Ross's TCPA paper

[Ross Anderson]

> It's an interesting claim, but there is only one small problem.
> Neither Ross Anderson nor Lucky Green offers any evidence that the TCPA
> (http://www.trustedcomputing.org) is being designed for the support of
> digital rights management (DRM) applications.

Microsoft admits it:

http://www.msnbc.com/news/770511.asp

Intel admitted it to me to. They said that the reason for TCPA was that
their company makes most of its money from the PC microprocessor; they
have most of the market; so to grow the company they need to grow the
overall market for PCs; that means making sure the PC is the hub of the
future home network; and if entertainment's the killer app, and DRM is
the key technology for entertainment, then the PC must do DRM.

Now here's another aspect of TCPA. You can use it to defeat the GPL.

During my investigations into TCPA, I learned that HP has started a
development program to produce a TCPA-compliant version of GNU/linux.
I couldn't figure out how they planned to make money out of this. On
Thursday, at the Open Source Software Economics conference, I figured
out how they might.

Making a TCPA-compliant version of GNU/linux (or Apache, or whatever)
will mean tidying up the code and removing whatever features conflict
with the TCPA security policy. The company will then submit the pruned
code to an evaluator, together with a mass of documentation for the
work that's been done, including a whole lot of analyses showing, for
example, that you can't get root by a buffer overflow.

The business model, I believe, is this. HP will not dispute that the
resulting `pruned code' is covered by the GPL. You will be able to
download it, compile it, check it against the binary, and do what you
like with it. However, to make it into TCPA-linux, to run it on a
TCPA-enabled machine in privileged mode, you need more than the code.
You need a valid signature on the binary, plus a cert to use the TCPA
PKI. That will cost you money (if not at first, then eventually).

Anyone will be free to make modifications to the pruned code, but in
the absence of a signature the resulting O/S won't enable users to
access TCPA features. It will of course be open to competitors to try
to re-do the evaluation effort for enhanced versions of the pruned
code, but that will cost money; six figures at least. There will
likely be little motive for commercial competitors to do it, as HP
will have the first mover advantages and will be able to undercut them
on price. There will also be little incentive for philanthropists to
do it, as the resulting product would not really be a GPL version of a
TCPA operating system, but a proprietary operating system that the
philanthropist could give away free. (There are still issues about who
would pay for use of the PKI that hands out user certs.) The need to
go through evaluation with each change is completely incompatible with
the business model of free and open source software.

People believed that the GPL made it impossible for a company to come
along and steal code that was the result of community effort. That 
may have been the case so long as the processor was open, and anyone
could access supervisor mode. But TCPA changes that completely. Once
the majority of PCs on the market are TCPA-enabled, the GPL won't work
as intended any more. There has never been anything to stop people
selling complementary products and services to GPL'ed code; once the
functioning of these products can be tied to a signature on the
binary, the model breaks.

Can anyone from HP comment on whether this is actually their plan?

Ross