Slashdot Mirror
RMS Urges Opposition to "Trusted Computing"
Andy Tai writes "In this Newsforge article, Richard Stallman analyzes the "Trusted Computing" initiative and Microsoft's Palladium, points out that such initiatives are really means to ensure your computer can be trusted by Microsoft and Hollywood (you can't do things they don't want), and urges computer users to organize, to support the Public Knowledge and the Digital Speech projects and to use their consumer power to block "Trusted Computing" in its tracks."
I personally think RMS is a kook and an extremist.. Like most "spirtual" leaders are. BUT and this is a big BUT, thanks to people like him and L Lessig our world is being attended to...
I consider myself more of a business person and see the world in shades of grey. Sure that is great for earning an income, the problem though is that my shade of grey might change from a more white grey to a more black grey. And that switch is an erosion of power that I only realize when it is too late... At that point my black grey is a white grey for most people because they have "gotten" used to it.
So hats off Mr RMS...
"You can't make a race horse of a pig"
"No," said Samuel, "but you can make very fast pig"
Well, the bank has incentive to not screw with you a whole lot. Mainly because of the competition and mainly because the Gov't takes that type of crap very seriously.
MS doesn't have niether competition nor federal mandates preventing computers from being restricted.
How am I supposed to make a point of how Microsoft's intentions are evil (which they clearly are), when I can't find a good example where trusted 'fill in the blank' doesn't work.
Well, start with Paypal, which a lot of people trusted as a bank but then got screwed when Paypal froze their funds. Google for Paypal frozen accounts and you'll find tons of horror stories.
Then move on to the online storage of credit card data, and think back to when CDNow got hacked and all their consumers' credit cards were tossed around to the public.
I'm sure you'll get hundreds of examples here, but come on, you really don't have to think too hard.
What's your damage, Heather?
And what of Microsoft? Remember, I don't use their operating system at home - and to reiterate, I've never paid them for anything, so why should I bow to their dictates, especially since I don't use their product?
I thought that was how the free market was supposed to work, but I guess the market ain't so free now.
This sig no verb.
Trusted CEOs of Enron and WorldCom?
Trusted polititicans?
In general you can trust people if:
- You through personal experience that they are trustworthy.
- You have thoughouly investigated their background.
- They believe the consequences of screwing you over are bad enough that screwing you over is not to their advantage.
- -- OR --
- The consequences to you of being screwed over are worse than the consequences of not trusting that person.
Of course, this doesn't apply to trusted computing, which actually means that your computer doesn't trust you, not that you trust your computer.And remember, if you lend someone $20 and you never see that person again, it was probably worth it.
A legparnasom tele van angolnaval.
But he is doing the right thing for regular people and computer programmers.
He is quickly becoming one of the most important people in the short history of computers and computing.
"Shit!" says Larry Ellison "Another guy who is more famous than me!"
FACt: everything is politics.
You're more than welcomed to just code in your own little world, do all your work in your own little world, etc. But politics is still involved, whether you choose to ignore it or not, and it still affects you.
RMS realizes this and thus considers politics as integral in any software project.
Palladium is all about politics. Its about the polics of the BSA, the RIAA, and the MPAA conrolling what you do through MS, which will undoubtedly make unholy alliances to please these parties and profit. Palladium is about MS trying to make the GNU/Linux OS an impractical choice for users, as no hardware would run it. MS may say this about technical matters -- i.e., security, virus-prevention, etc etc -- and it is in part; but there is also politics running through the fibers of this idea. Politics is ubiquitous in this Palladium project.
As is predictable, everyone's been more than willing to jump on the "bash RMS" bandwagon. It actually reminds me of the Michael Jordan situation in the NBA. Here's a guy who's done alot for the NBA, alot for his team, and alot for basketball in general, and people are constantly criticizing him for making personal decisions which he had the right to make (i.e., to come out of retirement). Similar thing with RMS.
Many criticize RMS for what he says or where he says it; i.e., mentioning such things in newsgroups or forums which are "not meant for discussing those issues". But the politics of what he talks about is relevant to kernel developers and coders, even if they're too stupid to realize it. RMS is not an extremist. Or, if he is, extremism in defense of liberty is not a bad thing.
social sciences can never use experience to verify their statemen
Before we all get too carried away, let's try to remember a few basics ok?
1: Trust is a human phenomenon, not a
machine state.
2: Trust implies motives. Last time I checked,
machines don't have motives. People do.
