Beware of Fully Trusted Code

Grok Headline matches for Beware of Fully Trusted Code

"Code Access Security (CAS) ? "Guilty
until proven Innocent" (Partially
Trusted Code) "

"Code Access Security (CAS) ? "Guilty
until proven Innocent" (Partially
Trusted Code) " 06/22/2004 04:03 AM

Yahoo To Fully Support Not Fully
Supporting Firefox

Yahoo To Fully Support Not Fully
Supporting Firefox 03/19/2005 03:17 AM
Yahoo started to win some extra fans yesterday afternoon by announcing they were going to fully support Firefox on all their web offerings. If true, this would be great, since an increasing number of hard core internet users now rely almost exclusively on Firefox, and there's nothing more annoying than websites and services that force you to go back to IE. However, Yahoo quickly backtracked and claimed that actually, when they said they would fully support Firefox they meant they wouldn't fully support Firefox, though it's a nice idea.

How could they DO this to us? We
trusted them!!

How could they DO this to us? We
trusted them!! 12/27/2004 09:34 PM
Let's Roll !!! Does Donald Rumsfield contradicting the official US record harm America?

Trusted QSL

Trusted QSL 03/24/2005 02:36 PM
New Mac bugfix release

Trusted Computing

Trusted Computing 05/23/2004 01:52 AM
Trusted Computing. Microsoft and friends are proposing some major alterations to the way that computers work, the ostensible goal being to increase security. But others say that the real goals are much more insidious.

BBC on DRM and Trusted Computing

BBC on DRM and Trusted Computing 03/22/2005 04:42 PM
Slashdot Mar 20 2005 10:11PM GMT

Trusted merchants

Trusted merchants 12/30/2004 11:29 AM
I got an email from a stranger asking where he should donate money for tsunami victims. I sent him the urls to the donation pages up at Amazon and Google. I didn't send him to Wikipedia. Apparently, for this type of information I trust a top-down source more than a bottom-up one. Wikipedia does its best to discourage trust on this topic, and appropriately so: Due to its open and collaborative nature, Wikipedia cannot guarantee the veracity of outside links or the absence of possible scams involving charities, thus the potential danger of fraud exists. In particular, please beware of...

What Happens When The Internet Is
Trusted?

What Happens When The Internet Is
Trusted? 12/16/2003 05:16 PM
Someone who prefers to remain anonymous wrote in with a link to a Newsweek story painting a scary portrait of the future internet that some big companies envision. Under the name (popularized, of course, by Microsoft) "trusted computing", they're trying to clean up the internet. However, just like pioneering places in the real world, "cleaning up" often means "locking down", which can take away the rights and freedoms of individuals mainly because a small number of them abused those rights and freedoms. At the same time, however, the article suggests that in such a cleaning up, we're simply making the internet safe for big companies. The big question, then, is there a way to deal with the bad seeds in an online world where anything goes that doesn't require restricting our freedoms and openness? Or are the two things mutually exclusive? I'd like to believe that it's possible to preserve the rights and freedoms, but it will take more work - because it involves focusing on stopping the abusers, instead of just blocking everyone.

Can Firefox be trusted?

Can Firefox be trusted? 12/24/2004 12:46 PM

For the record "I Love Firefox", "Everyone I talk to is trying Firefox" that out of the way. There is a blog entry that is making it's rounds on concerns some are having when downloading Firefox and installing plugins.

The author has a right to be concerned and the gang over at Firefox should take his comments seriously. [blog s.msdn.com/ptorr]

Trusted Networking?

Trusted Networking? 05/11/2004 03:16 PM
Last week we wrote about how the idea of compl y and connect security was beginning to get more attention than the traditional "scan and block" method, which has been shown to be too reactive. At the time, we suggested a hybrid approach would make more sense. Furthering this point, the unfortunately named Trusted Computing Group is working on a standa rd for establishing security policies for a "comply and connect" system. This way, anyone can set the rules and they can be used across different vendors. The companies involved are all quite impressive, but it does seem like they're all heavily invested in this area already - meaning that the solution is likely to have compromises and be more focused on protecting business models than actually solving some of the bigger issues concerning stopping malicious attacks and files.

Is Google to be trusted?

Is Google to be trusted? 06/10/2004 09:03 PM
Gmail is too Creepy "Dear Gmail user: Due to privacy considerations, we cannot respond unless you resend your email from a different account."

EFF trusted computing position

EFF trusted computing position 10/28/2003 11:06 PM
Security models that treat the computer owner as the adversary are the problem. Reliable knowledge of a remote computer's internal software state is the tool that enables applications with such security models.

