THE UK GOVERNMENT will emphasise the pivotal role of trusted computing in its upcoming cyber security strategy, according to government security officials, but the Free Software Foundation has raised concerns about the potential for this technology to unfairly restrict users.
The government's strategy will focus on four primary areas, with trusted computing expected to be essential to at least three of those, according to Owen Pengelly, the deputy director of policy at the Office for Cyber Security and Information Assurance in the Cabinet Office.
The Guardian reports that the four areas will be public and business safety online, enhancing the UK's cyber attack resiliences, providing a more open cyber security environment, and enhancing the knowledge and skills of those within the country to fulfill these goals.
Trusted computing is a security technology developed by members of the Trusted Computing Group that uses cryptography to encrypt, authenticate and verify code on a computer or server, adding another layer of protection against cyber attacks. Thus it is not surprising that it plays such a key role in the government's cyber security plans and that it is keen to add incentives for businesses to adopt the new policies.
However, the Free Software Foundation (FSF) has highlighted some potential issues with the technology in the form of Microsoft's recently announced Secure Boot feature, which is designed to protect computer systems from malware by blocking unauthorised programs from booting.
The problem with this is that it could be used to restrict users from booting genuine software purely on the basis that it is a competing product. While this would obviously be against competition rules in a number of regions throughout the world, the potential for enhanced security to become a barrier to users' software freedom is a very real concern.
The Secure Boot feature comes from the Unified Extensible Firmware Interface (UEFI) specification, which the FSF believes has merit if implemented correctly, but leaves things open for companies to lock users out of their own computers to prevent them from installing free software.
Another key issue, and one of the motivating factors for trusted computing, is copyright. The technology could be used to place restrictions around files to prevent them from being used or to force them to be used in certain ways. While this might benefit holders of intellectual property, the potential effect it could have on regular computer users, particularly if it wrongly fails to authorise the use of a file, could be disastrous.
"Building the most resilient cyber defences in the world will not help if you are suffering from intellectual property theft," Pengelly said, highlighting the reality that trusted computing is really not just about computer security. µ