Replies to post #134553 on Wave Systems Corp. (fka WAVXQ)

[Weby]

Awk.
Having commented on the reliability of Wave numbers recently, perhaps you could sum up How Merom, Santa Rosa and quad chips have not only physical TPMs as part of their operating philosophy, but how this fact in 2oo7 will put both trusted computing and virtualization smack center into the operations of the computer world. On some level, folks seem to have forgotten that the slog has not been caused by Wave's slowness, but by the very complexity of the architecture which is now bringing a new level of trust from Intel to the computer itself.

I believe the above is one of the reasons you and I maintain a level of confidence in the future that seems so much harder for some of our friends to sustain.

The FACT is that the next generation of INTEL chips make no sense without a TPM 1.2 at the bottom of the stack. From there everything flows upward and Wave's interoperability in the middle of the stack become more important with every advance in chip design. As the popular journalists need to deal with the Santa Rosa chip and Merom, they will increasingly have to deal with TPMs and as the use of virtualization becomes commonplace the need for authentication and key management becomes critical. Unless our colleague really understand the function and timeline on these points, we and they are stuck in negative feedback loops discussing why it hasn't happened, when indeed our mistake was thinking it could happen before these pieces were in place or worse yet, thinking it will never happen because it hasn't happened yet.

[svenm]

Awk, Thanks for that succint and crystal clear reply. That really makes that issue much clearer for me. I'm looking forward to the HP adoption of bundling and software licensing/redistribution. Perhaps both at the same time?
Cheers,
Svenm

[rick5]

Could it be that the reason behind the 11/20 Wave PR about Wave certifying HP businsess computers with the Embassy Trust Suite is that there are buyers considering HP as a part of a multi-vendor program who want to hear that point directly from Wave rather than through HP?

If so, that's an interesting shift in the pecking order of things.

[RootOfTrust]

(Edit) svenm/awk re: HP bundling ETS lite:

You both already know this, but it is actually not necessary for any PC OEM to bundle (pre-install or make available as a free download) a lite version of ETS in order for the end user to implement ETS Pro. The PC OEM, integrator or whoever is responsible for assembling the platform, simply configures the image with the ETS Pro...since ETS Pro has everything and more than a lite version, there is no reason to install the lite version. So, if the Army for example wants to mandate ETS Pro and they buy HP machines, HP and/or their integrators will have to pre-configure the order with ETS Pro. I think it's simply a matter of HP or the integrators/resellers being able to buy the Wave software. Actually the Army would have a deal back to Wave to only pay so much for the software, and I don't understand just how the HP/Wave/Army reseller relationship would be structured, but I am sure it would be no problem to get the software.

But all of that said, I also think it makes sense for HP to replace their Infineon-based interface with Wave's ESC interface, even though the need to bundle is bypassed when the user buys ETS Pro with their procurement. The OEM is still exected to provide a free interface on non-Wave upgraded images, and it would make more sense for HP to adopt the Wave ESC interface...that way if the user wants to upgrade to Wave later they might not have to uninstall the Infineon-based HP interface...it might be compatible alongside ETS, or it might not be, but in any case it would be ESC that is being used to take ownership of and configure the TPM, not the HP software...so it's seems just silly for the HP stuff to be there in that event.

[New Wave]

awk, IMO this was the primary reason for Wave's recent PR on behalf of HP, released obviously with HP's approval.

Wave Systems Certifies EMBASSY(R) Trust Suite for HP Business Computers

Wave Systems Corp. (NASDAQ: WAVX) today announced that its EMBASSY(R) Trust Suite (ETS) client software family has been thoroughly tested and certified for use on HP business desktop and notebook PCs with a hardware security chip called a Trusted Platform Module (TPM) that integrates the core elements of trust into the subsystem. The ETS products are available for purchase immediately direct at http://www.wave.com/products/ets.html and more information may be found on the HP Independent Software Vendor web site at: http://h20331.www2.hp.com/Hpsub/cache/292227-0-0-225-121.html.

A TPM is a unique standards-based hardware security chip that handles various advanced security tasks on a computer; the chip is embedded into a wide array of HP business notebooks and select business desktops. When combined with Wave Systems' EMBASSY Trust Suite software, a TPM performs a variety of business security features, such as security policy management, data protection, password management and strong pre-boot authentication. The TPM/ETS solution substantially improves protection against: password, data and personal information theft and provides enhanced application security, strong wireless authentication, secure email and more - all while increasing productivity.

"We're pleased to extend our relationship with HP, collaborating to enable Wave Systems' turnkey software to leverage HP embedded security solutions," said Steven Sprague, Wave's president and CEO. "Wave's software has undergone a rigorous testing process to validate the advanced trusted computing security it provides to customers. We believe these security solutions, which Wave has tested and certified for use on HP business PCs, provide HP customers a heterogeneous, interoperable security solution that can immediately benefit the security of any business."

Wave's EMBASSY Trust Suite, Business Edition, developed specifically around the new Trusted Computing Group (TCG) specification, delivers an easy-to-use launch pad for secure access to your applications from a central location. Wave's Document Manager Vault application offers a user-controlled vault for storage of private data, such as encrypted files and folders on personal computers. Document Manager Vault offers the choice of a simple drag-and-drop mechanism, as well as a set of integrated plug-ins for popular office tools to encrypt and decrypt any type of file on a local PC. Wave's SmartSignature(R) capability electronically signs and stores documents, contracts and supporting files.

Trusted Computing Solutions for the Enterprise

In addition to the EMBASSY Trust Suite, Wave also offers four enterprise solutions which deliver improved trusted computing features for government and enterprise markets. Wave's EMBASSY(R) Key Management Server (EKMS) and EMBASSY(R) Authentication Server (EAS) provide trusted computing solutions for network policy management, data protection and strong authentication using biometrics, smart cards and TPMs.

Wave's EMBASSY(R) Network Access Control (ENAC) leverages existing network infrastructure and open industry standards for IT control over PC client access to the network, locking down the network from unauthorized access to thwart many common and damaging network attacks. EMBASSY(R) Endpoint Enforcer (EEE) is Wave's open, standards-based network security solution designed to work with any network access control solution. It captures, reports and validates platform integrity metrics on PCs equipped with TPM security chips and enables third-party applications and services to make informed network access decisions.