[Clips] Controversial security chip goes mobile
R.A. Hettinga
rah at shipwright.com
Wed Sep 28 14:41:00 EDT 2005
--- begin forwarded text
Delivered-To: clips at philodox.com
Date: Wed, 28 Sep 2005 14:40:08 -0400
To: Philodox Clips List <clips at philodox.com>
From: "R.A. Hettinga" <rah at shipwright.com>
Subject: [Clips] Controversial security chip goes mobile
Reply-To: rah at philodox.com
Sender: clips-bounces at philodox.com
<http://www.vnunet.com/articles/print/2142876>
VNUNet
Phone makers seek to further lock down handsets
Controversial security chip goes mobile
Tom Sanders at CTIA Wirless in San Francisco, vnunet.com 28 Sep 2005
The Trusted Computing Group (TCG) is working on specifications for a
security chip that could show up in mobile phones by the end of next year.
The initiative to make handsets more secure has broad support from phone
manufacturers, carriers and semiconductor makers.
But the plans have been sharply criticised by consumer advocacy group the
Electronic Frontier Foundation as an effort to further limit consumers in
what they can do with their mobile phones.
At the CTIA Wireless IT and Entertainment tradeshow in San Francisco, the
TCG spoke publicly about the initiative for the first time, and unveiled 11
applications that the security chip seeks to enable.
These include authentication, digital rights management, Sim-lock,
controlling software downloads and software use, and the protection of user
data and privacy.
"The mobile platform is being driven to more value-added solutions such as
access control, e-commerce and content delivery," said Brian Berger,
marketing chairman at the TCG. "Then hardware security becomes even more
important."
A mobile phone is susceptible in theory to the same threats that face
computers, he added, including viruses and denial of service attacks.
Berger argued that security technology embedded on a chip could prevent
such attacks from reaching the handset.
The TCG is a non-profit organisation which defines security standards for
the high tech industry, including the Trusted Platform Module (TPM)
security chip for desktops and laptop.
It also offers a standard for secure networks, and is working on a security
chip specifications for servers.
The mobile chip will be similar to the TPM, which is deployed in several
enterprise systems and is expected to be used in the Intel powered Apple
computers that will start shipping next year.
In Apple's case the chip ensures that its OS X operating system is running
only on Apple hardware. The chip also allows for the secure storage of
passwords and enables the encryption of data.
One of its more controversial elements is that it can be used for digital
rights management, limiting which web pages users can print or what digital
content they can play.
Specifications for the mobile security standard are expected in the first
half of 2006. The first proof of concept handsets are to follow later that
year, Berger predicted. He also expects the technology to be integrated
into other components of the phone.
A mobile phone group within the TCG will work on defining the
specifications of the standard. Members of the group include France
Telecom, Vodafone, IBM, Philips, Nokia and Motorola.
Nokia hopes to reduce the cost of developing the technology by working
through the standards body, while an open standard will also lead several
manufacturers to make the chip which in turn will keep down the price.
"The big benefit is a reduction in the cost of security functionality,"
said Janne Uusilehto, head of product security technologies at Nokia.
He predicted that the technology will cost $5 at most, meaning that the
consumer would end up paying an additional $15 to $25 when buying the phone.
The Electronic Frontier Foundation, a non profit group that aims to protect
the digital rights of individuals, slammed the initiative.
"This enables the carriers to further control their end users," Seth
Schoen, staff technologist with the organisation, told vnunet.com.
"Cellphones are already a disappointment to users."
He insisted that it is the business models used by mobile operators that
determine what users can do with their devices, rather than technology.
Schoen predicted that the security technology will only worsen these
limitations.
Many of the user cases that the TCG presented can be looked at from two
different angles, according to Schoen.
A secure Sim-lock, for instance, is designed to render the device useless
to a thief after the operator has disabled the account. But it will also
prevent the user from switching to a competing operator.
The secure software feature can prevent spyware and other malware from
being installed on the device, but can also limit the user to buying
software only from carrier-approved stores.
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
_______________________________________________
Clips mailing list
Clips at philodox.com
http://www.philodox.com/mailman/listinfo/clips
--- end forwarded text
--
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list