EFF Report on Trusted Computing

[Anonymous]

[Permission is granted to repost this document in its entirety, without
other limitation.  See http://invisiblog.com/1c801df4aee49232/ for an
online copy.]

The EFF has published a report on the "Promise and Risk" of Trusted
Computing at http://www.eff.org/Infra/trusted_computing/20031001_tc.php.
See also http://www.eff.org/Infra/trusted_computing/ for ongoing coverage
of TC issues.

The EFF is to be congratulated for taking its time to study the many
issues revolving around TC and come to a relatively balanced and nuanced
position.  Staff Technologist Seth Schoen, said to be the principle author
of the new report, provided some of the best early information about
Palladium on his blog at http://vitanuova.loyalty.org/2002-07-05.html
and similar postings, which were refreshingly objective and free of the
almost obligatory anti-Microsoft bias of other analyses from so-called
online rights activists.

Nevertheless, the EFF report has a number of shortcomings which
deserve discussion.  The EFF tries to distinguish between "good" and
"bad" aspects of TC, but it does not draw the line in quite the right
place, even given its somewhat questionable assumptions.  It fails to
sufficiently emphasize the many positive uses of the full version of TC
(and hence the costs of blocking its implementation), and also misses
some important negatives as well.  And the recommended fix to TC is not
clearly described and as written appears to be somewhat contradictory.

But let us begin with some positive elements of the EFF report.  This is
perhaps the first public, critical analysis of TC which fails to include
two of the worst lies about the technology, lies promulgated primarily
by Ross Anderson and Lucky Green: that only authorized programs can run
"trusted", and that unauthorized or illegal programs and data will be
deleted from computers or prevented from running.  The EFF appears to
recognize the key feature of TC, which gives it its name: that trust is
in the eye of the truster.  Anyone can create code which benefits from
TC features, and it is up to the user of a computer to decide which
local and remote software he will trust.

The report also forthrightly rejects the claim that TC technology is
some kind of trick to defeat Linux or lock-in computers to Microsoft
operating systems, and debunks the lie put forth by Lucky Green that TC
will insert spyware into your computer.

By choosing to emphasize the truth rather than lies on these important
points, the EFF gains credibility at the expense of opening itself to
charges by extremists that it is in bed with Microsoft or is promoting
"evil" technology.  Those of us who have argued in the past for balanced
analyses of TC are well aware of the speed with which opponents resort
to name-calling and personal attacks, and it is a credit to the EFF that
they have taken a courageous position which departs from the conventional
wisdom in the online rights community.

Despite these positives, as noted above the report has some weaknesses
which need to be addressed.  The EFF attempts to distinguish one feature
of TC, remote attestation, as a source of problems.  This is the ability
of a computer user to convince other systems about what software he
is running.  The EFF is convinced that this feature will cause users to
be compelled to use software not of their choice; harm interoperability
and encourage lock-in; and support DRM and various restrictive kinds
of licensing.

But when we break these down in detail, many of the problems either go
away or are not due to attestation.  Software choice limitation may occur
if a remote system provides some service conditional on the software
being used to access it.  But that's not really a limitation of choice,
because the user could always elect not to receive the offered service.

The implicit assumption here seems to be that if TC did not exist,
the service would be offered without any limitations.  Then it makes
it appear that TC adds limitations which are not currently present.
But what this analysis overlooks is that TC will allow the creation of new
services which are not economically possible today.  By allowing for more
protection of data, a whole host of new applications may become possible.
So the proper comparison is not with a hypothetical state where you'd have
all the same services without TC as with; but rather, comparing a TC world
that is relatively rich in services with a service-poor non-TC world.

Turning to the issues of lock-in and interoperability, it is true that
TC may allow software creators to lock their data to the applications
and make it more difficult to create interoperable alternatives, thus
promoting lock-in.  The problem here with the EFF analysis is that
it is not the remote attestation feature of TC which is the primary
cause of this effect, but rather it is the sealed storage feature.
It is sealed storage that allows data to be encrypted such that only
one particular application can decrypt it, and potentially makes it
impossible to switch to a different software package, or access the data
in an interoperable way.

The EFF attempts to say that sealed storage and other features of TC are
good, because they clearly can increase the security features of your
computer.  Then they draw a line at remote attestation.  But if it is
lock-in and interoperability that worries them, sealed storage has to go
as well.  This inconsistency in the report undercuts its main conclusion.

And parenthetically, lock-in is not necessarily a bad thing, as long as
people know about it in advance.  When you go on vacation you know that
you will only be able to eat at restaurants in the local area.  You are
locked-in to local eateries.  Everyone accepts this as part of the cost
of the vacation.  People can factor these kinds of lock-in costs into
the overall package when they make decision about what to buy, whether
travel or software.  In this sense, it's good for activists like the EFF
to make people aware that TC may increase lock-in, but they should put
the issue into perspective and not present it as a reason to abandon
the technology.  It's just a consideration to be aware of when buying
any software that is TC-enabled.

