Slashdot Mirror
Interesting Uses for Trusted Computing
An anonymous reader writes "The Unlimited Freedom blog has published a new article describing 'interesting' uses of Trusted Computing. (Google cache here). Trusted Computing, as implemented in Microsoft's NGSCB (Palladium) or the Trusted Computing Group (TCPA), has been one of the most controversial technology proposals of recent years, to put it mildly. But the article on Unlimited Freedom offers a new perspective. The author examines 12 different applications which could benefit from access to Trusted Computing technology. And most of them are uncontroversial or would actually improve privacy and anonymity. Among the examples listed are multi-player games, online casinos, P2P networks, anonymous remailers, distributed computing and mobile agents. The analysis provides an interesting contrast to the usual focus on Trusted Computing's impact on control over digital content."
Hmmm, it seems that another approach might also provide these desirable side benefits but also work to secure the Internet as a whole, and not have to use "Trusted" architectures. Although, there are new controversies from the following approach, in short, from my journal: "an emerging Internet security company, Symbiot is taking an entirely new, albeit controversial approach to Internet defense and cyberwarfare that should appeal to cyberpunks everywhere. Rather than the traditional passive response that has been used by sysadmins and CTO's worldwide, Symbiot is taking a more "active" defense approach by implementing a common subscription based access to a "threat database" that will allow participating networks to determine the degree of threat and respond democratically (by using the shared resources of other participating networks) and proportionally to the attack by allowing for a graduated response to cyber attacks. The potential of an asymmetrical response to a threat is also not out of the question.... Links for additional information are here and here."
Visit Jonesblog and say hello.
Just like Sauron's ring, DRM cannot be used for good.
I dont think so. Trusted computing is based in principal on evil. It should not be legitimized by finding ways to use it that were unintended. Endorsing something rooted in evil does not change the morality of the base. I don't care how shiny you giftwrap bullshit, it's still bullshit.
Think of it this way, Germany and Japan conducted much in the way of medical research in WWII, but since they conducted experiments that were inhumane, tortorous, and used unwilling subjects. The medical community wont touch their research, not because it is fundamentaly flawed, but because their research was fundamentaly evil.
Stand up for your morals here and fight trusted computing.
...I'm cool with Trusted Computing.
As long as my computer is being told what it can or cannot do by someone other than me, I DON'T WANT IT.
Moderate this comment
Negative: Offtopic Flamebait Troll Redundant
Positive: Insightful Interesting Informative Funny
Nothing to see here
Trusted computing is one of the best ideas I've heard in the last 10 years. It allows companies to decide which software you can run, thus avoiding you to run viruses, trojans or other software these companies don't trust. It will stop people from copying software too, like the brilliant DVD protection scheme, so creating more jobs in the computer industry. It's such a powerful concept, I can't wait until it gets delivered into my computer.
A nice faq on Trusted Computing.
You are receiving this message because your browser supports Slashdot Sigs and you have Slashdot Sigs enabled.
Unlimited freedom without repsonsibility is equivalent to anarchy, and the net is as close to a functional implementation of anarchy that the world has seen. However, this does not imply that what we have is an ideal. Far from it in fact.
Spam is one immediately obvious result of this freedom. Give yourself a couple minutes and you can think of several other less than desirable outcomes of all this freedom.
By tempering freedoms with responsibility, we can have the free flow of ideas we all have come to expect from the web, but without propogating all those nuisance aspect of the beast.
Unfortunately that means regulation. But regulation is not feasible in the traditional sense. The internet is a global phenomenon, and while some corners of the world act to supress portions of the traffic, by and large the web is a building block of a truly global society.
But a society must have laws to function and sustain itself. In ten short years my own usage patterns have drastically changed, as well as the usages patterns of many of my peers.
Remember the good old days? I remember not having multiple email accounts, or any of a number of other measures I routinely undertake to weed out various garbage I don't want as part of my on-line experience. We've all had to take these measures, to some degree or another.
My question is, is that the way it should be? Is spam and it's unsavoury tribe really an acceptable cost for the freedoms entailed? Most, if not all of us have extreme antipathy to spam. It's the old adage about a right is such only until it infringes on the rights of others. I feel that spam has truly infringed on my web experience, most of us should feel the same way. Even if the measures to avoid it personally are trivial, should the majority who don't want spam have to make such changes to allow safeguard the freedoms of a few individuals who refuse to honor our freedoms?
Regulation is probably inevitable, and in fact is being attempted by governments today. I think this is the bigger concern. If the web is to be regulated, such regulation needs to come from within. The danger is that the regulation will be forced from outside. The reason this will occur is because we have subjugated responsibilites to freedoms. As long as this continues to be the case there will be an increasing impetus to force such regulation on the web. The problem is that the source of such change will be the very people we don't want to make the changes happen. Big business and government.
And it makes sense, why spend money and time and effort dealing with the effects of this (relatively) unabridged freedom with virus scanners, and spam blocking services Et. Al. when the same time and monies and effort can be used to eliminate the problem. For a multinational corporation, it is a relatively trivial exercise to lobby for the legislative changes required. Once that legal environment exists, it becomes easier to implement the rest of your solution. If you can get a couple of your peers to play ball...
--- I'll finish this after my cig. break
Applications like online casinos would also benefit from a magical honesty pill which users could take to prevent them from cheating - but it's not going to happen. The idea of trusted computing is to require a specially restricted client machine, but there's no way this could work and be secure enough for something like online gambling. An important rule of online security is *you cannot trust the client*, and even if the standard Dell PC that grandma buys is locked down with all sorts of nastyware, this will do nothing against a determined attacker who is able to program a computer to do what its he, its owner, wants.
Although trusted computing could never provide real security, it can give a lot of inconvenience to 90% of the population to stop them doing things with their computer that Microsoft would prefer them not to do. Just like other copy-protection measures over the years, its purpose is to keep the majority of users under control, not to stop the real criminals.
-- Ed Avis ed@membled.com
I understand all of the benefits of trusted computing, but still find it hard to accept for two reasons.
First, I don't beleive that any system that is physically in the users hand is secure. Given enough time and motivation crafty end users will crack the system. For an example we need look no further than mod-chips and video game systems.
Second, I'm a tinkerer. I love to play around with new technology and software. Ultimately this technology would be in everything from your computer to your dishwasher. I'd hate to lose that ability to dig around the machine and software myself or have to pay extra to modify my computer and devices to gain that back.
As long as there are multiple competing trust providers, and administrators can choose which ones to certify for interoperability with their systems, I don't see much of a problem.
Of course, the problem is that right now there is essentially only one trust provider, and its previous behavior doesn't incline me toward trusting it.
