Slashdot Mirror
DRM Based on Trusted Computing Chips
An anonymous reader writes "We've always know that Trusted Computing is really about DRM, but computer makers always denied it. Now that their Trusted Computing chips are standard on most new PCs, they've decided to come clean. According to Information Week, Lenovo has demonstrated a Thinkpad with built-in Microsoft and Adobe DRM that uses a Trusted Computing chip with a fingerprint sensor. Even worse: 'The system is also aimed at tracking who reads a document and when, because the chip can report back every access attempt. If you access the file, your fingerprint is recorded.'"
I want one !!!!!!!!
Oh, come on. Drop the bias. This is technology aimed towards businesses. People who have truly sensitive information and need to be able to track who sees it. It's not targetted at warez-kiddies, movie downloaders or porn magnets. Sure, it will be used in that capacity sooner or later, but the hardware manufacturers are responding to a perceived customer requirement.
For me, it's even replaced God. And the design is intelligent.
This and the plan to put a camera in every house...
What next?
I would sell my soul for total control over you. Or something like that. What has come of the world that corporate greed has taken over from the free harmonious society? I would love to say everyone will just scrap computers and move onto other ventures (like going outside) but that is the Utopian view. In reality the Orwellian scenario us coming upon us. It won't be long now people.
What is sad about this is they are touting the "legitimite" uses of making sure software is unmodified and doesn't contain root kits and protecting sensitive data from attackers. I find it funny that SHA1SUM and gpg --checksig tells me when my download isn't what the author intended. Cryptoloop (and a tonne of other software) keeps my files highly secure and safe from prying eyes even if they do steal my disks.
There are no legitimite uses for this technology that can't already be accomplished today. There are only evil uses!
I drink to make other people interesting!
When Windows 95 came out it was a major improvement in technology. Windows 95 was easy to use and resulted in improved performance. Compared to Win 3.11 you could multi-task apps very well. The jump from Win 98 - Win2K was also significant for the general stability of the OS. As time marches on there has been little innovations and improvement. It's curious that companies are marketing products with decreased functionality for users. It seems almost like a suicidal business plan. At some point you would think people are going to say no. It's almost like companies want to frustrate customers and accelerate the adoption of Linux.
In Soviet Russia, the documents report back when you read them! Oh, wait...
Tell your friends about xenu.net
You can find a list of known Trusted Platform Module (TPM) manufacturers and implementations from the TPM Matrix
The CB App. What's your 20?
"Trusted Computing" ... "DRM" ... "fingerprinting"
the irony is all too overwhelming
Hmmm... I have one. Well, a Lenovo Thinkpad with a fingerprint reader. Is this something that's already implemented on all of their laptops? Or something new they'll be adding? I couldn't tell from the article. Doesn't really bother me, either way, but just curious if there's a way to tell. I've never been asked to scan my fingerprint when opening a document. I'd probably just cancel the document and decide it's not worth bothering with, anyhow.
---John Holmes...
Maybe you are not their only customer? Lenovo is responding to businesses that want to secure their information. If they have internal confidential information/plans of course it is the creator of the document (fx CFO) that decides who should have access to it, it is not up not anyone who receives it. This is a very legitimate business need. It is really that simple. Not everything related to computers revolves around our warez concerns.
A while back processor serial numbers were added as a feature but I've yet to see a system where the ability to read the it was enabled. Trusted Computing is potentially 100x more intrusive so I don't think it's going far in cases where the user is the one who decides what system to purchase.
Is it just me, or is anyone else thinking, "The way the industry is going towards Orwellian dystopian dreams, I might just want to get out of computing"?
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
To make such a system work it seems like every computer in the country would need the fingerprint reader, or else, it would just be insane to knowingly submit yourself to such a system if you wanted to have full rights over your software. I agree that this certainly has a lot more to do with private security than DRM. I know a lot of companies with security issues and this technology would help. Don't forget Wells Fargo, millions of dollars spent recovering from a single laptop theft, where thousands of customers' personal information was put at risk. In fact, if companies did NOT use such robust security procedures, I would be reading an article later on about how fingerprint based technology SHOULD be used as it protects the rights of the consumers through better security. Having a watch dog is great, but it lowers how much you trust it's bark when you hear a warnings every time a fly lands in its vicinity.
Ultimately I think a lot of this DRM technology - specifically remote attestation - is going to result in me changing my habits in one minor regard - I'll be putting the wireless router on top of my desk, rather than under, with the ports facing me so I can easily unplug my computer. In the majority of cases, problem solved.
--Ryvar
He warned us long ago. Of course, even now the masses will fail to be alarmed. "It's only a demo." Etc. "Boil 'em slow, they'll never know." Oh well.
If you're working somewhere where you have to be positively identified and sign on each occasion when you access particular sensitive documents then the techonology described is a significant improvement in usability.
You no longer have to travel to the document repository, and you are no longer restricted to the hours that the librarian keeps.
How would this sort of thing affect something like VMWare? If the O/S needs to be booted up on a trusted platform surely you won't be able to install it on a virtual machine. If the virtual machine can fool the O/S into thinking it's running on a trusted platform, doesn't that mean that you can get around the trusted component?
Trust goes both ways. Software and hardware industry now keep treating software and hardware for consumers as if it's a privilage to buy, and assumes that none of customers can be trusted as owners of a product.
I'm just disgusted that companies are putting on a smile and trying to gain consumers' "trust," yet none trusts consumers. However when consumers do not trust companies by removing DRM, consumers quickly become criminals, and are called pirates and thieves. While companies abuse the consumers' trust and play market share or monopoly or pricing/licensing games, companies are just looking out for the economy/artists/share holder's best interest.
There is no such thing as "trusted" computing. No one trust anyone here. This shouldn't be called "trusted computing." This should be called "Untrustful Consumers Computing."
"Don't let fools fool you. They are the clever ones."
How long until you can buy a fake thumb with Elvis Presley's print on it? :)
Steve
A work that expires before its copyright never enters the public domain and thus enjoys eternal copyright protection.
Exactly how would you do this? Everything will be done on computers in the future, taxes, job applications, schooling, you name it.
If we don't create alternatives now(and not in 10-25 years), the Trusted Computing Group will p3wn us.
For those keeping score there's only one key peice missing:
a law requiring the use of this DRM, or making illegal non DRM stuff, for the trusted computing group to win.
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
If you play GTA on a DRM'd computer, and find Al Quaida or the Mothers of America send the hit squad after you because of your moral degeneracy (or any other reason), its not my fault.
Sent from my ASR33 using ASCII
I can just see it now - RIAA suing someone because their computer dialed 'back to base' providing their owners name and fingerprints (technology replacing law enforcement)... there goes the excuse that it was my children and I didnt know.
Excuses Are Like Assholes - Everybody's Got One
You're right: this can *eventually* change the way we think about data and the way we interact with computers.
But not yet. This is just a "chip on a motherboard." So what if the adobe doc requires all this authentication? It's ultimately passing unencypted over a bus in a machine of otherwise conventional design. No core level encryption, no encrypted root level executable. That means all the "security" in the world is just so much appendage waiting to be hacked off by the first experienced coder to come along.
