Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Should have hired this fellow a year ago...
Cheers
Ski
At age 10, Trusted Computing Group sees a new world of threats
I don't believe this was posted earlier, but it is a good read and shows the challenge going forward.
By William Jackson
Feb 27, 2013
SAN FRANCISCO — The Trusted Computing Group, an industry security standards organization, is celebrating its 10th anniversary at this week's RSA security conference.
Best known for the Trusted Platform Module (TPM) security chip, the organization more recently has published specs for integrating network security information into the government's Security Content Automation Protocol (SCAP). Sessions at its conference workshop will focus on network security trends and data protection in a rapidly changing IT landscape.
"Sophisticated, targeted threats and the challenges of mobile devices are two ends of the security spectrum," said Wave Systems' Brian Berger, a TCG board member.
With the number of user endpoints on the Internet being measured in the billions — many of them untethered wireless devices — building security into those devices and enabling secure network access controls is becoming an imperative.
"The definition of mobile and mobility has changed, and that changes the context of security," Berger said. "Security has to catch up."
TCG was formed in 2003 and that same year adopted specifications for its signature TPM. Since then the chip, a cryptoprocessor that can store data securely in hardware, has become almost ubiquitous, with some 600 million shipped in computing devices from desktop and laptop PCs to mobile phones and automotive systems. Since then, it has slowly worked its way into the security infrastructure of end devices. It is a core component of Microsoft Windows 8 security and also is used by the Google Chromebook.
Despite the support for the group's efforts from government entities such as the National Security Agency, the pace of TPM adoption by government has been — at best — deliberate.
"Government moves at government's pace," Berger said. But in the past several years, TPM has been showing up as a requirement in government purchasing vehicles.
The National Institute of Standards and Technology calls the chip "the foundation for an entire ecosystem" of PC security, enabling the secure storage and passing of information within and between computers. But government had little input into the development of the first versions of the specification, and they did not meet Federal Information Procession Standards, required for government crypto systems.
But NSA has been participating in the development of TPM 2.0, which is expected to be FIPS 140-2 or 140-3 certified. NSA also is working with TCG to create protection profiles to allow certification of self-encrypting drives, another TCG specification that is gaining adoption.
Last fall, TCG released draft specifications for standardizing content using the government's SCAP in TCG's Trusted Network Connect (TNC) architecture. The two protocols handle different domains of IT security. The TNC standards focus on network security, while SCAP, developed by NIST, focuses on endpoint compliance. Using them in tandem could help improve endpoints security.
http://gcn.com/Articles/2013/02/27/Trusted-Computing-Group-sees-new-threats.aspx?Page=1
janicen, Fujitsu, AMD and Windows 8, hmmmm?
New AMD Tablet APU Lands in Fujitsu STYLISTIC Q572
Latest Collaboration Maximizes Productivity and Portability
Sunnyvale, Calif. —10/22/2012
AMD (NYSE: AMD) announced that its AMD Z-60 accelerated processing unit (APU) powers the new Fujitsu STYLISTIC® Q572 10.1” tablet, providing quality and performance to professionals on the move. The combination of processor and system design provides users with portability, Windows® compatibility and security in one tablet device. With impressive performance at low power, the AMD Z-60 APU supports unique Fujitsu features like an integrated Smart Card reader and removable battery.
Supporting a rich Windows 8 or Windows 7 experience with its AMD Radeon™ graphics, the AMD Z-60 APU enables the ability to run the full suite of legacy PC applications while supporting the most visually demanding programs. A suite of enterprise-friendly features such as the trusted platform module (TPM) and hardware-based disk encryption are also supported by the AMD Z-60 APU. The STYLISTIC Q572’s lightweight (approximately 1.6-pounds) design and impressive feature-set make it an ideal match for the mobile workforce.
“As a leading provider of Windows-based tablets, Fujitsu knows exactly what features and capabilities our customers demand in their systems,” said Paul Moore, vice president, PC Product Marketing and Product Development, Fujitsu America. “The AMD Z-60 APU delivers on those expectations and helps Fujitsu deliver a differentiated product into the upcoming Windows 8 tablet marketplace.”
