Slashdot Mirror

That being said, there should be a way to register other trusted signature keys in Vista to allow 3rd party boot loaders. I don't know if there is or not, but there should be.

That's exactly what's wrong with the Trusted Computing initiative that the major players (Microsoft, Intel, etc) are implementing: they don't trust YOU to make those kinds of decisions to trust 3rd parties.

http://www.againsttcpa.com/

1: What kind of person even remotely interesting in anything "Internet Security" would even consider dreaming about considering taking Symantec seriously?
2: Didn't we have this discussion not too long ago except the "List" would've been administered by MSFT (&co), called TCPA (then Palladium then NGSCB then OMGWTFBBQ) and be a little bit more "hardware-assisted"? (For anti-microsoft-fanboy coverage, check out AgainstTCPA, for msft coverage try Microsoft, Wikipedia has some rather neutral insights)

many of the examples you gave are about corporations trying to peg exactly who you are to market to you

ok.. i'll give you some more examples

yeah.. corporations are not out to enslave us.. we just don't own anything we buy anymore.. oh wait.. only serfs and slaves dont own property. Guess who is complicit with them... certainly not the general populace from these stories, just a wealthy and influential few.

Then there is the engineering of information and "farming" of public opinion

so really.. its not too far from dystopia as one might think.

Film

Advocacy

Start here: http://www.againsttcpa.com/index.shtml

But when your system is completely DRMified, this won't be possible anymore.
Any non-complying application will be unable to be started.
Booting an alternative system will be unable to access the content you even have in your IEs cache because it's heavily encrypted.
That's what "Trusted" means.
Systems not "trusted" will not be able to fetch that "content" anymore, naturally.

I think they have to accept the good with the bad. All should mean "all". Freedom should mean "freedom".

Then I would recommend BSD-license for you. Nobody is forcing you to use either GPL v2, GPL v3 or BSD. You have the choice.

Here's a longer explanation: GPL is about freedom of the software. It is a response to the copyright-laws which seeks to divide users from the sourcecode of the programs they run. That is why GPL is popularly called CopyLeft.

GPL is seeking to guaranteeing a user to modify the sourcecode to any GPLed-program as they see fit, and be able to run the modified program without restrictions.

DRM is about restrictions, and can not ultimately be modifiable by the user. Thus locking the user out of her own computer-system! Hence, GPL and DRM already doesn't fit together. So the GPL needs to address the loophole where the software may sign binaries and prevent modified programs from running, with no recourse for the user.

If the GPL does not close this loophole, users of proprietary OSes might not get the benefit of the GPL, since the OS might require signatures in the future. It is also a response to the rising threat of DRM at the hardware-level (TCPA) and other places.

There's nothing wrong with using a different license, or the GPL v2, if you do not agree with this. The Linux-kernel will probably never go beyond v2 for instance.

More info: http://www.againsttcpa.com

Unless of course "Trusted Computing" becomes commonplace. See http://www.againsttcpa.com/what-is-tcpa.html

http://www.againsttcpa.com/tcpa-faq-en.html

"People believed that the GPL made it impossible for a company to come along and steal code that was the result of community effort. This helped make people willing to give up their spare time to write free software for the communal benefit. But TC changes that. Once the majority of PCs on the market are TC-enabled, the GPL won't work as intended. The benefit for Microsoft is not that this will destroy free software directly. The point is this: once people realise that even GPL'led software can be hijacked for commercial purposes, idealistic young programmers will be much less motivated to write free software."

AFAIK, Transmeta was the first x86 processor maker to support Trusted Computing, so it's a bad choice:

http://en.wikipedia.org/wiki/Trusted_Platform_Modu le

According to an unofficial member list, VIA is a member of the Trusted Computing Group.

http://www.againsttcpa.com/tcpa-members.html

Acoording to the offical list, it's not, so I'm a bit unsure about VIA.

https://www.trustedcomputinggroup.org/about/member s/

Regards,

Dennis B. Schramm

Please visit http://againsttcpa.com/.
Read the information and get informed. Show your support - sign your name, add a button/link to your website, .sig, toaster.

It is up to YOU.

Saying "one person cannot do anything" is rubbish. If we ever want a chance at beating things like this, we MUST band together.

Speaking of avoiding hardware that prempts the need for spyware to be implemented in software, Does anyone know of a list of hardware that consumers should avoid?

If not, does anyone want to start a wiki entry or something similar?

