Slashdot Mirror
Microsoft Kills Off Its Trustworthy Computing Group
An anonymous reader writes Microsoft's Trustworthy Computing Group is headed for the axe, and its responsibilities will be taken over either by the company's Cloud & Enterprise Division or its Legal & Corporate Affairs group. Microsoft's disbanding of the group represents a punctuation mark in the industry's decades-long conversation around trusted computing as a concept. The security center of gravity is moving away from enterprise desktops to cloud and mobile and 'things,' so it makes sense for this security leadership role to shift as well. According to a company spokesman, an unspecified number of jobs from the group will be cut. Also today, Microsoft has announced the closure of its Silicon Valley lab. Its research labs in Redmond, New York, and Cambridge (in Massachusetts) will pick up some of the closed lab's operations.
Now that they have made all their software trustworthy there is no more need for the group, right? Declare victory and go home.
Help stamp out iliturcy.
Microsoft products will get easter eggs again?
And an insult. It was like Microsoft trying to usurp your own computer and tell you what it could do and spy on you too.
Trustyworthy Computing had the idea that apps could prevent you taking screenshots and assert insane privileges on your own computer.
It was offensive as hell.
Priest: "Universe from nothing, no laws of physics, sped up time"+ huge discrepancies. Creationism? No. Big Bang Theory
Oh sure, a lot of people on /. would like to see MS crater; but be careful what you wish for. Do you really want AAPL to be the A no. 1 tech company for EVERYTHING, including your workstation?
Microsoft have no connection whatsoever to my workstation or what I run on it. Now explain to me how their demise is going to change that.
Il n'y a pas de Planet B.
I'm personally pretty anti-microsoft and a fan of google's ecosystem of products.
But if the new CEO succeeds at changing the organization, it'd be great to see a third big vendor in the market as an alternative to Google and Apple. Windows Phone sucks now, but who knows what the future brings. Microsoft has been riding their past successes for a long time, too long.
Mod me down, my New Earth Global Warmingist friends!
yep, they're completely different animals.
Trustworthy computing: ensuring reliability and integrity of the user experience
Trusted computing: securing the system against the user.
Political debates have me rolling my eyes so much I think I got optical whiplash. I should sue. - Foamy The Squirrel
Oh sure, a lot of people on /. would like to see MS crater; but be careful what you wish for. Do you really want AAPL to be the A no. 1 tech company for EVERYTHING, including your workstation?
I bash Microsoft here as much as anyone else - but No, I don't want Microsoft to go away.
I want MIcrosoft to stop making awful Operating systems. We know they can do it, because XP was excellent, W7 almost as good.
I want Microsoft to not have Updates bitch up computers.
I want Microsoft to change their "We know what's best for you dammit!" attitude, and ignore feedback. Both Vista and W8 had people begging them not to go there.
If you've read enough of Slashdot, you'll have noticed that every complaint about MSFT is attacked by "energetic fans" shouting that the complaint is invalid, that the person complaining is an idiot. How long is that supposed to work?
After moving to Unix-like OS' I apparenly stopped being an idiot, because I have none of the same problems I had on any Microsoft OS - and that includes XP, which I liked. Like I said, eventually people will get tired of that crap.
What I would like to see is a vibrant Microsoft, one that understands the customer, and the market. Why, that might even entice me to buy another computer with their Operating system on it.
The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
"MS Security Updates notifications and the Patch Update communications" (TwC Security Comms") has been moved over to corporate marketing (CorpCom) under Frank X. Shaw, notorious for his distain for security and his repeated attempts to kill any comms that admitted any flaw/vuln/issue ever. Same guy who dismisses all vuln researchers as "criminals" -- including all partners who do bug bounties or consultants who produce workarounds for customers .
After today, don't expect to get any honesty out of Microsoft re vulns for another decade.
TwC was the best producer and best hope for continued security improvements at Microsoft, and Nadella killed it.
Those who got laid off had it good - a payout and a graceful exit before the destruction and shame. I can't stand to stay under the new regime, and I know of entire teams that are interviewing and helping each other with referrals outside the company. God help those who stay.
