Re: economics of DRM, was Re: Ross's TCPA paper

[Eric Murray]

On Sat, Jul 13, 2002 at 07:10:07PM -0500, Harmon Seaver wrote:
> On Sat, Jul 13, 2002 at 10:59:23AM -0700, Eric Murray wrote:
> > Microsoft does not do things simply because they enjoy being evil.
> > They are not so worried about Linux (with its small share of the market)
> > that they will spend mega-bucks now on a very long term project that might
> > possibly let them keep it off some PCs in the far future.  They _are_
> > concerned with getting paid for the 50% of their software that isn't
> > paid for.  There's a shitload of money there, and if getting at some of
> > it costs a little, well, its still more profit than they would
> > have gotten otherwise.
> 
>Isn't it much simpler for them to just write into their OS the ability to
> snitch on what M$ software was on the users machine everytime they go online? In
> fact, I've been assuming that everything from w98 on did exactly that. And
> wouldn't it be trivial for them to check for cracked serial numbers, or
> duplicate serial numbers? 


I don't think 98 does it, but XP does.
It just raised the bar a bit-- there was a pirate version
of Office XP out before the legal version. 


Eric

economics of DRM, was Re: Ross's TCPA paper

[Eric Murray]

On Sat, Jul 13, 2002 at 06:34:36PM +1200, Peter Gutmann wrote:
> Eric Murray <[EMAIL PROTECTED]> writes:
> >On Fri, Jul 12, 2002 at 07:14:55PM +1200, Peter Gutmann wrote:
> >>From a purely economic perspectice, I can't see how this will fly.  I'll pull a
> >>random figure of $5 out of thin air (well, I saw it mentioned somewhere but
> >>can't remember the source) as the additional manufacturing cost for the TCPA
> >>hardware components.  Motherboard manufacturers go through redesigns in order
> >>to save cents in manufacturing costs, and they're expected to add $5 to their
> >>manufacturing cost just to help Microsoft manage its piracy problem?
> >
> >Motherboard makers don't pay for it.  Microsoft pays for it.
> 
> Hmm, I can just see it now, Windows 2005 ships as three CDs, a 400-page EULA, a
> fine-tip soldering iron, a magnifying glass, an EMBASSY chip, and a copy of
> "SMD Soldering for Dummies".


You're probably joking, but just in case you're not, or there's
somone who doesn't get it, here's how it works:


Wave (or someone like them) makes a deal with the motherboard
makers to install EMBASSY chips.  Wave pays the motherboard makers
to do it, so there is no added cost to them.  Wave then sells the rights
to use the EMBASSY to Microsoft, Sony, et. al.   The arrangement
may involve percentages of the fees that users pay (i.e. Wave
gets 50% of $1 that a user pays for a Sony-owned song, and gives half
of that to the motherboard maker), or it might involve up-front
payments.  It can work either way.

The difficulty is to get enough EMBASSY or whatever chips out there to
make a critical mass that's attractive to use, and to distribute the
cost of the DRM hardware and software over enough DRM customers that
it's profitable for each one.  i.e. MS might not want to underwrite $20
worth of DRM by itself, because it doesn't make enough more through
DRM-enforced licensing to make a profit from it.  But if the $20 for
the DRM is split among 20 companies, each paying $1, they can all make
a profit from using it.  TCPA, by standardizing the DRM, makes it easier
to get a critical mass and easier to round up participants.

I think that it is important to understand the economics behind DRM
because that is ultimately what will determine if and how it is deployed.
Microsoft does not do things simply because they enjoy being evil.
They are not so worried about Linux (with its small share of the market)
that they will spend mega-bucks now on a very long term project that might
possibly let them keep it off some PCs in the far future.  They _are_
concerned with getting paid for the 50% of their software that isn't
paid for.  There's a shitload of money there, and if getting at some of
it costs a little, well, its still more profit than they would
have gotten otherwise.

Of course its even better for them if they can convince users that DRM
is an added security feature, or they can get governments to require it
(i.e. V-chip).  Then the users pay for it.  But I don't see either of
those being very likely.  It's more probable that there needs to be
significant profit in it for a number of players to make it go.


Eric

Re: Ross's TCPA paper

[Peter Gutmann]

Eric Murray <[EMAIL PROTECTED]> writes:
>On Fri, Jul 12, 2002 at 07:14:55PM +1200, Peter Gutmann wrote:
>>From a purely economic perspectice, I can't see how this will fly.  I'll pull a
>>random figure of $5 out of thin air (well, I saw it mentioned somewhere but
>>can't remember the source) as the additional manufacturing cost for the TCPA
>>hardware components.  Motherboard manufacturers go through redesigns in order
>>to save cents in manufacturing costs, and they're expected to add $5 to their
>>manufacturing cost just to help Microsoft manage its piracy problem?
>
>Motherboard makers don't pay for it.  Microsoft pays for it.

Hmm, I can just see it now, Windows 2005 ships as three CDs, a 400-page EULA, a
fine-tip soldering iron, a magnifying glass, an EMBASSY chip, and a copy of
"SMD Soldering for Dummies".

Peter.

Re: economics of DRM, was Re: Ross's TCPA paper

[Harmon Seaver]

On Sat, Jul 13, 2002 at 10:59:23AM -0700, Eric Murray wrote:
> Microsoft does not do things simply because they enjoy being evil.
> They are not so worried about Linux (with its small share of the market)
> that they will spend mega-bucks now on a very long term project that might
> possibly let them keep it off some PCs in the far future.  They _are_
> concerned with getting paid for the 50% of their software that isn't
> paid for.  There's a shitload of money there, and if getting at some of
> it costs a little, well, its still more profit than they would
> have gotten otherwise.

   Isn't it much simpler for them to just write into their OS the ability to
snitch on what M$ software was on the users machine everytime they go online? In
fact, I've been assuming that everything from w98 on did exactly that. And
wouldn't it be trivial for them to check for cracked serial numbers, or
duplicate serial numbers? 

-- 
Harmon Seaver   
CyberShamanix
http://www.cybershamanix.com

Re: Ross's TCPA paper

[Eric Murray]

On Fri, Jul 12, 2002 at 07:14:55PM +1200, Peter Gutmann wrote:
> 
> >From a purely economic perspectice, I can't see how this will fly.  I'll pull a
> random figure of $5 out of thin air (well, I saw it mentioned somewhere but
> can't remember the source) as the additional manufacturing cost for the TCPA
> hardware components.  Motherboard manufacturers go through redesigns in order
> to save cents in manufacturing costs, and they're expected to add $5 to their
> manufacturing cost just to help Microsoft manage its piracy problem?

Motherboard makers don't pay for it.  Microsoft pays for it.
Or, Microsoft and Vivendi and Sony and ... all chip in.
Each pays a portion, and reaps the rewards.  Ok, really
Wave or their ilk reaps the rewards as well.

This is what Wave's been trying to sell for years now.
It hasn't flown, yet.  MS, Sony et al. would rather
the chip get paid for by someone else first so
they can use it for free.
But there's a likelyhood that eventually someone will
see where they can make money from it and go with it.
If not with Wave or TCPA, with some other deal.


>Sounds a bit like the SET business model in which the issuing bank got to carry
> all the cost and liability and the aqcuiring bank got all the benfits.

What killed SET wasn't that Visa got greedy and arrogant, although
that certainly didn't help.  They didn't want it to succeed.  It was a
placeholder against Mondex, which looked like it was going ot take off
in the mid 90s..  When Mondex didn't happen, SET got harder and harder
to actually implement (with new fees for participating inthe "standards
body" and new fees for compliance testing, etc. etc)  Visa makes more
money from the current SSL situation because they charge a hefty added
fee for 'card not present' transactions.  SET would have gotten rid of
that, which would have been good if there was a competing payment system
(Mondex), bad if there's a virtual monopoly (what actually happened).

It took me a year or so of going to SET meetings before I figured
out that they really wern't that incompetent at getting a standard
organized, they were fscking it up on purpose.

Eric

Re: Ross's TCPA paper

[Peter Gutmann]

Jay Sulzberger <[EMAIL PROTECTED]> writes:

>Nonsense.  Let us remember what Palladium is:
>
>Palladium is a system designed to enable a few large corporations and
>governments to run source secret, indeed, well-encrypted, code on home user's
>machines in such a way that the home user cannot see, modify, or control the
>running code.

There's an even simpler explanation which I tried recently on some non-techies:

  Palladium is a way for Microsoft to make it harder for users to install a
  pirated copy of Office.  That is all.

They understood.

>From a purely economic perspectice, I can't see how this will fly.  I'll pull a
random figure of $5 out of thin air (well, I saw it mentioned somewhere but
can't remember the source) as the additional manufacturing cost for the TCPA
hardware components.  Motherboard manufacturers go through redesigns in order
to save cents in manufacturing costs, and they're expected to add $5 to their
manufacturing cost just to help Microsoft manage its piracy problem?  More to
the point, there's a significant engineering overhead involved here.  Look at
PC power management, after years of APM and then ACPI we've now reached the
situation where power management more or less works, most of the time, as long
as you don't do anything more complex than suspend-to-disk.  Assuming that the
TCPA hardware is of the same level of complexity as ACPI, what a hardware
vendor gets by going down the TCPA/Palladium track is:

 - More expensive products than the competition with no gain in features.
 - Late to market because of the extra design and testing involved.
 - Years of bugfixes and updates a la ACPI.

In return they get:

 - A warm glow of satisfaction knowing that they're lending Microsoft a hand in
   improving their bottom line.

Sounds a bit like the SET business model in which the issuing bank got to carry
all the cost and liability and the aqcuiring bank got all the benfits.

Peter.

RE: Ross's TCPA paper

[Lucky Green]

Peter wrote (potentially quoting somebody else)
> >From a purely economic perspectice, I can't see how this will fly.  
> >I'll pull a
> random figure of $5 out of thin air (well, I saw it mentioned 
> somewhere but can't remember the source) as the additional 
> manufacturing cost for the TCPA hardware components.

$5 marginal cost for the inclusion of a TPM would have been flat-out
unacceptable to the motherboard manufacturers.

--Lucky Green

Re: Ross's TCPA paper

[Jay Sulzberger]

On Fri, 5 Jul 2002, AARG!Anonymous wrote:

< ... />

> Right, and you can boot untrusted OS's as well.  Recently there was
> discussion here of HP making a trusted form of Linux that would work with
> the TCPA hardware.  So you will have options in both the closed source and
> open source worlds to boot trusted OS's, or you can boot untrusted ones,
> like old versions of Windows.  The user will have more choice, not less.

< ... />

Nonsense.  Let us remember what Palladium is:

Palladium is a system designed to enable a few large corporations and
governments to run source secret, indeed, well-encrypted, code on home
user's machines in such a way that the home user cannot see, modify, or
control the running code.

The Orwellian, strictly Animal Farmish, claim runs: "Why it is all just
perfectly OK, because anyone can run source secret, well encrypted, code in
an uncontrolled manner on anyone's machine at will!  We are all equal, it
is just that some, that is, We the Englobulators, will in practice get to
run source secret, well-encrypted, code on hundreds of millions of users'
machines while you, you will never run such code on anybody else's machine
except at a hobbyists' fair, precisely to demonstrate we are all equal.".

There are other advantages to Palladium:

No free kernel will ever freely boot on a Palladium machine.

And there is more.   If Palladium is instituted:

Microsoft will support the most vicious interpretation of the DMCA and
press for passage of the SSSCA, in order that the first crack does not
prove to the world that Palladium cannot prevent all copyright
infringement.  Microsoft will be able to say "See, it is these
GNU/BSD/XFree/Sendmail/Apache/CLISP folk who are causing all this dreadful
copyright infringement.  Why owning a non-Palladium machine should be
declared, no, not illegal, we are not monsters after all, but probative
evidence that the owner is an infringer, and more, a general infringer and
a member of the Copyright Infringement Conspiracy.  Why some of them even
write such code as the well known, and in CIC circles, widely used, tool of
infringement called 'cp'.  Senator, I know you will be as shocked as I was
when I learned what 'cp' stands for.  It stands for 'copy'.  And I do not
mean safe Englobulator-Certified Fair Use Copying, such as is provided by
the Triple X Box, which, for a reasonable license fee, allows up to six
copy-protected copies to be made before settling of accounts and
re-certification of the Box over the net.  No, I mean, raw, completely
promiscuous copying of any file on the machine, as many times as the
infringer wishes.  Without record, without payment to the artist, without
restraint.  Senator, I prefer to call cp 'The Boston Strangler', because
that is exactly what it is.  And every single non-Palladium operating
system in the world comes with cp already loaded, loaded and running.".

oo--JS.

Re: Ross's TCPA paper

[Bill Stewart]

At 09:43 PM 06/28/2002 +0200, Thomas Tydal wrote:
>Well, first I want to say that I don't like the way it is today.
>I want things to get better. I can't read e-books on my pocket computer,
>for example, which is sad since I actually would be able to enjoy e-books
>if I only could load them onto my small computer that follows my everywhere.

You may not be able to read an Adobe\(tm Brand E-Book\(tm,
but that just means you'll need to buy electronic books from
publishers that don't use that data format - whether it's
raw ascii text or Palm-formatted text or PalmOS DRMware that
you can also view on your PC using an emulator in glorious 160x160-pixel 
format :-)
Of course, if your PC's home country of Nauru has Software Police
implementing some local equivalent of the DMCA, that emulator
that you need for debugging may be illegal.

...
>How good is Winamp if it can't play any music recorded in 2004 or later?
>Given that Windows Media Player can play all your tunes and it takes a
>reboot to switch to Winamp, who wouldn't stick with WMP?

Re: Ross's TCPA paper

[AARG! Anonymous]

Seth Schoen writes:
> The Palladium security model and features are different from Unix, but
> you can imagine by rough analogy a Unix implementation on a system
> with protected memory.  Every process can have its own virtual memory
> space, read and write files, interact with the user, etc.  But
> normally a program can't read another program's memory without the
> other program's permission.
>
> The analogy starts to break down, though: in Unix a process running as
> the superuser or code running in kernel mode may be able to ignore
> memory protection and monitor or control an arbitrary process.  In
> Palladium, if a system is started in a trusted mode, not even the OS
> kernel will have access to all system resources.

Wouldn't it be more accurate to say that a "trusted" OS will not peek
at system resources that it is not supposed to?  After all, since the
OS loads the application, it has full power to molest that application
in any way.  Any embedded keys or certs in the app could be changed by
the OS.  There is no way for an application to protect itself against
the OS.

And there is no need; a trusted OS by definition does not interfere with
the application's use of confidential data.  It does not allow other
applications to get access to that data.  And it provides no back doors
for "root" or the system owner or device drivers to get access to the
application data, either.

At http://vitanuova.loyalty.org/2002-07-03.html you provide more
information about your meeting with Microsoft.  It's an interesting
writeup, but the part about the system somehow protecting the app from the
OS can't be right.  Apps don't have that kind of structural integrity.
A chip in the system cannot protect them from an OS virtualizing that
chip.  What the chip does do is to let *remote* applications verify that
the OS is running in trusted mode.  But local apps can never achieve
that degree of certainty, they are at the mercy of the OS which can
twiddle their bits at will and make them "believe" anything it wants.
Of course a "trusted" OS would never behave in such an uncouth manner.


> That limitation
> doesn't stop you from writing your own application software or scripts.

Absolutely.  The fantasies which have been floating here of filters
preventing people from typing virus-triggering command lines are utterly
absurd.  What are people trying to prove by raising such nonsensical
propositions?  Palladium needs no such capability.


> Interestingly, Palladium and TCPA both allow you to modify any part of
> the software installed on your system (though not your hardware).  The
> worst thing which can happen to you as a result is that the system
> will know that it is no longer "trusted", or will otherwise be able to
> recognize or take account of the changes you made.  In principle,
> there's nothing wrong with running "untrusted"; particular applications
> or services which relied on a trusted feature, including sealed
> storage (see below), may fail to operate.

Right, and you can boot untrusted OS's as well.  Recently there was
discussion here of HP making a trusted form of Linux that would work with
the TCPA hardware.  So you will have options in both the closed source and
open source worlds to boot trusted OS's, or you can boot untrusted ones,
like old versions of Windows.  The user will have more choice, not less.


> Palladium and TCPA both allow an application to make use of
> hardware-based encryption and decryption in a scheme called "sealed
> storage" which uses a hash of the running system's software as part of
> the key.  One result of this is that, if you change relevant parts of
> the software, the hardware will no longer be able to perform the
> decryption step.  To oversimplify slightly, you could imagine that the
> hardware uses the currently-running OS kernel's hash as part of this
> key.  Then, if you change the kernel in any way (which you're
> permitted to do), applications running under it will find that they're
> no longer able to decrypt "sealed" files which were created under the
> original kernel.  Rebooting with the original kernel will restore the
> ability to decrypt, because the hash will again match the original
> kernel's hash.

Yes, your web page goes into somewhat more detail about how this would
work.  This way a program can run under a secure OS and store sensitive
data on the disk, such that booting into another OS will then make it
impossible to decrypt that data.

Some concerns have been raised here about upgrades.  Did Microsoft
discuss how that was planned to work, migrating from one version of a
secure OS to another?  Presumably they have different hashes, but it
is necessary for the new one to be able to unseal data sealed by the
old one.

One obvious solution would be for the new OS to present a cert to the chip
which basically said that its OS hash should be treated as an "alias"
of the older OS's hash.  So the chip would unseal using the old OS hash
even when the new OS wa

Re: Ross's TCPA paper

[jamesd]

--
On 5 Jul 2002 at 14:45, AARG! Anonymous wrote:
> Right, and you can boot untrusted OS's as well.  Recently there
> was discussion here of HP making a trusted form of Linux that
> would work with the TCPA hardware.  So you will have options in
> both the closed source and open source worlds to boot trusted
> OS's, or you can boot untrusted ones, like old versions of
> Windows.  The user will have more choice, not less.

Yes he will, but the big expansion of choice is for the the seller
of content and software, who will have more choices as to how he
can cripple what he sells you.  For example he can sell you music
that will only play on a particular music player on your
particular machine.

But that is not enough to give the content industry what it wants,
for someone can still break it on one machine, perhaps by
intercepting the bitstream to the the DA, and having broken it on
one machine, can run it on all machines all over the internet.
Break once, run everywhere.

Microsoft has also been talking out of both sides of its mouth, by
saying that this will also protect against break once, run
everywhere.  The only way that this can protect against
break-once-run-everywhere is to reduce user choice, to make it
mandatory that the user can only run government trusted software,
and to reduce seller choice, prohibit sellers from providing
unacceptable software, such as napster like software. 

--digsig
 James A. Donald
 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
 XQJ33SB0W84Cm4Mw0+3lnN4nsUtaB4B6cIa1dP/2
 2s67UXEL+Y5FHrr52MYArwzRuptDlBNVQIJOj/n/8

Re: Ross's TCPA paper

[Hadmut Danisch]

On Thu, Jul 04, 2002 at 10:54:34PM -0700, Lucky Green wrote:
> 
> Sure you can use shell scripts. Though I don't understand how a shell
> script will help you in obtaining a dump of the protected data since
> your script has insufficient privileges to read the data. Nor can you
> give the shell script those privileges since you don't have supervisor
> mode access to the CPU. How does your shell script plan to get past the
> memory protection?
> 


That's why I was talking about a shell script (or take any
other program to be interpreted).

What does need to be certified: The shell or the shell script?
The CPU doesn't recognize the shell script as a program, this
is just some plain data entered through the keyboard like
writing a letter. A shell script is not a program, it is
data entered at a program's runtime.

This moves one step forward:

The hardware (palladium chip, memory management, etc.) can
check the binary program to be loaded. So you won'te be able
to run a compiled program and to access protected information.

But once a certified software is running, it takes input
(reading mouse, keyboard, files, asking DNS, connecting 
servers,...). This input might cause (by interpretation, by
bug or however) the certified software to do certain things
which do not comply with DRM requirements.

At this stage, the running binary software itself is the
instance to provide the DRM security, not the palladium 
memory management anymore. 

I agree that this is not yet an "open sesame", but it shows
that the game does not play on the binary/memory management
layer only.

But who controls runtime input?

History shows, that M$ software is anything but able
to deal with malicious input. That's why the world is
using virus filters. That's nothing else than an external
filter to keep malicious input from an attacker away
from the running software.

By analogy, Palladium might require the same: an input
filter between attacker and running software. Since the
"attacker" is sitting in front of the computer this time,
this filter has to be applied to the user interface,
keyboard and mouse.

Maybe they'll install a filter between the keyboard and
the software, thus building a certified keyboard, which
filters out any malicious key sequences. And maybe you
can use your keyboard only, if you have downloaded the
latest patterns (like your daily virus filter update).

I agree that this depends on the assumption that 
the certified software is not perfect and can't
deal with arbitrary input. But that's reality.

Hadmut

RE: Ross's TCPA paper

[Lucky Green]

Hadmut Danisch wrote:
> On Wed, Jul 03, 2002 at 10:54:43PM -0700, Bill Stewart wrote:
> > At 12:59 AM 06/27/2002 -0700, Lucky Green wrote:
> > >I fully agree that the TCPA's efforts offer potentially beneficial 
> > >effects. Assuming the TPM has not been compromised, the TPM should 
> > >enable to detect if interested parties have replaced you 
> NIC with the 
> > >rarer, but not unheard of, variant that ships out the contents of 
> > >your operating RAM via DMA and IP padding outside the abilities of 
> > >your OS to detect.
> > 
> > It can?  I thought that DMA was there to let you avoid 
> bothering the 
> > CPU.  The Alternate NIC card would need to have a CPU of 
> its own to do 
> > a good job of this, but that's not hard.
> 
> I don't think so. As far as I understood, the 
> bus system (PCI,...) will be encrypted as well. You'll have
> to use a NIC which is certified and can decrypt the 
> information on the bus. Obviously, you won't get a 
> certification for such an network card.

You won't and Bill won't. But those who employ such NIC's will have no
difficulty obtaining certification.

> But this implies other problems:
> 
> You won't be able to enter a simple shell script through the 
> keyboard. If so, you could simple print protected files as a 
> hexdump or use the screen (or maybe the sound device or any
> LED) as a serial interface.
> 
> Since you could use the keyboard to enter a non-certified 
> program, the keyboard is to be considered as a nontrusted 
> device. This means that you either
> 
> * have to use a certified keyboard which doesn't let 
>   you enter bad programs
> 
> * don't have a keyboard at all
> 
> * or are not able to use shell scripts (at least not in
>   trusted context). This means a 
>   strict separation between certified software and data.

Sure you can use shell scripts. Though I don't understand how a shell
script will help you in obtaining a dump of the protected data since
your script has insufficient privileges to read the data. Nor can you
give the shell script those privileges since you don't have supervisor
mode access to the CPU. How does your shell script plan to get past the
memory protection?

What am I missing?
--Lucky

Re: Ross's TCPA paper

[Hadmut Danisch]

On Fri, Jul 05, 2002 at 03:52:52AM -0700, Seth David Schoen wrote:
> 
> memory protection and monitor or control an arbitrary process. In
> Palladium, if a system is started in a trusted mode, not even the OS
> kernel will have access to all system resources. 

That *might* be a contradiction in terms.

If I understand this correctly, the TCPA or Palladium hardware 
will include some kind of memory management device, very similar
to the ones we have in hardware of the last years, but which stores
some kind of de-/encryption information for each page segment and
which de-/encrypts every memory access. Doesn't seem to be much of
a problem, except for speed.

