unlikely...we're far enough above the horizon now I would think we would be mentioned.

Thanks Barge...

...and what do you think this all means?

Is this to find foreign investors for WXP?

Is it to set up a WXP spin-off?

Is it just to handle Asia marketing?

(I've emailed Mr. Callahan to get answers...)

I know I've been busy lately, and I've got a bad case of CRAFT (Can't Remember a F'ng Thing),

but where did this come from???????

Thanks.

I know they have a booth at Cartes two weeks later....

If it was me (and unfortunately it isn't) and I was scheduled to be at RSA (Amsterdam) and Cartes (Paris) I don't think I could handle the repeated transAtlantic flights.

I think, if it was me (and, again, unfortunately it isn't) I'd have to take a couple of weeks vacation and hang around Europe between the shows...

Would there be any Europe based invesotrs in Wave attending RSA in Amsterdam?

Is Wave again at the TCG 'booth'

ah, but snacks, that would remove the element of 'surprise' that cpa would like to cultivate...

Hey, here's a plan, you can contact michael_usa aka concrete_bulldog aka michael_and_the_kids and head on up there together.

He's got room in the back, I'm sure...

If you follow the ink to the PDF file in that post you are answering, and read through to page 5, question 22 you find:

22. Why is this different than a processor serial number?

The processor serial number was a unique number in the processor, which was intended to allow better asset management and customer support for IT groups and owners of numerous computers. The TPM is a device, distinct from the processor, which offers the platform owner the ability to opt-in into platform uniqueness. While the TPM contains a unique value, it is only used to create aliased ID’s. The use of this unique value is under the strict control of the platform owner. Service providers never see the unique value. A service provider only sees an aliased ID, which does not expose the unique value. This design protects against the unique value being provided directly to service providers.

Not sure of the status this very day, but Linux APIs are planned for "Trusted Computing Platform", according to infoworld

exxon text

 
 A new chapter in world energy markets opened 
 in early October when the first cargo of crude oil 
 from the African country of Chad was loaded 
 onto a tanker off the coast of Cameroon. 
 The story behind that first cargo is worth 
 the telling. 
 Oil was discovered 27 years ago in Chad, 
 a landlocked country that is one of the world’s 
 poorest. 
 The Chad oil fields are 
 about 650 miles from the 
 ocean, and major upgrading 
 of railways, roads and 
 bridges was required to get 
 the oil project materials on 
 location. The pipeline route 
 travels through environmentally 
 and socially sensitive 
 areas, including the rainforest 
 in southern Cameroon 
 and communities of Bakola 
 pygmies near the coast. The 
 route also lies in the area of 
 the world with the highest 
 exposure to malaria, and 
 one of the highest rates of 
 meningitis. 
 Chad was nearly the poorest country in 
 Africa, and Cameroon was only moderately better 
 off. Moreover, Chad suffered for many years 
 from civil strife and armed rebellion, a condition 
 that subsided only in the late 1990s. 
 The obstacles to oil development were so 
 formidable that some of the early project participants 
 dropped out, and were replaced by 
 ChevronTexaco and Petronas in 2000. 
 But the oil offered hope for a better future, 
 and a remarkable coalition of people and organizations 
 eventually collaborated to make the 
 Chad/Cameroon oil project a unique example 
 of energy development. 
 ExxonMobil and the early project partners 
 invited the World Bank to help fund a minority 
 ownership in the pipeline — which represents 
 about 40 percent of the project’s cost — for the 
 governments of Chad and Cameroon. The 
 World Bank then assisted Chad in designing an 
 unprecedented plan to ensure that oil revenues 
 would contribute to poverty alleviation and an 
 improved education system. 
 An extensive public 
 consultation process in hundreds 
 of villages, begun seven 
 years prior to the start of construction, 
 led to many project 
 changes. The pipeline was 
 routed to avoid villages and 
 cultural sites and to protect 
 biodiversity. People who, due 
 to construction, faced losses 
 of crops and plants used for 
 medicinal purposes were provided 
 compensation. 
 The project partners 
 helped build schools, health 
 clinics and community water 
 wells. They also put in place 
 extensive public health education programs focused 
 on malaria and HIV/AIDS prevention. 
 These efforts included distribution of 80,000 insecticide- 
 treated bed nets. 
 Local employment soared as 35,000 
 workers were employed during the project's 
 construction. More than $650 million was 
 pumped into the local economies through 2,200 
 Chadian and Cameroonian companies. 
 And so with the first oil loaded, an extraordinary 
 project begins to supply energy to 
 the world as well as a better life and a cargo of 
 hope to the people of Chad and Cameroon. 
  
 

Interesting bit from Infineon's TPM faq
http://www.infineon.com/cmc_upload/documents/048/006/TPM.pdf

19. Are the unique keys in a TPM generated, and the public keys recorded by a Trusted Third Party (TPP), at the time of manufacture? If not, could a piece of software generate a key pair, pretend to be a TPM and have the public key certified?