Such a platform CAN change the way we think about things, though. Ad denough encryption and it gets awfully damn hard to remove attributes form data. This is *not* a bad thing. Once we can give data attributes that canot be easily removed we enter into the realm of being able to move *things* across the internet. Want to move your World of Warcraft *things* into your new Sims pad? It can be done, if the game designers adopt the new standards for "trusted object model data."
This is not just about recording your biometrics every time you listen to maria carey. The possibilities this opens up can literally change the world economy - when the tools of production are in the hands of the proletariat, and the only raw material needed to supply that production is *knowledge,* a lot of people suddenly have a lot of new opportunities to better their lives.
It never ceases to amaze me how slashdotters can't see pas their own noses on things like DRM. There are people with legitimate security needs that don't give a rat's ass about your pirated copy of Brittany Spears. Keeping corporate proprietary info secure is a MUCH bigger deal than preventing you from watching pirated movies.
People who think they know everything really piss off those of us that actually do.
(it's what I'm doing)
start sticking with free software and hardware that supports and preferably sponsors free software. change vendors if your vendor goes treacherous-computing direction. import/smuggle hardware is tcpa is mandated by legislation, while writing a letter to your legislator saying that tcpa is a restriction on free trade and outright nazism. because it is.
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
I really hate the way DRM and hardware DRM now gets fully integrated into our own lawfully purchased computers.
I have the right to use my computer to whatever I feel like and it is of no concern to anyone but me. If the companies disagrees with this they can take a hike for all that I care.
All this will contribute to - is to further alienate Linux and users of alternate operating systems and demean our hard efforts to get legal DVD-playback software etc. for our chosen platforms. I am so put down by this Ill probably never run anything with DRM on it again just for the opposition of it. I will not purchase DRM enabled mp3-players, I will NOT purchase DRM harddisks or any hardware with DRM on it.
If I am forced to do it because of the fact that every hardware producer is forced by Microsoft to do so... I will do anything I can in my power to make sure that my system will be rid of such hardware, modding, jacking, compiling - I really dont care. Its my hardware and NO one shall take that right away from me! No one shall control my software or my computers or what I will be doing with them.
I fully and completely agree with the companies about piracy, I dont support piracy in any way. That said - I also support my own freedom to chose, and past experience shows us that businesses will always do whats best for them FIRST before the customers, the customers are just milking-cows to them - which is fair enough if you give us what we pay for. When you decide to mess with our hardware and deprecate our already paid for services and hardware - then I am putting my foot down and say - Enough already!
All this will probably further feed a grassroot "linux-like" organization that will form an alternate OS that will NOT conform to DRM - even if by law (god forbid it goes that far). DRM and control of customers hardware is a CRIME against the public!
What this world is coming to - is for you and me to decide.
The issue shouldn't be about trusted computing.... try "trusted humanity..."
This reminds me of RMS's paper on The Right to Read.
I konw, I'm a bad citizen, and I certainly don't smile now.
It's nice to know that the content industry now trusts my computer and lets it play its crappy movies. The problem is, I don't trust it anymore. I won't trust it with my data, I won't trust it with my files, I won't trust it with my time.
At least until I find a way to make MY computer MINE again.
Until now, I was a good citizen. I bought my music. I bought my movies. I bought my games. My reward was a rootkit, DVDs that don't play on my equipment and software that crippled my system.
Sorry, but I don't trust your computers. And I will do whatever it takes to make my computers mine again!
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
The problem with fingerprints is that it's inherently a very insecure way of authentication for two reasons:
Firstly, you can't change it if it leaks out. A password or a credit card number can be easily changed and the damage minimised in case of an information leak. Doing this with a fingerprint is much harder.
Secondly, the fingerprint is very hard to keep secret. Your body has this annoying ability to leave copies of your identification token all over the place, very easy for anyone to pick up. If you were worried about the ability to scan proximity tags (RFID), then you should be really scared about the use of fingerprints as authentication tokens.
If you don't believe me how easy it is to pick up, read this about how to make a copy of ones fingerprint using common household items.
HA! That's awesome. ThinkGeek should market something like this to use for all of the parnoid people out there. Make and sell it cheap and it's throw all kinds of wrenches into this plan... I'm sure the ones that already exist aren't at a very affordable price level.
---John Holmes...
The moving can be done now. Take a course in algebra and a simple one in encryption. There are multiple ways to achieve this, given communication with the server.
Move some file from A to B :
A -> Server : I give up on accessing encrypted file x, but I copy the encrypted data to B
Server -> A : noted, I will no longer send you the decryption key when you ask for it
Server -> B : you have data from A ?
B -> Server : Yes, can I have the transformation ? here is my machine ID
Server -> B : I am not giving you the key, however here is the transformation needed to bind it to your machine ID
B -> Server : I need the key, my machine ID is
Server -> B : here it is, you have access
A system like this is extremely hard to hack, given basic precautions in the decryption routines (for example, you do "live decryption", at NO point in the program more than, say 5%, is decrypted in memory, and the routines to decrypt are themselves encrypted, which is quite possible to do)
First off, it's already "illegal" to hack current DRM, at least in the US (and about 50 other countries) and the hackers do it anyway. I don't see how TPM makes this any more complicated. You've seen how well it's worked for Apple so far, which isn't very well. Now while it may be used say by the government to tag files used in office, or buisinesses on sensitive documents, I don't see how it will be of any use on DRM items, any more than current code is.
There will always be cracks, there will always be copies of stuff made available online with no protection. All it takes is one guy to break it and it's out to the world in a heart beat via bittorrent. This will have about as much effect as HDCP on piracy, zero. Sure it will make like hell for the honest user, DRM almost always does, but piracy? The more restrictive DRM gets, the more honest users will turn to the black market to get what they want in a reasonable manner.
--Won't that be grand? Computers and the programs will start thinking and the people will stop. - Dr. Walter Gibbs
With DRM comes one problem for you as a company: You have to trust the DRM manufacturer completely. And I mean completely. They will not allow you to snoop into their protection mechanism. Trust it or get lost.
So would you, if you were a software company, trust Microsoft? Would you, if you were a mainboard manufacturer, trust Intel? Would you, if you were a chip producer, trust Infinion?
There are other ways to protect your intellectual property. Open Source encryption mechanisms, the source code of which you can read, audit and evaluate, and even adjust to your security needs.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Spend a week in HR and you'll find out how trustworthy your employees are. The stuff that walks out the door or flies out attached to an e-mail, from office supplies to sales data and product plans is astounding.
Nobody trusts anyone in this game. Content providers don't trust their customers, since they could (Turing forbid!) copy their stuff. Customers don't trust their Hardware, since it doesn't belong to them anymore and doesn't do what they want anymore. And neither side will let its guard down for the other side would certainly use that edge immediately.
:)
It's just Cold War again all over. The fun part is, that neither can exist without the other. The content manufacturers can't exist without their customers, because otherwise nobody will buy their stuff. The customer can't...
erh...
Wait a moment, there's a slight mistake in the equation.
I guess I know who'll win.
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
DRM does have legitimate uses - would you like to get on a plane or use a bank whose computer systems had been raked over by HaX0r O'Wally and his pals? But it's hard not to have a gloomy sense of deja vu. The problem with DRM is that it can be used to destroy competition (competitors are literally locked out of the market), fix prices, invade privacy and withold legal entitlements such as fair use or in some cases any use of an encrypted document that just might happen to be your own. Overall, this adds up to a great way to build or reinforce monopolies. It's even worse when in practice these opportunities will be handed to an IT world where desktop PCs are already monopoly-controlled.
