maximize best case, worst case, or average case? (TCPA)

Ryan Lackey ryan at havenco.com
Thu Jul 4 05:54:51 PDT 2002 

Quoting Anonymous <nobody at remailer.privacy.at>:

> Okay, you are afraid that only "properly authorized" code will run.
> Let's talk about one area: programming languages.
> 
> What about compilers?  Development systems?  No doubt you'll claim these
> will be restricted.  They'll be like assault weapons.  Use a compiler,
> go to jail.  This despite the fact that they are necessary tools for
> technological progress today.

Basically, the concern I have is not that any *particular* end-user developed
application, in a post-DRM/TCPA world, will be rendered illegal, but that
the core of the machine will be modified such that a remote attacker
can deploy targeted or general sniffer/reporter trojans.  If you remove
the ability to compute in secret, with all communications widely .

The code which will be "illegal" on a DRM/TCPA/etc. machine, which
would actually be illegal if only those machines existed (which can be
done through restrictions on sales of new machines, or just special
kinds of I/O), is anything whihc can circumvent this DRM microkernel.  The DRM
microkernel will inevitably be implemented in a non-transparent way, 
allowing remote attackers superuser over OS-superuser access.

Switching to machines with one local root and lots of dumb terminals
would be roughly the same, except users have more explicit knowledge of
the power of root, and some influence over the selection of that root.

Simply eliminating the ability of most users to have a locally-secure
fully trusted execution environment, with processing, intermediate
storage protected from tampering or disclosure, etc., and network
communications, will kill cypherpunk applications.  If any cypherpunk
application requires the users to jump through hoops to get a reasonable
hardware platform, vs. just using a normal PC on his desk, there is
a bit of difficulty -- it's hard enough to get cypherpunk applications
deployed today, even without such restrictions.

It's possible the system will be designed to prevent remote control
at the microkernel level, but then the signed OS required to deal with
signed media objects on a daily basis, which most users will require,
may support this functionality.  Since this code will be signed, third
party patches will be prohibited.

--
Ryan Lackey [RL7618 RL5931-RIPE]        ryan at havenco.com
CTO and Co-founder, HavenCo Ltd.        +44 7970 633 277 
the free world just milliseconds away   http://www.havenco.com/
OpenPGP 4096: B8B8 3D95 F940 9760 C64B  DE90 07AD BE07 D2E0 301F

More information about the cypherpunks-legacy mailing list