Microsoft vows to play nice with security chip

Vista: will switch off certain features of the trusted platform module

Windows Vista will switch off certain features of the trusted platform module due to privacy concerns, Stephen Heil, technical evangelist for Microsoft's Core OS Division has said.

"There are some operations that use public key information that could potentially be perceived as privacy risk areas," Heil told delegates in a session about Secure Startup at the Intel Developer Forum in San Francisco.

"Things that do quotes and attestations […] are turned off by default."

The trusted platform module is an open industry standard governed by the not-for-profit Trusted Computing Group which develops security standards.

The chip has several features, including an encryption engine and a place where users can safely store passwords.

The TPM however is loathed by critics because it could be used to enforce digital rights management technology and restrict consumers' fair use rights.

"Open source browsers like Firefox won't be allowed to access sites that require the security platform," open source activist Bruce Perens suggested last month at the Linuxworld conference in San Francisco.

The chip in theory could also be used to charge users a fee for printing web pages or to prevent them from seeing the source of a internet page, Perens advocated.

Such applications would depend on the TPM's unique identifier number. Windows Vista turns off that feature, although the user or other applications can later again activate it.

Windows Vista relies on the TPM for Secure Startup, and in the future other security features are likely to be added. Secure Startup is a technology that prevents data loss when a laptop computer is stolen or lost. The chip encrypts the entire hard drive and upon startup checks if the hardware has been tampered with. If the chip's security criteria are met, it will unlock the hard drive and allow the user to access the system.

The technology prevents the system from booting up if hardware components have been changed. To allow for maintenance, IT staff can temporarily disable the security feature and in case of breakage a recovery key, that typically would be kept by the IT staff, provides for a back door into the system.

The technology is better than existing technologies including Bios passwords and data encryption tools, claimed Heil.

Locking the bios doesn't prevent a thief from accessing the data on the hard disk by removing the drive. Encryption tools rely on passwords and fail to encrypt temporary files and the Windows swap file.

"When Windows isn't there protecting itself, there are attacks that can compromise the integrity of the system and thereby the contents of the disk," said Heil.

The TPM today isn't a standard feature of computers, although it's becoming more common in enterprise models.

Microsoft only targets that Secure Startup technology at enterprise users and lists the TPM as an optional feature for PC's to qualify for Microsoft's " Designed for Windows Vista" logo programme.

Apple is expected to add a TPM chip to every of its Intel powered computers that are scheduled for release by mid next year. The computer maker uses the chip to ensure that its OS X operating systems is installed only on Apple hardware. Hackers however have already succeeded in cracking the technology and have shown early versions of OS X running on non-Apple hardware.