Can computers ever be trusted with
voting?

Can computers ever be trusted with
voting? 04/26/2004 02:09 AM
Houston Chronicle Apr 26 2004 6:09AM GMT

Sites to add to the Trusted Zone

Sites to add to the Trusted Zone 12/19/2004 03:26 PM

Trusted Pickle - Python module

Trusted Pickle - Python module 12/31/2003 07:19 PM
New project: TrustedPickle

Other News: Trusted Computing Module

Other News: Trusted Computing Module 06/17/2005 05:36 PM
Did Apple switch to Intel to get access to its digital-control hardware?

Steven Levy on Trusted Computing

Steven Levy on Trusted Computing 12/11/2003 09:38 AM
Steven Levy, author of Hackers and Crypto, has a fantastic piece on Newsweek's site about the potential dangers of Trusted Computing.

How could the freedom genie be shoved back into the bottle? Basically, it's part of a huge effort to transform the Net from an arena where anyone can anonymously participate to a sign-in affair where tamperproof "digital certificates" identify who you are. The advantages of such a system are clear: it would eliminate identity theft and enable small, secure electronic "microtransactions," long a dream of Internet commerce pioneers. (Another bonus: arrivederci, unwelcome spam.) A concurrent step would be the adoption of "trusted computing," a system by which not only people but computer programs would be stamped with identifying marks. Those would link with certificates that determine whether programs are uncorrupted and cleared to run on your computer.

Link (via Smartmobs)

You Don't Even Have to Add Water to Add
the Trusted Blog Search to Your Site!

You Don't Even Have to Add Water to Add
the Trusted Blog Search to Your Site! 03/11/2003 10:45 AM

Drat - I don't have time to add this to my site tonight, but I will next week. Micah Alpern has made it even easier to add his Search Blogs You Read engine to your site! Now called the Trusted Blog Search, you can use his mighty-fine, fill-in-the-blank wizard to produce code to copy and paste into your template. Excellent job, Micah!

Cisco Named One Of Top Three Most
Trusted Security Vendors

Cisco Named One Of Top Three Most
Trusted Security Vendors 09/22/2004 08:13 AM

MSN - UK Filters Out Looksmart and
Inktomi Trusted Feeds

MSN - UK Filters Out Looksmart and
Inktomi Trusted Feeds 10/29/2003 01:14 AM
"...MSN have applied filters to remove all Looksmart and trusted feeds in Inktomi..."

Embedded Systems Get Security with
Trusted Computing

Embedded Systems Get Security with
Trusted Computing 09/08/2004 12:28 PM

My Experience with Site Match and
Trusted Feed

My Experience with Site Match and
Trusted Feed 12/28/2004 09:36 PM

Security focus or not, can an
unrepentant Microsoft be trusted?

Security focus or not, can an
unrepentant Microsoft be trusted? 04/12/2004 10:00 AM
Can a "no-regrets Microsoft" be really worthy of being trusted again? Questioning Ballmer on whether or not the company regrets its early no-holds-barred feature development pace, Ballmer essentially said "no."

MS Trusted Computing back to drawing
board

MS Trusted Computing back to drawing
board 05/06/2004 07:24 AM
Longhorn loses another feature

Owner Override: a proposal to fix
Trusted Computing

Owner Override: a proposal to fix
Trusted Computing 11/15/2003 01:14 PM
My collegaue Seth Schoen has written an audacious article for Linux Journal in which he calls on the architects of "Trusted Computing" [TCPA|TCG|Palladium|NGSCB] systems -- which ostensibly solve some of the Internet's security problems by adding cryptographicallly secured tamper-detection to the hardware of the commodity PC -- to add a feature that he calls "Owner Override."

Trusted Computing proposals have drawn fire as tools for lock-in and other anti-competitive strategies; Seth's Owner Override allows the owner of a computer to override the Trusted Computing security when it is in her own interest.

For example, you could use Owner Override to tell a "lie" to your bank, which insists that you use Microsoft Internet Explorer to access its website, and convince the bank's webserver that your copy of Opera or Safari or Mozilla is really Internet Explorer. This is possible (even routine) today, but in a Trusted Computing universe, it will be impossible, modulo Owner Override.

