A Conversation with Cory Doctorow and Hal Stern

ChelleChelle writes "In a rare meeting, popular sci-fi writer and co-editor of the blog Boing Boing Cory Doctorow and Sun VP Hal Stern consider the open source approach. The resulting interview deals with the pros and cons of going open source, as well as the issues of security and privacy. From the article: 'It seems to me that one of the big problems with the filters you've just identified is who gets to set policy in the machine. As a science fiction writer, I am offended by sci-fi movies where it turns out that the rocket ship has a self-destruct button, it has been pressed by accident, and now the whole thing is going to explode. ... By the same token, I often wonder whether trusted computing architectures that allow remote parties to enforce policy on your hardware are a good idea. Although we can imagine beneficent examples of this, this is what spyware is, by definition, right? Spyware is remote parties setting policies on your computer against your wishes. Is it ever a good idea?'"

Scifi FOSS Punditry?

[CheeseburgerBrown]

I demand to know what Kilgore Trout says about all this.

Re:Scifi FOSS Punditry?

[MichaelSmith]

I demand to know what Kilgore Trout says about all this.

You are a couple of weeks late. So it goes.

Cory's shirt

[awarnack]

What I really wan to know is where can I get that shirt that Cory's wearing?

Re:Cory's shirt

[PerlDudeXL]

http://paizo.com/cgi-bin/WebObjects/Store.woa/19/w a/browse?path=store/apparel/tShirts/offworldDesign s/v5748btpy7rmu&wosid=5t479QhI8uSZwaO0CHUAww

Re:Cory's shirt

[sootman]

Woah, woah, wait--so you're saying someone besides Apple is using WebObjects?!?!?

Cory Doctorow

[solferino]

Cory Doctorow. Biggest self promoter, ever.

Re:Cory Doctorow

[maxume]

"Enthusonaut."

Re:Cory Doctorow

[Just+Some+Guy]

Throw him in the room with Paris Hilton and they'd explode in an instantaneous mass->energy conversion.

Still, I love his books.

Re:Cory Doctorow

[DwarfGoanna]

Bummer I don't have mod points today.
  I sometimes wonder if Cory and Xeni Jardin have hit on some sort of self-satirical performance art, and we're just not in on the joke.

Re:Cory Doctorow

[maxume]

In case you missed it:

http://xkcd.com/c239.html
http://flickr.com/photos/laughingsquid/437389857/i n/photostream/

(via http://www.waxy.org/links/ btw)

So the answer to your question is probably that the joke isn't(particularly, anyway) funny.

Don't lend Trusted computing legitimacy

[Zombie+Ryushu]

TCPA and DRM (Especially Palladium) are not means of improving computer security. They are there to subvert the ownership of users of technology in favor of powerful companies. DRM isn't going to safe guard medical records. And TCPA isn't going to stop a space ship from Self Destructing.

What will help computer security are good security practices.

At my house, everyone logs in to a Linux powered Domain, LDAP coated in SSL for Authorization, Kerberos for Authentication. Traffic (especially Wifi) encapsulated with IPSec. SE Linux policies in place. Directory service authorized Radius Server with MySQL server Accounting, and cataloged MAC Addresses in OpenLDAP. These are good security policies. Everyone should have some variation of this.

If I were on a space ship, I damned well better be able to secure my systems against unauthorized access. But DRM and TCPA do not make this happen.

Re:Don't lend Trusted computing legitimacy

[maxume]

I suppose you run your air conditioner 8 months of the year, as opening a window would be security madness.

Good security practice starts with a question: "What am I protecting?". If it isn't particularly valuable, you don't spend a lot of money(or time) securing it.

Re:Don't lend Trusted computing legitimacy

[Optikschmoptik]

At my house, everyone logs in to a Linux powered Domain, LDAP coated in SSL for Authorization, Kerberos for Authentication. Traffic (especially Wifi) encapsulated with IPSec. SE Linux policies in place. Directory service authorized Radius Server with MySQL server Accounting, and cataloged MAC Addresses in OpenLDAP. These are good security policies. Everyone should have some variation of this.

Seriously, has your family tried to kill you, or maybe send you to a therapist?

If they haven't, you should thank them for being so patient. Most people I know are far too annoyed to bother with password-protecting their windows account, let alone participate in such tinfoil-hat activities as encrypting their wireless signals.

Re:Don't lend Trusted computing legitimacy

[alphamugwump]

Such insane personal security does make sense if the whole internet hates you, or if you have issues with the government. I don't know the GP's situation, though.

