Better to trot out the track record of the UN and then ask, "Is this who should run the show?".
As you wish. Ever heard of the International Telecommunications Union (ITU) which is part of the UN? Do you have a telephone? Do you ever call anyone in any foreign country? Guess what? The ITU is the agency responsible for all international telephone system links form many decades now. You were saying something about track record, no?
No, as far as I understand it, the US maintains that it is a sovereign nation which does not require authorization from the UN to act.
Then please stop all that pretense about "UN" authorizations, which the parent poster was spouting and to which I replied, and instead simply say what you really want to say "Might = right". And prepare to be treated accordingly by the rest of the world. As a mortal enemy. No more posturing about being "leader of the free world" and all sorts of similar crap.
Whenever possible, cooperating with the UN to achieve its purpose of peaceful resolution of conflict should be the highest priority, but ultimately the UN's decisions are not binding on the US or any other nation.
The whole point of the UN is that it is supposed to be binding. But it is clearly becoming apparent that the UN resolutions, in the US's view, are to be binding on everyone else but the US. In short the US administration is seeing the UN as hired help in its authoritarian and unilateral quest to... well at this point the cat is more or less out of the bag... subjegate and control the rest of the world in the name of corporate hegemony (although odds are that the people at the helm do not comprehend this themselves). A quest which has no chances of succeeding and only most foolhardy and bigotted, navel-gazing, terminally ignorant, troglodyte segment of American citizenry harbours any such illusions and which are spurred on by some insane corporate power elites within US society.
But I don't think Bush got into the Iraq war for personal reasons. People say he wanted to finish off what his father didn't, and although I don't like Bush, I think going to war for purely childish reasons like boosting your own ego is below even him.
The true picture is of course a combination of reasons, that of neo-con ideology, Bush's personal vendetta, religious wingnuttery of his support base resulting in delusions of "destiny", Israeli influences etc and so on, all sprinkled generously with bottomless corporate greed and masterfully seasoned with that age-old explosive mix of Hubris and Ignorance.
Its not just members of the current Administration, but it's been the policy of two Administrations, one Democrat and one Republican to change the administration in Iraq.
Quite possibly. The point is that it is the last administration which decided to go ape and bypass the international concenus building, when their manouvering fell flat at that arena, and simply opt for brute force. I do not in any way deny past Democratic complicity in this stupid stunt, don't get me wrong there. People like Hillary Clinton for example are all gung ho for the war. But the topic of discussion was the US-UN interaction and I replied in that context. Democratic administrations at least attempted to be clever about this thing and try to work some sort of strategy of carrots and sticks in getting all of the reluctant "allies" into this thing together (with mixed results). The obvious point remains that if the Iraq war had any chances whatsoever of being successful from the point of view of "war on terror" and "nation building", these chances were lost the moment that universal international concensus was abandoned.
2. The War On Terror *IS* being won by the US and like-minded allies without the help of the UN. And because of that, over 50 Million people now have self-determinated representative governments.
No they don't. They have a kleptocracy, wholly reliant on foreign troops to keep it in power in Afghanistan and a mix of Theocratic dictatorship and a semi-democratic Kurdistan pulling together to subjegate or genocide the Sunnis, also wholly reliant on foreign invaders to maintain that position in what used to be Iraq.
3. Security Council Resolution 1441: Unanimously passed by all 15 member nations of the Security Council, including China, France, and Syria. Solely executed by the US (with some support from like-minded allies). The US was ready and willing to take care of business with or without help.
Except that US was not authorized to do so in resolution 1441, as those UN members knew full well that US/UK-fabricated "intelligence" was bogus. A proper authorization would look like the 1991 resolution 678, which explicitely mentioned "any means necessary". Where did you get the idea that US was ever "authorized" by the UN to invade Iraq? O'Reilly? Rush Limbaugh? Because sure as hell it did not come out of the UN.
The US isn't talking about taking things, the EU and UN are. Of course a product invented in one country can be used in others, but that doesn't mean that the HQ for the company has to be moved to Brussels or The Hague. Besides, as many others have pointed out, the invention was funded by the US Dept of Defense and worked on by US universities. There is no grounds for "forcing" the US to do anything.
By that token, the telephone systems of the world should all remain disconnected and there should be no international phone numbers nor any way to call a foreign country. That is what you are saying. Just like with the telephone system, a common, international organization is needed to establish the links between various networks in many countries. In case you did not notice, all of the countires in question already built their own Internets. They have their own routers, fiber cables, servers and even, shock, hundreds of millions of users, all physically located there. What is at stake is the coordination process, just like with telephone system where it was solved by the UN's ITU. Something like the ITU is simply inevitable and necessary for it is simply impossible for the US to be in charge of asssigning phone numbers in, say, Russia, which is what the present scheme amounts to.
How about UN Resolution 1441? To refresh your memory, that's the one that contains the admission by Iraq that they had Weapons of Mass Destruction, and that they would dispose of those weapons, and that they would prove that disposal to the UN.
True, it contains something like that, but that resolution does not contain authorization for war, unlike the resolution 678 which explicitely does. US simply decided, unilateraly, to pretend that it does.
So it was up to the UN to enforce it.
No it wasn't. US had no authorization. But members of US administration wanted the war badly, for personal and ideological reasons. The rest is history.
So please stop rehashing this old, discredited, worn crap about how "poor US" has been selflessly "enforcing" UN resolutions only to be bashed by "ungrateful" furriners....
Thankfully, your posts were informative enough that I think, on balance, the thread was beneficial.
Yes. Dr. Blue has informed us that "verification of trust" between peers is so paramount that it should take precedence over competition and interoperability, which he at present believes to be in no particular danger because software makers -- Microsoft chief amongst them -- "strive for interoperability" with their competitors. Your contribution to the discussion was something along the lines of "Dr. Blue is my hero, you should all bow before him". Followed by nostalgic musings about USENET killfiles. And than you call me a troll. As to ad hominem, sure, I am guilty of some of that, as my patience for people who miss the most obvious of facts in front of their noses while at the same time waving their diplomas around is in rather low supply these days. But not as low as that for their pitiful side-kick chiwawas (see? an ad hominem!) barking at their oponents' ankles from behind the legs of their idols.
Orwell would be proud, or scared.
Yes, most certainly. That is why Orwell has spent most of his life warning about totalitarianism and use of technology to achieve that. He would be down right terrified by my attempts at warning people that Dr. Blue's and your pet technologies have severe authoritarian undertones and can be used to achieve goals Orwell found so admirable that he had to write some numerically titled books to extroll them.
Slashdot seems to be on a fritz, so this might be a duplicate post
And there's the most fundamental difference. I personally see the technology as potentially very empowering, and in fact increasing Liberty for the users. You believe the exact opposite. And that's why we'll probably never see eye-to-eye on this, but maybe in another 20 years we can compare notes.
That is probably most insightful observation you have made in this entire discussion. I fully agree. I do admit the very remote, from the perspective of my cumulative experience, possibility of this actually somehow petering out on its own and amounting to nothing more then a tempest in a teapot, a mere footnote in the annals of computing, thus avoiding a necessity for a major battle by the Free Software movement. And you are absolutely right here, only time will tell, as of the things we were disagreeing about here, nearly all are still in the near future.
But if there is anything you should walk away with from this discussion now, it is the fact that computing technologies no longer exist in abstract moral vacuum, and have now a potential of severe side-effects, some of which can be understood and manipulated far better by various behind-the-scenes operatives then the technical researchers themselves. It is not too late for you to start asking these hard questions of both your research and its co-participants, and to analyze in depth these (as well as other, not mentioned in this thread) hidden implications. It is time for you to drop your rose colored glasses and try to look at these problems from the perspectives of amoral corporate agendas. It is time to abandon your implicit assumption that the TC platform designers are the "good" guys in this fight and to objectively examine the issues, without relying on such personally convenient preconceptions. If you do that, perhaps you will discover that a solution exists, a solution which would allow for a TPM-like system to be created and which would not carry with it all of these extremely negative social side-effects, which I fear are all but inevitable with the present crop of ideas. Should you achieve something of that magnitude, then you would have rightfully earned the privilege of being able to call yourself a "top scientist" as well as a champion of Liberty. Not to mention demonstrating yourself undeniably my better, as I am so far unable to come up with such an invention.
And there's the most fundamental difference. I personally see the technology as potentially very empowering, and in fact increasing Liberty for the users. You believe the exact opposite. And that's why we'll probably never see eye-to-eye on this, but maybe in another 20 years we can compare notes.
That is probably most insightful observation you have made in this entire discussion. I fully agree. I do admit the very remote, from the perspective of my cumulative experience, possibility of this actually somehow petering out on its own and amounting to nothing more then a tempest in a teapot, a mere footnote in the annals of computing, thus avoiding a necessity for a major battle by the Free Software movement. And you are absolutely right here, only time will tell, as of the things we were disagreeing about here, nearly all are still in the near future.
But if there is anything you should walk away with from this discussion now, it is the fact that computing technologies no longer exist in abstract moral vacuum, and have now a potential of severe side-effects, some of which can be understood and manipulated far better by various behind-the-scenes operatives then the technical researchers themselves. It is not too late for you to start asking these hard questions of both your research and its co-participants, and to analyze in depth these (as well as other, not mentioned in this thread) hidden implications. It is time for you to drop your rose colored glasses and try to look at these problems from the perspectives of amoral corporate agendas. It is time to abandon your implicit assumption that the TC platform designers are the "good" guys in this fight and to objectively examine the issues, without relying on such personally convenient preconceptions. If you do that, perhaps you will discover that a solution exists, a solution which would allow for a TPM-like system to be created and which would not carry with it all of these extremely negative social side-effects, which I fear are all but inevitable with the present crop of ideas. Should you achieve something of that magnitude, then you would have rightfully earned the privilege of being able to call yourself a "top scientist" as well as a champion of Liberty. Not to mention demonstrating yourself undeniably my better, as I am so far unable to come up with such an invention.
What I saw was you getting your ass handed to you because of your near-constant misinterpretation and ignorance of the points being made. Claiming victory because he concedes a minor point? You're an egomanic and an idiot.
Dream on these vivid daydreams, it suits you so well.
You are not merely wrong on occasion. From what I've seen, you're nearly always wrong, and loudly so. You do not pick your fights carefully; as far as I have seen, you have yet to pick a fight that you could win. You are the fool. You are the one proposing preposterous things. You are the one who is colouring the debate through a glass of his own sense of self-righteous 'morality'.
That is why you chose, most likely after "winning" one of those battles, to post anonymously, in fear of being forced to "win" another.
You are a thoroughly unpleasant person, and I am posting anonymously because your personality type is common among cyberstalkers. It is no wonder that the people who argue with you walk away in disgust.
That was a good chuckle. I am about to "cyber-stalk" you? Your very use of that idiotic term exposes you for as a complete troll. "Walking away in disgust?". No, troll, you posted your cowardly tripe for the sole purpose of trying to use this very transparent ploy, hoping to somehow get a rise from me. No luck. Be gone back to whence you came from. Good riddance and get your pathetically sad fantasies of someone being actually sufficienlty motivated by you to even approach remotely anything resembling "stalking", fullfilled somewhere else.
I guess that is what I get for feeding AC trolls in the first place.
Fuck, you're a tool. You need to take a break from posting about shit you know nothing about and have a little think about why it is that everyone disagrees with you about everything. Your posting history shows this over and over again.
Amusing. Perheaps you should check the end result of that little conversation I had with Dr. Blue in the other thread, the one in which he admitted that the TPM effectively gives means to Microsoft and others to lock GPL folks out of the Internet, among other, his words "pretty anti-competitive things", but where he does not think it will happen because, his words "Microsoft encourages interoperability" of its products with competitors. You were speaking of tools, weren't you?
