Slashdot Mirror
Apple's iTunes DRM Cracked?
joekra writes "The author of DeCSS is back in the spotlight with a new application called QTFairUse. The new application attempts to convert DRM'd AACs to non-DRM'd AACs on Windows machines. MacRumors has done some limited testing on it and has found it doesn't yet work as advertised... but they do offer a look into how it works."
thread here.
Belief is the currency of delusion.
I read the comments on MacRumours, and basically this program is not an Apple DRM crack but a hack for QuickTime (windows version) which dumps the decrypted AAC stream to disk before it is sent to the AAC. This is done by patching QuickTime and writing the data in memory to disk. It is easy for Apple to change QuickTime to make this app useless, but it is nevertheless an interesting approach.
That said, it is certainly possible to reverse-engineer the decryption routine in QuickTime instead of hacking the application itself. It is just a matter of time.
Hopefully this doesn't have any negative impact for the end users. It's always sad when the generic end user gets screwed because someone decided to hack/crack a product to give them additional functionality.
Why release it with your name attached to it? Didn't he learn something after the whole De-CSS trial?
I am the person who did the original testing for MacRumors. Here are the final steps:
The raw aac file that QTFairUse produces can be played in a windows app called foobar.
To play back in itunes is a little harder. One must run an application called faad.exe to fix the "atoms?" of the aac file. After that is done one must add the MPEG-4 wrappers using the program mp4creator found in MPEG4IPutils. Make sure to use the -optimize tag, or else the file will triple in size. After this is all done you end up with a m4a file with the decrypted aac content in a MPEG-4 wrapper playable in itunes.
DRM in iTunes is changed. Please repurchase all of your old songs. Seriously, the DRM with Apple's music wasn't that bad. Why make it so that they have to change things around? Remember iTunes Music Sharing? You use to be able to stream from any computer to any computer. Since people didn't use it for personal use, they forced it to only work on the same subnet (thereby not allowing users at work to access music from their home machine). I wouldn't say Apple is perfect, but they're more on our side than Microsoft is.
I have no
By breaking the means the industry hopes to use to make their business viable you are only going to force them to cancel future projects which make music and other media easy for consumers to buy. Not everything can be free. Do you expect to get paid for a days work? And if Apple is forced to end their service because everyone just steals the music, then what will be left with? I will tell you. Microsoft will push a DRM-based protection scheme which is based on hardware and locks out non-Windows users.
Stop screwing these companies!
Brennan Stehling - http://brennan.offwhite.net/blog/
There are plenty of programs out there that will capture your computer's audio output. WireTap for example is a free Mac utility from Amrbosia that does this. You can also burn your music to audio CD and re-rip it as an MP3. I don't see why this is a big deal. Apple's DRM is fair and people who buy songs from iTunes already have the opportunity of using something like KaZaA but have chosen not to. This isn't going to make any exclusive content available on KaZaA or anything. Reading the description I think the whole point is just to try to humiliate Apple and the music industry. If thats the case its a bad thing, because Apple is FINALLY turning the music industry around on digital music.
It's being compared to an analog hole attack because it doesn't actually solve the encryption scheme, but instead lets QuickTime do the decryption, and then captures the plaintext AAC file that is stored in memory.
Truely, it's still digital at that point, so it should be called the "plaintext hole".
Apple has been pretty liberal with their protected aac files compared to some other digital music retailers. Play on up to 3 computers, burn to cd, play on iPod. I've bought about 250-300 songs from iTMS and have never been inconvenienced by their DRM. Do you think their DRM being cracked might change any of this? I can just imagine the RIAA trying to use this as an excuse to implement some sort of draconian measures. For years now people have been screaming for fair online digital distribution. We finally get something that works well and is fair on both sides and some jackass cracks it. I sort of feel like next time the RIAA dupes some ignorant senator into introducing some insane bill that completely infringes on our rights we're not going to have a leg to stand on. Apple gave people what they asked for, then got shit on. What does everyone else think?
