Challenge to David Wagner on TCPA
AARG! Anonymous
remailer at aarg.net
Mon Jul 29 15:35:32 PDT 2002
Declan McCullagh writes at
http://zdnet.com.com/2100-1107-946890.html:
"The world is moving toward closed digital rights management systems
where you may need approval to run programs," says David Wagner,
an assistant professor of computer science at the University of
California at Berkeley. "Both Palladium and TCPA incorporate features
that would restrict what applications you could run."
But both Palladium and TCPA deny that they are designed to restrict what
applications you run. The TPM FAQ at
http://www.trustedcomputing.org/docs/TPM_QA_071802.pdf reads, in
answer #1:
: The TPM can store measurements of components of the user's system, but
: the TPM is a passive device and doesn't decide what software can or
: can't run on a user's system.
An apparently legitimate but leaked Palladium White Paper at
http://www.neowin.net/staff/users/Voodoo/Palladium_White_Paper_final.pdf
says, on the page shown as number 2:
: A Palladium-enhanced computer must continue to run any existing
: applications and device drivers.
and goes on,
: In addition, Palladium does not change what can be programmed or run
: on the computing platform; it simply changes what can be believed about
: programs, and the durability of those beliefs.
Of course, white papers and FAQs are not technical documents and may not
be completely accurate. To really answer the question, we need to look
at the spec. Unfortunately there is no Palladium spec publicly available
yet, but we do have one for TCPA, at
http://www.trustedcomputing.org/docs/main%20v1_1b.pdf.
Can you find anything in this spec that would do what David Wagner says
above, restrict what applications you could run? Despite studying this
spec for many hours, no such feature has been found.
So here is the challenge to David Wagner, a well known and justifiably
respected computer security expert: find language in the TCPA spec to
back up your claim above, that TCPA will restrict what applications
you can run. Either that, or withdraw the claim, and try to get Declan
McCullagh to issue a correction. (Good luck with that!)
And if you want, you can get Ross Anderson to help you. His reports are
full of claims about Palladium and TCPA which seem equally unsupported
by the facts. When pressed, he claims secret knowledge. Hopefully David
Wagner will have too much self-respect to fall back on such a convenient
excuse.
More information about the cypherpunks-legacy
mailing list