Re: Ross's TCPA paper
On 27 Jun 2002, David Wagner wrote: No, it's not. Read Ross Anderson's article again. Your analysis misses part of the point. Here's an example of a more problematic vision: you can buy Microsoft Office for $500 and be able to view MS Office documents; or you can refrain from buying it and you won't be able to view MS Office documents. Do you see why this is problematic? It lets one vendor lock the world into a monopoly; noone else will be able to develop compatible MS Word viewers without the consent of Microsoft. (StarOffice on Linux won't work, because to get the session key to decrypt the Word document your viewer has to go online to microsoft.com and ask for it, but microsoft.com won't give you the key unless you've bought a secure trusted OS and purchased Microsoft Office for $500.) Now notice that the same idea can be used to inhibit competition in just about any computer market, and I hope you appreciate Ross's point. TCPA/DRM has the potential for anti-competitive effects, and the result may well be worse off than we are today. As long as MS Office isn't mandated by law, who cares? So what: somebody sends me a file. I tell them I can't read it. Now, they have a choice, they can give me MS Office or they can send me ascii. The market will determine if secure OS's are useful. DRM isn't the problem. Legislating DRM is the problem. You can go buy IBM portables with secure key chips built in right now to help protect your box and your business data. That's TCPA. Nothing wrong with it, it's a good idea. It doesn't become wrong until it becomes forced down our throats. That's where S.2048 becomes something to worry about, it forces us to use hardware we don't need (or may not need for our purposes). TCPA and DRM are not the problem here, and privacy and copyright are side issues too. There is no need for the law to intervene, the market will decide how all this stuff can be used efficiently and effectively. And that's what the entertainment industry needs to figure out and fast too. The law is slow. Technology is fast. Patience, persistence, truth, Dr. mike
RE: DRMs vs internet privacy (Re: Ross's TCPA paper)
Adam Back wrote: I don't mean that you would necessarily have to correlate your viewing habits with your TrueName for DRM systems. Though that is mostly (exclusively?) the case for current deployed (or at least implemented with a view of attempting commercial deployment) copy-mark (fingerprint) systems, there are a number of approaches which have been suggested, or could be used to have viewing privacy. The TCPA specs were carefully designed to permit the user to obtain multiple certificates from multiple CA's and thus, if, and that's a big if, the CA's don't collude and furthermore indeed discard the true name identities of the customer, utilize multiple separate identities for various online applications. I.e., the user could have one cert for their True Name, one used to enable Microsoft Office, and one to authenticate the user to other online services. It is very much the intent of the TCPA to permit the use of pseudonymous credentials for many, if not most, applications. Otherwise, the TCPA's carefully planned attempts at winning over the online liberty groups would have been doomed from the start. --Lucky Green
RE: Ross's TCPA paper
David wrote: It's not clear that enabling anti-competitive behavior is good for society. After all, there's a reason we have anti-trust law. Ross Anderson's point -- and it seems to me it's one worth considering -- is that, if there are potentially harmful effects that come with the beneficial effects, maybe we should think about them in advance. I fully agree that the TCPA's efforts offer potentially beneficial effects. Assuming the TPM has not been compromised, the TPM should enable to detect if interested parties have replaced you NIC with the rarer, but not unheard of, variant that ships out the contents of your operating RAM via DMA and IP padding outside the abilities of your OS to detect. However, enabling platform security, as much as might be stressed otherwise by the stakeholders, has never been the motive behind the TCPA. The motive has been DRM. Does this mean that one should ignore the benefits that TCPA might bring? Of course not. But it does mean that one should carefully weigh the benefits against the risks. --Lucky Green
Two additional TCPA/Palladium plays
