Replies to post #172461 on Wave Systems Corp. (fka WAVXQ)

[Wildman262]

SKS hitting it hard at CNET http://www.cnet.com/8705-4_1-0-2.html?username=skswave&rpp=10&tag=page

We also need to get tot he root cause of Identity theft Passwords and it is time to make them go away. With 250 million PCs with ahardware security Chip called a TPM trusted Platform Module it is time to put pressure on the major service providers to enable thier services like Yahoo Mail to support strong authentication. This technology which is similar to the security chip in your cell phone that keeps your cell bill safe from being hacked is capable of securing access to all web sites. The user logs into their PC and then the PC logs you into all of your sites. With a common industry standard technology available it is time to enable this capability for every site.

Steven Sprague
Wave Systems Corp
In reply to: "People can do more to guard against ID theft, says group"
October 2, 2008
0 replies
We have to start somewhere. The easiest to use encryption for your whole disk is a Seagate FDE Drive on a Dell Lap top it sets up in about 1 min for an individual user and then it will provide hardware single sign on to your PC. This technology is an option on all new Dell PC and ships ready to use.
Secondly we need to push all of our providers to offer us Strong authentication using the Trusted Platform Module that is now on 250 million PCs and provides a common standards based hardware device to manage keys on the PC. The TPM would eliminate the need to login with passwords from your personal PC and would dramatically reduce the potential for theft of access to data

Steven Sprague
Wave Systems Corp
In reply to: "To encrypt or not? That is the question"
October 2, 2008
0 replies
There are now over 250 Million PCs that have a common key managment device, the Trusted Platform Module. It has common API (interfaces), It is vendor Neutral, It is driven by a good and strong standards effort. There are enterprise tools that allow a company to manage the TPM for a collection of users and their are local tools that allow an individual to use the device. The result is that every service provider every encryption provider can create and use keys in the TPM and the enterprise can centrally manage the TPM and backup or oversee all of the keys. This works today for VPN and wireless for windows authentication and for Web page access. It is time that every user know what a TPM is and know what to do with it. If a service provider won't support it then switch to a provider who does. We need to start asking Yahoo and google and AOL and EBAY where their support for strong platform security is. We demanded it in portable phones in the 1970's we demanded it in cell Phones in the 80's We got it as part of all cable boxes in the 90's now it is time to have strong keys in the PC. The tools are there, The hardware is already in your hands, but if your enterprise has not turned it on yet ask them WHY.
My PC logs onto wireless with no passwords and keys held in hardware
My PC logs onto the VPN with keys only know by my IT department and held in my TPM

But I needed a password (and had to remembe it ) to log into this site and that made my computer vunerable. It is time to leverage the investment that has already been made and utilze hardware security in our PCs to make it easier and simpler to be on the services based network.

Steven Sprague
CEO
Wave Systems Corp.
In reply to: "Encryption key management: Critically important, frighteningly immature"
September 26, 2008
0 replies
this exists in all dell comercial machines as the Personal Infomation Manager as part of Embassy trust Suite and uses the Trusted platform module to hold the authentication credential for each website. The user has the option of creating a password or using a randomly generated password by the TPM in any case the user then supplies a common password to the TPM with then releases the password to the web site. The use of the TPM ensures that if a machine is borrowed or lost that the access credentials are not stolen. Leverage the access control hardware that is on millions of PCs and we will make the authentication problem go away. The goal is to move all of the websites to support strong authentication with 200+million TPMs shipped the case to addopt is getting stronger every day. Floppys went away parrallel ports went away, now passwords can go away.

Steven Sprague
Wave systems Corp.
In reply to: "UsableLogin lets you use one password for all sites"
September 8, 2008
0 replies
If Cnet IT guys had deployed the Trusted Platform Modules on your PC and had used it to store your keys then you would no longer be relying on the rediculous concept of UID and PW. Industry has replaced your computer with one that can be secured but your IT department actually needs to turn it on. By storing your access keys in hardware your PC will have all to be stolen to be compromised. I suggest if you are interested in the security market ask your IT guys why they have not turned on the TPM that is in every new PC purchased over the last 2-3 years. It is standards based, Vendor neutral security. Sorry you got hacked but it is time to turn on your TPM and use it to access corporate services.

Steven Sprague
In reply to: "Targeted for hacking by reporters at my table"
August 8, 2008
1 reply

The real crime here is that for the last three years the PC industry has shipped Millions of PCs and motherboards with Trusted Platform modules. This device provides a very secure container in which to hold the secret keys that can be used to encrypt every wireless link. This technology is in every box, Industry Standard and Vendor neutral. However, The IT proffessionals are failing to implement best practices and turn on these devices to hold the keys. They have continue to not leverage the best solutions to protect our identities and assume we will waste our time fixing them when they get lost. I strongly suggest that dan cover this crime as well. Our PCs are available with and have body armor but body armor is only helpful if you wear it. It was over a year ago when this hack was originally broadly published. How are we doing?? Many organizations turned on WPA to secure the wireless but use keys held in software that can easily be stolen by a virus or a bad employee. If the keys are in a TPM then the keys are safe unless the PC is stolen and usually that gets noticed. Put a seagate FDE drive in the PC to prevent any type of boot and now we have a real security solution for the end point. If Industry doesn't apply the patch of moving keys to hardware then the goverment will force us to do it. We do not need regulation, we need action. If you have a VPN, Wireless, Any type of certificate based access move the Keys to the TPM and move them now. Your OEM has given you the tools to secure your brand, your Job, and your customers data, but like any patch you need to apply it.

Steven Sprague
Wave Systems Corp.
In reply to: "Daily Debrief: Forty million card numbers compromised"
August 6, 2008
0 replies
The Trusted Platform Module is one of the best tools for any enterprise who wishes to increase the security of their network, Reduce the cost to manage the network and improve user satisfaction. Imagine a world where you open your PC Swipe your fingerprint (that never leaves your PC) and then your PC logs you into the services you need to do your job. The TPM is an authentication device that is compatible with all of an enterprises current networking equipment. As a simple policy statement put all of the KEYS for the enterprise's soft certificates into hardware. This simple action assures the neither a user, an admin, or malware can steal the secret keys on an authorized PC. These tools work today and can be deployed on a full enterprise basis. All of the major VPN and Wireless suppliers support the TPM securing thier access keys on Windows PCs.

Lost in the concern about managing content securly, which requires so much more than securing keys, is the discussion of the need to manage access to all of these wonderful internet services. Roger states the point very clearly above.
Focus on the death of userid and password. It is time to send it on the same path as the 5.25 floppy and the serial port mice (and they'll be easier to throw away) A vendor neutral, Industry standard, globally deployed, common mechanism for securly managing keys is of tremendous benefit to all of us and to all of our kids.
So turn on the TPMs, Secure your network Keys, Stop typing in passwords and lets secure the network.

Key benefits of using hardware to secure the keys
Only authorized PCs on your network.
Authentication Keys can't leave the platform they can be deleted but they will never leave
Works with standard networking solutions out of the box but you have to read the manual
Multiple keys from multiple parties can be stored on a single TPM the Owner of the PC is in charge not the owner of the key. (the owner of the key just knows there are no copies of the keys)
Everybody has a TPM your customers, your users, your vendors, your goverment, your regulators...... Imagine the healthcare system with an interoperable authentication scheme. Imagine your healthcare system without common networking like ethernet.


Thanks for your time

Steven Sprague
CEO
Wave Systems Corp.
Member of the trusted computing group
In reply to: "Whatever happened to Microsoft's DRM plan?"

[Chowder]

helpful, wave is very much the early swallow arriving at Capestrano. SKS said it during the last CC that we need a MARKETING campaign to light this trusted computing fire. Wave does not have the wherewithal to mount such a campaign. Witness most of the TCG companies who are writing the standards are not using it yet. Marketing is the tonic. The Dells, Intels, etc will have to pull the wagon.

The good news, and I'm bullish on hearing more this coming CC, is that virtually all piloted customer sites turned into full implementations. It's just that wave can only contact so many new prospects.

I have prompted the IT bunch at my firm on trusted computing and wave. They are a bunch of technological neandertals but I did get the alpha IT dude to squint. It's the "comes with" solution that is superior and easier to use.

Ciao!