What are RMS's motives? Microsofts?
Trusted computing's motives are ???
Personally, I think the whole thing stinks of pot, kettle, black on the above mentioned bases. Regardless of all that, I fully intend to look out for myself online using Free Software/OSS to the extent I am able. (currently 100%) I believe I know what's best for me, and don't need much help from M$, RMS, or any "Initiatives".
C|N>K
BTW, you've just lost the debate according to Godwin.
Perhaps the qualification is " .. something he believes in but which ultimately benifits the many over the very few."
If RMS's ultimate goal is to wield complete power over a populous, to the point of selectively exterminating a percentage of it, he sure isn't making enough friends to build the required army.
Which is to say, RMS' goals are altruistic. Even if on a personal level he's doing it for purely egotistical reasons, his end-game allows us more freedom, which I certainly support. The fact that he's willing to put himself on the hook (I'm sure hes aware of his public image) in order to preserve esotaric freedoms we should have, that he could probably keep (after all, its not like hes going to have to use Windows, right?) regardless of the outcome of this situation is commendable. I'm not sure how you could paint this otherwise.
Hitler, on the other hand, wanted to kill people.
I'd draw you a diagram, but I'm afraid you'll counter with "Hitler drew diagrams."
Aside from his goals being virtuous, in my opinion, you've certainly nailed the point (inadvertantly, I suspect) that the more important part is that the thing he believes in is your and my freedom.
"Old man yells at systemd"
There's nothing wrong with stopping and asking "Why should I follow the anti-MS stampede?"
True enough... but using logic like "I trust banks, so why not trust MS" is pure lunacy..
Banks are required (by law) to be FDIC insured. There is none of this "we take no responsibility for your money - if we get robbed, you'll lose it, even if it was our fault" mentality that MS seems to have (read your EULA some time)
If a bank decided (for no reason) to tell you "I'm sorry, I don't feel like giving you your money", they can be shut down, and the officers thrown in jail.
As soon as MS takes some responsibility for their products and services, maybe I'll start to trust them.
And you thought Ballmer looked dumb when he took the podium
No, it wasn't the 'taking' that made him look dumb, it was the screaming and jumping around like an ass that made him look dumb.
Well, duh, if the user wants to run insecure applications, fine, Trusted Computing won't stop him. But if he wants to run secure applications, it will let him. The point of Trusted Computing is that, for example, the stock broker's computer can tell
There is no way to tell those things without hardware assistance.
It is fine to point out the potential downsides and abuses of the technology but there really are uses for it to improve security! For RMS to pretend otherwise is wrong.
Imagine a Beowulf cluster of idiots attaching GNU to everything RMS ever said and never letting the world forget what they think Gore said. Or just imagine Slashdot, same thing.
"Gold still represents the ultimate form of payment in the world." - Alan Greenspan, 1999
If this were the U.S. Government pulling something like this, we'd have torched the White House by now, and the only real question we'd be debating would be whether Senator Hollings needs five more turns on the spit. But to some extent we are at a loss because it is business rather than government leading this assault on speech and liberty.
The world has started to turn into a scary place. It used to be the government that was most likely to take away people's rights. Nowadays corporations can be just as dangerous; and the massive bulwarks of liberity put up by our founding fathers--the U.S. Constitution and the checks and balances that make up the branches of government--were not intended to protect us from powerful corporations. If we are going to secure liberty for our children, it may take a struggle just as momentus as those struggles that have been fought before. Resting on our laurels is not an option for free men who mean to stay free.
The fact the word "trusted" is in this thing means NOTHING. The word is just there as a PR thing, something microsoft set up to make people feel all warm and fuzzy toward them. I could move into your neighborhood and start a program i call the "community trust system" in which you pay me money, and as a result you get to sleep safe at night trusting that my hired thugs will not come smash in your windows... and the fire department, which i have bribed, will actually come to your aid in the case of an unfortunate fire at your house... but that wouldn't have anything to do with either "community" or "trust". It would just be extortion. ..but then, if I also paid off the town newspaper and made sure that all anyone from other sections of town heard about was how great it was that the areas with the Community Trust System had much lower crime, then people on the other side of town would walk away thinking the Community Trust System was something really good.
