Ross's TCPA paper

bear bear at sonic.net
Fri Jun 28 19:49:52 PDT 2002



On Mon, 24 Jun 2002, Anonymous wrote:

>The important thing to note is this: you are no worse off than today!
>You are already in the second state today: you run untrusted, and none
>of the content companies will let you download their data.  But boolegs
>are widely available.

The problem is that the "analog hole" is how we debug stuff.
When our speakers don't sound right, we tap the signal, put
it on an oscilloscope so we can see what's wrong, correct
the drivers, and try again.  When our monitor can't make sense
of the video signal, it's different equipment but the same
idea.  When you encrypt all the connections to basic display
hardware, as proposed in Palladium, it means nobody can write
drivers or debug hardware without a million-dollar license.
And if you do fix a bug so your system works better, your
system's "trusted computing" system will be shut down.  Not
that that's any great loss.

Likewise, encrypted instruction streams mean you don't know
what the hell your CPU is doing.  You would have no way to
audit a program and make sure it wasn't stealing stuff from
you or sending your personal information to someone else.

Do we even need to recount how many abuses have been foisted
on citizens to harvest marketing data, and exposed after-the-
fact by some little-known hero who was looking at the assembly
code and went, "Hey look what it's doing here.  Why is it
accessing the passwords/browser cache/registry/whatever?"

Do we want to recount how many times personal data has been
exported from customer's machines by "adware" that hoped not
to be noticed?  Or how popup ads get downloaded by software
that has nothing to do with what website people are actually
looking at?

I don't want to give vendors a tunnel in and out of my system
that I can't monitor.  I want to be able to shut it down and
nail it shut with a hardware switch.  I don't want to ever
run source code that people are so ashamed of that they don't
want me to be able to check and see what it does; I want to
nail that mode of my CPU off so that no software can turn it
on EVER.

I'll skip the digital movies if need be, but to me "trusted
computing" means that *I* can trust my computer, not that
someone else can.

			Bear


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com





More information about the cypherpunks-legacy mailing list