As if by "everyone", you mean fools who propose preposterous things, most certainly. Perhaps you did not notice but I pick my fights carefully. There is rather no point in posting in a "Yea, I agree.", "Yea, me too." thread, now, is there?
I'll give you a hint: it's partly because you're wrong. But that's only part of it.
See above. I am wrong on occasion and in such a case, if one is to make a logical argument, supported by facts, I will sooner or later concede. I assume that it is why you are prepared to provide precisely such a kind of an argument, and that is the main reason why you posted such a well reasoned post full of informative references, Mister, how shall I put it politely, Coward, Anonymous?
Trusted platforms allow you to have a verifiable executation environment that can be verified by a remote party in a distributed application. Nothing more, and nothing less.
False. They provide a particular type of "verifiable execution environment", one which is designed with specific implications in mind, and it is those implications, of that particular design which count!
On a hardware box with trusted platform support, you could (a) opt out entirely and it would work just like today's computers,
And be thrown out of the Internet, as now you no longer can connect to anything that matters! No more connecting to the majority of Windows users, no more connecting to secure websites. That is the wee little implication of that!
(b) run only one or two trusted applications and leave the rest of the system open to tinkering and modification,
I can only assume that you think me becoming so mesmerized by your constant flip-flopping that I am no longer noticing it. According to your own rantings, this scenario is impossible as the TPM requires verification of the whole environment, starting at boot, via the OS kernel and its drivers, system libraries all the way to the "trusted" application. Quoth you: "Yes, you're right about this -- the libraries and OS kernel would have to be ones that the P2P software has determined that it's OK running under" or (in reply to my suggestion of modifying the kernel) "And then, of course, it won't be able to authenticate itself to the P2P network, and the other hosts in the network will promptly ignore your system" or "In the TCG design, you would be required to run an OS that didn't allow you modify the kernel memory management code." (the TCG being the "weaker"(!) of the proposed standards). Do you honestly think I would fall for this? Are you that used to people taking all your bullshit at face value because you impress them with your titles?
(c) dual-boot between a trusted and traditional system,
Brilliant. So now a set-in-granite Microsoft monopoly is A-OK as long as we can boot another, completely disconnected from anything useful, system so that we can... I am not sure exactly what... play Pong on it? Certainly we will not be connecting it to "trusted" Windows peers.
(d) have a completely locked down box.
This of course being the only practical outcome of all this TPM crap, the box being a Microsoft Windows one and maybe, perhaps, an Apple one (if one is willing to be disconnected from, say, 60% of the Net). This, of course, being the intended purpose of this particular TPM design, by Microsoft and Intel.
The main point being, this choice is entirely up to you, and the hardware will let you make whatever choice you want.
Yes, it is entirely up to me to eat food too. Or to breathe air. The catch being, that if I want to live, those choices are no longer there. Similarly here: if I want to connect to anything meaningful on the Internet, my choice will likewise be rendered moot, Microsoft and their "partners" will be, as someone in the same business once said, "the offer I simply cannot refuse".
Is is also possible to make an operating system such that, if you chose to run that O.S. then it would only allow programs that some external party has said are OK, and you wouldn't be allowed to modify anything or run any of your own applications. You seem to be hung up on this, thinking it's inevitable, even though all the plans that have been announced about using trusted platforms say specifically that they're not going to do this.
Yes, Dr.Oblivious, the convicted monopolists and greedy multinationals will announce, ahead of time, that they are planning to establish a mutually-supporting dominion of unchallengeable supremacy in the domain of personal computing, thus enslaving most of the technologically advanced Western societies for the f
I'll also point out that the fact that a trusted app needs a trusted library doesn't in any way stop you from having your own completely hacked up libc for use in untrusted apps, which would work exactly as they do now.
Except you disingenuously ignored the fact that I would have to throw away my "hacked up" kernel (and by extension my hardware) to "conform". Because unlike multiple versions of libraries, I now am allowed to have only one "approved" version of that, no?
Now stop your ranting -- that could be a Linux kernel or a Windows kernel or a FreeBSD kernel -- but the kernel does have to be able to enforce the protected memory area.
There is no way to enforce the "protected" area, without the TPM making sure that the OS has not been modified in some way from the "verified" version. That means the whole OS kernel running within the TPM environment and to be set in stone, unmodifiable by the user, version, which means the fucking end (as I repeatedly said) of Linux and BSD. And that is on top the patently obvious fact that no commercial Windows software maker will ever certify any Linux or BSD kernel for their app, never you mind even making a Linux version of it. And which you seem completely unable to grasp.
That's quite a shift from your original claims that everything would have to be approved by some central big-brotherish cabal. I can produce a P2P client. I can decide what environments I want it to run in. And then I can lock it to those environments. Neither the TCG nor Microsoft nor anyone else other than me has to approve anything.
No, it is not a "shift", it is simply an attempt to clarify that scenario. Because, as I explained above and in my previous posts, this scenario and "external approval" for the OS you are running are equivalent. Someone else (in our phony example - the P2P client maker, in real life - Microsoft) gets to decide what OS/configuration do I run, without any recourse other then not participating in the Internet, in any meaningful way. The difference is simply the exact mechanism by which it happens. The end result is the same.
Of course it would, which is why the ability to recognize such packets is one of the most fundamental capabilities of a TPM. This is what I was talking about when I said "This is the only place the hardware endorsement keys are used -- to ensure that a remote system is a trusted platform in a particular state".
So the TPM uses its secret private key to generate a public, decryption one which is then used by the other end of the connection to verify the state. Fair enough. Although this still does not address the problem of local "variable" memory areas which cannot be "verified" as they differ from peer to peer, and which potentially could be modified externally, like, say, the buffer in which the communication packets are formatted, prior to their encryption.
Certification means that some external party is certifying a statement or system for some purpose.
Which implies that the "certified" system is locked and unchangeable for the purpose. Which is equivalent to what the P2P application is doing, as it demands that the system it runs on, get it here, is "certified for the purpose" (by the application maker with the help of TPM, who in this case is the "third party") for running that application. You can play word games all you want. The meaning remains the same.
It also matches up with your original statements about the TCG having to approve of things and issue/certify keys -- that would be certification, but as I've pointed out, that is completely wrong. And thankfully, it looks like you've backed off these statements after realizing they were wrong.
Which in essence, changes little, as it leaves only the corporations directly (as opposed to the consortium) and their unchangeable configurations on the OS playing field, this being not far away from my original statement. Instead of certifying every applicati
But you're right: you can indeed make the P2P client go bye bye. That's what I meant by a DoS attack. But it can't do any damage to the rest of the P2P network. That one client will simply stop working and being an active participant in the network.
That is not what I meant. A real Black Hat would use the modified malloc() to allocate memory blocks outside the protected memory area and then manipulate them. memcpy() would be used to intercept memory block manipulations within the "protected" area to inspect/modify "protected" memory contents, fopen() would be used to redirect access to hacked/fake files, fread() would be used to supply such fake contents, rendering the P2P client unable to see the true contents of files. Most of these (and many many other calls) could be used to create buffer overflows and to effectively inject executable code into the "protected" area by abusing the buffers which the P2P client uses when making these library calls...
I mean, in all seriousness, is a DOS attack all you can, with your "extensive" experience, think of? I just presented you with a method of defeating the entire premise of "trusted" P2P process, running under "unsecured" OS, and you missed it altogether. I am beginning to even more seriously doubt your levels of practical understanding of these matters.
Or perhaps you do understand, just that you are disingenuously attempting to portray this scenario as "useful" (which it is not) in order to hide the fact that only useful way to use TPM is a complete OS lockdown from boot onwards, which is what I was saying all along and which you seemed to deny.
AAAG! How many times have I said this? No one has to "certify" your signature. The only thing that's necessary is that I'm (me, not the TPM) convinced that I've got an authentic public key for you. Who certifies the Fedora keys now? Answer: No one. It exactly the same. I trust them because I trust the channel I got them through. Once again for emphasis: it will be exactly the same with a TPM.
There is something seriously amiss here. If the TPM is not verifying the signatures of the processes it is asked to load, what is to stop me, the evil hacker, from loading a completely fake, but skillfully crafted client which would take over the entire process of communication with the other people's clients, while residing in the "protected" memory area and using the same functions of TPM the original would? To be specific, if the TPM is to verify some memory areas and sign/encrypt the resulting checksums for the benefit of "verification" to, or encryption of packets for, the other client, I would simply keep a complete copy of the original client in the "protected" memory area, starting at the offset it would normally load, followed by my funky one, and point the TPM circuitry to the original, when requested, since I now control these types of "protected mode" TPM operations. And I would smile, since now I have the best of both worlds: my hacks are so hot that they smoke and on top of that I get to be "officially certified" as "authentic" by the TPM itself.
No. No one has to submit anything to any TC consortium member. I've said that over and over, and I'm honestly not sure why you don't believe this. And in fact, no one, not even the TC consortium, knows the private key embedded in the TPM. That would pretty much violate the whole model.
I gave you the reason why I do not believe this above. Such solution would be simply completely ineffective and I somehow doubt that TC consortium missed this, Planet of Jupiter sized, hole.
Furthermore, lack of an ability by one TPM to recognize packets encrypted using contents of another, would pretty much defeat the whole idea of "trust" between two systems. For this to work, there has to be a common key, hidden in hardware (so that hackers don't get to fool with it) used for this purpose and common to all TPM chips.
Any idea how many people use "home glued" versions of libc? It would be in the hundred
Actually, I have proved my point, many times over. You don't realize it because it contradicts your concept of what trusted platforms do and how they work, so you think it's B.S. The contradiction is there, but only because it is your concept of trusted platforms that's wrong.
I will file that under "wishful thinking" on your part.
So in the P2P example, when the trusted process asks the OS to send a certain packet to 1.2.3.4 it could indeed be intercepted and be sent to 10.20.30.40 instead. Or it could in fact just throw out the packet altogether. The effect of both of those is basically a denial-of-service attack, which trusted platforms are vulnerable to, exactly like this.
You are new to this Black Hat hacking gig, aren't you? DOS attack?! How about a fancy version of malloc() or memcpy()? What about fopen() or fread()? Bye bye goes the integrity of the P2P client, unless it has a whole duplicate OS embedded in it, complete with its own custom filesystem and storage device drivers.
Sigh. If you're going to argue with me, at least try to pay attention to what I say. I have said (repeatedly) that trusted platforms don't depend on software signatures or certified keys for software. They do depend (quite strongly) on keys for the hardware, and in particular for what called an "endorsement key" for the TPM. This is what I've been saying all along. If you have a TPM you have an endorsement key, independent of whatever operating system or other software you want to run. No need for anyone to approve any software you decide to run.
Really? How would you then "certify" my signature for my funky new P2P package? Clearly I cannot make it up myself for any hacker could do it too, pretending he is me. Someone has to arbitrate between us. Like Verisign and Thawte do for SSL certificates, or PGP servers do for PGP signatures. Except that now there is a secret hardware key involved not accessible to anyone but the TC consortium. And they do not do it for free. That means free software makers, would have to submit their certificates for signing to some TC consortium who happens to know the secret private key embedded in the TPM, so that the TPM can verify the authenticity of the signature, no? Who is going to pay for that? GPLed free software folks are going to fork over $500 a year for the certificate, right?
What about if that embedded, super-secret, private hardware key gets compromised? You get to have a mandatory update of your hardware or throw away your PC, which would be a brilliant corollary to this idiotic TPM scheme, no?