This is what the RMS bunch never gets. If you let the other side set the language of the debate, they start out with a huge advantage. If you just sit there and LET the debate begin in a mode where "trusted computing" is always being used to describe "computing in which microsoft, not the owner of the box, is the one who has final say-so as to what happens on that box" (or "computing in which the user is not trusted at all".. really, palladium is a complicated concept, and trying to reduce it to one catchphrase is just silly).. and "anti-piracy" is always used for "prevents copying".. and "digital rights management" is always used for "technology which lets providers of copyrighted material limit the manner in which that material is used"..
If you let that happen, you're always at a huge disadvantage, because people who walk into the debate late will hear RMS or whoever saying "and so, Trusted Computing is bad!" and they'll go "wait, Trusted Computing sounds good! huh?"
This is made even worse in this particular case becuase the technical issues are simply beyond the grasp of the average person. Unless you have a pretty decent idea of how a computer works, you can't understand what Palladium does, and it takes quite a while for someone to explain to you what Palladium's effect for the consumer will be. As such, the average person, upon hearing about all this, will be faced with two sides to the debate: Microsoft's version of things, which is incredibly simple and easy to grasp because Microsoft is oversimplifying the truth to the point where it's practically out and out lying, and the Free Software People's version of things, which is disgustingly, disgustingly complex becuase it tells the whole truth, with all its confusing technical details and collateral damage. (Well, and becuase the Free Software People are a large, disorganized, and largely not very eloquent group, whereas Microsoft has everything being written by PR firms, and a large advertising budget.) Who do you think the average person is going to listen to? It seems obvious to me-- they simply won't be able to wrap their heads around what the Free Software People are saying. People may walk away with some vague sense Microsoft may be up to something shady, but they'll assume that even if it gives Microsoft lots of power, Palladium does the things Microsoft says it does (which it doesn't, not effectively), and will just forget about all those "side effects" that they heard about but didn't understand.
For people who spend so much time haggling over hacker vs cracker and the whole "GNU/" thing, it always seems so wierd to me they don't get that one simple thing. The vocabulary of the debate matters.
Remember, always remember: With Trusted Computing, you are not the consumer. You are the product. You are being sold to entertainment companies by Microsoft-- and they are paying Microsoft not in money, but by agreeing to use Microsoft's platform for "digital rights management", and Microsoft benefits in that they get validation for their secure, locked-down stranglehold on every single step within the computer between your fingertips on the keyboard and the rays of light coming out of the monitor. (And, of course, if things turn out the way MS hopes, eventually things will reach the point where your average computer user can't realistically ever switch Palladium off, because if they do there will be too many programs they can't run and too many websites they can't visit.) Of course, if Microsoft ever does secure that degree of control, you can bet the entertainment industries will wind up paying Microsoft a decent amount of money, if nothing else for the licensing to encode and decode into the formats of Microsoft's secure platform..
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
What needs to be done is to get some mainstream media attention. This means printed word, and TV. And no, I don't mean 'Linux magazine' or 'TechTV', I mean 'New York Times' and 'CNN'.
There're just too little geeks, at least too little of the ones who actually do anything about this.
Two propositions:
- Copy down the address to the article. Sure, it's written by RMS, sure, there're a lot of hypotheticals, sure, it's a bit rough around the edges, but it's no worse propaganda than what the 'other side' feeds people. Now.. after you have the address in store, start mailing everyone you know, stating the article contains something you feel is very important, and ask them to read it, and if they think it's important, mail it to all of their friends. Spam? Not if it's from someone you know who's not selling anything.
- Did you notice RMS gave full rights to use the article anywhere as long as it was hold intact? Start mailing it to newspaper editors and TV companies..
Time to do something, namely, get the punters aware of things other than their virtual bellybuttons.Marxist evolution is just N generations away!
Hey man, i'm toq, maybe you've seen my posts around here? :)
.gov regulations that would stop them from selling a DRM equipped peice of hardware for far less than a non DRM equipped peice of hardware. I would imagine any hardware company not willing to produce MSDRM compliant stuff will be left out in the cold because they won't recieve funding from M$ to develop it.
Anyways I just wanted to give my opinion on why this is bad. MS has over $40billion in cash reserves. This is enough money to subsidize anything they want to, which is a really scary thought. So right now MS is subsidizing DRM development through a network of smaller projects like the Xbox, funding cheerleaders to go to hollywood (RARA RA M$ OWNIN YOUR PC IS GREAT!!) and getting chip makers to make the actual chips to go into the final product.
When it comes time for a "final product" no doubt that will be subsidized too. Unfortunately there are no
Furthermore, when a first time computer buyer goes to buy a pc, will they buy the fully pre built "Compatible with hollywood!" PC or will they pay the extra money to have a non DRM pc built.
Customer "You mean its not compatible with hollywood?"
For us tech hounds, we know we'll end up having to support this shit somewhere down the line. Personally, I don't want to touch it with a 10 foot pole. I can see my CEO now...
CEO, "I tried to access this insider trading site (porn) on my sleek sony vaio (it looks cool)and it said I wasn't Hollywood compatible? Bob from accounting said hollywood compatible computers are cheaper than non holywood compatible ones."
See that's the basic, sometimes flawed logic of the pc illiterate public.
And that's where I see all this going. I see MS and NBC and AOL getting together for one HUGE fucking ORGY to screw us. I see future media being created that REQUIRES you to have this hardware to listen to it. Yet the PC illiterate do not even stop to think "Tape recorder next to the radio" DRM is flawed from the beginning in that sense, so really this is just MS's 3rd reich (1st riech killed os2, 2nd killed beos, 3rd is goin after linux)
Anyways, good luck to you Mr. Stallman, i'll be here in the trenches trying to prevent MS from going onto my friends and families computers. Not many people can sit back and see the whole picture but you can, and should be commended for that.
As Lessig has written in 'Code' and RMS writes here, government and commerce feel that imposing control structures on users is a good thing. The government likes it because control enhances their regulatory power. Commerce needs control so their 'property' will be defensible from piracy, etc.
RMS should really be taken seriously - web services is the next step for commerce that the government will attempt to promote. Web Services will enhance our PKI, allowing for identification, and it will also add controlling code to many devices and systems. Not only developers but the average citizen should be lobbying hard for open networks and open systems. If we don't, the Internet will become the perfect control structure to regulate our lives.
smd4985
Thus the only course of action I can take is to not accept the contract if it is offerred.
However, I will be happy to discuss with them that I cannot consider taking the job because I feel that what they would want me to do is morally reprehensible.
I try to abide by what I feel is right. But I have worked for companies whose principles I objected to, because that's what I had to do to survive. I did the best job I could while I had the jobs, but did my best to move on to other work as soon as possible.
But there are some things I just won't do.
Request your free CD of my piano music.
And keep in mind that banks weren't always so trustworthy, and that it has taken centuries of bank failures resulting in economic slowdowns before we have reached the current state of "trust". The first central bank in the US was chartered in 1791. Nationally chartered banks were established in the mid 19th century, to ensure a stable consistent national currency. The current Federal Reserve system was established in 1914. Bank failures during the great depression of the early 1930's resulted in more regulation under the New Deal.
Banks were once not considered trustworthy - hence the tales of old folks with their life's savings hidden under their mattress. The current state of trust in banking institution results from a long painful history of experiments, failures (and lost savings) and government regulation. Banks are perhaps the most regulated and most audited commercial organizations in the country.
Banks have had to earn their trust in ways Microsoft never has (and likely never will)
"dope will get you through times of no money better than money will get you through times of no dope"
It's easy to do so when YOU aren't that bright. He might not be a Jeffersonian speaker (well maybe George Jeffersonian) but he has done more to further OSS than you that's for damn sure. You're lucky he's even around after the shit you constantly heap on the guy.
So he's not eloquent: you can't diminish what he's done.
Stop being such a snot and shut the fsck up. Cut RMS some slack. At least he contributes something of substance where it counts. You? Well it's real easy to be enlightened when you're sitting on YOUR ass on a mountaintop somewhere and all you can contribute are some comments that you hope get modded up.
I got a shitload o karma to burn baby so mod me down and flame as high as possible you unappreciative shits.
</TANTRUM>
Please, please do not use the words "secure application" when what you really mean is "approved application".
What I suspect you really mean is "an application that is doing only what the user intends that application to do". However, that is not necessarily the same as "approved application". (Since software vendors can stick all sorts of cruft and spyware into their "approved" applications) Some Palladium supporters would like everyone to assume that they are the same, and the use of "secure application" supports this confusion.
"Secure application" presumably means, among other things, "an application that is not vulnerable to attempts to make it misbehave". This is also not what "approved application" means.
I wonder - if an approved application contained a buffer overflow or other vulnerability, would it be possible to write a trojan that would operate entirely through that vulnerability as though it were a trusted application? (e.g. a trusted server could be exploited remotely and then the trojan code loaded into memory, running as a thread of the trusted server process) Tricky perhaps, but I've not heard anything that makes me think that Palladium will avoid that scenario.