[Minor plug: I am scheduled to give a talk on TCPA at this year's DEF CON security conference. I promise it will be an interesting talk. http://www.defcon.org ] Below are two more additional TCPA plays that I am in a position to mention: 1) Permanently lock out competitors from your file formats. From Steven Levy's article: A more interesting possibility is that Palladium could help introduce DRM to business and just plain people. It's a funny thing, says Bill Gates. We came at this thinking about music, but then we realized that e-mail and documents were far more interesting domains. Here it is why it is a more interesting possibility to Microsoft for Palladium to help introduce DRM to business and just plain people than to solely utilize DRM to prevent copying of digital entertainment content: It is true that Microsoft, Intel, and other key TCPA members consider DRM an enabler of the PC as the hub of the future home entertainment network. As Ross pointed out, by adding DRM to the platform, Microsoft and Intel, are able to grow the market for the platform. However, this alone does little to enhance Microsoft's already sizable existing core business. As Bill Gates stated, Microsoft plans to wrap their entire set of file formats with DRM. How does this help Microsoft's core business? Very simple: enabling DRM for MS Word documents makes it illegal under the DMCA to create competing software that can read or otherwise process the application's file format without the application vendor's permission. Future maintainers of open source office suites will be faced with a very simple choice: don't enable the software to read Microsoft's file formats or go to jail. Anyone who doubts that such a thing could happen is encouraged to familiarize themselves with the case of Dmitry Skylarov, who was arrested after last year's DEF CON conference for creating software that permitted processing of a DRM-wrapped document file format. Permanently locking out competition is a feature that of course does not just appeal to Microsoft alone. A great many dominant application vendors are looking forward to locking out their competition. The beauty of this play is that the application vendors themselves never need to make that call to the FBI themselves and incur the resultant backlash from the public that Adobe experienced in the Skylarov case. The content providers or some of those utilizing the ubiquitously supported DRM features will eagerly make that call instead. In one fell swoop, application vendors, such as Microsoft and many others, create a situation in which the full force of the U.S. judicial system can be brought to bear on anyone attempting to compete with a dominant application vendor. This is one of the several ways in which TCPA enables stifling competition. The above is one of the near to medium objectives the TCPA helps meet. [The short-term core application objective is of course to ensure payment for any and all copies of your application out there]. Below is a mid to long term objective: 2) Lock documents to application licensing As the Levy article mentions, Palladium will permit the creation of documents with a given lifetime. This feature by necessity requires a secure clock, not just at the desktop of the creator of the document, but also on the desktops of all parties that might in the future read such documents. Since PC's do not ship with secure clocks that the owner of the PC is unable to alter and since the TCPA's specs do not mandate such an expensive hardware solution, any implementation of limited lifetime documents must by necessity obtain the time elsewhere. The obvious source for secure time is a TPM authenticated time server that distributes the time over the Internet. In other words, Palladium and other TCPA-based applications will require at least occasional Internet access to operate. It is during such mandatory Internet access that licensing-related information will be pushed to the desktop. One such set of information would be blacklists of widely-distributed pirated copies of application software (you don't need TCPA for this feature if the user downloads and installs periodic software updates, but the user may choose to live with application bugs that are fixed in the update rather than see her unpaid software disabled). With TCPA and DRM on all documents, the application vendor's powers increase vastly: the application vendor can now not just invalidate copies of applications for failure to pay ongoing licensing fees, but can invalidate all documents that were ever created with the help of this application. Regardless how widely the documents may have been distributed or on who's computer the documents may reside at present. Furthermore, this feature enables world-wide remote invalidation of a document file for reasons other than failure to pay ongoing licensing fees to the application vendor. To give just one example, documents can be remotely invalidated pursuant
Revenge of the WAVEoids: Palladium Clues May Lie In AMD Motherboard Design