On a Mac, try this:
.. ..
#open itunes
#begin playing music
netstat | grep 3689
#look for multiple connections to the same computer, that's his address
#on the right and yours on the left
setenv him HISADDR
setenv me MYADDR
#en1 = wireless, en0 = wired
sudo tcpdump -i en1 -s 0 -w itunes.log src $me and dst $him
#begin playing each of the songs you want (only need to play a second or two)
#don't close itunes!
#hit ctrl-c in terminal with tcpdump running, it should say it captured some number of pkts
strings itunes.log | egrep "(GET.*update)|(GET.*databases)|Validation" > songs
#songs now has a list of magic cookies, each alternating line is the file or the password
grep GET songs > get ; grep DAAP songs > daap ; wc get daap
#the first two lines of first column should be the same (tested under iTunes 4.1.0)
paste get daap | egrep "GET.*items/" | sed "s|.*GET|./get_one|" > get_all
cat > get_one
#then type these next two lines, hit return, and hit ctrl-d
wget --header="Client-DAAP-Access-Index: 1" \
--header="Client-DAAP-Validation: $4" "http://$him:3689$1"
chmod +x get_one get_all
./get_all
#close itunes
#now to rename the songs to have sensible extensions
mkdir tmp
mv *mp3*session* *m4a*session* tmp
cd tmp
ls | grep session > old
tr '?=' '\t\t' < old > new0
cut -f1 new0 > new
cut -f2 new0 | sed "s|session-id|mv|" > new1
paste new1 old new > fix_all
chmod +x fix_all
./fix_all
rm old new new0 new1 fix_all
mv *.mp3 *.m4a
cd
rmdir tmp
#after loading into itunes, can use one of several applescripts to rename the filenames from 454.mp3
#some of the scripts rename *.m4a to *.mp3 - then the songs don't play. to rename them back
#move the *.mp3 AAC files to their own directory, then
ls *.mp3 | sed 's/\\/\\\\/g' | sed 's/\$/\\\$/g' | sed 's/"/\\"/g' |\
sed 's/`/\\`/g' > files
cat files | sed 's/^/mv "/' | sed 's/\.mp3/.mp3" "/' > old
cat files | sed 's/\.mp3/.m4a"/' > new
paste "-d\0" old new > fix_all
chmod +x fix_all
./fix_all
rm files old new fix_all
With great power comes great fan noise.
I don't get it. You can burn your own CD from the QT files you buy from the iTunes store right? And after they are on CD you can make MP3s of them and do what you will, no DRM associated with them.
So, beyond the rather adolescent desire to hack the encryption, what problem does this solve? There's just no reason. Once they're on CD it's as if you bought them at the store.
It's just ego.
I'm curious.. did he do this for a similar reason as the one he claims he created DeCSS for - namely to play back DVDs on Linux ?
:)
I can't seem to find it in any of the articles, nor in his blog.
If there is no similar reason, does that mean that the reason of DeCSS's existence should be reviewed ?
Was 'hollywood' right, and he really just wanted digital dumps of the movies, just as - seemingly - he just wants a non-AAC'd digital dump of the music here ?
Not inciting a discussion on whether people should be allowed to do this in the first place - that's a whole other discussion
Just because it's cracked doesn't mean a damn thing. Think about it, all of those songs are already available on P2P networks and newsgroups already. Most of them with superior bitrates.
Just because someone else puts up an AAC of the file on P2P doesn't mean that it's going to cause people to download more illegally. If someone was going to steal the music, they'd just do it with MP3 or OGG, or whatever flavor is already out there.
Think about it, this really does nothing to hurt Apple's business model. The percentage of people that are going to somehow benefit from a ripped AAC file and decide not to buy it from Apple instead is so low that it's insignificant.
