Computer security is undeniably important, and as new vulnerabilities are discovered and exploited, the perceived need for new security solutions grows. "Trusted computing" initiatives propose to solve some of today's security problems through hardware changes to the personal computer. Changing hardware design isn't inherently suspicious, but the leading trusted computing proposals have a high cost: they provide security to users while giving third-parties the power to enforce policies on users' computers against the their wishes. In other words, they pressure you into handing some control over your computer to someone else. This is a "feature" readymade for abuse by software authors who want to anticompetitively choke off rival software.
EFF Related Content: Trusted Computing
- Intel’s CPUs have another Intel inside. Since 2008, most of Intel’s chipsets have contained a tiny homunculus computer called the “Management Engine” (ME). The ME is a largely undocumented master controller for your CPU: it works with system firmware during boot and has direct access to system memory,...
- The Electronic Frontier Foundation has published research showing that the SSL certificate system that underpins web security is far from trustworthy.
- In a report issued this week, online watchdog group the Electronic Frontier Foundation said that certificate authorities are issuing SSL certificates for unqualified domains in large numbers, a practice that the report’s author Chris Palmer says could impact the integrity of the whole SSL system, and puts Internet users at...
- The EFF has issued a report that's gaining some attention in the media. It exposes the bad habit of issuing SSL certificates to unqualified domains. In the process of revealing this issue, some focus has also been given to the discovery of incorrectly assigned EV SSL certificates.