Re:Don't lend Trusted computing legitimacy

[Optikschmoptik]

Such insane personal security does make sense if the whole internet hates you, or if you have issues with the government. I don't know the GP's situation, though.

True, there's also the added fun of feeling like a secret agent. So I can see where s/he's coming from ;)

If the whole internet or some government really did have it in for me, though, I probably wouldn't be posting my security practices on slashdot, as cool as they do sound.

Re:Don't lend Trusted computing legitimacy

[Zombie+Ryushu]

I don't trust my family with computers. All they really see is the X Login prompt. (All the computers run Linux.) We are currently running Mandriva Linux 2007.1 to do all this. The good thing the Kerberos feature does is create an autologin feature for eGroupware from FireFox. I have a specially patched eGroupware that when our FireFox Groupware bookmark is clicked, FireFox sends the Kerberos Session ticket to eGroupware allowing the login stage to be skipped. (A Computer must have one of my Host Public keys, I assign them by host, and have valid Internal reverse DNS look up. for this to work.

I also use KDE Kiosktool to maintain policies, and I've paired SSH with Kerberos to make urpmi-parallel-ssh feature able to install updates on all the units in a given Domain. Its not perfect yet.

Re:Don't lend Trusted computing legitimacy

[beyondkaoru]

his security setup is pretty transparent; it doesn't compare well to the air conditioner. what he suggests doesn't seem like it'd be that hard to set up, and once it's set up you act pretty much as you would normally. a non-paranoid person would wonder why the setup is there, but could use it roughly as easily as you would any other setup.

Re:Don't lend Trusted computing legitimacy

[maxume]

Sure. On the other hand, the fact that my XP Pro laptop doesn't ask for a password is also perfectly rational and took approximately zero setup time, and has zero ongoing impact on system use.

(the air conditioner thing is the idea that there is some cost to having the security; running an air conditioner in May costs more than opening a window, but in most places, it doesn't result in more comfort)

Re:Don't lend Trusted computing legitimacy

[davecb]

I've lived on systems more stringent thn the parent poster dscribes, and didn't even notice. Multics with Access Isolation Mechanism, and (Real, Military) Trusted Solaris.

Almost all of that could be provided by a dedicated machine running the NSA's Linux and sold as a firewall, with negligable setup involved for ordinary users.

The family wouldn't even notice.

--dave

Re:Don't lend Trusted computing legitimacy

[JasonTik]

His family just sees a logon screen, and knows their relatively simple passwords. The rest is all behind the scenes, and they couldn't care less about it.

Re:Don't lend Trusted computing legitimacy

[Optikschmoptik]

I'm still getting replies to this? Ok, let's relax. I know. I know. I was just making a joke about the arguably excessive measure of security for a home network.

Oh, and the logon screen wouldn't be the source of frustration. They're not employees; they're family, and they might wonder/worry/be annoyed with their brother/sister spending so much time locking down the home computer network and not interacting with loved ones. Or maybe they are bothered by what they perceive as an unhealthy level of paranoia...but now that I'm explaining it, this whole conversation does seem kind of silly, doesn't it?

forgot the self destruct mechanism ..

[rs232]

You forgot to mention the servers are wired with motion detectors, CO2 detectors and mercury tilt switches connected to one thousand pounds of C-4. was Re:Don't lend Trusted computing legitimacy

I can not let you do this Dave...

[iamacat]

But you can always take advantage of GPLV3 to remove my DRM synapses

That was an imposter!

[allenw]

Everyone knows Cory Doctorow wears a red cape and goggles.

Re:That was an imposter!

[Isvara]

Yeah, but they do nothing.

Somebody had to do it

[Misanthrope]

http://xkcd.com/c239.html

On the bright side, Cory is using an analogy that might spark some brain cells in the semi-joe sixpack crowd.

Not Trusted Computing

[SiliconEntity]

What they said is not what Trusted Computing does. It does not enforce policy on your machine.

Rather, it provides a way for people to prove what policies they are enforcing on their own machines. And thereby that will allow someone to say, I won't give you this data unless you are running a certain policy (that will protect my data). Today, that wouldn't really work because they couldn't tell what policies you were running. But with Trusted Computing, it will be possible. You will be able to prove your policies and they can decide whether to give you the data depending on what your policies are.

It may seem like a subtle distinction, and in a way there's not that much difference. But saying that third parties can enforce policy on your machine evokes many images that just would not happen with the real Trusted Computing. It suggests that your machine could be made to spy on you or do some other bad thing and there's nothing you can do about it. But that's not true. You always have a choice with Trusted Computing to tell the other guy to stuff it, you just won't take his damn data if he wants to put so many restrictions on it. Just like today you don't have to shop at Apple music store if you don't like DRM, you can download music from independent bands who make it freely available in MP3 format.

