All about TPM Chip in Windows 8 – Microsoft is Many Years Late

What is the TPM Chip?

  • Microsoft released Windows 8, and with it came the Trusted Platform Module (TPM Chip) is a chip that allows a certain operating system to recognize a chip to verify the operating system and its modules. This provides even better security, so that Windows can only be installed on hardware that is verified through the TPM Chip.
  • Now, it is unclear whether or not it will be required for Windows 8, however, it is in testing mode at this point. In future versions of Windows, it will probably be required. Which also makes it difficult for those using Windows on a virtual machine, and will probably require people to acquire a specific compatibility license to run Windows on virtual machine, or dual boot with a Mac-based computer.
  • Confused yet? Apple was one of the first, if not the first, to introduce an OEM chip, which required people to have if they wanted to run Mac operating systems. Which meant, for example, Mac OS X couldn’t be installed onto a normal computer, it had to be on “Mac-branded hardware” as they state in their terms-of-use on Mac OS X.
  • What does this bring to the security of operating systems necessarily? It provides very low level security, and will be just another possibility to block bootkit attackers and other boot-based viruses/rootkits.
  • Some experts say that TPM will probably be included in new PCs, tablets, and other Windows-branded devices. There’s no current way to just “install it”, however, Windows 8 is engineered to be able to recognize the TPM Chip.
  • When did this idea come about? Probably the late-1990s was when this idea came about, because security experts were realizing the issue that software antivirus/firewall was not strong enough to block the threats. It would take more than just software-based protection programs.
  • What other implementations (other than Apple’s chip) are in place?The Google Chromebook is a good example of implementation, because when it boots, the TPM chip object in there checks the modules on the system. If one is bad, it automatically replaces it with its “last known good module” (in its comprised library of last known good modules), keeping itself protected.

 

For the future of TPM technology

  • It’s possible the makers of the TPM technology would be working with security/OS vendors to create antivirus that can be built over top of the TPM chip, which would scan the operating system and kernel before it starts up.
  • What’s different than boot-time scanners offered by companies like Avast, for example? Boot-time scanners offered by software companies still use Windows modules to help scan the whole computer. However, since the modules are part of the operating system, the boot-time scan cannot get to the OS kernel deep enough. Although, it can scan the system before it loads services/drivers, it cannot necessarily get a good look at all of the drivers/services or the MBR/BIOS for that matter.
  • By allowing antivirus to scan computer before operating system starts (at all), it will also keep on top of things so malware cannot hinder or suppress the scan.

 

This is just one of the many security features included in Windows 8. Take a look!

Advertisements

Tags: , , , , , , , , , , , , ,

About Jay Pfoutz

Marketer
%d bloggers like this: