Slashdot Mirror
Interesting Uses for Trusted Computing
An anonymous reader writes "The Unlimited Freedom blog has published a new article describing 'interesting' uses of Trusted Computing. (Google cache here). Trusted Computing, as implemented in Microsoft's NGSCB (Palladium) or the Trusted Computing Group (TCPA), has been one of the most controversial technology proposals of recent years, to put it mildly. But the article on Unlimited Freedom offers a new perspective. The author examines 12 different applications which could benefit from access to Trusted Computing technology. And most of them are uncontroversial or would actually improve privacy and anonymity. Among the examples listed are multi-player games, online casinos, P2P networks, anonymous remailers, distributed computing and mobile agents. The analysis provides an interesting contrast to the usual focus on Trusted Computing's impact on control over digital content."
I dont think so. Trusted computing is based in principal on evil. It should not be legitimized by finding ways to use it that were unintended. Endorsing something rooted in evil does not change the morality of the base. I don't care how shiny you giftwrap bullshit, it's still bullshit.
Think of it this way, Germany and Japan conducted much in the way of medical research in WWII, but since they conducted experiments that were inhumane, tortorous, and used unwilling subjects. The medical community wont touch their research, not because it is fundamentaly flawed, but because their research was fundamentaly evil.
Stand up for your morals here and fight trusted computing.
Unlimited freedom without repsonsibility is equivalent to anarchy, and the net is as close to a functional implementation of anarchy that the world has seen. However, this does not imply that what we have is an ideal. Far from it in fact.
Spam is one immediately obvious result of this freedom. Give yourself a couple minutes and you can think of several other less than desirable outcomes of all this freedom.
By tempering freedoms with responsibility, we can have the free flow of ideas we all have come to expect from the web, but without propogating all those nuisance aspect of the beast.
Unfortunately that means regulation. But regulation is not feasible in the traditional sense. The internet is a global phenomenon, and while some corners of the world act to supress portions of the traffic, by and large the web is a building block of a truly global society.
But a society must have laws to function and sustain itself. In ten short years my own usage patterns have drastically changed, as well as the usages patterns of many of my peers.
Remember the good old days? I remember not having multiple email accounts, or any of a number of other measures I routinely undertake to weed out various garbage I don't want as part of my on-line experience. We've all had to take these measures, to some degree or another.
My question is, is that the way it should be? Is spam and it's unsavoury tribe really an acceptable cost for the freedoms entailed? Most, if not all of us have extreme antipathy to spam. It's the old adage about a right is such only until it infringes on the rights of others. I feel that spam has truly infringed on my web experience, most of us should feel the same way. Even if the measures to avoid it personally are trivial, should the majority who don't want spam have to make such changes to allow safeguard the freedoms of a few individuals who refuse to honor our freedoms?
Regulation is probably inevitable, and in fact is being attempted by governments today. I think this is the bigger concern. If the web is to be regulated, such regulation needs to come from within. The danger is that the regulation will be forced from outside. The reason this will occur is because we have subjugated responsibilites to freedoms. As long as this continues to be the case there will be an increasing impetus to force such regulation on the web. The problem is that the source of such change will be the very people we don't want to make the changes happen. Big business and government.
And it makes sense, why spend money and time and effort dealing with the effects of this (relatively) unabridged freedom with virus scanners, and spam blocking services Et. Al. when the same time and monies and effort can be used to eliminate the problem. For a multinational corporation, it is a relatively trivial exercise to lobby for the legislative changes required. Once that legal environment exists, it becomes easier to implement the rest of your solution. If you can get a couple of your peers to play ball...
--- I'll finish this after my cig. break
Applications like online casinos would also benefit from a magical honesty pill which users could take to prevent them from cheating - but it's not going to happen. The idea of trusted computing is to require a specially restricted client machine, but there's no way this could work and be secure enough for something like online gambling. An important rule of online security is *you cannot trust the client*, and even if the standard Dell PC that grandma buys is locked down with all sorts of nastyware, this will do nothing against a determined attacker who is able to program a computer to do what its he, its owner, wants.
Although trusted computing could never provide real security, it can give a lot of inconvenience to 90% of the population to stop them doing things with their computer that Microsoft would prefer them not to do. Just like other copy-protection measures over the years, its purpose is to keep the majority of users under control, not to stop the real criminals.
-- Ed Avis ed@membled.com
I've read about half of it. So far, the gist is that Trusted Computing will require digital certificates for all executables, documents, emails, and web pages (along with images). He claims that since a repository system of certificates will need to be formed (much like we have SSL certs like Thawte now), the power to deny publishing will be concentrated in the hands of the certificate repositories, which presumably will be large corps and governments. He claims this is the "Good Old Days" of producer/consumer media that the entrenched powers prefer, unlike the supposed new era of peer-to-peer internet publishing, whereby anyone can create their own web pages.
