Re: Ross's TCPA paper
The amazing thing about this discussion is that there are two pieces of conventional wisdom which people in the cypherpunk/EFF/"freedom" communities adhere to, and they are completely contradictory. The first is that protection of copyright is ultimately impossible. See the analysis in Schneier and Kelsey's "Street Performer Protocol" paper, http://www.counterpane.com/street_performer.pdf. Or EFF columnist Cory Doctorow's recent recitation of the conventional wisdom at http://boingboing.net/2002_06_01_archive.html#85167215: "providing an untrusted party with the key, the ciphertext and the cleartext but asking that party not to make a copy of your message is just silly, and can't possibly work in a world of Turing-complete computing." The second is that evil companies are going to take over our computers and turn us into helpless slaves who can only sit slack-jawed as they force-feed us whatever content they desire, charging whatever they wish. The recent outcry over TCPA falls into this category. Cypherpunks alternate between smug assertions of the first claim and panicked wailing about the second. The important point about both of them, from the average cypherpunk's perspective, is that neither leaves any room for action. Both views are completely fatalistic in tone. In one, we are assured victory; in the other, defeat. Neither allows for human choice. Let's apply a little common sense for a change, and analyze the situation in the context of a competitive market economy. Suppose there is no law forcing people to use DRM-compliant systems, and everyone can decide freely whether to use one or not. This is plausible because, if we take the doom-sayers at their word, the Hollings bill or equivalent is completely redundant and unnecessary. Intel and Microsoft are already going forward. The BIOS makers are on board; TPM chips are being installed. In a few years there will be plenty of TCPA compliant systems in use and most new systems will include this functionality. Furthermore, inherent to the TCPA concept is that the chip can in effect be turned off. No one proposes to forbid you from booting a non-compliant OS or including non-compliant drivers. However the TPM chip, in conjunction with a trusted OS, will be able to know that you have done so. And because the chip includes an embedded, certified key, it will be impossible to falsely claim that your system is running in a "trusted" mode - only the TPM chip can convincingly make that claim. This means that whether the Hollings bill passes or not, the situation will be exactly the same. People running in "trusted" mode can prove it; but anyone can run untrusted. Even with the Hollings bill there will still be people using untrusted mode. The legislation would not change that. Therefore the Hollings bill would not increase the effectiveness of the TCPA model. And it follows, then, that Lucky and Ross are wrong to claim that this bill is intended to legislate use of the TCPA. The TCPA does not require legislation. Actually the Hollings bill is clearly targeted at the "analog hole", such as the video cable that runs from your PC to the display, or the audio cable to your speakers. Obviously the TCPA does no good in protecting content if you can easily hook an A/D converter into those connections and digitize high quality signals. The only way to remove this capability is by legislation, and that is clearly what the Hollings bill targets. So much for the claim that this bill is intended to enforce the TCPA. That claim is ultimately a red herring. It doesn't matter if the bill exists, what matters is that TCPA technology exists. Let us imagine a world in which most new PCs have TCPA built-in, Microsoft OS's have been adapted to support it, maybe some other OS's have been converted as well. The ultimate goal, according to the doom-sayers, is that digital content will only be made available to people who are running in "trusted" mode as determined by the TPM chip built into their system. This will guarantee that only an approved OS is loaded, and only approved drivers are running. It will not be possible to patch the OS or insert a custom driver to intercept the audio/video stream. You won't be able to run the OS in a virtual mode and provide an emulated environment where you can tap the data. Your system will display the data for you, and you will have no way to capture it in digital form. Now there are some obvious loopholes here. Microsoft software has a track record of bugs, and let's face it, Linux does, too. Despite the claims, the TCPA by itself does nothing to reduce the threat of viruses, worms, and other bug-exploiting software. At best it includes a set of checksums of key system components, but you can get software that does that already. Bugs in the OS and drivers may be exploitable and allow for grabbing DRM protected content. And once acquired, the data can be made widely available. No doubt the OS will be built to allow for frequent updates, similar to antivirus software, so that as an exploit becomes publicized, it will be closed. There will be an ongoing war between the hackers and the software companies, just as we see today. Presumably this will see-saw back and forth for quite a while. Hardware hacking will be another line of attack. The TPM chip isn't exactly omniscient. It's a pretty simple gadget; its only view of the world is through a few tiny wires. Of course it will be surface-mount soldered to the motherboard, but for a price you will probably be able to get yours unsoldered and mounted in a socket which gives the chip a "sanitized" view of your hardware configuration before boot, and switches over to your real, hacked, system once things get running. This will allow you to run your supposedly "secure" OS in virtual mode and still grab the protected data. But it's probably an expensive hack. Clearly no system can be perfect, and the same is true of the TCPA. There will be ongoing leakage of digitally protected data. Perhaps watermarking technologies will be brought into play for another layer of protection, but by and large those have been defeated as well. The goal of these systems is to reduce the quantity of piracy and to raise the price, so that we move away from the system today where do-it-yourself piracy is the norm. Let us suppose that this is the world ten years from now: you can run a secure OS in "trusted" mode and be eligible to download movies and music for a price; or you can run in untrusted mode and no one will let you download other than bootleg copies. This is the horror, the nightmare vision which the doom-sayers frantically wave before us. The important thing to note is this: you are no worse off than today! You are already in the second state today: you run untrusted, and none of the content companies will let you download their data. But boolegs are widely available. All the TCPA "threatens" to do is to provide new options to the world. You will still be able to use your system in exactly the same ways that you use it today; you will be able to run all of the software that you run today. The TPM chip can be disabled or ignored if you don't run in "trusted" mode, and you get the same effect you have today with no TPM chip. You have lost nothing. Ironically, if we lived in a world of honest people, the TCPA would not be necessary. You would be able to buy DRM protected data already, agreeing to the restrictions in exchange for the content, and you would follow the rules. We would have a thriving market in digital content. But we don't live in that world. People can make all the promises they like and the vendors know there is no way to hold them to what they have said. There is not even social opprobrium; look at how eager everyone was to look the other way on the question of whether the DeCSS reverse engineering violated the click-through agreement. The TCPA allows you to do something that you can't do today: run your system in a way which convinces the other guy that you will honor your promises, that you will guard his content as he requires in exchange for his providing it to you. It allows you to be honest. It doesn't force it; you can still do everything you can do today. But it allows it. It gives you the chance to present an honest face even across the anonymizing medium of the net. Lucky, Ross and others who view this as a catastrophe should look at the larger picture and reconsider their perspective. Realize that the "trusted" mode of the TCPA will always be only an option, and there is no technological, political or economic reason for that to change. The TCPA gives people new capabilities without removing any old ones. It makes possible a new kind of information processing that cannot be accomplished in today's world. It lets people make binding promises that are impossible today. It makes the world a more flexible place, with more opportunities and options. Somehow that doesn't sound all that bad. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
On Mon, 24 Jun 2002, Anonymous wrote:
The amazing thing about this discussion is that there are two pieces of conventional wisdom which people in the cypherpunk/EFF/"freedom" communities adhere to, and they are completely contradictory.
