Replies to post #199703 on Wave Systems Corp. (fka WAVXQ)

[jakes_dad]

NSA's First Trusted Computing Conference Attracts Nearly 500 Participants

http://www.nsa.gov/public_info/press_room/2010/trusted_computing_conference.shtml



NATIONAL SECURITY AGENCY
CENTRAL SECURITY SERVICE

FORT GEORGE G. MEADE, MARYLAND 20755-6000

NSA PRESS RELEASE
01 Oct 2010
For further information contact:
NSA Public and Media Affairs, 301-688-6524

NSA's First Trusted Computing Conference Attracts Nearly 500 Participants
ORLANDO, Fla. – Nearly 500 people attended the National Security Agency’s first Trusted Computing Conference and Exposition, which was held here from Sept. 14-16 to discuss the important role of trusted computing technologies in cybersecurity.

Generally speaking, trusted computing technologies ensure that hardware and software behave as designed. Trusted computing solutions prevent malicious computer attacks by combining commercially available, off-the-shelf IT tools. Such solutions are now being used in both the public and private sectors, but much too infrequently, officials noted.

Widespread adoption of these technologies could inoculate not only national security systems but also corporate computer devices and networks from criminals, foreign spies, and everyday hackers.

"It will be a lot of work, but the benefits that trusted computing can provide are worth it," said Neal Ziring, Technical Director in NSA’s Information Assurance Directorate, in a keynote address at the conference.

To illustrate that point, the agency debuted a video showing a series of authentic network attacks against what would be considered a well protected, standard computer workstation and a High Assurance Platform (HAP) workstation. The National Security Agency’s HAP Program demonstrates how commercial technologies and techniques can be merged to create secure, manageable, and usable computing platforms.

The video’s message was clear: Even modern workstations and networks remain highly vulnerable to cyber intrusions. Trusted computer technologies, like those in HAP, reduce the risk of systems being compromised, improve system administrators’ ability to quickly detect any compromises, and minimize damage from attacks. The audience watched while the well protected workstation was breached. The one with HAP was like Fort Knox.

HAP should be fully embraced, officials said. The sooner, the better.

Piecemeal efforts to strengthen cybersecurity are clearly ineffective, participants emphasized. Furthermore, securing cyberspace cannot be the responsibility of the U.S. government alone. More collaboration is needed between government and information-technology partners in the private sector, they said.

Greater use of trusted computing would give commercial systems more government-like security. Conversely, it would give national security systems more commercial-like functionality and mobility, a presenter pointed out. The federal government must depend on a steady stream of private-sector IT innovations that meet U.S. Department of Defense requirements, participants said.

Nearly 40 IT vendors were on hand in a conference exhibit hall to showcase the latest in trusted computing technology. NSA’s HAP Program also works with eligible hardware and software vendors, integrators, IT organizations, and representatives from academia to disseminate HAP technology standards and promote trusted computing products and solutions.

"Ticking off adversaries," Ziring quipped, is the ultimate goal.

The video and more information about NSA’s HAP Program are available online at www.nsa.gov/hap.

[awk]

dabears4: Thanks for that! /eom

[helpfulbacteria]

The video...

The HAP video was produced by Digital Management, Inc...

The scenario was (according to a DMI rep who used to be on the Trusted Computing Group board) taken from the semi-recent Aurora/Google hack.

And the "Bruce" in the video is none other than Bruce Potter... a fellow whose name will be familiar to many WAVX longs because of several presentations he's made over the years supporting Trusted Computing.

Best Regards,

c m

[wavedreamer]

Dabears4,

That video will keep me up all night!! (thank you for posting LOL)

I've come to the conclusion that it does not matter what Virtualization product a corporation uses (VMware mentioned and configured for the demo or LynuxWorks/Integrity/Citrix Etc.)

The KEY to it all (thanks awk you are the key guy LOL)

is the Network Authentication Server that does the remote attestation for the measured boot process to ensure the secure root of trust on the device trying to gain access. The various measurements and the validating of the machine Identity is the fundamental tool to stop hacks. No untrusted devices gain access to the network. Full STOP!

I'm sure there are marketing differences between the Virtualization products but in the end, who cares, we are Wave investors.

Now the next question you have to ask is who supplies such products that fit that description? “Remote Attestation Server” or as the DOD likes to call it "a TPM Element Manager".

Now all you senior 10 to 15 year Wave investors stop laughing because I just got "IT" big time! LOLLL

This is huge!!!!!!!!!!!!!!!

[svenm]

Thanks, DaBears! That is a great presentation and there is now no question the tide has turned! We've got a long way to go yet but as helpful has pointed out, the NSA is clearly all in!

Svenm

[weets]

Dear Dabears,

Wow!! http://armedservices.house.gov/pdfs/FC092310/AlexanderStatement.pdf

[oknpv]

Dabears......

I shouldnt try to comment on tech but over the past several years we have seen mention of Gen Dynamics PCs & always with Wave Embassy TPM mentioned. In your NSA film, seeing that the HAP PC is Gen Dyn/Dell, again excites me as well as wondering when this effort will seriously deploy. Here is just a reminder & dated recently:

(Security excerpt)..."On the software side, Wave Systems' Embassy Security Center handles all of the TPM functions, including password management and other authentication."
http://www.ruggedpcreview.com/3_notebooks_itronix_xr1.html

[pointandfigure]

Dabears....just viewed the NSA/HAP video.

Just spectacular!!! General Dynamics PC uses Wave
Systems software for TPM management. This is a fact.
FACT!

We Wavoids know this FACT but no one else in the world
knows it. How do we spread the message?

If Wave Systems cannot spread the message, then how can
we do it for them?

How much longer do we have to wallow in the murky depths
of non recognition?

Where is the justice in this world? When will we Wavoids
gain the respect that we deserve?