Microsoft surprised (shocked?) a lot of people when announcing the requirements for Windows 11, not the least of which was the requirement for TPM (Trusted Platform Module). TPM is an obscure security protocol (at least it was until Windows 11) that has been the cause of much confusion. Even in PCs that have supported TPM it has always been disabled by default in BIOS, which tells you exactly how much importance manufacturers placed on it.
I, for one, could not see the logic behind TPM’s introduction as a mandatory requirement and have theorized for some time that it must have been part of an attempt to boost new PC sales. However, I have been researching this previously little known security protocol and it seems that Microsoft’s decision might well be more about DRM (Digital Rights Management) and control than security.
Trusted Computing or Treacherous Computing?
TPM is an integral part of the “Trusted Computing” initiative which has come under fire from many respected critics. One of the most eye-opening dissertations I’ve read was published by well-known free software activist and programmer Richard Stallman, a man with a long list of achievements, a brilliant mind, and a history steeped in technology. His dissertation is scathingly critical of “Trusted Computing” referring to it throughout as “Treacherous Computing“. Here is an excerpt:
The technical idea underlying treacherous computing is that the computer includes a digital encryption and signature device, and the keys are kept secret from you. Proprietary programs will use this device to control which other programs you can run, which documents or data you can access, and what programs you can pass them to.
Of course, Hollywood and the record companies plan to use treacherous computing for Digital Restrictions Management (DRM), so that downloaded videos and music can be played only on one specified computer. Sharing will be entirely impossible, at least using the authorized files that you would get from those companies ~ source
And Mr. Stallman is certainly not alone in his criticisms. This from Wikipedia:
Some security experts, such as Alan Cox and Bruce Schneier, have spoken out against Trusted Computing, believing it will provide computer manufacturers and software authors with increased control to impose restrictions on what users are able to do with their computers.
There is concern amongst critics that it will not always be possible to examine the hardware components on which Trusted Computing relies, the Trusted Platform Module, which is the ultimate hardware system where the core ‘root’ of trust in the platform has to reside. If not implemented correctly, it presents a security risk to overall platform integrity and protected data ~ source
Much of what I’ve read and quoted here is quite dated. However, the question must be asked- are these early concerns regarding Trusted Computing and, by association, TPM, now coming to fruition?
As I mentioned earlier, the introduction of TPM as a mandatory requirement has always baffled me. However, as a result of my recent research, I’ve canned my initial theory that TPM was introduced by Microsoft simply to boost the sale of new PCs and am now of the opinion it has come about as the result of pressure from powerful digital rights advocates, such as major media organizations and software venders.
NOTE: I must emphasize that there is currently no evidence to suggest TPM will be used for sinister purposes and the opinions expressed herein are theories based solely on its “potential” for abuse. Still, as far as “trust” is concerned, I would not trust the money-grubbing media organizations one iota.
Something to Ponder
What follows is a true story. One of the many devices I’ve always owned is a combination DVD player/HDD recorder with twin tuners. Early on these devices came with multiple input jacks to allow recording from external devices such as a camcorder, VCR, etc.
Some years back, when my current DVD/HDD recording device broke, I went into a major electronic store to buy a replacement only to find, much to my dismay, that the new models did not include any input jacks at all. When I queried the salesman about this he informed that it had come about as a result of pressure on manufacturers from the media organizations. A prime example of the massive influence exerted by these money-grubbing moguls.