What this does mean though, is that I can now play my purchased music on my Linux workstation, and possibly get a portable player that's not an iPod that will play these. I'd say QTFairUse is an excellent name for it, because that's certainly what I'm going to use it for.
Plus, why would one buy music from Apple, only to give it away to total strangers for nothing. I wouldn't. They way I see it, I paid for it, and if you want it, go buy your own.
Need Free Juniper/NetScreen Support? JuniperForum
The _very_ nice thing about Apple is that this stuff doesn't matter too much. It would be simple to convert all those AAC's into something else (be it mp3, AIFF, or even a higher AAC and back down) to get rid of the DRM. It's called a fence, you can jump it or you can respect it. Unlike most schemes that require complicated check in and out Apple had the guts and financial sense to do something that will satisfy both sides. It will be interesting to see if the notorious Apple legal will go after this. From what I remember they didn't bust down on people that extended the iTunes music sharing beyond the LAN.
Is there anything better than clicking through Microsoft ads on Slashdot?
(posted anyonymously for the usual reasons)
Another way to do this is with the Compressor program (by Apple) included with Final Cut Pro. Just drag the DRM'd AAC file into Compressor, choose AAC from the menu, and watch as it transcodes to unencrypted AAC. You can convert that to MP3 from iTunes if you want, or write up a little AppleScript to automate it. The only downside is that you lose the metadata tags (you could probably decode that format and write an application to convert them to IDv3 tags), but it works pretty well.
Note: I'm posting this not because of any hatred for Apple, but because I like to be able to listen to my music on my SliMP3 and this is the only way to do so besides burning and ripping from a CD.
No, people, this is NOT a good thing! Can't people figure out when there's a good thing happening, that they should sit the hell down and let it be? Think about it. Apple's DRM was pretty easy to break, just write the songs to CD and rip them back, without DRM. But the RIAA will use this as an excuse to put more and more DRM, more and more legislation. They'll say, "Well, whatever the computer industry puts out, hackers break it, so we need more legislation." And the Senate, House, and Bush will sign anything into law! Come on people, this is a bad THING!
making good music would be a start.
Slashdot: Failed Car Analogies. Amateur Lawyering. Anecdote Battles.
t's also noteworthy that similar code has been circulating quietly for quite some time on the Mac side. Anyone with even moderate knowledge of the QuickTime APIs could implement code to do this with minimal effort. It's trivial. I myself have written code that re-encodes the protected AAC's to MP3 so that I can play them on an old Rio that I still use sometimes.
No! No! No!
You don't think this is interesting because you do not understand what it does.
The Mac tools/code you talk of takes Protected AAC, decodes it to raw Audio (PCM/AIFF) and then Reencodes it.
This takes Protected AAC to Unprotected AAC. No transcoding (no loss of quality) involved.
Apple does EXACTLY WHAT EVERYONE SAID THEY WANTED and they still get fucked over.
This isn't about fair use any more. This is about "fuck over any company that uses price tags."
This entire argument has lost every last shred of whatever legitimacy it may have once had.
Business isn't willing to pay for products, innovation and careers, so we get brands, mortgage commercials and layoffs.
You also don't seem to know what fair use is.
Fair use is anything that, in light of the four factors listed in 17 USC 107 (or via judicial tests that predate that codification) is fair.
The examples given in 107 are NOT blanket allowances. They're illustrative of the sorts of things that might classically be fair use. That's why it says 'for purposes such as' and not 'only for purposes of.'
Reproducing and distributing otherwise infringing copies on street corners may not be infringement if it's fair per the four factor test. And yet there have certainly been educational and news reporting infringements that were not fair uses.
-- This and all my posts are in the public domain. I am a lawyer. I am not your lawyer, and this is not legal advice.
I don't think that computers remove the profit from producing music, just from distributing it. As long as there's a demand for music, artists can sell it for some price and make a living from it. But with iTMS, Amazon's recommended lists, fan bulletin boards, and so on, there's no need any more for a massive information and distribution network like the RIAA. People can find what they like and hear about other music from people with related tastes, and they can do this on their own. I think that's probably the biggest threat to the RIAA: informed consumers.
