This tiny security chip called the Trusted Platform Module (TPM) sounds like a big boondoggle coming at us with minimal attention so far. Does it really mean the end of online anonymity, as the writer claims? Or maybe just a horrible complication out to make our future life nasty.
Already over 20 million PCs worldwide are equipped with a tiny security chip called the Trusted Platform Module, although it is as yet rarely activated. But once merchants and other online services begin to use it, the TPM will do something never before seen on the Internet: provide virtually fool-proof verification that you are who you say you are.
Msg#: 9693 posted 10:13 pm on Dec 15, 2005 (gmt 0)
In fact, with TPM, your bank wouldn’t even need to ask for your username and password — it would know you simply by the identification on your machine
I hope I'm not the only one to be alarmed about that statement.
Unless the word trusted has taken on a new meaning there is no way to ever trust a home PC short of biometrics. Corporate networks are often also behind secure doors. Homes are vunerable to theft, and how many people don't even bother with a logon on their PC? Even that provides minimal protection once a machine has been stolen.
Msg#: 9693 posted 11:38 pm on Dec 15, 2005 (gmt 0)
Unless people are forced to register their identities, anonymity is not going to suffer. Right now, we each of us have unique mac addresses (unless on dialup) and unique(ish) IP addresses.
In a discussion many years ago, I proposed something similar (but vastly less complex) but in the end I was convinced that it would be a waste of time, etc. unless everyone was fitted with an identity chip (rather like pets commonly have but a little more complex).
This technology will have its uses but it won't protect Windows or any other software for long. And it doesn't identify the operator of the computer. I don't see it as a big thing but maybe I'm missing something.
Msg#: 9693 posted 11:48 pm on Dec 15, 2005 (gmt 0)
virtually fool-proof verification
Lets see what happens when a thief steals a computer and then goes online and empties your bank account because the "bank knew who you were". Or when some 13 year old starts making copies of the chip in his bedroom. All of this "virtually" fool proof stuff is nonsense. If someone can figure a way to secure something then there is always someone who can unsecure it and abuse it.
Wouldn't a simple first step to online security (regarding purchasing) that you are forced to register an email address against your credit card and that before any online purchases are approved a confirmation email is sent to you to confirm that you're actually the person making the purchase?