AMD’s processors provide high-quality experiences for both consumers and commercial workers with high-definition entertainment, advanced multitasking performance and power-saving innovations. The APU combines high-performance serial and parallel processing cores enabling breakthroughs in visual computing, security, performance-per-watt and device form factor.
“AMD is pleased to announce Fujitsu as the first customer of the AMD Z-60 APU in conjunction with their new tablet and the launch of Windows 8,” said Steve Belt, vice president of Ultra-low Power Products, AMD. “We believe Fujitsu’s customers will be thrilled with the combination of features, performance and battery life we worked together to provide in this very appealing system.”
STYLISTIC Q572 Features
Bright (380 nits) 10.1” Anti-glare HD (1366 x 768) IPS display
Capacitive multi-touch for up to ten fingers
Digital pen input for signature capture and note taking
HD Front camera / Full HD Rear camera (5.0 Megapixel with auto focus)
User removable battery
Suite of security features: integrated Smart Card slot, fingerprint sensor, embedded TPM
2 x USB 2.0 port, HDMI port, SD/SDHC/SDXC slot
Supporting Resources
Find support materials here: AMD Dual-Core Z-60 APU
Read The Goldilocks Effect blog from Steve Belt
Check out demos of AMD APUs on the AMD YouTube Channel
Follow all news from the AMD on Twitter at @AMD_Unprocessed
http://www.amd.com/us/press-releases/Pages/new-amd-tablet-apu-fujitsu-2012oct22.aspx
Stock price movement always gives clues about impending news, especially if there is no news, at the moment. I think someone here said that. Should be interesting tomorrow.
Did they finally sign DOD? Or was it other large corporation? Maybe we are getting bought out...who knows...someone knows, hence today's price action, good luck to all you longs.
Ski
Scant Details on How Deep Defender Actually Detects Rootkits
Posted by
Bob Thibadeau May 31, 2013
This week McAfee introduced two new suites of its McAfee Complete Endpoint Protection amidst fanfare that they were including McAfee Deep Defender, which links security from a chip to OS applications. Deep Defender purports to provide rootkit protection based on hardware-enhanced security jointly developed by Intel and McAfee.
Readers of this blog well know we’ve been among the most vocal proponents of hardware-assisted security. And while we applaud Intel and McAfee for adopting this direction, Deep Defender’s debut in their Endpoint Protection suites underscores the fact that this remains a proprietary solution.
Everyone knows that security through obscurity is one of the worst types of security solution. Yet on the FAQ (5-30-2013), McAfee – Intel says, outright that they are not going to disclose the technology in DeepSAFE:
Q: What was Intel’s contribution to the McAfee DeepSAFE technology platform?
A: The specific details of each company’s contribution to the McAfee DeepSAFE technology are not being disclosed. A combination of McAfee’s deep knowledge of malware methodology and Intel’s deep understanding of system architecture were vital elements in creating this new capability.
From this FAQ, though, we can also see that the Intel “hardware” that is used in DeepSAFE is the virtualization extensions to the Intel CPUs that have been in use by many commercial products for a number of years. Jonathan McCune’s Ph.D. Thesis from over three years ago, for example, used the virtualization extensions in conjunction with the TCG TPM to achieve high security execution. Intel has been silent on how DeepSAFE and Deep Defender protect against severe attacks such as rootkit attacks.
Approximately 3 minutes into this video (5-30-2013), they show the execution stack as a Master Boot Record (MBR) first, then DeepSAFE’s DeepDefender, then the OS (Windows). This shows that DeepDefender operates just like Wave’s Self-Encrypting Drive secured Master Boot Record (MBR), at the same apparently safe location in the execution stack. The MBR, from which Defender comes, is PCR 4 in the trust chain of booting a PC. However, since we do not know if Defender even looks at this PCR, we cannot know if it even checks to make sure the MBR has already been compromised by a rootkit (or more generically preboot) attack.
It is true that today most preboot attacks attack the MBR, but products such as Wave’s Endpoint Monitor (NIST SP 800-155) has been productized for over a year now and that technology is all industry standard public hardware technology as developed by TCG working groups over the last dozen years. This is about all the technical information McAfee – Intel is disclosing that we have seen.