The CPUs will have keys used to verify the signatures. Any number of keys signed with the hardware key may be generated. But how software behaves based on these keys will be up to the software. In other words, any vendor (Microsoft, for example) could interoperate today and then decide all at once to refuse to interoperate. The problem isn't that it impossible to use a trusted computing architecture in a free and open way, the problem is that it can change at any time and as the person who bought the hardware and software, you are the only party in the transaction who will have absolutely no choice in the matter whatsoever. Still think it is okay? Then go ahead and buy the stuff.
.NET too expensive for Free Software developers.
I, for one, will NEVER, ABSOLUTELY NEVER buy any device with this technology in it. And I'd think you'd have to be insane to buy it. Especially businesses. Thsi creates an absolutely unacceptable risk. Imagine a key compromise. Every computer system that used the key could be shut down. What does that do to, say, a bank?
I think this whole idea is inherently nuts. The only people who like it are the monopolists. That should make you think twice.
I can imagine 10 disaster scenarios for every benefit this technology offers.
Fundamentally, whose computer is it? My guess is that Windows OSs will require that TCA be active. My guess is that Microsoft won't allow untrusted code to run, or, if they do, they won't allow untrusted code to use their data. They can kill Free Software just by making a key that will allow interoperation with Windows or
RMSs article points up many of the potential abuses. I don't need to reiterate them here. The point is not that the proposed system will be abused, but that it is the first step in creating a totalitarian computing enviornment. This is not dissimilar in principle to requiring you to give DNA and fingerprints to the government, or to a corporation in order to do business. That the system may not be abused right now doesn't mean that the idea isn't fundamentally wrong.
If RMS doesn't understand the vocabulary issue, then why does he refer to "trusted computing" as "treacherous computing" throughout the article?
Any sufficiently well-organized community is indistinguishable from Government.
No it is not simply 'duh'. Microsoft would have us believe that Palladium is primarily intended for the elimination of these virus/trojan.
... if the user wants to run insecure applications, fine ... "
"
If Microsoft is really concerned with these insecure applications then they could rewrite them without all of the obvious security holes. Palladium is not needed for this. It is _huge_ overkill. Come on, Microsoft says that Palladium will run with legacy applications and they also say that Palladiums primary purposes are security. But, unless you upgrade all of your software (not to mention drivers) to use Palladium then there is no security?! It is freakin obvious that Palladium has nothing whatsoever to do with 'security'.
Calling it "trecharous computing" makes him sound like a kook, not a serious voice.
I was talking about Palladium with a geek friend of mine the other day and after a while, he pointed out that I sounded like I should be wearing a tinfoil hat.
And he was right. But it was all true. Palladium is one of those things that, if you explain it to non-geeks, makes you sound like a conspiracy theorist.
So, I've resolved to keep my explanation simpler. If any non-geek asks me about Pd, I'll just say that it's just MS trying to protect its monopoly and that it will make it a lot harder to make backup copies of movies and music.
Both are (IMHO) true and plausible and don't make it sound like the evil conspiracy it really is.
Ok ok. We, the geek community, agrees that Palladium and the "Trusted Computing" initiatives are bad. So what, there are not enough of us to excecise our "consumer power" and stop them. If the geek community really had that much power, Windows would no longer exist and Linux would have a 90% desktop market share.
Obviously, this is not the case. It's because no one in the real world cares or thinks about the geek community. Moreover, searching google for 'palladium' or 'tcpa,' will reveal that they are Microsoft and other copyright holder's initiatives. So what does Joe Consumer do? He visits microsoft.com and learns about all the wonders that Palladium will do for him. If he really does his research, he may stumble across a page like the Digital Speech Project, and promptly decide that the anti-TCPA community consists of a bunch of hacks.
Simply put, the web page is lacking, PR is lacking, and we can not compete with corporations unless we capture the hearts and minds of the normal consumers. Sure, the page may be standards compliant and be light on the server, but it looks bad. It looks like a voulnteer operation. This community needs to make itself look better than the corporations. Consumers expect a certain style, so let's give it to them. That means creating visually appealing web pages, pushing technical material towards the back, and creating a presense that appears credible. And for God's sake, stop asking for donations on the front page of every FSF site.
The more I read about his guy the more I respect him. He let himself ridiculed in order to inform the public at large about important issues. Issues not easily understood by most people and yet, that will affect everybody's life.
