> Don't panic when you read all info about dongle security. They ARE secure. OK. You can't crack them unless they're done by complete idiots. OK. But you want to crack the application, NOT the dongle. When you read about RSA encryption, one-way functions and see in the API some interesting Question/Answer hashing functions, remember that it's only API. No one uses it. Only simple functions like Check/Serial Number/Read and sometimes Write are used.
The long-term solution is probably some kind of super-smartcard (essentially an HSM) which can put per-application logic inside the secure envelope. Things like rate limits on decryption requests, heuristics to require higher levels of authentication as transactions are more suspicious, etc.
Combine that with per-application virtualization and various forms of user authentication (other than passwords), and public key cryptography, and you could probably start to build substantially more secure services. Same stuff on clients and servers.
ARM's TrustZones are actually more interesting than TPMs on x86; you can essentially start the general purpose CPU as a trusted device and then partition off less-trusted pieces. If you're going to have a single processor, vs. a specialized security processor, this is probably how to do it, not the x86 + TPM + TXT way.
Probably all meaningless until there's a framework as simple as Ruby on Rails was vs. everything else in 2005, or php, which makes doing things securely the easy default.