The benefit of using multiple trust certifications is that OSS could get in on the game... if someone wanted to set up a way to submit source and receive signed compiled binaries for a small fee. A bit of a hassle and in effective in the event a licensee wants to modify the code, but then again the licensee could pay the original OSS coders or submit the modified source for signing themselves.
---
According to the latest ruleset, this post should be modded as Vorpal Flamebait +5.
I got yer trusted computing right here, pal.
I also reply below your current threshold.
I've read about half of it. So far, the gist is that Trusted Computing will require digital certificates for all executables, documents, emails, and web pages (along with images). He claims that since a repository system of certificates will need to be formed (much like we have SSL certs like Thawte now), the power to deny publishing will be concentrated in the hands of the certificate repositories, which presumably will be large corps and governments. He claims this is the "Good Old Days" of producer/consumer media that the entrenched powers prefer, unlike the supposed new era of peer-to-peer internet publishing, whereby anyone can create their own web pages.
Actually, having signed certificates on documents and email is not a bad thing. I've wondered for years why the US Postal service hasn't created a trusted email system for a small postage fee. I use PGP signatures all the time to verify downloads from the Internet. A certificate/signature repository is just a convenience so I don't have to constantly email or call people asking for their public keys. In all likelyhood these repositories will be competitive-but-cooperative databases like DNS, so there will probably always be alternative or bargain signature repositories.
Yes, things will likely get buckled down as the Internet gets more mainstream and govts get their heads around it, but I don't see the gloomy future he does. Maybe he just had too idealistic dreams of the future. The bottom line is that most people don't want to publish their own content, and wouldn't even if they knew how. Blocking inbound port 80 to consumers is not the equivalent of book-burning or censorship, especially if port 80 is largely unused by consumers except as a vector for worms. If you want to publish, you'll just have to find a plan that allows you to do so. The fact the the large ISPs are figuring out that they can charge an extra $10-20/month for this is not the end of world, so long as more than one competing ISP exists.
Also, no matter how much the Internet falls under control of central authorities, new technologies will arise for the tech elite to go about their business as always. After all, we somehow managed to build the Internet and BBS's in spite of the fact that publishers and the media had total control of print and the airwaves. History will repeat.
--- I'll finish this after my cig. break
Just a piece of propaganda by somebody in the TCPA...
Gentoo Linux - another day, another USE flag.
... to gain our trust. Then, they'll take over the world!
Let's just hand it to them on a silver hard disk platter!
"a recent software update for Windows Media Player has caused controversy by insisting that users agree to future anti-piracy measures"
I think its time I start looking in to Linux, the only thing that keeps me with MS are the games.
or == Draconian Rules for Me sure DRM can be used for good. DRM has made you powerful, now fulfill your destiny and take Balmers place at my side.
It's a trap!
multi-player games
** Possibly useful
online casinos
** I don't think that helps better the internet
P2P Networks
** I don't think that corperations see that as bettering the internet.
anonymous remailers
** Yes I'm sure spammer businesses will like this one!
distributed computing
** DNA Folding/SETI -- THIS IS USEFUL
mobile agents
** Not too sure on this one.
freedom of speech is a small price to pay, for a cheater free online gaming enviorment... seriously are these few good uses supposed to outway the bad?
Among the examples listed are multi-player games, online casinos, P2P networks, anonymous remailers, distributed computing and mobile agents.
The problem with the typical Slashdot users' attitudes to Trusted Computing is that these obvious benefits get ignored while they harp on all the negatives. That's why articles like this get written. There's good reason to point out the problems with Trusted Computing. For example, a multi-player game success story would be the XBOX Live system. By ensuring the games are signed copies and blacklisting modchipped XBOXes, they've effectively eliminated cheating and helped prevent piracy. The problem is that they also prevent third party development for a machine that customers want apps to be developed for. The Xbox Media Center is an incredible accomplishment that's stymied by the tight control Microsoft has over this particular form of Trusted Computing.
If our opinions were more balanced, perhaps the inevibility of Trusted Computing would be more favorable to consumers and developers.
If the DRM catches on and it gets legitimized, we'll soon have closed and regulated hardware like network cards, audio and graphics card that won't transfer data, play music or show graphics unless the mandatory DRM chip gives the permission to do so.
Sorry I don't know what BLOG means.
Whilst people seem to have a knee-jerk reaction against "Trusted Computing", I think there is one crucial issue that actually determines wether or not it's a Good Idea(tm). And that is: Who holds the master keys to my computer?
Point being that hardware level security features can be a great boon, as long as I decide what to trust and what not to trust.
Ofcourse, that's pretty guaranteed not what MS wants to push, but still - when discussing "Trusted" architectures in general, I think it's a valid point. It could for instance enable me to say that I trust the FSF's list of trustworthy applications - and viruses and other malware would actually be physically unable to run on my workbox. How could that be wrong?
Another issue I've thought about is - how can anyone be so sure it won't be cracked? People seem to be tinking that hardware enabled "security" (DRM, whatever) will finally give watertight security. Yet, to my knowledge, both PlayStations and XBOX'es has tried that trick - to no avail. (In the sense that those wanting to subvert the protection mechanisms seems perfectly able to do so).
Ohwell, just my thoughts atleast. If I have misunderstood anything, feel free to correct me :)
A lot of these examples are really creepy, and one point keeps coming up: making sure someone on the other side is running "legitimate" versions of software that are known to be unmodified. I just don't think that's a legitimate thing to care about. Specific software fingerprints shouldn't matter; interfaces should. Insisting on specific software instead of standardized interfaces, holds back innovation and flexibility. It's almost like the very point of "trusted computing" is to help create and sustain software monoculture. I think that's disgusting, and I know it's destructive to progress.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
Tried that new shit they have at Burger King?
Would you like to:
1) Pay a small license fee, renew the certificate and get your dish nice and sparkley?
2) Let your dirty ass dish grow all moldy and useless
Why then and not now? It's basically the same thing.
Comment forecast: Bits of genius surrounded by a sea of mediocrity.
I would say relax. TC(Trusted Computing) will actually be a great thing for open source. When people start paying full price for all their "warez", they will start to find that the wish list is bigger than the piggy bank. This technology will enable a great many things, and it does not have to be used (AFAIK). It will also be great for OSS development. It helps to know that the correct TC is being used to submit the code. It will make John Q Public feel safer.
I am no expert on the ramifications of TC, but I do *much* work with companies that want to use the online world, and most of them limit their services due to the issues that TC will solve. Even in OSS, we have to make money. It is how the world goes 'round, puts food on the table. TC will make it easier in some ways to make money. It will also make it easier for the small guy to make money.
