Talk:Trusted computing base
|WikiProject Computer Security / Computing||(Rated B-class, Mid-importance)|
The 3. reference is a dead link.
hi anyone I just want to know how command control communicatiob and intelligent systems[C3I] actice as a main part of the information technology sector rather than defence. please comment any idea
Not sure how to fix this
From the article:
- barring any reason to believe otherwise, a computer is able to do everything that a general Turing machine can.
This is wrong for two reasons:
- It is a fundamental given of computer science that no real computer is able to do everything that a general Turing machine can. To be able to do so would require infinite amounts of memory, for instance.
I'm not sure what model should be used to describe a computer without security restrictions, but any Turing-machine related model is not appropriate for this. JulesH 14:36, 3 May 2007 (UTC)
The article credits a 1992 paper by Butler Lampson et al for the term TCB. In fact, it was used 11 years earlier in John Rushby's famous separation-kernel paper [Rushby, 18th SOSP]. This might be the original definition, but I'm not sure. (I'll ask John next time I see him.) —Preceding unsigned comment added by Heiser (talk • contribs) 05:36, 19 February 2008 (UTC)
This article could use some updating, given recent developments
This article could really use some help to become up to date. Trusted Computing Base is a concept that will become very hot very soon. In this post-Snowden world, we find that core elements of devices used by virtually everyone may be compromised in many ways. SIM-cards containing cryptographic keys that are stolen. Network routers that are modified en route from the factory to the customer to enable intrusion by agencies. Computers that are delivered with malware installed that intercepts SSL communication with MITM attacks by forging certificates. It almost seems you can hardly trust an old pencil not to spy on you these days.
I think this article could benefit from both more formal content (for example by using or referring to Kernighan's Reflections on Trusting Trust. this blog by Steve Bellovin, also contains items of interest. Also, practical issues should be listed, not at least the issues that arise when using cloud-based services.