If you have your own custom libc, and the P2P software was designed so that it requires a certain certified libc (say the standard Fedora distribution libc), then the P2P software would refuse to run on such a system (or rather, it wouldn't be able to attest to its authenticity to remote systems).
Which implies that you have no clue how this whole Linux community thing works. Variety and freedom of choice are the key elements here. Anything that runs on a particular version of glibc on Fedora and does not run on home glued derivative of Debian is not acceptable to Linux community. Period. It is only acceptable to corporate manufacturers of certain software, who can demand that a particular whole OS/computer combo was slaved to their particular package, exclusively. Which is what they are already attempting today, causing havoc for users, and which perversions I am defeating on a daily basis to make their crap-ware run on my client's existing configurations instead of purchasing hundreds of thousands of dollars of hardware to fulfill inept one-server-to-an-application vendor fantasies.
The options then are (a) you could make the P2P program statically linked to remove as many of these dependencies as possible,
Then I will just change the system calls in the kernel itself or run the whole shebang in user-mode-linux or some other virtualization system. Next.
Gee, maybe I should go out and study some on the subject. Seriously, I haven't been the most polite in my postings to you, so I can forgive the rudeness, but just so you know a little more about who you're talking to, I am an expert in public key cryptography, and outside of the industry TCG people there are probably fewer than 10 people on the planet who understand trusted platforms as well as I do.
Since I base my observation on the utter bullshit you are attempting to feed me, this chest-beating is doubly amusing. If you were a true scientist, you would realize that what counts is an ability to logically prove your point. Credentials and sharp elbows are for scaling the pay scales in the academia or industry, and count not for anything in the field of actual scientifc discourse. You would impress me far more were you not dancing around the obvious, logical implications of TPM while trying to paint your sponsors in rosy colours. There is a lot to be said for intellectual integrity and honesty although it does not pay as well as the Trusted Computing consortia.
Ding, ding, ding! We have a winner! Yes, this is what happens. The P2P software would run in an isolated memory area. But only that process would be affected -- it can run at the same time as other untrusted processes, but the memory isolation would keep them apart and would keep the untrusted processes from interfering with the trusted P2P software.
Err, no. That is an ugly loser. As I pointed out already, this would not work on its own without a complete host OS lockdown. For the "isolated" process would have to still make OS calls (most likely via system library ones) and thus be exposed to a hacker poisoning/manipulating those.
(this requires an externally certified key, but it's a key for your hardware, which you have simply by virtue of owning the TPM hardware -- it's not something you "apply for", and it's not tied to any particular software -- it works for my hypothetical P2P package just the same as it would work for Microsoft's Media Player).
Great Scott! It does not take him more then a few sentences to contradict himself. So which is it? Does the TPM have no key or does it have "a key for my hardware" (externally certified, no less)?
Once that happens, the software knows that it's got two protected environments that can't be tampered with talking to each other, and any and all data that moves between the two systems is encrypted and MACed whenever it leaves those protected areas. So packets can't be tampered with by you or anyone else -- they must follow the P2P software instructions.
I can only shake my head at this naivette. If the OS would be not completely and utterly locked down prior to this setup, I would be merrily feeding the P2P software fake files and what not via my own hand crafted "system" libraries. To prevent that, the P2P software would have to "certify" the libraries and the OS kernel, thus requiring that everyone under the sun has ones belonging to the same limited list, a list that TPM-based software can trust. Yes Dr. Weasel, that means no GPLed system kernel/libraries which have literally thousands of versions and can be patched or modified by the user (thus changing their signatures resulting in the P2P client's refusal to cooperate). Microsoft ones are the main practical possibilty of course. Perheaps Apple's although I am sure the plan is for those dirty upstarts to get lost too from any TPM arena due to "incompatibilies".
To make it crystal clear, lets see how this would work in practice: Alice loads her P2P software, which then must via TPM, certify the OS and the libraries before using them. Following which Joe, who happened to be on older version of Windows (one which Microsoft "retired" and pretended to lose the keys for its million versions of ancient DLL's) attempts to load his, in order to connect to Alice. Bzzt! No go. "The TPM software on your computer in conjunction with the P2P client you are attempting to connect to has detected
Having met the real person behind the "Dr. Blue" pseudonym, I can say with absolute confidence that he knows more about cryptography and cryptographic systems than either you or I, and quite possibly knows more about it than anyone else on this message board.
Perhaps you should study a little more (at least get a doctoral degree in a relevant field), publish some peer-reviewed papers on the subject, and come back when your name is attached to a citation in one of Donald Knuth's "Art of Computer Programming" volumes.
Yes. That is why he is unable to answer a rather basic, logical scenario I presented. I too know more then a few PhDs. And more then one hopeless phony amongst them. My favourite one has 2 PhDs in Artificial Intelligence, no less, and has no clue how to get an Excel spreadsheet going, never you mind programming a line of code or designing the simplest of neural nets (his AI knowledge does not withstand a 2 minute discussion). You can try to browbeat me into submission by your awe of Dr. Blue's towering personal ability to impress the gullible with his credentials but I must regretfully admit that I will remain loyal to these humble, gray, mundane things called logic and "scientific method" instead and remain unimpressed by the fancy robes of the purveyors of hot air.
Oh and my favourite AI resercher has also published (how, it still remains a mystery to me, I can only guess a scenario involving some poor undergraduates) a few "peer reviewed" papers. Some probably got cited somewhere.
So quit the bullshit and kindly answer me the rather simple scenario I posed, based on Mr. PhD, MD, RN, MSPH, TCG, MA, MSCE, CNE, DKF, Blue's own silly example. Impress me with logic and consistency instead of your submissive deference to his "authority" and the corporate propaganda he is so fond of.
Ok. I now see where you are coming from. You simply have absolutely no idea how public key cryptography works nor how it is supposed to be applied in the context of Trusted Computing. I am going to skip over the quite amusing illusions of yours which resulted from that, and instead I will focus on a really basic example, based on your own P2P "protection" musings to illustrate the point:
There is a programmer who makes a P2P software. Lets call him Bob. Bob decided to use TPM to ensure "trusted collaboration" with his P2P software. The objective is to prevent the users from modifying the client in unauthorized ways. He gets his TPM chip with its secret private key to generate him certificates for his signatures which he used for his software so that it can be verified as being signed by him, in its unmodified form. He posts it on the web. Following which, a pair of users, lets call them Alice and John, download the package. Both have a TPM system in their PCs. Upon loading of the software, there are the following possibilities: the operating system instructs the TPM to "verify" the integrity of the binary code of the P2P client and its subsequent signature as authentic or the P2P software itself can query the TPM with the said data. John is a hacker. He wants to circumvent the protection and mess with Alice's computer/or P2P data sent to her. The following possible scenarios present themselves:
If Bob self-signed the P2P client, as you suggested, all John has to do is to generate his own signature and post the modified P2P client somewhere on the web. If we are trusting the TPM to substitute for public PGP signature system (which is what you seem to suggest) then the entire certification process happens offline and thus the TPM chip, having the same keyset in both Bob's and John's computers, would be simply unable to tell the difference as to validity of the different signatures. This clearly has no use. Thus the TPM chip has to communicate online, calling the mothership, to verify that the signing certificate is truly that of Bob. In other words we get a convoluted version of PGP signature system with no gain of any kind as far as the verification of integrity is concerned.
If Bob indeed used a centralized authority, the TC consortium or its lackey, for an inevietable fee (excluding free GPL software, unlike the free PGP system), to obtain his certificates (this excludes the illusion of self-signing you were promoting) then he can indeed reasonably securely (assuming someone did not extract the private key from the chip via fancy electronics/electron microscope analysis/what not), using the ever growing list of certificates transmitted to and stored in the chip, assure Alice, who is cooperating, that her P2P client is "authentic". Unfortunately this does nothing for Alice since now John simply hacked his P2P client and is merrily sending evil packets to her. Since you claim that TPM use is "optional" by the user, there is nothing Alice can do to determine the integrity of John's client. Game over. So much for "trusted colaboration". Also note that this still produces no gain whatsoever to Alice over simple public PGP signatures.
Since the above is clearly not workable. Additional possibilities present themselves: the P2P software could attempt encryption of the packets, using its certificates. Which is futile since the P2P software cannot guarantee that the packets are not modified by John, in-memory, before encryption. The only way that could happen is if the operating system itself was completely tied to the TPM architecture and prevented access to the memory area of the P2P process.
And now we are getting to the crux of the matter: the only way in which TPM can work is for the whole processing power of the computer to be locked out and under control of TPM-verified processes, from the system powerup onward, BIOS and the operating system, both of which would have to be verified by the TPM chip, which in turn has to have a "veto
I have two systems with TPM chips in them. One is the laptop I'm typing on right now, and the other is a desktop system with an Intel motherboard. Both run Linux, both allow me to run any and all programs that I can run on non-TPM systems. It restricts absolutely nothing. I can rip CDs, listen to my MP3s, etc., etc. Open source software will ALWAYS be able run on any system that implements the TCG specifications. And in fact, it will still run on all systems that implement Microsoft's more powerful NGSCB ideas.
That is only because the TPM in your present equipment is not used in the way which makes TPM anything close to functional. For the platform to be "trusted" by some cabal of corporations, one has to prevent the user from ever gaining control over the TPM. So your misleading "examples" are just that, attempts of something akin to "see, this small cut only hurts a little so you wont feel getting skinned alive at all" type of logic. The very fact that your Thinkpad (I assume) still runs non-TPM authorized software, nixes the whole concept, right there, as that software can be used to do all sorts of stuff, including virtualization of the TPM hardware, for the purpose of circumventing it.
Your dismissal of the importance of being able to build trust in distributed, collaborative settings reminds me of people who think anarchy is a workable society.
This has nothing to do whatsoever with anarchy (and I am not an Anarchist). Instead, it has everything to do with a form of totalitarianism. You are attempting to use a classic tool of demagougery, a false dichotomy: "either you are for total control of your computing by a band of corporations or you are an anarchist!". Let me reiterate this again, since you keep missing this rather basic element: for a platform to be "trusted" by people other then the owner of the computer (regardless of its "collaborative" merits), that person, not the purported owner, has to have complete control over the functions of the said computer and to be able to severely restrict the types of operations allowed. In other words, the true owner of the equipment is the "trusted" party. In your inane examples, for the "collaborative" system to work, the members of the P2P network would have to all relinquish control of their computers to some other party whom they all "trust" implicitely, unquestioningly, unconditionally and completely. A Dear Leader or Big Brother of some kind. Since the whole idea is increasingly compromised the more of these "trusted" entities exist, producing "trust" conflicts, the "optimal" scenario involves just one, i.e. the globe-spanning consortium of Trusted Computing founding conglomerates, holding all the digital keys to the equipment and throttling the funcionality. That consortium of course deciding whose software is allowed to run and extracting a licence fee for the issuance of appropriate keys after the software and its maker have been deemed "acceptable" to them. Anything less than that simply wont work for the stated purpose of TPM and is merely a pretense of TPM functionality for the purpose of slowly accustoming the public to its future ubiquity.
It boggles my mind that you fail to see this rather basic implication of your "collaborative trust" nonsense.
Since I sense that you will fail to comprehend this again, answer me this telling question: in your TPM scenario of "collaborative trust" on a P2P network, who precisely would be authorized to obtain the appropiate keys from the makers of the TPM for the software? The P2P network software maker? If so what is to stop a high ranking member of the Trusted Computing, some "Enterntainment Industry" mega-corporation from blocking that request? How is, say GPLed, free of charge software to pay for (never you mind complying with) the "certification" which would inevietably be required to obtain the appropriate key set?