The whole point of Trusted Computing is to keep things completely voluntary. It aims to replace legal restrictions (that you have no choice about) with technological ones (that you can always choose not to use). It adds choices and options without taking any away. It lets people who are honest prove that they are honest: when they agree to the policies in return for taking the data it lets them prove what policies they are truly following.

Honest people have nothing to fear from Trusted Computing. In fact they will gain many advantages by letting them prove their honesty and gain others' trust. The only people who will be hampered by Trusted Computing are those who would aim to falsely agree to observe copyright restrictions and then violate them once they get their hands on the data. Unfortunately, judging by the negative reception to Trusted Computing, such people make up a substantial fraction of the online community.

Re:Not Trusted Computing

[Alsee]

The first problem with your position and your argument is that you are ignoring/revoking people's ownership of their own computers.

it provides a way for people to prove what policies they are enforcing on their own machines

Sure. But the problem is that you have the odd notion that that would actually be secure against the owner choosing to alter or override his own security settings... the "policy"... on his own computer.

A typical "policy" would be that the computer will not do X, Y , or Z, and that the computer will irretrievably destroy any covered data before altering the "policy" to one that does allow X, Y, or Z.

The issue is that most of use around here consider the owner of a computer to be the owner of that computer, and to have every right to examine or alter his own property at will. We consider it impossible for an owner to "attack" his own computer. I can hit computer with a sledge hammer, I can take an ax to it, I can open it up and rewire MY circuitry, I can hook up a signal analyzer to "snoop" on my own signals and to inject my own modified signals to alter the behavior of my own property. I can rip my computer open and look at it under an electron microscope and read out my own master keys. And that NONE of that is an attack. NONE of that is a "hack" in the negative sense. That it is my computer and it is perfectly possible and and entirely legitimate for me to alter or override MY security settings at will. That it is perfectly possible and and entirely legitimate for me to alter my "policy" WITHOUT allowing my computer to first irretrievably destroy my data... even if the "policy" said that the current configuration of my computer WOULD attempt to destroy that data during the "usual" means of modifying my security settings.

The second problem:
But saying that third parties can enforce policy on your machine evokes many images that just would not happen with the real Trusted Computing. It suggests that your machine could be made to spy on you or do some other bad thing and there's nothing you can do about it. But that's not true. You always have a choice with Trusted Computing

Yeah sure. If general websites start deploying Trusted Computing... or better yet if ISPs start deploying Trusted Computing (as documented on the Trusted Computing Group's own website in the Trusted Network Connect specification)... sure. If you do not want third parties enforcing policies against you on your own machine... if you don't want your machine to be made to spy on you or do some other bad thing... yes there is something you can do about it it... just like you say.

You can drop off the internet and you can be effectively FORBIDDEN to ever use computers for much of anything. You can move into a cave and grow mushrooms in the dark. Mmmmm.... mushroom juice for breakfast! Mushroom sandwhich for lunch! Mushroom salad for dinner! Tastey!

Yep, if computers and the internet continue to become and increasingly important part of life and participating in society... and if over the next decade Trusted Computing does go forward with general rollout into virtually every computer and we get a "safe secure" Internet... yep SiliconEntity is right you still have a choice not to use Trusted Computing... a choice to quit the internet and pretty much computers in general... a choice to quit the global network and pass up any government services available on the internet and a choice to drop out of modern society and live in a cave. Well, I guess you don't HAVE to live in a cave... maybe the Amish will let you move in with them... they seem like nice friendly welcoming people. There are some jobs where your boss won't fire you for not having e-mail or for CHOOSING never to access some important business-related thing on the internet... you can be a Buggy Whip manufacturer for your Amish friends.

Sure we can quit computers... but many if not most of us consider computers a vitally important part of our lives or even our very means of making a livi

Re:Not Trusted Computing

[Mr2001]

Rather, it provides a way for people to prove what policies they are enforcing on their own machines. That's a sneaky way to say "it provides a way for other people to require you to enforce a certain policy on your own machine".

Sure, you might argue it's not really a requirement, because you can always just "opt out". But that's like saying the Mark of the Beast is optional because you can always just "opt out" of buying and selling. I don't want to facilitate an economy where getting data is dependent on enforcing certain restrictions on your own hardware, even if it is, technically, optional (at least in the beginning). I want that kind of business model to wither and die.