That said, there are serious potential abuses of this technology, and I am still hesitant to boldly go forward. It will probably go forward without me if I do not though, so, all things being as they are, I need to learn how to use it and give it to my clients. They will want it. They have been wanting something like it for a while now.
InnerWeb
Freud might say that Intelligent Design is religion's ID.
Oh, so that's what "trust" is all about? It's all about being able to trust ME?
So my PC needs to be locked so I don't cheat in multiplayer games, steal from banks online, or modify my programs...? But why would I do that in the first place? Next thing they'll do is take away the knives from my kitchen to make sure I don't kill anyone?
"Trusted computing" is all about remote hosts trusting YOU. The only way in which this can happen is by making sure YOU won't be able to behave as you want. Those who are pushing this initiative forward are doing so because they want to control what you do, they want to be able to certify what you can do with your PC. While it may be a good thing to try to make online games, online gambling, online banking and others as secure as possible, personal freedom shouldn't be limited in such ways!
It's all a big paradox, because on one hand you get Microsoft releasing an OS that no-one trusts on a security level, while on the other hand they (and others) want to tell you how to use your computer to make sure you can be trusted?
I don't know if you feel the same way, but those examples that would make "trusted computing" such an interesting idea make me feel like a cybercriminal of some sort.
Diego Rey
diegoT
For the price of an extra big mac, you could've bought 2 double cheeseburgers. Think about it: 4 patties vs. 2
I've got a McDonalds just outside my place so that's where I go. I think the nearest Burger King is a few blocks away and I don't have a car so I don't bother.
A shotgun is a good use for any hardware made with Palladium.
.net the public would understand. Yep thats right its mostly a marketing word. (I shutter to call it that)
Anyways something more serious. They (Palladium) are trying to implement something that should be totally in software not hardware. Its kinda like throwing hardware at virus's (which is what They are really doing)
Like almost everything microsoft does They are pretty bland about their technolgies. For example can anyone give me a concise answer on
Lets go through what Palladium does.
1 "Critical data is in the user's control"
Wow so thats what drm is all about.. I would of never known.. Seriously Why are they trying to implement part of drm in hardware.. Its not a portable device and even then. Lets get back on topic.. Users are already in control of files. Is it that the gui is confusing to users? Well whats to say that this new drm gui won't be either. I think this is more a case a gui design.
2 'Programs and computers can prove they are the other computer/program'
Seems to me that we can do that too in software.. SSH verifies the other computer when you connect. It's called keeping the private key private..
3 Something about allowing certain users access to certain documents..
We have this too. Its called permissions and useing pgp to send files..
Well I am going to stop there.
I am way past my original post.
I will not support any manufactor that will suppport Palladium, I will go with apple before that happens.
All and all this concept Microsoft is trying to do is overkill, if they only wrote secure code (they are doing better then in the past) they wouldn't need to take such drastic moves.
You're right about the patties, though.
Really? Does that really happen?
The dishes I have in my sink are all moldy already, but how long will it take for them to grow useless?
My Righteous Leader RMS says DRM is Digital Restrictions Management.
J'aime mieux les méchants que les imbéciles, parce qu'ils se reposent. -- Alexandre Dumas
I'm waiting for DRM so I can prevent companies from converting my beautiful latex-generated pdf-format resume to a Microsucks word nightmare.
This will make it worse. How does attacking zombified personal computers help anything? It will simply cause disruptions to people who are innocent bystanders. What we need is more secure computer architecture, so people can't get trojans installed on their computers by reading emails in outlook. (Hint, Hint: Microsoft needs to pay.)
If trusted computing depends on authentication via hardware, won't this function become less and less useful as computing becomes distributed across more devices and individuals are less tethered to specific machines? Or would we all carry a little TC device that plugs in to various 'toolbox' hardware? Any thougts?
It already exists. We don't need some big companies sidling along and taking control of everything.
Multi-player Games
So, putting in all these "security" features in the consumer's PC is supposed to stop cheating? Far from it. Instead, it does two things:
There are better ways. (PDF, sorry.) It's also interesting to see other papers and such that reference this paper.
PHEM - party like it's 1997-2003!
Here's a thought, boys and girl(s? ;). Where in any of this does it say a content distributer HAS to use any of these technologies?
Specificly, the cost of implimenting these counter piracy technologies is skyrocketing. One of these days, it's going to be a simple matter of echnonomics that the empires of media idiocy are going to be overrun by smaller, more agile buisnesses, enabled by the medium that is the internet (can you say faster home connections making choices for multimedia consumption much wider?), offering equal or better product (entertainment, news, etc etc) at a much better price. When you can download a movie from a small production house doing high quality work, for $10, or yet another boxoffice bloatfest for $25 on dvd, which one are you going to choose?
Well, the one you enjoy, of course. That's the key to media, really. But as the big players keep raising the cost of entry into 'their' world, how long do you think it will be before smaller players make their own?
Look at all the pro-Palladium/TCPA/NGCSB shills that have come out to defend this. Folks, this kind of lockdown stuff is doomed in the marketplace unless the SPA/BSA/*AA are able to buy legislation to require it.
One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
We should embrace if for just a few good things it possibly can do yet throwout all the possible negatives it will create. Yeah thats it...by that logic the Patriot Act is good, the Nazi's were right, and Communism worked. Whoops 2 out of 3 so far have been proven false, wanna take a crack at 3 for 3?
Every time we get a new technology we get a bunch of sunshine stories about how great it will be. I am reminded of a bunch of stories from the early fifties about how great color tv was going to be. People could watch great plays, they could listen to opera, they could be educated and uplifted. We heard similar stuff about the internet.
Evaluating the effects of technology is really hard. Having said that, I fear and loathe the ability of technology to track and identify us. Business is using it now. For instance, your area code determines whether you get customer service from an American who sounds like he cares or from someone reading a script in Lahore. If you have certain area codes you are deemed to have lots of bucks and if you have an "unfashionable" area code you are deemed not to be worth the company's time. I can see DRM as amplifying that kind of problem times ten. I can be totally discriminated against and I won't even know it's happening.
Some of us remember senator Joe McCarthy and the House Committee on UnAmerican Activities. Just imagine what that ******* could have done if he had DRM.
This could all be done today - Microsoft would just have to download a patch into your player - but once TC makes it hard for people to tamper with the player software, and easy for Microsoft and the music industry to control what players will work at all with new releases, it will be harder for you to escape.
I think I finally just understood TC, and I'm not quite as scared as I used to be. All these software lockdowns would happen today, but people would find ways around them. If TC came about, people would still find ways around them; more specifically in not buying TC. I'm sure Microsoft knows of all the computers using pirated copies of XP, but they can't go and sue everyone because the public would get angry.
Try explaining to any person why they can't use their computer to do something they want to. In the end, computers are not being licensed to their owners, and the owners will not settle for being treated like they are.
