Slashdot Mirror
EFF Position on Trusted Computing
Seth Schoen writes "EFF has just released our
analysis
of Trusted Computing. We find that the technology could benefit
computer security, but must be fixed to ensure that the computer owner
is always in control. We also propose a specific way of fixing it.
There's coverage
of our position at news.com. More articles should be up in
the near future at
the new EFF
Trusted Computing page. Thanks to all the people who helped us
understand this technology!"
That users are ignorant of Computer Security, so it must be controlled by a more intelligent source, like Microsoft. (It's true most are, but does anyone believe MS will fix it?)
Browse at -1, because trolls are often the most creative part of
Right on the heels of learning that Outlook Express was mostly responsible for the HL2 Source Code Leak..
Browse at -1, because trolls are often the most creative part of
Well, its my computer, and I can damned well modify it to my hearts content. This seems more than reasonable; it seems *necessary*.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
Fine, but part of the point is to provide secure content. The user has shown that he can't be trusted, so the content providers have a useless security system. A computer is a tool. It's pretty stupid to say you have a god-given right to see every bit in every memory location. You're just limiting the tool's usefulness for secure content, which is the goal of the EFF. So don't be surprised and indignant, when people refuse to sell you content you want in a form you want, and sue you afterwards when you claim yuo stole it because you couldn't get it the way you wanted.
That's a CRAZY idea. As usual, let's compare computing on the information super highway with driving on our own freeways.
What would happen if we let people drive their own cars? They would repair their own cars, "upgrade" them too! But if they are in control, they may not make repairs as needed and then their cars would fall apart on a public super highway and cause other people to die and stuff.
Oh wait... we have a "license" to help ensure that the public has a bare minimum amount of knowledge and skill to operate a vehicle safely on public roads.
Now let's return to cyber-reality again. Instead of "trusted computing" how about "trusted users."?
Let's say that the price of admission to the information super highway should be controlled in the same or similar way to the way we control access to the roads. What a fabulous world we'd live in! "License to SPAM" wouldn't exist. Maybe there are a lot of bad things I haven't considered but is it much worse than requiring a driver's license write a check?
Wow... imagine getting a ticket and your license revoked for SPAMing... or for operating a computer with a virus...
"The Responsible Computing Initiative" is born!
Corporations like Microsoft have every right to put DRM technology in Windows... it's a free country, after all.
It's up to users not to buy into the technology... Don't expect a government who is too busy looking for weapons of mass destruction to care about your computer.
I'm not anti-microsoft. I'm anti-bullshit. Which means I'm anti-microsoft.
What I have no capability of doing I cannot be forced to do either. Even with a warrant.
It has everything to do with warrants.
I can let you look in my house window, but that doesn't mean you can see in my file cabinet or dresser drawers. You cannot be sure of what is in those dresser drawers without coming into my house and looking into them. Even then you cannot be sure I didn't remove what you were looking for before you came in or falsely placed something there which is not mine.
If I wish to prove to you I have a certain book I can remove it from my house. You are still faced with having to believe it is actually mine.
I can show you any file on my computer. I can give you root. You may examine the complete configuration of my system, if I chose it, already. I can run a webserver and offer up anything I chose to show you.
Trusted Computing offer me nothing but potential intrusion. The ability to "prove" I own my own socks. I neither need nor desire that capability.
The capability creates the charge.
I understand it perfectly. Stay out of my dresser unless I place it on the curb.
KFG
No, the point is that it is a general purpose, programmable computer, and I, as the owner, should be able to control how it works, program it, modify its behavior etc.
DRM style restrictions are totally unnatural and artificial for a programmable computer, and require that the computer not function as one.
By my definition, that wouldn't even be a computer. I would never buy such a thing, that isn't what I want.
The general public doesn't understand what a computer is, some of them may be happy to get some sort of restricted appliance instead. If they want that, fine, but calling it a computer and trying to migrate everyone onto it is deceptive.
I don't think EFF expects any changes in what TC will be like, they just want to expose what it is really about - preventing the user from using their computer in ways that computers are fundamentally meant to be used, while claiming that it is for the benefit of the users.
Every currently proposed DRM scheme can be defeated by plugging an audio cable from the speaker jack on computer A into the line in on computer B.
You underestimate the stupidity of our opponents. They have in fact not only proposed such a system, they have had congressmen advocating it.
And how could they conceivably accomplish this impossible goal? Simple, they want to make it illegal to make or buy an ordinary recording device without a "Fritz chip" inside that would shut down the device when it detected specially tagged sound. They even proposed requiring that every single analog to digital converter have such lock-out technology embedded.
You could be dictating a letter into an ordinary tape recorder, and if someone walked by on the other side of the street with a radio the "Fritz chip" would pick up the special tag in the music and the tape recorder would record dead silence until they walked out of range. You only discover later that there is a five minute dead zone in the middle of your recorded dictation. Your camcorder tape of your child's first birthday goes dead silent whenever it detects tagged music in the bacground, and the video goes dead black whenever it detects a tagged TV image anywhere in the background.
Reporters might be able to get a special licence for a special video camera that doesn't go dead in this manner, but it would probably have to embed a special tracking code in everything it records.
I'm fairly certain that this proposal is far too extreme to ever get approved, but there ARE people demanding it.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
The DRM applications of this technology are small potatoes compared to the ability to lock-in consumers to an application suite (major score for the capitalists) and the ability to lock-out subversive information (major score for government censors).
That said, something absolutely must be done to protect end-user computers better; the current state of affairs is intolerable. I thought the EFF did a nice job not just crying Chicken Little, but making a specific suggestion on how to prevent the abuse of this important, needed technology.
"We receive as friendly that which agrees with, we resist with dislike that which opposes us" - Faraday