But I guess as long as they have money and are able to buy politicians, they'll stick around.
the coolest club on
No need for Final Cut Pro, you can do a similar thing with iMovie. To avoid being redundant, but at the expense of seeming narcissistic, I'll link to my earlier post.
Win a signed Stephen Carpenter ESP Guitar from the Deftones: http://def-tag.com/?r=0008781
For most the limitations of the iTMS tracks probably isn't an issue, for me it is and as such I choose not to buy music from it, instead to buy a CD and rip to unprotected AAC. We have more than 3 computers I would like to be able to play music on. An older iMac hooked up to the stereo which is the main in-home music box. A computer that is destined to reside in the trunk of my car hooked up to the car stereo. A PowerBook that I use commonly to play music at work and an older iBook that gets used to play the music from the iMac elsewhere in the house. I can't use all 4 for Apple DRM'd music. Why not? They are our computers and its our music and I should be able to play the music on any of them. Why only 3 allowed? If the number were 100 it would be just as effective at stopping mass distribution and such a number really wouldn't limit legal owners of the music.
As such I look forward to a completed version of this tool and its availability on the Mac (though I presumably could run the Windows version in VirtualPC). Not to get music from others (as has been noted it wouldn't offer anything you can't already get via other easier means) but to allow me to use music purchased on iTMS as I see fit and without audio quality loss. Indeed the availability of this tool would make me reconsider purchasing music from the iTMS - currently there's compelling enough reasons to no do so and so I don't.
--- What?
Today's wants are tomorrow's needs. You really ought to read some Adam Smith.
The desire for goods and services will never go away. When food becomes free, people will take that money and spend it on other things. When those things become free, people will spend it on yet other things.
If robots manufactured every material thing in the world for free, people would pay money for ideas. Or for the human touch of service, or for the nostalgia or curiosity of non-robot manufactured items.
To want is a basic foundation of human nature. To say that some day we will never want (which is basically what your post maintains), is to completely ignore a fundamental human trait.
You can tell a great deal about the character of a man by observing those who hate him.
Sometime in the Windows Media Player 7 or 8 era I decided to start ripping my legally purchased (or licensed?) collection of CDs for listening while at my computer. I did not share these files with any one else nor did I listen to it in two places simultaneously. At the time the default media encoder produced rips with DRM.
I then made the poor choice of upgrading from Win2k to XP with no expectation that it would have any effect on the hours I spent ripping my collection to my computer for my use. Perhaps it is the price of stupidity, but my online collection was rendered immediately useless because WMP decided I was on a new computer and therefore had stolen my rips from myself.
I have been a very satisfied user of iTunes/iTMS and have spent considerable money purchasing from iTMS. Under iTunes Advanced menu there is an item "Deauthorize Computer...". I fear even selecting this item and unwittingly invalidating hundreds of USD in iTMS purchases. I also have no idea what will happen should I decide to upgrade my CPU, add a drive, or even change the IP address of my machine. Or, perish the thought, have to reload XP because I have the poor taste to run Outlook or IE. Suffice to say, all of my iTMS purchases have been burned to CD-R because I'm not quite that stupid.
So here is one legitimate user who wants to not run afoul of the RIAA who may end up with direct losses because I don't have control over my purchased product.
Because if you're intent on pirating commercially, you'll just buy the CD in the first place. What's $12 for a CD if you're intending on ripping off the thing and selling it illegally?
This is kind of a tempest in a teapot, really.
You were mistaken. Which is odd, since memory shouldn't be a problem for you
If robots manufactured every material thing in the world for free, people would pay money for ideas. Or for the human touch
Hey now, some of us already pay for the human touch... or are you saying that sort of thing might be made legal?