Error: You must be on the internet to open Microsoft Word (r).
you insensitive clods!!! large corporations are only trying to help us!!! now shut up and take your pill, they're watching us
Maybe I'm just naturally a suspicious person, but that blog seems like MS Turf to me, even the words used echo the PR language.
.
For example:
Fair Use is Not a Right
It challenges claims made by some that DRM is evil because, among other things, it can take away "fair use" rights
Linus is OK with DRM
There's a great discussion on Slashdot this morning about Linus Torvalds approving Linux kernel support for DRM
A Canadian survey shows that while baby boomers generally agree that unauthorized downloads of Internet content are theft, their younger Generation X and Y counterparts view the practice as...
(notice the use of word 'unauthorized')
Palladium versus the Broadcast Flag
(Explaining how fluffy and warm palladium is).
It is good to see a few more articles that look at possible uses of Trusted Computing as opposed to just stating that MS is evil. I feel Trusted Computing is a natural evolution of PC design. The PC architecture has traditionally been developed (like almost everything else that old) without any security in mind. Without security in hardware on a PC, there is definite limits to how secure of systems you can build on top of it.. htm
I looked at the NGSCB plans in detail. Most of the things that people complain or fear about in NGSCB or Trusted Computing are not justified by the architecture. It is well designed, does not remove any privledges from the owner, does not lower privacy, but does enable new levels of security to be built into a PC based system. Without initiatives like NGSCB and Trusted Computing, some system will have to be built in proprietary hardware designs (with security in hardware, and additional cost).
I would like to see the Linux community use Trusted Computing features also. I fear if Linux does not act on this oppurtunity, MS will gain some advantage in the server market by offeringmore secure services based on Trusted Computing which Linux does not.
More details on NGSCB and Trusted Computing can be found at http://www.marzenka.com/technology/security/NGSCB
It is in fact a troll, since the author posts vaguely ontopic (meaning: related to the contents of its parent) comments that flame and aggrevate. The author is seeking attention and wants the original poster to answer, as to be able to further heckle him.
That is why it was labelled Troll.
That is of course not to say he isn't right. I agree. In fact, I find the use of copy-pasted inline sigs pathetic.
As a record store owner, I have to say I am very pleased at the ideas of trusted computing and "DRM". I don't know a lot about computers, but I do know that following the advent of CD burning and file sharing, my sales have dropped nearly 40%. To make ends meet, I have to moonlight at a phosphorous processing plant; my health has deteriorated rapidly as a result. My wife has been forced to sell soiled panties on eBay, and my son just got his arm lopped off working in a lumber mill. So while this idea of sharing all digitial content for free may sound very noble to you rich computer people, it does great harm to us "lower class" citizens. Something like DRM is the only ray of hope I have in an otherwise bleak existence.
Just my $0.02
...if you want to use My operating System.
Seems quite possible to me.
Privacy is terrorism.
I would say relax. TC(Trusted Computing) will actually be a great thing for open source. When people start paying full price for all their "warez", they will start to find that the wish list is bigger than the piggy bank.
"Trusted" computing is the death of open source as you know it. You can have the source code... but you can't modify, compile and run it because you can't sign it. That's "open", but not OPEN... if you see what I mean.
The fallacy in this article is the assumption that NGSCB is perfectly secure and unbeatable. This isn't the case, and in fact there are reasons to believe that at least some of its functions are theoretically impossible.
NGSCB can be broken; you'll just have to go through a lot of trouble to do so (scrape off chip packaging and decode its internals without triggering intrusion detectors, etc.). This is sufficient to stop casual copyright infringement, or to keep your workers at check. But one ought to doubt if the expense of breaking NGSCB isn't worthwhile for online gambling, elections or other applications where the incentives are very high.
It will probably go forward without me if I do not though, so, all things being as they are, I need to learn how to use it and give it to my clients.
/. crowd misses. Normal users (folks like our parents and customers) will love this technology. They'll associate this with something that prevents their identity/credit card information from being stolen online from unscrupilous online merchants (even though this isn't exactly a solution to the problem) and manufacturers will have to follow consumer demand. Folks, I thought you would have learned by now, never to underestimate the power of Microsoft and Intel's marketing power. John Doe public user will roll over for this and that's just the way it is.
Yet another point most of the
Mandrake 10.0 is AWESOME... wineX will play many windows games, BUt is a PITA to use unless you are a linux guru.
I suggest dual boot with the oldest windows install you can find. Windows 98 play's all games great and will do so for quite some time.. (I dont see 64bit windows XP only games for at LEAST 5 years) giving you an advantage of using that geforce FX ultra 3900 in both windows and linux.
if you want a gaming fix... the linux game tome is a great place to find GOBS of games for linux... many that are pretty good.
Still missing though is the really good Flight sim that will use multiple monitors.
anyways, mandrake 10, download it and install it, even if you only have a 2-3 gig spare hard drive around, mess with it a bit.... you will like it.
Do not look at laser with remaining good eye.
Here was my favorite part of the article.
>>Trusted Computing will totally change the security situation for financial transactions. For the first
>>time, personal computers will be suitable platforms for financial operations. Compared to the
>>security provided by TC, today's computers are defenseless against attacks, and it would be foolish
>>to perform online banking transactions of any significant amount of money.
Right, so I count three points here:
1) TC is going to solve all the problems with online commerce.
2) Today's computers are relatively defenseless.
3) Doing online banking at present is foolish.
Okay, I'll bite. First, I'd dispute the first conclusion, just because *no* technology solves problems of trust outright. I actually work for a major financial institution, and I help manage and maintain our online banking system. So I know, without doubt, that the majority of security problems in today's world are about 10% technology-related, and about 90% people-related - from people doing foolish things with passwords, to not checking the status of accounts when your relationships turn sour, that's what causes the vast majority of security issues with banking, online or no. So no, TC would *not* revolutionize online financial transactions.
I'd dispute conclusion #2 too. Maybe TC computers would be more secure - but to say that today's are "relatively defenseless" ignores not only the reality of today's online environment (that eCommerce works pretty darn well), but also ignores point #1 (that most problems aren't tech-related anyway).
As for number 3 - you can guess what my opinion of that is. Thbbbbpppbpbttt.
Whatta crock.
I've wondered when the "new age" comes if I'll have to tell my computer to trust each of my perl scripts. I've got a lot of scripts. If I'm extracting data from a remote site (even off my own site) how do I tell the other site that my script is 'trusted'. Does that change every time I modify the script? Sounds like a big PITA to me. Seems like it would have to be to gain all of these "trusted" benefits.
Don't we already have solutions to all these issues? Isn't it already possible with software? There are already public/private keys for communication, certificate authorities, etc.