(All I've found so far is http://www.againsttcpa.com/tcpa-hardware.html ) But I will be searching more in-depth later

But good to see the mainstream press catching up to it. This chip is part of a larger effort by major software developers and hardware manufacturers to mostly stop piracy in all forms and control what you can do with your computer and when.

Read the TCPA FAQ, and take a look at Against TCPA, an anti-TCPA site if you're interested. For an alternate perspective, you can also view the official Trusted Computing Group site.

Personally, I hate it, I don't think it will succeed, and I will *never* buy a computer with such a module installed.

Mmmmm, there are still heaps of people who have Win95. I don't think people don't really care about new OS's these days - if Microsoft had any brains, they would expand elsewhere like training their staff NOT to make their software so damn buggy, and aim for a better quality product vs. fast deadlines and rushing stuff out. Also, go here http://www.againsttcpa.com/ to whinge about the Fritz chip. I certainly wouldn't use an OS that uses the Fritz chip compulsory so it can track every damn thing you can do. I'd rather buy old spare computer parts than have the Fritz chip on my computer.

Wikipedia is based on the old 18th century encyclopedia concept, but this isn't effective in the digital era of the Internet. Many Wikipedia articles are intentionally written for the common people, not containing specialist scientific or rare information you can find in specialist books. For example, Wikipedia's article on quadratic classifiers is a stub written in April (after I raised this issue on their mailing list in February), and their article on software agents, although much improved since I pointed that it was as short as a kid's poem some months before, is still inadequate if you consider that some people study agents for years in universities. Now, what will happen if we go there and improve these articles so much that they contain all the relevant information you can find in computer science and mathematics books, including detailed examples and HOW-TOs, to the extent that these articles become 300-page books? They will remove that extra "unencyclopedic" and "specialist" knowledge, since they believe it should not be part of an encyclopedia. They may move the information to their other wikiprojects, such as Wikibooks. That's bad, because some information will inevitably be duplicated, and duplication leads to ommisions and errors (someone may fix something in Wikibooks, but the fix won't show up in a Wikipedia article which may contain the same information). They believe in old monolithic ideas and they still think in terms of "books", "articles", "pages", something they write and the reader reads in the same monolithic form. They must proceed and understand what the future holds for wikis and the Web, and they must adapt to that future.

The future lies in personalised information. You can see that it's coming if you notice the rise of RSS and you understand why it's so trendy now: People want to control the information they consume. The don't want to read an HTML page which may contain markup and CSS errors, be incompatible with their browser, full of flashy f*cking irrelevant advertisements and whatnot. They prefer RSS which provides an easy-to-parse XML representation of the information they want. Similarily, people use free/libre open-source software because they want to have control over their PCs and their lives, they don't want their software to spy on them nor to control what they can do with their computer with evil technologies like Trusted Computing and stupid DRM. People want freedom and choice. Books and articles are like closed-source software: You cannot control with fine granularity what you want to read. You have a choice between different authors, but that's all, and this isn't true freedom. What if we had a magic piece of paper which could erase the words and phrases we dislike? We could then read exactly what we want to read, from any author. How many times have you bought a 500-page book only to find out later than 75% of its text is unnecessary pseudo-literary decoration? Some people have lots of time and like to read anything they can, others want to invest their time in reading only the absolutely necessary text which contains the information they urgently need. We need a way to have total control over the information that enters our brain, or else we are at the mercy of the author.

In wikis, we need a wiki that can build personalised wiki-articles based on our preferences, getting data and information from a flexible database. This is a multi-step process. We must first create a wiki database which contains all the data we can document, if possible a perfect copy of our brains I would say, then we must develop software to tag its contents and let the user to retrieve the information in any way they like, and if we use a good design there is no need to duplicate any data.

Special software needs to be developed in order to materialise my vision. This software should be based on the concepts of "co

Anyone remember http://www.againsttcpa.com/? So this is how it looks in reality... I wonder, when will AMD join the group?

AgainstTCPA.com - Computers and Internet gave you freedom. TCPA would TAKE your FREEDOM.

Seems it is time for a website like notrustedcomputing.org (by analogy with nosoftwarepatents.org).

There already is: http://www.againsttcpa.com/.

