XP also tweaked the VM subsystem in a way that was quite noticeable if you had more than about 256MB of RAM (better performance), but the main feature it added was remote desktop (although only in the Pro version). I was quite tempted to upgrade from 2K for the remote desktop stuff.
  
  --
  I am TheRaven on Soylent News
18. Re:I've never shorted a stock by chr1st1anSoldier · 2014-09-20 03:33 · Score: 1
  
  I think Microsoft is simply wanting to capture the enterprise market, if you capture the office then all other markets will fall into place. If you have to use Microsoft everyday at the office, and Microsoft continues with the "Embrace, Extend, Extinguish" campaign, then only Microsoft will work with Microsoft. If Only Microsoft will work with Microsoft and you are using Microsoft products in the office then you have to teach and use Microsoft in the schools If only Microsoft will work with Microsoft and now you are using it at the office and you use it and learn it in school then you will need to use it at home so you can do office work and school work. Therefor Microsoft could care less about what the home user wants out of their operating system and listen to what big business wants then incorporates that.
19. Re:I've never shorted a stock by Ol+Olsoc · 2014-09-20 05:46 · Score: 1
  
  I want MIcrosoft to stop making awful Operating systems. We know they can do it, because XP was excellent, W7 almost as good. (...) I want Microsoft to change their "We know what's best for you dammit!" attitude, and ignore feedback. Both Vista and W8 had people begging them not to go there.
  Maybe there's a hint there? Conservative, experimental, conservative, experimental... As long as people keep arguing if the old or new version of Windows is better, I don't think Microsoft worries. You are free to skip a version you know.
  After W8, I stopped using Windows altogether. I am also free to not use them.
  And yes, it is obviously, completely clear-no doubt about-it that Microsoft does not care one bit about their customers.
  Even respectful input is dismissed. A complaint is a gift. Micrsoft has adopted the concept:
  "If we ignore the customer long enough, mayb he'll stop bugging us."
  And you seem to agree with them that it is a good practice. I quit bugging them, they have achieved their goal fo rme at least.
  As for conservative/experimental, it's sort of funny. I'm having a blast with experimenting with differnt distros of Linux. If I don't like the interface, I've got lots of other options. And for my video work, I have my OSX. I'm having alsomes as much fun as my early computing days.
  
  Do a s/MSFT/Linux/g and there's plenty OSS apologists too.
  I would completely agree.
  
  Particularly because you got one team saying "Linux is so free and great, it's totally ready for the desktop and you should try it out" but when you have a problem the other team says "Yeah well you got it for free, so STFU and be grateful".
  Oh yeah. Everyone has their fanbois. I must say though, I am the biggest asshole in dealing with Windows - mostly because I don't to the party line. And that's from experience using the big three. I make stupid mistakes that no one - no one would ever make in Windows. Move to Linux or OSX, and I don't make those mistakes. (should be a sarcasm tage here)
  
  I'm on Windows 7 now and I'm guessing sometime soon Microsoft needs to release another "classic" desktop for conservative enterprises so they can plan their migration before the 2020 EoL. Having Linux around as a plan B is nice but for gaming Windows rules supreme, regardless of whether Linux has a Steam client or not.
  So much depends on what you are doing. When I do any gaming, which isn't all that often, but when I do, it's something like WoW or Diablo III, so I'm not constrained, I just play on my Mac. But surely, if you wnat games that are only on Microsoft OS', that's what you hav eto have. Unfortunately, the amount of crap you'll put up with is the amount Microsoft will make you put up with. Me, I've moved on. Apparently Microsoft thinks that is great. Which is the biggest reason I don't use them any more.
  
