Below is the text of an e... (03 Feb 2003)
Below is the text of an email I sent to the p2p-hackers list:
On Mon, Feb 03, 2003 at 12:04:34AM -0500, Seth Johnson wrote: > Tell American Megatrends and Transmeta not to make chips > that let others control your computer! This is sensationalist and wrong. TCPA chips do not let other people `control your computer', in fact the abilities of the TCPA chip are rather limited. It would help if you read the spec for TCPA (http://www.trustedcomputing.org/) before posting such stuff, but I will admit that the TCPA spec is a wonderful example of exactly how not to write a spec. I'm sure much of the min-understanding of TCPA is due to the poor quality of this document. Also see http://www.research.ibm.com/gsal/tcpa/ for a wonderful work about TCPA which may alay some of your fears. > Palladium and TCPA would hardwire your home computer so that > these four entities and their partners would be able to run > processes on your computer, entirely outside your control, > indeed, without your knowledge. If you are running Windows this pretty much happens already. > The mechanics are as follows: only code that has been signed > with a special Microsoft provided key will run. Microsoft > will retain at all times the power to revoke any other > entity's keys. In particular, no operating system will be > able to boot without a key from Microsoft. So if Palladium > is forced into every home computer, there will be no more > free software. Total crap. It M$ wish to implement code signing in Windows they can do that with or without TCPA . TCPA allows you to seal data and only unseal it when booted in the same configuration. It also allows you to `prove' to another party that you are running a given configuration (with a number of assumptions) "The TCPA chip doesn t execute anything. It accepts request data, and replies with response data. The TCPA chip does not and cannot control execution!" (IBM paper). *TCPA chips do not prevent free-software running on the computer* > Microsoft will be able to spy on each and every keystroke, > and mouse movement, and send encrypted messages from your > machine to Microsoft headquarters. Microsoft will also be > able to examine every file on your system. As they can (and, by some accounts, do) currently. > Your encryption > programs will not work against Microsoft, or any other > entities which have full power keys from Microsoft. Utter crap again. TCPA does not alter mathematical reality. Boot Linux and encrypt all you like. > There are two reasons most people will not be able to escape > the All Seeing Eye and Invisible Hand of Palladium. You are mixing up Palladium and TCPA. And we don't even have details on Palladium yet. > Once Microsoft and Intel have forced Palladiated hardware > into every personal computer, it will be impossible to run a > free OS. Rubbish. See above. Now, TCPA does allow some nasty things to happen. See http://www.trustedcomputing.org/docs/TCPA_first_WP.pdf for an example of `content providers' using TCPA to only trust a computer running a given OS. But, personally, I would like a TCPA system. That way I can encrypt my filesystem and store the key in the TPM; which would only decrypt it when my kernel was booted. As a crypto junkie that appeals quite a lot.