You'd have to be a hyper-optimist to think that IT corporations won't promptly try to take advantage of the situation. The deja vu is that we've been here before with things like Internet Explorer vs Netscape. By the time government or judiciary gets around to cleaning up abuses some years later, the losers have been left for dead and the "punishment" for the winner is a bargain - the fine is merely the cost of acquiring a licence to print money.
So I'm not really looking forward to DRM. Yes it's here and it's probably going to become darn near ubiquitous. For those with really sensitive information to protect it may well be a boon. But before the authorities wake up to the full implications of DRM and regulate it properly, a great deal of damage will be done.
Las qué passoun
tournoun pas maï
Sarbox has had a very bad impact on businesses. Aside from the billions its drained out of the economy, it also places regulartory requirements to track data within a business and ensure proper controls are in place. This DRM is a way of accomplishing this. It helps with the audit trails of who accessed and modified the data in a way that non-repudiatable. CEO's, when they sign the financial statments, put their job and freedom on the line that the numbers are correct and traceable. Failure to do that ends them up in prison. Even if there is no wrongdoing. Sarbox assumes everyone is a crook and you have to prove you're not. Thanks Congress...
* Except http://en.wikipedia.org/wiki/One_time_pad but it's highly unlikely it would be used for wide spread DRM.
I understand that some companies could have legitimate uses for this technology. If thats what these companies had in mind why is this technology being pushed onto all PCs. I don't mind these features but it looks as if the consumer is not going to have the right to choose whether they want these features or not. Like most people here I can see much potential for abuse by hardware and software companies. The two most ugly forms of abuse potentially are using a persons documents as ransom to make sure they buy subscriptions to the software they use and deliberately making documents uninteroperable between different tools.
The finger print reader is an input device.
Use something other than your finger that the device can match.
Maybe print one out.
but what do i know, i'm just a model.
The Road to Tycho
I like my dinosaurs feathery, and my pterosaurs hairy (or is it pycnofibery?)
You don't need this to secure documents. There are already nice products like TrueCrypt available that let you encrypt a volume and even create hidden volumes within. If someone steals your PC or laptop, they get nothing but the hardware.
It's not entirely about DRM, though. I'd bet there are still more "features" we haven't been told about. If that system can track who reads a document, it can also be used to figure out who visited a web page or who originated an email. Count on it, that's what this is really about. Taking away the remaining shreds of anonimity that's left on the internet. There will likely be some upside to that. Stolen hardware will be easier to locate, as will trojaned spam bots. You'll be able to access software online with reasonable assurance that no one else can get to your stuff. But, overall, we're all going to get dicked.
And it will keep happening until those companies implement something like this and experience a giant decrease in sales. Like Sony and rootkit follies.
That's our life, the big wheel of shit. - The Fat Man, Blue Tango Salvage
Because this stuff won't work on FreeBSD 'till they port it, I can tell the people who use things like this that I can't read their document.
Woooohoo!!!
(The only way they win is if you use and BUY thier products. Stop using their products, stop buying their products.)
For the most part, as large a community as Slashdot is, the number of people around here that don't like where all this stuff is going (myself included), and the positions most of us are in to influence tech decisions of those around us, my suggestion to defeat this, is simply to not use it. Keep copies of your older software. Keep that old machine in decent shape and on a shelf somewhere. Keep some spare parts around.
Pretty much anything you can do to create a hardware/software version freeze, so that when the shit really hits the fan on all of this, all you have to do is say "no thanks, I already have 'xyz' and it's working fine for me and i've made assurances that it will continue to work fine for me."
If you have a job at the moment, are you actually working or are they paying you to sit there and wait for the next round of upgrades?
In my mind, that's going to be the best way to defeat all of this stuff they are forcing on us. We need to take away their ability to force it on us.
I know wanting a faster processor is something we all want, but when I think about it, it hasn't really gotten all that much faster when you consider the OS's portion and how with almost every new speed bump, something is there to utilize that speed basically nullifying the benefeit it would have on your apps.
So, why upgrade at all? If windows 3.11 had thte ability to deal with large amounts of RAM and large HDD's think of just how fast it would run on our modern processors.
Basically what I'm getting at, is, empower ourselves to take the upgrade cycle out of their hands, because when everyone says "i'm happy with what i've got" then they have no market. Same for the **AA's as someone mentioned. Take away their audience. Since we are pretty sure they are making a killing from digital music and video, just don't watch it on your computer or device etc. Get a DVD player now. Keep it and use it. When nobody is buying their newer crippled stuff, they are going to start whining that nobody uses their computers for media and it's hurting their wallets, and we can just point and say "you said the opposite of that 'x' years ago."
It's definately not impossible to make these things happen on our terms. It's not even that hard. We just have to say we're not going to buy it or just be content working with what we have now.
How far can they go pushing people to open software ( and, possibly, open hardware )?
finally people won't be able to infringe on copyrights.
You can't handle the truth.
All a reasonable person needs to do is carve a single finger shape out of wood, complete with finger prints, and then cast rubber in the shape. Then, label it "Anonymous Password".
Then, tie one to every computer in the building.
Now, make up another finger, with a different design, and label it "Admin". Distribute it only to admins (note that changing fingers will be required as you hire and fire).
Then, for each specific user group, manufacture a set of rubber fingers, and label them accordingly. Now distribute the fingers on a keychain...
Correct Horse Battery Staple: 72 bits of entropy. Enter "Correct H" into google. When it generates the phrase, that's
The point is that U.S. media companies and the terrorized U.S. have allowed breathtakingly broad rules and now technologies to be put in place, putatively for safety, and the U.S. government and corporations have worked heart to promulgate this around the world.
However, these rules and technologies are in fact so far from what was general thinking in the U.S. say 20 years ago that the Chinese government can now smirkingly say a week or so ago that their censorship and disclosure practices are in line with those of the rest of the world. And the surveillance tools being inserted into consumer items at the behest of the U.S. government and corporations are in fact tools that reduce freedom of everyone and can indeed be used even more effectively and chillingly in nations that started out with less freedom in the first place.
As it happens, timing has worked out so marvelously one might wonder if there is an unseen law of sociology at work. Incidents like the Sony rootkit and Homeland security being sent home by a librarian are coming up at approximately the same time that the most venerable U.S. computer firm sold its computer manufacturing to a Chinese firm and a U.S. congressman and Holocaust survivor is demanding black and white ethics from the Yahoo and Google.
Timing is perfect to wash away the bullshit and leave in razor-etched glory the facts, the players, and the route that must be taken by western civilization.
They should just change the meaning of the acronym now... it will save plenty of confusion in the near future.
Double Plus Ungood!
if I claimed I was emperor just because some watery tart lobbed a scimitar at me they'd put me away!
They will not allow you to snoop into their protection mechanism.
Ultimately this will not work - the only way security implementations become accepted as effective is through open review.
... I don't care what you recommend, I want MS Windows on this computer because the Government, with whom I have too many contracts, uses Windows/MS Office.