The recent research by Mitre Corporation demonstrates that preboot rootkit attacks are perfectly plausible prior to PCR 4, all the to the BIOS root of trust, PCR 0. So, even by McAfee – Intel’s limited technical disclosure, it will not protect against the attacks they describe, except for the ones that can assume the MBR is good. We must assume this because they refuse to disclose their use of any technology to protect the integrity of the MBR from which they sprout their VTx code. You can Trust McAfee – Intel, but you can’t Verify. With companies such as Wave basing their software on completely specified, industry standard, Trusted Computing Group specifications, you can Trust and Verify.
The opinions expressed here may be personal. Content published here is not read or approved in advance by Wave Systems Corp. and does not necessarily reflect the views and opinions of Wave Systems Corp.
Blue,
I'm not privy to what Wave does about promoting itself other than the conferences it attends, but seeing how I hold shares, it makes sense that if I can do something that might help the company, I should do that.
What have you done lately "for" the company?
I know that your a "wavoid" for many years, but you really need to give it a rest about the indecency of the company.
I wish you the best of course.
I voted my shares to make changes to the BOD as I am I sure you did as well. There may be a change to shake things up and that is the best everyone could ask for at this point, other than more signed announced contracts.
My thinking is that it is a tough business world out there and you can't just waltz into a business and sell your product with out having some sort of connection. Same with the US government. Doesn't matter how good your product is, or whether it will save the world from Chinese cyber terrorists, you have to have connections.
If SS was friends with Nancy Pelosi, we'd all be millionaires right now. That's the reality, I see it at my workplace everyday. I ask myself why did this person get hired for the position over me or one of my coworkers and the answer is connections.
Yes, yes we all hear you on your crusade. Hopefully it will all be resolved soon. Hopefully the new blood that comes in will have "connections".
Best to you and all.
Ski
I sent GG's article to the Disruptor program on CNBC. Hopefully they will follow-up and see if there is anything to what his article speaks to.
I know there is a slim chance that will happen, but nothing ventured, nothing gained.
Cheers,
Ski
SS everyone on this board wants to see announcements with $ attached to it. Plain and simple.
I own another security company and they always report numbers with there announcements.
Cheers,
Ski
Koog,
Glad to see that another multimillion dollar company thinks this market is worth going after. I believe someone said it earlier that you know you are on to something when the big boys (or Companies) decide they want to play your game.
I don't know if any of you Wavoids realize it, but the fact that McAfee is going after the same market is a huge deal. Think about it, it validates what Wave has been trying to achieve all along. "TRUSTED COMPUTING", dah, LOL, now you have someone else who saying this is a BIG DEAL!!!!!!! except, (the best part) they are many years behind the curve. AND only protect computers with Intel processors... Large companies may have many different applications or processors that don't fit the Intel model, Wave does.
Which reminds me that I spoke with one of Waves employees about a year ago who was a previous Intel employee, seems Intel at that time shelved the TPM project, so the employee came over to Wave to complete the project. Now, Intel has been burning the $ at McAfee to catch up.
But, the fact that McAfee has entered the market will shine the light on TPM's and Trusted Computing better than SS could have ever hoped for. IMHO
Best to all,
Ski
But, and this is a big one, what better price to take a nice position with a great company that will rule the world of security.
All the majors signed, 700 million TPMs deployed, end points monitored, no passwords, cloud security, two factor authentication, encrypted documents, little kids protected. What more could you ask for in a business?
Interesting, a new contract signed and the stock price retreats. This is really funny, actually not so funny, note to SS, please don't sign anymore contracts, you are eroding the stock price.
Problem is having the big stock funds involved, when they want to get out and I don't blame them, they take the stock price with them, down....IMHO
Amazing article, send this everyone you care about!
Cheers,
Ski
That may be true but that's not what article is about
News about wave on Yahoo
tkc,
You say there is no interest, what proof do you have? Do you speak for every business in the world? Probably not, nor can I. You might say no one is interested. I couldn't make that statement. IMHO
My point is, you just never know.
Ski
With share price this low, what's stoping another company coming in and taking control of Wave?
Anyone?
Google unveils 5-year roadmap for strong authentication
By John Fontana for Identity Matters | May 9, 2013 -- 16:06 GMT (09:06 PDT)
Google unveiled on Wednesday a five-year roadmap for stronger consumer authentication tagging smartphones, long-life tokens, and futurist schemes to harden access controls while striking an unapologetic tone toward users who resist the change.
