Version 3 (modified by Daniel Kahn Gillmor, 12 years ago) (diff)


Trusted Physical Console

CMRG best practices at the moment suggest using a single, well-tuned computer (a "Trusted Physical Console") as your immediate user interface. From this computer, you can connect to any other machine over the network to get done what you need to get done.



If you use computers every day, you might want to know for sure that the machine you are using is secure. Given how complicated these machine are, it's not unreasonable to ask:

  • Do i know what software is installed on this machine?
  • Do i have some level of control over this machine?
  • If this machine knows my data or personal information (including passwords and other authentication tokens), can i trust it not to leak that information?


You might also be frustrated by using an ever-shifting user interface and user experience:

  • Is it Ctrl+C or Command+C to copy text?
  • Do i click in the upper-left or upper-right of a window to close it?
  • Where are my bookmarks for my web browser?
  • Is $FAVORITE_TOOL already installed and functional here? Is it the version that i expect it to be? Can i rely on it?
  • If i change the settings to my liking, will i be able to recover them the next time i use this machine?

Best Practices

This section will be fleshed out soon.

Free Software


Community Involvement

Cryptographic Communications


Spare Parts


There are problems with the TPC model of computing, of course.


Not everyone can afford a portable machine. However, laptops are becoming much cheaper, and cell phones are becoming more powerful. At some point in the not-too-distant future, the development paths of these two candidates for TPC may intersect, putting TPC-style computing within reach of most people.


At the moment, decent portable computers are still too big and clunky to carry around conveniently. Interestingly, computing power, RAM, and disk capacity (the traditional specs by which computers are measured) are no longer really the limiting factors.

User Interface

For doing solid computing work on a portable machine, nothing beats a decent, reasonable-sized keyboard and an XGA (1024x768) video display. but these are big things, and are a pain to carry around.


The more durable the machine is, the heavier it is. This is a poor tradeoff for folks who want to take their TPC with them everywhere.

Power Consumption and Batteries

Batteries still suck. Modern portable processors and hardware draw less juice than ever before (with the exception of wireless adapters, which need power for their radio transmission), but they can still pull a decent battery down to nothing in a handful of hours. Bigger batteries add to the weight of the machine.

Single Point of Failure

If you use a TPC, don't back it up regularly, and it crashes/dies/falls into the toilet, you could have a long path to recovery. Back up your TPC!

Social Awkwardness

If you use a single machine for much of your interface with the outside world, you use it regularly, and you bring it with you most places, it's not unusual to form some form of bond with the machine. Yes, it's ridiculous. But it's not surprising, given that we're social beings, and that we tend to treat our most familiar tools (clothes, bicycles, cars, etc) as extensions of ourselves.