RMS is being laughed at by people like you, but I believe humanity has a chance of advancing because of RMS and people like him. People who's vision goes beyond their own good.
No, I don't have the courage to do things RMS does, but that doesn't mean I don't think highly of him.
Sigged!
Here's a reason why Microsoft should not want to implement treacherous computing in the future: while North America, Western Europe and a few Asian countries are pretty well wired, the majority of computer users is not yet connected to the Internet. Those who don't have a PC yet (the enormous market potential), will always get Internet access after they get a computer, not before. Thus, if you start selling software that absolutely requires Internet to run properly, you automatically hand over a huge potential market to your competition.
On a personal note, there's a small group of people (just like me) who choose not to have Internet access at home, and could not care less what software they are using at work.
This makes me wonder, where does this leave scripting languages where the only real binary is the interpreter.
All MS bashing aside I find it very odd that people, with all their supposed privacy concerns, would even consider a company such as Microsoft or any other software vendor for that matter, trusted enough to hold a lot of personal information.
.net or palladium account?
I understand the appeal of having an account that floats to any terminal that you log into - but having someone else in charge of that makes me nervous.
I mean - think of credit companies on steriods here.
For example - having a bank have some ability to control your money is one thing - but here you would have an account that could have much more information that you "own" but dont have full control over.
In your profile in the next 5 years will be such info as:
bank info
documents, both personal and professional that are kept or written by you
habits file, browsing, shopping, reading, viewing etc.
personal machine preferences
owned/installed programs you use regularly.
plus more
Now I cant understand why I would want to give anyone control over any aspect of this. Banking is a necesity in todays world - but that's as far as it should go. I dont wnat my bank to handle any information other than exactly how much money is in my account and when I access it. I wouldnt trust them with my personal documents etc... so why would I trust MS.
One argument against this could be the handling of hotmail accounts.
If you think MS is responsible enough with all you info then you have never been one of hundreds of thousands of whom who had their hotmail accounts "misplaced" with not so much as a sorry. (cant find a very good article on it - but I remember it when it happened)
What about how hotmail handles information as simple as your email address - and how much spam you get. What levels of access will "affiliates" and "advertising partners" have to all the info in your
There is already a proven track record to show why you would not want this info placed outside your control.
The bank knows that the big, bad SEC will be breathing down its neck in a microsecond if it crosses certain boundaries. Both the banking laws and banking tradition keep its competitive force/greed in check.
The high-tech world hasn't got the equivalent of the SEC. And, of course, it doesn't WANT an SEC looking over its shoulder, although Microsoft's behavior certainly indicates it needs one. :/
Even parts of the high-tech world that overlap on the SEC's territory, like online banking (PayPal, anyone?) or online stockbroking, are often not regulated as the equivalent real-world businesses would be. PayPal, for example, doesn't operate under the same laws and regulations as a bank, although its business is unquestionably banking. That's why I won't use PayPal.
Stopping Microsoft and the RIAA on the "Trusted/Treacherous Computing Initiative" is going to take both a grassroots refusal to use products that have that technology and a significant political effort. Time to call the EFF....
Catherine
The same question that I have in my sig:
How is Microsoft supposed to roll this out? How EXACTLY are they supposed to take over the world such that ONLY signed code can run, and maintain backward compatibility?
No backward compatibility, no sales.
Once again it has to be pointed out: Microsoft is in business to sell operating systems and software, not to take over the world.
Palladium will ALWAYS be able to run unsigned code. There's no other way it can happen.
Sometimes it's best to just let stupid people be stupid.
Most of us had gone there hoping that someone would put Brian on the spot. Even those who are friends would have liked to see how he would cope with a difficult question. Unfortunately RMS did not ask a difficult question, he just went off onto a rant. As a result everyone who followed was making sure that they distanced themselves from RMS.
The way to put someone on the spot in a case like that is not to make the most ridiculous assertion about the other side. Instead you should make the question appear to be as reasonable as possible and design it so that it exposes the unreasonableness of the other person.
Looking for an Information Security student project suggestion?
Try http://dotcrimeManifesto.com/
...Except that the employer is a Japanese entertainment conglomerate with offices in San Jose (the popular guess is Sony), and the target platform is hinted at being a digital media device. So TCPA, at least in this instance, will be used precisely for compulsory licensing and screwing the user.
TCPA devices have their place -- in banks, brokerages, power plants, and other establishements where you don't want random code introduced without a red flag popping up. And its use and proliferation should be confined to precisely those areas. TCPA has no business being in consumer-level devices.