But how does this device know which segments belong to the software
and which don't? Or how does it know whether an allowed or foreign task
is accessing the protected areas (which is the same question again,
= is the PC in a program segment which also belongs to the protected
area). 

If this is done the simple way, like a normal OS configures the
memory management when loading some executable software, the OS
might at any time give wrong information to the device. In this case, 
the security depends on the integrity and bug-freeness of the 
OS, because the OS _could_ do it, but it is not supposed to do it.

A more advanced way would be to have the program loaded by the 
operating system as before, but to have the Palladium device check
some kind of signature to verify the correctness of the 
OS loading operation. This might lead to an uncontrollable 
problems, if programs start to load DLLs. Is the TCPA/Palladium
trust transitive? If library A is trusted, and so is B, is then
(A+B) trusted?

A third way would be to keep the OS completely out of the job
of loading software/programs into memory, and to have it done
by the Palladium device. This isn't actually a third way, but
a redefinition of terms and a migration. The OS isn't the OS
anymore, because basic tasks of the OS have been migrated to
the Palladium device, which is now to be considered as a
piece of OS in silicon.

I didn't find the time yet to read the TCPA description in 
detail. But from my current point of view I doubt that this
will really work, provide the claimed security, and will still
be a useful computer at the same time.

I especially doubt that the same company, which completely fails to
make Outlook or Internet Explorer resistent against 
content attacks (viruses, worms, ...) will be able to provide
software which such a strict separation between trusted and untrusted
data, as it is required for such a project to work.



regards
Hadmut

Re: Ross's TCPA paper

[Seth David Schoen]

Hadmut Danisch writes:

> You won't be able to enter a simple shell script through the
> keyboard. If so, you could simple print protected files as
> a hexdump or use the screen (or maybe the sound device or any
> LED) as a serial interface.
> 
> Since you could use the keyboard to enter a non-certified
> program, the keyboard is to be considered as a nontrusted
> device. This means that you either
> 
> * have to use a certified keyboard which doesn't let 
>   you enter bad programs
> 
> * don't have a keyboard at all
> 
> * or are not able to use shell scripts (at least not in
>   trusted context). This means a 
>   strict separation between certified software and data.

The latter is closest to what's intended in Palladium.  Individual
programs using Palladium features are able to prevent one another from
reading their executing or stored state.  You can write your own
programs, but somebody else can also write programs which can process
data in a way that your programs can't interact with.

The Palladium security model and features are different from Unix, but
you can imagine by rough analogy a Unix implementation on a system
with protected memory.  Every process can have its own virtual memory
space, read and write files, interact with the user, etc.  But
normally a program can't read another program's memory without the
other program's permission.

The analogy starts to break down, though: in Unix a process running as
the superuser or code running in kernel mode may be able to ignore
memory protection and monitor or control an arbitrary process.  In
Palladium, if a system is started in a trusted mode, not even the OS
kernel will have access to all system resources.  That limitation
doesn't stop you from writing your own application software or scripts.

Interestingly, Palladium and TCPA both allow you to modify any part of
the software installed on your system (though not your hardware).  The
worst thing which can happen to you as a result is that the system
will know that it is no longer "trusted", or will otherwise be able to
recognize or take account of the changes you made.  In principle,
there's nothing wrong with running "untrusted"; particular applications
or services which relied on a trusted feature, including sealed
storage (see below), may fail to operate.

Palladium and TCPA both allow an application to make use of
hardware-based encryption and decryption in a scheme called "sealed
storage" which uses a hash of the running system's software as part of
the key.  One result of this is that, if you change relevant parts of
the software, the hardware will no longer be able to perform the
decryption step.  To oversimplify slightly, you could imagine that the
hardware uses the currently-running OS kernel's hash as part of this
key.  Then, if you change the kernel in any way (which you're
permitted to do), applications running under it will find that they're
no longer able to decrypt "sealed" files which were created under the
original kernel.  Rebooting with the original kernel will restore the
ability to decrypt, because the hash will again match the original
kernel's hash.

(I've been reading TCPA specs and recently met with some Microsoft
Palladium team members.  But I'm still learning about both systems and
may well have made some mistakes in my description.)

-- 
Seth Schoen
Staff Technologist[EMAIL PROTECTED]
Electronic Frontier Foundationhttp://www.eff.org/
454 Shotwell Street, San Francisco, CA  94110 1 415 436 9333 x107

Re: Ross's TCPA paper

[Tim May]

On Monday, July 1, 2002, at 07:15  PM, Mike Rosing wrote:

> On Mon, 1 Jul 2002 [EMAIL PROTECTED] wrote:
>
>> --
>> On 1 Jul 2002 at 15:06, Tim May wrote:
>>> I have strong views on all this DRM and TCPA stuff, and
>>> especially on the claim that some form of DRM is needed to
>>> prevent government from taking over control of the "arts."
>>>
>>> But we said everything that needed to be said _years_ ago. No
>>> point in repeating the same points.
>>
>> No, it does need to be said again.
>
> I agree it needs to be said over and over again.  But for a different
> reason.
>
> There are always new people to teach.  New kids born every day,
> who don't have the history, nor any clue that there *is* a history.
> Old folks who never pain any attention before because it didn't
> concern them, but now it does.
>
> I would be willing to bet the ancient Greeks argued about many of the 
> same
> things we do now, and in much the same way.  The time scale has changed,
> but the basic ethics hasn't.

Then say it. I'm not stopping you.

I explained why _I've_ already said it several dozen times, not why you 
or others shouldn't.

(Helpful advice: Realize that those to whom it needs to be said won't be 
listening to you and that those who are listening don't need to hear it 
for the fifth time. And realize that crossposters from Perrypunks are 
not interested.)


--Tim May
"How we burned in the prison camps later thinking: What would things 
have been like if every security operative, when he went out at night to 
make an arrest, had been uncertain whether he would return alive?" 
--Alexander Solzhenitzyn, Gulag Archipelago

Re: Ross's TCPA paper

[Mike Rosing]

On Mon, 1 Jul 2002 [EMAIL PROTECTED] wrote:

> --
> On 1 Jul 2002 at 15:06, Tim May wrote:
> > I have strong views on all this DRM and TCPA stuff, and
> > especially on the claim that some form of DRM is needed to
> > prevent government from taking over control of the "arts."
> >
> > But we said everything that needed to be said _years_ ago. No
> > point in repeating the same points.
>
> No, it does need to be said again.

I agree it needs to be said over and over again.  But for a different
reason.

There are always new people to teach.  New kids born every day,
who don't have the history, nor any clue that there *is* a history.
Old folks who never pain any attention before because it didn't
concern them, but now it does.

I would be willing to bet the ancient Greeks argued about many of the same
things we do now, and in much the same way.  The time scale has changed,
but the basic ethics hasn't.

> Unfortunately it is being introduced at the same time as there is
> legislation proposed, the SSSCA, to outlaw general purpose
> computers, turning them into set top boxes, and license software
> engineers, so that only a small number of specially privileged
> people will be permitted access to general purpose computers. This
> timing creates a reasonable suspicion that Palladium is in fact a
> stalking horse for that project, a preparation for a slightly more
> acceptable variant of the SSSCA.

I'm not so paranoid.  Somebody will point out that the US can't license
all the software engineers in India (and vice versa).  If they want us
all to buy set-top-boxes, or hdtv's with built in encryption, they can
set up the transmission towers and pay the FCC for the broadcast channels
and just pump out all the crap they want.  Everybody who's just gotta have
the latest DVD can sight right up for it.  The rest of us can ignore the
whole mess and use our computers the way we want to.

A few will be able to tap into the hdtv plaintext and pipe it over to the
net.  They'll get caught eventually and have to deal with concequences.
It doesn't take any new laws to make it happen, but it does take a lot of
up front cash.  And I think that's what is bugging the "content
providers".   They can't just jump on the bandwaggon.  They need to build
new distribution networks, that they can control.  Fine, let them!  But
don't make me have to join in.

Patience, persistence, truth,
Dr. mike

Re: Ross's TCPA paper

[Tim May]

On Monday, July 1, 2002, at 02:23  PM, Anonymous wrote:

> [Repost]
>
> Bear writes:
>
>> A few years ago merchants were equally adamant and believed
>> equally in the rightness of maintaining their "right" to not
>> do business with blacks, chicanos, irish, and women.  It'll
>> pass as people wake up and smell the coffee.  Unfortunately
>> that won't be until after at least a decade of really vicious
>> abuses of private data by merchants who believe in their
>> god-given right to snoop on their customers.
>
> My God, how low the cypherpunk list has sunk.  Here we have someone
> not only demanding that merchants be forced to deal with pseudonymous
> customers, he invokes civil rights laws to support his argument!
>
> Where's Tim May when we need him?

I'm right here. But you have missed something very important: "Bear" did 
not write that article for the _Cypherpunks_ list. It was one of many 
articles cross-posted between the _Cryptography_ list and the 
_Cypherpunks_ list and even some of Hettinga's many lists.

Here are the headers:

From: bear <[EMAIL PROTECTED]>
Date: Sat Jun 29, 2002  10:03:33  PM US/Pacific
To: Barney Wolff <[EMAIL PROTECTED]>
Cc: "'[EMAIL PROTECTED] '" 
<[EMAIL PROTECTED]>, "'[EMAIL PROTECTED] '" 
<[EMAIL PROTECTED]>
Subject: Re: Ross's TCPA paper

>
> Here's a clue, Mr. Bear.  The cypherpunks list was founded on the
> principle that cyberspace can enhance freedom, and that includes freedom
> to associate with whomever you choose.  Racism is evil, but the solution
> must lie in people's hearts.  Pointing a gun at them and forcing them
> to act in a politically correct manner (which is what civil rights
> regulations really do) is no solution to the problem.

Bear left the Cypherpunks list a long while ago, citing fundamental 
disagreements.

"Cryptography" was formed as a putatively apolitical list. Apparently 
this is no longer so, and its politics are at odds with the main themes 
on our list. (I believe this partly comes about precisely _because_ it 
supposedly has no political compass heading.)

I have strong views on all this DRM and TCPA stuff, and especially on 
the claim that some form of DRM is needed to prevent government from 
taking over control of the "arts."

But we said everything that needed to be said _years_ ago. No point in 
repeating the same points.


--Tim May
"Dogs can't conceive of a group of cats without an alpha cat." --David 
Honig, on the Cypherpunks list, 2001-11

Re: Ross's TCPA paper

[jamesd]

--
On 1 Jul 2002 at 15:06, Tim May wrote:
> I have strong views on all this DRM and TCPA stuff, and 
> especially on the claim that some form of DRM is needed to 
> prevent government from taking over control of the "arts."
>
> But we said everything that needed to be said _years_ ago. No 
> point in repeating the same points.

No, it does need to be said again.

You cannot merely do a copy and paste from the cyphernomicon.  You 
will find it necessary a copy and paste from the cyphernomicon 
followed by several global search and replaces and a small amount 
of new material referring to current events.

Palladium, as described by Microsoft, is actually a pretty cool 
idea that would be useful for quite a few cypherpunkly projects.

When Microsoft gave its description of Palladium, there were a few 
caveats and maybes that to me sounded as if they were saying "Well 
our hearts are in the right place, this is the way it will be if 
only it was not going to be the way that it actually is going to 
be".

Unfortunately it is being introduced at the same time as there is 
legislation proposed, the SSSCA, to outlaw general purpose 
computers, turning them into set top boxes, and license software 
engineers, so that only a small number of specially privileged 
people will be permitted access to general purpose computers. This 
timing creates a reasonable suspicion that Palladium is in fact a 
stalking horse for that project, a preparation for a slightly more 
acceptable variant of the SSSCA. 

