Trusted client

Trusted client

In computing, a trusted client is a device or program controlled by the user of a service, but with restrictions designed to prevent its use in ways not authorised by the provider of the service. That is, the client is a device that vendors trust and then sell to the consumers, whom they do not trust. Examples include video games played over a computer network or the content-scrambling system (CSS) in DVDs.

Trusted client software is considered fundamentally insecure: once the security is broken by one user, the break is trivially copiable and available to others. As computer security specialist Bruce Schneier states, "Against the average user, anything works; there's no need for complex security software. Against the skilled attacker, on the other hand, nothing works." [citation|author=Bruce Schneier|url=http://www.schneier.com/essay-063.html|title=The Fallacy of Trusted Client Software|journal=Information Security Magazine|date=August 2000|accessdate=2008-01-30] Trusted client hardware is somewhat less insecure, but not a complete solution [cite conference
first = Joe
last = Grand
authorlink =
coauthors =
title = Attacks and Countermeasures for USB Hardware Token Devices
booktitle = Proceedings of the Fifth Nordic Workshop on Secure IT Systems Encouraging Co-operation
pages = pp 35-57
publisher = Grand Ideas Studio
date = 2000-10-12 - 2000-10-13
location = Reykjavik, Iceland
url = http://www.grandideastudio.com/files/security/tokens/usb_hardware_token.pdf
doi =
id = ISBN 9979-9483-0-2
accessdate = 2006-08-25
] .

Trusted clients are attractive to business as a form of vendor lock-in: sell the trusted client at a loss and charge more than would be otherwise economically viable for the associated service. One early example was radio receivers that were subsidised by broadcasters, but restricted to receiving only their radio station. Modern examples include video recorders being forced by law to include Macrovision copy protection, the DVD region code system and region-coded video game consoles.

Technically knowledgeable consumers and other manufacturers frequently bypass the limiting features of trusted clients — from the simple replacement of the fixed tuning capacitor in the early locked radios to the successful DeCSS cryptographic attack on CSS in 1999. Manufacturers have resorted to legal threats via the Digital Millennium Copyright Act and similar laws to prevent their circumvention, with varying degrees of success.

Trusted computing aims to create computer hardware which assists in the implementation of such restrictions in computer software, and attempts to make circumvention of these restrictions more difficult.

ee also

* Trust
* Dongle
* Secure cryptoprocessor

References


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Trusted Computing — (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems and has a specialized meaning. With Trusted Computing the computer will consistently behave in specific ways, and… …   Wikipedia

  • Trusted Computing Group — Rechtsform Konsortium Gründung 2003[1] Sitz Beaverton (Oregon), USA[2] Website …   Deutsch Wikipedia

  • Trusted Execution Technology — (TET or TXT), formerly known as LaGrande Technology is a key component of Intel s initiative of safer computing . Intel Trusted Execution Technology (Intel TXT) is a hardware extension to some of Intel s microprocessors and respective chipsets,… …   Wikipedia

  • Trusted Platform Module — Das Trusted Platform Module (TPM) ist ein Chip, nach der TCG Spezifikation, die einen Computer oder ähnliche Geräte um grundlegende Sicherheitsfunktionen erweitert. Diese Funktionen können beispielsweise den Zielen des Lizenzschutzes und/oder… …   Deutsch Wikipedia

  • Email client — Mozilla Thunderbird email client user interface on a GNU/Linux operating system An email client, email reader, or more formally mail user agent (MUA), is a computer program used to manage a user s email. The term can refer to any system capable… …   Wikipedia

  • E-mail client — An e mail client, aka Mail User Agent (MUA), aka e mail reader is a frontend computer program used to manage e mail.Sometimes, the term e mail client is also used to refer to any agent acting as a client toward an e mail server, independently of… …   Wikipedia

  • Nurse-client relationship — The nurse–client relationship in Hildegard E. Peplau s Interpersonal Relations Model theory is essential to nursing practice. It is the nurse–client interaction that is toward enhancing the client s well being, and the client may be an individual …   Wikipedia

  • Dongle — A dongle is a small piece of hardware that connects to a computer. [Late 20th century. Origin uncertain: probably an arbitrary formation. Microsoft Encarta Premium Suite 2004.] The usual function of a dongle is to authenticate a piece of software …   Wikipedia

  • Man-in-the-middle attack — Not to be confused with Meet in the middle attack. In cryptography, the man in the middle attack (often abbreviated MITM), bucket brigade attack, or sometimes Janus attack, is a form of active eavesdropping in which the attacker makes independent …   Wikipedia

  • The Family from One End Street — infobox Book | name = The Family From One End Street title orig = translator = image caption = Puffin Modern Classics edition, 2004 author = Eve Garnett illustrator = cover artist = country = UK language = English series = One End Street genre =… …   Wikipedia

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”