Windows Vista uses BitLocker Drive Encryption linked to a TPM (Trusted Platform Module) chip on the PC's motherboard, which will not only help control piracy, it will stop the government and the police from reading your hard drive. According to a BBC News report, Cambridge University security expert Ross Anderson "urged" a house of Commons home affairs select committee "to look at establishing 'back door' ways of getting around encryptions" and "The Home Office later told the BBC News website it is in talks with Microsoft."
Comment: It's not clear how this came up, but the committee was considering a request from the police to be able to hold terrorism suspects without charge for 90 days, because they are apparently incapable of examining a hard drive any quicker. As Anderson commented on his blog:
The police are short of forensic capability, sure; and that's going to get worse until they get their act together. But they're also short of interpreters. I don't think they'd dream of asking for increased detention powers just because not enough coppers speak Somali. Parliament would just tell them to hire interpreters from commercial agencies. Why do people get away with such poor policy arguments when computers are involved?
It's pretty shocking to find a security consultant recommending backdoors, but Anderson defends his stance in a comment, writing:
I'm in favour of court-mandated shortcuts past rights-management systems, on competition-policy grounds. In our APIG submission I wrote 'In cases of abuse, judges must be able to order rights-management mechanisms unlocked'.
I don't see the Vista security mechanisms as being security for me, but as security for them. It's just not the same as the key escrow debates of the 1990s - in which I opposed key escrow on principle. The technology's being used for different things here.
If you want privacy, use PGP - or better still, some low-observable communication technology, such as throwaway prepaid mobile phones or webmail accounts
Either way, I hope Microsoft tells the British government to take a running jump. First, because widespread hard drive encryption -- and therefore increased privacy from government and other intrusions -- is one of the quid pro quos for the increased control over movies that will benefit Hollywood studios and other mercenary copyright barons. Second, because the British government will not be the only one that feels it should be entitled to intrude. There's a long line of repressive regimes who take exactly the same view, starting with China.
Of course, if Microsoft does give in, it's going to be funny watching it trying to promote Vista. "Hey, our new system is really secure ... except for the backdoor we've provided so your government can get into it!"
