Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
3G Fiber Optics Already in ground
When bandwidth described below arrives Tvtonic download could be moved to peak hours like streaming today. They might develop a streaming product.
A friend recently emailed me that NEC and Alcatel tested existing fiber that will push 10 trillion bits per second down one strand. This is 1900 cds or 150 million simultaneous phone calls per second. Companies only need to improve their hardware at each end of the fiber. Maybe the new IBM chips will be used in the switch and router hardware.
I Need to find friends source.
Wave Esign Allies Attending
A La Mode - 6 employees
Ellie Mae - 5 employees
Wave eSign Systems - (1) Karen Purcell
e-Origination Validation of Identity needs TPM
Esigning and validation of identity of borrower and coborrower.
Identity validated using "out of wallet questions". No details on what this means. Although machine and user authentication of the lender, borrower, etc. from trusted computing would be a value added feature to this process.
See pages 52-58 of presentation for eSign, identity, and e-Origination flowchart.
http://www.elliemae.com/summit/pdf-presentations/eOrigination-with-encompass-jonas-moe.pdf
Esign for Encompass scheduled release Fall 2007
"eSigning is scheduled to be intregrated into eDisclosures Fall of 2007." Per "Make e-Origination a Reality" presentation at Ellie Mae's recent summit held March 4-6 in San Fran, CA.
http://www.elliemae.com/summit/pdf-presentations/eOrigination-with-encompass-jonas-moe.pdf
OLPC Supporter Negroponte was a WAVX supporter
Barge I'm with you. Per Wildman262 post 130733: 1997 WAVX Private placement group included Negroponte.
Mr. Negroponte stated, "Wave is a company ahead of its time, but time in the digital world moves so quickly that Wave will be timely tomorrow. Wave's unique system enables micropayments which are at the core of electronic commerce. Micropayments represent a new kind of digital payment system, one that enables the buying and selling of products previously bundled in large, take-it-or-leave-it packages. Wave's innovative approach is the basis for a whole new form of entrepreneurism."
Steven Sprague, president of Wave, commented, "The participation of such highly regarded technology industry figures in this private financing confirms the growing base of support we are seeing for our electronic content commerce and distribution solution. We are pleased these industry leaders share our vision for Wave.
Classmate PC and Tvtonic
Educational Content - TVtonic could upload each schools' and students' subscription based learning programs, games, lectures, tutorials, etc. Only concern is the Classmates 1GB flash drive. Does Tvtonic have a streaming or quicker upload solution? TVTonic could upload to a school server and then it would upload at full ethernet or wireless speed to each students pc. Alternatively their pcs could be dummy terminals meaning keystrokes only over ethernet.
Encrypted drives by Seagate Trusted Drive would be good for these and school servers so students' test and answers are protected.
Attendance - TPM1.2 could be used to eliminate roll call if required to power up pc when enter the building. School network would know when each student is in the building. May disconnect when out of range going home.
Are Classmate pcs available today from any OEM's?
Removable TPM on HP Integrity Server rx6600
First on board TPM for a server I have seen. It is optional. There used to be PCI card with TPM on it to use with an IBM servers.
Instructions for removing TPM, 03202007
http://docs.hp.com/en/AB464-9003B/ch04s22.html?jumpid=reg_R1002_USEN
"IMPORTANT: You must run the supported version of the HP-UX operating system to utilize the TPM security component. I believe this is the Unix OS." Will Wave software run on Unix? This server is also available for Windows and Linux. Have not found Wave here yet although will browse the large amount of data and will post if I find.
"CAUTION: Destroy the TPM after removing it from the server. Follow local regulations to securely destroy the TPM. Do not attempt to use the TPM in another server."
One, two, three, or four Itanium 2 dual-core processors.
http://h20341.www2.hp.com/integrity/cache/391560-0-0-0-121.html?jumpid=reg_R1002_USEN
Todays WSJ article posted by several says "Intel's Itanium has features called hardware protection keys that safeguard portions of a computer's memory from unauthorized software code." "Intel announced plans to exploit the TPM along with modifications to its own chips in the second half of this year." To be used with Vpro for corporate pcs.
Intel appears to already be doing so with HP and their customers. Are they bundling Wave software to manage server and clients?