The unique key in the TPM, known as the endorsement key (EK), is generated during manufacturing. To validate that the EK comes from a valid TPM the manufacturer creates an endorsement credential that states that the EK in question comes from a valid TPM. So while nyone could create a SW EK and claim it comes from a valid TPM they would not have a valid endorsement credential to accompany that claim. This implies that those who rely on an EK will validate that it comes from a valid TPM.

dreamer, other documents you may want to read as you work on the draft of the security report:

ftp://download.intel.com/design/motherbd/articles/TPMQuickReference.pdf (linked from intels page at http://www.intel.com.sg/design/motherbd/rh/index.htm?iid=ipp_dlc_deskmb+spot_d865grh& )

This 30 page Acrobat file contains very good information the TPM functionality.

There's also a good (although briefer) document on Infineon's web site, at http://www.infineon.com/cmc_upload/documents/048/006/TPM.pdf

Enjoy your research...

NSM customers.

I mentioned this about 9 or 12 months ago...

http://www.national.com/company/israel/telaviv.html

National Semiconductor Tel Aviv is a Center of Excellence for research and development. The design center in Israel was established for the purpose of developing the world's first 32-bit microprocessor family, which was introduced in 1982.

Today the center develops cutting-edge, system-on-a-chip products for National, focusing on areas of Networking, Security and Manageability and smart system partitioning for key customers, such as Dell, HP, IBM, Intel and Sun.

The site also contains the corporate Headquarters of the Advanced PC Division

Interesting to see...

Also:

Products:

The Israel center works on a wide range of products for the Advanced I/O family of personal computer products, software, algorithms, and embedded RISC products including:
PC21100 - LPC Based TCPA-Compliant Security Controller (SafeKeeper)
PC87431M - mini -Baseboard Management Controller (mBMC)
PC87417 - LPC ServerI/O for Servers and Workstations
PC87372 - LPC ServerI/O with Glue Functions
PC87591 - LPC Mobile Embedded Controllers

dreamer, first, my apologies...my technical inderstanding is not on par with others on this board. Hopefully corrections and amendments will be made to my response.

First of all, the keys for PGP are stored on the Harddrive and therefore hackable.

Keys for TPM are secured IN the hardware, and completely inaccesible to outside attack.

Second (and this is the cool part I like) with a TPM you can have "attestation", or security that the box I am talking to is who it says it is. This, paradoxically, allows anonymity. If (I mean when) there is an attestation architecture, I can be identified as a trusted computer, and only as a trusted computer. i.e., If I were to hop on wi-fi in the Bangkok airport, my laptop only needs to tell the local wi-fi provider that I am a paid up subscriber. It would 'set a flag' (for lack of a better term) when I pay my subscription and certify me as a valid sub. Noone needs to know WHO is on the network, just that it is a trusted user.

There are many other things available, but I'll let the awks, webys, barges et. al. fill them in...

Hmmmm,

since this is (relatively) old news, I can only assume that it is a clue...

...possibly mundo's friends's laptops are ThinkPads?

rooster, go here:

http://www.investorshub.com/boards/read_prvt.asp

then why the continued complaints about the sagging stock price?

Makes no sense to me, unless you have invested to a point beyond your sleep level...

djtherix (or whatever the handle is) and yourself owe yourselves a nice quiet time alone, together, to piss and moan (p&m) about the stock price...

kinda like the kids in the back seat..."are we there yet? are we there yet?"

Patience is required.

The chutes are open, the nags are running, let the race come to a conclusion before you decide it's all bad...

an NDA, or simply part of terms and conditions in a contract...

no big deal.. we'll see the revenues when they come

b'man


As far as Intel reporting sales figures to Wave, they may be so obligated, but neither is obligated to disclose those figures publicly.

Wave may indeed be prohibited from disclosing those numbers.

I work for a multi-billion dollar company that has clauses in a) our customer contract, and b) our supplier contracts that prohibit us from disclosing and customer information, and our suppliers from disclosing any of our information...

I'm not following your train of thought.

Are you implying that Wave should report Intel's sales volume? National's shipping figures?

If you are, you're totally incorrect...

disturbing

Has anyone commited suicide because of this security?

I certainly hope not...that would be 'rediculous'

You know, given the relationship that SKS and the shareholders have developed, I truly believe he will share as much information as he can.

But when you're playing with Intel, IBM, HP, etc., it's best to follow their requests concerning disclosure, and to err on the side of caution...

I was going to get my wife to listen to it but...

WhatEVER the board header says (and since I never read it, I could care less what it says) it should at least point out that just because Wave is in the header, it's not a place to test .wav files

bluef, you and dj should get together and have a p&m session.

All on your own...

yeah, his version of 'opting out' was to have the ability to modifiy whatever 'certificate' or attestation information sent. Crap...

SKS or Biddle responded with a comment that to opt out was to say 'no, I'm not going to send you that'

rachel, re SKS' description...

It wasn't, as far as I'm concerned, the place to tout Wave and all that it can do. It was a place to talk TPM/TCG and defend (where necessary) the ineffective EFf arguments.

