Talk:Trusted Platform Module

From Wikipedia, the free encyclopedia

this article says nothing about what this "module" is supposed to do. - --Sprafa 19:00, 8 April 2006 (UTC)

this article also reads like a load of vague marketing speak, and mentions nothing of the controversy of "trusted" computing, or the hardware aspects of palladium, or the potential downside for users. *major* rewrite needed by someone with more knowledge on the subject (and preferably not someone from the marketing department of some company trying to push the technology onto people) Xmoogle 21:19, 27 June 2006 (UTC)

The "How it works" section was added just a few days ago by a new editor, whose sole contribution was that section. I've removed it entirely, because you're right, it sounds like marketing material. Also, it was factually incorrect for the most part, since a TPM can't necessarily prevent spyware from being installed on modern operating systems.... it's just a hardware-based cryptographic provider. As for the issue of contraversy around trusted computing, you'll find that subject well-covered in the trusted computing article... any criticism or contraversy put here should be about the chip itself, not about the bigger conceptual issues of TC. Warrens 21:32, 27 June 2006 (UTC)

Contents 1 Capitalisation 2 NPOV 3 truecrypt 4 Usage 5 Disabling TPM 6 is it true? 7 Specification correction 8 Obsolete module

[edit] Capitalisation

Shouldn't the title of the article be capitalised as "Trusted Platform Module"? It is referred to as such in the first line, after all. --Paul1337 19:07, 16 July 2006 (UTC)

[edit] NPOV

As it was already mentioned, this article reads like marketing crap. Especially the "Uses" section is a serious violation of the NPOV ("This is highly desirable..." "Pushing the security down to the hardware level in conjunction with software s a much better solution...") --84.143.223.74 07:39, 30 September 2006 (UTC)

i've modified the 'Uses' section , i hope the article is NPOV enough now . fell free to re-add the NPOV tag if you disagree , and in , that case , please explain why. Dbiagioli 08:19, 30 September 2006 (UTC)

I really don't think this adheres to NPOV. Only negative examples are given in 'uses', rather then strictly sticking to the capabilities of the hardware being discussed.

what are the "negative examples" ? the tripwire tool does the same thing the enforcer does, and people are actually buying tripwire ... Dbiagioli 20:13, 18 November 2006 (UTC)

I've added a NPOV tag. The marked section does not read as neutral: "Unfortunately, the chip does not offer ... is not fully thought out ... uneasily mixes and matches ... rather than offering mature, orthogonal mechanisms." I would have more confidence in this section if it used neutral language and cited its claims. --Billgordon1099 00:18, 3 April 2007 (UTC)

I've removed the disputed text altogether. It was added by an anonymous user at the beginning of March; their subsequent edits in another article are an apt demonstration that they weren't terribly concerned with WP:NPOV... -/- Warren 07:11, 7 April 2007 (UTC)

right . the text looked like original research .The national computer security center , which is part of the NSA , never released such a declaration. by the way , the NSA insted criticized directly DES ,back in the '80s . so , until the NSA officially states its position on the TPM's security , we should classify allegation that the TPM is not secure as not verifiable Dbiagioli 23:01, 7 April 2007 (UTC)

I've removed the NPOV content about lost keys and their business impact. The Trousers FAQ covers this issue correctly. There are ways to secure information with the help of the TPM, but NPOV statements such as "requires an enterprise-level process for transferring the appropriate TPM-secured application keys." do not accurately describe the issue.

[edit] truecrypt

What's the relationship between truecrypt and the TPM ? Dbiagioli 08:34, 21 November 2006 (UTC)

link removed Dbiagioli 10:09, 24 November 2006 (UTC)

[edit] Usage

Given to OSS community's resistance to TPM stuff, it would be interesting to see references/links to OSS projects that provide an API to use this technology for 'good' - anyone willing to share?

opentc.net ? trousers.sf.net ? emscb.com Dbiagioli 09:09, 7 February 2007 (UTC)

[edit] Disabling TPM

As much as I love the NSA looking through email and phone records, I would prefer that the had to *at least* work for it. Trusted Computing (What a crock BTW) says it can be turned off, but does anyone know how? Fosnez 07:52, 13 February 2007 (UTC)

you can do that from the BIOS setup ro from the OS .. see also http://technet.microsoft.com/en-us/windowsvista/aa905092.aspx#BKMK_S2 Dbiagioli 08:31, 13 February 2007 (UTC)

Yes, it is true that you can turn off or remove the TPM just as you can turn off or remove any other computer part. But, this is a red herring.

The real problem is that it's possible to make a service or product that you can only access if you have an activated TPM. In the future, if you disable your TPM you may lose the ability to exchange documents or email with your coworkers, buy music online, or do any number of important things that require your computer to communicate with other computers. This will force you to keep your TPM enabled all the time in order to get stuff done. If you have to keep your TPM enabled all the time, then you get all the bad effects of Trusted Computing like government/commercial spying and other people controlling your computer.

The only defense is for most people to not buy or to disable their TPMs. That way, nobody will create services that only work with computers that have activated TPMs in the first place. —Preceding unsigned comment added by 75.111.42.52 (talk) 09:21, 26 November 2007 (UTC)

[edit] is it true?

http://www.againsttcpa.com/what-is-tcpa.html

take a look at "The technology:"

is it true?

if it is, then it must be added to the article —The preceding unsigned comment was added by 84.108.50.106 (talk) 00:15, 7 April 2007 (UTC).

that info is already present in wikipedia, in the Trusted Computing article Dbiagioli 06:45, 7 April 2007 (UTC)

[edit] Specification correction

The current specification, as written in the opening section of this page, is incorrect. It is actually TPM Specification Version 1.2, Level 2, Revision 103, published 9 July 2007. This information is available at https://www.trustedcomputinggroup.org/specs/TPM

Gizmo 17:31, 30 August 2007 (UTC)

[edit] Obsolete module

The Linux module "the enforcer" seems to be out of date (no commit since apr. 2004). Does it make sense to mention it in the article ? G Allegre (talk) 09:28, 4 January 2008 (UTC)