I find it so amusing when people get so worked up about this.
Only the entire future of computing, free exchange of ideas and open source depends on this. Possibly the direction of Western Civilization. So you are right, we are getting "worked up" for no good reason at all.
And I love the irony that many of the same people who scream about the evils of "Treacherous Computing" are exactly the same people who, when the topic is changed to peer-to-peer technologies and the RIAA efforts against those, make the argument that you shouldn't argue against a technology just because it has some bad uses.
Err, hold on for a minute here. In one case the "bad" is seen from the perspective of someone other then us, citizens, and in the other the "bad" is from our perspective. So no, there is no "irony". Things "bad" for the efforts of multi-national corporations to enslave us all are "good" from perspective of an average person. And that is the only perspective which counts. You should be careful with your examples, your questionable loyalties are showing.
Perhaps you don't understand what DRM is. The two main examples I used were examples of building trust amongst a group of users who are trying to do something in a distributed, collaborative setting."
Oh yes I do. Hardware based DRM and Trecherous Computing are the two sides of the same coin. In order for DRM to function, the owner of the computer has to be deprived of control of it. This is precisely what the TPM chip does in question does. What you are harping on is that there are other uses of the chip, parallel with straight DRM but which have nearly identical mechanism at their core. In short, true DRM is impossible without TPM, and conversly, existence of functional TPM hardware, implies DRM. So for the purpose of this discussion, they are an unseparable couple.
As to "collaborative" setting and "mutual trust", if your answer is TPM, they I'd rather have no "trust" in my connection peers, as in exchange for that "trust", the TPM takes away the control of the computer away from me and hands it over to some other third party who is "trusted". Which is precisely the "restriction" which you claimed does not exist, in your original mesage.
They had zip to do with "content.
Define "content". In your examples, the "content" was the actual software being "protected" by TPM. The fact that other "content" (the P2P network data or game network data) exists does not change that fact.
Second, think about any group setting and the fact that for almost any group activity, you do accept restrictions on doing whatever you please. It's not about "fighting the man" or being subjugated by a stronger power -- it's about allowing groups of users to have a functional setup where they can trust each other.
Ergo, the "contents producers" (the group of peers producing their data) is now restricting what you do, which directly contradicts your original statement.
My views are entirely consistent
Err, no. See immediately above.
and hardly "appologisms" -- and as far as that goes I can absolutely guarantee you that my anti-DRM credentials put yours to shame.
Now this is coming from someone who accuses me of not grasping the DRM implications of TPM. Very well. I will pretend to go along with this silliness. Here is a question: How in the world are you planning to implement a TPM which will not immediatelly imply an ability to introduce DRM at the same time? Conversly, describe a workable DRM scheme not dependent on TPM-like technology. Educate me.
Optional for the manufacturer, not you, the sucker known as the "consumer"
and (b) there are applications where this makes complete sense.
Benefits of none of which even begin to approach the cost of societal downsides of Trecherous Computing, never you mind surpassing them.
If you don't like DRM, then don't accept stores or software that enforce it. And don't mistake every single issue as content providers trying to restrict what you can do.
Brilliant. And what if every device on the market has one? Better yet, what if the multi-million dollar lobbyists of the DRM guild manage to purchase a law mandating it? What then?
"just do not buy it" is the same utterly moronic advice as "just move to another country if you don't like crooked politicians".
And don't mistake every single issue as content providers trying to restrict what you can do.
Execpt for the fact that it is precisely what they are attempting. Your own very examples of "positive" use of DRM were.... all about the "contents producer" (P2P client developer, game maker) restricting your actions (deteremental actions, in those examples, but still your actions and still them doing the restricting).
It seems that you cannot even keep your appologisms for the DRM guild internally consistent, which is nearly always the case when defending immoral ideas.
It is not I who speaks of the dangers of Socialism, it was Orwell. And he was most definitely talking about the Soviets and warning about what could happen in Britain.
Right, if what was labelled "socialism" in Soviet Union was brought to Britain in its Soviet form, I would be right there with him, agreeing. You missed the point. "Socialism" as discussed today, by sane people, has nothing whatsoever to do with the Soviet or Nazi "socialims" of yesteryear. So while Orwell might have been scared silly about the Soviet monster-mutant-"socialism" it has no bearing on, say, universal healthcare, which is an example of modern "socialist" (as in social conscience) concepts.
If I buy a knife and call it "The Light of Reason, Child of Logic", following which I stab some people to death, in your line of thinking, using "reason" or "logic" should be avoided at all costs, because a murderer used the words to describe his deeds, right?
Facts are Facts, the book 1984 is what it is. Orwell was writing about specific trends in 1948. I proposed nothing. I advocated nothing. I merely educated as to what Orwell was talking about. Many people want to draw parallels from 1984 to today and to do that, it's more convenient to ignore exactly what Orwell was writing about and pretend it was just a work about some vague totalitarianism. It was not
All of which had to do with Soviet (and Nazi) ways of doing things. The parallels are drawn based on the effects as Orwell described them, not the labels that he assigned to them. You insist that because Stalin or Hitler called himself a "socialist" and Orwell railed against the actual actions of these tyrants and the decay of societies their perverted, sick "ideologies" brought about, that somehow makes the word "socialism" forever bound to Stalin and Hitler. Never you mind that neither of them was a "socialist" in any modern meaning of the word. See my "Chainsaw of Heavenly Joy" example above. I am starting to wonder if we should not come up with a new label for "socially responsible governance" because it appears some people are condemned to hack and slash with fury at labels instead of the meanings these labels convey. Sigh.
I guess the Neocon card has gone out of favor
"neocon" refers to a particularly toxic (and illogical) mixture of "me-first" libertarian influences, mitiary aggression, "us-vs-them" jingoism, "kill them all and let God sort them out" attitude, hubris, supremacist inclinations all combined with fiscally irresponsible, vast expenditures on military and crony capitalism, etc and so on. I simply could not sense if you subscribed to all of that self-contradictory, neurotic claptrap, in that combination, from your previous post but I could sense the demonization of the word "liberal" coming straight from the talking points of the GOP pundits.
Seriously though, you're an anonymous Internet goofball...
The sentiment is mutual.
Preach on Comrade! How are your Two Minutes of Hate going? That was quite a rant I first responded to. When did you start hating the Individual so much?
If I want to tune in to some Hate, all I have to do is turn on Fox and watch O'Reilly or Ann Coulter. Or listen to Limbaugh on the radio. It doesn't get any more hateful then those clowns. Some of them (Coulter) even advocate a bona-fide "final solution" for all "liberals": kill them all. So do not be telling me of "Two Minutes Of Hate" as Orwell wrote, because as the book had it, what these people and their listeners do are "Two or More Hours of Hate" every day, in frighteningly stark resemblance of what Orwell foresaw. Show me a "socialist" equivalent of that, complete with sheeple shrieking "ditto" in their cars during the daily commute, or nurturing and growing Hate in their homes, while sneering togerher with O'Rilley at the latest fabricated "outrage" of the "left" or yet another crime against their cherished "family values" alledged to have been commited by Clint
I never said that I was not a product of society, merely that I should not have to contribute to programs that I would be restricted from benefitting from or that would be non-existant by the time I was of age to see the benefits (US Social Security
And what you failed to grasp, miserably, and what I tried to explain at length, is that you are benefiting from them, indirectly. But you simply refuse to accept that unless it is you, personally, who gets hauled to hospital at the public insurer's expense, then it doesn't count. That is because your worldview revolves around "I, Me and Mine" exclusively and you fail to see anything beyond the tip of your own very nose. Which is a hallmark of the so-called American Conservatism.
Public schools, police, roads, and the like, I'm fine with, but what amount to as massive bribe to voters at my expense I'm not.
Even if those "bribes" make it possible to reduce the prices of all goods made in USA, increase the country's competetiveness by reducing the costs of hiring people by companies, remove the underpinning of social unrest and some types of crime etc etc. No way. You do not get to see a wad of cash in your paws, immediately, and directly, therefore no benefits to you exist. You live outside the American society alltogether, floating like a butterfly over all of the mutually interdependent relationships the mere mortals all have with each other and thus you consider yourself not bound by any of the obligations these relationships entail. This condition has a name: "sociopathic behaviour".
But I guess because I don't think exactly like you I'm a "Sociopath". Hoser.
Actually Orwell was writing about the Soviet Union, a system that many a Liberal though was just peachy during much of the last century, thus Orwell's warning.
Your Republican talking points are showing. "Liberal", as you mean it, is a meaningless label, applied to a peculiar, haphazard and eclectic variant of progressisve social thinkers intermixed with supporters of Big Business, crazy trade agreements, animal rights extemists and what not, present only in North America. It has no meaning other then to create a label to swear at. "Liberal" in the rest of the world means "someone who promotes lessening of controls over things". For example, something akin to neo-con "laissez-faire" market policies in EU is referred to as "liberal". Which makes European "liberals" the allies of the most staunch "conservatives" (another useless and misguided label) in the USA. See: Tony Blair and crew.
Orwell was drawing parallels to what he saw in the Soviet Union and linking them to what he mused *could* happen in Britain if the Socialistic trend continued.
Except that "socialism" of Soviet Union has as much to do with its totalitarianism as Karl Marx had to do with Uncle Stalin. That is, some opportunists used the names of these ideologies as excuses to conduct their, completely unrelated, business of state capitalism and worship of power. As I already pointed out to the previous posters, some of the most spectacular examples of totalitarianism in Latin America were demonstrated by the self-professed believers of "conservative" values (whatever that means). No "socialism" was needed as an excuse. "Conservatism" served quite well in its place. As anything would, really, as these social systems are mere props to which the crooks in charge pay lip service to while they go about their business of looting, raping and pillaging. But you, probably due to being hammered with this incredulous assiociation by various self-serving demagouges, are insisting on falsely conflating "socialism" (as in some efforts at social justice) with totalitarianism. And this does not even address the wholly separate issue of attempts to implement half-baked and unproven, far-out economic theories in the Soviet society, by various well-meaning but completely misguided radicals, with disastrous consequences.
By the way, you have Newspeak down pat, I could almost hear you chanting "FREEDOM IS SLAVERY!" as I read your post. I applaud you sir, or should I say Inner Party Member?
I yes, I see, so since I am of an opinion that there has to be some sort of limited and well defined societal foundation, based on simple, logical principles of justice and equal opportunity, on which things such as "free market" and "democracy" can stand, that makes me... an Orwellian advocate of totalitarianism. As opposed to you, whose sentiments (which I deduce based on that "liberal" slur) are that every man and woman should fend for himself/herself, and whomever has the biggest gun or owns most property, wins and takes all. Which makes you all about "pursuit of freedom and happiness"... yours at everyone else's expense. Curiously, it is you who speaks of dire dangers of "socialism" while attempting to bring back something akin to Feudalism. Newspeak indeed.
If some form of universal healthcare plan was instituted, we would be opening ourselves up to government interference that would be very close to what one would experience in a totalitarian police state. Only a weak correlation between an activity and its negative impact on one's health would be required to effectively outlaw it. Smoking, promiscous behavior, artificial or even natural tanning, drinking, and eating foods that are more likely to make you obese would all be in danger of being made illegal. Further, the measures that would have to be taken to ensure that one didn't do these things would be Orwellian.
Right, that is why in Canada, where I live, and where there is Universal Medicare, we take smokers to the gallows and alcohol is banned under pain of death... oh wait. What actually happens is, like with private insurance, the government puts a premium "health" tax on all of these nasty addictive habits and tries to control advertising and sales to minors. The extra tax revenues go to cover the treatment of the irresponsible addicts. It is as much "totalitarianism" as in higher private insurance premiums for smokers by US HMOs. But that does not seem to bother the demagouges. Next.