And MS will do whatever is necessary to see that the governments use their product, including giving it away free or less than free.
Correct Horse Battery Staple: 72 bits of entropy. Enter "Correct H" into google. When it generates the phrase, that's
Wow, and I thought The Right to Read was a little too tinfoil-hat for me with the tracking who reads a document part.
Guess that shows how naive I am. This is really scary.
There's no ironic mod, I'm sorry.
-------
Incite and flee.
I started researching on the newsgroups and learned that this can be caused by programs that create "Virtual Drives" and whatnot, none of which were installed on my computer at the time.
I had heard of them but never had the need to learn about them prior to this. Well, to make a long story short all I had to do was install Daemon and mount a fixed image in order to play my legally purchased software.
I don't have a problem with artists/publishers wanting to protect their intellectual property, but when it gets to the point that it is a burden for their lawful purchasers they really need to reevaluate what they are doing. I guess we will have to wait for the "Tech Savy" Generations to age enough to fill the political offices so they can enact legislation to fix all the damage done to the historical definition of "Fair Use".
Or maybe I am borderline retarded
It's only paranoia if your wrong...
I say: let them do. Truth is, piracy is illegal. Truth is, a lot of people use pirated sw ; even though Windows XP is harder to pirate (since you need an original code to download updates), still people pirate a lot of software (and music, and videos). But nowadays, there is also Open Source. What is stopping people from adopting OSS? The balance between the risk of use pirated sw, the cost of buying it, and the stress of learning to use different OSS sw. If (when) the former will become unfeasible (since pirated sw will be too dangerous, or it will not work), then OSS will become more attractive.
When DRM/TCPA will take away freedom from the people, the people my realize the importance of freedom, and of free sw.
I'm not sure if "your stuff" is really protected if anyone can "adjust" the security protecting it. Besides, you can always look into the copyright protection mechanism under DMCA, you are just not allowed to circumvent it. So you can read, audit and evaluate it, you just cannot adjust it. Happy now?
So, while the current incarnation may seem ok, things are only a few steps from being really bad and invasive. Couple this with the DMCA, and half the things we take for granted with computers now could be taken away, and it will be illegal to 'break' things to get those abilities back.
Self-appointed self-righteous shills will come crawling out of the woodwork when getting around those restrictions is discussed. They'll castigate us most severely for having the temerity to tinker with our own property. When they use the phrase "business model", light will burst forth from the heavens and a chorus of angels will sing "aaaaaaaaaaaaah! AAAAAAAH! AHHHHHHHHHH! AHHHHHHHHH! AHHHHHHHHHH!" Even though there won't be any real choice at that point we'll hear things like, "If you didn't like the terms then you shouldn't have bought the device/software/widget."
I will use my own property in any way I see fit. I don't care how many politicians have been bought. I don't care how many times the phrase "business model" is dropped as though that is a definitive clincher. I most certainly am not going to argue about it.
I have yet to see a price tag on what TPM modules cost the end user.
Since I don't want one, I feel this is an unwelcome tax on consumers that benefits the *AAs and the BSA directly.
Not the artists or engineers, mind you. Just the *AAs and BSA.
When DRM/TCPA will take away freedom from the people, the people my realize the importance of freedom
Yeah, when it's too late to change things. You say piracy is illegal, but it all depends on what some bribed legislators state.
What will happen when it's used for censorship, i.e. a video of some military men beating up some guy? Oh, turns out that watching that video is illegal because some patriot act or something... and with Trusted computing, they can go and arrest you for treason.
Surely we don't think the US can become a totalitarian government, but that's what happens, people don't think somebody is possible, and they let it pass. Then they cry raising their hands to the sky, saying: "Why, what have we done to deserve this?".
I didn't have the time to read me all through, but may be you all are missing out one point!!! May be i'm wrong, but i think i have read in the past 3 months that the encryption and decryption algo is alreadyx broken, or basically broken (only matter of months), isnt't it?!
Actually, since GIMP, on a Linux system, will bypass the DRM, GIMP and Linux will be considered circumvention tools, and as such, illegal to use.
Maybe it won't be that extreme, but it will taint Linux in the corporate world, where the failed attempts to regulate DRM into Linux will get the OS associated with piracy and other bad stuff.
Either that will happen, or so many people switch to open operating systems that it forces the other side to back off and slow it down for a while.
Unfortunately, the latter option is the one least likely to happen.
Usurper_ii
Ron Paul
If your beloved fingerprint-hash-storing Big-Brother company goes bankrupt, you will never, ever, again have access to the files you so dearly needed to protect using their nice proprietary technologies.
..we can always run our free OS of choice, which leaves us in control.
Then websites will start requiring TC based remote attestation to work (which totally breaks any expectation of anonymity you may have had, and won't work unless you are using their closed OS of choice). And then one day the BIOS will decide that your free OS is not allowed to load anymore, and you'll be screwed.
Piracy is good for the software manufacturers as long as they can keep it under control, because it makes their product establish itself. But when you use sth for profesional purposes, i.e. to make money, of course you must pay for it. So it's not a clear-cut choise. As far as businesses are concerned, we would expect a more strict control over their installed software, (provided the technology can achieve this) but I don't think that you'll only use Windows or Office or Photoshop after you bought it.
Imagine a company whose choice is to trust its emplyees or Microsoft. (insert picture of Ballmer here). Thats like swimming in a lake of shit to avoid an unpleasant odor.
The one thats signed by the creator , that cant be removed, deleted or changed without the fingerprint of the creator. All its going to take is a a hundred or so companies having to buy 50 or so new thinkpads because they cant remove the trusted virus to cause a real big stink and forever doom trusted computing
I trust Microsoft as far as I could comfortably spit a dead rat
Was the dark red sheet of paper with black print that came with the original Simcity a crime against the public?
If not, how do they differ?
"But DRM goes beyond encryption. In the system that Lenovo demonstrated, the decision about who can do what with the file is made by whoever generates the PDF, not by the person or organization that owns the laptop."
It's a joke, right ?
Tell me it's a joke !!!!
As an avid rock-climber and someone who often works with my hands (machining parts, cutting glass), my fingertips are masses of cuts and abrasions. Fingerprint just sensors don't work with me. I'll really be out of luck for mass-market laptops if there's a broad industry trend towards this type of DRM. What a stupid idea, IMO.
I find all this 'Trusted Computing' a bit too much to take in. Trust the computer but don't trust me? That sounds like a disaster waiting to happen.
1) So I create a Word document at work. I use my fingerprint to lock it down so no other can read it (I'll unlock it after the draft stage). My company moves me to another project just before it's finished and I die in a freak car accident the same afternoon.
What now? It's not like you can brute force the password as you can do now with Word documents. Thousands and thousands of pounds were spent on the document. More than all the chips inside the grey box are worth.
So what now? Someone please tell me.
2) I refuse to give my fingerprints over to my employer.
"Look boss, you can have 40 hours of my time a week at 100% effort but you're not having anything more from me. No blood, no sweat and no tears. That includes my fingerprints."
Will my employer sack me?
What about if I want my fingerprints back when I leave the company? Track down every document I've ever written to undo the fingerprint locks? I can imagine a phone call 6 months down the line asking me to pop-in for 5 minutes ($1m an hour for my fingerprint service btw boss).