If someone doesn't want to use it, why should they be forced into it through their hardware? Why don't the companies that would like authentication just use the current methods?
Example: Blizzard wants to check that their code is unmodified? Create a certificate, sign their code, and check the signature.
Is it just me, or does the hardware solution seem extremely contrived - much more difficult to implement (besides reinventing the wheel), as well as forcing the consumer into DRM... Oh well, at least Gentoo works on PowerPCs...
I [may] disapprove of what you say, but I will defend to the death your right to say it.
Unreal2004 :)
A lot of the responses to this article are (rightfully, IMO) concerned that TC will only be used to serve the interests of corporations. So what I want to know is: why couldn't an open source trusted computing platform be created? One that we can be sure can be turned off at will and will sign applications for free and without bias.
At first glance, TC may be incompatible with the concept of open source because the system is useless if everybody can sign their own code. However, if the signatures are controlled by a neutral third-party, there's nothing that says a fork can't apply for a signature. And most users will be satisfied to use the signed packages provided by their distribution.
(Theoretical aside: ideally TC would rely on proof-carrying code and verify that certain properties hold rather than checking it line by line, but that runs into the Halting Problem and all sorts of other difficulties.)
So tell me: is there anything to stop the LinuxBIOS team from implementing the features of TC right now? And is there anyone who wouldn't be comfortable having a TC-enabled LinuxBIOS on their machine?
To 'paraphrase' Field Of Dreams
In a nutshell, that's what the issue of Trusted Computing all boils down to anyway, right?
Who controls the power of duplication inherint in a personal computer?
The owner/user of that computer?
Or the hardware/software makers at the behest of the media cartels/corporate conglomerates/Federal government?
Stock up on non-DRM hardware/software now and refuse to buy DRM/Trusted Computing encumbered hardware/software.
That way, you will be voting against Trusted Computing using the only language they care about: your money.
trusted computing is nothing but microsoft lockin.
when all vendors start selling laptops with my choice of os then I will talk about trusted computing - otherwise it is nothing but microsoft lockin and if the DOJ doesn't see it they are dumber that I thought - or just being smart so they cash in their microsoft stock options.
I am glad of the EU ruling and I hope minnesota follows along with other states.
Why can't I buy a friggin laptop without an os.
that is all I ask - the vendor can test the components with any os they want but just wipe it clean when they send it to me.
when this day comes then I will talk about trusted computing.
A real man's operating system?
Linux is for bitches, real men use *BSD.
Specific software fingerprints shouldn't matter; interfaces should. Insisting on specific software instead of standardized interfaces, holds back innovation and flexibility.
Give this man the cookie.
Ok, I went through your 'better ways' PDF.
Maybe I'm slow, but how does your 'better ways' address the following:
A. I hack my client/image files to make all the enemies in the game bright red, so they show up clearly in a a low light situation. B. I hack the client so that I have auto aim capabilites by using the server supplied enemy location and vector to calculate my shot?
Microsoft games aren't a big deal. I don't play them as a general rule, but people that want to produce multiplayer OPEN SOURCE games are in a real pickle. You don't have to worry about someone decompiling your game and figure out how to hack the client to do what they want. They can just take the source make the changes and recomplie it to cheat.
I'm not big on giving up rights unless there is a fair trade off for them. Would I run Trusted Computing to ensure that in an online game everyone played on equal ground? YES I would. I don't cheat, and my desire to play a game that can effectively prevent others from cheating overcomes the issues I might have with giving up the freedom to cheat, and much with the client game files.
This is the key that keeps getting lost.
There is some discussion of TCPA from some guy from IBM, insisting that it isn't all bad, *as long as the user retains control*. What we all really fear about "Trusted Computing" is that WE (the computer owner/user) are the ones who are *not* trusted.
The real pain in all of this is that there is some good in Trusted Computing, if done properly. Unfortunately things are polarizing into two camps, corporations using DRM to protect THEIR property against their customers, and NO DRM AT ALL. Trusted Computing done properly is lost in the shuffle, but if I had to pick one of the other two, I'd take no DRM at all.
I suspect that what we *REALLY* need is some sort of 'grant trust' relationship. The computer trusts ME, but I give it a 'grant trust' to Pixar so I can watch one of their movies, and give them some reason to trust me. But at the same time, I never surrender control of my machine, just agree not to do certain things while the 'grant trust' is active.
Oh, well.
The living have better things to do than to continue hating the dead.
Please correct me if I'm wrong on this. I don't think remote attestation can be used for peer-to-peer applications.
...). Therefore, a client can't verify that it is talking to itself.
Remote attestation is an inherently client-server "feature" because it requires that the server know the hash of the client. Therefore, the client must exist before the server is built, because the client's hash is a piece of data in the server's code. The client then asks for the OS to sign/send this hash to the server, which can verify it. However, it's not possible for a piece of software to intrinsically "know" its own hash--it can only know the hash of things that are built before it--a chicken and egg problem. (Changing the hash data means changing the program which means changing the hash data
There may be some extra way of "tying the knot," but it's not described in any of the descriptions of remote attestation that I've seen.
Anyway, legal protection from being unable to tamper with your own software to see what it does is probably not necessary. It should be enough to simply have the practice of deleting and wiping your log files (what's the difference between deliberately covering your tracks and deliberately choosing a program that leaves no tracks?) On the other hand, being able to tamper with your own software has a lot of good uses! Therefore I find these arguments for TC and RA rather weak.
for some uses.
I say this is bullshit. I won't accept an oppressive system, neither for good nor for bad deeds. I will not give in to smallish benefits that come with a hefty impact on freedom and usability.
No cheater, no hacker, no worm, no virus, no nothing can annoy me that far that I will give up the rights to a computer I fully paid and own. I know what the real aim of the TCG is and I won't accept anything from them. No bargains, no rebates or extras on Palladium-Computers, no benefits from their restriction. They may succeed in feeding this freedom vs. security exchange to the American public in "real" politics, but they need a much much bigger threat than cheaters to convince the IT world and they will never convince me.
No matter if I use Linux or Windows, I'll have a virus scanner, a PFW or a real FW and the latest patches ready. I make backups of my important files and make provisions to protect the less important ones as good as possible.
I won't trade the malice of an anonymous hacker against the greed of a multinational corporation. A lone hacker has financial/technical limits or even a conscience on how much havoc he can cause. A corporation the size of Microsoft has neither.
The end does not justify the means. I will not accept any personal gains on fascist system and its technical derivatives. Period.
No matter how trust-worthy on line voting becomes, it misses a critical feature - secret ballot. If you don't go to a provably secet place to vote, the whole process fails. How valid is an election if a boss can say "let me watch you vote, or you're fired." Or a spouse can control the votes of anohter? Or votes are (provably) sold to the highest bidder? All major democracies adopted secret ballots to prevent these problems - I can think of no reason that they are less important now.