  --
  The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
20. Re:I've never shorted a stock by morethanapapercert · 2014-09-20 10:37 · Score: 1
  
  The problem is; as I understand it, is that Microsoft (as well as Apple and Google) have such huge cash reserves that they could afford to operate in the red for YEARS if the board of directors thought it was useful to do so. If Microsoft decided to get really serious about cloud computing and the potential for trusted computing and DRM, they could afford to take really dramatic steps to drive the market in that direction. We've seen the success of Steam and other mandatory connection, micro-transaction business models. It's not beyond the realm of possibility that the Microsoft board wants to drive individual/consumer desktop use in that direction. I seem to recall that RIAA and MPAA slipped Microsoft a bunch of cash to support development of trusted computing. If MS rolls trusted computing and trustworthy computers into a cloud oriented scheme, I'm sure there is more money to be had from that direction.
  [tinfoilhat] Then there is the fact that cloud oriented computing has some rather severe concerns about data integrity, privacy and so on. I'm sure the spooks would LOVE to have everyone store their data and run cloud applications or at least cloud "certified secure" applications where they can stick their digital fingers in. [/tinfoilhat]
  
  --
  I need a wheelchair van for my son. Help me get the word out. https://www.gofundme.com/wheelchair-van-for-jj
21. Re:I've never shorted a stock by Zontar+The+Mindless · 2014-09-20 17:01 · Score: 1
  
  Oracle.
  
  --
  Il n'y a pas de Planet B.
Trustworthy Computing was a sham by TrollstonButterbeans · 2014-09-19 12:02 · Score: 5, Insightful

And an insult. It was like Microsoft trying to usurp your own computer and tell you what it could do and spy on you too.

Trustyworthy Computing had the idea that apps could prevent you taking screenshots and assert insane privileges on your own computer.

It was offensive as hell.

--
Priest: "Universe from nothing, no laws of physics, sped up time"+ huge discrepancies. Creationism? No. Big Bang Theory
1. Re:Trustworthy Computing was a sham by ihtoit · 2014-09-19 12:30 · Score: 3, Informative
  
  I thought Trustworthy Computing was a scheme intended to ensure that no part (of the user experience) could fail?
  As opposed to Trusted Computing, which I think is what you're actually referring to here, this instead of protecting the system from failure, secured the system against user violations such as overwriting the bootloader with one that isn't signed (like for instance, replacing or enhancing the BIOS with a signed EFI that prevents the user from installing alternative OSes such as OSX onto a commodity x64 or GNU/Linux onto a MS-subsidised laptop (think £250 deal at PC World. How do you think they get so cheap?)), TPM and TXT which can be used in tandem to lock a software license/instance to a specific machine using a specific hardware setup where the hardware has burned-in unique RSA hashes per device (didn't MS do this with Windows at one point where even replacing a wireless card killed the COA key?), Asshole Detectors (I don't know if this term is in common use, it just sounds cool) such as XBox Live, and vendor lock-in on the pretext of securing a closed network (such as the aforementioned XBox Live, any number of persistent online games such as World of Warcraft...)...
  
  --
  Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
2. Re:Trustworthy Computing was a sham by sphealey · 2014-09-19 13:11 · Score: 1
  
  - - - - - Trustyworthy Computing had the idea that apps could prevent you taking screenshots - - - - -
  
  While I personally agree with your point, organizations with strong security requirements have to at least attempt to forestall the Ivan Vorpatril security hole.
  sPh
3. Re:Trustworthy Computing was a sham by Microlith · 2014-09-19 13:55 · Score: 2
  
  secured the system against user violations such as overwriting the bootloader with one that isn't signed (like for instance, replacing or enhancing the BIOS with a signed EFI that prevents the user from installing alternative OSes such as OSX onto a commodity x64 or GNU/Linux onto a MS-subsidised laptop
  Which has not happened. Seriously. All x86 systems have the ability to turn off secure boot.
4. Re:Trustworthy Computing was a sham by TrollstonButterbeans · 2014-09-19 13:58 · Score: 1
  
  I seem to be one of 10 people commenting incorrectly.
  
  Which goes to show how bad Microsoft is at marketing.
  
  And because of this flaw, they can't make any products in-house and will have to pay $2.5 billion to buy a game with Nintendo 64 style block graphics from the 1990s.
  
