Trusted client
Encyclopedia
In computing
, a trusted client is a device or program controlled by the user of a service, but with restrictions designed to prevent its use in ways not authorised by the provider of the service. That is, the client is a device that vendors trust and then sell to the consumers, whom they do not trust. Examples include video games played over a computer network
or the Content Scramble System
(CSS) in DVD
s.
Trusted client software is considered fundamentally insecure: once the security is broken by one user, the break is trivially copyable and available to others. As computer security specialist Bruce Schneier
states, "Against the average user, anything works; there's no need for complex security software. Against the skilled attacker, on the other hand, nothing works." Trusted client hardware is somewhat more secure, but not a complete solution.
Trusted clients are attractive to business as a form of vendor lock-in
: sell the trusted client at a loss and charge more than would be otherwise economically viable for the associated service. One early example was radio
receivers that were subsidized by broadcasters, but restricted to receiving only their radio station. Modern examples include video recorder
s being forced by law to include Macrovision
copy protection, the DVD region code
system and region-coded video game console
s.
Technically knowledgeable consumers and other manufacturers frequently bypass the limiting features of trusted clients — from the simple replacement of the fixed tuning capacitor
in the early locked radios to the successful DeCSS
cryptographic attack on CSS in 1999. Manufacturers have resorted to legal threats via the Digital Millennium Copyright Act
and similar laws to prevent their circumvention, with varying degrees of success.
Trusted computing
aims to create computer hardware
which assists in the implementation of such restrictions in computer software
, and attempts to make circumvention of these restrictions more difficult.
Computing
Computing is usually defined as the activity of using and improving computer hardware and software. It is the computer-specific part of information technology...
, a trusted client is a device or program controlled by the user of a service, but with restrictions designed to prevent its use in ways not authorised by the provider of the service. That is, the client is a device that vendors trust and then sell to the consumers, whom they do not trust. Examples include video games played over a computer network
Computer network
A computer network, often simply referred to as a network, is a collection of hardware components and computers interconnected by communication channels that allow sharing of resources and information....
or the Content Scramble System
Content Scramble System
Content Scramble System is a Digital Rights Management and encryption system employed on almost all commercially produced DVD-Video discs. CSS utilizes a proprietary 40-bit stream cipher algorithm...
(CSS) in DVD
DVD
A DVD is an optical disc storage media format, invented and developed by Philips, Sony, Toshiba, and Panasonic in 1995. DVDs offer higher storage capacity than Compact Discs while having the same dimensions....
s.
Trusted client software is considered fundamentally insecure: once the security is broken by one user, the break is trivially copyable and available to others. As computer security specialist Bruce Schneier
Bruce Schneier
Bruce Schneier is an American cryptographer, computer security specialist, and writer. He is the author of several books on general security topics, computer security and cryptography, and is the founder and chief technology officer of BT Managed Security Solutions, formerly Counterpane Internet...
states, "Against the average user, anything works; there's no need for complex security software. Against the skilled attacker, on the other hand, nothing works." Trusted client hardware is somewhat more secure, but not a complete solution.
Trusted clients are attractive to business as a form of vendor lock-in
Vendor lock-in
In economics, vendor lock-in, also known as proprietary lock-in or customer lock-in, makes a customer dependent on a vendor for products and services, unable to use another vendor without substantial switching costs...
: sell the trusted client at a loss and charge more than would be otherwise economically viable for the associated service. One early example was radio
Radio
Radio is the transmission of signals through free space by modulation of electromagnetic waves with frequencies below those of visible light. Electromagnetic radiation travels by means of oscillating electromagnetic fields that pass through the air and the vacuum of space...
receivers that were subsidized by broadcasters, but restricted to receiving only their radio station. Modern examples include video recorder
Video recorder
A video recorder may be any of several related devices:*Digital video recorder ; Personal video recorder *DVD recorder*Videocassette recorder *Video tape recorder...
s being forced by law to include Macrovision
Macrovision
Rovi Corporation is a globally operating, US-based company that provides guidance technology, entertainment data, copy protection, industry standard networking and media management technology for digital entertainment devices and services...
copy protection, the DVD region code
DVD region code
DVD region codes are a digital-rights management technique designed to allow film distributors to control aspects of a release, including content, release date, and price, according to the region...
system and region-coded video game console
Video game console
A video game console is an interactive entertainment computer or customized computer system that produces a video display signal which can be used with a display device to display a video game...
s.
Technically knowledgeable consumers and other manufacturers frequently bypass the limiting features of trusted clients — from the simple replacement of the fixed tuning capacitor
Capacitor
A capacitor is a passive two-terminal electrical component used to store energy in an electric field. The forms of practical capacitors vary widely, but all contain at least two electrical conductors separated by a dielectric ; for example, one common construction consists of metal foils separated...
in the early locked radios to the successful DeCSS
DeCSS
DeCSS is a computer program capable of decrypting content on a commercially produced DVD video disc. Before the release of DeCSS, there was no way for computers running a Linux-based operating system to play video DVDs....
cryptographic attack on CSS in 1999. Manufacturers have resorted to legal threats via the Digital Millennium Copyright Act
Digital Millennium Copyright Act
The Digital Millennium Copyright Act is a United States copyright law that implements two 1996 treaties of the World Intellectual Property Organization . It criminalizes production and dissemination of technology, devices, or services intended to circumvent measures that control access to...
and similar laws to prevent their circumvention, with varying degrees of success.
Trusted computing
Trusted Computing
Trusted Computing is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning. With Trusted Computing, the computer will consistently behave in expected ways, and those behaviors will be enforced by...
aims to create computer hardware
Computer hardware
Personal computer hardware are component devices which are typically installed into or peripheral to a computer case to create a personal computer upon which system software is installed including a firmware interface such as a BIOS and an operating system which supports application software that...
which assists in the implementation of such restrictions in computer software
Computer software
Computer software, or just software, is a collection of computer programs and related data that provide the instructions for telling a computer what to do and how to do it....
, and attempts to make circumvention of these restrictions more difficult.
See also
- TrustTrust (sociology)In a social context, trust has several connotations. Definitions of trust typically refer to a situation characterised by the following aspects: One party is willing to rely on the actions of another party ; the situation is directed to the future. In addition, the trustor abandons control over...
- DongleDongleA software protection dongle is a small piece of hardware that plugs into an electrical connector on a computer and serves as an electronic "key" for a piece of software; the program will only run when the dongle is plugged in...
- Secure cryptoprocessorSecure cryptoprocessorA secure cryptoprocessor is a dedicated computer on a chip or microprocessor for carrying out cryptographic operations, embedded in a packaging with multiple physical security measures, which give it a degree of tamper resistance....
- Digital rights managementDigital rights managementDigital rights management is a class of access control technologies that are used by hardware manufacturers, publishers, copyright holders and individuals with the intent to limit the use of digital content and devices after sale. DRM is any technology that inhibits uses of digital content that...