Couldn't determined crackers trick their way onto XBOX Live with modchipped XBOXes and a properly setup MITM PC monitoring and replying the connection to/from XBOX Live after first doing all of this with a stock, un-modchipped XBOX?
If the data flow is unencrypted, it oughta be 'a snap'. Otherwise...who knows....
If such an attack is 100% successful, it could lead to 2nd generation XBOX modchips that don't need the MITM to operate properly. As far as XBOX Live is concerned on their end, it's business as usual--no cracker detected on this connection....
As long as there is any single key which we cannot both read out and set ourselves (you can still make it secure by requiring physical intervention to set it, ie. a jumper) it is just as evil as Palladium.
... but unless they are going to change that they can only rebut straw men.
There are non transferrable keys in TCPA systems which can be used to tie down software to a single machine, it is as simple as that and IBM can bullshit all it wants
drm is just the most user "iritating" way to use it.
all what he listed in the article/blog will benefit the user. personaly i only play games on punkbuster enabled servers.
somehow i feel that most of the stuff in the trusted computing plan can benefit the user, its only the drm part that is the problem. now if politicans can get theyre hands out of the money bin and start figureing the fact that users are voters then they amy allso see that DRM is bad for the stability of the land. like some roman leader said: "give the people food and entertainment and they will not care what the world does". but when you mess with any of those your in for trouble.
the problem (for the entertainment sellers) is that they are makeing money by makeing something that in reality is free game a rare item.
that way of doing it only works in a enviroment where you have physical objects. now entertainment is signals down a copper or fibre optic connection or on the analog electromgnetic waves. there you could say that only this person or that company wasallowed to make cds or dvds of this or that song/book/film/whatever, or that only you cna transmitt on this frequenzy.
but in the digital age, where you can send a film down the wire in the blink of a eye or have anyone send out small packets of info into the EM spectrum these limits start to break down. digital information want to be free (i know i stole it but its the truth damn it).
the problem comes in how to finance the production of the stuff, this is where we instead of trying to protect old ways have to think of new ways.
thats the tru way of capitalism (or nature for that matter), if you come up with a new and better idea then the old the old will die, it may do so kicking and screaming but it will still die. what current laws are doing tho is putting the old ideas on lifesupport at the expence of the masses.
so anyone have any ideas on how we can feed the entertainment people (its an art not a industry, you cant make entertainment on a conveyor belt as then its not art but massproduced trinkets. art is made by the hands and mind of the artist and colorerd by his world view and person) without needing to embrace shoot first tactics (they have a bad habbit of scareing even lawfull customers away as they dont want to risk the crossfire) like they are doing today?
comment first, facts later. http://chem.tufts.edu/AnswersInScience/RelativityofWrong.htm
gah, topic was suppose to say "trusted computing > DRM"
comment first, facts later. http://chem.tufts.edu/AnswersInScience/RelativityofWrong.htm
I believe that this can be just another flop from Microsofts side. Remember MS Bob anyone?
:).
If Joe Average buys his (Trusted) computer, and takes it home: Only to find out that he can't put an extra copy of Photoshop on it (he uses it at work) - without paying for a extra license: He'll then return it if he can; or if he can't he will remember the manufacturer and spread the word about this new machine that won't let him run his software. The x86 computer isn't boxed as a X-Box, so it will be hard for MS to keep their grip on the market. "Why should I buy that computer when it won't do what I want it to do?"
If it breaks through (everyone gets it over night - in the backdoor by the temptation of the "secure"-sticker), and people can't use their "home-copies": They'll probably look for alternatives. The local geek tells them about how he runs Linux - which does almost everything he could possible want - for free. I'm willing to bet that Joe Average takes a closer look.
I'm actually hoping for better copy protection and such in Windows. It'll open peoples eyes when they actually see the price they have to pay to get their "box" upgraded to the latest buzz. I think piracy is one of the things that helped build the monopoly of Microsoft. People took the OS home, without additional cost.
Well. The sands of time will show if this chained boat will float
Parent is quite correct. While the article says Trusted Computing itself may not be illegal in the US, common sense tells me that buisness practices it enables are. Attempting to guarantee the exact software at one end of a networked conversation is the quick and dirty solution to a larger problem of client trust which should rather be solved at the interface level. Furthermore, some may say I am sticking my head in the sand, but I'm not about to believe that the proposed model of spread of TC is inevitable. There are two sides to every story, and this one leaves out the necessary response to the various practices involved. That response has already begun, as is evidenced by the /. posts every time the subject comes up. In other words, read slashdot and be heartened!
How can we trust you?
This issue is a bit more complicated than you think.
Maybe "-1, stolen" and "+1, whistleblower" mods could work, with the whistleblower mod not adding any karma.
Now mod me offtopic :s
i very much appreciate the author's insights. but just as AARG! noticed the EFF report's shortcomings, so his/her analysis is also lacking at least one important perspective. what AARG!'s analysis fails to duly acknowledge is the idea that trusted computing supplies Microsoft (replace "Microsoft" with the existing powerful entity of your choice) with a tool to maintain their power over others.
if Microsoft can enable *wide-spread* lock-in prior to alternatives sufficiently establishing themselves, alternatives may never appear. and if they do appear they may never become a true alternative due to Microsoft's ability to control the environment in which any alternative exists.
we live in a society that allows the existence of monopoly corporations with more rights than people. this allows environments to be created where choice is even harder to come by. customer lock-in means not only limiting/eliminating choice, it also means making it too painful to choose freedom.
Microsoft will continue to attempt to lock-in customers by manipulating the environment so there is less choice. they may or may not succeed to one degree or another. trusted computing gives Microsoft a new tool (in addition to their immense leverage over the computing industry, their political power, their financial resources, and their existing monopoly position) in establishing an environment where choice effectively does not exist.
in my mind this is a much more glaring omission than the technical misunderstandings of the EFF report. what's obvious is that the EFF is interested in being a watchdog for freedom, whereas AARG! seems to assume freedom will just happen.
again, trusted computing gives corporations another tool that allows them to consolidate their power, increase their control, and create environments where alternatives exist only in name.
i choose freedom, and will do all i can to rollback the expansion of corporate rights to pre-1886 levels.
P.S.
AARG!, if you read this i'd love to hear your reply (publicly as i don't use the email address attached to this account) to this concern. btw, is there a way to get a message to you?
Trust3d Comput1ng iz th3 suxx0rz!!!!!!!111111111
You want trusted computing? Write everything in '1337-5p33k. Security through obscurity is the proven method to obtain 100% UNCRACKABLE security for today's enterprise applications.
