Quoting Jay Sulzberger <jays@panix.com>:
b. Why must TCPA/Palladium be a dongle on the whole computer? Why not a separate dongle? Because, of course, the Englobulators proceed here on principle. The principle being that only the Englobulators have a right to own printing presses/music studios/movie and animation studios.
A separate dongle can't verify the integrity of the processor. The important part is that the processor's state (including initial RAM load) is verifiable. Without this the OS could be virtualized and modified after the integrity check. Just imagine running Windows Media Player on a virtual machine, trapping the calls to the audio card and thus being able to copy content perfectly. A dongle can't prevent this. Eventually for TCPA to be effective against hardware hacks such as memory probes, not only will the harddrive storage be sealed, but RAM must be sealed as well. Once TCPA moves onprocessor, I expect encrypted RAM will be next. Albion.