Good judgment comes from experience, and a lot of that comes from bad judgment.
Or do you claim that communication with the Internet of the future will require the TPM to be turned on?
Cisco, Symantec, and Trend Micro have issuded press releases about new routers that will deny you an internet connection if you aren't running Trusted Computing.
Of course they advertize it as an anti-virus measure. Even the slashdot story got it wrong: Cisco Working to Block Viruses at the Router. These routers do not block data. They require you to be running Trusted Computing and then they can be further programmed to check that you are running specific anti-virus software using remote attestation.
Cisco's Network Admission Control program would enable companies to install on every PC and mobile device a client, called the Cisco Trust Agent, which could attest to certain levels of security...
However, the technology won't work unless security software can tell the Trusted Agent application the current state of security on the computer or mobile device.
The technology might also spur sales of PCs and devices that use trusted-computing hardware--controversial technology that uses encryption, special memory and security software to lock away secrets on a PC from prying eyes...
"We need a trust boundary between the network and these devices, and the system needs hardware and software to do that,"
Sure, they are advertizing it for corporate network use, but can anyone really doubt that ISP's will start installing them and requiring you to run Trusted anti-virus software as part of the terms of service?
If you don't submit to Palladium / TCPA / whatever, then you will be denied any internet connection at all.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
honestly we cant beat the RIAA, there is no way in hell unless california falls off the face of the earth (sorry to all those nice californians) , they are WAY too strong.
SO Apple plays nice, they give us fair use, but give them the controls they want, but ONLY controls that limit trading, really if you need your songs to be on three computers at the same time, you have problems, but you can burn them and put them on as man iPods as you want. It's your music, you just have to make sure it stays YOUR music.
So what do some of us do, PROVE that the whole lot of us are diviants and hack the freaking DRM, PROVING the RIAA right that they shoulkd have tighter control.
They win. They couldnt win if Apple proved a DRM model could work and still could give the users the rights they where garenteed to have. But this proves that people dont care, they are willing to hack things and now willfully break the law (since it IS illegal to hack DRM files acouding to the DCMA no matter how flawed the law is) letting the RIAA say "See we need more control," and getting it, instead of them saying "See we need more control," and being asked why cause there is a proven model that shows they dont need it.
WAKE UP EVERYONE, THE FREE NAPSTER RIDE IS OVER, If we want a feasable working internet media model that allows us to have films and music, and anything else, we have to make sacrafices.
It's just like free speech, we all want it but the minute someone says something we dont like we try to censor them, and we cant. IT DOSEN'T WORK BOTH WAYS.
"Slashdot, where telling the truth is overrated but lying is insightful."
with digital audio editing programs. Long gone are the days that require million dollor studios to be able to create a polished piece of work.
Now, a talented producer/sound guy is still needed and still requires skills. But anyone with a natural sound for music and practice can be damned good.
Great. I bet this completely hoses the Thanksgiving vacations of a large number of Apple employees. I wonder how many people in legal, software engineering, QA, and the make-nice-with-the-record-companies departments just had their plans for the week yanked right out from under them.
Not to mention that this really damages a Good Thing.. even the most zealous anti-DRM person has to be able to understand that'll be easier to get the record industry to loosen their frantic grasp one finger at a time than to try to wrest their precious billions away from them and force drastic change. Yeah, bad for the big companies, big deal... but bad for the artists, bad for the Apple employees who worked their butts off to create this, bad for the end users when the record companies start calling it a failed experiment.
I have sympathy for those who have difficulty with Apple's DRM terms. I hit the 3-computer cap myself... 2 machines at work, 1 laptop at home, 1 desktop at home, my girlfriend's tower... However, I have NO sympathy for people who bitch about it like Apple's out to ruin them. That clause about Apple reserving the right to change the terms whenever they want? If a huge petition is delivered to Apple politely clamoring for that limit to be raised to 4 or even 5 computers, who's to say they wouldn't do it, or at least try to convince the record companies? People who complain about it not being international? If they missed it, I suggest they check into the news that Apple is in heavy talks to get iTMS launched for international customers. If they saw that news and ignored it, then they should STFU.
