It's an interesting claim, but there is only one small problem. Neither Ross Anderson nor Lucky Green offers any evidence that the TCPA (http://www.trustedcomputing.org) is being designed for the support of digital rights management (DRM) applications.
Microsoft admits it: http://www.msnbc.com/news/770511.asp Intel admitted it to me to. They said that the reason for TCPA was that their company makes most of its money from the PC microprocessor; they have most of the market; so to grow the company they need to grow the overall market for PCs; that means making sure the PC is the hub of the future home network; and if entertainment's the killer app, and DRM is the key technology for entertainment, then the PC must do DRM. Now here's another aspect of TCPA. You can use it to defeat the GPL. During my investigations into TCPA, I learned that HP has started a development program to produce a TCPA-compliant version of GNU/linux. I couldn't figure out how they planned to make money out of this. On Thursday, at the Open Source Software Economics conference, I figured out how they might. Making a TCPA-compliant version of GNU/linux (or Apache, or whatever) will mean tidying up the code and removing whatever features conflict with the TCPA security policy. The company will then submit the pruned code to an evaluator, together with a mass of documentation for the work that's been done, including a whole lot of analyses showing, for example, that you can't get root by a buffer overflow. The business model, I believe, is this. HP will not dispute that the resulting `pruned code' is covered by the GPL. You will be able to download it, compile it, check it against the binary, and do what you like with it. However, to make it into TCPA-linux, to run it on a TCPA-enabled machine in privileged mode, you need more than the code. You need a valid signature on the binary, plus a cert to use the TCPA PKI. That will cost you money (if not at first, then eventually). Anyone will be free to make modifications to the pruned code, but in the absence of a signature the resulting O/S won't enable users to access TCPA features. It will of course be open to competitors to try to re-do the evaluation effort for enhanced versions of the pruned code, but that will cost money; six figures at least. There will likely be little motive for commercial competitors to do it, as HP will have the first mover advantages and will be able to undercut them on price. There will also be little incentive for philanthropists to do it, as the resulting product would not really be a GPL version of a TCPA operating system, but a proprietary operating system that the philanthropist could give away free. (There are still issues about who would pay for use of the PKI that hands out user certs.) The need to go through evaluation with each change is completely incompatible with the business model of free and open source software. People believed that the GPL made it impossible for a company to come along and steal code that was the result of community effort. That may have been the case so long as the processor was open, and anyone could access supervisor mode. But TCPA changes that completely. Once the majority of PCs on the market are TCPA-enabled, the GPL won't work as intended any more. There has never been anything to stop people selling complementary products and services to GPL'ed code; once the functioning of these products can be tied to a signature on the binary, the model breaks. Can anyone from HP comment on whether this is actually their plan? Ross
Ross Anderson wrote:
... that means making sure the PC is the hub of the future home network; and if entertainment's the killer app, and DRM is the key technology for entertainment, then the PC must do DRM.
Recently there have been a number of articles pointing out how much money Microsoft is losing on Xbox sales. To some extent, of course, console makers expect to lose money on the consoles themselves, making it up on the games. However Microsoft seems to be losing more than anyone else. Perhaps Microsoft don't care, because the Xbox is one vision they have of the future. Gradually it starts running more than just games, but you still get the ease of use and security of a console. It's always risky making predictions, but I think that over the next few years, free software will do in the desktop space what has already happened in the server space. There is a kind of economic inevitability about it; competing with a free product of equivalent quality is virtually impossible. Now, Gates isn't stupid, and I'm sure he's aware of this risk. So we have various alternative strategies. One is web services. The other strategy is to become more closed at the same time as everyone else is becoming more open. That strategy is the Xbox, which may over time evolve into the kind of tamper resistant system that we have been talking about.
During my investigations into TCPA, I learned that HP has started a development program to produce a TCPA-compliant version of GNU/linux. I couldn't figure out how they planned to make money out of this.