Actually, having signed certificates on documents and email is not a bad thing. I've wondered for years why the US Postal service hasn't created a trusted email system for a small postage fee. I use PGP signatures all the time to verify downloads from the Internet. A certificate/signature repository is just a convenience so I don't have to constantly email or call people asking for their public keys. In all likelyhood these repositories will be competitive-but-cooperative databases like DNS, so there will probably always be alternative or bargain signature repositories.
Yes, things will likely get buckled down as the Internet gets more mainstream and govts get their heads around it, but I don't see the gloomy future he does. Maybe he just had too idealistic dreams of the future. The bottom line is that most people don't want to publish their own content, and wouldn't even if they knew how. Blocking inbound port 80 to consumers is not the equivalent of book-burning or censorship, especially if port 80 is largely unused by consumers except as a vector for worms. If you want to publish, you'll just have to find a plan that allows you to do so. The fact the the large ISPs are figuring out that they can charge an extra $10-20/month for this is not the end of world, so long as more than one competing ISP exists.
Also, no matter how much the Internet falls under control of central authorities, new technologies will arise for the tech elite to go about their business as always. After all, we somehow managed to build the Internet and BBS's in spite of the fact that publishers and the media had total control of print and the airwaves. History will repeat.
--- I'll finish this after my cig. break
"a recent software update for Windows Media Player has caused controversy by insisting that users agree to future anti-piracy measures"
I think its time I start looking in to Linux, the only thing that keeps me with MS are the games.
freedom of speech is a small price to pay, for a cheater free online gaming enviorment... seriously are these few good uses supposed to outway the bad?
A lot of these examples are really creepy, and one point keeps coming up: making sure someone on the other side is running "legitimate" versions of software that are known to be unmodified. I just don't think that's a legitimate thing to care about. Specific software fingerprints shouldn't matter; interfaces should. Insisting on specific software instead of standardized interfaces, holds back innovation and flexibility. It's almost like the very point of "trusted computing" is to help create and sustain software monoculture. I think that's disgusting, and I know it's destructive to progress.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.
I would say relax. TC(Trusted Computing) will actually be a great thing for open source. When people start paying full price for all their "warez", they will start to find that the wish list is bigger than the piggy bank. This technology will enable a great many things, and it does not have to be used (AFAIK). It will also be great for OSS development. It helps to know that the correct TC is being used to submit the code. It will make John Q Public feel safer.
I am no expert on the ramifications of TC, but I do *much* work with companies that want to use the online world, and most of them limit their services due to the issues that TC will solve. Even in OSS, we have to make money. It is how the world goes 'round, puts food on the table. TC will make it easier in some ways to make money. It will also make it easier for the small guy to make money.
That said, there are serious potential abuses of this technology, and I am still hesitant to boldly go forward. It will probably go forward without me if I do not though, so, all things being as they are, I need to learn how to use it and give it to my clients. They will want it. They have been wanting something like it for a while now.
InnerWeb
Freud might say that Intelligent Design is religion's ID.
That's one point of trusted computing people don't mention much - It doesn't stop you from running dodgy apps or hacking your machine to pieces, but it tells anyone you interact with that the integrity of your application through which you're interacting has been violated.
The way you decide what software sits on your box won't change. If you don't trust Microsoft, don't put their software on your box. If their software's not on your machine, Microsoft can't do squat. Effectively, your machine doesn't trust Microsoft. How can you be against that? :-P
Trusted computing != microsoft sitting on your machine, stealing your pr0n and sending it to the feds. It means giving the software of your choice the ability to look out for itself, and to vouch for your computer and itself.
For someone to be pissy and scared of trusted computing means they haven't given it more than 2 seconds thought and are suffering a knee-jerk reaction. If you're into IT, you're gonna love TC when you see it. If you're paranoid, it'll scare the pants off you, then you'll love it once you realise just what it can do for you :-P
If trusted computing depends on authentication via hardware, won't this function become less and less useful as computing becomes distributed across more devices and individuals are less tethered to specific machines? Or would we all carry a little TC device that plugs in to various 'toolbox' hardware? Any thougts?
There are better ways. (PDF, sorry.) It's also interesting to see other papers and such that reference this paper.
PHEM - party like it's 1997-2003!
The fallacy in this article is the assumption that NGSCB is perfectly secure and unbeatable. This isn't the case, and in fact there are reasons to believe that at least some of its functions are theoretically impossible.
NGSCB can be broken; you'll just have to go through a lot of trouble to do so (scrape off chip packaging and decode its internals without triggering intrusion detectors, etc.). This is sufficient to stop casual copyright infringement, or to keep your workers at check. But one ought to doubt if the expense of breaking NGSCB isn't worthwhile for online gambling, elections or other applications where the incentives are very high.