--digsig
 James A. Donald
 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
 jJb9+mkN3R59T+7qqwbaNl6DlnXtC7susSRKhpeg
 2XCDBLPYrZ4/b3EazgN2sjfbch9lCok9wmcWkHl6X

Re: Ross's TCPA paper

[Anonymous]

[Repost]

Bear writes:

> A few years ago merchants were equally adamant and believed
> equally in the rightness of maintaining their "right" to not
> do business with blacks, chicanos, irish, and women.  It'll
> pass as people wake up and smell the coffee.  Unfortunately
> that won't be until after at least a decade of really vicious
> abuses of private data by merchants who believe in their
> god-given right to snoop on their customers.

My God, how low the cypherpunk list has sunk.  Here we have someone
not only demanding that merchants be forced to deal with pseudonymous
customers, he invokes civil rights laws to support his argument!

Where's Tim May when we need him?  His racism is odious but at least
he's not trying to force other people to follow his beliefs.  I'm sure
he'd have a thing or two to say about our wonderful civil rights laws
and Bear's proposal to extend similar regulations to cyberspace.

Here's a clue, Mr. Bear.  The cypherpunks list was founded on the
principle that cyberspace can enhance freedom, and that includes freedom
to associate with whomever you choose.  Racism is evil, but the solution
must lie in people's hearts.  Pointing a gun at them and forcing them
to act in a politically correct manner (which is what civil rights
regulations really do) is no solution to the problem.

> So yeah, I think that the right to privacy implies the right to
> use a pseudonym.  For any non-fraudulent purpose, including
> doing business with merchants who don't know it's a pseudonym.
>
> And I think that's a constitutional right, whether the merchants
> happen to like it or not...

And of course any reference to the constitution betrays utter cluelessness
when talking on an international mailing list about technology which
spans national borders.  Unless you are prepared to be bound by the
Iraqi constitution, Mr. Bear, don't ask us to be governed by yours.

Re: Ross's TCPA paper

[Ben Laurie]

Barney Wolff wrote:
> My use of "anonym" was a joke.  Sorry if it was too deadpan.  But
> my serious point was that if a pseudonym costs nothing to get or
> give up, it makes one effectively anonymous, if one so chooses.

Well, yeah, I'd say that single-use pseudonyms are, in fact, the 
definition of anonyms.

Zero cost is not required, of course, except to make anonymity, err, 
zero cost.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html   http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

Anonyms, Pseudonyms, and Fists (was Re: Ross's TCPA paper)

[R. A. Hettinga]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

At 11:37 AM +0100 on 7/1/02, Ben Laurie wrote:


> Hmm. So present the appropriate definition?

Well, like I said, (and to be completely pedantic about it :-)), it
seems to me that logically there's no such thing as an "anonym" even
though you could do pseudonymous things that are, prima facie, and
probably functionally, anonymous.

The closest thing might be a string of single-use keys, pseudonyms,
as we've said, or, in the "Mr. and Mrs. Smith" of motel register fame
(or user "cypherpunks", password "writecode"), everyone using the
same key, to using a key, or name as we (and now a dictionary
somewhere, though my spell-check dictionary flags it :-)), have also
said, is to create an *alternate* name or key for yourself, which is,
by definition, a pseudonym, even if it is used once, and unlinked to
any other event somehow.


And, to throw a curve into the whole discussion, there's also the
"fist" everyone uses on the net, like the fist that people had when
keying Morse Code. Or, more recently, the words, syntax, semantics,
"concordance", whatever, that they use when writing or talking. That
stuff has has been used in literature -- to apparent lesser effect
more recently with Shakespeare, and to greater effect with Joel
Klien, for instance. Or the way we buy or things in an electronic
market, or by mousing around the web. That kind of stuff, as Carl
Ellison has noted, is probably as good a biometric as there might
ever be, given enough data, so certainly a persistent pseudonym can't
be anonymous in the sense of unlinked behavior to itself. Frankly,
since we still live in a world of physical IP addresses, and
apparently, given the ZKS experience, a still uneconomical way of
mixing those addresses, traffic analysis, as usual, is still quite a
bitch.

Only when we can change the economics of pseudonymity will we have
anything approaching anonymity, in other words. If it's cheaper to do
things anonymously -- especially financial things, which are at the
core of most traceable, most linkable, literally "accountable",
"transparent" activity, right now -- then we'll get closer and closer
to anonymity.


So, maybe there isn't such a "thing" as an anonym, even though we
know what anonymity is. We can make generalizations about anonymity
all the time. The ultimate generalization being that anonymity, like
security and cryptography themselves, is more of an economic
asymptote than anything else. Something like perfection; as Anselm
said in trying to prove the existence of God before the concept of
calculus and limits would have shown him the error of his ways :-),
something that we can conceive in our mind, if not actually see in
reality. We can probably get close enough to be free, however, even
in a world of ubiquitous optical supervision of private property.
Dramatically freer than we are now, certainly, which is all that
matters.

Cheers,
RAH

-BEGIN PGP SIGNATURE-
Version: PGP 7.5

iQA/AwUBPSBYzMPxH8jf3ohaEQKAVACfYeUm0QMu3PIcj9IacILb4S5t87AAoIZJ
B51jtZMJN0l+bOITjKVqK5Rn
=dZrT
-END PGP SIGNATURE-

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Ross's TCPA paper

[Barney Wolff]

My use of "anonym" was a joke.  Sorry if it was too deadpan.  But
my serious point was that if a pseudonym costs nothing to get or
give up, it makes one effectively anonymous, if one so chooses.

On Mon, Jul 01, 2002 at 11:37:28AM +0100, Ben Laurie wrote:
> R. A. Hettinga wrote:
> > At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:
> >>No, a pseudonym can be linked to stuff (such as reputation,
> >>publications, money). An anonym cannot.
> > 
> > More to the point, there is no such "thing" as an "anonym", by definition.
> 
> Hmm. So present the appropriate definition?

-- 
Barney Wolff
I never met a computer I didn't like.

Re: Ross's TCPA paper

[R. A. Hettinga]

At 11:30 PM -0400 on 6/30/02, Barney Wolff wrote:


> anonym n : "Mr. and Mrs. John Smith" when signed in a motel register.

No. Pseudonym(s). Subclass "Alias".

An anonym (literally, "no name", right?) is not signing the book at all,
and, thus, as "nyms" go, can't exist except in your mind. Somewhere St.
Anselm is smiling...

I'd be tempted to say that an anonym is it's own antinym and thus can't
exist, but that, as James Coburn said in a movie recently, would be just
plain mean...

:-).

Cheers,
RAH


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Ross's TCPA paper

[Ben Laurie]

R. A. Hettinga wrote:
> At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:
>>No, a pseudonym can be linked to stuff (such as reputation,
>>publications, money). An anonym cannot.
> 
> More to the point, there is no such "thing" as an "anonym", by definition.

Hmm. So present the appropriate definition?

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html   http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

Re: Ross's TCPA paper

[Barney Wolff]

anonym n : "Mr. and Mrs. John Smith" when signed in a motel register.

On Sun, Jun 30, 2002 at 09:55:58PM -0400, R. A. Hettinga wrote:
> 
> More to the point, there is no such "thing" as an "anonym", by definition.

-- 
Barney Wolff
I never met a computer I didn't like.

Re: Ross's TCPA paper

[R. A. Hettinga]

At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:


> No, a pseudonym can be linked to stuff (such as reputation,
> publications, money). An anonym cannot.

More to the point, there is no such "thing" as an "anonym", by definition.

There's no way to link the behavior of one event that an "anonym" causes to
any other event that that "anonym" might, or might not, have caused. If the
events are linkable to the same signing key, which is what we mean
reputation in cypherspace, then you have a pseudonym.

I do agree that a perfect pseudonym is functional anonymity, however, in
the meatspace, is-a-person, biometric identity sense of "anonymity".

Which points up the main flaw in book-entry content settlement/clearing
schemes like the one that Microsoft/WAVE is trying to pull off. If were
just possible to  pay *cash* for *bits*, you don't care *who* bought your
bits, and, frankly, it's not only cheaper, it is, as we will find out soon
enough, impossible to do any other way at the anywhere near the actual cost
of transporting bits across the net.

I leave following that logical thread back to a recursive cash-settled
auction market for content, and the resulting income increase to *creators*
of content mostly at the expense of *distributors* of content :-), as an
exercise for the reader...


Like others, I'm practically praying that Microsoft actually tries to paint
this Escher picture of a financial Russell's paradox. The longer that
Microsoft, the content distributors, and, unfortunately, the financial
community, though learning has to occur sometime, persist in making a
"rights" "management" system which attempts to be both consistent and
complete, the more money other people will make getting a mostly-anonymous
cash-settled bits-on-the-wire content system up and running.

The price of the financial cryptography engineering is falling through the
floor as we speak. Sooner or later, it's just going to happen.

Then things will get interesting.

Cheers,
RAH

-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation 
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

Re: Ross's TCPA paper

[Ben Laurie]

Barney Wolff wrote:
> A pseudonym that I can give up at will and that can never afterwards
> be traced to me is equivalent to an anonym.

No, a pseudonym can be linked to stuff (such as reputation, 
publications, money). An anonym cannot.

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html   http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

Re: Ross's TCPA paper

[bear]

On Sun, 30 Jun 2002, Barney Wolff wrote:

>A pseudonym that I can give up at will and that can never afterwards
>be traced to me is equivalent to an anonym.

Actually, I don't have a problem with it being traced afterwards,
if a crime has been committed and there's a search warrant or
equivalent to trace it in order to further the investigation of
a specific crime.  And that's a pseudonym, not anonymity.

My problem is that if merchant's information is easily linkable,
or if several merchants have access to the same linkable field,
then privacy is out the window.  It's reasonable for a merchant
to know every deal I've ever done with him (pseudonymity).  It's
not reasonable for a merchant to know nothing at all about my
past dealings with anyone including himself (anonymity) nor for
a merchant to know every deal I've done in my life, with everyone
(marketing databases based on linkable ID's).

Ray

Re: Ross's TCPA paper

[Barney Wolff]

On Sat, Jun 29, 2002 at 10:03:33PM -0700, bear wrote:
> ...
> >I won't give up the right NOT to do business with anonymous customers,
> >or anyone else with whom I choose not to do business.
> 
> A few years ago merchants were equally adamant and believed
> equally in the rightness of maintaining their "right" to not
> do business with blacks, chicanos, irish, and women.  It'll
> pass as people wake up and smell the coffee.  Unfortunately
> that won't be until after at least a decade of really vicious
> abuses of private data by merchants who believe in their
> god-given right to snoop on their customers.

The trouble I have with this is that I'm not only a consumer, I'm
also a merchant, selling my own professional services.  And I just
will not, ever, perform services for an anonymous client.  That's
my choice, and the gov't will take it away only when they can pry
it from my cold dead fingers. :)  It's not that I hate my govt,
although I liked it a whole lot better before 1/20/01, but I will
not risk aiding and abetting criminality, even if I can pretend I
don't know I'm doing it.

Oh by the way, last time you visited your favorite kinky sex shop,
didn't you notice the surveillance camera in the corner?  And didn't
you see the cashier at your ${house_of_worship} last ${sabbath}?

The right to anonymity seems to be a new one, not a traditional one
that we're about to lose.  It may be a needed defense against the
ever-increasing ability to correlate data.  All I'm really railing
against is the notion that just because I'm selling something I MUST
accept your anonymity.

> ...
> I don't see any way that DRM addresses the privacy concern
> of database linking.  Especially since I expect database
> linking to be done using specialized software that doesn't
> have to get inspected by anybody with a motive to prevent it,

I certainly agree that DRM cannot protect privacy violation by a
user with access rights.

The whole issue of database correlation and anonymity was insightfully
explored by Heinlein in "The Moon is a Harsh Mistress" in 1966.