Now, I have no problem if I can opt out of this. If I can say, "Fine, you can deny me your "Free" Universal Healthcare if I can not pay a penny for it in taxes, and while you're at it, prohibit me from ever benefitting from Social Security and any other social safety net, and give me back all the money I paid into that, too", that would be acceptable. But that's not how the US government has ever worked.
That is an impossibility based on a fat lie. All of these things are a part of the social contract between the individuals of the society and the society itself. The reason we all gather in a group instead of living in caves solo. You cannot "opt out" from the society because you were made at its expense, from the crib. There is no such thing as "independent" and "self-made" men, it is an insidious boloney. The only way you could "opt out" is if you were minutes after birth thrown into a forest, had never any human contact and emerged 20 years later, wearing a tux, a monocle, a tall hat and speaking Oxford English, not to mention being educated to a fault. All by yourself. Because, otherwise, you have been given gifts of the society, in form of language, math, writing, methods of food preparation and so on, for which you never paid. The very concept of money you owe to Phoenicians of 900BC. Similiarly you cannot be allowed to opt out from taxes, because the societal infrastructure built with them cannot be separated into parcels to be dealt with individually and optionally. In the case of Healthcare, for example, if you started a firm and hired people, you would be taking advantage in your business of healthy employees, without paying a penny towards that end. And so on. All of these systemic social effects are network effects and are cummulative and inseparably intertwined.
The whole thing really revolves around two stances: cooperation and phony individualism. Some things, common to all members of society are best addressed by cooperative measures while others are not lending themselves to that approach. For many reasons, like the inapplicability of "free-market" principles in the case of critical health problems, the medical services are best left to coopeartive measures. But there will be always people who will fancy themselves "individualists" and will end up trying to con the society of its resources for their own benefit under the guise of "being independent" or rob others under the pretense of "laissez-faire markets". The views which you appear to hold are belonging to the sociopathic part of this equation.
I didn't read your post because you have no value to me.
Quite expected of a self-centered greedmonger. The point of my missive was not to conduct a dialogue with someone so obviously full of himself but to expose, for the insanity they are, the barely coherent and utterly illogical "views" he spouts, feigning authority. "Views", some of which, unfortunately, seem to stick to otherwise decent but gullible people like dog feces do to one's shoes.
However, I did read the first sentence and wanted to thank you for that new name I had not heard before. 'Greedertarian.' That's pretty good - you didn't actually make that up yourself, did you?
You are welcome to use the insult on yourself, preferrably with abandon. Yes I did make it up (as far as I know, but someone might have beat me to it) but I will gladly forego any attribution, should it serve its purpose so very well that even the very clowns for whom it was intended wear it proudly. It would remove any pretense of reason and logic on your part, and expose it for the insidious charade it is, explicitely and loudly to any potential unsuspecting victim of yours, before in their naivette he might attemt to take your "views" seriously. Other, that is, then to defend himself from your so thinly vailed attempts at usury and domination.
Slashdot Mirror
As you wish. Ever heard of the International Telecommunications Union (ITU) which is part of the UN? Do you have a telephone? Do you ever call anyone in any foreign country? Guess what? The ITU is the agency responsible for all international telephone system links form many decades now. You were saying something about track record, no?
Then please stop all that pretense about "UN" authorizations, which the parent poster was spouting and to which I replied, and instead simply say what you really want to say "Might = right". And prepare to be treated accordingly by the rest of the world. As a mortal enemy. No more posturing about being "leader of the free world" and all sorts of similar crap.
Whenever possible, cooperating with the UN to achieve its purpose of peaceful resolution of conflict should be the highest priority, but ultimately the UN's decisions are not binding on the US or any other nation.
The whole point of the UN is that it is supposed to be binding. But it is clearly becoming apparent that the UN resolutions, in the US's view, are to be binding on everyone else but the US. In short the US administration is seeing the UN as hired help in its authoritarian and unilateral quest to ... well at this point the cat is more or less out of the bag ... subjegate and control the rest of the world in the name of corporate hegemony (although odds are that the people at the helm do not comprehend this themselves). A quest which has no chances of succeeding and only most foolhardy and bigotted, navel-gazing, terminally ignorant, troglodyte segment of American citizenry harbours any such illusions and which are spurred on by some insane corporate power elites within US society.
But I don't think Bush got into the Iraq war for personal reasons. People say he wanted to finish off what his father didn't, and although I don't like Bush, I think going to war for purely childish reasons like boosting your own ego is below even him.
The true picture is of course a combination of reasons, that of neo-con ideology, Bush's personal vendetta, religious wingnuttery of his support base resulting in delusions of "destiny", Israeli influences etc and so on, all sprinkled generously with bottomless corporate greed and masterfully seasoned with that age-old explosive mix of Hubris and Ignorance.
Quite possibly. The point is that it is the last administration which decided to go ape and bypass the international concenus building, when their manouvering fell flat at that arena, and simply opt for brute force. I do not in any way deny past Democratic complicity in this stupid stunt, don't get me wrong there. People like Hillary Clinton for example are all gung ho for the war. But the topic of discussion was the US-UN interaction and I replied in that context. Democratic administrations at least attempted to be clever about this thing and try to work some sort of strategy of carrots and sticks in getting all of the reluctant "allies" into this thing together (with mixed results). The obvious point remains that if the Iraq war had any chances whatsoever of being successful from the point of view of "war on terror" and "nation building", these chances were lost the moment that universal international concensus was abandoned.
No they don't. They have a kleptocracy, wholly reliant on foreign troops to keep it in power in Afghanistan and a mix of Theocratic dictatorship and a semi-democratic Kurdistan pulling together to subjegate or genocide the Sunnis, also wholly reliant on foreign invaders to maintain that position in what used to be Iraq.
3. Security Council Resolution 1441: Unanimously passed by all 15 member nations of the Security Council, including China, France, and Syria. Solely executed by the US (with some support from like-minded allies). The US was ready and willing to take care of business with or without help.
Except that US was not authorized to do so in resolution 1441, as those UN members knew full well that US/UK-fabricated "intelligence" was bogus. A proper authorization would look like the 1991 resolution 678, which explicitely mentioned "any means necessary". Where did you get the idea that US was ever "authorized" by the UN to invade Iraq? O'Reilly? Rush Limbaugh? Because sure as hell it did not come out of the UN.
The US isn't talking about taking things, the EU and UN are. Of course a product invented in one country can be used in others, but that doesn't mean that the HQ for the company has to be moved to Brussels or The Hague. Besides, as many others have pointed out, the invention was funded by the US Dept of Defense and worked on by US universities. There is no grounds for "forcing" the US to do anything.
By that token, the telephone systems of the world should all remain disconnected and there should be no international phone numbers nor any way to call a foreign country. That is what you are saying. Just like with the telephone system, a common, international organization is needed to establish the links between various networks in many countries. In case you did not notice, all of the countires in question already built their own Internets. They have their own routers, fiber cables, servers and even, shock, hundreds of millions of users, all physically located there. What is at stake is the coordination process, just like with telephone system where it was solved by the UN's ITU. Something like the ITU is simply inevitable and necessary for it is simply impossible for the US to be in charge of asssigning phone numbers in, say, Russia, which is what the present scheme amounts to.
True, it contains something like that, but that resolution does not contain authorization for war, unlike the resolution 678 which explicitely does. US simply decided, unilateraly, to pretend that it does.
So it was up to the UN to enforce it.
No it wasn't. US had no authorization. But members of US administration wanted the war badly, for personal and ideological reasons. The rest is history.
So please stop rehashing this old, discredited, worn crap about how "poor US" has been selflessly "enforcing" UN resolutions only to be bashed by "ungrateful" furriners ....
Yes. Dr. Blue has informed us that "verification of trust" between peers is so paramount that it should take precedence over competition and interoperability, which he at present believes to be in no particular danger because software makers -- Microsoft chief amongst them -- "strive for interoperability" with their competitors. Your contribution to the discussion was something along the lines of "Dr. Blue is my hero, you should all bow before him". Followed by nostalgic musings about USENET killfiles. And than you call me a troll. As to ad hominem, sure, I am guilty of some of that, as my patience for people who miss the most obvious of facts in front of their noses while at the same time waving their diplomas around is in rather low supply these days. But not as low as that for their pitiful side-kick chiwawas (see? an ad hominem!) barking at their oponents' ankles from behind the legs of their idols.
Orwell would be proud, or scared.
Yes, most certainly. That is why Orwell has spent most of his life warning about totalitarianism and use of technology to achieve that. He would be down right terrified by my attempts at warning people that Dr. Blue's and your pet technologies have severe authoritarian undertones and can be used to achieve goals Orwell found so admirable that he had to write some numerically titled books to extroll them.
Idiot. (see? a name call!)
And there's the most fundamental difference. I personally see the technology as potentially very empowering, and in fact increasing Liberty for the users. You believe the exact opposite. And that's why we'll probably never see eye-to-eye on this, but maybe in another 20 years we can compare notes.
That is probably most insightful observation you have made in this entire discussion. I fully agree. I do admit the very remote, from the perspective of my cumulative experience, possibility of this actually somehow petering out on its own and amounting to nothing more then a tempest in a teapot, a mere footnote in the annals of computing, thus avoiding a necessity for a major battle by the Free Software movement. And you are absolutely right here, only time will tell, as of the things we were disagreeing about here, nearly all are still in the near future. But if there is anything you should walk away with from this discussion now, it is the fact that computing technologies no longer exist in abstract moral vacuum, and have now a potential of severe side-effects, some of which can be understood and manipulated far better by various behind-the-scenes operatives then the technical researchers themselves. It is not too late for you to start asking these hard questions of both your research and its co-participants, and to analyze in depth these (as well as other, not mentioned in this thread) hidden implications. It is time for you to drop your rose colored glasses and try to look at these problems from the perspectives of amoral corporate agendas. It is time to abandon your implicit assumption that the TC platform designers are the "good" guys in this fight and to objectively examine the issues, without relying on such personally convenient preconceptions. If you do that, perhaps you will discover that a solution exists, a solution which would allow for a TPM-like system to be created and which would not carry with it all of these extremely negative social side-effects, which I fear are all but inevitable with the present crop of ideas. Should you achieve something of that magnitude, then you would have rightfully earned the privilege of being able to call yourself a "top scientist" as well as a champion of Liberty. Not to mention demonstrating yourself undeniably my better, as I am so far unable to come up with such an invention.
That is probably most insightful observation you have made in this entire discussion. I fully agree. I do admit the very remote, from the perspective of my cumulative experience, possibility of this actually somehow petering out on its own and amounting to nothing more then a tempest in a teapot, a mere footnote in the annals of computing, thus avoiding a necessity for a major battle by the Free Software movement. And you are absolutely right here, only time will tell, as of the things we were disagreeing about here, nearly all are still in the near future.
But if there is anything you should walk away with from this discussion now, it is the fact that computing technologies no longer exist in abstract moral vacuum, and have now a potential of severe side-effects, some of which can be understood and manipulated far better by various behind-the-scenes operatives then the technical researchers themselves. It is not too late for you to start asking these hard questions of both your research and its co-participants, and to analyze in depth these (as well as other, not mentioned in this thread) hidden implications. It is time for you to drop your rose colored glasses and try to look at these problems from the perspectives of amoral corporate agendas. It is time to abandon your implicit assumption that the TC platform designers are the "good" guys in this fight and to objectively examine the issues, without relying on such personally convenient preconceptions. If you do that, perhaps you will discover that a solution exists, a solution which would allow for a TPM-like system to be created and which would not carry with it all of these extremely negative social side-effects, which I fear are all but inevitable with the present crop of ideas. Should you achieve something of that magnitude, then you would have rightfully earned the privilege of being able to call yourself a "top scientist" as well as a champion of Liberty. Not to mention demonstrating yourself undeniably my better, as I am so far unable to come up with such an invention.