3) We currently send documents over the internet that are worth hundreds of thousands of pounds to possible future tenderers. We use email. We might use PDF but there will be no security on it.
Are we going to change the way we work? No, no way. We don't even use Track Changes or Version Control on SharePoint.
Someone highup expects people to understand this Trusted Computer lark? It's not going to happen at my company (10,000 employees).
I see no benefit in any of this.
This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
there will be an option to disable this 'feature' in the BIOS?
New meaning to "giving your boss the finger" eh?
I am sooo sorry.
I can give the computer manufacturers the finger.
I'm curious about some of the implications here - in a trusted computing world, would it be possible to turn the tables and make my data trackable? Could I make my email address a trusted document and track who uses it? Keep an eye on where all my data goes, have my credit card info and paypal id as trusted docs? In a way this sound appealing, I'd get to spy on corporate use of my data. But naturally, if this is the case then government/BigCo would want a back door for 'protecting' our safety through anonymous surveillance. And if such a back door exists, how long before it is revealed to the world by hackers? Can such a secret really be kept forever?
I'll just not bother buying that new Thinkpad then.
I think the usefulness of DRM-on-a-chip is basically a conundrum. I can see ultra-secret or ultra-important data that is digitally marked in some way to prove how/when/where/who modified, created, or opened a given bit of data. This would be a good thing for trade secrets or government secrets.
I don't see the applications of this at home, save for managing what software manufacturers want to track or tie down. I realize that business seems to drive how personal computing is moving forward, but I don't think system manufacturers really have a grip on what makes a computer satisfying for a government agency and for Joe/Jane consumer.
Perhaps there should be a choice - a choice concerning the installation of hardware DRM in home or small business computers. Perhaps consumers can purchase hardware that "opts out" of these types of schemes.
Personally, I don't have an issue with hardware DRM for organizations or individuals who want this type of technology in their machines. I believe it crosses the line when the consumer or business who does not want this type of technology is/are forced to accept it. Software piracy measures are becoming more and more draconian, it seems - and what scares me the most is that the people who develop the DRM technologies are just as likely to write/introduce errors and bugs as any other developer. To me, this means that a DRM technology might make my data unusable or inaccessible in some way.
A Passionate Independent Musician
Okay. So every new computer has this bullshit pre-loaded. Everyone and their mother's cousin's dog knows about the TCPA/TCG, the TPM, the chips, what they do, and how their sole purpose is to implant DRM on a hardware level on every computer bought from now until doomsday. Presumably, even Apple computers have them - our lovable, do-no-evil Apple, screwing us too? For shame. Everyone's going to do it, though, and sadly, FOSS isn't the answer.
FOSS will in all likelihood only work on computers made by vendors that choose to support it. Sounds like FUD, and it should, it's very possible and very likely. IBM has been working to make TCG-ready versions of Linux and whatnot, but that doesn't mean that you'll be able to read proprietary format documents and other such lovely things without at least a (expensive) proprietary dongle for your PC or your software. Even if FOSS applications and OSes work on TCG computers, that doesn't mean they'll still be useful. It's not only the perfect way to shaft the consumer into paying constantly for software and hardware they've already bought, and the perfect way to make piracy hellish enough to convince all but the hardcore bootleggers to stop. It's the perfect way to create an enourmous chasm between competing vendors and FOSS communities. It's like stepping back through time. Non-universal PCs and applications will become the norm, and it's almost certain that unless companies like Google and IBM step in to put a stop to the bullshit, FOSS and independent software studios alike will vanish.
This makes our options for action very limited. You would essentially have to start bringing FOSS down to the hardware level. Open Source Software? Open Schematic Hardware. FOSH. To create anything useful, however, it would require stupid-huge amounts of time, money, and collaboration, which means that only companies like Google and IBM would foot the bill. (And like they do with FOSS, they'd use FOSH as just another selling point for their services.) One technology could make all the difference though... A printer-like board fabricator, perhaps? I remember reading about machines like those. Who feels like trying to tack a microscopic soldering iron onto their inkjet? I'm not being sarcastic, I really mean this. The biggest threat to FOSS and universal computing is that hobbyists have been essentially taken out of the loop. We don't know very much about what our hardware does and how, so how are we going to escape the clutches of the TCG if we can't even make and (lawfully) analyze our own computers? Used to be that you'd -BUILD- your own computer. Not just snapping parts together, no. You'd put it together from scratch. A tabletop or desktop fabricating tool that's cheap to purchase, operate, and maintain would be the ultimate weapon in the FOSS/FOSH community's arsenal, and it would enable hobbyists and ordinary folk alike to begin experimenting with circuitry of their own.
Sounds stupid? Probably. FOSS won't stand a chance without corporate stewardship unless FOSH becomes a reality, though. Not just any FOSH, good useful FOSH. So... calling all engineers?
The chip present in the Thinkpads is a TPM. This chip is basically just a tamper-resistent crypto engine. One of the uses of this is attestation. You can crypto graphically sign your kernel, and the system will make sure to only run a properly signed kernel.
This is hugely useful from a security perspective. Imagine you're machine gets broken into. Any admin knows the only proper thing to do is completely reimage the machine right (there's no guarentee that they didn't install a root kit even if you remove the piece of software that led to the breakin). Well, with attestation, you do now know that the kernel is okay. This lets you start building up trust. If the kernel only loads signed modules, then you know all modules are okay. If the kernel goes further and only lets root run signed software...
This is why the TPMs exist. The entertain industry isn't all that big. There is a *huge* market for security though. Can you use a TPM to enforce DRM? Sure. Honestly though, this is only a problem if you're using DRM crippled media on a closed-source platform. Why the hell are you doing that in the first place?
Do you own the copyright(implied) to your own fingerprints? Does someone making a digital copy of your fingerprints violate the DMCA?
I think the system would have to work that way. So when you create the doc, you create it with your own and the company ID as authorized users. Then anyone who is on the company ID list can access it. If you are fired and are off the list, no documents for you! Aren't you relieved that this won't inconvenience your employer?
See, we wernt just paranoid freaks..
its great to be right yet again.... yippe?
---- Booth was a patriot ----
This is why E-Books are so wrong, and we should be fighting to retain dead tree verisons..
Yes, i know they can still find ways to track what you read, ( rfid, cameras ) but at least they have to work at it.
Who does this stuff get reported to? Who gets to find out you read a 'bad ebook' and sick the HSD ( or other 3 lettered agency ) on you for 'restricted knowledge'?
---- Booth was a patriot ----
If this truly is the direction the hardware industry is going, then this seems to me to be a market opportunity. Starting small, of course, if we want to shut DRM use out of the market then those wiht the resources should create competition. Gain financial backing, gather up some EE majors, dedicate time and hard work and start a new hardware company that provides a rally point to oppose DRM use. It seems once again to be the cycle where one side wants to close its market and the other wants to open it. The open market strategy, as has been said already concerning Microsoft and Apple, is the one that turned out victorious, only this time those who chose to take the initiative have a chance to do it better than Microsoft did. I am not saying its an easy task, but a way to fight back.
I find that although many people are liberal in beliefs, they are conservative in actions.