The plan will ultimately change Google's login system by breaking today's pattern that has end-users signing in over and over. In it's place, Google will install strong authentication on a device such as a smartphone when it is setup.
A complex authentication code will replace the password and allow the device to identify itself, its user, participate in complex authentication flows, and recognize usage patterns that signal attacks.
"We will change sign-in to a once-per-device action and make it higher friction, not lower friction, for all users," said Eric Sachs, group product manager for identity at Google. "We don't mind making it painful for users to sign into their device if they only have to do it once."
Sachs, speaking at the IIW (Internet Identity Workshop) Conference in Mountain View, California, said that Google won't shy away from making transitions difficult on end-users in order to have better security in the long run.
"We now plan to rollout a change to our login system in which we will be much more aggressive," Google wrote in a document outlining the roadmap (with accompanying slide deck).
Sachs said that Google will require all end-users to have two-factor authentication enabled. Today, Google and other websites offer it as an option.
Sachs said that Google will put research and development into specific areas, with the goal of altering today's authentication and authorization patterns. Those areas include authentication at setup, moving beyond the use of so-called bearer tokens that give access to whomever presents them, tapping into smarter hardware, and devising new methods for bootstrapping, device unlocking, and confirmations for "risky actions".
He did not say what Google was budgeting in terms of investment to develop the strategy.
In 2008, Google made a similar five-year authentication plan. The biggest areas of gain were risk-based login challenges, strict two-factor challenges, OpenID style login, and use of the OAuth authentication/authorization protocol so apps outside the browser did not have to ask for passwords.
Google and other vendors have made progress in these areas, and work continues.
Since 2008, Sachs said Google learned that account recovery was its Achilles' heel, that it was hard to get vendors to adopt OAuth, that OpenID migration was taxing, and most important, that "bad guys had evolved to more sophisticated attacks". (Have you called WAVE?)They'll take care of that...
Sachs said the ugly truth is that there is a consistent identity for mobile applications, but not for browsers and websites.
Google said that the new five-year plan corrects one particular course it mis-judged in 2008.
"Five years ago, this level of smartphone adoption was not predicted," said Sachs. "We did not see that coming."
As a major part of the new plan, Sachs said that Google will weave smartphones and smart apps through a series of new authentication methods and back-end infrastructure changes.
He said Google likes the mobile model where applications are available once the user accesses the device.
"We plan to take our learnings from Android OS and apply it to Chrome, as well as taking lessons from how identity works for Android apps and apply it to web apps," according to the document outlining Google's plans.
Sachs said the ugly truth is that there is a consistent identity for mobile applications, but not for browsers and websites. "We need more plumbing, " he said.
He used an example of a "God-level OAuth token" that a smartphone could have at the operating system level to be used for authentication actions in the browser. "There is a lot of work to do here," he said.
Google will use smartphones and smart apps installed on devices to support one-time passcodes (OTP), portable OTPs, and new fangled schemes that can challenge users, such as presenting a map so users can verify the location they are logging in from.
Today, there are smart apps that generate OTPs even when a mobile phone does not have connectivity. Ultimately, Google hopes to require logins be performed where the proof of the second factor is much harder, if not impossible, to phish than OTPs.
Google also plans to develop methods that will accommodate users who don't have their phone. One example is where the user can access online a list of their devices that are connected to an account, and answer challenges there.
These sorts of schemes get around one problem with two-factor authentication (2FA), where one user on a shared account can't sign-in because they don't have the device receiving the verification code.
Google's plan relies heavily on smarter hardware, and will tap that hardware to try and make unauthorized access via social engineering, such as phishing, more difficult.
Sachs used the example of a web-based online banking application prompting the user to open up a smartphone version of the same app to click a confirmation button for a transaction, and to validate the authenticity of the web-based site.
Google will explore using technologies such as biometrics and Near Field Communication that lets users identify themselves, and allow one device to verify a new account on a second device. The bootstrapping of the device could go from Android to Chrome or Android to Android devices.
"We would prefer for a user to authorize a new device by having an existing device talk to it via a cryptographic protocol that cannot be phished," Google said in its strategy document.