Dream on these vivid daydreams, it suits you so well.
You are not merely wrong on occasion. From what I've seen, you're nearly always wrong, and loudly so. You do not pick your fights carefully; as far as I have seen, you have yet to pick a fight that you could win. You are the fool. You are the one proposing preposterous things. You are the one who is colouring the debate through a glass of his own sense of self-righteous 'morality'.
That is why you chose, most likely after "winning" one of those battles, to post anonymously, in fear of being forced to "win" another.
You are a thoroughly unpleasant person, and I am posting anonymously because your personality type is common among cyberstalkers. It is no wonder that the people who argue with you walk away in disgust.
That was a good chuckle. I am about to "cyber-stalk" you? Your very use of that idiotic term exposes you for as a complete troll. "Walking away in disgust?". No, troll, you posted your cowardly tripe for the sole purpose of trying to use this very transparent ploy, hoping to somehow get a rise from me. No luck. Be gone back to whence you came from. Good riddance and get your pathetically sad fantasies of someone being actually sufficienlty motivated by you to even approach remotely anything resembling "stalking", fullfilled somewhere else.
I guess that is what I get for feeding AC trolls in the first place.
Amusing. Perheaps you should check the end result of that little conversation I had with Dr. Blue in the other thread, the one in which he admitted that the TPM effectively gives means to Microsoft and others to lock GPL folks out of the Internet, among other, his words "pretty anti-competitive things", but where he does not think it will happen because, his words "Microsoft encourages interoperability" of its products with competitors. You were speaking of tools, weren't you?
As if by "everyone", you mean fools who propose preposterous things, most certainly. Perhaps you did not notice but I pick my fights carefully. There is rather no point in posting in a "Yea, I agree.", "Yea, me too." thread, now, is there?
I'll give you a hint: it's partly because you're wrong. But that's only part of it.
See above. I am wrong on occasion and in such a case, if one is to make a logical argument, supported by facts, I will sooner or later concede. I assume that it is why you are prepared to provide precisely such a kind of an argument, and that is the main reason why you posted such a well reasoned post full of informative references, Mister, how shall I put it politely, Coward, Anonymous?
False. They provide a particular type of "verifiable execution environment", one which is designed with specific implications in mind, and it is those implications, of that particular design which count!
On a hardware box with trusted platform support, you could (a) opt out entirely and it would work just like today's computers,
And be thrown out of the Internet, as now you no longer can connect to anything that matters! No more connecting to the majority of Windows users, no more connecting to secure websites. That is the wee little implication of that!
(b) run only one or two trusted applications and leave the rest of the system open to tinkering and modification,
I can only assume that you think me becoming so mesmerized by your constant flip-flopping that I am no longer noticing it. According to your own rantings, this scenario is impossible as the TPM requires verification of the whole environment, starting at boot, via the OS kernel and its drivers, system libraries all the way to the "trusted" application. Quoth you: "Yes, you're right about this -- the libraries and OS kernel would have to be ones that the P2P software has determined that it's OK running under" or (in reply to my suggestion of modifying the kernel) "And then, of course, it won't be able to authenticate itself to the P2P network, and the other hosts in the network will promptly ignore your system" or "In the TCG design, you would be required to run an OS that didn't allow you modify the kernel memory management code." (the TCG being the "weaker"(!) of the proposed standards). Do you honestly think I would fall for this? Are you that used to people taking all your bullshit at face value because you impress them with your titles?
(c) dual-boot between a trusted and traditional system,
Brilliant. So now a set-in-granite Microsoft monopoly is A-OK as long as we can boot another, completely disconnected from anything useful, system so that we can ... I am not sure exactly what ... play Pong on it? Certainly we will not be connecting it to "trusted" Windows peers.
(d) have a completely locked down box.
This of course being the only practical outcome of all this TPM crap, the box being a Microsoft Windows one and maybe, perhaps, an Apple one (if one is willing to be disconnected from, say, 60% of the Net). This, of course, being the intended purpose of this particular TPM design, by Microsoft and Intel.
The main point being, this choice is entirely up to you, and the hardware will let you make whatever choice you want.
Yes, it is entirely up to me to eat food too. Or to breathe air. The catch being, that if I want to live, those choices are no longer there. Similarly here: if I want to connect to anything meaningful on the Internet, my choice will likewise be rendered moot, Microsoft and their "partners" will be, as someone in the same business once said, "the offer I simply cannot refuse".
Is is also possible to make an operating system such that, if you chose to run that O.S. then it would only allow programs that some external party has said are OK, and you wouldn't be allowed to modify anything or run any of your own applications. You seem to be hung up on this, thinking it's inevitable, even though all the plans that have been announced about using trusted platforms say specifically that they're not going to do this.
Yes, Dr.Oblivious, the convicted monopolists and greedy multinationals will announce, ahead of time, that they are planning to establish a mutually-supporting dominion of unchallengeable supremacy in the domain of personal computing, thus enslaving most of the technologically advanced Western societies for the f
Except you disingenuously ignored the fact that I would have to throw away my "hacked up" kernel (and by extension my hardware) to "conform". Because unlike multiple versions of libraries, I now am allowed to have only one "approved" version of that, no?
Now stop your ranting -- that could be a Linux kernel or a Windows kernel or a FreeBSD kernel -- but the kernel does have to be able to enforce the protected memory area.
There is no way to enforce the "protected" area, without the TPM making sure that the OS has not been modified in some way from the "verified" version. That means the whole OS kernel running within the TPM environment and to be set in stone, unmodifiable by the user, version, which means the fucking end (as I repeatedly said) of Linux and BSD. And that is on top the patently obvious fact that no commercial Windows software maker will ever certify any Linux or BSD kernel for their app, never you mind even making a Linux version of it. And which you seem completely unable to grasp.
That's quite a shift from your original claims that everything would have to be approved by some central big-brotherish cabal. I can produce a P2P client. I can decide what environments I want it to run in. And then I can lock it to those environments. Neither the TCG nor Microsoft nor anyone else other than me has to approve anything.
No, it is not a "shift", it is simply an attempt to clarify that scenario. Because, as I explained above and in my previous posts, this scenario and "external approval" for the OS you are running are equivalent. Someone else (in our phony example - the P2P client maker, in real life - Microsoft) gets to decide what OS/configuration do I run, without any recourse other then not participating in the Internet, in any meaningful way. The difference is simply the exact mechanism by which it happens. The end result is the same.
Of course it would, which is why the ability to recognize such packets is one of the most fundamental capabilities of a TPM. This is what I was talking about when I said "This is the only place the hardware endorsement keys are used -- to ensure that a remote system is a trusted platform in a particular state".
So the TPM uses its secret private key to generate a public, decryption one which is then used by the other end of the connection to verify the state. Fair enough. Although this still does not address the problem of local "variable" memory areas which cannot be "verified" as they differ from peer to peer, and which potentially could be modified externally, like, say, the buffer in which the communication packets are formatted, prior to their encryption.
Certification means that some external party is certifying a statement or system for some purpose.
Which implies that the "certified" system is locked and unchangeable for the purpose. Which is equivalent to what the P2P application is doing, as it demands that the system it runs on, get it here, is "certified for the purpose" (by the application maker with the help of TPM, who in this case is the "third party") for running that application. You can play word games all you want. The meaning remains the same.
It also matches up with your original statements about the TCG having to approve of things and issue/certify keys -- that would be certification, but as I've pointed out, that is completely wrong. And thankfully, it looks like you've backed off these statements after realizing they were wrong.
Which in essence, changes little, as it leaves only the corporations directly (as opposed to the consortium) and their unchangeable configurations on the OS playing field, this being not far away from my original statement. Instead of certifying every applicati
That is not what I meant. A real Black Hat would use the modified malloc() to allocate memory blocks outside the protected memory area and then manipulate them. memcpy() would be used to intercept memory block manipulations within the "protected" area to inspect/modify "protected" memory contents, fopen() would be used to redirect access to hacked/fake files, fread() would be used to supply such fake contents, rendering the P2P client unable to see the true contents of files. Most of these (and many many other calls) could be used to create buffer overflows and to effectively inject executable code into the "protected" area by abusing the buffers which the P2P client uses when making these library calls...
I mean, in all seriousness, is a DOS attack all you can, with your "extensive" experience, think of? I just presented you with a method of defeating the entire premise of "trusted" P2P process, running under "unsecured" OS, and you missed it altogether. I am beginning to even more seriously doubt your levels of practical understanding of these matters.
Or perhaps you do understand, just that you are disingenuously attempting to portray this scenario as "useful" (which it is not) in order to hide the fact that only useful way to use TPM is a complete OS lockdown from boot onwards, which is what I was saying all along and which you seemed to deny.
AAAG! How many times have I said this? No one has to "certify" your signature. The only thing that's necessary is that I'm (me, not the TPM) convinced that I've got an authentic public key for you. Who certifies the Fedora keys now? Answer: No one. It exactly the same. I trust them because I trust the channel I got them through. Once again for emphasis: it will be exactly the same with a TPM.
There is something seriously amiss here. If the TPM is not verifying the signatures of the processes it is asked to load, what is to stop me, the evil hacker, from loading a completely fake, but skillfully crafted client which would take over the entire process of communication with the other people's clients, while residing in the "protected" memory area and using the same functions of TPM the original would? To be specific, if the TPM is to verify some memory areas and sign/encrypt the resulting checksums for the benefit of "verification" to, or encryption of packets for, the other client, I would simply keep a complete copy of the original client in the "protected" memory area, starting at the offset it would normally load, followed by my funky one, and point the TPM circuitry to the original, when requested, since I now control these types of "protected mode" TPM operations. And I would smile, since now I have the best of both worlds: my hacks are so hot that they smoke and on top of that I get to be "officially certified" as "authentic" by the TPM itself.
No. No one has to submit anything to any TC consortium member. I've said that over and over, and I'm honestly not sure why you don't believe this. And in fact, no one, not even the TC consortium, knows the private key embedded in the TPM. That would pretty much violate the whole model.
I gave you the reason why I do not believe this above. Such solution would be simply completely ineffective and I somehow doubt that TC consortium missed this, Planet of Jupiter sized, hole.
Furthermore, lack of an ability by one TPM to recognize packets encrypted using contents of another, would pretty much defeat the whole idea of "trust" between two systems. For this to work, there has to be a common key, hidden in hardware (so that hackers don't get to fool with it) used for this purpose and common to all TPM chips.
Any idea how many people use "home glued" versions of libc? It would be in the hundred
I will file that under "wishful thinking" on your part.
So in the P2P example, when the trusted process asks the OS to send a certain packet to 1.2.3.4 it could indeed be intercepted and be sent to 10.20.30.40 instead. Or it could in fact just throw out the packet altogether. The effect of both of those is basically a denial-of-service attack, which trusted platforms are vulnerable to, exactly like this.
You are new to this Black Hat hacking gig, aren't you? DOS attack?! How about a fancy version of malloc() or memcpy()? What about fopen() or fread()? Bye bye goes the integrity of the P2P client, unless it has a whole duplicate OS embedded in it, complete with its own custom filesystem and storage device drivers.
