[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FYI] Ross's TCPA paper

http://cryptome.org/tcpa-fritz.htm

-------------------------------- CUT --------------------------------

From: "Lucky Green" <shamrock@cypherpunks.to>
To: <cryptography@wasabisystems.com>
Cc: <cypherpunks@lne.com>
Subject: Ross's TCPA paper
Date: Sat, 22 Jun 2002 19:03:49 -0700 

I recently had a chance to read Ross Anderson's paper on the 
activities of the Trusted Computing Platform Alliance (TCPA) at

     http://www.ftp.cl.cam.ac.uk/ftp/users/rja14/toulouse.pdf 

I must confess that after reading the paper I am quite relieved to 
finally have solid confirmation that at least one other person
has realized (outside the authors and proponents of the bill) that 
the Hollings bill, while failing to mention TCPA anywhere in the
text of the bill, was written with the specific technology provided 
by the TCPA in mind for the purpose of mandating the
inclusion of this technology in all future general-purpose computing 
platforms, now that the technology has been tested, is ready
to ship, and the BIOS vendors are on side. 

Perhaps the Hollings "Consumer Broadband and Digital Television 
Promotion Act" bill would be more accurately termed the
"TCPA Enablement Act". BTW, the module that Ross calls a "Fritz" in 
his paper after the author of the bill, long had a name: it
is called a Trusted Platform Module (TPM). 

Granted, in the context of the TCPA and the Hollings bill, the term 
"trusted" is used somewhat differently than the customers of
future motherboards, which are all slated to include a TPM, might 
expect: 

     "trusted" here means that the members of the TCPA trust that the 
TPM will make it near impossible for the owner
     of that motherboard to access supervisor mode on the CPU without 
their knowledge, they trust that the TPM will
     enable them to determine remotely if the customer has a kernel-
level debugger loaded, and they trust that the
     TPM will prevent a user from bypassing OS protections by 
installing custom PCI cards to read out memory
     directly via DMA without going through the CPU. 

The public and the media now need to somehow, preferably soon, arrive 
at the next stage of realization: the involvement in the
TCPA by many companies who's CEO's wrote the widely distributed open 
letter to the movie studios, telling the studios, or
more precisely -- given that it was an open letter -- telling the 
public, that mandating DRM's in general-purpose computing
platforms may not be a good idea, is indicative of one of two 
possible scenarios: 

     1) the CEO's of said computer companies are utterly unaware of a 
major strategic initiative their staff has been
     diligently executing for about 3 years, in the case of the 
principals in the TCPA, such as Intel, Compaq, HP, and
     Microsoft, several years longer. 

     2) the CEO's wrote this open letter as part of a deliberate 
"good cop, bad cop" ploy, feigning opposition to DRM
     in general computing platforms to pull the wool over the 
public's eye for hopefully long enough to achieve
     widespread deployment of the mother of all DRM solution in the 
market place. 

I do not know which of the two potential scenarios holds true. 
However, I believe public debate regarding the massive change
in the way users will interact with their future computers due to the 
efforts of the TCPA and the Hollings bill would be greatly
aided by attempts to establish which of the two scenarios is the fact 
the case. 

-- Lucky Green 

-------------------------------- CUT --------------------------------




-- 
To unsubscribe, e-mail: debate-unsubscribe@lists.fitug.de
For additional commands, e-mail: debate-help@lists.fitug.de