-- 
Barney Wolff
I never met a computer I didn't like.

Re: Ross's TCPA paper

[bear]

On Sun, 30 Jun 2002, Barney Wolff wrote:

>The trouble I have with this is that I'm not only a consumer, I'm
>also a merchant, selling my own professional services.  And I just
>will not, ever, perform services for an anonymous client.  That's
>my choice, and the gov't will take it away only when they can pry
>it from my cold dead fingers. :)

Are you one of those who makes no distinction between anonymity
and pseudonymity?  'Cause I've been talking about pseudonymity,
and all your answers have been talking about anonymity.

Bear

Re: Ross's TCPA paper

[Barney Wolff]

A pseudonym that I can give up at will and that can never afterwards
be traced to me is equivalent to an anonym.

I'm not suggesting that anonymity be outlawed, or that every merchant
be required to reject anonymous or pseudonymous customers.  All I'm
suggesting is that "small" merchants MUST NOT be required to accept
such customers.

On Sun, Jun 30, 2002 at 08:38:29AM -0700, bear wrote:
> 
> On Sun, 30 Jun 2002, Barney Wolff wrote:
> 
> >The trouble I have with this is that I'm not only a consumer, I'm
> >also a merchant, selling my own professional services.  And I just
> >will not, ever, perform services for an anonymous client.  That's
> >my choice, and the gov't will take it away only when they can pry
> >it from my cold dead fingers. :)
> 
> Are you one of those who makes no distinction between anonymity
> and pseudonymity?  'Cause I've been talking about pseudonymity,
> and all your answers have been talking about anonymity.
> 
>   Bear

-- 
Barney Wolff
I never met a computer I didn't like.

Re: Ross's TCPA paper

[bear]

On Wed, 26 Jun 2002, Barney Wolff wrote:

>Do you really mean that if I'm a business, you can force me to deal with
>you even though you refuse to supply your real name?  Not acceptable.

I don't think that privacy (in the sense of having the right
to keep private details of your life from being linked for
use unauthorized by you) is ever going to happen if merchants
have the right to demand true identities.

As a merchant, you have the right to be paid and to be sure of
your payment.  I don't think you have the right to collect
data that you can correlate with every public and business
record in the universe and build a profile linked to my identity
that says what brand of breakfast cereal I eat, how much a month
I spend on sex toys, what kind of books I read, and whether I'm
in trouble in divorce court.

The problem is that there is no way to check what merchants
do with the data once they've got it; customers are prevented
from getting into the customer databases and finding out what
a merchant's got on them.  Merchants have no motive whatsoever
to police or restrain their actions in invasion of privacy, and
they have a financial motive to link data -  so there is no
reason to believe that DRM stuff on consumer machines is going
to apply to their data handling in the least.  I just don't see
any possible application of DRM that merchants would allow that
protects consumer privacy.

So yeah, I think that the right to privacy implies the right to
use a pseudonym.  For any non-fraudulent purpose, including
doing business with merchants who don't know it's a pseudonym.

And I think that's a constitutional right, whether the merchants
happen to like it or not, just like the right to eat in a
restaurant even if the manager don't like colored folks, or picket
outside a merchant's business on public property seeking redress
of grievances, or tell the truth about a merchant even if it's
not flattering to him, or otherwise exercising ordinary civil
rights the merchant might prefer you didn't.  You can't have
privacy without the option of pseudonymity, any more than you
can have bread without flour.

>I won't give up the right NOT to do business with anonymous customers,
>or anyone else with whom I choose not to do business.

A few years ago merchants were equally adamant and believed
equally in the rightness of maintaining their "right" to not
do business with blacks, chicanos, irish, and women.  It'll
pass as people wake up and smell the coffee.  Unfortunately
that won't be until after at least a decade of really vicious
abuses of private data by merchants who believe in their
god-given right to snoop on their customers.

>The point about DRM, if I understand it, is that you could disclose
>your information to me for certain purposes without my being able
>to make use of it in ways you have not agreed to.  At least in
>theory.  But this debate appears largely to ignore differences in
>the number of bits involved.  To violate your privacy I can always
>take a picture of my screen with an old camera, or just read it
>into a tape-recorder.  I can't do that effectively with your new DVD
>without significant loss of quality.

Understand that I don't really give a flying crap about the
DVD player; if I want a nice movie, I'll get together with
some buddies and make one.  And I'll let anybody who wants
to watch it download it.

What I want is the right to prevent my customer records at
the bookstore from being correlated with the customer records
at my doctor, my dentist, my insurance agent, my therapist,
my attorney, my grocery store, my pharmacist, the comics
shop, the sex-toy shop, the car dealership, the art gallery,
the stained-glass place, the computer store, the video-rental
place, my favorite restaurants, and my travel agent, and sold
as a nice totally invasive bundle back to the marketing databases
of all of the above.  This is not a question about "number of
bits".  I figure the database will have an efficient, no-nonsense
representation of all of these things, and a photo of the screen,
if it can be scanned back, is just as good as a binary copy.

I don't see any way that DRM addresses the privacy concern
of database linking.  Especially since I expect database
linking to be done using specialized software that doesn't
have to get inspected by anybody with a motive to prevent it,
on "professional" (Non-DRM) machines if necessary.


Bear

Re: Ross's TCPA paper

[Ross Anderson]

Yes, this is a debate I've had with the medical privacy7 guys, some of
whom like the idea of using Palladium to protect medical records.

This is a subject on which I've a lot of experience (see my web page),
and I don't think that Palladium will help. Privacy abuses almost always
involve abuse of authorised access by an insider.

Recent case: 15-year old girl in Croydon, England, gets termination of
pregnancy without telling her mother. This is reported to the local 
health authority, where her uncle works; he sees the report and tells 
the family.

Palladium doesn't help here. Even if the unclse is constrined by the
Fritz chip from doing anything other than look at the screen, he still
has the information.

The fix for this problem is anonymous reporting, with the identity of
the girl known only to the treating physician. It is a policy issue, 
not a techjnology issue; if technology such as Palladium is introduced
it will most likely be by health authorities trying to find an excuse
to retain access to data that they shouldn't have in the first place.
(We've seen a similar effect with smartcards in healthcare, and in fact
the general phenomenon has an interesting similarity with what the
environmental economists call the `social reward trap': making `green'
goods available often increases pollution as people consume green goods
rather than consuming less.)

Ross

Re: Ross's TCPA paper

[bear]

On Mon, 24 Jun 2002, Anonymous wrote:

>The important thing to note is this: you are no worse off than today!
>You are already in the second state today: you run untrusted, and none
>of the content companies will let you download their data.  But boolegs
>are widely available.

The problem is that the "analog hole" is how we debug stuff.
When our speakers don't sound right, we tap the signal, put
it on an oscilloscope so we can see what's wrong, correct
the drivers, and try again.  When our monitor can't make sense
of the video signal, it's different equipment but the same
idea.  When you encrypt all the connections to basic display
hardware, as proposed in Palladium, it means nobody can write
drivers or debug hardware without a million-dollar license.
And if you do fix a bug so your system works better, your
system's "trusted computing" system will be shut down.  Not
that that's any great loss.

Likewise, encrypted instruction streams mean you don't know
what the hell your CPU is doing.  You would have no way to
audit a program and make sure it wasn't stealing stuff from
you or sending your personal information to someone else.

Do we even need to recount how many abuses have been foisted
on citizens to harvest marketing data, and exposed after-the-
fact by some little-known hero who was looking at the assembly
code and went, "Hey look what it's doing here.  Why is it
accessing the passwords/browser cache/registry/whatever?"

Do we want to recount how many times personal data has been
exported from customer's machines by "adware" that hoped not
to be noticed?  Or how popup ads get downloaded by software
that has nothing to do with what website people are actually
looking at?

I don't want to give vendors a tunnel in and out of my system
that I can't monitor.  I want to be able to shut it down and
nail it shut with a hardware switch.  I don't want to ever
run source code that people are so ashamed of that they don't
want me to be able to check and see what it does; I want to
nail that mode of my CPU off so that no software can turn it
on EVER.

I'll skip the digital movies if need be, but to me "trusted
computing" means that *I* can trust my computer, not that
someone else can.

Bear

RE: Ross's TCPA paper

[Mike Rosing]

On Thu, 27 Jun 2002, Lucky Green wrote:

> David wrote:
> > It's not clear that enabling anti-competitive behavior is
> > good for society.  After all, there's a reason we have
> > anti-trust law. Ross Anderson's point -- and it seems to me
> > it's one worth considering
> > -- is that, if there are potentially harmful effects that
> > come with the beneficial effects, maybe we should think about
> > them in advance.
>
> I fully agree that the TCPA's efforts offer potentially beneficial
> effects. Assuming the TPM has not been compromised, the TPM should
> enable to detect if interested parties have replaced you NIC with the
> rarer, but not unheard of, variant that ships out the contents of your
> operating RAM via DMA and IP padding outside the abilities of your OS to
> detect.
>
> However, enabling platform security, as much as might be stressed
> otherwise by the stakeholders, has never been the motive behind the
> TCPA. The motive has been DRM. Does this mean that one should ignore the
> benefits that TCPA might bring? Of course not. But it does mean that one
> should carefully weigh the benefits against the risks.
>
> --Lucky Green

I don't see DRM as anti-competitive, I see it as a road block. The
French government just signed a contract to put Linux into many of
their service machines to help people get data into and out of the
government (and I bet there's a lot!).  A Microsoft DRM file won't
work there, so Microsoft is screwed.

The majority of people and businesses want to do things as cheaply
as possible.  The whole reason Microsoft has gotten as big as they
are is because they are cheap.  That they happen to be crappy too
didn't bother most people, compared to a Sun or Dec workstation, a
PC running DOS or WinXX was a factor of 10 cheaper.

Controlling secrets for use within a company is what most companies
want.  The TCPA helps solve that problem, and if Microsoft can sell
them something that does it cheaply, they'll happily buy it.

The line gets crossed when Hollywood wants to sell movies over the
net, and they realize all those bits can be sent by anyone, anywhere,
anytime once they have them.  For Hollywood to mandate that all
platforms and devices protect their IP is insane, and we need to
make sure it doesn't happen.

However, we can build very special devices that connect directly
to Hollywood to play their stuff.  If somebody steals it, then
it's out and there's not much they can do.  Most people won't want
to do that - the special boxes can be cheap enough that it's not
worth the effort.  These special boxes are also TCP, but they are
not general computing platforms - they are special movie playing
or music playing platforms.

So technology can be made so we all win - IP is normativly protected,
PC's are generic, and consumers and business get solutions that are
low cost.  It's an economic win too because guys like me get more
work building more boxes :-)

Certainly there will be people who could tap into a special box and
transfer the data to the general net and make it work on a general
PC.  They will be called theives and eventually be apprehended.  If
Hollywood has any brains, these guys will have a lot of work to do.
People still counterfiet money too - but they usually lose money!!

There are lots of solutions here.  The law is not one of them.
There is more than enough applicable law to use, and anyone who
tries to force their solution down everyone's throat can be taken
in for anti-trust violations.

I see the risk as being too much law and fixed technology.  DRM and
TCP are useful tools, they should not be forged into weapons.

Patience, persistence, truth,
Dr. mike

Re: Ross's TCPA paper

[Ken Brown]

Pete Chown wrote:

> BTW, I have been thinking for a while about putting together a UK
> competition complaint about DVD region coding.  No promises that
> anything will happen quickly.  On the other hand, if people offer help
> (or just tell me that they think it is a worthwhile thing to do) it will
> probably move faster.

I think it is a worthwhile thing to do. But then as I don't even have a
DVD player or own any DVDs I probably have very little basis for taking
such an action myself!

