Ross's TCPA paper

[Lucky Green]

I recently had a chance to read Ross Anderson's paper on the activities
of the TCPA at
http://www.cl.cam.ac.uk/ftp/users/rja14/.temp/toulouse.pdf

I must confess that after reading the paper I am quite relieved to
finally have solid confirmation that at least one other person has
realized (outside the authors and proponents of the bill) that the
Hollings bill, while failing to mention TCPA anywhere in the text of the
bill, was written with the specific technology provided by the TCPA in
mind for the purpose of mandating the inclusion of this technology in
all future general-purpose computing platforms, now that the technology
has been tested, is ready to ship, and the BIOS vendors are on side.

Perhaps the Hollings "Consumer Broadband and Digital Television
Promotion Act" bill would be more accurately termed the "TCPA Enablement
Act". BTW, the module that Ross calls a "Fritz" in his paper after the
author of the bill, long had a name: it is called a Trusted Platform
Module (TPM).

Granted, in the context of the TCPA and the Hollings bill, the term
"trusted" is used somewhat differently than the customers of future
motherboards, which are all slated to include a TPM, might expect:

"trusted" here means that the members of the TCPA trust that the TPM
will make it near impossible for the owner of that motherboard to access
supervisor mode on the CPU without their knowledge, they trust that the
TPM will enable them to determine remotely if the customer has a
kernel-level debugger loaded, and they trust that the TPM will prevent a
user from bypassing OS protections by installing custom PCI cards to
read out memory directly via DMA without going through the CPU.

The public and the media now need to somehow, preferably soon, arrive at
the next stage of realization: the involvement in the TCPA by many
companies who's CEO's wrote the widely distributed open letter to the
movie studios, telling the studios, or more precisely -- given that it
was an open letter -- telling the public, that mandating DRM's in
general-purpose computing platforms may not be a good idea, is
indicative of one of two possible scenarios:

1) the CEO's of said computer companies are utterly unaware of a major
strategic initiative their staff has been diligently executing for about
3 years, in the case of the principals in the TCPA, such as Intel,
Compaq, HP, and Microsoft, several years longer.

2) the CEO's wrote this open letter as part of a deliberate "good cop,
bad cop" ploy, feigning opposition to DRM in general computing platforms
to pull the wool over the public's eye for hopefully long enough to
achieve widespread deployment of the mother of all DRM solution in the
market place.

I do not know which of the two potential scenarios holds true. However,
I believe public debate regarding the massive change in the way users
will interact with their future computers due to the efforts of the TCPA
and the Hollings bill would be greatly aided by attempts to establish
which of the two scenarios is the fact the case.

--Lucky Green