And yes, the throw away bit about FINREAD probably caught some attention...

It is the defacto product, at this point for NSM, Intel and possible HP...as a user of those three 'platforms' there is no other choice for me. And that is not a bad thing.

Users will evolve their needs as time progresses and Wave will be ready to accomodate them. I am seriously impressed with the path that Wave has taken. As the rest of the TCG hack through the underbrush of platform security they keep running across Wave mile markers put in place years ago...

It's uncanny...

Another interesting point (and maybe it's a reflection of just hearing one section of the overall conference) was that Biddle was representing MSFT and NSCSUBBIES (or whtever the hell it is...isn't it time for a new name?) and SKS was representing the TCG view

I haven't heard any confirmation from Wave on that, and I suspect it's a guess based on previous years...

[edit: yes I have emailed Wave and will report results of email]

Anybody heard from Larry Krazinski lately (crazylarry, for those that don't know)

Curious about what he's up to lately...

...and he's not very practical in his ideas about user over ride...

The EFF guy sounds like he has a bit of a paranoia problem...

I only listened to about 45 seconds of it before I determined it wasn't the Sprague Biddle talk...

doma, haven't given it a thought. Why?

(my brain is fuzz right now..a very busy (in a positive way) week...glad it's over.)

Awks second link was incorrect...listen to the first one...

Awk, thanks for the audio...great talk from both Biddle and sprague...

Regarding the results of the IBM users survey posted earlier this week...

everyone has different levels and needs for and of security. Think of it in personal terms. Sitting at home on a lazy rainy sunday afternoon watching some football I am experience a very low level of security need and a very high feeling pr personal security. Change the time to three a.m., and the need for security bumps up a bit. Move me to a certain neighborhood in Charlotte Amalie, regardless of the time of day and the security need escalates to an ever pervasive urge for a glock, tank, body armour and, possibly, the HRT (although the cops down there are more likely to be on the take, unfortunately).

The IBM folks surveyed apparently had one need.

I will have a different need.

And what I think is a perfectly fine level of security in a certain set of circumstances will be wholey inadequate for someone else in the very same set of circumstances.

for example...

I just arrived back in Singapore from a business trip to Bangkok. Security in Thailand did all the usual things, x-raying my carry-on (twice), filtering me through a magnometer and wanding me. Perfectly routine.

The Singaporean security people obviously don't trust the Thai people though, because I (and all the other passengers) had to go through the same routine After we got out of the 747 and before we were allowed to enter the airport (effectively). I was tempted to ask if I would be sent back to Bangkok if I failed, but I wasn't in the mood for a body cavity search.

Wave (there is a point to this) has been innovative enough to anticipate this widely varying need/desire for security, and are offering a variety of levels of utility for what is really not much more than a vault to store your keys. Some will use it for no more than that. But with Wave's utilities (and upcoming services) they will be able to broaden that utility to pretty much anything you can envision a TPM can be used for.

Future programmable versions (that I am confident Wave will have primary position with, with the E2100) will offer even more, but still, if you want, you can use it just as a vault for your keys.

I'm pleased that the IBM users like the ability to encrypt.

As someone already posted (and I apologize for not having the proper attributions, but it's been a helluva week, and I've picked up only a few of the posts) my first mobile phone was an Oki analog mobile phone that made and received voice calls only.

My current phone is also a PDA, allows email and web browsing and has a couple of cool games on it. My previous phone did all that AND had a built in camera (and I foolishly forgot it in the back seat of a taxi. 'You're welcome' to the scum that took it.)

Today they want encryption. Next year when they get a new machine they will need the Key Transfer services, and may have to add attestation also...

e v o l u t i o n is a good thing (even if you are from Kansas)

Cheerio..

don't ya just love Rolf Harris....

For whatever it's worth, greg (and given the fact that I'm an anonymous poster that most here don't know, so my opinion should matter a whit), I think Larry had a bit of 'what a bunch of zealots' attitude when he first arrived here, which is perfectly understandable. We are, for the most part a bunch of zealots.

The fact remains he did report that 'it' wouldn't be released until Q1. What 'it' was referring to is a matter of confusion.

Now that Intel HAS released product WITH TPM and WITH Wave Services, the new story is, it will produce no revenues in Q4.

Well, duh. We already know that. Product will be shipped, but will not be recognized until Q1. So what.

More product will be shipped in Q1, and more again in Q2. Normal occurance, and not worthy of the space wasted on this board.

If you are a friend of Dudash, please let him know that he is more than welcome here, but many of us have followed (whether invested in or not) Wave since the late 90's, have seen them dodge many many bullets, change course (within the same overall concept of security) and land themselves in front of the game, with a winning hand.

So bear with us. We are understandabley enthused...

Interesting reading

http://story.news.yahoo.com/news?tmpl=story&cid=581&e=4&u=/nm/20031029/tc_nm/security_ri...

so, you signed up as beckham, did you?