Earthlink to Test Caller ID for E-Mail

Mon Mar 8 21:01:54 PST 2004

Eugen* Leitl <a href="http://leitl.org">leitl</a> writes:

> The passphrase locking idear won't fly, but a biometrics-lockable
> wallet could. Isn't part of Pd envelope goal establishing a tamper-proof
> compartment? We know Pd is evil, but once hardware support is everywhere,
> one can as well use it for something positive, for a change.

Well, you're preaching to the choir now, son.  Of course, it's a choir
of one, but c'est la vie.  The idea of finding good uses for Trusted
Computing has not exactly been gushingly popular around here.  In fact,
you yourself have been one of the harshest critics of its pseudonymous
proponent ("intelligent idiot" sound familiar?).

The problem with Palladium as a solution to spam is first, that it is
many years away, being part of the Longhorn OS release.  The latest
official estimates are 2006, rumors are that 2007 is the internal date,
and whispers of 2008 exist.  Then, it will take years before such systems
become widely enough used that spammers can no longer find pre-Palladium
systems to serve as a basis for attacks.  We're probably talking 2011
at the earliest.  We'll need adequate solutions to spam long before then.

Secondly, you could use Palladium to arrange that it was impossible
to send mail from your computer except via human interaction with your
authorized email program.  You'd have to set your outgoing mail server
to require a password (such auth systems are already in widespread use)
and you'd use Pd to lock up the password so that only the mail client
could get at it (using the application-specific sealed storage feature).
The user wouldn't have to type the password, in fact he wouldn't even
have to know there was a password, but he'd have to click the send
button himself.  (Secure user I/O paths are a Palladium feature.)

However, in doing this you give up the ability for ANY other program to
send email, at least without the user jumping through a lot of hoops
to authorize it.  Maybe that's an inherently necessary feature, but
there are arguably some "good" programs which can usefully send email,
and you'll be tossing out those babies with the spam bathwater.  Bye
bye MAPI.

Further, there's always the risk that the email program itself will be
buggy and be able to be tricked into sending something without user
authorization.  Fortunately, the number of such bugs is likely to be
few and confined to just one program, so those can probably be fixed
relatively quickly.

In short, Trusted Computing could in theory make a computer much more
resistant to being used to send spam.  It could still be taken over,
but the malware wouldn't be able to get to the password necessary for
sending mail.  You'd need some help from the ISP to require the password
and possibly block attempts to use remote mail servers.  Of course,
if the ISP is this clueful and cooperative, you'd think maybe it could
stop you from sending a zillion messages per hour in the first place.

The big problem is that TC is many years away.  But now that you know how
good it will be, I hope you will join me in my never ending battle to
bring some perspective to the one-sided "debate" over this technology.
There are good uses of TC, and maybe if people weren't so determined to
oppose it with their last breath, we might see the technology becoming
available a little sooner.