Hp Shopping to Grow its share of Software market
From WSJ article earlier this week interviewing their new CEO. This is a strong goal of the CEO.
I believe IBM is the PC hardware oem leader in software market share.
I am with you.
Vista Upgrade from ETS XP will feel good
If Wave has learned from the numerous Dell forum posts re: ETS problems and included fixes in the release.
Wave must support ETS, strengthen customer relationships
The end result can be feel good. A world class customer focused company will jump in with both feet, contact Dell and the end user to learn how they are using ETS, locate the nuts and bolts of the problem minor or major, whether or not an ETS issue, solve it, compile in a knowledgebase (I recall wave.com has a kb), and issue patches and upgrades making the product stronger.
Per counts each post has been read hundreds of times. Hopefully by Wave engineers. I agree Wave support needs to monitor and respond to them either directly or indirectly through their oem partner. This troubleshooting and feedback could lead to repositioning Wave's software to a different target. If fixed quickly it will strengthen our relationship with Dell should.
I am sure Dell customers have experienced issues with a little operating system called Windows and I recall it dominates the market.
ETS Feedback from Dell User Forums
Go to www.dell.com and enter search for, dell embassy trust suite, and narrow to technical support. You will see numerous user forum posts.
1. Posted 02/01/2007. Re: ETS and Dell Precision with MS Works database – ETS Document Vault issue. The Embassy software is 139 MB of security overkill that I can't understand, much less use; so I uninstalled it and re-started my computer. And VOILA! The Works database program fired right up!
http://www.mail-archive.com/twsocket@elists.org/msg06642.html
http://www.dellcommunity.com/supportforums/board/message?board.id=sw_other&message.id=57392&...
2. Posted 02/01/2007. Re: ETS error message that TPM is invalid. Cannot access data in Document Vault.
http://www.dellcommunity.com/supportforums/board/message?board.id=sw_other&thread.id=57305&c...
3. ETS – Duplex Secure of London UK - the Dell ETS preinstalled is patching RAM belonging to other apps. Contacted Angie Nunez @ Wave with no response. Thinking of Legal action against Wave. Per DS's partners communications thousands of people are complaining about Wave Embassy Trust Suite.
http://www.dellcommunity.com/supportforums/board/message?board.id=sw_other&view=by_date_ascendin...
Strong on the negative tone. I'm not sure whether any of these end users understand ETS to begin with. If not, Wave and Dell need to inform and train their customers better so when ETS pops up when each shiny new pc is booted for 1st time the user will know what they are dealing with.
I am left wondering whther these are major issues? Have they been resolved? Was the ETS testing adequate to find the major flaws before release? What damage control or correction action has been taken?
Must be growing pains associated with the huge task of making ETS compatible with both TPM aware and unaware applications.
Please post positive Wave software feedback. Would be good to see testimonials on Wave.com.
xxxxcslewis: TvTonic could fit here. The connections are there as TvT is part of Windows Media Center OS, and Wave is beginning a relationship with NTT.
Coincidence?
Waveexpress in Michael Spragues available Wall Street apartment. $7500 per month. Whew!! Home office? On the way out, struggling to remain part of Wave?
No mention of how Waveexpress is performing or guidance. Not looking good for Michael.
Symantec TNC measurements demoed with Endpoint Enforcer
ONLY!! US supplier with Full Suite of products for Trusted Computing
Army leads to Homeland Security and other gov't depts. Sweet!
Yes $100M over the next 2 years with conservative 4 to 5% upgrade rate
Z88 - See Seagate @ RSA & ORC subcontract to be completed
-- RSA Demos: In February at the RSA Conference 2006, Wave and Seagate demonstrated the Seagate Momentus 5400 FDE, a 2.5-inch, 5400-RPM notebook hard drive equipped with hardware-based Full Disc Encryption (FDE), delivering the highest levels of data security, and Wave's Embassy Security Center software. Wave's Trusted Drive Manager is designed to provide organizations with an easy way to set up and configure the Momentus 5400 FDE drive and to automate protection and management of passwords and encryption keys.
-- Operational Research Consultants, Inc.: In January, Wave teamed with Operational Research Consultants, Inc. (ORC) in connection with the first Blanket Purchase Agreement award issued under the new U.S. General Services Administration "Authentication Products and Services" Category Special Item No. 160 32, part of existing IT Schedule 70 (the "ORC ACES BPA"). The terms upon which Wave will participate in the project are subject to the completion of a subcontract to be entered into between Wave and ORC.
