When Dell Computer announced last month that it would begin shippingnotebook computers incorporating a chip to make the units more secure, itsent analysts scurrying to their calculators. That’s because Dell’sinclusion of “trusted computing” hardware into its machines would be givingthe technology a big boost in the coming year.
According to the latest estimates from IDC, a technology analytics firm inFramingham, Massachusetts, shipments of computers with Trusted PlatformModules (TPMs) will more than double this year over last, to 20 million from8 million.
“Dell is coming in with a lot of volume,” IDC Vice President of ClientComputing Roger Kay told TechNewsWorld.
TPMs are multipurpose devices that can perform a number of functions, according to Clain Anderson, director of security and wireless solutions for IBM’s personal computing division. They can do local file encryption, where the keys for decrypting files are stored inside the TPM. They can bank and manage passwords. Theycan be used to emulate hard tokens, like smart cards. And they can act as agateway for securing other functions on a system, such as authenticatinge-mail and changing passwords.
“We’re starting to see significant volumes being shipped by the major PCMs [personal computer manufacturers],”according to Brian Berger, executive vice president of Wave Systems in Lee, Mass., and marketing chair of the Trusted Computer Group, anindustry consortium of more than 100 companies that developed openspecifications for TPMs.
Given the number of computer makers that have already announced productswith TPMs and the number expected to do so during the course of the year,IDC’s projections may be a little low, he added.
Asked what barriers slowed adoption of trusted computing technology in thepast, IDC’s Kay responded, “It costs something, so people want to know whatthey need it for. Beyond that, the software stack is pretty primitive, sowhat you can do with it is kind of limited. But other than that, it’spretty much open throttle at this point.”
Great Value Proposition
An early adopter of the technology was IBM, which has been shipping machineswith TPMs for five years. Over that time, the company has seen costs for thechips plummet, according to Anderson.
“When we started out, we were charging $50, and it was costing us about halfof that to put in those things,” he told TechNewsWorld. “These days, ourcosts have dropped to near a dollar, and we’re charging zero.”
“For the customer, it ends up being a great value proposition,” he said.”What security solution can you find that’s hardware and software and costsnothing?”
Boost from Microsoft
While the technology works with Windows XP, it’s expected to get another bigboost when Microsoft releases the long-awaited next version of its PC operating system,now referred to by the code-name Longhorn.
“When Microsoft releases a future OS that has support for these types oftechnologies, we believe it will improve the user’s experience,” said Berger.
Support for the trusted computing specs is wrapped into something Microsoftcalls the Next Generation Secure Computing Base (NGSCB). “We do not have anupdate on NGSCB to share at this time,” a company spokesperson, who askedthat their name not be published, told TechNewsWorld via e-mail. “Microsoftcontinues to actively work through many of the technical details, and weexpect to be able to provide more details in the near future.”
Howls from Cybersphere
Early reports about NGSCB, originally called Palladium, revealed thatMicrosoft planned to use the trusted computing platform to enforce digitalrights management (DRM) and counter piracy of its software products. Thatproduced howls from some corners of the cybersphere.
In an essay titled “Can you trust your computer?” Richard Stallman, founderof the free software movement, the GNU project, and the Free SoftwareFoundation, wrote:
“With a plan they call ‘trusted computing,’ large media corporations(including the movie companies and record companies), together with computercompanies such as Microsoft and Intel, are planning to make your computerobey them instead of you. … Proprietary programs have included maliciousfeatures before, but this plan would make it universal.”
According to IBM’s Anderson, though, TPMs aren’t designed to keep usersfrom their data through DRM. “It’s not an engine designed for digital rightsmanagement,” he said. “It’s actually poorly designed for that.”
“Folks that are trying to do that are trying to protect content from theuser,” he maintained. “We’re trying to protect the user and his data fromthe outside world.”