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I figured this was probably going on, but the following article is my first confirmation. WAVE, some of you might remember, was started by a former NatSemi Chairman back before the internet got popular. It was going to be a dial-up book-entry-to-the-screen content control system with special boards and chips patented to down to it's socks. Sort of like 3Com, I'm sure. First I heard about it was, ironically, in a 1990-ish Peter Huber article in Forbes, touted as the Next Big Thing. (Convergence, don'tcha know...) This is same Peter Huber who wrote the Geodesic Network, which, along with bearer financial cryptography, is a cornerstone of the way I look at the universe. Paradoxes abound, boys and girls. In the meantime, WAVE Systems stock has been listed, then de-listed, then re-listed, and, God only knows what it is now. I even got an offer from that Chairman and Grey Eminence of WAVE to come speak to FC97, if we comped him, of course. As General Chair of the conference I had to gently let him know that FC was a peer-reviewed conference, and if his tech people wanted to send a paper and it got accepted by the Program Committee, (a whole bunch of top-drawer cryptographers, lawyers, and bankers), they were perfectly welcome, and, he, like I, could sit in the audience, watch the talks, and hit the beach in the afternoon with everyone else. Never got anything back for some reason. :-). We even got the DivX guys presenting papers that first (and second) year, so content control was never an issue, though I expect that trade-secret skullduggery certainly was. Which makes sense. WAVE's stockholders, called WAVEoids by themselves and others, are practically millennial in their belief that WAVE will conquer the world and the company's failure to date is due to a giant short-seller's conspiracy of some kind. Lots of Secret Sauce there, somewhere... If BillG has swallowed this stuff, hook, line, and sinker, as someone has noted before, then, frankly, he must have access to better drugs than most of us. It also means that he's grasping at conceptual straws, economically, and if he persists in following this folly to the bitter end, his dream of software-kudzu world domination will finally choke his company once and for all. So, be careful what you wish for, Bill. On a geodesic network, no central node can route all the information. Like Gilmore says about censorship on the same network, any putative top of an internet pyramid chokes instead, and the network simply routes around it. The paradox in all of this is that only way that crypto to the screen is going to work is if the screen is literally *buying* the content shown on that screen, for cash, in a raw commodity market of some kind. And, if *that's* really the case, there's no need for IP law in what amounts to information commodity market in perfect competition, not a monopolistically competitive market requiring brands, patents, and copyrights. Finally, such a system cannot use a book-entry-to-the-device system, because the cheapest cash will be done without identity at all. In such a world digital rights management, and content control are contradictions in terms, if not preposterous notions on their face. Cheers, RAH -BEGIN PGP SIGNATURE- Version: PGP 7.5 iQA/AwUBPRqKFsPxH8jf3ohaEQLhkACgrjzGqd+sWTRURTPB/pOBBRclTykAoMLT 93jOFpW8m0p7u7i8c8FO6W/N =iwOs -END PGP SIGNATURE- http://www.extremetech.com/print_article/0,3998,a=28570,00.asp ExtremeTech Palladium Clues May Lie In AMD Motherboard Design June 26, 2002 By: Mark Hachman A two-year-old whitepaper authored by AMD and encryption firm Wave Systems may offer additional clues to the design of PCs incorporating Palladium, Microsoft's new security initiative. Wave, based in Lee, Mass., has partnered with Microsoft rival Sun Microsystems, Hewlett-Packard, Verisign and RSA Data Systems, among others, in creating the EMBASSY verification system, originally pitched as a tool for e-commerce. In August of 2000, Wave and AMD authored a whitepaper on how the solution could be integrated into a motherboard using AMD's Athlon microprocessor, which a Wave executive said is now entering field trials overseas. Wave and AMD are developing a Trusted Client reference platform to enable trust and security to be delivered to the PC, the whitepaper reads. By integrating Wave's EMBASSY Trusted Client system into AMD's Athlon motherboard reference design, we will deliver a template for building cost optimized Trusted Client PCs. The paper is authored by researchers Kevin R. Lefebvre and Bill Chang of Wave, and Geoffrey Strongin, who is spearheading AMD's Palladium work. Strongin said Monday that the company had begun work on a Palladium-type solution before Microsoft approached the company. AMD and Wave announced a partnership in March 2000. Wave's board of directors includes George Gilder and Nolan Bushnell, the founder of Atari. The whitepaper,
RE: Revenge of the WAVEoids: Palladium Clues May Lie In AMD Motherboard Design
