While generally expressing support for increased IT security through the use of ‘Trusted Computing’ security systems, the German government has expressed some concerns as to their use together with Windows 8.
Trusted computing is a system which is designed to protect computers from viruses and malware. The system works by allowing computer and gadget manufacturers to regulate which software a user is permitted to install.
According to a report published by the German newspaper, Zeit Online, Microsoft may be able to use Trusted Computing infrastructure as a back door to gain remote access to and control of computers operating Windows 8. The newspaper gives the example that Microsoft could use Trusted Computing to ensure that no other writing programmes are installed except Microsoft Word.
Zeit Online points out that if computers and gadgets are sold with the trusted computing security system pre-installed, users will no longer be able to reach an independent decision as to whether to utilise the system. Similarly, users would have no independent way of later opting-out of using such architecture.
Trusted Computing and Windows 8
While generally expressing support for increased IT security, the German government does express concern over some aspects of the Trusted Platform Module (TPM) when it is installed on computers or gadgets which run Windows 8.
The Federal Office for Information Security (BSI) states in press release that a loss of control over operating systems is inherent when TPM 2.0 (the updated version of the security measure) is combined with Windows 8.
According to BSI any mistakes made by individual users or by manufactures could hinder the use of operating systems and could even lead to hardware becoming permanently unusable. BSI also draws attention to the fact that TPM 2.0 could be used by hackers.
The office therefore calls for all computers and gadgets to be sold with the function initially deactivated under the so-called ‘opt-in’ principle. Furthermore, BIS is of the opinion that after activating TPM 2.0, users should be able to subsequently deactivate the protection under the so-called (opt-out principle) and that deactivation should not affect the functionality of hardware or software.
BIS concludes that IT users should have independent choice as to how their computers and gadgets are protected, including whether to use alternative operating systems or applications.
The office states that it is in contact with the Trusted Computing Group and operating system manufacturers in order to find a suitable solution.