  Either way, if as you say, they wanted to make sure "no part of the user experience could fail", they failed that goal when they shipped Windows 8.
  
  In their pursuit to ensure a good user experience, perhaps they had a plan for spammers and viruses and email fraud but little did they know that while looking outside, the biggest blow to the user experience was being developed by themselves.
  
  Maybe their new CEO will develop a task force that can detect coming assaults to the user experience occurring in his own building!!!
  
  (You had a good and informative post with some exceptional information quality, I will be Googling some of those.)
  
  --
  Priest: "Universe from nothing, no laws of physics, sped up time"+ huge discrepancies. Creationism? No. Big Bang Theory
5. Re:Trustworthy Computing was a sham by WorBlux · 2014-09-19 14:18 · Score: 1
  
  No, all consumer x86 should have that ability. Not that they all actually work properly to the UEFI specs once you do. But on an unlocked platform you should be able to add custom keys. Anyways, some embeded x86 systems can be locked (beside intel allows it only on chips designed to go into DVR's and other embeded devices)
6. Re:Trustworthy Computing was a sham by Microlith · 2014-09-19 14:52 · Score: 1
  
  No, all consumer x86 should have that ability.
  Yes, as specified by Microsoft themselves. They shouldn't have to say it, but you know the OEMs are lazy as shit and wouldn't offer the option if they could get away with it.
  
  Not that they all actually work properly to the UEFI specs once you do.
  Meaning what?
  
  But on an unlocked platform you should be able to add custom keys.
  And you can, I have.
  
  Anyways, some embeded x86 systems can be locked (beside intel allows it only on chips designed to go into DVR's and other embeded devices)
  And locked down embedded systems are always a problem, but they don't require secure boot or UEFI to do so.
7. Re:Trustworthy Computing was a sham by WorBlux · 2014-09-19 14:58 · Score: 1
  
  A lot of the UEFI systems with secure boot, it's either Secure boot + UEFI or legacy boot. It gets difficult to make unsecured boot on UEFI. But poor firmware implementation is nothing new.
8. Re:Trustworthy Computing was a sham by lgw · 2014-09-19 16:41 · Score: 1
  
  The engineers working on Windows 8 knew the Metro UI was crap for the PC. The usability studies all showed that the Metro UI was crap for the PC. It was senior management that forced the issue over the protests of those involved.
  The reason I have hope for MS yet is the result from all that. The entire management chain responsible for that, right through the CEO, all of them gone. Gates, Ballmer, Larson-Green, and middle managers below her well fired or moved away from PC computing. Someone, somewhere, decided enough was enough.
  Will the new guy be better? Who knows. But we've had decision after decision that left consumers saying "WTF?" being rolled back, starting with firing that X-Box VP whp insulted the customer base and reversing his decisions on used games and always-on DRM and hopefully through the restoration of the start menu. Of course, if Windows 9 ends up sucking, MS is as dead as a very dead thing.
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
9. Re:Trustworthy Computing was a sham by marcello_dl · 2014-09-19 19:52 · Score: 1
  
  If Microsoft, or anybody else, cared for the UX, we wouldn't have to relearn how to do the same old things every time a new edition of their systems is released.
  When you read user experience, think about user lock-in through interfaces. Everything coming from MS Apple Canonical Gnome et al. will be understandable.
  
  --
  ---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol
Death Knell for Patch Update oversight by Anonymous Coward · 2014-09-19 12:11 · Score: 1

I think someone "missed" the punchline to all of this.. they handled the MS Security Updates notifications and the Patch Update communications.
This was predictable after the August and September debacles.. they already knew they're jobs were gone..
Developers who claim the code is "Self Documenting" should not be allowed to wield sharp objects at your servers.
All patches will have to be defaulted off.. or you might as well abdicate to the Cloud.. good luck holding them Accountable for "anything".
1. Re:Death Knell for Patch Update oversight by Anonymous Coward · 2014-09-19 13:06 · Score: 2, Interesting
  