Bob wrote quoting Mark Hachman: The whitepaper can not be considered a roadmap to the design of a Palladium-enabled PC, although it is one practical solution. The whitepaper was written at around the time the Trusted Computing Platform Association (TCPA) was formed in the fall of 2000; both Wave and AMD belong to the TCPA. And, while Palladium uses some form of CPU-level processing of security algorithms, the AMD-Wave whitepaper's example seems wholly tied to an off-chip security processor, the EMBASSY. An EMBASSY-like CPU security co-processor would have seriously blown the part cost design constraint on the TPM by an order of magnitude or two. I am not asserting that security solutions that require special-purpose CPU functionality are not in the queue, they very much are, but not in the first phase. This level of functionality has been deferred to a second phase in which security processing functionality can be moved into the core CPU, since a second CPU-like part is unjustifiable from a cost perspective. Given the length of CPU design cycles and the massive cost of architecting new functionality into a processor as complex as a modern CPU, we may or may not see this functionality shipping. Much depends on how well phase 1 of the TCPA effort fares. --Lucky
Re: Ross's TCPA paper
From: [EMAIL PROTECTED] As a side note, it seems that a corporation would actually have to demonstrate that I had seen and agreed to the thing and clicked acceptance. Prior to that point, I could reverse engineer, since there is no statement that I cannot reverse engineer agreed to. So what would happen if I reverse engineered the installation so that the agreement that was display stated that I could do what I liked with the software? Ok, so there would be no mutual intent, but on the other hand, there would also be no agreement on the click-through agreement either. I have an application that replaces the caption on the I agree button to your liking; I wrote it exactly because of this reasoning. http://picosoft.freeservers.com/NoLicense.htm Of course, it's a stupid little program, I'm sure anyone can come up with something better in no time... BTW, for any lawyers around here - shouldn't the mere existence of this program be enough to blow up the idea that you agreed to the click-through stuff? Mark
federal bureaucrats growing increasingly unhappy
2. Job satisfaction down among federal employees By Raya Widenoja Most civil servants have grown less satisfied with their jobs during the past year, particularly since the Sept. 11 terrorist attacks, according to a new report by the Brookings Institution. The number of federal employees who said they were very satisfied with their jobs fell 6 percent over the past year, from 49 percent in 2001 to 43 percent in 2002, according to the report, The Troubled State of the Federal Public Service. Federal employees also reported a general decline in morale among their peers: 58 percent of employees rated morale among their co-workers as very or somewhat high in 2001, compared with 53 percent in 2002. The report is based on two surveys completed before and after Sept. 11one conducted between February and June 2001 and the other between March and May 2002. Full story: http://www.govexec.com/dailyfed/0602/062602r2.htm
Re: Terror Reading
Ah yes, you're absolutely correct. Larger libraries, especially university libraries, have been online forever. I was thinking of the smaller public libraries, most of which have been getting computerized more recently. On Thu, Jun 27, 2002 at 01:57:38PM +0100, Ken Brown wrote: Harmon Seaver wrote: And the computer revolution has been going on in libraries for a decade now ? 3 decades more like. I'm pretty sure that the first computerisation of lendings was brought into the library in my home town (Brighton in England) about the time I stopped working there part time, when I was in the 6th form (top 2 years of what Americans would call High School). I'd have left in time to revise for exams before going to University. So it would have been early 1975. The University library was all computerised while I was there. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com
Re: Two additional TCPA/Palladium plays
On Wed, Jun 26, 2002 at 09:10:25PM -0700, Lucky Green wrote: Below are two more additional TCPA plays that I am in a position to mention: 1) Permanently lock out competitors from your file formats. From Steven Levy's article: A more interesting possibility is that Palladium could help introduce DRM to business and just plain people. It's a funny thing, says Bill Gates. We came at this thinking about music, but then we realized that e-mail and documents were far more interesting domains. Oh gawd -- we should all get on our knees daily and pray for this to come about soonest. Especially for Outlook, just think how wonderful that would be, people would send you mail and you'd say sorry, I can't read that, try another mail agent -- better yet, since Outlook has the market share, all the spammers would have to use it, and we'd need much simpler procmail recipes to filter it. Aside from the anti-trust implications, it might alone bring about the end for M$. -- Harmon Seaver CyberShamanix http://www.cybershamanix.com
Re: Diffie-Hellman and MITM
