Slashdot Mirror

← Back to Stories (view on slashdot.org)

Trusted Computing Group Formed

Posted by michael on from the untrustworthy-computers-coming-right-up dept.

An anonymous reader writes "How does it come that the formation of the Trusted Computing Group goes unnoticed at /.? On Wednesday, heise had the story. At last, we will get `easily-accessible specifications for trusted computing standards that will ultimately let people work, conduct transactions, and use computing devices with a new level of confidence' ..."

8 of 107 comments (clear)

  1. Standards are good... by Thaidog · · Score: 3, Insightful

    ... but I trust nobody but myself... not my Mom not my Daddi... and certainly an orgainzation with all the loopholes that this will create... It's a great idea in theory... Standards are the most important thing that can possibly come of this...

    --

    ||| I still can't believe Parkay's not butter.

  2. Re:Great by Anonymous Coward · · Score: 4, Insightful

    Probably not. But there -are- ways it could get better.

    1) Don't buy the stuff. Old computer works? Keep it. Delay upgrading as long as possible. Visit the computer store occasionally for upgrades, but leave without buying anything if all they can offer you is hardware with DRM.

    2) Don't listen to, or watch the stuff. Yeah, it's hard not to go to a movie now and again, I know. It's fun to do (albeit expensive). But most of the money you hand over for your ticket goes directly into the pocket of the people that are doing this to you. Rent a movie. Listen to an old CD you've bought, tape things from the radio, but don't go out and buy those new CD's. -Especially- not the DRM protected ones.

    3) If you do go out to buy a CD, follow somewhat of a similar procedure to that of computer hardware. Bring your CD up to the counter. Tell them you have an old CD player, and all these protected CD's won't play in it. Tell them you've had to bring back about 10 CD's to various different stores because the protection on them was messing with your CD player, and if this one doesn't work you might as well just give up on buying them altogether. Whether it's true for you or not, it likely -is- true for the hundreds of people who really -can't- play these CD's, and at the same time, you'll be indirectly helping to protect your fair use rights.

    There's a number of ways you can let these people know that it's not going to work, that you're not going to put up with it, but you have to -do- something about it. This whole DRM movement that's sure to cost the computing industry billions before the end is about money..they want more of it. They don't want you to download MP3's or movies, they don't want you stealing software (not that either of those is necessarily right in the first place, but that's another argument entirely :>). They want you buying everything you want to watch, listen to or use. If they find out that by abusing their customers will result in no sales, you can bet the whole DRM train will be derailed before too long.

  3. TC is a self-fulfilling prophecy by Katravax · · Score: 4, Insightful

    It feels like we've been fed buggy apps for two decades, and now we're told the solution for unreliable software is restriction of our abilites and freedoms. It almost sounds like they've intentionally created the problem, having had the solution in mind the whole time. What happened to the concept of solving buggy apps by getting rid of the bugs in the code?

  4. Actually... by inode_buddha · · Score: 4, Insightful

    I honestly don't think that trusted computing will be possible or extant until there are trusted humans.

    --
    C|N>K
  5. Trusted! by Anonymous Coward · · Score: 3, Insightful

    They need to get rid of the word 'trust' as it's misleading. If I was to set up to make a product that allowed the user full control of their system would that be 'untrusted' and if so by whom? By the morons pushing TCPA?

    The word they are looking for is 'RESTRICTED'! Just how much trust are we supposed to have in companies who collude to bring us a technology that has been deliberately given a misleading name?

  6. It's because ... by jc42 · · Score: 4, Insightful

    We all understand that "Trusted Computing" simply means whether or not Microsoft trusts us to run a program.

    --
    Those who do study history are doomed to stand helplessly by while everyone else repeats it.
  7. Not Palladium (or is it?), maybe not GPLable by David+Leppik · · Score: 4, Insightful
    From the FAQ:
    Was TCG formed to specify Digital Rights Management technologies?
    No. The focus of TCG is on protecting user data and secrets (keys, passwords, certificates, etc.) from external software attack and theft. This greatly reduces the risk of identity and data theft. It is not TCG's intention to address DRM requirements. As a result, the specifications do not include provisions to prevent owner tampering.
    From my reading of the FAQ, TCG is taking the password protection some laptop BIOSes have and extending it to encryption services for the OS and applications. This allows the user (a.k.a. programs the human runs) to verify a person's identity, the computer's identity, and the computer's boot parameters. Thus, you might have your bank account information encrypted in a way which requires your password on your computer-- hard disk thieves are locked out.

    They keep saying this isn't DRM, but it's most of the building blocks you need for DRM. And most of the applications they mention are possible without hardware support via an encrypted filesystem. All you need for Palladium is an OS which refuses to boot without the right user, computer, and boot parameters.

    The other thing to note is that they keep stressing RAND (Reasonable And Non-Discriminatory) licenses. Non-discriminatory means every organization pays patent licenses on the same formula. If the formula doesn't contain provisions to allow for open source software, then open source software can't use the standard.

    1. Re:Not Palladium (or is it?), maybe not GPLable by Alsee · · Score: 4, Insightful

      Was TCG formed to specify Digital Rights Management technologies?
      No. The focus of TCG is on protecting user data and secrets (keys, passwords, certificates, etc.) from external software attack and theft.

      They are lying and I can prove it. This protection is based on concealing the encryption keys. There is absolutely NO justification for concealing these keys from the owner of the machine. Malicious software cannot press a physical button or switch. They could therefore allow the keys to be revealed based on a physical switch (perhaps requiring a password as well). Including such a switch preserves every single claimed benefit of the system.

      The ONLY justification for not allowing this is because the system IS IN FACT DESIGNED FOR THE PURPOSE OF DRM. If they allowed the owner of the machine to access his keys in this maner it would destroy the ability of the system to enforce DRM. It would destroy the ability for companies to enforce vendor/monopoly lock-in.

      -

      --
      - - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.