Schwab
Editor, A1-AAA AmeriCaptions
Palladium is all about layers of security. If the hardware's secure, a secure OS can load. If the OS is secure, a secure app can load. If the app is secure, a secure file can load.
Considering MicroSoft's many attempts at making Windows secure, just how long do you think it will take for a virus to be written that will bypass all of their security systems?
I'll bet that someone will have code that bypasses all of their pallidium security before the retail version hits the shelves. MicroSoft wants you to believe that this will fix all of their security problems, but if you believe that then I have a bridge I'll sell you.
Who would win this election: Andrew Weiner vs Andrew Weiner's weiner.
The same lame joke repeated thousands of times is boring! Every time there's a story about Richard Stallman, GNU, FSF or GPL there's always some asshole who writes GNU/whatever and gets modded up as funny. Even if it was funny a long time ago (which I personally think it wasn't) than please try to make your own joke maybe, instead of saying someone else's one, over and over again. Thank you. You will look slightly less stupid in my eyes if you also try to show some respect to people who started the free software revolution. And no, RMS wasn't only bitching like the Slashdot cheerleaders, he actually started writing free text editor, compiler, linker, standard C libraries and other boring but essential stuff without which I could not even work today. Show some minimum respect, if you ever want to be respected by others.
First they invented the CPU-ID when producing the Pentium, but I didn't care since my BIOS gave me the option to disable it.
Then they put some GUID in MS Word documents, but I didn't care since I used StarOffice/LaTeX/Applix.
Then they would require a personal registration for any XP install, but I have been running Linux/*BSD so I didn't care.
Then they put "DRM" into Media Player 9, but since I ran mplayer and xmms, I didn't care
Then they started putting obscure crypto hardware comtrolled by some vendors' consortium into each and every PC and I could not run my free software, but there was nobody to help me, since my emails and postings were denied by the TCPA platforms to their owners, and nobody could read then anymore...
<disclaimer>Rev. Niemöller was facing worse conditions when writing the original, I know that...</disclaimer>
Palladium is not required in order to implement a sandbox for the current crop of pathetically insecure WinDOS applications. That goal can be achieved by simply adding a "sandbox execution mode" to the Win32 subsystem. Nothing as grandiose as Palladiums is required.
OSS Zealots ARE smarter than MS coders. They're smarter than MS shills too...
A Pirate and a Puritan look the same on a balance sheet.
As soon as you introduce the network, all bets are off. At that point, all the recieving server can be sure of is that it recieved packets that "look right". Anything else is an ASSUMPTION on the part of the server.
So, while you are putting in place the framework that can enable the elimination of general purpose computing you are also giving the technically naieve a false sense of security.
A Pirate and a Puritan look the same on a balance sheet.
I find it absolutely comical how self centered _some_ Americans are, to the point that they think the TCPA and related AMERICAN technologies (Palladium, etc.) will be the end of free computing in a global sense.
Do they really think asian/european PC hardware manufacturers are going to radically redesign their products to serve the needs of American capitalism?
Not a chance.
The TCPA may be the end of free computing in America (though I doubt it), but the rest of the world will continue on its merry way.
Get over yourselves!
I apologize in advance to all open minded Americans, you know who you are.
"Fascism should more appropriately be called corporatism since it is the merger of state and corporate power" -- Benito Mussolini
___
If you think big enough, you'll never have to do it.
There are about 3 alternatives to Intel CPUs, and a bajiliion alternatives to IBM and HP. It seems to me that without government legislation to force all PCs to have the built-in security dongle, there is no way "treacherous" computing threatens me.
In fact, I can't imagine Intel putting ugly 3rd brake lights on all their cars unless all other manufacturers are forced to do so as well. It would be a marketing fiasco.
Plus, any coersion between Microsoft and Intel to force people to buy Intel CPUs with security dongles would bring up anti-trust issues. They have to have government help to pull this off.
So why isn't Stallman asking for support in lobbying the government? There is where the potential danger lies, IMHO.
If I were Intel, I'd take any NRE money that Microsoft/Hollywood gave me for this stillborn idea, produce some chips for them, and laugh all the way to the bank. This is alot like the DivX DVD fiasco, and without 100% alignment of all the manufacturers, it will play out the same. You won't see the needed alignment without laws.
I think Palladium is a great idea, and let me tell you why.