On Thu, 27 Jun 2002, Marcel Popescu wrote: Is there a defense against MITM for Diffie-Hellman? Is there another protocol with equivalent properties, with such a defense? (Secure communications between two parties, with no shared secret and no out-of-band abilities, on an insecure network.) What do you mean by no shared secret? The point of DH is that you get a shared secret. Check out MQV protocol for MITM defense and forward secrecy. It uses permenent public keys and ephemeral public keys for each session. In any protocol, the out-of-band check of the public keys is still a good thing. Patience, persistence, truth, Dr. mike
RE: Ross's TCPA paper
On Thu, 27 Jun 2002, Lucky Green wrote: David wrote: It's not clear that enabling anti-competitive behavior is good for society. After all, there's a reason we have anti-trust law. Ross Anderson's point -- and it seems to me it's one worth considering -- is that, if there are potentially harmful effects that come with the beneficial effects, maybe we should think about them in advance. I fully agree that the TCPA's efforts offer potentially beneficial effects. Assuming the TPM has not been compromised, the TPM should enable to detect if interested parties have replaced you NIC with the rarer, but not unheard of, variant that ships out the contents of your operating RAM via DMA and IP padding outside the abilities of your OS to detect. However, enabling platform security, as much as might be stressed otherwise by the stakeholders, has never been the motive behind the TCPA. The motive has been DRM. Does this mean that one should ignore the benefits that TCPA might bring? Of course not. But it does mean that one should carefully weigh the benefits against the risks. --Lucky Green I don't see DRM as anti-competitive, I see it as a road block. The French government just signed a contract to put Linux into many of their service machines to help people get data into and out of the government (and I bet there's a lot!). A Microsoft DRM file won't work there, so Microsoft is screwed. The majority of people and businesses want to do things as cheaply as possible. The whole reason Microsoft has gotten as big as they are is because they are cheap. That they happen to be crappy too didn't bother most people, compared to a Sun or Dec workstation, a PC running DOS or WinXX was a factor of 10 cheaper. Controlling secrets for use within a company is what most companies want. The TCPA helps solve that problem, and if Microsoft can sell them something that does it cheaply, they'll happily buy it. The line gets crossed when Hollywood wants to sell movies over the net, and they realize all those bits can be sent by anyone, anywhere, anytime once they have them. For Hollywood to mandate that all platforms and devices protect their IP is insane, and we need to make sure it doesn't happen. However, we can build very special devices that connect directly to Hollywood to play their stuff. If somebody steals it, then it's out and there's not much they can do. Most people won't want to do that - the special boxes can be cheap enough that it's not worth the effort. These special boxes are also TCP, but they are not general computing platforms - they are special movie playing or music playing platforms. So technology can be made so we all win - IP is normativly protected, PC's are generic, and consumers and business get solutions that are low cost. It's an economic win too because guys like me get more work building more boxes :-) Certainly there will be people who could tap into a special box and transfer the data to the general net and make it work on a general PC. They will be called theives and eventually be apprehended. If Hollywood has any brains, these guys will have a lot of work to do. People still counterfiet money too - but they usually lose money!! There are lots of solutions here. The law is not one of them. There is more than enough applicable law to use, and anyone who tries to force their solution down everyone's throat can be taken in for anti-trust violations. I see the risk as being too much law and fixed technology. DRM and TCP are useful tools, they should not be forged into weapons. Patience, persistence, truth, Dr. mike
Re: Revenge of the WAVEoids: Palladium Clues May Lie In AMD Motherboard Design
R. A. Hettinga [EMAIL PROTECTED] writes: WAVE, some of you might remember, was started by a former NatSemi Chairman back before the internet got popular. It was going to be a dial-up book-entry- to-the-screen content control system with special boards and chips patented to down to it's socks. Think of it as DIVX for PCs, with a similar chance of success (see my earlier post about TCPA being a dumping ground for failed crypto hardware initiatives from various vendors). Its only real contribution is that the WAVEoid board on Ragingbull (alongside the Rambus one) is occasionally amusing to read, mostly because it shows that the dot-com sharemarket situation would be better investigated by the DEA than the FTC. Peter.