  "MS Security Updates notifications and the Patch Update communications" (TwC Security Comms") has been moved over to corporate marketing (CorpCom) under Frank X. Shaw, notorious for his distain for security and his repeated attempts to kill any comms that admitted any flaw/vuln/issue ever. Same guy who dismisses all vuln researchers as "criminals" -- including all partners who do bug bounties or consultants who produce workarounds for customers .
  After today, don't expect to get any honesty out of Microsoft re vulns for another decade.
  TwC was the best producer and best hope for continued security improvements at Microsoft, and Nadella killed it.
  Those who got laid off had it good - a payout and a graceful exit before the destruction and shame. I can't stand to stay under the new regime, and I know of entire teams that are interviewing and helping each other with referrals outside the company. God help those who stay.
That's all I needed to hear by Anonymous Coward · 2014-09-19 12:14 · Score: 1

"The security center of gravity is moving away from enterprise desktops to cloud and mobile and 'things' "
This has been microsoft's goal since they announced Windows 8 and it's bad. The cloud is not trustworthy, it was shown to not be many times over and no sane enterprise will allow the cloud to take over local desktops/servers.
1. Re:That's all I needed to hear by ultranova · 2014-09-19 22:00 · Score: 1
  
  The cloud is not trustworthy, it was shown to not be many times over and no sane enterprise will allow the cloud to take over local desktops/servers.
  
  Unless it's cheaper. Then as long as nothing happens, managers get bonuses for the savings their decisions have earned the company, and if something does, it's an unforeseeable event that was the fault of some evil haxor.
  
  --
  Forget magic. Any technology distinguishable from divine power is insufficiently advanced.
Re:This new guy by binarylarry · 2014-09-19 12:24 · Score: 3, Interesting

I'm personally pretty anti-microsoft and a fan of google's ecosystem of products.
But if the new CEO succeeds at changing the organization, it'd be great to see a third big vendor in the market as an alternative to Google and Apple. Windows Phone sucks now, but who knows what the future brings. Microsoft has been riding their past successes for a long time, too long.

--
Mod me down, my New Earth Global Warmingist friends!
Around by sphealey · 2014-09-19 12:47 · Score: 1

- - - - - the industry's decades-long conversation around - - - - -

"Conversation" is bad enough, but what does the word "around" in this type of sentence even mean? That the conversation never actually gets anywhere or accomplishes anything specific, but just circles 'around' and 'around' a problem that should be analyzed, detailed, and solved (or firmly documented as unsolvable or uneconomic)?
sPh
1. Re:Around by sumdumass · 2014-09-19 14:16 · Score: 1
  
  Around in this context means next to and including.
  The subjects over lap somewhat but do not completely encompass the concept.
Re:Is it just me... by sgage · 2014-09-19 13:22 · Score: 1

"Is it just me, ...or does anyone else get a slight chub hearing that M$ is not doing so hot anymore? "
It's just you. But whatever turns you on...
Yuh Huh by Greyfox · 2014-09-19 13:31 · Score: 1

I'm guessing the desktop isn't the enviable real estate it once was. They're probably going to fumble around in the mobile space some more. The last time they were caught this flat-footed by a new technology, IBM was trying to start up competition with them on the desktop and Microsoft's position was quite strong. They just had to... borrow... the TCP/IP stack from BSD and they were good to go. They just had to poke IBM in the eye a couple of times to convince them to go elsewhere. I suspect they'll find Google to be a somewhat more difficult competitor to deal with. Especially given the state of Microsoft's search engine and... mobile platform.

--
I'm trying to teach myself to set people on fire with my mind... Is it hot in here?
Treacherous Computing by bzipitidoo · 2014-09-19 13:47 · Score: 3, Informative

Exactly. Microsoft tried to secure the software against the users, and tried to tell everyone it was more plain security.
I'm glad users didn't swallow it. MS's lame attempt at confusing everyone got the ridicule and hate it so richly deserved.