Sachs said support of non-Google devices is being worked on via Google's participation in the Fast Identity Online (FIDO) Alliance, where it has teamed with hardware security token vendor Yubico on developing a new strong authentication protocol called Universal Second Factor (U2F).
Google said that in the future, it will request this method be used when consumers add an account to a new device. Google joined FIDO in late April.
Google will also explore how users unlock a device connected to their accounts, and how a user "confirms" they are indeed the ones performing "risky actions" on devices connected to their accounts.
Google will also work on back-end infrastructure, specifically public/private key pairs and server cookies stamped with a public key as defined in the IETF's ChannelID draft proposal.
Google does similar things today with its Chrome platform.
"In the future, it is our goal to allow early adopters to require the use of tokens 'tied' to public/private keypairs for any access to your account (from both apps and browsers)," Google wrote in its strategy document.
The ChannelID proposal focuses on how to protect the cookie on the device that proves the user previously signed in and reduces the risk associated with leaked reusable bearer tokens.
Also, Google plans to use more trusted platform modules (TPMs) and OAuth tokens on devices, and in the future, deprecate bearer tokens, which basically gives access to the presenter without challenge.
http://www.zdnet.com/google-unveils-5-year-roadmap-for-strong-authentication-7000015147/?s_cid=e539&ttag=e539
Telstar,
Now that's the kind of advertizing Wave needs don't you think?
Cheers
Ski
Like the smartphone before it, the tablet is blurring the line between consumer toy and enterprise workhorse. Developed to be intuitive, sleek, and fun, consumer technology like the tablet has plenty of immediately apparent advantages over what a corporation would traditionally choose for its employees. It’s no wonder, then, that these consumer tools leak over the corporate boundaries—despite the security flaws that come with something designed to play games and read restaurant reviews instead of analyze customer data.
So how do you promote user productivity by allowing tablets, without creating a gaping hole in security?
Enterprise Security, Consumer Simplicity:
Do You Have to Choose?
No.
Wave-managed tablets give users the streamlined, intuitive experience they’ve come to expect from consumer technology. Wave-managed tablets give IT decision-makers the peace of mind of knowing their tablet deployment conforms with enterprise security best practices. And for IT staff, Wave-managed tablets build on tools they already know (i.e. Microsoft Active Directory).
Tell your users to forget their passwords, because they won’t need them. Tell them to carry sensitive data on their tablets, confidently—because even if they lose them, your data is safe. Users sign into their tablet with a PIN generated by secure hardware. Their tablet then automatically signs them on to all other services, including enterprise VPN and WiFi. Data is transparently protected with automated, hardware-embedded encryption. The user experience is uncompromised…
…but the device is secure. IT staff can remotely initialize and manage devices to ensure only authorized users are accessing networks and resources. They can monitor for malware attacking in pre-boot. They can provide audit logs to prove compliance and data encryption in the event of a lost device. In short, they can do everything they would do with an enterprise laptop.
How Wave’s Solution Is Different
Wave software starts security with the device by using security tools embedded in the hardware of the device, improving operating system performance and taking advantage of tools you already have. Wave integrates with Microsoft DirectAccess and is compatible with all Windows 8 Pro tablets (available from Acer, Dell, HP, Lenovo, Microsoft, and Samsung).
With Wave-managed Windows 8 tablets, enterprises can extend PC security to tablets without compromising best practices or buying independent Mobile Device Management software.
What Can Your Wave-Managed Tablet Do:
Authentication
Data Protection
Malware Detection
Check out a YouTube ‘Wave Mobility Solution’ demo video:
http://peaketa.com/wave-trusted-computing/
New partner in Europe with huge client list just posted on Wave website
Developing a Framework to Improve
Critical Infrastructure Cybersecurity
dated March 15,2013 but the document looks like it was updated in Apr.
found this on the web, definitely a pitch for DOD $$
Interesting article though, good history too todays threats
http://csrc.nist.gov/cyberframework/rfi_comments/040813_wave_systems_response_part2.pdf
There is always possible future litigation for any company. When they put an offering together like this, the company is required to divulge any possible legal action whether it will happen or not. Typical legal mumbo jumbo legal speak. I wouldn't get all worked up. IMHO
Ut-oh, they forgot to divulge the earth is going to rotate off its axis...