I do not reward "Fan" relations.
. . . it'll be more like Busted Computing.
One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
One of the biggest problems, security wise, with any trust is that it encourages complacency. This is particularly worrysome when the trust is not earned.
Engineering is the art of compromise.
Wonder why the writer of this article chose to publish anonymously?
People get a grip. If Trusted Computing is so bad, no one will buy it. The market will prevail. Every society needs rules and protections from the bad guys. The Internet and the networking it enabled are a wild west. Trustworthy computing allows the good guys to do their work without interference from the bad guys. No one will be forced to use it. Market forces wil prevail. I have never seen so many nuts in one place. I can see why this site is called News for Nerds. You nerds need to get away from your pseudo girlfriend computers and get real girlfriends.
Excuse me, but is there some problem that actually needs to be fixed here?
I have no problem trusting my computer to do all of the above things. And those services are all available and thriving, which means that existing companies don't seem to have any problem trusting my computer either.
Can somebody provide me with an actual problem with "trusting my computer" that needs to be solved here, rather than just hypothetical and theoretical problems?
I know that some people claim we would have a much broader array of entertainment products available if "trusted computing" was enforced. But I'm actually pretty happy with the way my entertainment-product choices have been growing every year.
I know this might be an unpopular viewpoint here, but I'd ask you to hear me out, and if I'm wrong, reply and explain why.
./ posts for grammar and presentation...
I'm aware that most of the currently proposed uses for drm are... well, I tend to think of them as unethical, or immoral. Proposals like reinforcing MS's product activation scheme, or anti-competitive measures (ie if drm validation costs money, how are small companies going to compete?)
This article _does_ present some good arguments in favour of it. A lot of Americans around here question the use of e-voting (whole 'nuther discussion), and rightly, I think. What if drm could give you a more foolproof method of ensuring an honest ballot? How about if you could register your kit against your credit card? Do you think the e-commerce industry (which I'd guess a lot of us work in) would benefit? How about being able to validate a mail server's hardware signature against a known spammer list? IPs can be spoofed.
At the moment, I think we've got a hell of a lot more bathwater than babies, and I think the companies and organisations pushing this are doing so purely because they see profit and/or financial safety in it. That doesn't necessarily make it a bad idea (or, at least, not an idea that doesn't have any beneficial uses).
I'm thinking of it like this; you can write and sell an operating system with a view to making everyone pay for your product. Lock them in. Make them dependant on your other products. Charge them for it, and for upgrades every too often.
Or, you can build one and give it away because _you_ happen to have a particular use for it, and you like the idea too much not to try it.
I'd vote more often if I could do it from my kit and could trust the system. I'd probably buy groceries from my local store if I could order it online and they'd deliver, and I knew I could enter my card details on a cheap website. And I definitely don't need this much spam.
I think it's worth looking at, even if there aren' t any immediately obvious "I'd like this" uses. It might all turn out to be shit, but there might be some good things we could do with this.
Damn, GF got on a train three hours ago, and I'm already drunk, stoned and re-reading my
Warning: May contain nuts
I agree that remote attestation has many interesting and useful applications. However, the way its defined now makes it static and inflexible.
- tr.pdf
I've been working on ways to make remote attestation more flexible, dynamic and expressive, using virtual machines (such as the Java VM).
For a full discussion, see: http://gandalf.ics.uci.edu/~haldar/pubs/trustedvm
(Vivek Haldar, Deepak Chandra, and Michael Franz; Semantic Remote attestation: A Virtual Machine Directed Approach to Trusted Computing; To appear in USENIX Virtual Machine Research and Technology Symposium, May 2004)
There is benefit for consumers in trusted computing. The entertainment executives will not allow their valuable content to be digitally distributed unless they can be confident that it will be protected, which confidence trusted computing gives them. Thus, trusted computing brings with it the benefit for consumers of greater availability of valuable content, such as Britney Spears and the latest Disney commercial.
Feel nauseated yet?
"Attestation is crucial for this application by allowing the voting server to make sure that the user's voting software has not been altered on the disk."
Since he refers to it as the "user's" voting software, I must assume this would be for home users, not some central polling location. If it's at the user's premises, it shouldn't matter if the user's software has been tampered with. A simple cryptographic hash can be used to ensure that the vote was not tampered with en-route.
"Trusted Computing will solve this problem by allowing the server to make sure that the game client software is clean and unmodified."
First off, many "cheats" don't modify the existing client at all. Instead, they act as wrappers to drivers, or even hack the driver itself. Plus, how can you be sure that the computer doing the checking is really a computer at all? I've written a patch for bochs that lets me tag a specific set of bytecode, and have bochs execute another set entirely. This system would pass any sort of memory check just fine, but none the less can easily be used to cheat.
"Without such a technology, cheating is only going to get worse, demoralizing players and driving them from the games."
Actually, Trusted Computing games would be even less likely to sell. Look at the distribution of games now: how many [non-console] games come out on CD vs DVD? How long have DVD drives been out? The long and short of the matter is that game designers are out to appeal to as broad an audience as possible. The people most likely to modify the game and keep it interesting (mods are a large part of why people still buy half-life one) are the people most likely to be turned off by TC anyway.
"Using remote attestation, player software could confirm that the casino was using a certified and validated software package for its game play calculations, one known to be free of bias and to give the player an honest chance."
And then the casino simply proxies the connection and modifies the output to tell you you lose anyway. Different type of cheating, only now since it's "Trusted", it's even harder to catch.
"Secure I/O prevents the financial application from being spoofed by false or malicious inputs, and protects the privacy of the user by insuring that other software cannot see the information that the financial application is presenting on the screen."
One need only look at email viruses and scams. People are already dumb enough to do it on their own anyway. Trusted computing just means that the bank can finally shift the blame to the consumers instead of the bank (possibly even when it's really not the consumer's fault). Whether you consider this a good thing or bad is a matter of opinion.
"Trusted Computing can alleviate this problem by allowing the formation of a new kind of VPN, one which will only allow trusted applications through the firewall."
How many attacks come through a VPN? Not many. Plus, the ones that do can simply attack the services offered (buffer overflows, race conditions, etc.) This is another case of "it's trusted, so it must be ok" thinking. Remember, trust is something that can compromise your security.
"P2P software can limit the amount of data available to the end user of the machine, so that he does not see which other computers in the network his data comes from".
Ok, even if the software disables netstat, there's nothing it can do about ettercap, or even a hub and a decent network sniffer. Even if the software were flawless, all the **AA would have to do is start a download, and start logging network traffic. Plus as an added bonus, the P2P clients can now refuse to run without or connect to spyware-free clients.
