[ltp] TCPA on Thinkpads

Richard Neill linux-thinkpad@linux-thinkpad.org
Thu, 20 Mar 2003 00:53:49 +0000 

I hope that the following is of use. Please don't consider it flamebait. 
I believe I am stating this all correctly, but please do correct me if I 
am wrong.

There are 3 totally different issues here. Sadly, they get intermingled.
Here's my summary, as I understand it. Each layer sits on the ones below it.

1)Embedded crypto. This is what IBM embed. Mainly useful for proper 
encryption, rather like Pretty Good privacy. Also useful if your laptop 
gets stolen! It does some things in hardware. Eg random number 
generation is *very* hard to do really well in software. Although it's 
necessary for (2), it has a wide number of uses, and many of these are 
good.

2)TPCA - this is the hardware which would enforce a "secure boot" of a 
"trusted" (Stallman says "treacherous") computing environment. It 
requires (1). This is bad. It would deny the owner the right to own 
their machine! The problem isn't actually the "secure" hardware itself, 
but the fact that the machine owner would have no way to turn it off to 
run unsigned code, or that, if they did, they wouldn't then be able to 
access documents,media,...banking,web content(?) which required a key to 
decode it.

3)DRM/Palladium. This is the evil bit. It could be used for censorship 
and also for crippling one's legal right to fair use.
Microsoft claim it could be used to prevent spam/viruses, although I 
doubt this is true. The main use of this is for the movie/record 
studios. (And to break Linux.)

4)On top of all this, and the motivation for it, is the copyright 
"enforcement" and DMCA. Of course, copyright enforcement in this 
manner will:	-annoy legal consumers, denying them fair use
         -not stop serious pirates at all (eg the "analog hole")
         -actualy hurt the record industry with lower sales
         -badly damage the tech industry

Summary:
	1)Good (can be misused, but then so can anything)
	2)Bad (main use is (3), but not intrinsically evil)
	3)Evil (many severe consequences, no real good use)
	4)Futile, economically self destructive, and very annoying.

I do wish that Intel,IBM,Apple,the other hardware manufacturers and even 
Microsoft would stand up a bit more to the Movie/Record industry. Yes, 
copyright piracy is bad. But it isn't seriously bad. DRM and the DMCA 
are like curing a cold by amputating the person's head!
There is an excellent argument here which basically says "you cannot 
both rigidly enforce copyright and protect free speech"
http://freenetproject.org/cgi-bin/twiki/view/Main/Philosophy

Hope that's useful. I do hope it doesn't start a flame war!!

Best wishes

Richard



iriXx wrote:
> i would think as the UK's leading cryptologist, Cambridge professor Ross 
> Anderson is already pretty well educated...
> 
> Allen, Michael B (RSCH) wrote:
> 
>> That page should be renamed tcpa-fud.html. Hardware supported key 
>> management
>> is a natrual progression in computing and one that I welcome. Do not 
>> confuse
>> TCPA (Trusted Computing Platform Alliance) with CBDTPA (Consumer 
>> Broadband
>> and Digital Television Promotion Act). They are conceptually two 
>> completely
>> different things. Get educated. Don't run with the herd.
>>
>>
>>> -----Original Message-----
>>> From:    iriXx [SMTP:dev_null@iriXx.org]
>>> Sent:    Wednesday, March 19, 2003 5:07 PM
>>> To:    linux-thinkpad@linux-thinkpad.org
>>> Subject:    Re: [ltp] TCPA on Thinkpads
>>>
>>>
>>>
>>> Greg Herlein wrote:
>>>
>>>>> This chip is not intended to "spy" on you. 
>>>>
>>>>
>>> Ross Anderson says different:
>>>
>>> http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
>>>
>>> i think what is of concern is not what tcpa is being used for 
>>> currently but what it *might* be used for.
>>>
>>> im writing a book on the subject (see www.copyleftmedia.org.uk) and 
>>> have been reading about it for the last year. the further i get into 
>>> this the more worrying it becomes.
>>>
>>> http://ukcdr.org has some good info too....
>>>
>>> m~
>>>
>>>
>>>
>>> -- 
>>> iriXx
>>> www.iriXx.org
>>>
>>>  _
>>> ( )  ascii ribbon against html email
>>>  X
>>> / \    cat /dev/sda1 > /dev/dsp
>>>
>>>
>>>   *** stopping make sense ***
>>>
>>> -- 
>>> The linux-thinkpad mailing list home page is at:
>>> http://mailman.linux-thinkpad.org/mailman/listinfo/linux-thinkpad
>>
>>
>>
> 
>