Trusted client

From Wikipedia, the free encyclopedia

In computing, a trusted client is a device or program controlled by the user of a service, but with restrictions designed to prevent its use in ways not authorised by the provider of the service. That is, a device that vendors trust and sell to the consumers they don't trust. Examples include video games played over a computer network or the content-scrambling system (CSS) in DVDs.

Trusted client software is considered fundamentally insecure: once the security is broken by one user, the break is trivially copiable and available to others. (As Bruce Schneier states, "Against the average user, anything works; there's no need for complex security software. Against the skilled attacker, on the other hand, nothing works.") Trusted client hardware is somewhat less insecure, but not a complete solution[1].

Trusted clients are attractive to business as a form of vendor lock-in: sell the trusted client at a loss and charge more than would be otherwise economically viable for the associated service. One early example was radio receivers that were subsidised by broadcasters, but restricted to receiving only their radio station. Modern examples include video recorders being forced by law to include Macrovision copy protection, the DVD region system and region-coded video game consoles.

Technically knowledgeable consumers and other manufacturers frequently bypass the limiting features of trusted clients — from the simple replacement of the fixed tuning potentiometer in the early locked radios to the successful DeCSS cryptographic attack on CSS in 1999. Manufacturers have resorted to legal threats via the Digital Millennium Copyright Act and similar laws to prevent their circumvention, with varying degrees of success.

Trusted computing aims to create computer hardware which assists in the implementation of such restrictions in computer software, and attempts to make circumvention of these restrictions more difficult.

  1. ^ Grand, Joe (2000-10-12 - 2000-10-13). "Attacks and Countermeasures for USB Hardware Token Devices". Proceedings of the Fifth Nordic Workshop on Secure IT Systems Encouraging Co-operation: pp 35-57, Reykjavik, Iceland: Grand Ideas Studio. ISBN 9979-9483-0-2. Retrieved on 2006-08-25. 
Retrieved from "http://en.wikipedia.org../../../t/r/u/Trusted_client.html"
Advanced Search
Included Web Search Engines


Safe Search

close

Top Matching Results

Occasionally Search.com will highlight specialized results that are based on the context of your query. Examples of specialized results include specific links to news, images, or video.

Top Matching Results may highlight information from other Search.com pages, content from the CNET Network of sites, or third party content. The listings are based purely on relevance. Search.com does not receive payment for listings in this section but our partners that provide this data may get paid for listing these products.

Sponsored Links

This section contains paid listings which have been purchased by companies that want to have their sites appear for specific search terms and related content. These listings are administered, sorted and maintained by a third party and are not endorsed by Search.com.

Search Results

Search.com sends your search query to several search engines at one time and integrates the results into one list which has been sorted by relevance using Search.com's proprietary algorithm. You can customize the list of search engines included in your metasearch from the preferences.

The search engines that are used in your metasearch may allow companies to pay to have their Web sites included within the results. To view the Paid Inclusion policy for a specific search engine, please visit their Web site. Search.com does not accept payment or share revenue with any search engine partner for listings in this section.