As a programmer, I'm curious about how much of this they can really enforce. Does it mean that all "independent" software development will cease, because after every compile, I'll have to apply to Microsoft for a license to run the test version of my program? This would make testing several orders of magnitude slower than now, and effectively stop software development on such machines.
Does it mean that you can't install an OS without Microsoft permission? If so, it would end the recycling of old hardware that's no longer supported, radically raising the price of computers for non-profits and most of the world's poorer people.
Maybe the computing future for all but the wealthy really does lie with Negroponte's $100 laptop (and whatever its clones are called). You can bet it won't have a DRM chip, and emphasis will be on making it programmable by its users.
Anyway, I'm curious about the details of how this "DRM chip" works. All I have to go on now are vaguely-worded scare stories like this one. But, as a programmer, I can't tell anything at all about what it really does. Is there a spec somewhere, so I can learn to program the thing?
Possibly not, because if I had that info, the first thing I'd do would be to program my own authenticator so I could test my own software. They obviously don't want me to do this, so I'd predict that a full spec isn't going to be available to people like me.
Those who do study history are doomed to stand helplessly by while everyone else repeats it.
I wish I had mod points so I could mod this up.
Is it possible to make a computer without and Chipset "trusted computer" DRM in its chipset? If so what chipset would I have to use and what company makes it? Can I just buy a mac preconfigured without it or do even Macs come with this DRM now, in case one of my non-technical friends wants a new computer without DRM.
Yes, treacherous computing will keep the digital roads safe and locked down. Pay or we exclude you from using your own computer.
All information will be "pay-per-view". Step one is to ensure nothing ever again sips out into the public domain. Step two is to protect the concept of every idea and make people pay per use for each. Instead of "thoughts are free" the saying will be "thoughts might be available for a pre-negotiated price". Without enough money, your child won't be implanted with the genes required for a concious mind. You'll get a vegetable.
We're heading straight towards this future. I really do hope people remember why the right to keep and bear arms was so important... Someone better come up with a good alternative idea (and fast!) to change the current horrid path.
In a society that believes in nothing, fear becomes the only agenda ~ Bill Durodié
I will never use such a thing. Use free software, and if we have to, build our own computers.
...back when Paladium was first mentioned by M$. I said then that we only had to wait and eventually our computers would no longer be ours. Then Paladium became TCPA and it looked even worse. Now it's TCG. After 9/11 I knew what was to follow. In the name of security we would no longer be in control of our own PCs. Yes I know that corporate inertia will resist the changeover but remember that M$ changed the terms of it's volume license agreement so that not migrating would be extremely expensive. For all the already stated reasons that have been posted we all know that corporate America is not going to embrace open source any time soon. With the release of Vista and all the incorporated DRM etc. the situation just becomes worse. Does anyone think that for one minute Dell, HP, Gateway or any other OEM is not going to follow along with all of this and refuse to incorporate all this crap on their systems? Let's be realistic, the sheeple will buy what the OEMs sell. The average American computer owner doesn't care what is happening inside the box. At this point I imagine 85% of the average users have been "bit" by some sort of virus, malware or crapware and learned an expensive lesson (maybe). The selling point that they won't ever have to worry about some "evil thingie" gumming up their PC will appeal to their narrow little minds. They don't stop to think through all the possibilities of what this technology can be used to prevent. I am certainly not an engineer or developer but I don't think it's a big step to have the "trust chip" verify virtually everything that you want to do before you are allowed to do it. Hmmm want to visit a website? Wait while the digital verification is checked. Nope that site expresses views contrary to what we want you to hear. Want to open that email? Nope, it's been generated by a non compliant PC. Now of course this is all being done for the users own good and the security of our nation. Want to access your documments? Gee we're sorry but because your subscription to M$ Office Live ran out we can't allow that. Users don't care whats going on in the box, they just want someone to tell them they'll be protected from all those nasties out there. If you build it, hype it, and sell it, the sheeple will buy it.
The ability to tell who accessed a document and when would be good for hi security government documents, to tell who did what when to them.
Maybe for some industries with real sensitive data as well, but of little use to the average person, except to please the *AA's.
This is already being done on some level with our game Consoles. XBOX/XBOX 360 anyone!? DRM is utilized in these machines to only allow signed/approved applications to run on the hardware supplied. (Including size/structure of Hard Drive, Video Card, NIC etc) Verry much like the licensing of Windows based on Hardware Serialization. These Issues are alive today..
But lets focus more on the consoles as their closer to the new problem. What has been the workarround? Out of the box an xbox cannot use anything but Microsoft Content, Games, Downloads from Xbox Live! etc. So Chips have been created to sidestep this detection. So other apps and uses can be done.. Linux may be installed, different boot loaders, Media Check is taken out of the loop etc. The result allowing us to use the hardware we purchased for what we want too.
Now I know this isn't exactly the same, but it is Similar. Lets be honest, with the reply that we see from all these techies on this one topic from slashdot about the new DRM implimentation. How long do you think it would be until we came out with some bandaid for this new problem. I do know that reverse engineering these chips would be hard, but not impossible.
I, by all means am NOT saying we shouldn't fight this. However I do believe there are other ways than just vocalizing our concerns. For every attempt like this there has been an overwhelming response to counteract it. I have faith in the crackers/Hackers. Just remember, something this big will not only attract action from all the existing Crackers/Hackers, but most likely with make many legitimate Engineers/Technicians cross that line to solve this problem (many are balancing on the edge as it is).
To paraphrase the Fight Club quote:
Look, the people you are after are the people you depend on. We code your apps, we build your machines. We connect your networks, we keep your systems up. Do not... MESS with us.
Some people were talking about how this would kill FOSS and about alternative architectures we could use, etc.
Would it be possible to make mod chips to circumvent the DRM like on game consoles?
I am actually looking to buy a new PC sometime in the next month or so... I've always purchases systems from local shops, either in parts for self-assembly or if I did not have enough time for them to assemble it, so at least I do not have to worry about what the big guys will put into their systems.
Therefore leaving out the Dell's and HP's of the world, what generic components are safe to purchase which are (for now) DRM free? Asus boards, MSI boards, etc?
One way we could all fight back would be to compile and keep a list of non-DRM'd hardware and only purchase from those companies...
Peter
Those TPM chips have a (hardware) random number generator and hash accelerator...
Maybe speed up your encrypted volumes ?
Faster WEP/WPA cracking for the wardrivers ?
If you have the lib and the driver and your OS is free, you could use it for *your* purposes
Linux driver for the Infineon TPM: http://www.prosec.rub.de/tpm/index.html
"Even worse: 'The system is also aimed at tracking who reads a document and when, because the chip can report back every access attempt. If you access the file, your fingerprint is recorded.'"
I'm sure we will hear the EFF chime in soon.
We already have hardware keyloggers.
Wait until someone comes up with a hardware fingerprint logger.
Not quite as simple as plug-it-in-and-own, but pretty close.
Then they'll start making tamper-resistant laptops.
Soon, the only thing you'll be able to do with a computer is "DIR"[0]. When there is only one command, the operating system will be perfect; there will be no concept of a revolution, because there will be no programming language with which to express it...
[0] Good luck running Linux. The DRM chip will refuse to boot, fry your hardware and disks, report you to MiniRights, and possibly put a bullet through your brain.
PS: I used to think tinfoil hats were silly.
