Jump to content

Trusted Computing: Difference between revisions

From Consumer Rights Wiki
← Older editNewer edit →
VisualWikitext
Madotea (talk | contribs)
confirmed
8 edits
Fixed tone and improved the quality of writing. (Will soon edit this page again to fix the remaining half and the references)
Madotea (talk | contribs)
confirmed
8 edits
Examples: Added citations and nuked content without sources
Line 8: Line 8:
The workings of Trusted Computing are based on six key principles, these being :   
The workings of Trusted Computing are based on six key principles, these being :   


# Sealed storage
#Sealed storage
# Memory curtaining / protected execution  
#Memory curtaining / protected execution
# Secure input and output
#Secure input and output
# Endorsement key
#Endorsement key
# Remote attestation
#Remote attestation
# Trusted Third Party (TTP)
#Trusted Third Party (TTP)


Sealed storage consists in the protection of information trough binding it to the configuration of the platform being used. Trough this one may for example lock certain files from being opened if they lack the needed license.  
Sealed storage consists in the protection of information trough binding it to the configuration of the platform being used. Trough this one may for example lock certain files from being opened if they lack the needed license.  
Line 30: Line 30:
Some notable examples include:
Some notable examples include:


Palladium
* Windows Vista, Windows 7, Windows 8 and Windows RT (They use a Trusted Platform Module to facilitate BitLocker Drive Encryption) <ref>{{Cite journal |title=A Disk Encryption Algorithm for Windows Vista |url=http://download.microsoft.com/download/0/2/3/0238acaf-d3bf-4a6d-b3d6-0a0be4bbb36e/BitLockerCipher200608.pdf |journal=[[Microsoft Corp.]]}}</ref>
* [[Signal data collection|Signal]] messenger<ref>{{Cite web |title=Scaling secure enclave environments with Signal and Azure confidential computing |url=https://customers.microsoft.com/en-us/story/1374464612401582154-signal-nonprofit-azure-security |url-status=live}}</ref>
* and the e-prescription service E-Rezept<ref>{{Cite web |title=Confidential Computing soll Patientendaten schützen |url=https://www.healthcare-computing.de/confidential-computing-soll-patientendaten-schuetzen-a-996680/}}</ref>


Trusted Computing Module TPM and TPM 2.0
Almost every smartphone and tablet both Android
Amazon Kindle and Kindle Fire
Apple iPod
Microsoft Zune
Sony PlayStation line of consoles
Microsoft Xbox line of consoles
Intel Management Engine
AMD Platform Security Processor
Secureboot
Pluton
Walled gardens
Windows 10
Windows 11
MacOS
Tesla Motors Automobiles
John Deere Tractors
==References==
==References==
https://www.fsf.org/campaigns/drm.html
https://www.fsf.org/news/treacherous.html
https://www.gnu.org/philosophy/can-you-trust.html




Revision as of 13:57, 12 August 2025

Article Status Notice: Unacceptable Tone/Word Usage

This article needs additional work to meet the wiki's Content Guidelines and be in line with our Mission Statement for comprehensive coverage of consumer protection issues. Specifically it uses wording throughout that is non-compliant with the Editorial guidelines of this wiki.

Learn more ▼

Trusted Computing is a technology developed by the Trusted Computing Group. It aims to restrict the workings of a computer so that it may only behave in expected ways.

It is a controversial technology because it can be used to restrict the freedom of the owner of the computer. For this reason it has been dubbed by free software activist Richard Stallman "Treacherous Computing"[1][2]

How it works

The workings of Trusted Computing are based on six key principles, these being :

  1. Sealed storage
  2. Memory curtaining / protected execution
  3. Secure input and output
  4. Endorsement key
  5. Remote attestation
  6. Trusted Third Party (TTP)

Sealed storage consists in the protection of information trough binding it to the configuration of the platform being used. Trough this one may for example lock certain files from being opened if they lack the needed license.

Memory curtaining or Protected execution is the isolation of certain sensitive parts of memory (for example decryption keys) from the rest of the system.

Endorsement keys are a pair of public and private keys that are 2048-bit RSA keys generated randomly at the factory on the chip. They cannot be changed and are required to operate secure transactions. This makes it impossible for emulators of TC to be able to complete safe transactions.

Remote attestation allows changes to the user's computer to be detected by authorized parties.

Why it's considered to be a problem

One problem is user ownership and freedom. Depending on the device, various user actions may be restricted and or completely prohibited. Installing and using third party and or alternative software from operating systems to applications may be restricted and or completely impossible. Modifying certain system settings may be restricted and or completely impossible.

Another problem is privacy and security. Because of hardware and software level backdoor, an affected system is vulnerable to remote tampering, sabotage and attack, both when the machine is on and off. Data including files and documents can be edited, encrypted and/or deleted without the user's consent nor knowledge. System settings can be edited without the user's consent nor knowledge.

Examples

Some notable examples include:

  • Windows Vista, Windows 7, Windows 8 and Windows RT (They use a Trusted Platform Module to facilitate BitLocker Drive Encryption) [3]
  • Signal messenger[4]
  • and the e-prescription service E-Rezept[5]

References

https://www.slashgear.com/windows-11-tpm-2-0-could-affect-other-software-as-well-05689649/

https://www.fsf.org/blogs/community/drm-carroll

https://en.m.wikipedia.org/wiki/Trusted_Computing

https://www.defectivebydesign.org/what_is_drm

  1. "Can You Trust Your Computer?". Archived from the original on 2025-07-29.
  2. "Trust me, i'm a computer".{{cite web}}: CS1 maint: url-status (link)
  3. "A Disk Encryption Algorithm for Windows Vista" (PDF). Microsoft Corp.
  4. "Scaling secure enclave environments with Signal and Azure confidential computing".{{cite web}}: CS1 maint: url-status (link)
  5. "Confidential Computing soll Patientendaten schützen".

https://www.fsf.org/news/treacherous.html

https://www.fsf.org/campaigns/campaigns/secure-boot-vs-restricted-boo

https://www.fsf.org/campaigns/campaigns/secure-boot-vs-restricted-boot

https://www.fsf.org/blogs/sysadmin/the-management-engine-an-attack-on-computer-users-freedom

https://www.gnu.org/philosophy/android-and-users-freedom.html

https://www.gnu.org/philosophy/loyal-computers.html

https://www.gnu.org/proprietary/proprietary.html

https://www.fsf.org/campaigns/fight-to-repair

https://www.gnu.org/philosophy/tivoization.html

https://foundation.mozilla.org/en/privacynotincluded/

https://www.ftc.gov/news-events/news/press-releases/2025/01/ftc-states-sue-deere-company-protect-farmers-unfair-corporate-tactics-high-repair-costs

https://foundation.mozilla.org/en/privacynotincluded/articles/its-official-cars-are-the-worst-product-category-we-have-ever-reviewed-for-privacy/

https://wiki.archlinux.org/title/Trusted_Platform_Module

https://wiki.gentoo.org/wiki/Trusted_Platform_Module

https://arstechnica.com/tech-policy/2023/04/tesla-sued-after-report-that-workers-shared-invasive-images-from-car-cameras/

https://replicant.us/

http://www.trustedcomputinggroup.org/

https://www.intel.com/content/www/us/en/support/articles/000008927/software/chipset-software.html

t

Retrieved from "https://consumerrights.wiki/index.php?title=Trusted_Computing&oldid=18445"