www.cl.cam.ac.uk/~rja14/tcpa-faq.html
Swedish, 10 Finnish, 11 Hungarian, 12 Greek, 13 Hebrew and 14 French. See also the 15 Economics and Security Resource Page which gives a lot of background to the issues raised here. The 16 Trusted Computing Group (TCG) is an alliance of Microsoft, Intel, IBM, HP and AMD which promotes a standard for a more secure' PC. In effect, the TCG specification will transfer the ultimate control of your PC from you to whoever wrote the software it happens to be running. Trusted computing' was the original one, and is still used by IBM, while Microsoft calls it trustworthy computing' and the Free Software Foundation calls it 17 treacherous computing'. Hereafter I'll just call it TC, which you can pronounce according to taste. Other names you may see include TCPA (TCG's name before it incorporated), 18 Palladium (the old Microsoft name for the 19 version due to ship in 2004) and 20 NGSCB (the new Microsoft name). Many observers believe that this confusion is deliberate - the promoters want to deflect attention from what TC actually does. TC provides a computing platform on which you can't tamper with the application software, and where these applications can communicate securely with their authors and with each other. The original motivation was 21 digital rights management (DRM): Disney will be able to sell you DVDs that will decrypt and run on a TC platform, but which you won't be able to copy. The music industry will be able to sell you music downloads that you won't be able to swap. They will be able to sell you CDs that you'll only be able to play three times, or only on your birthday. TC will also make it much harder for you to run unlicensed software. In the first version of TC, pirate software could be detected and deleted remotely. Since then, Microsoft has sometimes denied that it intended TC to do this, but at 22 WEIS 2003 a senior Microsoft manager refused to deny that fighting piracy was a goal: Helping people to run stolen software just isn't our aim in life', he said. TC will protect application software 23 registration mechanisms, so that unlicensed software will be locked out of the new ecology. Furthermore, TC apps will work better with other TC apps, so people will get less value from old non-TC apps (including pirate apps). Also, some TC apps may reject data from old apps whose serial numbers have been blacklisted. If Microsoft believes that your copy of Office is a pirate copy, and your local government moves to TC, then the documents you file with them may be unreadable. TC will also make it easier for people to rent software rather than buy it; So if you stop paying for upgrades to Media Player, you may lose access to all the songs you bought using it. For years, Bill Gates has dreamed of finding a way to 24 make the Chinese pay for software: TC looks like being the answer to his prayer. Governments will be able to arrange things so that all Word documents created on civil servants' PCs are born classified' and can't be leaked electronically to journalists. Auction sites might insist that you use trusted proxy software for bidding, so that you can't bid tactically at the auction. Cheating at computer games could be made more difficult. In its simplest form, applications may be designed to delete pirated music under remote control. For example, if a protected song is extracted from a hacked TC platform and made available on the web as an MP3 file, then TC-compliant media player software may detect it using a watermark, report it, and be instructed remotely to delete it (as well as all other material that came through that platform). This business model, called traitor tracing, has been researched extensively by Microsoft (and others). In general, digital objects created using TC systems remain under the control of their creators, rather than under the control of the person who owns the machine on which they happen to be stored (as at present). So someone who writes a paper that a court decides is defamatory can be compelled to censor it - and the software company that wrote the word processor could be ordered to do the deletion if she refuses. Given such possibilities, we can expect TC to be used to suppress everything from pornography to writings that criticise political leaders. The gotcha for businesses is that your software suppliers can make it much harder for you to switch to their competitors' products. At a simple level, Word could encrypt all your documents using keys that only Microsoft products have access to; Such blatant lock-in might be prohibited by the competition authorities, but there are subtler lock-in strategies that are much harder to regulate. So I won't be able to play MP3s on my computer any more? Microsoft says that TC won't make anything suddenly stop working. But a recent software update for Windows Media Player has caused 25 controversy by insisting that users agree to future anti-piracy measures, which may include measures that delete pirated content found on your computer. Also, some programs that give people more control over their PCs, such as 26 VMware and 27 Total Recorder, are not going to work properly under TC. So you may have to use a different player - and if your player will play pirate MP3s, then it may not be authorised to play the new, protected, titles. It is up to an application to set the security policy for its files, using an online policy server. So Media Player will determine what sort of conditions get attached to protected titles. I expect Microsoft will do all sorts of deals with the content providers, who will experiment with all sorts of business models. You might get CDs that are a third of the price but which you can only play three times; You might be allowed to lend your copy of some digital music to a friend, but then your own backup copy won't be playable until your friend gives you the main copy back. Creeping digital lockdown will make life inconvenient in many niggling ways; This could all be done today - Microsoft would just have to download a patch into your player - but once TC makes it hard for people to tamper with the player software, and easy for Microsoft and the music industry to control what players will work at all with new releases, it will be harder for you to escape. Control of media player software is so important that the EU antitrust authorities are 28 proposing to penalise Microsoft for its anticompetitive behaviour by compelling it to unbundle Media Player, or include competing players in Windows. TC will greatly increase the depth and scope of media control. TC provides for a monitoring and reporting component to be mounted in future PCs. The preferred implementation in the first phase of TC emphasised the role of a Fritz' chip - a smartcard chip or dongle soldered to the motherboard. The current version has five components - the Fritz chip, a curtained memory' feature in the CPU, a security kernel in the operating system (the Nexus' in Microsoft language), a security kernel in each TC application (the NCA' in Microsoft-speak) and a back-end infrastructure of online security servers maintained by hardware and software vendors to tie the whole thing together. The initial version of TC had Fritz supervising the boot process, so that the PC ended up in a predictable state, with known hardware and software. The current version has Fritz as a passive monitoring component that stores the hash of the machine state on start-up. This hash is computed using details of the hardware (audio card, video card etc) and the software (O/S, drivers, etc). If the machine ends up in the approved state, Fritz will make available to the operating system the cryptographic keys needed to decrypt TC applications and data. If it ends up in the wrong state, the hash will be wrong and Fritz won't release the right key. The machine may still be able to run non-TC apps and access non-TC data, but protected material will be unavailable. The operating system security kernel (the Nexus') bridges the gap between the Fritz chip and the application security components (the NCAs'). It checks that the hardware components are on the TCG approved list, that the software components ...
|
http://csua.com/feed/