-- U.S. Army CB2 Specification: In February the U.S. Army Small Computer Program published the new Consolidated Buy-2 (CB2) Desktop and Notebook minimum specifications for Army customers. The new specification, a milestone in the adoption of trusted computing standards, requires desktop and laptop personal computers be equipped with the new open security chip hardware TPM.
-- Consulting Service Contract: In February Wave was awarded a $319,000 contract to provide consulting services in connection with a study to evaluate the implementation of trusted computing solutions for the government. The project, which was disclosed by Wave in a Form 8-K filing made on February 8, 2006, is underway and has an expected term of four months.
SKS Keynote: Trusted Computing and Its Impact on Web Services.
5/25/06, 3:35pm to 4:30pm.
Keynote means full attention of all attendees for 55 minutes. Not a breakout session small group.
Sorry Nelzoni. You posted Web Svc Conf already.
Snackman: "Trusted Computing Can Make Financial Services Transactions More Secure", 3/28/06, Sarbanes Oxley Compliance Journal.
http://www.s-ox.com/Feature/detail.cfm?articleID=1704
Trusted Computing Can Make Financial Services Transactions More Secure
2006-03-28 12:00:00.0 CDT
By Steven Sprague
The Sarbanes-Oxley Act is designed to protect investors by improving the timeliness, accuracy and reliability of corporate data and financial disclosure information. In the financial services arena, regulatory authorities, financial services providers and end users are also eager to improve the accuracy and reliability of Internet-based financial services transactions to protect consumers from the growing problem of online financial fraud. Enterprises, government and consumers are increasingly demanding a computing environment that is more trusted, private, safe and secure.
In a recent high profile action, the Federal Financial Institutions Examination Council (FFIEC) recently issued guidance suggesting financial institutions offering Internet-based financial services should use more effective methods to authenticate the identity of customers. The FFIEC noted the continued growth of Internet banking and other forms of electronic banking activities and the increased sophistication of threats to those environments have resulted in higher risks for financial institutions and their customers.
Industry analysts in late 2005 reported that on-line banking customers were using on-line banking services less frequently due to concerns over data security. The uncertainty over the continuing inability to reliably determine authentic digital identities continues to undermine many financial transactions.
Cases of financial cyber-fraud, identity theft and data losses from large financial services companies such as Bank of America, Wachovia and Citigroup highlight the fact that valuable data continues to be at risk. And other companies that amass customer financial information, such as the December news that the timeshare unit of Marriott International Inc. reported the loss of 206,000 customers' sensitive personal data, shows that most companies are indeed at risk.
Data breaches include the loss of sensitive employee and customer profiles, social security data and credit information and outright identity theft. Information is lost through mishandling, theft, unauthorized access to IT networks and malicious attacks.
More than one million federal employees have had personal data lost or stolen in 2005, including those of the Federal Deposit Insurance Corp. The Chairman of the FDIC, Don Powell, was quoted that "Identity theft, particularly account hijacking, continues to grow as a problem for the financial services industry and for consumers. Our review illustrates that ID theft is evolving in more complicated ways and that more can and should be done to make online banking more secure."
The information technology industry in particular is responding to significant electronic security challenges by encouraging the development and delivery of a range of new, open standard, hardware chip-based security solutions, delivering improved electronic authentication applications, and a kind of electronic safe or vault that can be of great value in the financial services industry.
These efforts are being stimulated by the formation of the Trusted Computing Group (TCG), an association of more than 110 global IT leaders.
The TCG is a not-for-profit organization formed to develop, define, and promote open standards for hardware-enabled trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals, and devices. TCG specifications will enable more secure computing environments without compromising functional integrity, privacy, or individual rights. The primary goal is to help users protect their information assets (data, passwords, keys, etc.) from compromise due to external software attack and physical theft on platforms including not only PCs but servers, peripherals, mobile devices, the network and related infrastructure.
Leading members of the TCG include AMD, Dell, HP, IBM, Intel, Microsoft, Motorola, Sony, Sun Microsystems, STMicroelectronics and Wave Systems. The members span the IT industry from silicon vendors to network services providers. Industry developers, manufacturers and service providers use TCG specifications to build products that protect and strengthen computing platforms against software-based attacks. The new hardware based security building blocks defined by the TCG specifications provide a new design approach with new trusted computing capabilities being integrated as a foundation of the user devices.