Mr. Stallman's science fiction short story isn't the only depiction of what could happen in a full "Trusted" Computing paradigm. I linked to it as an accessible description of the consequences of Treacherous Computing. Here are some more factual descriptions: #1 #2 #3. Please read them and compare TCG's platform as described to what could enable the situation depicted in the story.

eh brother, haven't you heard about the great new technology called Trusted Computing? Put a chip with a hash code in every hardware and use a TC-aware OS (such as, unfortunately, Linux kernel 2.6.12) so that only authorised software can be executed. To fight mp3 sharing, cripple the OS to disallow file copying too!

Too bad you're still down on 3 and not 5. Came in late I guess. I wish there was a way to flag a post as a reply to 5-10 different erroneous messages at once.

That is really the sole point of genuine contention - whether an owner can know his own master key.

Looking at the other messages on this topic, there is a ton of delusion circulating on that point. The corporate PR departments are earning their paychecks.

It would probably be wise for the various anti-TCPA websites to emphasize this one fact more strongly. The Trusted Computing boosters have been quite effective at diverting the conversation to assorted side bonuses like preventing worms and keyloggers, and often well-meaning people who just want to see better designed desktop OSes (more granular permissions, sandboxing, etc) defend TCPA of of ignorance of the fundamental fact that users don't get the key.

How this could be used in a puzzle to render bots entirely useless without annoying the human, I don't know

I don't think there's any way it could help. Even if it's not cracked, all CAPTCHA can tell you is that an actual human is present on the client-side, not whether or not that human is moving the wand itself, or running a cheat program, it can't do.

(Well, the only way it could is if the gameplay itself was something too complex for a computer to perform adequately. Currently, most Chess players can be beaten by a computer, but most Go players cannot. However, popular commercial games will need to attract less-skillful users overall)

Sadly, it appears that the most plausible future preventive for online cheaters will be TCPA-style remote attestation. (Which is marginally better than today's solution: giving up administrator control of your own machine to the game company)

You should read the TCPA FAQ if you have not already. It explains why this is a bad thing.

Indeed.

Trustworthy Computing isn't a way to secure your computer. It's a way to take its control away from you.

http://www.againsttcpa.com/tcpa-members.html

apple doesnt appear to be a part of the "trusted
computing group" atm, so i doubt theres TPM's in
G5 chips.

(TPM = trusted platform module, the device that
ensures only "trusted" software runs on your
computer, also stores keys, etc)

Did anyone else think of the other TCPA when they read this article?

We've all read disturbing reports on how Trusted Computing is supposed to be nailing open-source software, and keeping keeping good citizens from causing a little less income for the poor media-industry (that just made its record profit this year).

Imagine a whole new kind of knight: black to the industry, but white to freedom-loving people. A knight that, just before no non-signed applications will run anymore, patches all systems it infects to destroy the immoral TCPA-lockdown. I'd like to see how many users, after realizing that they can again run their own programs again, would like to install the latest security (whos security...?) for Windows.

Indeed, the idea is not new, and I'd sure like to see an implementation of that. We'd probably need a freenet-like public-key command structure for such a virus, for one sane person to stay in control.

That would be so cool... Ah, dream on. (And go for it!).

A nice exercise would be to "patch" all iTunes clients out their to save unencrypted AAC-files to the disk. Just an idea... ;)

Maybe the average Joe won't care but I would rather have everything stored on my laptop that I physically carry with me. Why would I trust a random computer? Boo these men.

Yep, I have the same concerns. I haven't done anything of any consequence on machines I don't control for about a decade now.

Lets imagine a much safer system than they are describing: an iPod sized device that is a complete desktop computer sans keyboard/and display. You carry this on your person and use public "terminals" consisting of nothing more than a usb keyboard, mouse, and VGA monitor. The risk of such a setup is MUCH lower than the system described and yet there is still an appreciable degree of risk. The more popular the public terminal is, the closer it is to sensitive organizations, or the more affluent the demographic, the more incentive there is to install radio transmitters or recording devices into the keyboard and monitor. The starbucks across the street from the headquarters of a multinational corporation has a high likelyhood of being bugged.

Compared to this scenario, the system proposed in the article would be much easier to compromise. No special transmitter hardware needed. No receiver hidden in a closet or van. No need to conspicuously disassemble or switch equipment in a public place. No need to "spill" beer in the vent holes on the monitor so they will call in a "repairperson" to fix it. Nope, just compromise the host OS and have it transmit the data over the net. So instead of being mostly limited to inside jobs, government spy agencies, and corporate espionage the compromise of this system is likely to be accomplished by mere script kiddies.

