most people distrust trusted computing in a consumer setting. i think that this is a valid concern since trusted computing does appear to be a fairly anit-consumer technology.
that being said, the enterprise is not a consumer setting and in most enterprises, the end user is neither the owner of a PC nor is he/she authorized to make changes or modifications to said PC.
i think TCP should see more use in enterprise settings and consumers should avoid it like a disease.
the problem with any security measure is that it is useless if end users don't apply it. so allowing long passwords of all lowercase letters means that users have the option of using strong passwords that are easier to remember. if the passwords are easy to remember then there is less chance of them being taped to a monitor or on a post-it under a keyboard.
i am sure that we all agree that the complexity of a password becomes a moot point once it becomes written on a post-it.
There are already Trusted Platform Modules being built into corporate PCs, but even M$ is starting to shy away from pushing Palladium/Trusted Computing/Name du jour, prefering to release watered down stuff like EFS.
395,291,798,759,681,826,446,224,359,424 (395 octillion) possible combinations of characters using a complex password of 15 characters length, and only 1,677,259,342,285,725,925,376
(1.7 sextillion) possible combinations from a 15 character password using only 26 lower case letters. You get a million times more security using complex passwords. Literally. :P
However, denying the end user access to the keys needed to encryps/decrypt THEIR OWN DATA, or the right to decide what configuration they need or want is unaceptable. Trusted Computing does NOT trust the end user, who does it trust?
I agree wholeheartedly with the key concepts of Trusted Computing. It will make many current methods of circumventing computer security measures much more difficult, in some cases impossible. However wholeheartedly
re: trusted computing
most people distrust trusted computing in a consumer setting. i think that this is a valid concern since trusted computing does appear to be a fairly anit-consumer technology.
that being said, the enterprise is not a consumer setting and in most enterprises, the end user is neither the owner of a PC nor is he/she authorized to make changes or modifications to said PC.
i think TCP should see more use in enterprise settings and consumers should avoid it like a disease.
chrisl33t 3 years ago
re: passwords
the problem with any security measure is that it is useless if end users don't apply it. so allowing long passwords of all lowercase letters means that users have the option of using strong passwords that are easier to remember. if the passwords are easy to remember then there is less chance of them being taped to a monitor or on a post-it under a keyboard.
i am sure that we all agree that the complexity of a password becomes a moot point once it becomes written on a post-it.
chrisl33t 3 years ago
There are already Trusted Platform Modules being built into corporate PCs, but even M$ is starting to shy away from pushing Palladium/Trusted Computing/Name du jour, prefering to release watered down stuff like EFS.
darkflib 4 years ago
395,291,798,759,681,826,446,224,359,424 (395 octillion) possible combinations of characters using a complex password of 15 characters length, and only 1,677,259,342,285,725,925,376
(1.7 sextillion) possible combinations from a 15 character password using only 26 lower case letters. You get a million times more security using complex passwords. Literally. :P
Tehlan 5 years ago
Dude, I think we are all alone on this subject, no one else is the wiser.
Stolensharpies 5 years ago
However, denying the end user access to the keys needed to encryps/decrypt THEIR OWN DATA, or the right to decide what configuration they need or want is unaceptable. Trusted Computing does NOT trust the end user, who does it trust?
miamicarz 5 years ago
I agree wholeheartedly with the key concepts of Trusted Computing. It will make many current methods of circumventing computer security measures much more difficult, in some cases impossible. However wholeheartedly
miamicarz 5 years ago