In contrast, traditional older generation security approaches have taken a “moat” approach which attempted to create electronic boundaries or firewalls that mirrored organizational boundaries. However, today’s new web services are aimed at making boundaries virtual so that customers and suppliers can have ready access to important information which resides inside corporate information systems. In addition, the security of today’s systems is based almost exclusively on software, which has proven to make them highly vulnerable to malicious attacks from the network. Finally with the increased mobility of devices for access at all times in all places the threat of physical theft and loss has seen a corresponding increase.
TCG standards today are based on a special purpose security chip, integrated on the motherboard of the PC, called a Trusted Platform Module (TPM). These security chips use an open standards approach which enables the implementation of a standardized security ‘building block’ as the anchor of trust within the PC. A TPM, a secure key generator and key cache management component, enables protected storage of encryption keys and authentication credentials for enhanced security capabilities. This is in contrast to today’s weaker security solutions that rely on software to hide ‘secrets’, build firewalls, and protect encryption keys and digital.
With encryption key protection in the hardware of the Trusted PC, what can Trusted Computing do for the financial services industry? First, you can solve several of the most nagging issues in data security today, delivering access control through stronger user authentication, verifying the person attempting to enter the network, and stronger device validation, including who owns the machine attempting to enter the network.
Financial services companies and government agencies remain vulnerable to malicious attack when unauthorized users authenticate and spoof themselves and their PC platforms into insecure IT networks. As the FDIC points out in its latest report, access to accounts through user name and passwords has proven to be a weak link in the identity management process. Software-only login and sign-in processes have proven to be easily breached. Strong user authentication through multifactor authentication and platform validation make malicious access attacks far more difficult.
This directly addresses the FFIEC concern that single factor authentication (like a password), when used as the only access control mechanism, is potentially inadequate for high-risk transactions involving access to customer information or the movement of funds to others parties.
The trusted computing TPM chip can safely store user credentials such as digital certificates, and provide superior protection of existing passwords. With your private encryption keys stored in a security chip – a “safe,” users may now be strongly authenticated and the risks from compromise by network attacks of viruses and Trojan horses can be dramatically lessened. Protected storage of keys allows for the creation of strong, complex passwords to further strengthen the authentication process.
Besides strongly authenticating who you are, the TPM security chip can also enable strong authentication of the device you are using, including whether it has a configuration which has not been comprised and meets the requirements of the network it is attempting to access. Trusted PCs are widely available today, but eventually other trusted devices such as cell phones and PDAs will also contain these advanced security features.
In most insecure systems today, configuration settings are stored in system memory and are vulnerable to attack. With Trusted PCs, the settings are used to create attestation identity keys that cannot be used unless a value is the same at the time of use as when the key was created. This helps to determine if the trusted state configuration has been altered. If it has been changed, network administrators can deny access.
Working with this dramatically improved secure hardware environment, software companies like Wave Systems can offer a range of applications and services for Trusted PCs that provide immediate value and return on investment to address pressing security concerns. Additionally, companies like Wave are beginning to provide key management services and the trust infrastructure components that IT professionals require for managing Trusted PCs in the enterprise or government environment.
Just as financial services companies go to great lengths to protect monetary assets, financial assets today are most often in data form and can be better protected in the TPM environment.
Access control and authentication can be implemented with computing technology that works within the recognized trusted computing framework. This offers a best practices implementation that is a foundation for the automation of security. Trusted computing can also be useful for meeting the new regulatory compliance requirements for audits and tracking in this industry.
Trusted computing has a role within the banking organization but its more important role may be between the bank and the customer. Trusted computing provides a technology platform that is expected to be a standard feature in most PCs and mobile devices. The effect of a standard is to reduce the number of proprietary implementations and ensure interoperability and availability. This will enable the banks to have a pervasive and integrated solution for strong authentication which does not require the issuance and management of external hardware tokens or keys. The TPM is projected by analysts to be available on equipment in the consumer’s home, their laptops, and mobile devices. Analysts are projecting as many as 50 million trusted PCs shipped by 2006 and double that the following year. As customers have access to integrated strong authentication technology as part of their new PC purchases the banks will have the opportunity to significantly expand the online services that will support and use strong authentication.
