Which brings up another problem with these so call "trusted" system strategies. Many (especially larger corporate) offices run in-house written bespoke software and there are more programmers employed to write/customise this in-house software than to write software for sale. Will these "trusted" systems be able to run this 'un-regulated' software or will they only run 'approved' software which has been signed?
This is actually one of the main problems of this system: who gets to decide if a program is allowed to run on a machine? The user? A central organisation? Several companies? Everybody? In order for programmers to do their job, they need the ability to authorize software, at least on their own computer. Does this mean that when I receive a program from someone else, that I can authorize it to run on my computer? Or will that have to be done for me? If someone else can do it for me, how will this stop viruses? Oh, the virusprogrammers don't have the rights to authorize? Hmmm, how will one enforce this? Questions, questions, questions. I think the only answer is: don't use it, if you can avoid it... :) Regards, Pieter