MS, Intel and friends want to keep your data safe

'Open' alliance uses e-trust figleaf to cover control-freak nuts

Microsoft and Intel have both managed to screw up over unique ID numbers, but here comes the second wave assault; with the aid of Compaq, Hewlett-Packard and IBM they've formed the "open" Trusted Computing Platform Alliance (TCPA) "focussed on building confidence and trust of computing platforms in e-business transactions by creating an industry standard for security technologies in personal computing environments." And do you know, today's release doesn't mention unique IDs once. The TCPA is inviting other companies to join in to develop a "new hardware and software specification" that will result in "a more trusted and secure personal computing platform based on common standard." If we skip the ecstatic applause from the two rentaquotes in the TCPA release (no quotes from the principals, funny that) we start to get to what meat there is. "Companies [managing networks of PCs] need a common standard to simplify the way they deploy, use and manage security elements on personal computers." One might observe that, although that may well be, it has a lot more to do with a corporation's central control of its users than, er, trust in e-commerce. "The goal of the new alliance," it continues, "is to create a base-level security standard that would complement existing technologies, and enhance security at the level of the platform hardware, BIOS and operating system." Call The Register luddite, but as we see it this is addressing the issue of data security rather than trust. Sure, on a personal level you're worried about people getting at your data on your local machine or LAN, but that's an issue that could be fixed by companies (no names, no pack drill) writing software with less holes in it. Sure, you're worried about people you do business with misusing the personal data they glean from you, but that's a legislative issue, right? And finally, you're obviously worried about people stealing your credit card details, but can't that be fixed with a smart card or, if you want to get really clever, retinal image technology? We note that Compaq's keen on fingerprints - that works, so what's the rest of this guff about? The plotters propose a specification proposal for TCPA by second half next year, and say it will "help define security operations in several critical areas." These may (they're currently still investigating) include secure storage of confidential information, generation of random numbers used to create public and private (our Italics, that one's still rumbling then) encryption keys and electronic signing of data used to authenticate the identity of the sender. Scary, no? Not according to our friends. "Recognising that privacy is extremely important, the TCPA specification will allow a computer owner [note choice of word, corporate serfs - wouldn't you have preferred "user"?] to maintain complete control over information contained by the system." Trust them. ®

Sponsored: Today’s most dangerous security threats