It might simply be useful that it exists. If people complain that they can't run Linux on the new systems, it could create all sorts of anti-trust problems. However, even if they didn't try to make money out of the product, it still wouldn't be free in the freedom sense. A similar problem to this has already come up, albeit in a much less serious form. When the Mindterm ssh client is used as an applet, it needs to be signed in order to be maximally useful. At one point it was available under the GPL, but of course if you changed it the signature was invalidated. In this case you could at least get your own code signing key, but there were problems. Firstly it cost money. Secondly by signing code that you didn't write, you would be taking responsibility for something being secure when you had no easy way of verifying that.
You need a valid signature on the binary, plus a cert to use the TCPA PKI. That will cost you money (if not at first, then eventually).
I think it would be a breach of the GPL to stop people redistributing the signature: "You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License." This doesn't help with your other point, though; people wouldn't be able to modify the code and have a useful end product. I wonder if it could be argued that your private key is part of the source code?
Anyone will be free to make modifications to the pruned code, but in the absence of a signature the resulting O/S won't enable users to access TCPA features.
What if the DRM system was cracked by means of something that you were allowed to do under the GPL? If they use the DMCA, or the Motherhood and Apple Pie Promotion Act against you, they have to stop distributing Linux. "If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all." BTW, Ross, does Microsoft Research in Cambridge work on this kind of technology? -- Pete --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
Pete Chown wrote quoting Ross:
You need a valid signature on the binary, plus a cert to use the TCPA PKI. That will cost you money (if not at first, then eventually).
I think it would be a breach of the GPL to stop people redistributing the signature: "You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License."
The application or OS vendor can in confidence distribute not just the code, but also the also the signature and cert. In fact, the application vendor can distribute absolutely everything they have access to themselves and you still won't be able to run the application in trusted mode. The cert that enables an application to run in trusted mode is tied to a specific TPM and therefore to a specific motherboard. For this cert to work on another motherboard without a new and different cert, the software vendor would need to extract the 2048-bit secret RSA key [1] from their own motherboard's TPM, make the secret key available for download, followed by the customer importing the key into their own TPM. The TPM, for obvious reasons, offers no facilities to export or import the TPM's internal keys. The GPL cannot possibly require a software author to distribute a hardware crack with their software or be in violation of the GPL. Distributing a crack for TPM's is distributing an infringement device and as such is illegal under US law. Even if the GPL were to be modified to mandate what is technically near impossible to a software vendor to achieve, even this layperson knows that contracts that require illegal acts are unenforceable. Note that I am not referring to acts that might be illegal in the future under the Hollings bill. Doing the above is illegal today. The GPL might be modified to require that the application vendor do whatever is necessary for a user to utilize an application in the way the user deems fit (i.e. in privileged mode), but that would put the GPL into very dangerous, and I believe thoroughly undesirable, territory. With such modifications, the hypothetical new GPL would mandate, to use Richard Stallman's terminology, not just freedom of speech, but free beer as well. That has never been the intend of the GPL. Furthermore, the certs required to run the OS or application will in may cases be issued by a party other than the application author or vendor. To continue using Richard's terminology, to cover this case the GPL would need to be rewritten to mandate that a third-party provide the free beer. I will leave it to the attorneys on this list to elucidate on the legal deficiencies of such a hypothetical contract, since I am not an attorney I will simply state that I sincerely doubt such contract would hold up in litigation. Of course I do not believe the FSF would make such changes. Which gets us back to Ross's point that the TCPA threatens the core of the GPL, from which this discussion started. For completeness I would like to state that I have no personal stake in the continued enforceability of the GPL, being a long-time supporter of the BSD licensing scheme myself. [1] 1024-bit RSA keys were rejected during the design phase of the TPM by members of the TCPA, which, as Anonymous pointed out in a previous post, contains several well-known crypto companies. The TCPA's website, which only makes specs, but not design documents, available to the public, unfortunately does not provide any documentation which reasoning lead to this decision. --Lucky Green --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
Pete Chown wrote: [...]
This doesn't help with your other point, though; people wouldn't be able to modify the code and have a useful end product. I wonder if it could be argued that your private key is part of the source code?
Am I expected to distribute my password with my code?
participants (4)
-
Ken Brown -
Lucky Green -
Pete Chown -
Ross Anderson