RE: Steven Levy buys Microsoft's bullshit hook, line, and sinker
Bram wrote:
http://www.msnbc.com/news/770511.asp?cp1=1
Of course, the TCPA has nothing to do with security or privacy, since those are OS-level things. All it can really do is ensure you're running a particular OS.
It's amazing the TCPA isn't raising all kinds of red flags at the justice department already - it's the most flagrant attempt to stifle competition I've ever seen.
From Levy's article: "Palladium [Microsoft's TCPA-based technology - LG] is being offered to
[Bram is correct, stifling competition is one of the many features TCPA will enable. In more ways than one. And for more players than just Microsoft]. Coincidentally, Steven Levy's article that Bram is citing also helps answer Mr. Anonymous's question with which he challenged Ross and myself earlier today. First, however, I must apologize to the reader for my earlier, now incorrect, statement that TCPA member companies would deny that DRM is an objective of the TCPA. I had been unaware that, as evidenced by the publication of the Newsweek article, the public phase of the TCPA effort had already begun. What a bizarre coincidence for this phase, after all those years the TCPA effort and its predecessors have been underway, (the design, and in fact the entire architecture, has morphed substantially over the years) to be kicked off the very day of my post. [Tim: do you recall when we had the discussion about the upcoming "encrypted op code chips" at a Cypherpunks meeting in a Stanford lecture hall? Was that 1995 or 1996? It cannot have been later; I know that I was still working for DigiCash at the time because I remember giving a talk on compact endorsement signatures at the same meeting]. the studios and record labels as a way to distribute music and film with "digital rights management" (DRM). This could allow users to exercise "fair use" (like making personal copies of a CD) and publishers could at least start releasing works that cut a compromise between free and locked-down. But a more interesting possibility is that Palladium could help introduce DRM to business and just plain people. "It's a funny thing," says Bill Gates. "We came at this thinking about music, but then we realized that e-mail and documents were far more interesting domains."' Another paragraph of the Newsweek article has this to say: "In 1997, Peter Biddle, a Microsoft manager who used to run a paintball arena, was the company's liason to the DVD-drive world. Naturally, he began to think of ways to address Hollywood's fear of digital copying. He hooked up with [...] researchers Paul England and John Manferdelli, and they set up a skunkworks operation, stealing time from their regular jobs to pursue a preposterously ambitious idea-creating virtual vaults in Windows to protect information. They quickly understood that the problems of intellectual property were linked to problems of security and privacy. They also realized that if they wanted to foil hackers and intruders, at least part of the system had to be embedded in silicon, not software." Well, now that Bill Gates himself is being quoted stating that DRM was a driver behind the technology the TCPA is enabling (Microsoft is one of the companies that founded the TCPA and should be in a position to know), does Mr. Anonymous consider this sufficient "evidence that the TCPA is being designed for the support of digital rights management (DRM) applications"? Or does Anonymous continue to believe Ross and Lucky are making this stuff up out of whole cloth? To answer Anonymous's question as to whether the "the TCPA [is] really, as [Ross and Lucky] claim, a secretive effort to get DRM hardware into consumer PCs?", I am not sure I would exactly call this fact a secret at this point. (Though by no means are all cards already on the table). DRM is a significant objective of some of the TCPA's member companies, which includes Microsoft. There are of course other objectives. Some of which Ross published, some which I mentioned, some which Steven Levy has published (though he largely fell for the designated bait and missed the numerous hooks), some which Bram has realized, and some which have yet to be talked about. Some desirable, some questionable, and a lot of them downright scary. Sincerely, --Lucky Green --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
On Monday, June 24, 2002, at 01:47 AM, Lucky Green wrote:
[Tim: do you recall when we had the discussion about the upcoming "encrypted op code chips" at a Cypherpunks meeting in a Stanford lecture hall? Was that 1995 or 1996? It cannot have been later; I know that I was still working for DigiCash at the time because I remember giving a talk on compact endorsement signatures at the same meeting].
Around that time. Someone (Markoff?) was reporting that Intel was devoting a few percent of its transistors in an upcoming CPU to op code encrypting. I remember pointing out that Intel had previously released, in the early 80s, a "KeyPROM," which was an EPROM with encryption so that the internal state could not easily be read. The ostensible market was for arcade game makers, who were heavy consumers of EPROMs at the time and who wanted ways to not have their games copied by competitors. (The product flopped. Left as an exercise is to think about how pointless it is to try to make a tamper-proof chip, especially without any of the expensive countermeasures being possible. Anyone who can make the chip wiggle with a logic analyzer and o-scope could learn a lot. We used our Dynamic Fault Imager to image internal microcode states, thus bypassing the crypto junk.) Back to the rumor. The supposed encrypted CPU has not yet appeared. One theory, one that I find plausible, is that Intel got freaked out by the firestorm of derision and protest that met its attempt (around the same time) to introduce processor/user ID numbers which companies like Microsoft could use. (As it turns out, there's enough readable state in a PC, with various configurations of memory, drives, etc., that Microsoft can do a crude registration system which makes it difficult for users to run a product on N different machines. The Intel ID system was anticipated to make this _much_ more robust than simply counting drives and slots and attempting to map to one such configuration...which has the headaches of requiring customers to re-register, if they are allowed to, when they swap out drives or move cards around.) Anyway, a major reason Intel got freaked is that AMD, a competitor of course, announced with much publicity that they would NOT, repeat NOT, include the processor ID feature! As an Intel shareholder of many years, I'm not happy that AMD is as strong a competitor as it is (which isn't very, to be honest). But in other obvious ways I am happy to see them out there, keeping Intel from implementing such schemes. This is the key, no pun intended. Any single vendor, like Intel, who imposes such a scheme will face harsh criticism from the rabble like us. We will write essays, we will monkeywrench their boxes with "Big Brother Inside" stickers, we will laugh at their failures, we will be energized to find hacks to defeat them. So any effort to put "DRM" into hardware will have to be a mandated, directed, antitrust-exempted procedure. (Aside: And possibly unpatented. Rambus is now getting smacked around by the courts for participating in JEDEC memory chip standards committees without disclosing their patent interests. A standard _can_ involve patents, pace Firewire and USB, but the issues get complicated. Something to keep your eye on, as a wedge for attack.) If one vendor doesn't put the DRM in, he has bragging rights a la AMD with Intel's processor ID scheme. For a DRM scheme to have any hope of succeeding, it must happen with all vendors of VCRs or PCs or whatever. And since companies are not allowed (in the U.S. and most statist countries) to meet secretly or even quasi-secretly to plan features, the DRM planning must be done either publically under a guise of "industry standards." Or exempted by the law, possibly a secret ruling (e.g., a letter from the AG exempting AMD, Intel, Nvidia, and VIA from antitrust laws for the purposes of implementing DRM). In summary: -- expect more such attempts -- use laughter, derision, and slogans to monkeywrench the public perception (I talked to a person from Intel at this year's CFP...got the confirmation that the firestorm over the chip ID scheme had scared Intel badly and that there was little support within Intel for repeating the mistake...could be why senior Intel managers have testified in Congress against mandated DRM schemes...cf. testimony of Les Vadasz, IIRC.)
--Tim May ""Guard with jealous attention the public liberty. Suspect everyone who approaches that jewel. Unfortunately, nothing will preserve it but downright force. Whenever you give up that force, you are ruined." --Patrick Henry
participants (2)
-
Lucky Green -
Tim May