DRM should only be utilized by individual companies and/or persons. A DRM used by someone (a person or company) should not be forced onto anyone else.
DRM is good for helping prevent others from opening documents, but taking that same DRM and forcing someone else to use it should be deemed illegal.
If I purchase data (and this can be text, music, or video data; it shouldn't matter the type of data) I should have the right to use that data in whatever matter I choose as long as it is for my personal use.
I can see not using that data the way I choose in one of three ways.
1) I'm renting the data and not buying it.
2) I'm an employee of the company.
3) I've been convicted of pirateing sometime in the past.
If I'm only renting, I can understand the use of specified DRM on the data.
If I'm an employee, I can again understand the use of DRM. I would also be getting a paycheck from them too.
If I was convicted of pirating digital data, the law would be making me follow DRM guidlines if allowing me use of a computer at all.
But if I don't fall within one of these three areas, I don't see how someone else can force me to use their DRM. I think it should be fought out within the courts.
I am very much interested in stopping this. But how can I fight it. I know FOSS is the solution software side, and I contribute when I have the chance. But what can be done hardware side? How do we fight this thing?
if consumers see a real performance hit, they will avoid the DRM controlled media or software.
When a game takes 30 seconds extra to start because it has to check the CD drive, the majority of people don't necessarily avoid that.
Google has taken it's search technology to allow users in China to search more quickly and reveal when information has been censored. You compared their presidents to Hitler because of the information that has been censored as a result of their decision. So to whom do you compare Lenovo, a Chinese company that has introduced technology into laptops that allows any document to keep track of everyone who has viewed it? Stalin?
Maybe we should stop companies from censoring our own citizens before we worry about what we're doing in other countries.
http://www.ccc.de/biometrie/fingerabdruck_kopieren .xml?language=en
Can you say "home business"?
No trespassing. Violators will be shot. Survivors will be shot again.
"I don't believe that for a second. They are responding to arm-twisting by Microsoft and Adobe (,etc.) and working *against* customer interests. Consumers have no interest in DRM at all. "
Companies who use Microsoft and Adobe software often have data under NDA and would love to use this technology to help secure their data.
Vote for Pedro
"You won't even be able to use your OSS tools on a "trusted computing" platform. That's the whole point."
So explain to me why Linux runs on systems with trusted computing now if your statement is true.
Vote for Pedro
You don't want to use products from any vendors who support the "Trusted Computing Initiative"? Then you're going to be in a world of hurt. Here are just some of their members (listed on the Trusted Computing Group's home page here: http://www.trustedcomputinggroup.org/about/members /:
CPU vendors: AMD, Intel
BIOS vendors: American Megatrends, Inc. (AMI), Phoenix (who bought Award a few years ago)
Hard drive vendors: Fujitsu, Hitachi, Maxtor, Seagate, Western Digital
Flash drive vendors: Lexar, M-Systems
Chipset and graphics vendors: ATI, Nvidia, Intel
Network card vendors: Broadcom, National Semiconductor, Marvell Semiconductor, Inc.
So you think you can build a system without parts from any of those vendors? It may be more difficult to avoid "Trusted Computign" than you think.
So explain to me why Linux runs on systems with trusted computing now if your statement is true.
But will your residential Internet access provider and your application service providers "trust" your Linux distribution, especially if you have modified it pursuant to a free software license?
"The problem is, I don't trust it anymore. I won't trust it with my data, I won't trust it with my files, I won't trust it with my time."
No what you mean is that you no longer trust the software you run on your computer. Have you ever? It's amazing how otherwise intelligent people turn into raving lunatics at the mention of trusted computing.
Vote for Pedro
Gentlemen please, such alarmist talk!
It does not matter what these companies may propose, we live in a democracy after all. If we do not like the DRM Act, we can repeal it, can we not? If we do not like the government snooping on us with our own hardware and software, we have the courts and Congress, and we can get laws passed to prevent it.
What? Do I hear you muttering cynically that our Congress is in the pay of the large corporates and there is nothing that can be done? For shame!
In fact, were we to organize and fund our urge to freedom as efficiently as the corporate world does its impulse to make slaves of us all, there would be nothing whatsoever to fear.
Instead of heading to the bunkers, making plans for living under ground in a world run by SkyNet, we need to get politically organized. Sorry, but that's the only solution.
I was talking to a guy that had one of these finger print readers on a fairly high end laptop of his. He said it worked great, for three weeks, until it broke and stoped recognizing him as the same person.
Then there is a matter of what would happen when the chip dies/fries and various other ways this can cause un recoverable loss of data. If there is a way to recover it with a bad reader or by directly accessing the chip to get the decryption key, then the system is inscure to people who have sufficient desire or resources to get access to it. Say, the MPAA/RIAA or governments.
Sorry, but either the system is inherently insecure in some way or if the computer breaks you have unrecoverable data.
Fly me to the moon Let me sing among those stars Let me see what spring is like On jupiter and mars
I have today a Western Digital 120G drive. It has many of my TV shows recorded on it, and if TCPA is mandatory in the next 500G drive, guess what -- I'll shop around for 5 to 20 more 120G drives and a RAID controller.
It's better to be the foot on the boot than the face on the pavement. ~~ tkx Kadin2048
http://www.gnu.org/philosophy/can-you-trust.html
'Nuff said
There's a third option:
(3) Replace VMware with special DRM-compliant virtualization software, aka Palladium. Microsoft once planned to include this with Vista, but (like WinFS and lots of other Longhorn stuff) it won't be ready in time.
When MS originally planned Palladium, it demanded that Intel and AMD include special CPU extensions ("ring -1") needed for it to work with existing Windows programs. These are ready now, so someone else could use them to attack MS's OS monopoly. This could be why Apple switched to x86.
Its a bigger deal then that, when you consider that most everything in the civilized world is tied to 'software' either directly or indirectly..
It could cripple the worlds economy.
---- Booth was a patriot ----
One way or another a we must band together to stand against DRM and TC. I have stated many times that WE are the paying customers. The arguments in support of these two initiatives are baseless. All we need do is look to companies like SONY to see an example of how DRM will continue to have a negative impact on people worldwide. TCM in computers and other devices are bad news. I encourage everyone to do what must be done in order to convince those in authority that these sort of measures be revoked. I, personally, stand against this.Also there is money and or prestige in defeating these measures as is evinced by groups like the OSX86 project. There will be software hacks, mod chips whatever countermeasure must be implemented to bypass this heinousness. Don't just take my word for it. wait and see!
If I'm not mistaken, this is exactly what USC 17 1201(i) is for. Not EVERYTHING in the DMCA is bad. Then again, it would have to be upheld by a court of law first. Knowing our legal system, the judge would somehow find this one provision unconstitutional and in violation of corporations' rights to profit.
....it is the creator of the document (fx CFO) that decides who should have access to it, it is not up not anyone who receives it...
However the creator also has to decide whether that PERSON, not the person's computer is trustworthy to receive the information. No matter how trustworthy a computer is, if the person is not trustworthy, then that untrustworthy person will figure out a way to get that information to places the creator would not want it to be. It only takes one untrustworthy person to copy the decrypted bits, no matter what these bits represent, and those bits can be sent around the world to millions of places in seconds. All watermarking and other identifying techniques will fail, since there is no way to tell one bit from another. No trustworthy computer will ever make its users equally trustworthy.
