PCs and peripherals rescued by trusted computing

THE CEO OF Wave Systems, which makes software for the trusted computer platform, said 50 million PCs will ship this year using the authentication and security system.

Steve Sprague, CEO of Wave Systems, claimed that the move will mean a major shift in the PC industry because it will nail down a lot of the problems that effectively left the doors and windows of the machine open.

Sprague said that mobile phone manufacturers are also working with the trusted computing folk to authenticate linked machines.

He said: "The PC industry is attempting to add a hardware component as a root of trust in the PC. This signs the BIOS and provides strong authentication for applications." He said any service provider will be able to authenticate a machine. He said that if you buy a PC with the Vista Capable logo on, it will most likely have trusted platform modules built in.

He said there are already efforts by the standards body to allow third party trust infrastructure. Any service provider will be able to use it to authenticate your machine. The opportunity is to secure the machine. The challenge is if you begin to lock down the platform and make sure every application is signed, those tools are now coming as part of the PC platform. Vista Capable PCs most likely have trusted platform modules in their PCs. It will ship in over 50 million PCs this year, and there are already efforts by the standards body to allow third party trust infrastructure.

The panel included Natalya Kaspersky from Kaspersky Labs and representatives of Hyfn, and Scansafe.

If Sprague is right, the trusted computing platform might not do other security firms any favours. Sprague's figure of 50 million applies to firms like Hewlett Packard, Dell, Lenovo and others.

He said that last users and corporations have a common platform. It doesn't change the social infrastructure, he said. "It can be a foundation to improve the basic methodologies and at least we have a common platform."

Vista doesn't reqire the TPM, but its Bitlocker function uses those capabilities. There will also be compatible USB tokens.

He said: "The point is that a billion laptops will do security the same way, so the mobile and peripheral device manufacturers will follow suit," he said. Seagate is introducing an encrypted hard drive using TPM, said Sprague.

While TPM provides a hardware and application level of security, Natalya Kaspersky said she thought it was unlikely that hackers would not find their way to hack around with software apps.

She said that it was in Microsoft's interest to allow third party AV companies to compete because it offered a greater level of security with more people involved in it. With Microsoft as the only vendor it could lead to negative rather than positive results. µ