XP was excellent
That's what inspired me to switch to Linux full-time, I'll say that much for it.
Il n'y a pas de Planet B.
Exactly. Microsoft tried to secure the software against the users, and tried to tell everyone it was more plain security.
I'm glad users didn't swallow it. MS's lame attempt at confusing everyone got the ridicule and hate it so richly deserved.
Intellectual Property is a monopolistic, selfish, and defective concept. It is "tyranny over the mind of man"
Are you kidding me? Microsoft might as well be IBM. They have such a huge installed base of corporate buyers, they could shovel out garbage for 2 decades and make $40 billion a year.
They could make Steven Elop their CEO, and even he couldn't begin to run Microsoft into the ground.
In fact, they should just to prove that their company is so entrenched that even an idiot could run it.
And they could drive home the point, by having one run the company just to show the world!
Priest: "Universe from nothing, no laws of physics, sped up time"+ huge discrepancies. Creationism? No. Big Bang Theory
I want MIcrosoft to stop making awful Operating systems. We know they can do it, because XP was excellent, W7 almost as good. (...) I want Microsoft to change their "We know what's best for you dammit!" attitude, and ignore feedback. Both Vista and W8 had people begging them not to go there.
Maybe there's a hint there? Conservative, experimental, conservative, experimental... As long as people keep arguing if the old or new version of Windows is better, I don't think Microsoft worries. You are free to skip a version you know.
If you've read enough of Slashdot, you'll have noticed that every complaint about MSFT is attacked by "energetic fans" shouting that the complaint is invalid, that the person complaining is an idiot. How long is that supposed to work?
Do a s/MSFT/Linux/g and there's plenty OSS apologists too. Particularly because you got one team saying "Linux is so free and great, it's totally ready for the desktop and you should try it out" but when you have a problem the other team says "Yeah well you got it for free, so STFU and be grateful". I'm on Windows 7 now and I'm guessing sometime soon Microsoft needs to release another "classic" desktop for conservative enterprises so they can plan their migration before the 2020 EoL. Having Linux around as a plan B is nice but for gaming Windows rules supreme, regardless of whether Linux has a Steam client or not.
Live today, because you never know what tomorrow brings
I found that this technology has two edges to it. The first is its use for DRM, but the second is something I've found useful.
A TPM chip can come in handy with BitLocker. It means that brute forcing a drive's password becomes not an option, as an attacker is faced with the full 128 or 256 bit keyspace of AES. Unless an attacker can uncap the TPM chip, brute forcing a password will only cause the chip to lock due to excessive attempts and not allow access in any way.
It also provides peace of mind. With a TPM + PIN + USB flash drive, if my laptop gets stolen, if I have the USB flash drive on my keychain, I know the laptop's contents are protected. Even if the keychain is stolen, there is still the PIN which has to be guessed. If the MBR or BIOS are modified, it will be detected, and not allow the machine to boot. Not 100% security (XKCD rubber hoses and cold RAM attacks will beat it for example), but good enough.
Problem is that this type of technology to ensure malware hasn't tampered with the boot process tends to be far more often used to keep legitimate people out of their device rather than to allow legitimate device owners to keep control of their data.
I always thought that he should have made it a $5.38 wrench, instead...
During boot, Windows will write log entries to the TPM. Every time a module or driver is loaded, the signature, hash code etc. is written to the TPM.
When the OS is up and running a client can request the TPM to issue the collected log entries, digitally signed with a key residing in the TPM. The boot log is then sent to a "health certificate" server. The health certificate server can inspect the log (after verifying its authenticity thjrough the signature) to see if any untrusted or known malicious software was loaded during the startup process. If everything checks out OK, it can then issue a "Health certificate".
Other devices on the corporate/private net can be instructed to quaranteen servers until they can present a valid Health certificate. Ie. the TPM can play a central role in preventing malicious software from propagating on internal Networks: If a server suddenly load more drivers than expected, loads non-whitelisted drivers or directly blacklisted drivers, nobody wants to talk to it.
Reading slashdot one-liner: (irm http://rss.slashdot.org/Slashdot/slashdot).rdf.item | fl title,desc*