All theory is gray
battling a whole army of ostriches.
How can he win?
--- Grow a pair, liberals... stop letting the Republicans bully you!
The concept isn't news to anyone who ever got nailed by a good old-fashioned encrypting virus... there were a few that offered to send you a decryption key, once you'd paid to ransom back your data.
~REZ~ #43301. Who'd fake being me anyway?
Is there already a list of mainboards that come with a tpm module? If anyone knows of one please post a link!
Samsung took back my unlocked bootloader because Google wants me to rent movies. They're both evil.
Yes, this is annoying. Yes, this means the average consumer PC will be filled with unwanted DRM crap.
But I don't believe for a second that the big companies will be able to fully lock down 3rd party or FOSS software. Why? There are a LOT of businesses out there using Linux and Apache and other things. The hardware industry cannot ignore these companies.
So while the machines targetted for a home market might end up being locked down nice and nastily, there is no way that they will make it impossible to get computers that don't have these restrictions.
I'm sure it'll be the middle one. ;)
Remember-- there weren't carjackings before there were car alarms... back then it was easier to steal a car with nobody in it. I don't think anybody's given enough thought to the ramifications of this. I would never want one.
The general user "fingerprint" be a carved smiley face.
The administrator "fingerprint" will be a carved Goatse.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Maby we will be able to run our free software on OpenSPARC machines.
The age of independent and free press is gone people. Not one american news source has ever covered this to my knowledge, and I get the feeling they never will come clean about the manipulations and outright lies perpetrated by those who control major interests in their networks until rioting or outright revolution breaks out.
VLC FOR MAC IS DYING! IF YOU DEVELOP, PLEASE SAVE IT!!
Well, Sonic (hamburger) commercials are now educating the public on the difference between "bits" and "bytes"...
In about 300 years, maybe they can take on DRM.
Even if you could see the light, react, and unplug the cable in 1ms, you would be way too late.
On a 10MB bit/s link, that would mean about 1000 bytes would have already gotten out (which would be a complete packet).
Unfortunately, human eyes don't see things last a little less than on the order of ~20ms. Which means either that LED on the router has to remain on for a long duration after a single packet, or it takes multiple packets to turn it on. Which means the *instant* the light appears to be on, it is too late.
And who says this stuff is only going to phone home the *instant* you open a document/program/etc... It could easily queue the packet and wait for the internet connection to come back up.. And given the nature of Trusted Computing, this may not be something than can easily be disabled.
I'm starting to wonder if the day will come when I pull the plug out of my computer -- PERMANENTLY!
They won't see the point of a second email program
Why not? People already juggle AIM, ICQ, MSN, and YIM clients. Anybody who can learn to install Trillian or Gaim can learn how to shut off encryption-by-default on the personal e-mail account.
Products we buy get complicated more and more. Some years back, someone just bought a CD or a LP, simply put it into his player and listened to the music. That was something even my grandparents could do. Nowadays it's so complicated: There are "region-Codes" on the DVD, CD's cannot be played on various hardware (e.g. computers, car CD-players etc.). You see - one reason why people use P2P is simplicity: If you want a specific song, you simply search for it in Kazaa/eDonkey/whatever and download it. Paid services are complicated: You have to register somewhere, do a complicated (and possibly insecure) mondy transaction and then you have a file which will will be playable on a limited set of devices. It's not only that people are too lazy to handle things. I see people fiddling around with their hardware and not being able to use what they bought more and more. Therefore I don't think that this fingerprint scenario will every be reality - simply because people won't be able to use it.
The only DRM that can actually work is one in which they insert TPM chips in between your eyes and your brain.
Even if you win the rat race, you are still a rat
Let's see...
Snes emulators and ROMs --- check.
Winamp --- check.
Backup of a Backup of Windows 98 --- check.
Office '97 and OpenOffice --- check.
Well, I'm set! I'll be buying all the Pentium II computers that I see at garage sales. I might have to move to a compound in Montana, but I'll never finger a computer to turn it on!
DRM, oh yes that is one of the use of TC. But it will be hard to target the consumers market. It will be a great hit on the enterprise level, not soo sure how far it could be feasible with general public. One good thing about TC's specification is that, it can not do any thing with out the users approval (in this case is the user authenticating). So if I think some application in my machine is trying to access the keys from TPM I could validate which application is trying to access the keys? Are they authentic applications? And above all is it M$ ;-)? I can approve the transaction only if I am satisfied. So I think itz great!!! only thing I am bothered is the rootkit, we are screwed if the hardware manufactures decided to be OVER smart !!! And the government is interested in achieving a back door to TC !! GOD SAVE US !!!
I am happy to see the open source community working hard and producing some very gud sensible use of TC. Check for TrouSers project @ Sourceforge.net they are gud.
How long until printers have DRM? How long until old-style printing press will be declared illegal? The Right to Read
Thinking that the free market (what's left of it) will solve this problem for Linux users is naive, at best. Congress will simply pass a DCMA version 2.0 making it *illegal* to connect to the internet with a computer that doesn't use so-called Trusted Computing. End of the revolution, you all get to bend over and grab your ankles unless you want to be labeled a "terrorist" and spend the rest of your days...bending over and grabbing your ankles.
In case some of you haven't noticed, Congress has shown a profound lack of interest in giving a shit about what the common Joe and Jane think. They sure as hell don't give a shit what a tiny minority of geeks think. To them you're all a bunch on awnry, libertarian ne'er-do-wells in need of a good bitch-slapping anyway.
Max
My god carries a hammer. Your god died nailed to a tree. Any questions?
You are a CUSTOMER prior to KA-CHING! sound. After the KA-CHING! sound, you are a SHEEP.
Great for Business, but we still need FREEDOM of CHOICE.
If I am running a business which requires a high level of protection for it's intellectual property I am going to be very happy with such technology. It will stop my knowledge leaking out, or at the very least I will know who leaked it.
BUT! For the average consumer this technology is a clear threat to their right to have FREEDOM of CHOICE. The solution is to have MANDATORY DEACIVATABILITY to ensure that the owner of the hardware can install any operating system they choose.
The media copy protection issue is secondary, most content these days is crap and we can live without it, but we can't allow other people to lock us out of our own property and dictate to us what operating systems to use, that would be intellectual slavery.
If you've never read it, I recommend The Right to Read, written by RMS in 1997. I read it when it was published and thought he was being his usual extremist self, and that stuff like he describes would never happen. Unfortunately, it looks like he was being prophetic.
I could have sworn that some random hacker type patented any use of TCPA for DRM purposes, precisely to stop this sort of crap. He had some rather hippy name, too, that I can't remember right now. Lucky Green or something??
you're talking to one of the GNAA guided perl scripts (the part where he mentions being black and gay is a dead giveaway). they try to spam this site by putting in a couple of personalized lines to bait people and add on a bunch of gereric unrelated spam. I mistakenly replied to a bunch of these and fell in their "bait" database. They started looking for all my posts and spamming them until i had to create a new user. and good luck emailing the admins - they do nothing about it.
the problem is with taco not fixing the slashcode. it mods down obvious trolls automatically, but if a post has replies it skips it. lately they have been replying to themselves to keep their karma up.