Sigh. If you're going to argue with me, at least try to pay attention to what I say. I have said (repeatedly) that trusted platforms don't depend on software signatures or certified keys for software. They do depend (quite strongly) on keys for the hardware, and in particular for what called an "endorsement key" for the TPM. This is what I've been saying all along. If you have a TPM you have an endorsement key, independent of whatever operating system or other software you want to run. No need for anyone to approve any software you decide to run.
Really? How would you then "certify" my signature for my funky new P2P package? Clearly I cannot make it up myself for any hacker could do it too, pretending he is me. Someone has to arbitrate between us. Like Verisign and Thawte do for SSL certificates, or PGP servers do for PGP signatures. Except that now there is a secret hardware key involved not accessible to anyone but the TC consortium. And they do not do it for free. That means free software makers, would have to submit their certificates for signing to some TC consortium who happens to know the secret private key embedded in the TPM, so that the TPM can verify the authenticity of the signature, no? Who is going to pay for that? GPLed free software folks are going to fork over $500 a year for the certificate, right?
What about if that embedded, super-secret, private hardware key gets compromised? You get to have a mandatory update of your hardware or throw away your PC, which would be a brilliant corollary to this idiotic TPM scheme, no?
If you have your own custom libc, and the P2P software was designed so that it requires a certain certified libc (say the standard Fedora distribution libc), then the P2P software would refuse to run on such a system (or rather, it wouldn't be able to attest to its authenticity to remote systems).
Which implies that you have no clue how this whole Linux community thing works. Variety and freedom of choice are the key elements here. Anything that runs on a particular version of glibc on Fedora and does not run on home glued derivative of Debian is not acceptable to Linux community. Period. It is only acceptable to corporate manufacturers of certain software, who can demand that a particular whole OS/computer combo was slaved to their particular package, exclusively. Which is what they are already attempting today, causing havoc for users, and which perversions I am defeating on a daily basis to make their crap-ware run on my client's existing configurations instead of purchasing hundreds of thousands of dollars of hardware to fulfill inept one-server-to-an-application vendor fantasies.
The options then are (a) you could make the P2P program statically linked to remove as many of these dependencies as possible,
Then I will just change the system calls in the kernel itself or run the whole shebang in user-mode-linux or some other virtualization system. Next.
or (b) require e
Since I base my observation on the utter bullshit you are attempting to feed me, this chest-beating is doubly amusing. If you were a true scientist, you would realize that what counts is an ability to logically prove your point. Credentials and sharp elbows are for scaling the pay scales in the academia or industry, and count not for anything in the field of actual scientifc discourse. You would impress me far more were you not dancing around the obvious, logical implications of TPM while trying to paint your sponsors in rosy colours. There is a lot to be said for intellectual integrity and honesty although it does not pay as well as the Trusted Computing consortia.
Ding, ding, ding! We have a winner! Yes, this is what happens. The P2P software would run in an isolated memory area. But only that process would be affected -- it can run at the same time as other untrusted processes, but the memory isolation would keep them apart and would keep the untrusted processes from interfering with the trusted P2P software.
Err, no. That is an ugly loser. As I pointed out already, this would not work on its own without a complete host OS lockdown. For the "isolated" process would have to still make OS calls (most likely via system library ones) and thus be exposed to a hacker poisoning/manipulating those.
(this requires an externally certified key, but it's a key for your hardware, which you have simply by virtue of owning the TPM hardware -- it's not something you "apply for", and it's not tied to any particular software -- it works for my hypothetical P2P package just the same as it would work for Microsoft's Media Player).
Great Scott! It does not take him more then a few sentences to contradict himself. So which is it? Does the TPM have no key or does it have "a key for my hardware" (externally certified, no less)?
Once that happens, the software knows that it's got two protected environments that can't be tampered with talking to each other, and any and all data that moves between the two systems is encrypted and MACed whenever it leaves those protected areas. So packets can't be tampered with by you or anyone else -- they must follow the P2P software instructions.
I can only shake my head at this naivette. If the OS would be not completely and utterly locked down prior to this setup, I would be merrily feeding the P2P software fake files and what not via my own hand crafted "system" libraries. To prevent that, the P2P software would have to "certify" the libraries and the OS kernel, thus requiring that everyone under the sun has ones belonging to the same limited list, a list that TPM-based software can trust. Yes Dr. Weasel, that means no GPLed system kernel/libraries which have literally thousands of versions and can be patched or modified by the user (thus changing their signatures resulting in the P2P client's refusal to cooperate). Microsoft ones are the main practical possibilty of course. Perheaps Apple's although I am sure the plan is for those dirty upstarts to get lost too from any TPM arena due to "incompatibilies".
To make it crystal clear, lets see how this would work in practice: Alice loads her P2P software, which then must via TPM, certify the OS and the libraries before using them. Following which Joe, who happened to be on older version of Windows (one which Microsoft "retired" and pretended to lose the keys for its million versions of ancient DLL's) attempts to load his, in order to connect to Alice. Bzzt! No go. "The TPM software on your computer in conjunction with the P2P client you are attempting to connect to has detected
Yes. That is why he is unable to answer a rather basic, logical scenario I presented. I too know more then a few PhDs. And more then one hopeless phony amongst them. My favourite one has 2 PhDs in Artificial Intelligence, no less, and has no clue how to get an Excel spreadsheet going, never you mind programming a line of code or designing the simplest of neural nets (his AI knowledge does not withstand a 2 minute discussion). You can try to browbeat me into submission by your awe of Dr. Blue's towering personal ability to impress the gullible with his credentials but I must regretfully admit that I will remain loyal to these humble, gray, mundane things called logic and "scientific method" instead and remain unimpressed by the fancy robes of the purveyors of hot air.
Oh and my favourite AI resercher has also published (how, it still remains a mystery to me, I can only guess a scenario involving some poor undergraduates) a few "peer reviewed" papers. Some probably got cited somewhere.
So quit the bullshit and kindly answer me the rather simple scenario I posed, based on Mr. PhD, MD, RN, MSPH, TCG, MA, MSCE, CNE, DKF, Blue's own silly example. Impress me with logic and consistency instead of your submissive deference to his "authority" and the corporate propaganda he is so fond of.
There is a programmer who makes a P2P software. Lets call him Bob. Bob decided to use TPM to ensure "trusted collaboration" with his P2P software. The objective is to prevent the users from modifying the client in unauthorized ways. He gets his TPM chip with its secret private key to generate him certificates for his signatures which he used for his software so that it can be verified as being signed by him, in its unmodified form. He posts it on the web. Following which, a pair of users, lets call them Alice and John, download the package. Both have a TPM system in their PCs. Upon loading of the software, there are the following possibilities: the operating system instructs the TPM to "verify" the integrity of the binary code of the P2P client and its subsequent signature as authentic or the P2P software itself can query the TPM with the said data. John is a hacker. He wants to circumvent the protection and mess with Alice's computer/or P2P data sent to her. The following possible scenarios present themselves:
That is only because the TPM in your present equipment is not used in the way which makes TPM anything close to functional. For the platform to be "trusted" by some cabal of corporations, one has to prevent the user from ever gaining control over the TPM. So your misleading "examples" are just that, attempts of something akin to "see, this small cut only hurts a little so you wont feel getting skinned alive at all" type of logic. The very fact that your Thinkpad (I assume) still runs non-TPM authorized software, nixes the whole concept, right there, as that software can be used to do all sorts of stuff, including virtualization of the TPM hardware, for the purpose of circumventing it.
Your dismissal of the importance of being able to build trust in distributed, collaborative settings reminds me of people who think anarchy is a workable society.
This has nothing to do whatsoever with anarchy (and I am not an Anarchist). Instead, it has everything to do with a form of totalitarianism. You are attempting to use a classic tool of demagougery, a false dichotomy: "either you are for total control of your computing by a band of corporations or you are an anarchist!". Let me reiterate this again, since you keep missing this rather basic element: for a platform to be "trusted" by people other then the owner of the computer (regardless of its "collaborative" merits), that person, not the purported owner, has to have complete control over the functions of the said computer and to be able to severely restrict the types of operations allowed. In other words, the true owner of the equipment is the "trusted" party. In your inane examples, for the "collaborative" system to work, the members of the P2P network would have to all relinquish control of their computers to some other party whom they all "trust" implicitely, unquestioningly, unconditionally and completely. A Dear Leader or Big Brother of some kind. Since the whole idea is increasingly compromised the more of these "trusted" entities exist, producing "trust" conflicts, the "optimal" scenario involves just one, i.e. the globe-spanning consortium of Trusted Computing founding conglomerates, holding all the digital keys to the equipment and throttling the funcionality. That consortium of course deciding whose software is allowed to run and extracting a licence fee for the issuance of appropriate keys after the software and its maker have been deemed "acceptable" to them. Anything less than that simply wont work for the stated purpose of TPM and is merely a pretense of TPM functionality for the purpose of slowly accustoming the public to its future ubiquity.
It boggles my mind that you fail to see this rather basic implication of your "collaborative trust" nonsense.
Since I sense that you will fail to comprehend this again, answer me this telling question: in your TPM scenario of "collaborative trust" on a P2P network, who precisely would be authorized to obtain the appropiate keys from the makers of the TPM for the software? The P2P network software maker? If so what is to stop a high ranking member of the Trusted Computing, some "Enterntainment Industry" mega-corporation from blocking that request? How is, say GPLed, free of charge software to pay for (never you mind complying with) the "certification" which would inevietably be required to obtain the appropriate key set?
By all means, do continue to educate me.
Only the entire future of computing, free exchange of ideas and open source depends on this. Possibly the direction of Western Civilization. So you are right, we are getting "worked up" for no good reason at all.
And I love the irony that many of the same people who scream about the evils of "Treacherous Computing" are exactly the same people who, when the topic is changed to peer-to-peer technologies and the RIAA efforts against those, make the argument that you shouldn't argue against a technology just because it has some bad uses.
Err, hold on for a minute here. In one case the "bad" is seen from the perspective of someone other then us, citizens, and in the other the "bad" is from our perspective. So no, there is no "irony". Things "bad" for the efforts of multi-national corporations to enslave us all are "good" from perspective of an average person. And that is the only perspective which counts. You should be careful with your examples, your questionable loyalties are showing.
Perhaps you don't understand what DRM is. The two main examples I used were examples of building trust amongst a group of users who are trying to do something in a distributed, collaborative setting."
Oh yes I do. Hardware based DRM and Trecherous Computing are the two sides of the same coin. In order for DRM to function, the owner of the computer has to be deprived of control of it. This is precisely what the TPM chip does in question does. What you are harping on is that there are other uses of the chip, parallel with straight DRM but which have nearly identical mechanism at their core. In short, true DRM is impossible without TPM, and conversly, existence of functional TPM hardware, implies DRM. So for the purpose of this discussion, they are an unseparable couple.
As to "collaborative" setting and "mutual trust", if your answer is TPM, they I'd rather have no "trust" in my connection peers, as in exchange for that "trust", the TPM takes away the control of the computer away from me and hands it over to some other third party who is "trusted". Which is precisely the "restriction" which you claimed does not exist, in your original mesage.
They had zip to do with "content.
Define "content". In your examples, the "content" was the actual software being "protected" by TPM. The fact that other "content" (the P2P network data or game network data) exists does not change that fact.
Second, think about any group setting and the fact that for almost any group activity, you do accept restrictions on doing whatever you please. It's not about "fighting the man" or being subjugated by a stronger power -- it's about allowing groups of users to have a functional setup where they can trust each other.
Ergo, the "contents producers" (the group of peers producing their data) is now restricting what you do, which directly contradicts your original statement.