Re: Ross's TCPA paper

[Marcel Popescu]

From: <[EMAIL PROTECTED]>

> As a side note, it seems that a corporation would actually have to
> demonstrate that I had seen and agreed to the thing and clicked
> acceptance.  Prior to that point, I could reverse engineer, since
> there is no statement that I cannot reverse engineer agreed to.  So
> what would happen if I reverse engineered the installation so that the
> agreement that was display stated that I could do what I liked with
> the software?  Ok, so there would be no mutual intent, but on the
> other hand, there would also be no agreement on the click-through
> agreement either.

I have an application that replaces the caption on the "I agree" button to
your liking; I wrote it exactly because of this reasoning.

http://picosoft.freeservers.com/NoLicense.htm

Of course, it's a stupid little program, I'm sure anyone can come up with
something better in no time... BTW, for any lawyers around here - shouldn't
the mere existence of this program be enough to blow up the idea that you
agreed to the click-through stuff?

Mark

Re: Ross's TCPA paper

[David Wagner]

Mike Rosing  wrote:
>As long as MS Office isn't mandated by law, who cares?

It's not clear that enabling anti-competitive behavior is good
for society.  After all, there's a reason we have anti-trust law.
Ross Anderson's point -- and it seems to me it's one worth considering
-- is that, if there are potentially harmful effects that come with the
beneficial effects, maybe we should think about them in advance.

RE: Ross's TCPA paper

[Lucky Green]

David wrote:
> It's not clear that enabling anti-competitive behavior is 
> good for society.  After all, there's a reason we have 
> anti-trust law. Ross Anderson's point -- and it seems to me 
> it's one worth considering
> -- is that, if there are potentially harmful effects that 
> come with the beneficial effects, maybe we should think about 
> them in advance.

I fully agree that the TCPA's efforts offer potentially beneficial
effects. Assuming the TPM has not been compromised, the TPM should
enable to detect if interested parties have replaced you NIC with the
rarer, but not unheard of, variant that ships out the contents of your
operating RAM via DMA and IP padding outside the abilities of your OS to
detect.

However, enabling platform security, as much as might be stressed
otherwise by the stakeholders, has never been the motive behind the
TCPA. The motive has been DRM. Does this mean that one should ignore the
benefits that TCPA might bring? Of course not. But it does mean that one
should carefully weigh the benefits against the risks.

--Lucky Green

RE: DRMs vs internet privacy (Re: Ross's TCPA paper)

[Lucky Green]

Adam Back wrote:
> I don't mean that you would necessarily have to correlate 
> your viewing habits with your TrueName for DRM systems.  
> Though that is mostly
> (exclusively?) the case for current deployed (or at least 
> implemented with a view of attempting commercial deployment) copy-mark
> (fingerprint) systems, there are a number of approaches which 
> have been suggested, or could be used to have viewing privacy.

The TCPA specs were carefully designed to permit the user to obtain
multiple certificates from multiple CA's and thus, if, and that's a big
if, the CA's don't collude and furthermore indeed discard the true name
identities of the customer, utilize multiple separate identities for
various online applications. I.e., the user could have one cert for
their True Name, one used to enable Microsoft Office, and one to
authenticate the user to other online services.

It is very much the intent of the TCPA to permit the use of pseudonymous
credentials for many, if not most, applications. Otherwise, the TCPA's
carefully planned attempts at winning over the online liberty groups
would have been doomed from the start.

--Lucky Green

Re: Ross's TCPA paper

[Mike Rosing]

On 27 Jun 2002, David Wagner wrote:

> No, it's not.  Read Ross Anderson's article again.  Your analysis misses
> part of the point.  Here's an example of a more problematic vision:
> you can buy Microsoft Office for $500 and be able to view MS Office
> documents; or you can refrain from buying it and you won't be able to
> view MS Office documents.  Do you see why this is problematic?  It lets
> one vendor lock the world into a monopoly; noone else will be able to
> develop compatible MS Word viewers without the consent of Microsoft.
> (StarOffice on Linux won't work, because to get the session key to
> decrypt the Word document your viewer has to go online to microsoft.com
> and ask for it, but microsoft.com won't give you the key unless you've
> bought a "secure" "trusted" OS and purchased Microsoft Office for $500.)
> Now notice that the same idea can be used to inhibit competition in
> just about any computer market, and I hope you appreciate Ross's point.
> TCPA/DRM has the potential for anti-competitive effects, and the result
> may well be worse off than we are today.

As long as MS Office isn't mandated by law, who cares?  So what: somebody
sends me a file.  I tell them I can't read it.  Now, they have a choice,
they can give me MS Office or they can send me ascii.  The market will
determine if "secure" OS's are useful.

DRM isn't the problem.  Legislating DRM is the problem.  You can go buy
IBM portables with secure key chips built in right now to help protect
your box and your business data.  That's TCPA.  Nothing wrong with it,
it's a good idea.

It doesn't become wrong until it becomes forced down our throats.  That's
where S.2048 becomes something to worry about, it forces us to use
hardware we don't need (or may not need for our purposes).  TCPA and DRM
are not the problem here, and privacy and copyright are side issues too.
There is no need for the law to intervene, the market will decide how all
this stuff can be used efficiently and effectively.

And that's what the entertainment industry needs to figure out and fast
too.  The law is slow.  Technology is fast.

Patience, persistence, truth,
Dr. mike

Re: Ross's TCPA paper

[David Wagner]

Scott Guthery  wrote:
>Perhaps somebody can describe
>a non-DRM privacy management system.

Uhh, anonymous remailers?  I never disclose my identity, hence there is
no need for parties I don't trust to "manage" it.

Come on, folks.  This ought to be cypherpunks 101.  DRM might be one
way to achieve privacy, but it is not the only way.

One simple way for me to ensure my privacy is simply never to disclose my
personal information.  There's no DRM here.  Sure, maybe we could envision
some alternate world where I disclose my personal information in return
for some promise from Big Brother to protect my personal information with
DRM, but this doesn't mean that DRM is the only way to achieve privacy!

Re: Ross's TCPA paper

[bear]

On Wed, 26 Jun 2002, Barney Wolff wrote:

>Do you really mean that if I'm a business, you can force me to deal with
>you even though you refuse to supply your real name?  Not acceptable.
>I won't give up the right NOT to do business with anonymous customers,
>or anyone else with whom I choose not to do business.

As a business, you want to get paid.  As long as you are
sure of your money, what the hell business is it of yours
where I live, what name I'm currently registered under, or
who I'm screwing?

When I buy things with cash or silver, if they ask for ID
I leave or lie.  I think that people should be free to use
a pseudo for any non-fraudulent purposes.


Bear

DRMs vs internet privacy (Re: Ross's TCPA paper)

[Adam Back]

On Wed, Jun 26, 2002 at 03:57:15PM -0400, C Wegrzyn wrote:
> If a DRM system is based on X.509, according to Brand I thought you could
> get anonymity in the transaction. Wouldn't this accomplish the same thing?

I don't mean that you would necessarily have to correlate your viewing
habits with your TrueName for DRM systems.  Though that is mostly
(exclusively?) the case for current deployed (or at least implemented
with a view of attempting commercial deployment) copy-mark
(fingerprint) systems, there are a number of approaches which have
been suggested, or could be used to have viewing privacy.

Brands credentials are one example of a technology that allows
trap-door privacy (privacy until you reveal more copies than you are
allowed to -- eg more than once for ecash).  Conceivably this could be
used with a somewhat online, or in combination with a tamper-resistant
observer chip in lieu of online copy-protection system to limit
someone for example to a limited number of viewings.

Another is the "public key fingerprinting" (public key copy-marking)
schemes by Birgit Pfitzmann and others.  This addresses the issue of
proof, such that the user of the marked-object and the verifier (eg a
court) of a claim of unauthorised copying can be assured that the
copy-marker did not frame the user.

Perhaps schemes which combine both aspects (viewer privacy and
avoidance of need to trust at face value claims of the copy-marker)
can be built and deployed.

(With the caveat that though they can be built, they are largely
irrelevant as they will no doubt also be easily removable, and anyway
do not prevent the copying of the marked object under the real or
feigned claim of theft from the user whose identity is marked in the
object).


But anyway, my predictions about the impending collision between
privacy and the DRM and copy protection legislation power-grabs stems
from the relationship of privacy to the later redistrubtion
observation that:

1) clearly copy protection doesn't and can't a-priori prevent copying
and conversion into non-DRM formats (eg into MP3, DIVX)

2) once 1) happens, the media cartels have an interest to track
general file trading on the internet;

3) _but_ strong encryption and cryptographically enforced privacy mean
that the media cartels will ultimately be unsuccessful in this
endeavour.

4) _therefore_ they will try to outlaw privacy and impose escrow
identity and internet passports etc. and try to get cryptographically
assured privacy outlawed.  (Similar to the previous escrow on
encryption for media cartel interests instead of signals intelligence
special interests; but the media cartels are also a powerful
adversary).

Also I note an slip in my earlier post [of Bear's post]:

| First post on this long thread that got it right.

Ross Anderson's comments were also right on the money (as always).

Adam

Re: Ross's TCPA paper

[David Wagner]

Anonymous  wrote:
>The amazing thing about this discussion is that there are two pieces
>of conventional wisdom which people in the cypherpunk/EFF/"freedom"
>communities adhere to, and they are completely contradictory.

I can't agree.  Strong protection of copyright is probably possible if
the content owner only distributes the content to tamperproof trusted
hardware.  Strong protection of copyright is probably not possible if
the content is available on hardware under control of untrusted parties.
Where's the contradiction?

Another point you seem to be missing is that there is a middle ground
between perfect copy-protection and no copy-protection.  This middle
ground may be very bad for the public.  Take, for instance, Adobe's
rot13-class encryption: this offered only weak copy-protection, as any
serious pirate could defeat it, but the copy-protection is just strong
enough to be bad for fair use and for research, and possibly just strong
enough to serve Adobe's corporate interests.

>Let us suppose that this is the world ten years from now: you can run a
>secure OS in "trusted" mode and be eligible to download movies and music
>for a price; or you can run in untrusted mode and no one will let you
>download other than bootleg copies.  This is the horror, the nightmare
>vision which the doom-sayers frantically wave before us.

No, it's not.  Read Ross Anderson's article again.  Your analysis misses
part of the point.  Here's an example of a more problematic vision:
you can buy Microsoft Office for $500 and be able to view MS Office
documents; or you can refrain from buying it and you won't be able to
view MS Office documents.  Do you see why this is problematic?  It lets
one vendor lock the world into a monopoly; noone else will be able to
develop compatible MS Word viewers without the consent of Microsoft.
(StarOffice on Linux won't work, because to get the session key to
decrypt the Word document your viewer has to go online to microsoft.com
and ask for it, but microsoft.com won't give you the key unless you've
bought a "secure" "trusted" OS and purchased Microsoft Office for $500.)
Now notice that the same idea can be used to inhibit competition in
just about any computer market, and I hope you appreciate Ross's point.
TCPA/DRM has the potential for anti-competitive effects, and the result
may well be worse off than we are today.

Re: Ross's TCPA paper

[Sunder]

On Wed, 26 Jun 2002, Barney Wolff wrote:

> Do you really mean that if I'm a business, you can force me to deal with
> you even though you refuse to supply your real name?  

When was the last time you had to give your name when you bought a
newspaper, CD or a DVD in a non-online/non-mail order store?

> Not acceptable.
> I won't give up the right NOT to do business with anonymous customers,
> or anyone else with whom I choose not to do business.

That is your choice of course, as it is mine to refuse to disclose my
identity for a simple purchase such as a newspaper, CD, or DVD.

> The point about DRM, if I understand it, is that you could disclose
> your information to me for certain purposes without my being able
> to make use of it in ways you have not agreed to.  At least in
> theory.  

Then, you don't understand it at all.  The point of DRM is to prevent you,
the customer from making copies of CD's and DVD's available to others,
skipping over commercials, to limit you from purchasing the same titles
from outside your "region" for much less, or slightly different edits, or
before they're released in your region, or lend the same to your friends,
or transferring the data to other mediums (mp3 players, etc.)
  
Never mind that copyright laws allow such fair use such as making backups
and loaning to your friends, transfering CD tracks to your mp3 player, and
even selling used DVD's/CD's so long as you destroy all other copies of
the same title.

In order to enforce these ends, the only way to "protect" the rights of
the owner of the copyrighted work, the current proposals deem to remove
administrative rights to your own computer. i.e. MSFT Palladin et al.

At this point, the owner of the copyright has root on your computer.  (Be
that computer a DVD player, X-Box, or whatever.)  Should you have anything
else on that machine, it is accessible surreptitiously by them without
your knowledge so long as the device is online, and it would have to be in
order to be "registered" and "updated."  Hence the complaints of privacy
violations.

> But this debate appears largely to ignore differences in
> the number of bits involved.  To violate your privacy I can always
> take a picture of my screen with an old camera, or just read it
> into a tape-recorder.  I can't do that effectively with your new DVD
> without significant loss of quality.

The number and quality of bits is irrelevant from the point of view of the
MPAA and RIA.  Street vendors of illegal VHS tapes and DVD's made of
movies from a camcorder while in a movie theater have had their asses
rightly hauled in.  I imagine the quality of their wares is also quite
low when compared to legal versions of the same.
 
> I don't see any technical solution that would enable Alice to reveal
> something to Bob that Bob could not then reveal to Eve.  If that's
> true, then DRM must stand on its own dubious merits.

Indeed.

Re: TCPA / Palladium FAQ (was: Re: Ross's TCPA paper)

[Ed Gerck]

Interesting Q&A paper and list comments. Three
additional comments:

1. DRM and privacy  look like apple and speedboats.
Privacy includes the option of not telling, which DRM
does not have.

2. Palladium looks like just another vaporware from
Microsoft, to preempt a market like when MS promised
Windows and killed IBM's OS/2 in the process.

3. Embedding keys in mass-produced chips has
great sales potential. Now we may have to upgrade
processors also because the key  is compromised ;-)

Cheers,
Ed Gerck

PS: We would be much better off with OS/2, IMO.

Ross Anderson wrote:

> http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
>
> Ross
>
> -
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

TCPA / Palladium FAQ (was: Re: Ross's TCPA paper)

[Ross Anderson]

http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

Ross

Re: Ross's TCPA paper

[pasward]

I'm slightly confused about this.  My understanding of contract law is
that five things are required to form a valid contract: offer and
acceptance, mutual intent, consideration, capacity, and lawful
intent.  It seems to me that a click-through agreement is likely to
fail on at least one, and possibly two of these requirements.  First,
it is doubtful that there is mutual intent.  The average user doesn't
even read the agreement, so there is hardly mutual intent.  However,
even if I accept mutual intent, it would be easy to argue that there
is no capacity.  I have four children under the age of seven.  None of
them have the legal capacity to form a contract.  Three of them have
the physical capacity to click a button.  A corporation would
therefore have to demonstrate that I and not they clicked on the
agreement for the contract to be valid.

As a side note, it seems that a corporation would actually have to
demonstrate that I had seen and agreed to the thing and clicked
acceptance.  Prior to that point, I could reverse engineer, since
there is no statement that I cannot reverse engineer agreed to.  So
what would happen if I reverse engineered the installation so that the
agreement that was display stated that I could do what I liked with
the software?  Ok, so there would be no mutual intent, but on the
other hand, there would also be no agreement on the click-through
agreement either.

Paul

Peter D. Junger writes:
 > Pete Chown writes:
 > 
 > : Anonymous wrote:
 > : 
 > : > Furthermore, inherent to the TCPA concept is that the chip can in
 > : > effect be turned off.  No one proposes to forbid you from booting a
 > : > non-compliant OS or including non-compliant drivers.
 > : 
 > : Good point.  At least I hope they don't. :-)
 > : 
 > : > There is not even social opprobrium; look at how eager
 > : > everyone was to look the other way on the question of whether the DeCSS
 > : > reverse engineering violated the click-through agreement.
 > : 
 > : Perhaps it did, but the licence agreement was unenforceable.  It's
 > : clearly reverse engineering for interoperability (between Linux and DVD
 > : players) so the legal exemption applies.  You can't escape the exemption
 > : by contract.  Now, you might say that morally he should obey the
 > : agreement he made.  My view is that there is a reason why this type of
 > : contract is unenforceable; you might as well take advantage of the
 > : exemption.
 > 
 > That isn't the reason why a click-through agreement isn't 
 > enforceable---the agreement could, were it enforceable, validlly
 > forbid reverse engineering for any reason and that clause would
 > in most cases be upheld.  But, unless you buy your software from
 > the copyright owner, you own your copy of the software and
 > clicking on a so called agreement with the copyright owner
 > that you won't do certain things with your software is---or,
 > at least should be---as unenforceable as promise to your doctor
 > that you won't smoke another cigarette.  The important point
 > is not, however, that click-through agreements are probably
 > unenforceable; the important point is that people---at least
 > those people who think that they own their own computers and
 > the software copies that they have purchased---generally
 > believe that they should be unenforceable.  (And in the
 > actual case involving Linux and DVD players there was no
 > agreement not to circumvent the technological control measures
 > in DVD's; the case was based on the theory that the circumvention
 > violated the Digital Millenium Copyright Act.)
 >  
 > : The prosecution was on some nonsense charge that amounted to him
 > : burgling his own house.  A statute that was meant to penalise computer
 > : break-ins was used against someone who owned the computer that he broke
 > : into.
 > : 
 > : > The TCPA allows you to do something that you can't do today: run your
 > : > system in a way which convinces the other guy that you will honor your
 > : > promises, that you will guard his content as he requires in exchange for
 > : > his providing it to you.
 > : 
 > : Right, but it has an odd effect too.  No legal system gives people
 > : complete freedom to contract.  Suppose you really, really want to exempt
 > : a shop from liability if your new toaster explodes.  You can't do it;
 > : the legal system does not give you the freedom to contract in that way.
 > : 
 > : DRM, however, gives people complete freedom to make contracts about how
 > : they will deal with digital content.  Under EU single market rules, a
 > : contract term to the effect that you could pass on your content to
 > : someone in the UK but not the rest of the EU is unenforceable.  No
 > : problem for DRM though...
 > 
 > I don't think that one should confuse contract limitations, or 
 > limitations on enforceable contract limitations, with technological
 > limitations.  There is nothing, for example, in any legal system that
 > forbids one from violating the law of gravity.
 

Re: Ross's TCPA paper - DRM and privacy

[C Wegrzyn]

One more thing, there are different types of DRM. For instance you might
want to make sure that only a specific number of accesses to a media
document are made, and no more. A second type of DRM access might be
allowing only one concurrent access, again I'm not sure that this requires
much private information.A third type of DRM might be time limited. You
might also want a DRM access to a specific IP/location. These don't seem to
require private information, unless prosecution is in the model of
operation.

Chuck Wegrzyn


- Original Message -
From: "Adam Back" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Orig-To: "bear" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, June 26, 2002 3:37 PM
Subject: Re: Ross's TCPA paper


> On Wed, Jun 26, 2002 at 10:01:00AM -0700, bear wrote:
> > As I see it, we can get either privacy or DRM,
> > but there is no way on Earth to get both.
> > [...]
>
> Hear, hear!  First post on this long thread that got it right.
>
> Not sure what the rest of the usually clueful posters were thinking!
>
> DRM systems are the enemy of privacy.  Think about it... strong DRM
> requires enforcement as DRM is not strongly possible (all bit streams
> can be re-encoded from one digital form (CD->MP3, DVD->DIVX),
> encrypted content streams out to the monitor / speakers subjected to
> scrutiny by hardware hackers to get digital content, or A->D
> reconverted back to digital in high fidelity.
>
> So I agree with Bear, and re-iterate the prediction I make
> periodically that the ultimate conclusion of the direction DRM laws
> being persued by the media cartels will be to attempt to get
> legislation directly attacking privacy.
>
> This is because strong privacy (cryptographically protected privacy)
> allows people to exchange bit-strings with limited chance of being
> identified.  As the arms race between the media cartels and DRM
> cohorts continues, file sharing will start to offer privacy as a form
> of protection for end-users (eg. freenet has some privacy related
> features, serveral others involve encryption already).
>
> Donald Eastlake wrote:
>
> | There is little *tehcnical* difference between your doctors records
> | being passed on to assorted insurance companies, your boss, and/or
> | tabloid newspapers and the latest Disney movies being passed on from a
> | country where it has been released to people/theaters in a country
> | where it has not been released.
>
> There is lots of technical difference.  When was the last time you saw
> your doctor use cryptlopes, watermarks etc to remind himself of his
> obligations of privacy.
>
> The point is that with privacy there is an explicit or implied
> agreement between the parties about the handling of information.  The
> agreement can not be technically *enforced* to any stringent degree.
>
> However privacy policy aware applications can help the company avoid
> unintentionally breaching it's own agreed policy.  Clearly if the
> company is hostile they can write the information down off the screen
> at absolute minimum.  Information fidelity is hardly a criteria with
> private information such as health care records, so watermarks, copy
> protect marks and the rest of the DRM schtick are hardly likely to
> help!
>
> Privacy applications can be successful to the in helping companies
> avoid accidental privacy policy breaches.  But DRM can not succeed
> because they are inherently insecure.  You give the data and the keys
> to millions of people some large proportion of whom are hostile to the
> controls the keys are supposedly restricting.  Given the volume of
> people, and lack of social stigma attached to wide-spread flouting of
> copy protection restrictions, there are ample supply of people to
> break any scheme hardware or software that has been developed so far,
> and is likely to be developed or is constructible.
>
> I think content providors can still make lots of money where the
> convenience, and /or enhanced fidelity of obtaining bought copies
> means that people would rather do that than obtain content on the net.
>
> But I don't think DRM is significantly helping them and that they ware
> wasting their money on it.  All current DRM systems aren't even a
> speed bump on the way to unauthorised Net re-distribution of content.
>
> Where the media cartels are being somewhat effective, and where we're
> already starting to see evidence of the prediction I mentioned above
> about DRM leading to a clash with privacy is in the area of
> criminalization of reverse engineering, with Skylarov case, Ed
> Felten's case etc.  Already a number of interesting breaks of DRM
> s

Re: Ross's TCPA paper

[C Wegrzyn]

If a DRM system is based on X.509, according to Brand I thought you could
get anonymity in the transaction. Wouldn't this accomplish the same thing?