The iTMS isn't Apple out to rip off customers.. Apple has publicly admitted it's not a profit generator. It's there as an innovation, a jedi hand wave to get the record companies to realize there is a better way, to start them willingly down the path to change. I know a lot of people who spent 80+ hour weeks getting the iTMS launched, and their biggest fear was that someone would break the FairPlay system and bring it all crashing down.. while the impact to sales is hard to predict, how can these paranoid record companies who have til yet regarded online music download services as their big enemy (even if they're just a scapegoat for their own mistakes) learn to embrace this new technology that can be good for everyone?
Trying to force revolution upon the record companies will just make them lash out, act irrationally, and fight all that much harder. It's better to get them to decide that what consumers want really is the right path. They have to make that decision.. then they think it's their idea, and they're much happier to go along with it!
My opinion all boils down to one Japanese proverb about three feudal warlords:
What if the bird will not sing?
Nobunaga answers, "Kill it!"
Hideyoshi answers, "Make it want to sing."
Ieyasu answers, "Wait."
Which of these is going to be the most effective? I guess your answer has a lot to do with your personality and the techniques you use to attain your goals.. but in feudal Japan, I think it's fair to say that Nobunaga's power was dramatic but short lived, Ieyasu's was complete but he had to wait quite a long time.. in fact, until everyone else had disappeared... Hideyoshi's story was the most impressive as he rose from a farmer's son employed as a sandal-bearer to absolute ruler of Japan.
(OT: If that story intrigues anyone, check out the book "Taiko" by Eiji Yoshikawa -- he also wrote one about Musashi, the swordsman famous for his strategy and two-katana techniques)
As long as there's one link out there that is not controlled
Yeah, you can try to find an ISP that doesn't force Trusted Computing on you. It can be a major problem though. But you are still going to be locked out of any websites and other things that use it.
And once a signifigant number of ISP's use it they can enforce it end-to-end for the entire internet chain. Any ISP that doesn't use it could be locked out.
there will be workaround drivers, etc that will provide the challenge/response mechanisms of TCPA without the DRM bullshit.
I'm a programmer and I've studied the design. You can't work around it with drivers. The challenge/response mechanism is cryptographicly rock-solid and relies on keys locked in the hardware. Every ship has a different key and those keys can be revoked individually or every key from a given manufacture can be revoked en-mass if one of them botched their design.
Barring a major mathematical breakthrough or fully functional quantum computers, the only way to defeat the system they've designed is a serious hardware hack. One method would be to dig your key out of the crypto chip. Chemically strip the chip and read your key with a high-power microscope. You could then run an emulated TCPA system and have total control over your computer. The other approach would be to allow the crypto chip to function normally but to seize control over signals on the motherboard. I think digging the key out is probably the easier option.
Either method requires a pretty well stocked lab. A student could probably do it in a college lab. The problem is that either method really only "fixes" a single computer at a time. If you try to use the same key on multiple machines they could detect that and revoke the key. That forces you to dig out a seperate key for each computer.
The REAL fix is for the news media to pick up on the real story and for the public to reject the system. There was an uproar that killed the Pentium3 CPU serial numbers, this is far nastier. The problem is that they are going to spend a fortune on disinformation and propaganda campaign claiming that it is a good thing.
Every single argument in support of it can be shot down with a single argument: There is no possible jusification to forbid the owner from knowing his master key. Given identical hardware you still get every claimed benefit when the owner has his master key, and having your master key eliminates every possible way the system can be abused against the owner.
It is an easy and non-technical concept that the public can understand:
(1)The owner should be able to know his master key.
(2)The mere fact that you know something cannot reduce your computer's ability to protect you.