"Trusted Computing" would be fine with just one change: add a manual override switch, so the owner of the hardware can tell it to "prove" that it's running a software configuration it isn't actually running. Like user agent spoofing, but better.

It aims to replace legal restrictions (that you have no choice about) with technological ones (that you can always choose not to use). No, it aims to add new technological restrictions. The legal restrictions will still be there, and of course they'll still be enforced. But with TC, they'll be enforced by your computer instead of (or in addition to) the lawyers.

Re:Not Trusted Computing

[SiliconEntity]

Unfortunately Slashdot is not a good forum for ongoing discussions. This thread has slipped off the front page and few if any readers will find it. But let me address your points in order:

1. Owners want to violate their own policies.

Then you're not really following your stated policy, are you? Either you can make binding commitments or you can't. Do you really think that no one should be able to make binding commitments, or feel obligated to be held to them if they do make them? You realize that is the basis for contract, which is the foundation of most of the economic growth the world has seen since the Renaissance? Being able to bind yourself in a relationship to perform certain functions is the foundation for cooperative enterprise, the division of labor, and a host of other modern-day financial innovations. Trusted Computing simply moves this ability into the online world. Within the framework of an inherently anonymous, worldwide computer network it allows people to set up frameworks of trust which would otherwise be impossible. As with contract, the central feature is the ability to make binding commitments. Being able to violate your own guaranteed policy destroys any semblance of trust.

2. What if my ISP does it?

Then you switch to another ISP. So then people always ask, what if all the ISPs do it? Well, what if all the ISPs charge a million dollars a minute for Internet access, that would be a disaster, right? So do we say that no ISP should be able to charge money? No, instead we don't entertain what-if suggestions that have no basis in reality. ISPs are businesses who cannot just impose arbitrary conditions on their customers. No ISP owns its customer. Every businessman I have known is afraid his customers are about to switch to a competitor. In the worst case, if no other ISP in your area provides the kinds of services you want, you can always start your own ISP business. The barriers to entry are not particularly high. And if all the other ISPs are imposing hated restrictions, you can clean up and make a million bucks.

3. Trusted Computing is impossible, it won't work, it is insane, blah blah, blah.

I'm not really even interested in copyright. I agree that no technical measure can effectively protect copyright in its traditional forms. Books, music and movies are doomed. They are going to become dilettante art forms, produced purely for love with little expectation of commercial reward. They will become the products of hobbyists. The quantity of such products produced will be probably two or three orders of magnitude less than today, in another couple of decades.

However in exchange we will see all of the money and commerce going into a field which really can be protected technologically: interactive entertainment, the future of what we today would consider video games. You can record a movie and play it back. Likewise with music. You can copy the text of books and art. But you can't record a video game and play it back with the same enjoyment. The point of a game is to interact with it. Every play is different, every player gets his own experience.

This is the last bastion of creative entertainment, a field which can be protected technologically and which can be commercially successful. I foresee all of the billions of dollars being spent today in those other areas, all being funneled into interactive entertainment. Games are already bigger business than movies, and the disparity is only going to increase.

Trusted Computing can play a role in facilitating this transition, by improving the security of computers and making it more obvious that passive entertainment is on the way out. But I am mostly interested in TC for completely different reasons. It opens up all kinds of applications which would be completely impossible today, such as voting from home. Having truly secure computer systems that can be remotely audited and validated is a crucial foundation for a future world which relies even more on a trustworthy worldwide computer network.

Re:Not Trusted Computing

[Alsee]

It is so frustrating seeing this technology being promoted by people that just want to drink baby's blood. That's always what it comes down to, the real reason why people are pushing Trusted Computing.

-

Re:Not Trusted Computing

[robmyers]

Their description of the effects of TC is accurate. You are trying to hide the woods with the trees. "What they said is not what Trusted Computing does. It does not enforce policy on your machine." It doesn't enforce policy, it makes policy enforcable. Guns don't kill people, Chuck Norris kills people. "The whole point of Trusted Computing is to keep things completely voluntary." Nobody forces you to drink the hemlock. "Honest people have nothing to fear from Trusted Computing." Honest individuals have nothing to fear from the public understanding how coercive and restrictive TC is. TC adds to consumer choice like indentured servitude adds to the range of employment possibilities.

it is a good idea...

[someone1234]

>Spyware is remote parties setting policies on your computer against your wishes. Is it ever a good idea?

If you actually own all the remote machines. For example your workers do their job at home.
M$ doesn't own my machine.