[ltp] TCPA on Thinkpads
Wed, 19 Mar 2003 22:09:19 -0500
Yet Palladium inherently needs to build on something like TCPA. Granted you
could implement it in software only, but realistically it wouldn't be too
long before people got tired of having to remember their 128 character
passphrases to unlock their keys just so they could listen to Dire Straights
"Money for Notheg" on their MP500...
Your analogy to the knife is fine, but the founding fathers in this country
saw fit to give EVERYONE guns, not just the government, and there was a good
reason for that! TCPA is like a gun, and its in the hand of the software
vendor when its coupled with Palladium, which it WILL be. The economic
argument is clear and compelling.
I wouldn't put guns only in the hands of the enemy (and everyone on this list
pretty much knows Bill Gates ain't our friend), would you? If you would, then
you are trading freedom for security, and I think we all know how that one
Yes, a TCPA chip is a nice feature and a nice convenience. Now please inform
IBM that I don't really need it that badly ;o).
On Wednesday 19 March 2003 06:40 pm, Pam Huntley wrote:
> >Ross Anderson says different:
> >i think what is of concern is not what tcpa is being used for currently
> >but what it *might* be used for.
> Yeah, and you can use a knife to cut a cake or kill someone, it doesn't
> mean knives should be banned forever.
> Besides, I really don't think the TCPA chip lends anything to DRM (Digital
> Rights Management). You should read the link posted earlier:
> The guy from IBM research talks about how even if DRM used the chip, it
> wouldn't be very effective:
> "TCPA was designed to protect the user’s data from external attack, not
> from attack by the owner. Defending
> against owner attack is a much harder problem in hardware tamper
> resistance. TCPA
> chips have not been designed to resist local hardware attack, such as
> power analysis,
> RF analysis, or timing analysis. This is one of the examples that show
> that TCPA
> was not intended for DRM, which requires much higher levels of tamper
> since you don’t trust the owner."
> The TCPA chip is something at lot more like a smart card, rather than like
> Palladium or whatever it is that Microsoft is trying to do.
Giant Electronic Brain