The benefit of trusted computing technology is that the trusted platforms become part of the identity equation as well as enabling a user to establish the appropriate usage policies for their home PC, work PC and mobile devices. If logging onto a bank from a kiosk, even with a portable identity token, the bank may issue the consumer a limited access to services based on the lower level of security of the public kiosk. When a consumer logs on from home, however, he or she can have access to a full service branch since the bank will be able to verify the trusted configuration of specific consumer PC. This type of model exists today where an ATM only provides limited access and banks have mini branches and full service branches. By enabling strong authentication the banks digital web service offerings can grow substantially while simultaneously reducing the risk of fraud.
The IT industry’s trusted computing thrust today is one of the few open standards, strong authentication mechanisms that can meet the needs of financial industry. As the banking industry evaluates different solutions for stronger authentication, as recommended by the FFIEC guidance, the industry should consider making sure that whatever solutions are selected include trusted computing.
Online security is a complex topic and there are many technologies and choices. However, today there are easy steps that financial services institutions and consumers can benefit from both immediately and long term.
Make sure all new PCs procured are trusted PCs which include TPM security hardware and software
• Enable all online services to support multifactor authentication with the TPM as a ‘trusted’ identity token vEnable all internal networks to support platform authentication using the TPM, eventually adding TPM Integrity Measurements with attestation for assuring that only valid configurations can gain to access the network
• Ensure all data on client and server platforms is stored encrypted on the hard disk
• Use machine identity as part of information policy to integrate hardware location and the resulting physical security
• Limit the number of records that can be retrieved from a database by a specific terminal, to prevent mass theft of records
• Promote consumer use of trusted computing in the purchase of their next PC, even if online services are not ready.
• Trusted PCs are shipping today so financial services organizations should let customers know they will be supporting the technology
• Ask all of your networking and service vendors to support trusted computing within their platforms
Summary and Next Steps
The transition to Trusted Computing can be easy both for individual users as well as enterprises. As existing PCs are replaced on their typical three or four year replacement cycle, Trusted PCs with TPMs should be specified. The TPM will become even more important as time goes on with software such as Microsoft’s new Vista operating system specifying it as a prerequisite feature. Robust applications software and trust infrastructure servers are now available leveraging trusted computing, which allow both individuals and enterprise users to immediately activate and benefits from their TPM enabled PCs for new levels of security, including the multi-factor authentication required by the FFIEC.
Steven Sprague
President and CEO
Wave Systems Steven Sprague is president and CEO of Wave Systems Corp., a leader in delivering trusted computing applications and services. Wave Systems solves the most critical security problems for enterprises and government with software solutions that are trustworthy, reliable, and easy to us. Wave's trusted computing software solutions include strong authentication, data protection, advanced password management and enterprise-wide trust management services.
For more information about Wave, visit http://www.wave.com.
Steven Sprague to speak at Web Services Conference
“while there is a high interest to integrate web services into the mainstream of service-oriented architectures (SOA), {b}security concerns might be the deterrent for enterprises trying to do so”{/b}
http://www.thehostingnews.com/article2189.html
Web Services Security Conference to be Hosted by Unatek
College Park, Maryland - (The Hosting News) - April 10, 2006 - The first annual Web Services Security Conference (WSSC) and Exhibition will be hosted by Unatek IT Security Conferences May 25 - 26, 2006 at the Marriott Convention Center in College Park, Maryland.
The conference will feature a mix of corporate executives, government leaders, and top information technology and business professionals to the two-day conference that will cover a range of security topics, including: intrusion prevention, web services security, single sign-on authentication, risk management, identity management and legal issues.
A sample of the speakers and associated topics include:
-- Tony Nadalin, distinguished engineer and Chief Security Architect at IBM, ''Web Services Depends on Interoperable Security Standards.''
-- Martin Roesch, Chief Technology Officer and Founder of Sourcefire, Inc., ''True Intrusion Prevention - Protecting Against Threats From all Vectors.''
-- Mamoon Yunus, Chief Technology Officer and Founder of Forum Systems, ''Starting with Identity Management Systems for Securing Web Services.''
