In association with heise online

20 November 2012, 16:29

German government advocates security in the hands of users

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Open Security The German government's Interior Ministry has issued a white paper that outlines the principles that should be applied when dealing with "Trusted Computing" and "Secure Boot", which has been welcomed by the Free Software Foundation Europe (FSFE). As a fundamental principle, the government says that it supports raising the level of security on IT platforms in industry, government and with private users with the introduction of trusted computing, but that this must comply with criteria the paper lays out.

Firstly, it says that device owners must be in complete control of the trusted computing security systems in their devices and that delegation of this control to a third party should require "conscious and informed consent" from the device owner. Secondly, the paper requires that devices be delivered with trusted computing security systems deactivated so that users have to opt-in to their use.

The devices' implementations of these solutions must also be sufficiently transparent to enable owners to make responsible decisions over its use and allow for deactivation without a "negative impact" on hardware and software that doesn't use the trusted computing functions.

The paper goes on to call for no external third-party control for trusted computing devices used in public administrations, the making available of the same solutions to private users with complete control, applicable standards to be used, and royalty-free open standards to be preferred with no barriers to research into how trusted computing solutions operate.

The Free Software Foundation Europe has said that the white paper addresses a number of its demands. "We as a society have to make sure that we are in control of our computers, so everyone can install arbitrary software and is able to retain exclusive control over his own data" said Matthias Kirschner, German Coordinator of the FSFE. "Full, sole and permanent control over security subsystems is necessary for this" he added, before pointing out the German government "has to implement their position when buying new hardware."


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit