Slashdot Mirror
Interesting Uses for Trusted Computing
An anonymous reader writes "The Unlimited Freedom blog has published a new article describing 'interesting' uses of Trusted Computing. (Google cache here). Trusted Computing, as implemented in Microsoft's NGSCB (Palladium) or the Trusted Computing Group (TCPA), has been one of the most controversial technology proposals of recent years, to put it mildly. But the article on Unlimited Freedom offers a new perspective. The author examines 12 different applications which could benefit from access to Trusted Computing technology. And most of them are uncontroversial or would actually improve privacy and anonymity. Among the examples listed are multi-player games, online casinos, P2P networks, anonymous remailers, distributed computing and mobile agents. The analysis provides an interesting contrast to the usual focus on Trusted Computing's impact on control over digital content."
Just like Sauron's ring, DRM cannot be used for good.
...I'm cool with Trusted Computing.
As long as my computer is being told what it can or cannot do by someone other than me, I DON'T WANT IT.
Applications like online casinos would also benefit from a magical honesty pill which users could take to prevent them from cheating - but it's not going to happen. The idea of trusted computing is to require a specially restricted client machine, but there's no way this could work and be secure enough for something like online gambling. An important rule of online security is *you cannot trust the client*, and even if the standard Dell PC that grandma buys is locked down with all sorts of nastyware, this will do nothing against a determined attacker who is able to program a computer to do what its he, its owner, wants.
Although trusted computing could never provide real security, it can give a lot of inconvenience to 90% of the population to stop them doing things with their computer that Microsoft would prefer them not to do. Just like other copy-protection measures over the years, its purpose is to keep the majority of users under control, not to stop the real criminals.
-- Ed Avis ed@membled.com
Among the examples listed are multi-player games, online casinos, P2P networks, anonymous remailers, distributed computing and mobile agents.
The problem with the typical Slashdot users' attitudes to Trusted Computing is that these obvious benefits get ignored while they harp on all the negatives. That's why articles like this get written. There's good reason to point out the problems with Trusted Computing. For example, a multi-player game success story would be the XBOX Live system. By ensuring the games are signed copies and blacklisting modchipped XBOXes, they've effectively eliminated cheating and helped prevent piracy. The problem is that they also prevent third party development for a machine that customers want apps to be developed for. The Xbox Media Center is an incredible accomplishment that's stymied by the tight control Microsoft has over this particular form of Trusted Computing.
If our opinions were more balanced, perhaps the inevibility of Trusted Computing would be more favorable to consumers and developers.
If the DRM catches on and it gets legitimized, we'll soon have closed and regulated hardware like network cards, audio and graphics card that won't transfer data, play music or show graphics unless the mandatory DRM chip gives the permission to do so.
Whilst people seem to have a knee-jerk reaction against "Trusted Computing", I think there is one crucial issue that actually determines wether or not it's a Good Idea(tm). And that is: Who holds the master keys to my computer?
Point being that hardware level security features can be a great boon, as long as I decide what to trust and what not to trust.
Ofcourse, that's pretty guaranteed not what MS wants to push, but still - when discussing "Trusted" architectures in general, I think it's a valid point. It could for instance enable me to say that I trust the FSF's list of trustworthy applications - and viruses and other malware would actually be physically unable to run on my workbox. How could that be wrong?
Another issue I've thought about is - how can anyone be so sure it won't be cracked? People seem to be tinking that hardware enabled "security" (DRM, whatever) will finally give watertight security. Yet, to my knowledge, both PlayStations and XBOX'es has tried that trick - to no avail. (In the sense that those wanting to subvert the protection mechanisms seems perfectly able to do so).
Ohwell, just my thoughts atleast. If I have misunderstood anything, feel free to correct me :)
Actually the allied powers made extensive use of the Axis research projects after the war. One example was Unit 731, responsible for the research and development of biological weapons through human testing. Not only were the perpetrators not prosecuted for war crimes, Shiro Ishii, the commandant was given a job by the US military! Makes you wonder what that fight for decency was all about really doesn't it?
Further details on Unit 731 can be found here.
A lot of these examples are really creepy, and one point keeps coming up: making sure someone on the other side is running "legitimate" versions of software that are known to be unmodified. I just don't think that's a legitimate thing to care about. Specific software fingerprints shouldn't matter; interfaces should. Insisting on specific software instead of standardized interfaces, holds back innovation and flexibility. It's almost like the very point of "trusted computing" is to help create and sustain software monoculture. I think that's disgusting, and I know it's destructive to progress.
As copyright owner of this comment, I authorize everyone to defeat any technological measure which limits access to it.