The essential question in Trusted Computing has always been "Trusted FROM WHOM?" and the answer right now is from the Government. |
Trusted Computing is Complex
So a while back I had two friends who I hung out with all the time and because we knew almost no women after we worked a full day at the Fort we would go back to their house and try to code an MP3 decoder or work on smart card security (free porn!) or any number of random things.One of my friends, Brandon Baker, went off to Microsoft and ended up building the Hyper-V kernel and worked on this little thing called Palladium, which then got renamed the Next Generation Trusted Computing Base and because of various political pressures relating to creating an entirely new security structure based on hardware PKI was then buried.
But it didn't die - it has been slowly gaining strength and being re-incarnated in various forms, and one of those forms is Azure Confidential Computing.
People have a hard time grasping Palladium because without all the pieces, it is always broken and makes no sense, and most of those pieces are in poorly documented hardware. But the basic idea is: What if Microsoft Windows could run a GPG program that it could not introspect or change in any way, such that your GPG secret key was truly secret, even from the OS, even if a kernel rootkit was installed?
Of course, the initial concept for Palladium was mostly oriented towards DRM, in the sense of having a media player that could remotely authenticate itself to a website and a secured keyboard/screen/speaker such that you couldn't steal the media. This generated little interest in the marketplace and the costs for implementation were enormous, hence the failure to launch.
"Winning" on warrants. The very definition of Pyrrhic Victories. |
Law Subsumed by Strategy
There's a sect among the Law Enforcement, national security, and legal community that looks upon Microsoft and Google's court cases on extra-territorial warrant responses as an impingement of the natural rights of the US Nation State.It's no surprise that the legal arguments are disjointed from both sides. Effectively the US position is that the government should be able to collect whatever data it wants from Google or Microsoft, because the data is accessible from the US, and because they want it. And Google and Microsoft have stored that data on overseas servers for many reasons but also because their customers, both international and domestic think the US State no longer has that natural right, that it is as primitive as Prima Nocte. And in addition their employees think the US has failed to go to bat on these issues for Google/Microsoft/etc in China and the EU. This isn't necessarily true, but it is true that the USG has treated the populations that make up the technology elites as if their opinions are not relevant to the discussion.
Law is not a Trump Card
The problem with making the US Government the primary foe in every technology company's threat model is they can very quickly adapt to new laws by building systems which they cannot introspect, which is what Azure Confidential Computation is. But that's just the beginning. Half their teams come from the NSA and CIA technology arms. They know how to cause huge amounts of pain to our system while staying within regulations and laws, and they have buy in from the very tops of their organizations.This was all preventable. If we'd had decent people in the executive team killing the Apple lawsuit last year, and finding some way to come to an agreement and end the crypto war, we could have prevented Going Dark from being a primary goal of all of the biggest companies (I.E. even at Financials). We needed to be able to negotiate with them in good faith to maintain a balance of "The Golden Age of Metadata" with what they and their customers wanted.
We didn't have anyone who could do that. As in so many pieces of the cyber-government space, we may have missed our window to prevent the next string in the international order from unraveling.