"The step of reading messages, decrypting and mixing them, can be fully protected within the TC security boundary. No longer will the operators of remailers be aware of how their machines are
Contact Me (got tired of viruses emailing me).
as long as I can get the keys.
you are a retard and have missed the point entirely.
My God, that is status quo, for God's sake! You already hold the master keys to your computer right now! You don't need any hardware change to preserve the status quo!
You don't need "trusted computing" system to do that, for God's sake! You don't need temper-resistant chip in your computer for the most basic cryptography for the love of God! My God, every single "I could use it control my machine" argument I have read so far (and I have been following the discussions for quite a few years now) was describing a feature which can be implemented (or even already have been implemented, like in the case of your Score:5, Insightful idea) in software to achieve exactly the same functionality as when being implemented using temper-proof hardware, the only difference being the fact that the owner can control it. That's it. This whole discussion is a complete waste of my time. Why people post such a crap before even searching Google for trusted computing and reading the first God damn link is beyond me.
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
I wholeheartedly second everything you said here. I would only like to comment on the meaning of the word "trusted" as used in "trusted computing." When I was doing some contracting for the .gov (no matter if it was the army, DoD or NSA)
everywhere "trusted system"
had a very specific meaning of
something which has the power to break the security or privacy policy.
It might seem strange at first, but the point is that you don't need to trust someone/something who/which cannot do anything bad to you. You just know that your computer will do what you command it to do right now. But as soon as you stop controlling it yourself, you have to trust it. Hence "trusted computing."
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
No... you have to read ALL of the article, and even in that case, (cheating in online games) it's not so much about trusting you but trusting all the other guys out there who do cheat. I have no problems with complying with things that prevent cheating in online games.
Similarly, online banking requires the trusted computer be mine, but in the end I'm a lot happier about it because I know that no one else can access my bank account.
Many of the other example actually don't require you to have a trusted computer at all, but simply to check that some server's computer is trusted. eg. Online gambling.
The most important thing to remember here is that it's not just Microsoft that is trusting you. The game server admins need to be able to trust you, the bank needs to be able to trust you, your boss wants to send out a confidential email with the confidence that it can't go beyond his ability to retract needs to trust you. None of these people can trust you (this isn't an attack on YOU but rather a generic "you" that is Joe average out there.) so they need to enforce this protection.
For that purpose, TC seems like a good idea and, in a perfect world where software was written without bugs and was available to everyone no matter of their location, language or preference for OS, it would mostly be a great thing.
No one can stop you using your computer, even with TC. They CAN stop you accessing certain content at all and they can stop you accessing certain content with anything other than certain programs. They can even stop you using certain programs without paying for them.
This may be seen as bad, but it makes me wonder if I want to see that content or use those programs at all.
I'm quite happy with my combination of Mac OS and Linux and I suspect that most of the things I want to do with computers in the future will be mostly free from TC restrictions.
All up, I like some of the aspects of TC (secure banking, gambling, gaming, document control), but it is important that the choice always exist. If the only way to use your computer to view content in the future involves TC then there will be a very large effort put into breaking it and proving it worthless. What this will probably do is to make the petty crimes like making a mixed CD to play in your car CD player and then making a copy for a friend or pirating a five year old app to run on a similarly aged computer (today's computers in five year's time) into larger crimes that will involve more effort (hardware and software hacking).
One last thing... what is to stop a person with a trusted computer copying a confidential email into another email app and passing it on unprotected ? Or passing it on by word of moutth ?
Sig matters not. Judge me by my sig, do you?
I agree. The level of piracy in my work environment is ludicrous. People are constantly swapping software, DVDs, MP3s, games. One guy here has over $6,000 worth of stolen movies and $15,000 worth of stolen games and software and he brags about it! There's about a dozen staff who have regular "swap sessions" where they DVD-copy a hired movie. They think it's hilarious when I refuse to participate. I'm not overly moralistic: I just don't have any need for the software (I'm all Linux) and DVDs are so cheap that I prefer to stay legit.
I honestly can't wait until Trusted Computing forces these thieves to pay for everything they use. They're going to get the shock of their lives when they discover how much they have to spend each year on software and content.
1. Online Elections
Tell me again why the user needs any voting software at all? Of course they don't, a webpage would suffice. The issue is authentication and key management complexity, neither of which are solved by TC.
2. Online Gambling
No one who's looked at TC has thought it would be secure against a determined and well funded adversary. BTW, this is the definition of 'good security'. It's that your system should be secure against attackers with unlimited financial resources.
TC is designed to stop Johnny Lunchbox from getting 'unauthorized content', not to stop a casino with massive economic incentives from key recovery/hacking their RNG.
3. P2P Networks
Widely referenced where? Certainly not on Citeseer or DBLP. I just checked.
Right...the 'authorities' have the capability of choosing which programs people can run on their computers and they decide to allow P2P clients! Wow, it's so easy. There are a number of other ill founded assertions, both just in this paragraph and the rest of the article. I'll leave those as an exercise for the reader.
Make no mistake. Any legislation that mandated TC hardware (as is the trend) in PC's are the first step to living in a nanny state where your most basic thoughts and actions are influenced by millions of idiotic Kathy Lee Gifford[1] and Tipper Gore wannabes who would rather impose totalitarian control on our society then allow their child a horrific glimpse of Janet Jackson's nipple.
[1] I really don't know if KLG is that vocal anymore. I've probably been watching South Park too much.
It's important to recognize that Trusted Computing (TC) is made up of both software and hardware components. To realize the software features of TC, significant hardware support is necessary: e.g. MS's NGSCB is completely dependent on Intel's TC hardware (called LaGrande Technology). (There are many other TC hardware and software vendors, but NGSCB and LaGrande tend to attract the most attention for obvious reasons.)
Intel's goal has been to design a set of neutral TC primitives that satisfy influential partners and customers, but avoid the pickle that the PIII Processor ID fiasco got them into. With LaGrande Technology, they have succeeded in achieving both goals (as far as I can tell from publicly available information). With a 'neutral' set of hardware primitives, the question then becomes whether TC software (OS and application) will be built for good or evil.
Let's assume that NGSCB is utterly evil. If this is true, it won't be good for MS or its customers in the long run. Why not let MS and its customers stew in their own juices? Why would the anti-MS community care? (They're not using MS products or services are they?)
Most of my TC fears come from what OS and application vendors *may* do under the covers. Open source solutions would put my concerns to rest. (MS has promised to make their TC software available, but something tells me the public won't get to see all of it.) The open source community should see this as another opportunity to provide consumers with better alternatives. We should focus our energies on constructing alternatives to NGSCB that maximize the TC positives and minimize the TC negatives, instead of wasting our time on tedious anti-MS ranting.