Makes for lively conversation doesn't it :-)
Cypherpunks alternate between smug assertions of the first claim and panicked wailing about the second. The important point about both of them, from the average cypherpunk's perspective, is that neither leaves any room for action. Both views are completely fatalistic in tone. In one, we are assured victory; in the other, defeat. Neither allows for human choice.
A good discussion should alternate. Certainly it's not the same people. And both urge the same action - tell your congress critter to butt out!
This means that whether the Hollings bill passes or not, the situation will be exactly the same. People running in "trusted" mode can prove it; but anyone can run untrusted. Even with the Hollings bill there will still be people using untrusted mode. The legislation would not change that. Therefore the Hollings bill would not increase the effectiveness of the TCPA model. And it follows, then, that Lucky and Ross are wrong to claim that this bill is intended to legislate use of the TCPA. The TCPA does not require legislation.
Exactly. Let the market decide. This is why it's necessary to contact your congress critter - they don't need to be involved.
Lucky, Ross and others who view this as a catastrophe should look at the larger picture and reconsider their perspective. Realize that the "trusted" mode of the TCPA will always be only an option, and there is no technological, political or economic reason for that to change. The TCPA gives people new capabilities without removing any old ones. It makes possible a new kind of information processing that cannot be accomplished in today's world. It lets people make binding promises that are impossible today. It makes the world a more flexible place, with more opportunities and options. Somehow that doesn't sound all that bad.
As long as it's not legislated, nobody needs to worry about what gets fabbed. The market will decide if DRM makes any economic sense. I'm betting it doesn't, but I've been wrong before. Untrusted platforms will be cheaper than trusted ones, so there has to be some incentive for customers to buy them. Economic incentives make far more sense than legislated ones. The main point is not the content of the bill, or its purpose. The main point is that government is being told to get involved in the market place, and that, all by itself, is a *bad* idea. If people want to build trusted platforms and put them on the market they can go ahead and do it. If people don't want to buy them, that's their choice, and if others do decide it's worth it, they should be allowed to. As long as TCPA is really an option, the market place is a good way to sort things out. But S.2048 needs to die, not for scary reasons, but just because there's no reason for it in the first place. Patience, persistence, truth, Dr. mike
Anonymous wrote:
Furthermore, inherent to the TCPA concept is that the chip can in effect be turned off. No one proposes to forbid you from booting a non-compliant OS or including non-compliant drivers.
Good point. At least I hope they don't. :-)
There is not even social opprobrium; look at how eager everyone was to look the other way on the question of whether the DeCSS reverse engineering violated the click-through agreement.
Perhaps it did, but the licence agreement was unenforceable. It's clearly reverse engineering for interoperability (between Linux and DVD players) so the legal exemption applies. You can't escape the exemption by contract. Now, you might say that morally he should obey the agreement he made. My view is that there is a reason why this type of contract is unenforceable; you might as well take advantage of the exemption. The prosecution was on some nonsense charge that amounted to him burgling his own house. A statute that was meant to penalise computer break-ins was used against someone who owned the computer that he broke into.
The TCPA allows you to do something that you can't do today: run your system in a way which convinces the other guy that you will honor your promises, that you will guard his content as he requires in exchange for his providing it to you.
Right, but it has an odd effect too. No legal system gives people complete freedom to contract. Suppose you really, really want to exempt a shop from liability if your new toaster explodes. You can't do it; the legal system does not give you the freedom to contract in that way. DRM, however, gives people complete freedom to make contracts about how they will deal with digital content. Under EU single market rules, a contract term to the effect that you could pass on your content to someone in the UK but not the rest of the EU is unenforceable. No problem for DRM though... I think lawyers will hate this. -- Pete --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
Pete Chown writes: : Anonymous wrote: : : > Furthermore, inherent to the TCPA concept is that the chip can in : > effect be turned off. No one proposes to forbid you from booting a : > non-compliant OS or including non-compliant drivers. : : Good point. At least I hope they don't. :-) : : > There is not even social opprobrium; look at how eager : > everyone was to look the other way on the question of whether the DeCSS : > reverse engineering violated the click-through agreement. : : Perhaps it did, but the licence agreement was unenforceable. It's : clearly reverse engineering for interoperability (between Linux and DVD : players) so the legal exemption applies. You can't escape the exemption : by contract. Now, you might say that morally he should obey the : agreement he made. My view is that there is a reason why this type of : contract is unenforceable; you might as well take advantage of the : exemption. That isn't the reason why a click-through agreement isn't enforceable---the agreement could, were it enforceable, validlly forbid reverse engineering for any reason and that clause would in most cases be upheld. But, unless you buy your software from the copyright owner, you own your copy of the software and clicking on a so called agreement with the copyright owner that you won't do certain things with your software is---or, at least should be---as unenforceable as promise to your doctor that you won't smoke another cigarette. The important point is not, however, that click-through agreements are probably unenforceable; the important point is that people---at least those people who think that they own their own computers and the software copies that they have purchased---generally believe that they should be unenforceable. (And in the actual case involving Linux and DVD players there was no agreement not to circumvent the technological control measures in DVD's; the case was based on the theory that the circumvention violated the Digital Millenium Copyright Act.) : The prosecution was on some nonsense charge that amounted to him : burgling his own house. A statute that was meant to penalise computer : break-ins was used against someone who owned the computer that he broke : into. : : > The TCPA allows you to do something that you can't do today: run your : > system in a way which convinces the other guy that you will honor your : > promises, that you will guard his content as he requires in exchange for : > his providing it to you. : : Right, but it has an odd effect too. No legal system gives people : complete freedom to contract. Suppose you really, really want to exempt : a shop from liability if your new toaster explodes. You can't do it; : the legal system does not give you the freedom to contract in that way. : : DRM, however, gives people complete freedom to make contracts about how : they will deal with digital content. Under EU single market rules, a : contract term to the effect that you could pass on your content to : someone in the UK but not the rest of the EU is unenforceable. No : problem for DRM though... I don't think that one should confuse contract limitations, or limitations on enforceable contract limitations, with technological limitations. There is nothing, for example, in any legal system that forbids one from violating the law of gravity. One of the many problems with the use of the Digital Millenium Copyright Act to enforce the technological control measures in DVD's was that it was based on the rather weird theory that it should be illegal to do something that someone else tried, but failed, to make technologically impossible to do. (Thus I am rather doubtful that Lessig's idea the everything is code is useful for analytical, rather than rhetorical, purposes.) : I think lawyers will hate this. I don't see why we should. We don't hate the law of gravity or the law of large numbers. -- Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH EMAIL: junger@samsara.law.cwru.edu URL: http://samsara.law.cwru.edu NOTE: junger@pdj2-ra.f-remote.cwru.edu no longer exists --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
"Peter D. Junger" wrote:
: > There is not even social opprobrium; look at how eager : > everyone was to look the other way on the question of whether the DeCSS : > reverse engineering violated the click-through agreement. : : Perhaps it did, but the licence agreement was unenforceable. It's : clearly reverse engineering for interoperability (between Linux and DVD : players) so the legal exemption applies. You can't escape the exemption : by contract.
I certainly agree that that /should/ be the case. However, you assert that it /is/ the case. Under what country's laws? Can you cite test cases?
: Now, you might say that morally he should obey the agreement he made.
I'd claim that he made no agreement; a click-through license is not a valid contract. If I recall correctly, a Louisiana court did rule that way in a well-publicised case, and I've heard several Canadians assert that at least some are invalid under our law.
... The important point is not, however, that click-through agreements are probably unenforceable; the important point is that people---at least those people who think that they own their own computers and the software copies that they have purchased---generally believe that they should be unenforceable.
However, what people generally believe has little bearing in law. The question is whether courts -- which courts in which countries and on what grounds -- will deem them enforcable and therefore will enforce them when asked to do so. It does not matter much what you believe if a court can be convinced you're violating a law. They have quite effective ways of enforcing such judgements. Of course, there are some good legal arguments that click-through agreements should not be enforcable, and that contracts should not be allowed to restrict reverse engineering. For that matter, there's a good argument that the DVD CCA is an illegal conspiracy to restrict competition and manipulate the markets, and should be prosecuted as such. e.g. the Australian Competition Board has demanded an explanation of region codes: http://www.accc.gov.au//fs-search.htm To quote two speeches from that site: Difficulties between the pro-competitive community and Intellectual Property Mr Ross Jones, Commissioner Australian Competition & Consumer Commission | Australian consumers are currently suffering from an international cartel that | restricts their access to digital versatile discs (DVDs). The cartel, headed | by major film studios in agreement with the manufacturers of DVD players, has | divided the world into regions. This ensures that DVDs on sale in Australia | will only function on a DVD player licensed for region 4 that includes Australia. | The stated aim is to protect cinema ticket sales by preventing people viewing | movies on DVDs in their homes before distribution to cinemas. The Australian | subsidiaries of US film companies have been requested by the Commission to | explain their actions. It will then decide what action can be taken. Globalisation and Competition Policy Professor Allan Fels, Chairman Australian Competition & Consumer Commission | The Commission has requested the Australian subsidiaries of United States film | companies to explain why their regional restrictions on DVDs should not be deemed | a breach of the Trade Practices Act 1974. ... | | The Commission believes RPC is anti-competitive with Australian consumers lacking | a choice of DVD videos and possibly paying higher prices. The quoted documents are a couple of years old. Does anyone have an update? A few of us have been trying, without much success, to convince the Canadian Competition Bureau to prosecute these conspirators. It might be worth a shot in other countries.
(And in the actual case involving Linux and DVD players there was no agreement not to circumvent the technological control measures in DVD's; the case was based on the theory that the circumvention violated the Digital Millenium Copyright Act.)
Correct, for the case brought on the East Coast (NY? NJ?) by the MPAA. However, the first case, brought in California by DVD CCA, did not use the DMCA. It alleged theft of trade secrets, and violation of the license agreement.
Sandy Harris writes: : "Peter D. Junger" wrote: : : > : > There is not even social opprobrium; look at how eager : > : > everyone was to look the other way on the question of whether the DeCSS : > : > reverse engineering violated the click-through agreement. : > : : > : Perhaps it did, but the licence agreement was unenforceable. It's : > : clearly reverse engineering for interoperability (between Linux and DVD : > : players) so the legal exemption applies. You can't escape the exemption : > : by contract. : : I certainly agree that that /should/ be the case. However, you assert : that it /is/ the case. Under what country's laws? Can you cite test : cases? I didn't quite assert that it is the case, although it should be if one reads the applicable provisions of the copyright act and the sales article of the Uniform Commercial Code. As to a case, there is one out of California involving Adobe where a federal district court went a long way toward holding that recently. : > : Now, you might say that morally he should obey the agreement he made. : : I'd claim that he made no agreement; a click-through license is not a : valid contract. If I recall correctly, a Louisiana court did rule that : way in a well-publicised case, and I've heard several Canadians assert : that at least some are invalid under our law. : : > ... The important point : > is not, however, that click-through agreements are probably : > unenforceable; the important point is that people---at least : > those people who think that they own their own computers and : > the software copies that they have purchased---generally : > believe that they should be unenforceable. : : However, what people generally believe has little bearing in law. But it has everything to do with what people believe is moral. : : The question is whether courts -- which courts in which countries : and on what grounds -- will deem them enforcable and therefore : will enforce them when asked to do so. It does not matter much : what you believe if a court can be convinced you're violating a : law. They have quite effective ways of enforcing such judgements. : : Of course, there are some good legal arguments that click-through : agreements should not be enforcable, and that contracts should not : be allowed to restrict reverse engineering. : : For that matter, there's a good argument that the DVD CCA is an : illegal conspiracy to restrict competition and manipulate the : markets, and should be prosecuted as such. e.g. the Australian : Competition Board has demanded an explanation of region codes: : : http://www.accc.gov.au//fs-search.htm : : To quote two speeches from that site: : : Difficulties between the pro-competitive community and Intellectual Property : Mr Ross Jones, Commissioner : Australian Competition & Consumer Commission : : | Australian consumers are currently suffering from an international cartel t : hat : | restricts their access to digital versatile discs (DVDs). The cartel, heade : d : | by major film studios in agreement with the manufacturers of DVD players, h : as : | divided the world into regions. This ensures that DVDs on sale in Australia : | will only function on a DVD player licensed for region 4 that includes Aust : ralia. : | The stated aim is to protect cinema ticket sales by preventing people viewi : ng : | movies on DVDs in their homes before distribution to cinemas. The Australia : n : | subsidiaries of US film companies have been requested by the Commission to : | explain their actions. It will then decide what action can be taken. : : Globalisation and Competition Policy : Professor Allan Fels, Chairman : Australian Competition & Consumer Commission : : | The Commission has requested the Australian subsidiaries of United States f : ilm : | companies to explain why their regional restrictions on DVDs should not be : deemed : | a breach of the Trade Practices Act 1974. ... : | : | The Commission believes RPC is anti-competitive with Australian consumers l : acking : | a choice of DVD videos and possibly paying higher prices. : : The quoted documents are a couple of years old. Does anyone have : an update? : : A few of us have been trying, without much success, to convince the : Canadian Competition Bureau to prosecute these conspirators. It might : be worth a shot in other countries. : : > (And in the : > actual case involving Linux and DVD players there was no : > agreement not to circumvent the technological control measures : > in DVD's; the case was based on the theory that the circumvention : > violated the Digital Millenium Copyright Act.) : : Correct, for the case brought on the East Coast (NY? NJ?) by the : MPAA. However, the first case, brought in California by DVD CCA, : did not use the DMCA. It alleged theft of trade secrets, and : violation of the license agreement. The East Coast case which was decided against the publisher arose in the federal district court for New York and was finally decided the wrong way by the 2d Circuit court of appeals. The California case arose in the California courts and was based almost entirely on trade secret claims. (The only way that licenses got into the case was the claim that the original parties who had done the reverse engineering were bound by license agreements to keep the information secret.) In that case the good guys have won so far. -- Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH EMAIL: junger@samsara.law.cwru.edu URL: http://samsara.law.cwru.edu NOTE: junger@pdj2-ra.f-remote.cwru.edu no longer exists
Peter D. Junger wrote:
That isn't the reason why a click-through agreement isn't enforceable---the agreement could, were it enforceable, validlly forbid reverse engineering for any reason and that clause would in most cases be upheld.
Not in Europe though. EU directive 91/250/EEC "on the legal protection of computer programs" makes provision for reverse engineering for interoperability. In Britain this was incorporated into domestic law by the Copyright (Computer Programs) Regulations 1992: http://www.hmso.gov.uk/si/si1992/Uksi_19923233_en_1.htm See in particular s.50B(4) which the regulations added to the Copyright Designs and Patents Act 1988.
(And in the actual case involving Linux and DVD players there was no agreement not to circumvent the technological control measures in DVD's; the case was based on the theory that the circumvention violated the Digital Millenium Copyright Act.)
The American cases were, but the European case of course wasn't. The DMCA doesn't apply over here, though we have something similar in the works.
I think lawyers will hate this.
I don't see why we should. We don't hate the law of gravity or the law of large numbers.
You should hate it. :-) It is appropriate for the legislature to decide which acts are restricted by copyright and which are not. The DMCA and similar legislation hands that right to private organisations. To some extent anti-trust law guards against the worst abuses, but it is more appropriate for the boundaries of copyright to be set by our "elected representatives". BTW, I have been thinking for a while about putting together a UK competition complaint about DVD region coding. No promises that anything will happen quickly. On the other hand, if people offer help (or just tell me that they think it is a worthwhile thing to do) it will probably move faster. -- Pete
From: "Pete Chown" <Pete.Chown@skygate.co.uk>
You should hate it. :-) It is appropriate for the legislature to decide which acts are restricted by copyright and which are not. The DMCA and similar legislation hands that right to private organisations. To some extent anti-trust law guards against the worst abuses, but it is more appropriate for the boundaries of copyright to be set by our "elected representatives".
This was a joke, right? I mean, on this list, saying that our elected representatives are better than even the most hated companies MUST be a joke... right? Mark
I'm slightly confused about this. My understanding of contract law is that five things are required to form a valid contract: offer and acceptance, mutual intent, consideration, capacity, and lawful intent. It seems to me that a click-through agreement is likely to fail on at least one, and possibly two of these requirements. First, it is doubtful that there is mutual intent. The average user doesn't even read the agreement, so there is hardly mutual intent. However, even if I accept mutual intent, it would be easy to argue that there is no capacity. I have four children under the age of seven. None of them have the legal capacity to form a contract. Three of them have the physical capacity to click a button. A corporation would therefore have to demonstrate that I and not they clicked on the agreement for the contract to be valid. As a side note, it seems that a corporation would actually have to demonstrate that I had seen and agreed to the thing and clicked acceptance. Prior to that point, I could reverse engineer, since there is no statement that I cannot reverse engineer agreed to. So what would happen if I reverse engineered the installation so that the agreement that was display stated that I could do what I liked with the software? Ok, so there would be no mutual intent, but on the other hand, there would also be no agreement on the click-through agreement either. Paul Peter D. Junger writes:
Pete Chown writes:
: Anonymous wrote: : : > Furthermore, inherent to the TCPA concept is that the chip can in : > effect be turned off. No one proposes to forbid you from booting a : > non-compliant OS or including non-compliant drivers. : : Good point. At least I hope they don't. :-) : : > There is not even social opprobrium; look at how eager : > everyone was to look the other way on the question of whether the DeCSS : > reverse engineering violated the click-through agreement. : : Perhaps it did, but the licence agreement was unenforceable. It's : clearly reverse engineering for interoperability (between Linux and DVD : players) so the legal exemption applies. You can't escape the exemption : by contract. Now, you might say that morally he should obey the : agreement he made. My view is that there is a reason why this type of : contract is unenforceable; you might as well take advantage of the : exemption.
That isn't the reason why a click-through agreement isn't enforceable---the agreement could, were it enforceable, validlly forbid reverse engineering for any reason and that clause would in most cases be upheld. But, unless you buy your software from the copyright owner, you own your copy of the software and clicking on a so called agreement with the copyright owner that you won't do certain things with your software is---or, at least should be---as unenforceable as promise to your doctor that you won't smoke another cigarette. The important point is not, however, that click-through agreements are probably unenforceable; the important point is that people---at least those people who think that they own their own computers and the software copies that they have purchased---generally believe that they should be unenforceable. (And in the actual case involving Linux and DVD players there was no agreement not to circumvent the technological control measures in DVD's; the case was based on the theory that the circumvention violated the Digital Millenium Copyright Act.)
: The prosecution was on some nonsense charge that amounted to him : burgling his own house. A statute that was meant to penalise computer : break-ins was used against someone who owned the computer that he broke : into. : : > The TCPA allows you to do something that you can't do today: run your : > system in a way which convinces the other guy that you will honor your : > promises, that you will guard his content as he requires in exchange for : > his providing it to you. : : Right, but it has an odd effect too. No legal system gives people : complete freedom to contract. Suppose you really, really want to exempt : a shop from liability if your new toaster explodes. You can't do it; : the legal system does not give you the freedom to contract in that way. : : DRM, however, gives people complete freedom to make contracts about how : they will deal with digital content. Under EU single market rules, a : contract term to the effect that you could pass on your content to : someone in the UK but not the rest of the EU is unenforceable. No : problem for DRM though...
I don't think that one should confuse contract limitations, or limitations on enforceable contract limitations, with technological limitations. There is nothing, for example, in any legal system that forbids one from violating the law of gravity.
One of the many problems with the use of the Digital Millenium Copyright Act to enforce the technological control measures in DVD's was that it was based on the rather weird theory that it should be illegal to do something that someone else tried, but failed, to make technologically impossible to do.
(Thus I am rather doubtful that Lessig's idea the everything is code is useful for analytical, rather than rhetorical, purposes.)
: I think lawyers will hate this.
I don't see why we should. We don't hate the law of gravity or the law of large numbers.
-- Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH EMAIL: junger@samsara.law.cwru.edu URL: http://samsara.law.cwru.edu NOTE: junger@pdj2-ra.f-remote.cwru.edu no longer exists
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
-- ---------------------------------------------------------------------------- Paul A.S. Ward, Assistant Professor Email: pasward@shoshin.uwaterloo.ca University of Waterloo pasward@computer.org Department of Computer Engineering Tel: +1 (519) 888-4567 ext.3127 Waterloo, Ontario Fax: +1 (519) 746-3077 Canada N2L 3G1 URL: http://shoshin.uwaterloo.ca/~pasward --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
From: <pasward@shoshin.uwaterloo.ca>
As a side note, it seems that a corporation would actually have to demonstrate that I had seen and agreed to the thing and clicked acceptance. Prior to that point, I could reverse engineer, since there is no statement that I cannot reverse engineer agreed to. So what would happen if I reverse engineered the installation so that the agreement that was display stated that I could do what I liked with the software? Ok, so there would be no mutual intent, but on the other hand, there would also be no agreement on the click-through agreement either.
I have an application that replaces the caption on the "I agree" button to your liking; I wrote it exactly because of this reasoning. http://picosoft.freeservers.com/NoLicense.htm Of course, it's a stupid little program, I'm sure anyone can come up with something better in no time... BTW, for any lawyers around here - shouldn't the mere existence of this program be enough to blow up the idea that you agreed to the click-through stuff? Mark
----- Original Message ----- From: "Anonymous" <nobody@remailer.privacy.at>
The amazing thing about this discussion is that there are two pieces of conventional wisdom which people in the cypherpunk/EFF/"freedom" communities adhere to, and they are completely contradictory.
The first is that protection of copyright is ultimately impossible.
The second is that evil companies are going to take over our computers and turn us into helpless slaves who can only sit slack-jawed as they force-feed us whatever content they desire, charging whatever they wish.
I disagree that these are entirely contradictory. The first is a statement in the realm of logic; that if Bob is prepared to deal with whatever consequences will occur because of the publication of the conversation, there is nothing Alice can do to stop him (short of killing him before he publishes). The second is a statement in the realm of law, that companies will try to rid themselves of any requirements that are painful to their bottomline. In the current case there is a perceived threat of this nature (right or wrong) regarding the TCPA, that corporations are using their monetary power to revoke rights that are currently enjoyed. These statements are not contradictory; Alice can still do as she pleases to the TCPA devices in her computer, the problem arises that she may have to deal with substantial civil and criminal penalties for doing so. This is similar to the question "Is Alice free to walk into a bank carrying a full-automatic weapon, kill everyone inside, and steal all the money?" yes she is, but she has to be prepared to deal with the (wo)manhunt that will begin the moment something like that happens, and the inevitable that she simply won't live to stand trial (with high probability). Joe
Anonymous wrote:
The amazing thing about this discussion is that there are two pieces of conventional wisdom which people in the cypherpunk/EFF/"freedom" communities adhere to, and they are completely contradictory.
I can't agree. Strong protection of copyright is probably possible if the content owner only distributes the content to tamperproof trusted hardware. Strong protection of copyright is probably not possible if the content is available on hardware under control of untrusted parties. Where's the contradiction? Another point you seem to be missing is that there is a middle ground between perfect copy-protection and no copy-protection. This middle ground may be very bad for the public. Take, for instance, Adobe's rot13-class encryption: this offered only weak copy-protection, as any serious pirate could defeat it, but the copy-protection is just strong enough to be bad for fair use and for research, and possibly just strong enough to serve Adobe's corporate interests.
Let us suppose that this is the world ten years from now: you can run a secure OS in "trusted" mode and be eligible to download movies and music for a price; or you can run in untrusted mode and no one will let you download other than bootleg copies. This is the horror, the nightmare vision which the doom-sayers frantically wave before us.
No, it's not. Read Ross Anderson's article again. Your analysis misses part of the point. Here's an example of a more problematic vision: you can buy Microsoft Office for $500 and be able to view MS Office documents; or you can refrain from buying it and you won't be able to view MS Office documents. Do you see why this is problematic? It lets one vendor lock the world into a monopoly; noone else will be able to develop compatible MS Word viewers without the consent of Microsoft. (StarOffice on Linux won't work, because to get the session key to decrypt the Word document your viewer has to go online to microsoft.com and ask for it, but microsoft.com won't give you the key unless you've bought a "secure" "trusted" OS and purchased Microsoft Office for $500.) Now notice that the same idea can be used to inhibit competition in just about any computer market, and I hope you appreciate Ross's point. TCPA/DRM has the potential for anti-competitive effects, and the result may well be worse off than we are today.
On 27 Jun 2002, David Wagner wrote:
No, it's not. Read Ross Anderson's article again. Your analysis misses part of the point. Here's an example of a more problematic vision: you can buy Microsoft Office for $500 and be able to view MS Office documents; or you can refrain from buying it and you won't be able to view MS Office documents. Do you see why this is problematic? It lets one vendor lock the world into a monopoly; noone else will be able to develop compatible MS Word viewers without the consent of Microsoft. (StarOffice on Linux won't work, because to get the session key to decrypt the Word document your viewer has to go online to microsoft.com and ask for it, but microsoft.com won't give you the key unless you've bought a "secure" "trusted" OS and purchased Microsoft Office for $500.) Now notice that the same idea can be used to inhibit competition in just about any computer market, and I hope you appreciate Ross's point. TCPA/DRM has the potential for anti-competitive effects, and the result may well be worse off than we are today.
As long as MS Office isn't mandated by law, who cares? So what: somebody sends me a file. I tell them I can't read it. Now, they have a choice, they can give me MS Office or they can send me ascii. The market will determine if "secure" OS's are useful. DRM isn't the problem. Legislating DRM is the problem. You can go buy IBM portables with secure key chips built in right now to help protect your box and your business data. That's TCPA. Nothing wrong with it, it's a good idea. It doesn't become wrong until it becomes forced down our throats. That's where S.2048 becomes something to worry about, it forces us to use hardware we don't need (or may not need for our purposes). TCPA and DRM are not the problem here, and privacy and copyright are side issues too. There is no need for the law to intervene, the market will decide how all this stuff can be used efficiently and effectively. And that's what the entertainment industry needs to figure out and fast too. The law is slow. Technology is fast. Patience, persistence, truth, Dr. mike
Mike Rosing wrote:
As long as MS Office isn't mandated by law, who cares?
It's not clear that enabling anti-competitive behavior is good for society. After all, there's a reason we have anti-trust law. Ross Anderson's point -- and it seems to me it's one worth considering -- is that, if there are potentially harmful effects that come with the beneficial effects, maybe we should think about them in advance.
David wrote:
It's not clear that enabling anti-competitive behavior is good for society. After all, there's a reason we have anti-trust law. Ross Anderson's point -- and it seems to me it's one worth considering -- is that, if there are potentially harmful effects that come with the beneficial effects, maybe we should think about them in advance.
I fully agree that the TCPA's efforts offer potentially beneficial effects. Assuming the TPM has not been compromised, the TPM should enable to detect if interested parties have replaced you NIC with the rarer, but not unheard of, variant that ships out the contents of your operating RAM via DMA and IP padding outside the abilities of your OS to detect. However, enabling platform security, as much as might be stressed otherwise by the stakeholders, has never been the motive behind the TCPA. The motive has been DRM. Does this mean that one should ignore the benefits that TCPA might bring? Of course not. But it does mean that one should carefully weigh the benefits against the risks. --Lucky Green
At 12:59 AM 06/27/2002 -0700, Lucky Green wrote:
I fully agree that the TCPA's efforts offer potentially beneficial effects. Assuming the TPM has not been compromised, the TPM should enable to detect if interested parties have replaced you NIC with the rarer, but not unheard of, variant that ships out the contents of your operating RAM via DMA and IP padding outside the abilities of your OS to detect.
It can? I thought that DMA was there to let you avoid bothering the CPU. The Alternate NIC card would need to have a CPU of its own to do a good job of this, but that's not hard.
However, enabling platform security, as much as might be stressed otherwise by the stakeholders, has never been the motive behind the TCPA. The motive has been DRM. Does this mean that one should ignore the benefits that TCPA might bring? Of course not. But it does mean that one should carefully weigh the benefits against the risks.
There's also the difficulty that, while it might be good at DRM, it might or might not be good at letting users write programs that are good at security. It's certainly never been a Microsoft specialty. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
On Wed, Jul 03, 2002 at 10:54:43PM -0700, Bill Stewart wrote:
At 12:59 AM 06/27/2002 -0700, Lucky Green wrote:
I fully agree that the TCPA's efforts offer potentially beneficial effects. Assuming the TPM has not been compromised, the TPM should enable to detect if interested parties have replaced you NIC with the rarer, but not unheard of, variant that ships out the contents of your operating RAM via DMA and IP padding outside the abilities of your OS to detect.
It can? I thought that DMA was there to let you avoid bothering the CPU. The Alternate NIC card would need to have a CPU of its own to do a good job of this, but that's not hard.
I don't think so. As far as I understood, the bus system (PCI,...) will be encrypted as well. You'll have to use a NIC which is certified and can decrypt the information on the bus. Obviously, you won't get a certification for such an network card. But this implies other problems: You won't be able to enter a simple shell script through the keyboard. If so, you could simple print protected files as a hexdump or use the screen (or maybe the sound device or any LED) as a serial interface. Since you could use the keyboard to enter a non-certified program, the keyboard is to be considered as a nontrusted device. This means that you either * have to use a certified keyboard which doesn't let you enter bad programs * don't have a keyboard at all * or are not able to use shell scripts (at least not in trusted context). This means a strict separation between certified software and data. If Microsoft was able to do so, we wouldn't have worms. Hadmut
Hadmut Danisch wrote:
On Wed, Jul 03, 2002 at 10:54:43PM -0700, Bill Stewart wrote:
At 12:59 AM 06/27/2002 -0700, Lucky Green wrote:
I fully agree that the TCPA's efforts offer potentially beneficial effects. Assuming the TPM has not been compromised, the TPM should enable to detect if interested parties have replaced you NIC with the rarer, but not unheard of, variant that ships out the contents of your operating RAM via DMA and IP padding outside the abilities of your OS to detect.
It can? I thought that DMA was there to let you avoid bothering the CPU. The Alternate NIC card would need to have a CPU of its own to do a good job of this, but that's not hard.
I don't think so. As far as I understood, the bus system (PCI,...) will be encrypted as well. You'll have to use a NIC which is certified and can decrypt the information on the bus. Obviously, you won't get a certification for such an network card.
You won't and Bill won't. But those who employ such NIC's will have no difficulty obtaining certification.
But this implies other problems:
You won't be able to enter a simple shell script through the keyboard. If so, you could simple print protected files as a hexdump or use the screen (or maybe the sound device or any LED) as a serial interface.
Since you could use the keyboard to enter a non-certified program, the keyboard is to be considered as a nontrusted device. This means that you either
* have to use a certified keyboard which doesn't let you enter bad programs
* don't have a keyboard at all
* or are not able to use shell scripts (at least not in trusted context). This means a strict separation between certified software and data.
Sure you can use shell scripts. Though I don't understand how a shell script will help you in obtaining a dump of the protected data since your script has insufficient privileges to read the data. Nor can you give the shell script those privileges since you don't have supervisor mode access to the CPU. How does your shell script plan to get past the memory protection? What am I missing? --Lucky
On Thu, Jul 04, 2002 at 10:54:34PM -0700, Lucky Green wrote:
Sure you can use shell scripts. Though I don't understand how a shell script will help you in obtaining a dump of the protected data since your script has insufficient privileges to read the data. Nor can you give the shell script those privileges since you don't have supervisor mode access to the CPU. How does your shell script plan to get past the memory protection?
That's why I was talking about a shell script (or take any other program to be interpreted). What does need to be certified: The shell or the shell script? The CPU doesn't recognize the shell script as a program, this is just some plain data entered through the keyboard like writing a letter. A shell script is not a program, it is data entered at a program's runtime. This moves one step forward: The hardware (palladium chip, memory management, etc.) can check the binary program to be loaded. So you won'te be able to run a compiled program and to access protected information. But once a certified software is running, it takes input (reading mouse, keyboard, files, asking DNS, connecting servers,...). This input might cause (by interpretation, by bug or however) the certified software to do certain things which do not comply with DRM requirements. At this stage, the running binary software itself is the instance to provide the DRM security, not the palladium memory management anymore. I agree that this is not yet an "open sesame", but it shows that the game does not play on the binary/memory management layer only. But who controls runtime input? History shows, that M$ software is anything but able to deal with malicious input. That's why the world is using virus filters. That's nothing else than an external filter to keep malicious input from an attacker away from the running software. By analogy, Palladium might require the same: an input filter between attacker and running software. Since the "attacker" is sitting in front of the computer this time, this filter has to be applied to the user interface, keyboard and mouse. Maybe they'll install a filter between the keyboard and the software, thus building a certified keyboard, which filters out any malicious key sequences. And maybe you can use your keyboard only, if you have downloaded the latest patterns (like your daily virus filter update). I agree that this depends on the assumption that the certified software is not perfect and can't deal with arbitrary input. But that's reality. Hadmut
Hadmut Danisch writes:
You won't be able to enter a simple shell script through the keyboard. If so, you could simple print protected files as a hexdump or use the screen (or maybe the sound device or any LED) as a serial interface.
Since you could use the keyboard to enter a non-certified program, the keyboard is to be considered as a nontrusted device. This means that you either
* have to use a certified keyboard which doesn't let you enter bad programs
* don't have a keyboard at all
* or are not able to use shell scripts (at least not in trusted context). This means a strict separation between certified software and data.
The latter is closest to what's intended in Palladium. Individual programs using Palladium features are able to prevent one another from reading their executing or stored state. You can write your own programs, but somebody else can also write programs which can process data in a way that your programs can't interact with. The Palladium security model and features are different from Unix, but you can imagine by rough analogy a Unix implementation on a system with protected memory. Every process can have its own virtual memory space, read and write files, interact with the user, etc. But normally a program can't read another program's memory without the other program's permission. The analogy starts to break down, though: in Unix a process running as the superuser or code running in kernel mode may be able to ignore memory protection and monitor or control an arbitrary process. In Palladium, if a system is started in a trusted mode, not even the OS kernel will have access to all system resources. That limitation doesn't stop you from writing your own application software or scripts. Interestingly, Palladium and TCPA both allow you to modify any part of the software installed on your system (though not your hardware). The worst thing which can happen to you as a result is that the system will know that it is no longer "trusted", or will otherwise be able to recognize or take account of the changes you made. In principle, there's nothing wrong with running "untrusted"; particular applications or services which relied on a trusted feature, including sealed storage (see below), may fail to operate. Palladium and TCPA both allow an application to make use of hardware-based encryption and decryption in a scheme called "sealed storage" which uses a hash of the running system's software as part of the key. One result of this is that, if you change relevant parts of the software, the hardware will no longer be able to perform the decryption step. To oversimplify slightly, you could imagine that the hardware uses the currently-running OS kernel's hash as part of this key. Then, if you change the kernel in any way (which you're permitted to do), applications running under it will find that they're no longer able to decrypt "sealed" files which were created under the original kernel. Rebooting with the original kernel will restore the ability to decrypt, because the hash will again match the original kernel's hash. (I've been reading TCPA specs and recently met with some Microsoft Palladium team members. But I'm still learning about both systems and may well have made some mistakes in my description.) -- Seth Schoen Staff Technologist schoen@eff.org Electronic Frontier Foundation http://www.eff.org/ 454 Shotwell Street, San Francisco, CA 94110 1 415 436 9333 x107
On Fri, Jul 05, 2002 at 03:52:52AM -0700, Seth David Schoen wrote:
memory protection and monitor or control an arbitrary process. In Palladium, if a system is started in a trusted mode, not even the OS kernel will have access to all system resources.
That *might* be a contradiction in terms. If I understand this correctly, the TCPA or Palladium hardware will include some kind of memory management device, very similar to the ones we have in hardware of the last years, but which stores some kind of de-/encryption information for each page segment and which de-/encrypts every memory access. Doesn't seem to be much of a problem, except for speed. But how does this device know which segments belong to the software and which don't? Or how does it know whether an allowed or foreign task is accessing the protected areas (which is the same question again, = is the PC in a program segment which also belongs to the protected area). If this is done the simple way, like a normal OS configures the memory management when loading some executable software, the OS might at any time give wrong information to the device. In this case, the security depends on the integrity and bug-freeness of the OS, because the OS _could_ do it, but it is not supposed to do it. A more advanced way would be to have the program loaded by the operating system as before, but to have the Palladium device check some kind of signature to verify the correctness of the OS loading operation. This might lead to an uncontrollable problems, if programs start to load DLLs. Is the TCPA/Palladium trust transitive? If library A is trusted, and so is B, is then (A+B) trusted? A third way would be to keep the OS completely out of the job of loading software/programs into memory, and to have it done by the Palladium device. This isn't actually a third way, but a redefinition of terms and a migration. The OS isn't the OS anymore, because basic tasks of the OS have been migrated to the Palladium device, which is now to be considered as a piece of OS in silicon. I didn't find the time yet to read the TCPA description in detail. But from my current point of view I doubt that this will really work, provide the claimed security, and will still be a useful computer at the same time. I especially doubt that the same company, which completely fails to make Outlook or Internet Explorer resistent against content attacks (viruses, worms, ...) will be able to provide software which such a strict separation between trusted and untrusted data, as it is required for such a project to work. regards Hadmut
Let us suppose that this is the world ten years from now: you can run a secure OS in "trusted" mode and be eligible to download movies and music for a price; or you can run in untrusted mode and no one will let you download other than bootleg copies. This is the horror, the nightmare vision which the doom-sayers frantically wave before us.
The important thing to note is this: you are no worse off than today!
Well, first I want to say that I don't like the way it is today. I want things to get better. I can't read e-books on my pocket computer, for example, which is sad since I actually would be able to enjoy e-books if I only could load them onto my small computer that follows my everywhere. Yes, of course I could probably bypass the protection and make the e-book readable if I really wanted to, but I honestly don't want to. Besides the Sklyarov case I don't feel I should need to crack things I have legally purchased. Second, what about CD's? Today I can buy music on CD's and use the sound the way I want. I can put it in my MP3 player and I can practically do anything with it using a wave editor. But what about the future? Would they sell unprotected versions of any album so I can listen to and process music with the program of my choice?
You will still be able to use your system in exactly the same ways that you use it today; you will be able to run all of the software that you run today.
But not with the same data. How good is Winamp if it can't play any music recorded in 2004 or later? Given that Windows Media Player can play all your tunes and it takes a reboot to switch to Winamp, who wouldn't stick with WMP? And remember that Microsoft encourages us to protect our own files and documents. What will happen to the word processors, text editors and other programs we use today when there is no data left for them to use since everything has been protected?
The TCPA allows you to do something that you can't do today: run your system in a way which convinces the other guy that you will honor your promises, that you will guard his content as he requires in exchange for his providing it to you. It allows you to be honest.
Only problem is; I'm not the one giving promises, it's my computer! "Yes, I will make sure that the user only will be able to listen to this song three times. Don't you worry. His opinion doesn't matter. I'm in charge here." I'm not saying there isn't a market for listening to songs a limited number of times for a smaller fee, I'm just worried they will take away the possiblity of listening an unlimited number of times (or make it noticeably more expensive).
Realize that the "trusted" mode of the TCPA will always be only an option,
Bottom line; not if you want to work with protected content. (Which, from what I can understand, will include all future songs, movies and probably word documents and loads of other data as well.) Or am I missing something? --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
On Fri, 28 Jun 2002, Thomas Tydal wrote:
Realize that the "trusted" mode of the TCPA will always be only an option,
Bottom line; not if you want to work with protected content. (Which, from what I can understand, will include all future songs, movies and probably word documents and loads of other data as well.) Or am I missing something?
All future songs of *some* companies. As long as it's an option, there will be people out there selling CD's to get their music out. You're not missing anything. The question is: will it always be an option? I hope so. A bunch of huge companies that need encrypted set top boxes tied directly to an HDTV and hard to physically hack means lots of jobs. And they will compete with the markets already in place. So that's more jobs for more engineers. If it's not an option, economics is the least of our problems. Patience, persistence, truth, Dr. mike
At 09:43 PM 06/28/2002 +0200, Thomas Tydal wrote:
Well, first I want to say that I don't like the way it is today. I want things to get better. I can't read e-books on my pocket computer, for example, which is sad since I actually would be able to enjoy e-books if I only could load them onto my small computer that follows my everywhere.
You may not be able to read an Adobe\(tm Brand E-Book\(tm, but that just means you'll need to buy electronic books from publishers that don't use that data format - whether it's raw ascii text or Palm-formatted text or PalmOS DRMware that you can also view on your PC using an emulator in glorious 160x160-pixel format :-) Of course, if your PC's home country of Nauru has Software Police implementing some local equivalent of the DMCA, that emulator that you need for debugging may be illegal. ...
How good is Winamp if it can't play any music recorded in 2004 or later? Given that Windows Media Player can play all your tunes and it takes a reboot to switch to Winamp, who wouldn't stick with WMP?
On Mon, 24 Jun 2002, Anonymous wrote:
The important thing to note is this: you are no worse off than today! You are already in the second state today: you run untrusted, and none of the content companies will let you download their data. But boolegs are widely available.
The problem is that the "analog hole" is how we debug stuff. When our speakers don't sound right, we tap the signal, put it on an oscilloscope so we can see what's wrong, correct the drivers, and try again. When our monitor can't make sense of the video signal, it's different equipment but the same idea. When you encrypt all the connections to basic display hardware, as proposed in Palladium, it means nobody can write drivers or debug hardware without a million-dollar license. And if you do fix a bug so your system works better, your system's "trusted computing" system will be shut down. Not that that's any great loss. Likewise, encrypted instruction streams mean you don't know what the hell your CPU is doing. You would have no way to audit a program and make sure it wasn't stealing stuff from you or sending your personal information to someone else. Do we even need to recount how many abuses have been foisted on citizens to harvest marketing data, and exposed after-the- fact by some little-known hero who was looking at the assembly code and went, "Hey look what it's doing here. Why is it accessing the passwords/browser cache/registry/whatever?" Do we want to recount how many times personal data has been exported from customer's machines by "adware" that hoped not to be noticed? Or how popup ads get downloaded by software that has nothing to do with what website people are actually looking at? I don't want to give vendors a tunnel in and out of my system that I can't monitor. I want to be able to shut it down and nail it shut with a hardware switch. I don't want to ever run source code that people are so ashamed of that they don't want me to be able to check and see what it does; I want to nail that mode of my CPU off so that no software can turn it on EVER. I'll skip the digital movies if need be, but to me "trusted computing" means that *I* can trust my computer, not that someone else can. Bear --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
participants (15)
-
Anonymous -
bear -
Bill Stewart -
daw@mozart.cs.berkeley.edu -
Hadmut Danisch -
Joseph Ashwood -
Lucky Green -
Marcel Popescu -
Mike Rosing -
pasward@shoshin.uwaterloo.ca -
Pete Chown -
Peter D. Junger -
Sandy Harris -
Seth David Schoen -
Thomas Tydal