(3)Knowing your master key means that no one else can take control of your computer and use it against you.
There is absolutely nothing wrong with "new hardware", but the owner MUST be allows to have his master key.
Of course the Trusted Computing Group will never willingly agree to do this, their defininition of "trusted" is that you can't control your computer. They want to trust the computer to enforce DRM against it's owner. Their whole strategy is to market the benefits of new hardware while ignoring/concealing the fact that it does not justify denying the owner his master key.
They are/will be advertizing how good and nutritious apples are. Pointing out that they are packing cyanide pill inside isn't good enough. If we argue against poison apples we'll lose. People will buy the advertizing and take the good with the bad. We need to hit them with the argument that they are simply refusing to sell apples without poison pills. It will be a difficult argument because it is a technical issue, and they will do everything they can to dodge it. They are going to present it as an all-or-nothing package deal.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Clever a troll you are.
No, and I DEFY you to refute anything in this post.
fabled rights breaching technology?
Do you have any idea how Trusted Computing works? I'm a programmer. I have read the design specifications.
It is a very technical issue and there is bad information flying around on both sides, but I have boiled it down to one simple and unbeatable argument. There is absolutely nothing wrong with the "new hardware". The sole problem is that the "new hardware" keeps your master key locked up inside and the owner is forbidden to know his master key. This leads to three points:
(1) Assume two identical computers with identical hardware. The first one is "Trusted Computing" and you are forbidden from knowing your master key. The second one is "new hardware" and you know your master key. There is NO POSSIBLE WAY that the first computer can protect you that the second one can't do just as well. The second computer preseves EVERY claimed benefit.
(2) If you do not know your master key then others can control use your computer against you, such as enforcing DRM. If you know your master key then YOU have control over your computer and it can never be turned against you.
(3) The owner of the computer has every right to rip the chip open and read his key out with a microscope. Yeah, it takes a decent college lab to do so, but you have every right to do it. Once you have dug out your master key then you have total control over the system as I described. If the owner has every right to dig his key anyway then why the hell shouln't the owner simply be GIVEN his key up-front?
So (1) giving the owner his master key presevres every benefit to the owner, (2) it eliminates every abuse, and (3) the owner has every right to get it anyway.
I have no objection to the "new hardware", but there is no POSSIBLE way to justify the design specification forbidding the owner to get his master key. The only possible reason for that requirement is to take control of the computers away from the owners. That requirement can only serve abusive purposes such as enforcing DRM against the owner.
The TCPA design specification specifically reffers to securing the system against "rouge owners". If the system were in fact designed for the owner's benefit then there would be no such thing as a "rouge owner".
These chips will be industry-standard for all motherboards. Microsoft has stated that the TCPA-chip is a component of their Palladium system. This is not a "crock conspiracy theory" - this is corporate press release. It is no conspiracy theory that the Cisco routers deny the end user an internet connection unless they are Trusted Computing compliant, it is corporate press release.
There isn't any press release about ISP's using these routers, but it *is* blatantly obvious. They are being promoted for fighting viruses and worms, what ISP doesn't want to fight viruses and worms? It will be promoted to fight spam, what ISP doesn't want to fight spam? It will be promoted to fight hackers and pirates, what ISP will refuse to fight hackers and pirates?
The only signifigant leap is about the possibility of backbone routers using it. Well, that is up to the handful of corporations that run the backbone routes. Assuming a signifigant number of ISP's have already switched over there is nothing to stop them. There will be all sorts of pressures for them to do so for all of the reasons listed above. The routers can check for far more than just anti-virus software. They can be used to enforce all sorts of contract provisions with ISP's - access rules, billing systems, bandwith limitations, anything. They have countless motivations to do so. They won't use these routers as part of a "conspiracy", they will do it out of self-interest!
But fine, lets say this never reaches the backbone. You still have a situation where all new PC's come with this hardware built in. You have ninty-odd percent of the public running whatever operating sys
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.