On the redeye from San Francisco to Washington DC I sat through some awful Johnny Depp movie about J.M. Barrie, the guy who wrote "Peter Pan." I don't remember much, but I remember Depp saying Tinkerbell was really just a sparkle or a flash of light moving around - not some little waif in a Wilma Flintstone dress with wings. If you looked straight at her you couldn't see the little scamp - only by believing could you see Tink and then you could fly. Or something like that - it was late, the plane was crowded, I was groggy and cranky.
Trustable computing is sort of the Tinkerbell of the IT world. The Trusted Computing Group seems to believe, though they seemed much more enthusiastic when they were called the Trusted Computing Platform Alliance that many people loved to hate. Microsoft seems to believe in Trustworthy Computing, and had a strategy called Palladium, which morphed into Microsoft Next Generation Secure Computing Base, which Microsoft doesn't talk about much any more. Every time you try to look straight at this area, it seems to disappear. What's the dillyo?
I think the key to "trustworthy computing" is enabling a trusted execution environment. Today's PC hardware and operating system architecture dates back more than 20 years, when no one considered exposing PCs to open networks such as the Internet. This PC architecture can't assure that trusted software can run securely without untrusted software running at the same time. Without a trusted execution environment, digital content such as passwords and credit card numbers can never be safe on consumer or enterprise PCs.
A trusted execution environment is like the "VIP" room at a dance club. Only the elite are allowed to enter; everyone else has to dance in the public area. The club owner can decide to rent the VIP room to one party or allow several parties to share the space — but only he decides which parties are allowed in. These people can still destroy the place — nothing guarantees that they won't. However, because the club owner decides who to allow in, uninvited parties can’t enter, eavesdrop on or disrupt the private parties.
Now, those club owners can get elitist and nasty, and look what happens - the Paris Hilton's of the world (and their nasty Tinkerbell dogs) come to power. Similarly, trusted execution environments could put a lot of control in the hands of the content owners - "you can only listen to my song (or run my software) using this program that only runs in the trusted execution environment, which happens to include software that will charge you every time you use it." Hey, what happened to fair use and my ability to make a few copies??
That's not necessarily a bad thing - the digital world has tipped the balance away from the content owners, maybe they need a break? As long as they don't break fair use... But it can't happen until we have fundamental changes in PC hardware and software - and that won't happen until at least the Longhorn timeframe (2007 or so), so for now you have to clap your hands and believe - trustable computing is out there if we only believe.