Dell Latitude E6430s premier laptop
available May 4, 2013
Equipped with TPM on-board
http://www.dell.com/us/business/p/latitude-e6430s/pd
For Dell, they have to weigh the risk of DOD (or any large organization) adopting or not adopting the use of TPM's full scale in the future, so until that time it is probably easier to make sure their laptops are so equipped.
Cheers,
Ski
My point exactly...
No problem, didn't take it that way.
The last few days there has been a lot of speculation on how the company may proceed. And how you (and I) should proceed or move forward with our (your) shares starting on Monday. I know many of you have been here more years than you would care to talk about (although) many have you have made that plain as day.
You all have a choice. Either you can sell and make the price tank by hitting the "sell all" button at market or not. If you wanted the shares to go up in price that's not you would do, correct? I will not be selling my shares tomorrow, maybe I'm crazy. Things can change between now and July.
Wouldn't you be pissed if the DOD decided to light several branches of the government up with wave ERAS. Or, it could be any other large company in the world deciding to jump on board. It is a possibility, you have all said it. You waited all this time (patiently I might add) just to see the stock price rise after you sold. Ugh! I'd be pissed too.
I know I am a newcomer to this board and stock. Last year I voted for the board and amendments not having much time or history, this year most likely will be different.
One positive thing I can say for SS is at least he is willing to put his money where his mouth is by buying shares on the open market. That makes a statement to me. BOD where is your commitment? You might need to update your resumes...soon.
Look, I don't like the idea of a RS split anymore than you do or increased share dilution. But I've seen plenty of companies with a lot of debt, that is the flip side of the coin.
Hang in there, don't give your shares away cheap.
Ski
Why bother installing all those TPMs and at what cost? millions
I think you hit the spot Alea, Wave should have required all TPMs to be activated from the start. Maybe giving free service for the first six months. I guess they didn't have enough leverage in the beginning.
If they ever needed to announce a major deal, the time is now.
Barge, Return is right, how come Wave is not shouting this information to the world? Especially, with a RS looming. This information would send the stock price higher for sure.
Ski
Barge, your connection for tablets...
Wave Mobility Pro – Tablet Edition Now Generally Available
Since announcing the development of a comprehensive management solution for Windows 8 tablets in February, Wave has had a single focus – releasing this much sought-after solution to customers. Now, marking a major milestone, Wave is announcing the general availability of the newly minted Wave Mobility Pro – Tablet Edition today.
So what’s new? In addition to the commercial availability of strong authentication, managed encryption, and device health for Windows 8 tablets, Wave Mobility Pro offers professional services with an unprecedented level of support for your deployment.
The Mobility Pro allows enterprises to securely deploy Windows 8 tablets using enterprise-grade 24X7 authentication and encryption. With the Mobility Pro you can streamline your user experience by taking passwords out of the equation, save money (no longer a need for MDM software), your tablet becomes “safe to lose,” and you can standardize your security management by using the same infrastructure to manage your desktop and laptop PCs. What’s more, it supports a mixed environment with backward compatibility with pre-Windows 8 operating system.
The Mobility Pro helps your company manage and take advantage of the industry-standard security technology (the TPM) that’s available on Windows 8 tablets. It’s a solution that offers strong hardware-based authentication without passwords that are vulnerable to being phished or cracked, it provides VPN or DirectAccess authentication using your exiting internal TPM without a need for an external token and it secures and locks down corporate Wi-Fi access without passwords as well.
Despite their popularity, iPads and Android tablets pose significant security risks and management challenges to enterprise IT. Existing Enterprise applications need to be rewritten, which is expensive and time consuming. Contrary to common belief, existing MDM solutions do not provide adequate security and are pricey.
Windows 8 tablets are here. All major PC OEMs have been shipping Windows 8 tablets for 4 months now. And Gartner estimates that 15 million enterprise tablets will be sold in 2013.
The Wave Mobility Pro solution has flexible, layered options based on IT desired functionality. Each option within the Wave Mobility solution can be implemented stand-alone, or in combination with Wave solutions.
http://blog.wave.com/girish-bhat/wave-mobility-pro-tablet-edition-now-generally-available/
Barge, how important is this latest development about bit locker to wave?