Fortunately, this problem is fixable. TCG should empower computer owners to override attestations deliberately to defeat policies of which they disapprove. Giving the owner this choice preserves an essential part of the status quo: third parties can never know for sure what's running on your PC. TCG already defines a platform owner concept. The TCG specification also should provide for a facility by which the platform owner, when physically present, can force the TPM chip to generate an attestation as if the Platform Configuration Registers (PCRs) contained values of the owner's choice instead of their actual values.

APIs and a clear user interface for the override mechanism could be specified by an appropriate TCG committee. Only the platform owner should be able to do this; whenever a machine provides an inaccurate attestation, it does so for what its owner considered an appropriate reason. This change would do nothing to undermine the basic security benefits of the TCPA hardware, including those outlined in the Safford article; you still could tell whether your computer had been altered.

Link (via Vitanuova)

Trusted Computing/DMCA vs. Diebold
Pentagon Paper

Trusted Computing/DMCA vs. Diebold
Pentagon Paper 04/23/2004 11:06 PM
Slashdot Apr 24 2004 3:14AM GMT

eBay is most trusted company for privacy
in the US, while Google is snubbed

eBay is most trusted company for privacy
in the US, while Google is snubbed 06/11/2004 03:56 PM
You may not be able to sell your soul at eBay, but that's not the only reason some consumers feel the company has their best interests at heart. Consumers have voted the company most trusted for privacy in the United States.

Consumers Say eBay Most Trusted Company
for Privacy (Reuters)

Consumers Say eBay Most Trusted Company
for Privacy (Reuters) 06/09/2004 11:57 PM
Reuters - Online bazaar eBay Inc.(EBAY.O) is the most trusted U.S. company for privacy, according to a new consumer study released late on Wednesday.

I believe we have officially reached the
point where nothing DAN BLATHER says can
be trusted -- including A and THE

I believe we have officially reached the
point where nothing DAN BLATHER says can
be trusted -- including A and THE 09/15/2004 03:40 PM
Morse: The First Rathergate .. Anne Morris

nationalreview.com/comment/morse200409150552.asp
track this site | 5 links

Asia Times - Asia's most trusted news
source

Asia Times - Asia's most trusted news
source 06/16/2004 12:11 AM
"Victory has many fathers, while defeat is an orphan, although sometimes attended by paternity suits." .. How America can win the intelligence war .. Click

atimes.com/atimes/Front_Page/FF15Aa01.html
track this site | 5 links

Fully kitted

Fully kitted 01/05/2005 11:41 AM
Computer Weekly Jan 5 2005 3:05PM GMT

art that i can fully support

art that i can fully support 06/14/2004 12:30 AM
bikes against bush's great "I Love New York" geekery

Atmel Announces Trusted Computing Group
1.2 Security Processor

Atmel Announces Trusted Computing Group
1.2 Security Processor 02/17/2004 11:43 AM
Belga Direct Press Releases Feb 17 2004 3:48PM GMT

Fully Arabized Internet has some way to
go

Fully Arabized Internet has some way to
go 05/26/2004 01:48 PM
CNET May 26 2004 5:32PM GMT

Oracle Fully Compliant with the DoJ

Oracle Fully Compliant with the DoJ 01/27/2004 08:43 PM
Oracle Corp. is fully compliant with the US Department of Justice's second request for information, according to Chuck Phillips, Oracle's co-president.

Asia Times - Asia's most trusted news
source for the Middle East

Asia Times - Asia's most trusted news
source for the Middle East 05/22/2004 09:44 AM
Berg beheading. No way say medical experts .. need to be convinced .. killed by beheading .. from Asia Times .. Full article

atimes.com/atimes/Middle_East/FE22Ak03.html
track this site | 5 links

MSIE Overly Trusted Location Variant
Method Cache Vulnerability

MSIE Overly Trusted Location Variant
Method Cache Vulnerability 07/17/2004 01:07 PM
Paul (Jul 16 2004)

National Semiconductor Enhances Personal
Computers With Its SafeKeeper Trusted
I/O Device

National Semiconductor Enhances Personal
Computers With Its SafeKeeper Trusted
I/O Device 09/18/2004 08:34 PM
Linux Electrons Sep 18 2004 11:21PM GMT

EFF Staff Technologist Seth Schoen to
Teach Trusted Computing Class

EFF Staff Technologist Seth Schoen to
Teach Trusted Computing Class 01/19/2004 10:42 AM
Pre-register for all-day class on what's actually involved in trusted computing technologies.
Grok Description matches for Beware of Fully Trusted Code
GrokA matches for Beware of Fully Trusted Code

Beware of Fully Trusted Code

The following phrases have been identified by the grok system as matching this entry: