Other uses of TCPA

AARG! Anonymous remailer at aarg.net
Sat Aug 3 23:50:24 PDT 2002


Mike Rosing wrote:
> Who owns PRIVEK?  Who controls PRIVEK?  That's who own's TCPA.

PRIVEK, the TPM's private key, is generated on-chip.  It never leaves
the chip.  No one ever learns its value.  Given this fact, who would
you say owns and controls it?

> And then there was this comment in yet another message:
>
> >In addition, we assume that programs are able to run "unmolested";
> >that is, that other software and even the user cannot peek into the
> >program's memory and manipulate it or learn its secrets.  Palladium has
> >a feature called "trusted space" which is supposed to be some special
> >memory that is immune from being compromised.  We also assume that
> >all data sent between computers is encrypted using something like SSL,
> >with the secret keys being held securely by the client software (hence
> >unavailable to anyone else, including the users).
>
> Just how "immune" is this program space?  Does the operator/owner of
> the machine control it, or does the owner of PRIVEK control it?

Not much information is provided about this feature in the Palladium
white paper.  From what I understand, no one is able to manipulate
the program when it is in this trusted space, not the machine owner,
nor any external party.  Only the program is in control.

> So
> the owner of PRIVEK can send a trojan into my machine and take it over
> anytime they want.  Cool, kind of like the movie "Collosis" where a
> super computer takes over the world.

No, for several reasons.  First, PRIVEK doesn't really have an owner
in the sense you mean.  It is more like an autonomous agent.  Second,
the PRIVEK stuff is part of the TCPA spec, while the trusted space is
from Palladium, and they don't seem to have much to do with each other.
And last, just because a program can run without interference, it is a
huge leap to infer that anyone can put a trojan onto your machine.

> The more I learn about TCPA, the more I don't like it.

No one has said anything different despite the 40+ messages I have sent on
this topic.  Is this because TCPA is that bad, or is it because everyone
is stubborn?  Look, I just showed that all these bad things you thought
about TCPA were wrong.  The PRIVEK is not controlled by someone else,
it does not own the trusted space, and it allows no one to put a trojan
onto your machine.

But you won't now say that TCPA is OK, will you?  You just learned some
information which objectively should make you feel less bad about it, and
yet you either don't feel that way, or you won't admit it.  I am coming
to doubt that people's feelings and beliefs about TCPA are based on facts
at all.  No matter how much I correct negative misconceptions about these
systems, no one will admit to having any more positive feelings about it.





More information about the cypherpunks-legacy mailing list