Sounds like your speaking for the company...they (Wave) may not agree with your opinion.
Blue, The RSI just went into an oversold condition for WAVE. Should all investors go out and buy, probably not. It's one that I use. Sentiment is another, when the negativity reaches a certain level and it seems there is no chance for survival, for me, it's time to buy.
Cheers,
Ski
Oversold-time to buy IMHO
Automated Security for Remote Systems
The increasing use of mobile devices or the integration of remote embedded systems introduces new threats to enterprise IT networks. While most security programs such as desktop firewalls, antivirus and hard drive encryption work pretty well for laptops, they are not available for mobile devices or remote VPN devices connecting to a central network.
The only way to keep the network secure is by providing additional security on the central IT infrastructure and establishing trust in the devices used.
The problem is, most of today’s security systems work isolated from each other and if they offer interoperability they do so only to a limited extent, which is insufficient to counter the new threats network security faces every day. TNC IF-MAP provides the possibility to interconnect different IT-security systems and provide an accurate representation of the health status of an IT network. The TPM offers the perfect solution for establishing trust in a remote device by checking its health during boot-up.
At last month’s RSA Conference, TCG member NCP of Germany demonstrated the integration of different IT security systems like firewalls, intrusion detection and VPN working together in real time to counter threats emerging from a remote device or a smartphone. If the device should misbehave within the internal network this is detected and the device is limited in its access or shut off the network.
In the case of a remote embedded device the device additionally checks its health during bootup using the TPM and only establishes connection if the device image is correct.
Note: NCP does not provide TPM embedded authentication as noted on their website.
http://www.trustedcomputinggroup.org/community/2013/03/automated_security_for_remote_systems
Trusted Computing in Nokia Lumia
At last month's RSA Conference, mobile security was, to nobody's surprise, a big topic. During the TCG session, long-time TCG member Nokia showed its Nokia Lumia 920 mobile device which incorporates Trusted Computing technology (Windows Phone 8 secure boot).
The demonstration showed how the Nokia Lumia secure boot sequence is achieved and how this supports device integrity and provides a trustworthy foundation for supporting trusted applications and secure services.
As many might now know, Windows 8 and its brethren Windows Server provide a number of capabilities based on and using Trusted Computing technologies. For example, secure boot and the TPM work together to ensure platform integrity.
http://www.trustedcomputinggroup.org/community/2013/03/trusted_computing_in_nokia_lumia
What Can You do With the Trusted Platform Module (TPM)?
by TCG in Action
4/3/2013
Much has been made about what exactly can be accomplished with the Trusted Platform Module, or TPM. Now that Windows 8 is available, that question becomes easy: lots can be done with the TPM to ensure better system, data and network security.
One key use is authentication - a topic that is seeing lots of interest these days with recent moves by Apple, Google and others to implement stronger authentication.
At last month's RSA conference, TCG member Wave Systems showed effective strong authentication using the embedded TPM and Windows 8.
With Windows 8 a new environment for security solution providers to utilize for PBA has arrived: UEFI. The Unified Extensible Firmware Interface (UEFI) is a specification that defines a software interface between an operating system and platform firmware. UEFI is meant as a replacement for the Basic Input/Output System (BIOS) firmware interface, present in all Windows-based personal computers.* When UEFI Secure Boot is turned on it means that the PBA software has to be ‘signed’ by Microsoft or the OEM so that it can be trusted to execute. With Secure Boot turned on computers are less susceptible to attacks on the booting process such as the Evil Maid attack.
The TPM also can be used to monitor the security and health of the PC boot environment. For example, Wave Endpoint Monitor (WEM) determines the health of the endpoint based on TPM-secured Platform Configuration Register (PCR) measurements. In this demo, a "healthy" laptop is granted access to Wave Cloud. When WEM detects a suspicious change on the laptop – for example, by a firmware virus – the laptop is denied access to Wave Cloud.
http://www.trustedcomputinggroup.org/community/2013/04/what_can_you_do_with_the_trusted_platform_module_tpm
Snackman, you cannot put this out there if it were not true, the feds will be knocking at your door, and putting pretty little silver bracelets on your wrists if found otherwise.IMHO
You have information that we don't, care to share your sources?
They need someone who knows how to close deals.