Craig Sanders via luv-talk <luv-talk@luv.asn.au> wrote:
I really can't help reading anything to do with Microsoft and "Trusted Computing" as "hardware-enforced vendor lock-in"
what they're doing may incidentally benefit some of their customers, but mostly it's misfeatures that benefit MS at the expense of their customers.
I would put it slightly differently. I think the security features described in the article that I cited would in fact be very effective. On the other hand, they could also be described as what in another context is called a "dual-use technology". The security benefits are undeniable, but so are the potential restrictions on the user's freedom if he or she doesn't have keys with which to sign applications. There may be reasons founded in competition regulations why "secure boot" cannot be made mandatory in the x86 world; it's required by the specification, as I understand it, that the user can disable this feature. The ARM world is notoriously different, of course.