From: Charles Hixson (charleshixsn@earthlink.net)
Date: Wed Apr 09 2003 - 05:11:46 MDT
Hal Finney wrote:
>...
>Obviously the story I have told here is very much at odds with what
>you will have heard about TCPA/Palladium/NGSCB elsewhere on the net.
>I can't really account for that discrepancy. I don't understand why my
>reading of the technology's properties and capabilities is so different
>from everyone else's. It's possible that there are non-public documents
>which paint a much more sinister picture. All I can say is that based
>on the public information, TC works as I have described it here.
>
>Hal
>
>
>
Not really. Trusted computing can be designed to do just what you say.
The question is, who is designing it, and do you trust them to act in
your best interest. So though it can act as you say, it also has many
other modes of action, and under the control of a (the) major software
vendor, moving to a mode where more control resides with the OS vendor
has obvious benefits. So people are expecting that the be the mode.
Note: I expect the original mode to be relatively "open", in that you
are able to override the default actions. But a gradual shift to modes
where this becomes more and more difficult is to the obvious advantage
of the Signing Authority. This would lead in a period of less than a
decade in only the Signing Authority being able to allow programs to run
on "your" computer. The techniques for accomplishing this are clearly
laid out, though the original specs don't talk about using them.
Perhaps we could depend on the good will and fairness of the Signing
Authority, but I have my doubts as to the wisdom of that. As to the
"open area", that can be eliminated with a simple ROM chip, that
contains the needed activation code for the CPU, and is encrypted. Even
ROT13 would do, since there is clear dependance on legal measures to
prevent replacements. (But the early indications are that it might be
serialized on the chip.)
There is no technical reason that this hardware couldn't also run other
operating systems, but it isn't really to the benefit of the signing
authority to permit this to be at all easy. So there would probably be
licensing agreements with various manufacturers that would make this
difficult to impossible. (Note: the technical measures are acting as
facilitating mechanisms, not as requiring that matters head in this
direction.)
So there's no technical reason that "Trusted Computing" shouldn't be
trusted. And there are still very good reasons.
This archive was generated by hypermail 2.1.5 : Wed Apr 09 2003 - 19:20:42 MDT