-- {b}Steven Sprague, Chief Executive Officer at Wave Systems, ''Trusted Computing and its Impact on Web Services.''{/b}
-- Andre Yee, President and Chief Technology Officer at NFR, ''Threat Protection in a Service Oriented World.''
-- Melise R. Blakeslee, Partner at McDermott Will and Emery LLP, ''What are the Realities of Your Legal Risks?''
-- Ralph Bazilio, President of TCBA, ''eRisk and Liability in Online Transactions - the impact of the Sarbanes-Oxley Act.''
-- Kerry G. (Kwasi) Holman, President of Prince George's County Economic Development Corporation, ''eFraud in Online Commerce: Impact on Business Reputation and Consumer Confidence.''
In addition to the conference, approximately 30 vendors will demonstrate their latest solutions in the exhibit hall. Other activities include hands-on demos, chalk talks, and birds-of-a-feather sessions.
Charles Iheagwara, Conference Chair explained, ''Web services are loosely coupled information technology computing services that reduce the complexities of building business applications, save costs and enable new business models. These opportunities are attractive to enterprises that engage in e-commerce transactions, but while there is a high interest to integrate web services into the mainstream of service-oriented architectures (SOA), security concerns might be the deterrent for enterprises trying to do so or accelerate the pace. This conference strives to address these security issues and educate attendees on how to address them.''
To learn more about the 2006 Web Services Security Conference and Exhibition, please visit: www.unatek.com/conference.htm.
Weby: Wave noted as Contributor Level of TCG
Although I am cetain you meant nothing of substance regarding Wave's software product portfolio. PPT shows features similar to ETS.
Either Lenovo choosing Wave products to replace their own TPM (ESS) and Ultimaco software or a large IBM customer doing so and bragging about it would be huge for WAVX. How about Christmas in July.
Go Wave!
Awk: Parallels virtualization on Mac with Intel chip level VT support sounds like a nice alternative to rebooting to a single os, and slooooow virtualization software like MSFT VM.
I believe Parallels is software WSJ's Walter Mossberg said he had not been able to test as of his Boot Camp review article on page B1 yesterday.
I want to know his take on Trusted computing. I recall his hardware recommendations for be ready for Vista last year. There was no mention of needing a TPM on board. You may be able to load Vista without a TPM but cannot legally put the Built for Vista logo on the box.
Looking forward to the weeks ahead.
Take care.
Awk: IBM presents Trusted Virtual Domains
Note: Apple Boot Camp requires a separate reboot to run Win os separate from Mac unlike simulataneous sessions with MSFT Virtual Machine.
Wave in 3/15/2006 IBM Tokyo Research Laboratory Powerpoint
"Towards Simpler and More Coherent Security Models Through Trusted Computing"
http://www.research.ibm.com/trl/news/workshop/20060308TC-WS-Maruyama.pdf
See page 18, although informative to read entire presentation.
Interesting overview of efficiences from trusted computing. Eye opener related to corporate policy enforcement, platform endorsement, domain admission, and application policies in {b{trusted virtual domains (TVD){/b}. Example, IBMs enterprise network with Class A Confidential data like HR, Class B engagement members only, and Class C wide open IBM intranet general data.
Ready for Lenovo/IBM to say, "Wave, I want you!"
Snackman: Apple Boot Camp. Future TPM support?
Assuming Apple Mac OS users are concerned about multifactor authentication, data protection, password management they will benefit from TPMs and ETS. Although, they do not seem concerned about viruses and spyware like Win users.
Apple Leopard os due in 2007 will have Boot Camp built-in. Rollout timing close to Vista. Interesting to see whether TPM compatibility and software built-in for both Win and Apple os partitions. Our Intel mb relationship should pay dividends with Apple.
Whew! Dividends? It will be a sweet day when we have growth coupled with a large WAVX dividend distribution.
Good test review article on page B1 of todays WSJ. Highlights below.
Boot Camp, free from Apple. Named so because {b}requires a reboot to run in separate partition as either Win XP or Mac os. Not simultaneous like Msft Virtual Machine.{/b}
Must purhcase Win XP separately (Home $199, Pro $299). Apple no plans to sell. Msft may not support on Mac.
Today there is a lack of apps for full featured business appl for Macs so power users will need larger drive partition for Win or more than one HD.
