Challenge to TCPA/Palladium detractors

Mike Rosing eresrch at eskimo.com
Wed Aug 7 14:18:47 PDT 2002 

On Wed, 7 Aug 2002, AARG! Anonymous wrote:

> I'd like the Palladium/TCPA critics to offer an alternative proposal
> for achieving the following technical goal:
>
>   Allow computers separated on the internet to cooperate and share data
>   and computations such that no one can get access to the data outside
>   the limitations and rules imposed by the applications.
>
> In other words, allow a distributed network application to create a
> "closed world" where it has control over the data and no one can get
> the application to "cheat".  IMO this is clearly the real goal of TCPA
> and Palladium, in technical terms, when stripped of all the emotional
> rhetoric.

Yes, this is a major research project in many universities.  Nobody
has a complete solution for the general case but some solutions for
specific cases.  IBM and Certicom both have hardware computation
platforms that allow a single company to verify its stuff is secure
on remote platforms, but the remote platform is under the control of the
company, it's not a generic PC that any consumer owns.

Personally I think it's impossible.  Once the data is in the clear in some
form it can be copied to some other form.  You can't stop someone from
cheating if you want them to get access to data.

> For those of you who claim that such a technology is not necessarily
> objectionable in itself, but that the implementations in TCPA and
> Palladium are flawed, please explain how you could do it better.  How can
> you maximize user control and privacy and minimize the potential for
> government or corporate takeovers?
>
> In other words, what *exactly* is wrong with the way that TCPA and
> Palladium choose to do things?  Can you fix those problems and still
> achieve the basic goal, above?

No, it's not possible to ship data around and let anyone see it
*and* prevent it from being copied.  What you can do is create
specific environments for specific applications, and there are already
solutions available for those purposes.  The problem with TCPA and
Palladium is attempting to make it generic.

If one person controls all computers, then the specific solution
becomes possible.  But it just happens that most of us don't like the idea
of one person controling all computers.

Patience, persistence, truth,
Dr. mike

More information about the cypherpunks-legacy mailing list