My views are entirely consistent
Err, no. See immediately above.
and hardly "appologisms" -- and as far as that goes I can absolutely guarantee you that my anti-DRM credentials put yours to shame.
Now this is coming from someone who accuses me of not grasping the DRM implications of TPM. Very well. I will pretend to go along with this silliness. Here is a question: How in the world are you planning to implement a TPM which will not immediatelly imply an ability to introduce DRM at the same time? Conversly, describe a workable DRM scheme not dependent on TPM-like technology. Educate me.
Optional for the manufacturer, not you, the sucker known as the "consumer"
and (b) there are applications where this makes complete sense.
Benefits of none of which even begin to approach the cost of societal downsides of Trecherous Computing, never you mind surpassing them.
If you don't like DRM, then don't accept stores or software that enforce it. And don't mistake every single issue as content providers trying to restrict what you can do.
Brilliant. And what if every device on the market has one? Better yet, what if the multi-million dollar lobbyists of the DRM guild manage to purchase a law mandating it? What then?
"just do not buy it" is the same utterly moronic advice as "just move to another country if you don't like crooked politicians".
And don't mistake every single issue as content providers trying to restrict what you can do.
Execpt for the fact that it is precisely what they are attempting. Your own very examples of "positive" use of DRM were .... all about the "contents producer" (P2P client developer, game maker) restricting your actions (deteremental actions, in those examples, but still your actions and still them doing the restricting).
It seems that you cannot even keep your appologisms for the DRM guild internally consistent, which is nearly always the case when defending immoral ideas.
Right, if what was labelled "socialism" in Soviet Union was brought to Britain in its Soviet form, I would be right there with him, agreeing. You missed the point. "Socialism" as discussed today, by sane people, has nothing whatsoever to do with the Soviet or Nazi "socialims" of yesteryear. So while Orwell might have been scared silly about the Soviet monster-mutant-"socialism" it has no bearing on, say, universal healthcare, which is an example of modern "socialist" (as in social conscience) concepts.
If I buy a knife and call it "The Light of Reason, Child of Logic", following which I stab some people to death, in your line of thinking, using "reason" or "logic" should be avoided at all costs, because a murderer used the words to describe his deeds, right?
Facts are Facts, the book 1984 is what it is. Orwell was writing about specific trends in 1948. I proposed nothing. I advocated nothing. I merely educated as to what Orwell was talking about. Many people want to draw parallels from 1984 to today and to do that, it's more convenient to ignore exactly what Orwell was writing about and pretend it was just a work about some vague totalitarianism. It was not
All of which had to do with Soviet (and Nazi) ways of doing things. The parallels are drawn based on the effects as Orwell described them, not the labels that he assigned to them. You insist that because Stalin or Hitler called himself a "socialist" and Orwell railed against the actual actions of these tyrants and the decay of societies their perverted, sick "ideologies" brought about, that somehow makes the word "socialism" forever bound to Stalin and Hitler. Never you mind that neither of them was a "socialist" in any modern meaning of the word. See my "Chainsaw of Heavenly Joy" example above. I am starting to wonder if we should not come up with a new label for "socially responsible governance" because it appears some people are condemned to hack and slash with fury at labels instead of the meanings these labels convey. Sigh.
I guess the Neocon card has gone out of favor
"neocon" refers to a particularly toxic (and illogical) mixture of "me-first" libertarian influences, mitiary aggression, "us-vs-them" jingoism, "kill them all and let God sort them out" attitude, hubris, supremacist inclinations all combined with fiscally irresponsible, vast expenditures on military and crony capitalism, etc and so on. I simply could not sense if you subscribed to all of that self-contradictory, neurotic claptrap, in that combination, from your previous post but I could sense the demonization of the word "liberal" coming straight from the talking points of the GOP pundits.
Seriously though, you're an anonymous Internet goofball ...
The sentiment is mutual.
Preach on Comrade! How are your Two Minutes of Hate going? That was quite a rant I first responded to. When did you start hating the Individual so much?
If I want to tune in to some Hate, all I have to do is turn on Fox and watch O'Reilly or Ann Coulter. Or listen to Limbaugh on the radio. It doesn't get any more hateful then those clowns. Some of them (Coulter) even advocate a bona-fide "final solution" for all "liberals": kill them all. So do not be telling me of "Two Minutes Of Hate" as Orwell wrote, because as the book had it, what these people and their listeners do are "Two or More Hours of Hate" every day, in frighteningly stark resemblance of what Orwell foresaw. Show me a "socialist" equivalent of that, complete with sheeple shrieking "ditto" in their cars during the daily commute, or nurturing and growing Hate in their homes, while sneering togerher with O'Rilley at the latest fabricated "outrage" of the "left" or yet another crime against their cherished "family values" alledged to have been commited by Clint
And what you failed to grasp, miserably, and what I tried to explain at length, is that you are benefiting from them, indirectly. But you simply refuse to accept that unless it is you, personally, who gets hauled to hospital at the public insurer's expense, then it doesn't count. That is because your worldview revolves around "I, Me and Mine" exclusively and you fail to see anything beyond the tip of your own very nose. Which is a hallmark of the so-called American Conservatism.
Public schools, police, roads, and the like, I'm fine with, but what amount to as massive bribe to voters at my expense I'm not.
Even if those "bribes" make it possible to reduce the prices of all goods made in USA, increase the country's competetiveness by reducing the costs of hiring people by companies, remove the underpinning of social unrest and some types of crime etc etc. No way. You do not get to see a wad of cash in your paws, immediately, and directly, therefore no benefits to you exist. You live outside the American society alltogether, floating like a butterfly over all of the mutually interdependent relationships the mere mortals all have with each other and thus you consider yourself not bound by any of the obligations these relationships entail. This condition has a name: "sociopathic behaviour".
But I guess because I don't think exactly like you I'm a "Sociopath". Hoser.
See above.
Your Republican talking points are showing. "Liberal", as you mean it, is a meaningless label, applied to a peculiar, haphazard and eclectic variant of progressisve social thinkers intermixed with supporters of Big Business, crazy trade agreements, animal rights extemists and what not, present only in North America. It has no meaning other then to create a label to swear at. "Liberal" in the rest of the world means "someone who promotes lessening of controls over things". For example, something akin to neo-con "laissez-faire" market policies in EU is referred to as "liberal". Which makes European "liberals" the allies of the most staunch "conservatives" (another useless and misguided label) in the USA. See: Tony Blair and crew.
Orwell was drawing parallels to what he saw in the Soviet Union and linking them to what he mused *could* happen in Britain if the Socialistic trend continued.
Except that "socialism" of Soviet Union has as much to do with its totalitarianism as Karl Marx had to do with Uncle Stalin. That is, some opportunists used the names of these ideologies as excuses to conduct their, completely unrelated, business of state capitalism and worship of power. As I already pointed out to the previous posters, some of the most spectacular examples of totalitarianism in Latin America were demonstrated by the self-professed believers of "conservative" values (whatever that means). No "socialism" was needed as an excuse. "Conservatism" served quite well in its place. As anything would, really, as these social systems are mere props to which the crooks in charge pay lip service to while they go about their business of looting, raping and pillaging. But you, probably due to being hammered with this incredulous assiociation by various self-serving demagouges, are insisting on falsely conflating "socialism" (as in some efforts at social justice) with totalitarianism. And this does not even address the wholly separate issue of attempts to implement half-baked and unproven, far-out economic theories in the Soviet society, by various well-meaning but completely misguided radicals, with disastrous consequences.
By the way, you have Newspeak down pat, I could almost hear you chanting "FREEDOM IS SLAVERY!" as I read your post. I applaud you sir, or should I say Inner Party Member?
I yes, I see, so since I am of an opinion that there has to be some sort of limited and well defined societal foundation, based on simple, logical principles of justice and equal opportunity, on which things such as "free market" and "democracy" can stand, that makes me ... an Orwellian advocate of totalitarianism. As opposed to you, whose sentiments (which I deduce based on that "liberal" slur) are that every man and woman should fend for himself/herself, and whomever has the biggest gun or owns most property, wins and takes all. Which makes you all about "pursuit of freedom and happiness" ... yours at everyone else's expense. Curiously, it is you who speaks of dire dangers of "socialism" while attempting to bring back something akin to Feudalism. Newspeak indeed.
Right, that is why in Canada, where I live, and where there is Universal Medicare, we take smokers to the gallows and alcohol is banned under pain of death... oh wait. What actually happens is, like with private insurance, the government puts a premium "health" tax on all of these nasty addictive habits and tries to control advertising and sales to minors. The extra tax revenues go to cover the treatment of the irresponsible addicts. It is as much "totalitarianism" as in higher private insurance premiums for smokers by US HMOs. But that does not seem to bother the demagouges. Next.
Now, I have no problem if I can opt out of this. If I can say, "Fine, you can deny me your "Free" Universal Healthcare if I can not pay a penny for it in taxes, and while you're at it, prohibit me from ever benefitting from Social Security and any other social safety net, and give me back all the money I paid into that, too", that would be acceptable. But that's not how the US government has ever worked.
That is an impossibility based on a fat lie. All of these things are a part of the social contract between the individuals of the society and the society itself. The reason we all gather in a group instead of living in caves solo. You cannot "opt out" from the society because you were made at its expense, from the crib. There is no such thing as "independent" and "self-made" men, it is an insidious boloney. The only way you could "opt out" is if you were minutes after birth thrown into a forest, had never any human contact and emerged 20 years later, wearing a tux, a monocle, a tall hat and speaking Oxford English, not to mention being educated to a fault. All by yourself. Because, otherwise, you have been given gifts of the society, in form of language, math, writing, methods of food preparation and so on, for which you never paid. The very concept of money you owe to Phoenicians of 900BC. Similiarly you cannot be allowed to opt out from taxes, because the societal infrastructure built with them cannot be separated into parcels to be dealt with individually and optionally. In the case of Healthcare, for example, if you started a firm and hired people, you would be taking advantage in your business of healthy employees, without paying a penny towards that end. And so on. All of these systemic social effects are network effects and are cummulative and inseparably intertwined.
The whole thing really revolves around two stances: cooperation and phony individualism. Some things, common to all members of society are best addressed by cooperative measures while others are not lending themselves to that approach. For many reasons, like the inapplicability of "free-market" principles in the case of critical health problems, the medical services are best left to coopeartive measures. But there will be always people who will fancy themselves "individualists" and will end up trying to con the society of its resources for their own benefit under the guise of "being independent" or rob others under the pretense of "laissez-faire markets". The views which you appear to hold are belonging to the sociopathic part of this equation.
Quite expected of a self-centered greedmonger. The point of my missive was not to conduct a dialogue with someone so obviously full of himself but to expose, for the insanity they are, the barely coherent and utterly illogical "views" he spouts, feigning authority. "Views", some of which, unfortunately, seem to stick to otherwise decent but gullible people like dog feces do to one's shoes.
However, I did read the first sentence and wanted to thank you for that new name I had not heard before. 'Greedertarian.' That's pretty good - you didn't actually make that up yourself, did you?
You are welcome to use the insult on yourself, preferrably with abandon. Yes I did make it up (as far as I know, but someone might have beat me to it) but I will gladly forego any attribution, should it serve its purpose so very well that even the very clowns for whom it was intended wear it proudly. It would remove any pretense of reason and logic on your part, and expose it for the insidious charade it is, explicitely and loudly to any potential unsuspecting victim of yours, before in their naivette he might attemt to take your "views" seriously. Other, that is, then to defend himself from your so thinly vailed attempts at usury and domination.