KB: Dell an Assembly operation like Auto industry
Good point. Although Dell can request design specifications, and put price pressure on their suppliers both of which can reduce quality. Other hardware and replacement parts inventory are also in play. Do not know details only respect these individuals opinions.
Hp has a solid rep so as long as they continue to buy Broadcom this is good for Wave.
Wave in 3/15/2006 IBM Tokyo Research Laboratory Powerpoint
"Towards Simpler and More Coherent Security Models Through Trusted Computing"
http://www.research.ibm.com/trl/news/workshop/20060308TC-WS-Maruyama.pdf
See page 18, although informative to read entire presentation.
Interesting overview of efficiences from trusted computing. Eye opener related to corporate policy enforcement, platform endorsement, domain admission, and application policies in trusted virtual domains (TVD). Example, IBMs enterprise network with Class A Confidential data like HR, Class B engagement members only, and Class C wide open IBM intranet general data.
Ready for Lenovo/IBM to say, "Wave, I want you!"
Awk: HP a welcome govt/entp alt. to Dell
Broadcom is encouraging because IT purchasers in gov't and public enterprise with a history of buying Dell have been switching to HP. Two people, a computer consultant/professional speaker (audience of approx 40,000 influential decision makers annually) and a National Guard IT person, have stopped recommending and buying Dell because Dell has been having widespread hard drive failures and other issues in the past year or two. As positive as all Dell news with Wave, especially this weeks Latitude and Precision notebook PR (go to Dells website and see the Wave and its logo on the 3D Latitude demo under Security) until Dell increases quality we need to be in HPs box.
HP currently ships with TPM 1.2 on Broadcom NICs and HP ProtectTools Security Manager Software was likley written by Infineon. In the future HP with Brdcom TPM will ship with Wave ESC/CSP and ProtectTools, or only Wave. With this announcement I am thinking the latter unless PT is used for nonTPM functions
Would like Lenovo to be next.
All the best,
1st
NCI Military Contracts 12/19, 12/20, 12/21
Shows they are a proven US Gov't player. Positive news.
Where is todays 12/22 with Wave?
Indefinite quanitites/deliveries program.
1 year base, 4-1 year options.
Look forward to details on Wave products services that are included.
No PR on nciinc.com and wave.com??
Email reply from Wave "Technical Sales Engineer"
I was pleased to get a helpful response from the general support contact mailbox securesolutions@wavesys.com linked on Wave web site.
My questions:
1) Will KTM Enterprise Server AD operate with complete functionality on a Windows 2003 Server or 2003 Small Business Server OS, without Microsoft® SQL Server installed?
2) Per Lenovo's web site it appears the IBM 4758 PCI Cryptographic Coprocessor, optional for by KTM ES AD, was discontinued in October 2005. Will it be replaced by a TPM made only for servers when the TCG issues server specs?
Wave TSE response:
1) KTM Enterprise Server AD works on Windows 2003 Server and it has been verified on that Operating system. But I think there would not be any issues for it to work on 2003 Small Business Server. If you do not wish to use MS SQL Server then in that case you can use Microsoft Desktop Engine (MSDE) as a database which is available for free.
2) We had verified our software with IBM 4758 Crypto Card and if you have any other HSM (Hardware Security Module) compatible with MS CAPI in mind then we can verify if we can support that.
As far as TPMs on the server is concerned, once that becomes available and all dependecies like Drivers, Software Stack are available Wave would be able to make our Server products compatiable with that.
Internet: Like it. Valuable real estate in their direct mail catalogs and on www.dell.com home page would be much appreciated. Email is a nice start.
Sheldonlevine: TCG Server Generic spec 1.0
https://www.trustedcomputinggroup.org/groups/server/
See 6.37, 6.38, 6.39 on .pdf page 40 regarding paritions.
Are they talking hard drive or other "resources"?
SL: Whether Vista client or Longhorn server I hope the installation or upgrade from XP or 2003 Server to Vista or LH server will format the drive partition for end users. Oh! and of course install and prompt to activate TPM and install or download Wave software bundled or not.
Is there a TPM server spec. different from 1.2 for the client side?
Foam: 700 million mobile phones shipped last year verus 50 million notebooks. Ultrasmall notebooks will be introduced in the next 1 or 2 years that are also cell phones. The demand has been for cell phones, therefore, R&D$$ and resulting advances have been with them. But the ph and laptop will converge.