Lastly, the EFF is worried that remote attestation enables DRM and other
restrictive licensing practices.  This is clearly true, although things
are not quite as simple as they seem.  Before wide-scale use of TC for
DRM, it will be necessary for the manufacturers, software vendors and
content providers to get past a few tiny details, like setting up a
global, universal, widely trusted and secure PKI.  Hopefully readers in
these forums will understand that this is not exactly a trivial problem.
Going from the basic technological definitions of TC to the massive
infrastructure of keys and revocations needed for a secure, commercial
DRM system and other licensing schemes is going to take quite a while.

But in any case, once it happens, again the report fails to paint a
balanced picture, by emphasizing the negative aspects of the new kinds
of licensing that TC will enable.  It should be clear that a technology
that allows new kinds of voluntary arrangements, without eliminating
any old ones, cannot be entirely evil.  TC only expands the space of
possibilities, it does not stop anyone from doing things the old way.

If the new possibilities enabled by TC are truly so horrible for
consumers, and if it is possible (as TC opponents implicitly assume) to
provide these functionalities without the nightmarish limitations that the
report is so afraid of, then some companies can still offer their goods
under those more-favorable terms, and reap massive rewards as consumers
triumphantly reject the horrific license terms of the TC-based software.

This report, like so many others, ignores the role of consumers in making
decisions about what technologies to use.  This is one area in which the
EFF was unable to rise above the myopia shared by so many other analyses.

Ironically, given these oversights, the report also manages to miss some
bad features of TC, features which have been discussed at some length
on the cypherpunks and cryptography mailing lists.  One of the biggest
is the area of upgrades and system replacement.  The TCPA (now TCG)
proposal for handling upgrades is clearly unworkable, and Microsoft has
said nothing about how they will do it.  Any data which is locked to
your computer is clearly at greater risk of being unrecoverable if your
computer breaks.  Until a bulletproof upgrade path exists, end users
are going to be reluctant to embrace the promise of TC technology.

Another area not discussed is the risk to privacy implicit in using
this technology on a global network.  TCPA's solution, "privacy CAs",
is another part of the spec that is obviously never going to work.
Microsoft had made some noise about copying this at one point, and is
now decidedly mute on the issue.  It is an almost impossible problem to
solve, and chances are that the companies will simply give up and let the
system compromise user privacy.  As a privacy-oriented watchdog group,
the EFF has dropped the ball in failing to emphasize this point.

The final complaint about the report is that their solution doesn't
seem to make sense.  The basic idea is to allow the user to override
the remote attestation feature so his system can lie about his
software configuration.  The apparent problem with this, as a number of
commentators have pointed out, is that it undercuts the remote attestation
feature and makes it useless.  It is like "fixing" the limitations of
cryptographic certificates by allowing anyone to forge them.

Doing this defeats the purpose of the feature so completely that you
might as well not have it.  It would seem to make more sense for the
EFF to simply call for remote attestation to be removed from the TC
concept than to try to come up with a complicated "owner override".
And in fact it seems likely that remote attestation will be one of
the last parts of the TC spec to be implemented due to the PKI problem
noted above, so we will probably see TC installations initially without
attestation support.  It may be that remote attestation never becomes
as popular as TC proponents hope and critics fear.

Now, perhaps there are some subtle aspects to the EFF proposal which
would make attestation with owner overrides more useful than a version
of TC without attestation at all.  But to analyze that we'd need more
detail about how exactly this owner override is supposed to work, and
what attestation would still be used for in such a system.  As it is,
the proposal is frustratingly vague on these details.

Summing up, the EFF report manages avoid the worst excesses of anti-TC
rhetoric so common in the online rights community.  By attempting to
take a moderate course and identifying both promise and risk with TC
technology, it does a service in setting a new standard of accuracy and
civility in analyzing this important topic.  However the report does have
weaknesses, and its attempt to focus on problems with remote attestation
misunderstands both economic realities and the technical details of
which aspects of TC cause problems.  By concentrating so narrowly on
attestation, the EFF overlooks both important risks and promises of this
new technology.  And its proposed solution appears illogical on its face,
requiring much more explanation and discussion for a fair evaluation.

Make no mistake about it: TC is coming.  All the rhetoric, all the
protests and objections, are doing nothing to alter the apparently
unstoppable momentum of this new technology.  Microsoft is committed
to NGSCB (Palladium), and the TCG (TCPA) is working actively on specs
for cell phones and other devices.  There is even considerable work to
bring TC into Linux.

What we need now is better understanding of both the risks and rewards of
this technology, which will be here perhaps sooner than many of us expect.
The EFF report is a good first step in this direction, but the problems
need to be corrected.  And rather than a futile and quixotic attempt
to change the nature of TC, the EFF should focus on informing consumers
about the pros and cons of the system, how it will affect their use of
technology in years to come, questions to ask of vendors, and ways to
protect their privacy and security.  That is a hard enough task, and
one truly in keeping with the EFF's goals and mission.