Don't we already have solutions to all these issues? Isn't it already possible with software? There are already public/private keys for communication, certificate authorities, etc.
If someone doesn't want to use it, why should they be forced into it through their hardware? Why don't the companies that would like authentication just use the current methods?
Example: Blizzard wants to check that their code is unmodified? Create a certificate, sign their code, and check the signature.
Is it just me, or does the hardware solution seem extremely contrived - much more difficult to implement (besides reinventing the wheel), as well as forcing the consumer into DRM... Oh well, at least Gentoo works on PowerPCs...
I [may] disapprove of what you say, but I will defend to the death your right to say it.
Yes, and if you don't install Windows what are you going to open those TC protected Word documents, which only open in TC protected MS word on TC protected windows with a TC protected BIOS, with? If TC takes off, the general public will be too dumb to make the choice against it, and screw the rest of us along with it
for some uses.
I say this is bullshit. I won't accept an oppressive system, neither for good nor for bad deeds. I will not give in to smallish benefits that come with a hefty impact on freedom and usability.
No cheater, no hacker, no worm, no virus, no nothing can annoy me that far that I will give up the rights to a computer I fully paid and own. I know what the real aim of the TCG is and I won't accept anything from them. No bargains, no rebates or extras on Palladium-Computers, no benefits from their restriction. They may succeed in feeding this freedom vs. security exchange to the American public in "real" politics, but they need a much much bigger threat than cheaters to convince the IT world and they will never convince me.
No matter if I use Linux or Windows, I'll have a virus scanner, a PFW or a real FW and the latest patches ready. I make backups of my important files and make provisions to protect the less important ones as good as possible.
I won't trade the malice of an anonymous hacker against the greed of a multinational corporation. A lone hacker has financial/technical limits or even a conscience on how much havoc he can cause. A corporation the size of Microsoft has neither.
The end does not justify the means. I will not accept any personal gains on fascist system and its technical derivatives. Period.
I'm going to make an assumption for a moment, which is not intended as a slight, just something to clarify a guess of mine. The assumption I'm going to make is that you are relatively new (within the last 10 years) to 'heavy use' of computers. I assume this because you seem to take the current ease of 'alternate OS install' for granted. This has not always been the case, and I'm not sure that I see that it logically must always be the case.
In order for Trusted Computing (DRM, whatever TLA du jour) to actually work, it needs to be integrated at the unflashable firmware level of the base hardware of any computer it could work on. That doesn't mean that it will be entirely implimented as ROMs, just that 'boot phase 1' IS implimented there. There is no way to transition from the state of 'Running Untrusted Code' to the state of 'Running Trusted Code'. You can go from 'Off' to 'Running Trusted Code', but the second you run any untrusted code, the only way to get back to trusted is powercycle. Mind you, I don't know that this strict requirement would actually be the way it is implimented in real devices. Real devices are quite often implimented with less than ideal compromises. Interestingly, I suspect that a strict impilimentation will also require a non-spoofable time source (without which, a compromised key can never be revoked).
So if you grant that a proper TC enviroment will start in trusted code, with no chance to flash - then the logical 'boot phase 2' is to check the flashable BIOS for validity and only then run it. At this point, you are still in trusted code. 'boot phase 3' is to load the OS from disk, verify it, and then run.
If I'm making a TC machine, I don't allow the flashed BIOS to do anything other than "load TC OS" or "Install TC OS from CD". Sure, I could make option number three be "load untrusted OS from CD", and that would be awefully handy for the 'mess around with the innards' users... but there is nothing about TC which requires that option to be there. Do you really think that the liscense that I have with the IntProp holder that allows my machine to actually interoperate with other TC devices (that is the whole point, right?) will allow me to have option three in there?
So in 2014, here are your options:
Someone will probably say: "Oh, but what about the inevitable lousy implimentations that will be done cheap and dirty in offshore houses, perhaps even without any legal permission to use the IP?". That shady bunch has two choices: 1.) Use someone else's keys [once discovered, original keys revoked, new keys issued to legit publisher, now ShadyKeys can't communicate with legit TC users, end of profit for ShadyInc] or 2.) Aquire ShadyKeys legit but then do a lousy job. Lousy job uncovered, keys revoked, same as #1.
I submit that one purpose of TC is to tie the ability to do all the things that the great unwashed masses actually want to do (play games, chat, watch TV, watch movies, email, browse porn) into 'staying up to date with the latest keys'. Once you have done that, it's trivial to technically impliment "you can't listen to 'Britney at Carnigie Hall 2010' or email your Mom unless you accept that your computer can't play 'The Professional Director's Cut 2006' since that was widely pirated". Those that can prove they purchased The Prof. 2006 (that's one thing TC gives you - verifiable receipts that can be stored solely on the users machine) will get a free copy of The Prof. 2011 [now with even MORE LucasType(tm) post-release storyline revisions].
In a w