Similarly, VNC on public machines would be very vulnerable to intercepting the data while it was still in plaintext.

One could try to argue that trusted computing systems with a Frist chip would make this secure, yet these systems give control to the government and multinationals corporation, who have a bad track record where privacy is concerned and are also want to erase data they assume you have pirated or perhaps is incriminating towards them.

Public terminals (used to?) work pretty well within the scientific community where people were trustworthy or in situations like the IBM internal voicemail/email system where the terminals were carefully controlled by the organisation whose secrets are at risk.

I found this bit really interesting (and insightful, actually, more on that below):

Actually in my spare time I had an idea of one revolutionary and ambitious project I can build on top of the trusted computing capable hardware (that project has nothing to do with linux by the way, but for it to run on linux too, linux would need to provide some basic trusted computing support), that's something I wanted to build for a long time but it has never been feasible until they added the trusted computing to the hardware and they filled the gap to make my idea possible, so I'm quite happy about these new hardware features (despite clearly they can be misused for some annoying things too).

I bring it up because this is so contrary to the common opinion on /., which is that TCPA is unabashedly evil and has no utility. Andrea is obviously one very smart guy, and a person who feels the need to have complete control over his machine, but who likes TCPA in spite of the risk of misuse. Contradiction?

The fact is that TCPA *is* an extremely useful and valuable technology for systems that require a high degree of security. It's not clear to me that the average home PC benefits from it, but it's very valuable for cheap, high-performance key management systems and cryptographic accelerators, systems that contain valuable data (like many businessmen's laptops), and systems at critical points in network infrastructure. I'm sure there are other valuable, and non rights-eroding, applications as well.

In my work as a designer and developer of high-security systems, I'm extremely excited about the fact that we can now buy low-end computing equipment that has TCP hardware. It enables so much. The next step is TCP hardware that is tamper-resistant, or even tamper-reactive, but still cheap. For now, really high-security systems still require something better, but TCPA can fill the niche between systems that require serious security and those that can get by with purely software-based security (or no security, which is fine for the majority of desktops and laptops).

To be clear, DRM is a bad idea, in general. The business applications (self-destructing documents, confidential documents that cannot be printed) do have potential utility, but I doubt they're worth the complexity they'll create. And Palladium aka NGSCB aka whatever-it's-called-today is an unquestionably evil notion, focused on removing the ability of people to control their own hardware, in an effort to allow a couple of declining business models to prop one another up.

IMO, what geek activists need to focus on is not killing the development of tools like TCPA, but rather on legal and social means of ensuring our rights.

Tools are not evil. Only users are evil.

The dark side of Dothan also reared its head, briefly. When asked why Intel was introducing a new naming scheme for Centrino, Chandrasekhar replied that the numbers represented more of "goodness measure" and reflected features that were not necessarily "performance enhancing", such as Le Grande. Le Grande is Intel's contribution to TCPA-compliant lock-down computing,and allows large media companies to impair the user's ability to exchange media files, such as their favorite songs. So you can see why Le Grande isn't "performance enhancing", and quite the reverse. [...]

Here is a link about TCPA as a threat to free software.

Slowing TCPA adoption is enough of an benefit to me to prefer a TCPA-free processor even if it costs $50 more for the same performance. I just hope I'll have that option for a while, as Intel is not the only company promoting TCPA.

For better or for worse, DRM is a battle that content providers will lose

No they won't.

Don't be surprised when Apple suddenly becomes one of the biggest supporters of "trusted" computing, and introduces a palladium technology of their own. And all the Mac zealots who were busy telling us before why Apple DRM was good, while Microsoft DRM was bad, will come back to tell us why Mac Palladium is good.

I'm not saying the coders here are doing something wrong because they are pushing Apple in that direction: if we self censor ourselves to appease the DRM monglers, then we are where they wants us anyways. Apple picked sides in this battle, and for all the bullshit their fans are feeding us about "nice" DRM, the side they chose leads only one way. Goodbye user controlled computer. Welcome Palladium controlled user.

Sounds like it's all coming true.... againsttcpa.com

hmm... padlock... VIA being one of these

is it me or something's rotten around here?

Does anybody know anything about the TCPA , is it real?

Do a little research (here's one for you: TCPA FAQ and then let us know if you still think that it's just MS bashing.

Of course they list Apple first.

Three cheers for the one PC manufacturer who doesn't think PC stands for Politically Correct!

Aren't most of the rest of those companies also listed in the TCPA member list?