(Fwd) Nortel secret security part of court records now, gracia
I looked at the Nevada PUC (PUCN) web site and found that the most recent document on-line that relates to docket #{HYPERLINK dkt_00-6057/00-6057.htm}00-6057 (EDDIE MUNOZ VS CENTRAL TELEPHONE COMPANY-NEVADA DBA SPRINT OF NEVADA, COMPLAINT ALLEGING INCOMING CALLS ARE BEING BLOCKED OR DIVERTED FROM CUSTOMERS BUSINESS) is from 04/07/02 - and the link is broken. Clearly the below referenced document (Nortel codes) will not appear on-line -- at least not courtesy of the PUCN. However, chapter 703, PUBLIC UTILITIES COMMISSION OF NEVADA - GENERAL PROVISIONS, of the Nevada Revised Statues states) among other things): NRS 703.190 Records open to public inspection; exception. 1. Except as otherwise provided in this section, all biennial reports, records, proceedings, papers and files of the commission must be open at all reasonable times to the public. 2. The commission shall, upon receipt of a request from a public utility, prohibit the disclosure of any information in its possession concerning the public utility if the commission determines that the information would otherwise be entitled to protection as a trade secret or confidential commercial information pursuant to {HYPERLINK NRS-049.html \l NRS049Sec325}NRS 49.325 or {HYPERLINK NRS-600A.html \l NRS600ASec070}600A.070 or Rule 26(c)(7) of the Nevada Rules of Civil Procedure. Upon making such a determination, the commission shall establish the period during which the information must not be disclosed and a procedure for protecting the information during and after that period. [Part 12:109:1919; 1919 RL p. 3157; NCL ' 6111](NRS A 1995, 385) I don't know what the legal definition of confidential commercial information is, but I doubt that the code list could be construed as a trade secret *of the utility*, perhaps of Nortel, but according to the statute only the utility can move to limit public access to the documents. Perhaps this document is currently accessible in hard copy in NV? I wonder how many people have visited the PUCN office in the past three days! --- Forwarded message follows --- Date sent: Wed, 26 Jun 2002 09:23:14 -0700 From: Major Variola (ret) [EMAIL PROTECTED] Subject:Nortel secret security part of court records now, gracias Kevin To: undisclosed-recipients: ; Towards the bottom of this article its mentioned that Mitnick submitted a list of Nortel's [1] 'security' barriers to r00t [2] on a widely used piece of telco switching equiptment. One wonders how many copies of this info circulate in TLA's technical intercept depts? [1] (presumably obsolete :-) [2] Should this be called tapr00t ?? -- http://online.securityfocus.com/news/497 Mitnick Testifies Against Sprint in Vice Hack Case The ex-hacker details his past control of Las Vegas' telecom network, and raids his old storage locker to produce the evidence. By Kevin Poulsen, Jun 24 2002 11:25PM LAS VEGAS--Since adult entertainment operator Eddie Munoz first told state regulators in 1994 that mercenary hackers were crippling his business by diverting, monitoring and blocking his phone calls, officials at local telephone company Sprint of Nevada have maintained that, as far as they know, their systems have never suffered a single intrusion. The Sprint subsidiary lost that innocence Monday when convicted hacker Kevin Mitnick shook up a hearing on the call-tampering allegations by detailing years of his own illicit control of the company's Las Vegas switching systems, and the workings of a computerized testing system that he says allows silent monitoring of any phone line served by the incumbent telco. I had access to most, if not all, of the switches in Las Vegas, testified Mitnick, at a hearing of Nevada's Public Utilities Commission (PUC). I had the same privileges as a Northern Telecom technician. Mitnick's testimony played out like a surreal Lewis Carroll version of a hacker trial -- with Mitnick calmly and methodically explaining under oath how he illegally cracked Sprint of Nevada's network, while the attorney for the victim company attacked his testimony, effectively accusing the ex-hacker of being innocent. The plaintiff in the case, Munoz, 43, is accusing Sprint of negligence in allegedly allowing hackers to control their network to the benefit of a few crooked businesses. Munoz is the publisher of an adult advertising paper that sells the services of a bevy of in-room entertainers, whose phone numbers are supposed to ring to Munoz's switchboard. Instead, callers frequently get false busy signals, or reach silence, Munoz claims. Occasionally calls appear to be rerouted directly to a competitor. Munoz's complaints have been echoed by other outcall service operators, bail bondsmen and private investigators -- some of whom appeared at two days of hearings in March to testify for Munoz against Sprint. Mitnick