ARM Trustzone is made for mobile devices.
Good for Wave.
When are TCG Mobile specs due for release?
KTM ES -IBM 4758 PCI Cryptographic Coprocessor Discontinued
Looks like the most recent one available, model 23, was discontinued 10/31/2005. Hmmh, is there another one available from IBM or other manufacturer, or will it be replaced by a TPM built for server functionality?
http://www-03.ibm.com/security/cryptocards/pcicc/order.shtml
http://www-03.ibm.com/security/cryptocards/pcicc/overview.shtml
Hardware Security Module — With KTM Enterprise Server, keys are never exposed outside of the server's secure hardware when using a Hardware Security Module (HSM). KTM Enterprise Server uses IBM’s 4758 PCI Cryptographic Coprocessor, which is an option allowing the server to deliver the highest security and data integrity for TCG migration services.
http://www.wave.com/products/ktmes.html
Wave presents with Lenovo, HP, Seagate, Atmel, and ISTPA, Meetinghouse Data @ Infosecurity NY, NY, 12/06/2005.
Maybe we will find out in 2 weeks.
https://www.trustedcomputinggroup.org/news/events
Title: T1: Trusted Computing Group: Stopping Attacks on Your Corporate Assets: A Seminar on Protecting Data, Systems and the Network
Date: Tuesday, December 6, 2005
Start Time: 9:00am
End Time: 1:00pm
Description: Wave after wave of attacks have made data, systems and the network more vulnerable than ever. IT managers and network administrators are struggling to protect these assets while maintaining maximum workforce productivity and keeping budgets in check. What can be done NOW to keep hackers and others from getting in and taking over? Trusted platforms can help. This session will address the definition and role of trusted platforms and how they can help prevent viruses, malware and other attacks. Experts in networking will review the role of endpoint integrity and access control and new ways to prevent unauthorized users and attacks from entering your network. The protection of data in trusted drives and protecting data moving from systems to peripherals will be discussed. And real examples of these systems and applications in operation will be shown. Demonstrations of applications and systems also will be available.
Speaker(s):
Kerry Maletsky - Business Unit Director, North American ASIC and ASSP Companies - Atmel
Michael Willett - Research Staff, Seagate Technology and Chair - Privacy Framework Project of the Internat'l Security, Trust and Privacy Alliance
Stephen Sprague - President and CEO - Wave Systems
Shab Madina - Product Marketing Manager - Hewlett-Packard
Stacy Cannady, CISSP - Senior Consultant and Product Manager for Client Security - Lenovo
John Vollbrecht - Senior Technical Consultant - Meetinghouse Data Communications
ETS on 2005 Intel Recommended Materials List for its Desktop Platform Vision Guide where it list pretested products that should save its partners incompatibility cost, etc.
http://www.intel.com/cd/pvp/dpvp05/ASMO-NA/ENG/products/index.htm?catId=7
CD: Lenovo Pcs with Winbond TPM referenced by the July 2005 service pack link below to install correct drivers so TPM is found by the pc and in Device Manager. These might include the Embassy technology bundled with Winbond silicon mentioned in on Slide 10. Could not find Wave mentioned.
http://www-307.ibm.com/pc/support/site.wss/document.do?sitestyle=lenovo&lndocid=MIGR-60656
Also see Lenovo Client Security with TPM and reviewer notes on the right. Again, did not find Wave mentioned.
http://www.pc.ibm.com/us/think/thinkvantagetech/security.html
Slide 10 (from 11/21/2005 Wave investor conference presentation, see post 102311) leaves me with the following questions:
1) "Embassy technology bundled with Winbond silicon", not tpm, versus "Embassy Platform bundled with Atmel and STM TPM". Silicon must mean TPM because Windbond website link below shows safekeeper as TPM and TCG1.1b compliant.
http://www.winbond.com.tw/e-winbondhtm/partner/apc_pc8392t.html
2) Also did not mention works with IBM Embedded Security Subsystem but did mention works with HP. Trying to distance from IBM or letting Winbond and Atmel make inroads with them?
3) Also says Wave is a ISV for HP but not IBM. Used to be for IBM and go to the IBM Partnerworld conferences. What changed?