--
Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
1. Re:Treacherous Computing by lgw · 2014-09-19 16:32 · Score: 4, Insightful
  
  Had TC been an open standard, it could have been a great thing. Think: locking down one VM such that no virus can taint it, which you can then use to scan the rest of the system with assurance that the results are valid.
  But instead it was a joke. I was doing standards work while the TC "standard" was being hammered out, and while they were in the same Hotel as real ISO standards work, you had to be there from a member company and sign an NDA to even listen to the discussions. We didn't take them seriously (the normal ISO/INCITS rules are that anyone who shows up can participate, you only need to be from a paying company to vote, and that minutes are always public).
  
  --
  Socialism: a lie told by totalitarians and believed by fools.
Re:Is it just me... by TrollstonButterbeans · 2014-09-19 14:05 · Score: 2

Are you kidding me? Microsoft might as well be IBM. They have such a huge installed base of corporate buyers, they could shovel out garbage for 2 decades and make $40 billion a year.

They could make Steven Elop their CEO, and even he couldn't begin to run Microsoft into the ground.

In fact, they should just to prove that their company is so entrenched that even an idiot could run it.

And they could drive home the point, by having one run the company just to show the world!

--
Priest: "Universe from nothing, no laws of physics, sped up time"+ huge discrepancies. Creationism? No. Big Bang Theory
Askslashdot by oldhack · 2014-09-19 14:34 · Score: 1

Fuck you dice and your bogus planted "stories". That's my answer.

--
Fuck systemd. Fuck Redhat. Fuck Soylent, too. Wait, scratch the last one.
Re:business by OhPlz · 2014-09-19 14:38 · Score: 1

It doesn't make much sense to me either, yet I've seen it happen with my own eyes. Not only do companies lose innovators when this type of thing happens, but they're arming their competition. All those bright folks they cut loose, and especially those that decide to leave on their own.. where will they go? To competitors, of course. It seems really short sighted, particularly when the company isn't in dire shape financially.
Re:Untrustworthy Computing by JayTech · 2014-09-19 16:24 · Score: 1

Why is this modded offtopic? Ah yes, because some define "Trustworthy Computing" as exclusively meaning a platform that has gained trust by the user. But you have to look at the whole picture. Security was always the first "pillar" of the "Trustworthy Computing" initiative. Protected execution and secure I/O were features Microsoft desperately wanted to incorporate into their code - the thinking being if the code couldn't be modified in ways the programmers never intended, then users *could* completely trust it. Palladium (or Next-Generation Secure Computing Base) was hailed as the holy grail of locked down code, and "Trustworthy Computing" was one of the buzzwords used by Microsoft to market it. That is, until the anti-TCP campaign made it not cool to use those terms anymore. Why not take a stroll over to Microsoft's website circa 2002 and let me know what you find: http://www.microsoft.com/resou...
TPM also handy for mneasured boot by benjymouse · 2014-09-19 22:55 · Score: 2

During boot, Windows will write log entries to the TPM. Every time a module or driver is loaded, the signature, hash code etc. is written to the TPM.
When the OS is up and running a client can request the TPM to issue the collected log entries, digitally signed with a key residing in the TPM. The boot log is then sent to a "health certificate" server. The health certificate server can inspect the log (after verifying its authenticity thjrough the signature) to see if any untrusted or known malicious software was loaded during the startup process. If everything checks out OK, it can then issue a "Health certificate".
Other devices on the corporate/private net can be instructed to quaranteen servers until they can present a valid Health certificate. Ie. the TPM can play a central role in preventing malicious software from propagating on internal Networks: If a server suddenly load more drivers than expected, loads non-whitelisted drivers or directly blacklisted drivers, nobody wants to talk to it.

--
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*
Microsoft kills off trustworthy computing... by Archtech · 2014-09-20 00:38 · Score: 1

I don't trust myself to comment...

--
I am sure that there are many other solipsists out there.