One thing it offers is the ability to run a program which has it's own secure connection to the input devices and the screen. I think I'll write a little encryption utility which makes use of these features. By using a screen-based soft-keyboard for passphrase input I can make it impervious to every known keyboard sniffer, hardware or software. I bet I can find a few Mafia bosses who would pay a pretty penny for that! Thanks Microsoft(tm)!!!
Palladium will also let a client download software from the net which a remote server can verify is running untampered. I think I'll write an encrypted communications tool which uses this. Imagine being able to walk into any Internet cafe in the world and securely download an encrypted comm program with no worries about man in the middle attacks or keyboard sniffers! I hear the bin Laden's make good money in the construction business. I bet they'd pay good money for software like this so their "contractors" could check and submit bids online securely and anonymously from anywhere in the world. Thanks again Microsoft(tm)!!!
I bet I can find product opportunities in every market from P2P pirates to child porn collectors. Thanks Microsoft(tm)!
Step three: Profit!!!
Of course, the FBI and CIA are unlikely to let encryption tech that works that well out into the mass market. It's a safe bet that Palladium will either ship with a hidden back door or will include everyones favorite forgotten boogeyman key escrow. Thanks again Microsoft(tm)!
"... Kernel developers also want to have him banned from the LKML for constantly spamming it with off-topic political discussions ..."
/. when you have other more interesting things to do.
Just in case you haven't realized it yet, everything in this life that deals with humans and their activities is inherently political.
And if you doubt me, ask yourself why you actually "waste" your time posting to
I hate politics too, but it's just another fact of life that everyone has a motive, many of which are less than honourable, and those that care for what is right always have to fight to keep the world from going to hell.
Oh, and before I forget, RMS has contributed orders of magnitude more to society than most of you snot-nosed punks combined. None of you disrespectful whupper-snappers out there can start anything close to his Free Software movement, or come anywhere close to his productivity and work ethic, to speak less of even touching his character.
Flame away for all I care. Then take a long hike when your done.
I don't see any reason for TCPA even here. Any such system should be designed to not run anything unexpected, whether it is "signed" or not. And that is easy to enforce by not letting people who might be interested in running unwanted programs from touching the machine.
The trick with TCPA/Palladium is it tries to keep a person who is interested in running such programs and has complete control over the machine, from doing so. This does not sound good to me, and very bad for banks, power plants, and other places that might really need to modify the software on their machine!
If RMS really wants to tell the world that they should oppose "Trusted Computing" then he really should find a better outlet than an OSS online newspaper.
Theres nothing wrong with Newsforge per se, but if he wants people to actually sit up and take notice then he really should try and get his articles published in places with larger distributions (BBC, WSJ, FT, Business and Computing publications for example).
Avantslash - View Slashdot cleanly on your mobile phone.
I wish you were right, but your simply incorrect. Europe and Asia will go as does America.
From a practical standpoint, this planet has only ONE consumer operating system producer. All of the PC manufactures in Europe and Asia need Microsoft just as badly as Dell and Compaq do.
In fact, unlike the rest of the planet, the US has a few companies that might be able to sell PCs without Microsoft's help: Apple (of course), Sun, and IBM. (Sony could give it a shot, but they've shown no inclination. They have enough to benefit from the content business that strong DRM will be right up their alley.)
All of today's Wintel-clone builders will move as a group to either accept or reject Microsoft's hardware demands en-mass. Any of them who lags- whose customers start returning computers because it was incompatible with MS Word 2004- will be dragged down into bankrupcy.
Besides, the "OneWorldGovernment" thing is happening- its not coming from traditional governments though, but from multinational corporations. They influence the political process of each state to maximize their profits, molding the "developed world" into a conforming shape. (Laws which don't directly business profits will be left alone for a while, so nations will retain distinctiveness on "irrelevant" things like gun control, abortion, and taxation patterns.)
Pseudo-governmental entities like G7, IMF, and WIPO drive this conformity forward. WIPO tries to convince all nations to increase their intellectual property laws- they promoted some kind of "copyright duration parity" as support for the Sonny Bono act, for instance.
The citizens of the world CANNOT sit back and laugh at the hapless American consumers who are locking themselves into subjugation- soon the tendrils of DMCA-equivalency laws will penetrate their homelands, bootstapped as conditions of Favored Nation trading status, or by more insidious means.
I'm being pessimistic here- maybe Germany et all will be smart enough to read the fine print on some of these treaties before their parliaments rubber-stamp them- but its safer to assume the worst, and spread the warning about it.