InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
Subscribe Login/Register
S&P 500
5,638.70
(
0.42%
)
US TECH 100
19,904.40
(
0.56%
)
Dow Jones
40,149.12
(
0.37%
)
Brent Oil
84.05
(
-0.64%
)
Bitcoin
62,955.15
(
3.58%
)

Replies to post #89317 on Wave Systems Corp. (fka WAVXQ)

Replies to #89317 on Wave Systems Corp. (fka WAVXQ)
icon url

awk

08/01/05 5:40 PM

#89318 RE: SheldonLevine #89317

SheldonLevine: Vista / Key recovery...

Correct! This subject is of great - actually monumental - importance to everyone following this company/stock!
icon url

vickers2

08/01/05 5:48 PM

#89319 RE: SheldonLevine #89317

Sheldon, I was trying to get a grip on that as well. This is old (from April)

http://download.microsoft.com/download/5/D/6/5D6EAF2B-7DDF-476B-93DC-7CF0072878E6/TPM.doc.

Microsoft Applications Using Longhorn TPM Services
The initial release of Longhorn will include three applications that take advantage of the TBS and the Microsoft TPM driver: Secure Startup, TPM Administration Tools, and the Key Storage Provider (KSP).

Secure Startup
Secure Startup is designed to utilize the TPM to protect the integrity of the Windows partition (and any other data, applications, DLLs, and files stored in that partition) and only release access to the protected data/partition after the veracity of the booting operating system has been established.

Secure Startup communicates with the TPM in the early phases of booting the operating system through a TCG-compliant BIOS and the TPM driver.

TPM Administration Tools
Microsoft is providing a Windows Management Instrumentation (WMI) interface that encapsulates the common TPM administration tasks. Using this interface, administrators can locally or remotely administer machines using provided scripts or develop custom scripts to suit the enterprise environment.

An important aspect of TPM administration is to enable the enterprise to opt-in to TPM technology in large deployments, yet give administrators the tools to control the exposure of personally identifying information (PII) with high granularity. Microsoft is providing a mechanism within Group Policy for administrators to curtail the use of TPM commands that might reveal privacy-related data about a user or workstation. The IT administrator will be able to disable certain PII-revealing commands or specify on a per-command basis which TPM operations are not allowed on workstations in a given organizational unit.

Key Storage Provider

The KSP is a plug-in for Microsoft’s Crypto Next-Generation (CNG) Key Storage Provider (KSP) Framework. The KSP is intended for applications that use the TPM to generate private keys and do basic encryption and signing. The KSP uses a single-level key hierarchy and stores keys in the application profile and user profile directories, to which access is appropriately controlled. Microsoft is evaluating methods through CNG extensions or system policy to turn on sealing to specific Platform Configuration Registers (PCRs) when using CNG to encrypt data. CNG strong key protection is supported by the TPM KSP, with the hash of the supplied password being used as the key usage authorization on the TPM key.

Implementing Applications that use Longhorn TPM Services
Software vendors who are developing new applications for TPM 1.2 in Longhorn can do either of the following:
• Write code using the Trusted Service Provider (TSP) layer of a v1.2-compliant TSS that has been built upon the TBS
• Access TPM functionality through the administration WMI interface or the KSP through the CNG interface....
icon url

1stnflight

08/02/05 11:12 AM

#89422 RE: SheldonLevine #89317

Sheldonlevine: Server based MSFT Key Utility vs KTM ES AD

Although developments with Longhorn server now in private beta testing are important, after thinking about the scenarios below I do not think they will break Wave.

1) MSFT builds a utility software like KTM ES AD into LH Server software which would make Wave a competitor, and give consumers a choice. This would be similar to Netscape vs IE, Real Player vs Win Media Player, Veritas Backup Exec vs XP Pro Backup, MS Money vs Intuit Quicken, Symantec Antivirus/Security vs MSFT upcoming products in Symantec's realm of expertise, Yahoo vs MSN, XP vs Redhat Linux, etc.

In other words, MSFT often tries to be the jack of all trades but many customers prefer the master's product. Like MSFT competitors above Wave and KTM ES AD, ETS 5.0 will survive.

2) The numerous existing Windows 2003 Servers with AD could use KTM ES AD by adding the optional IBM PCI coprocessor before new servers are available with a built-in TPM. They will need a solution before Longhorn Server software and compatible hardware deploys.

3) When servers are available with TPMs end users can buy them and install Windows 2003 Server versus upgrading to LH Server. They could then purchase and install Wave's KTM ES AD. Or like 1) above they could install LH Server for non-TCG improvements and choose KTM ES AD for TPM key management.

icon url

dig space

09/14/05 10:48 AM

#94784 RE: SheldonLevine #89317

Sheldon, isn't this more a function of when than if? eom


icon url

GoFigure1

09/14/05 11:10 AM

#94789 RE: SheldonLevine #89317

Yes. Gates is on the phone to SKS this very minute..