Chuck Wegrzyn

- Original Message -
From: "Adam Back" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Orig-To: "bear" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, June 26, 2002 3:37 PM
Subject: Re: Ross's TCPA paper


> On Wed, Jun 26, 2002 at 10:01:00AM -0700, bear wrote:
> > As I see it, we can get either privacy or DRM,
> > but there is no way on Earth to get both.
> > [...]
>
> Hear, hear!  First post on this long thread that got it right.
>
> Not sure what the rest of the usually clueful posters were thinking!
>
> DRM systems are the enemy of privacy.  Think about it... strong DRM
> requires enforcement as DRM is not strongly possible (all bit streams
> can be re-encoded from one digital form (CD->MP3, DVD->DIVX),
> encrypted content streams out to the monitor / speakers subjected to
> scrutiny by hardware hackers to get digital content, or A->D
> reconverted back to digital in high fidelity.
>
> So I agree with Bear, and re-iterate the prediction I make
> periodically that the ultimate conclusion of the direction DRM laws
> being persued by the media cartels will be to attempt to get
> legislation directly attacking privacy.
>
> This is because strong privacy (cryptographically protected privacy)
> allows people to exchange bit-strings with limited chance of being
> identified.  As the arms race between the media cartels and DRM
> cohorts continues, file sharing will start to offer privacy as a form
> of protection for end-users (eg. freenet has some privacy related
> features, serveral others involve encryption already).
>
> Donald Eastlake wrote:
>
> | There is little *tehcnical* difference between your doctors records
> | being passed on to assorted insurance companies, your boss, and/or
> | tabloid newspapers and the latest Disney movies being passed on from a
> | country where it has been released to people/theaters in a country
> | where it has not been released.
>
> There is lots of technical difference.  When was the last time you saw
> your doctor use cryptlopes, watermarks etc to remind himself of his
> obligations of privacy.
>
> The point is that with privacy there is an explicit or implied
> agreement between the parties about the handling of information.  The
> agreement can not be technically *enforced* to any stringent degree.
>
> However privacy policy aware applications can help the company avoid
> unintentionally breaching it's own agreed policy.  Clearly if the
> company is hostile they can write the information down off the screen
> at absolute minimum.  Information fidelity is hardly a criteria with
> private information such as health care records, so watermarks, copy
> protect marks and the rest of the DRM schtick are hardly likely to
> help!
>
> Privacy applications can be successful to the in helping companies
> avoid accidental privacy policy breaches.  But DRM can not succeed
> because they are inherently insecure.  You give the data and the keys
> to millions of people some large proportion of whom are hostile to the
> controls the keys are supposedly restricting.  Given the volume of
> people, and lack of social stigma attached to wide-spread flouting of
> copy protection restrictions, there are ample supply of people to
> break any scheme hardware or software that has been developed so far,
> and is likely to be developed or is constructible.
>
> I think content providors can still make lots of money where the
> convenience, and /or enhanced fidelity of obtaining bought copies
> means that people would rather do that than obtain content on the net.
>
> But I don't think DRM is significantly helping them and that they ware
> wasting their money on it.  All current DRM systems aren't even a
> speed bump on the way to unauthorised Net re-distribution of content.
>
> Where the media cartels are being somewhat effective, and where we're
> already starting to see evidence of the prediction I mentioned above
> about DRM leading to a clash with privacy is in the area of
> criminalization of reverse engineering, with Skylarov case, Ed
> Felten's case etc.  Already a number of interesting breaks of DRM
> systems are starting to be released anonymously.  As things heat up we
> may start to see incentives for the users of file-sharing for
> unauthorised re-distribution to also _use_ the software anonymsouly.
>
> Really I think copyright protections as being exploited by media
> cartels need to be substantially modified to reduce or remove the
> existing protections rather than further restrictions and powers
> awareded to the media cartels.
>
> Adam
>
> -
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to
[EMAIL PROTECTED]

Re: Ross's TCPA paper

[Barney Wolff]

Do you really mean that if I'm a business, you can force me to deal with
you even though you refuse to supply your real name?  Not acceptable.
I won't give up the right NOT to do business with anonymous customers,
or anyone else with whom I choose not to do business.

The point about DRM, if I understand it, is that you could disclose
your information to me for certain purposes without my being able
to make use of it in ways you have not agreed to.  At least in
theory.  But this debate appears largely to ignore differences in
the number of bits involved.  To violate your privacy I can always
take a picture of my screen with an old camera, or just read it
into a tape-recorder.  I can't do that effectively with your new DVD
without significant loss of quality.

I don't see any technical solution that would enable Alice to reveal
something to Bob that Bob could not then reveal to Eve.  If that's
true, then DRM must stand on its own dubious merits.

On Wed, Jun 26, 2002 at 10:01:00AM -0700, bear wrote:
> ...
> 
> Privacy without DRM means being able to keep and
> do whatever you want with the records your business
> creates -- but not being able to force someone to
> use their real name or linkable identity information
> to do business with you if that person wants that
> information to remain private.

-- 
Barney Wolff
I never met a computer I didn't like.

Re: Ross's TCPA paper

[RL 'Bob' Morgan]

On Tue, 25 Jun 2002, Dan Geer wrote:

> the problem statements for "privacy" and for "digital rights management"
> were identical

Hmm, so:

  privacy : DRM :: wiretapping : fair use

 - RL "Bob"

Re: Ross's TCPA paper

[Adam Back]

On Wed, Jun 26, 2002 at 10:01:00AM -0700, bear wrote:
> As I see it, we can get either privacy or DRM,
> but there is no way on Earth to get both.
> [...]

Hear, hear!  First post on this long thread that got it right.

Not sure what the rest of the usually clueful posters were thinking!

DRM systems are the enemy of privacy.  Think about it... strong DRM
requires enforcement as DRM is not strongly possible (all bit streams
can be re-encoded from one digital form (CD->MP3, DVD->DIVX),
encrypted content streams out to the monitor / speakers subjected to
scrutiny by hardware hackers to get digital content, or A->D
reconverted back to digital in high fidelity.

So I agree with Bear, and re-iterate the prediction I make
periodically that the ultimate conclusion of the direction DRM laws
being persued by the media cartels will be to attempt to get
legislation directly attacking privacy.

This is because strong privacy (cryptographically protected privacy)
allows people to exchange bit-strings with limited chance of being
identified.  As the arms race between the media cartels and DRM
cohorts continues, file sharing will start to offer privacy as a form
of protection for end-users (eg. freenet has some privacy related
features, serveral others involve encryption already).

Donald Eastlake wrote:

| There is little *tehcnical* difference between your doctors records
| being passed on to assorted insurance companies, your boss, and/or
| tabloid newspapers and the latest Disney movies being passed on from a
| country where it has been released to people/theaters in a country
| where it has not been released.

There is lots of technical difference.  When was the last time you saw
your doctor use cryptlopes, watermarks etc to remind himself of his
obligations of privacy.

The point is that with privacy there is an explicit or implied
agreement between the parties about the handling of information.  The
agreement can not be technically *enforced* to any stringent degree.

However privacy policy aware applications can help the company avoid
unintentionally breaching it's own agreed policy.  Clearly if the
company is hostile they can write the information down off the screen
at absolute minimum.  Information fidelity is hardly a criteria with
private information such as health care records, so watermarks, copy
protect marks and the rest of the DRM schtick are hardly likely to
help!

Privacy applications can be successful to the in helping companies
avoid accidental privacy policy breaches.  But DRM can not succeed
because they are inherently insecure.  You give the data and the keys
to millions of people some large proportion of whom are hostile to the
controls the keys are supposedly restricting.  Given the volume of
people, and lack of social stigma attached to wide-spread flouting of
copy protection restrictions, there are ample supply of people to
break any scheme hardware or software that has been developed so far,
and is likely to be developed or is constructible.

I think content providors can still make lots of money where the
convenience, and /or enhanced fidelity of obtaining bought copies
means that people would rather do that than obtain content on the net.

But I don't think DRM is significantly helping them and that they ware
wasting their money on it.  All current DRM systems aren't even a
speed bump on the way to unauthorised Net re-distribution of content.

Where the media cartels are being somewhat effective, and where we're
already starting to see evidence of the prediction I mentioned above
about DRM leading to a clash with privacy is in the area of
criminalization of reverse engineering, with Skylarov case, Ed
Felten's case etc.  Already a number of interesting breaks of DRM
systems are starting to be released anonymously.  As things heat up we
may start to see incentives for the users of file-sharing for
unauthorised re-distribution to also _use_ the software anonymsouly.

Really I think copyright protections as being exploited by media
cartels need to be substantially modified to reduce or remove the
existing protections rather than further restrictions and powers
awareded to the media cartels.

Adam

Re: Ross's TCPA paper

[Jon Callas]

On 6/25/02 4:15 AM, "Dan Geer" <[EMAIL PROTECTED]> wrote:

> Over the last six months, I'd discovered that Carl Ellison (Intel),
> Joan Feigenbaum (Yale) and I agreed on at least one thing: that the
> problem statements for "privacy" and for "digital rights management"
> were identical, viz., "controlled release of information is yours at
> a distance in space or time" and that as such our choices for the
> future of digital rights management and privacy are "both or neither"
> at least insofar as technology, rather than cultural norms & law,
> drive.

I think it even goes further than that.

I was giving one of my DMCA-vs-Security talks while l'affaire Sklyarov was
roiling, and noted that while that was going on, the US was being testy with
China over alleged espionage by US nationals while in China. At a high
level, each of infringement and espionage can be described as:

Alice gives Bob some information. Bob is careless with it, disclosing it to
someone that Alice would rather not see it. Alice has a non-linear response.

You can call it infringement or you can call it espionage, but at the bottom
of it, Alice believes that a private communication has been inappropriately
disclosed. She thinks her privacy has been compromised and she's stomping
angry about it.

At the risk of creating a derivative work, you say pr-eye-vacy, I say
pr-ih-vacy. Infringement, espionage, let's call the whole thing off.

Jon

RE: Ross's TCPA paper

[Scott Guthery]

Privacy abuse is first and foremost the failure
of a digital rights management system.  A broken
safe is not evidence that banks shouldn't use
safes.  It is only an argument that they shouldn't
use the safe than was broken.

I'm hard pressed to imagine what privacy without
DRM looks like.  Perhaps somebody can describe
a non-DRM privacy management system.  On the other
hand, I easily can imagine how I'd use DRM
technology to manage my privacy.

Yes, it would be nice if we didn't need safes but
until we don't, I'll use one.  You can choose not to
use DRM to manage your privacy but like stacking
your money on your front porch, you don't get to
grump if people take it.  It's called contributory
negligance, I believe.

Cheers, Scott

-Original Message-
From: Ross Anderson
To: [EMAIL PROTECTED]
X-Orig-To: Dan Geer
Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED];
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: 6/25/02 11:56 AM
Subject: Re: Ross's TCPA paper 

I don't believe that the choice is both privacy and TCPA, or neither.

Essentially all privacy violations are abuses of authorised access by
insiders. Your employer's medical insurance scheme insists on a
waiver allowing them access to your records, which they then use for
promotion decisions. The fizx is fundamentally legislative: that sort
of behaviour is generally illegal in Europe, but tolerated in the USA.

There may be symmetry when we consider the problem as theoretical
computer scientists might, as an issue for abstract machines. This
symmetry breaks rapidly when the applications are seen in context. As
well as the legal aspects, there are also the economic aspects: most
security systems promote the interests of the people who pay for them
(surprise, surprise).

So I do not agree with the argument that we must allow DRM in order to
get privacy. Following that line brings us to a world in which we have
DRM, but where the privacy abuses persist just as before. There is
simply no realistic prospect of American health insurers or HMOs 
settling for one-time read-only access to your medical records, no
matter how well that gets implemented in Palladium

Ross

-
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to
[EMAIL PROTECTED]

RE: Ross's TCPA paper

[bear]

On Wed, 26 Jun 2002, Scott Guthery wrote:

>Privacy abuse is first and foremost the failure
>of a digital rights management system.  A broken
>safe is not evidence that banks shouldn't use
>safes.  It is only an argument that they shouldn't
>use the safe than was broken.
>
>I'm hard pressed to imagine what privacy without
>DRM looks like.  Perhaps somebody can describe
>a non-DRM privacy management system.  On the other
>hand, I easily can imagine how I'd use DRM
>technology to manage my privacy.

You are fundamentally confusing the problem of
privacy (controlling unpublished information and
not being compelled to publish it) with the
problem of DRM (attempting to control published
information and compelling others to refrain
from sharing it).  Privacy does not require
anyone to be compelled against their will to
do anything.  DRM does.

As I see it, we can get either privacy or DRM,
but there is no way on Earth to get both.
Privacy can happen only among citizens who are
free to manage their information and DRM can
happen only among subjects who may be compelled
to disclose or abandon information against
their will.

Privacy without DRM is when you don't need anyone's
permission to run any software on your computer.

Privacy without DRM is when you are absolutely free
to do anything you want with any bits in your
posession, but people can keep you from *getting*
bits private to them into your posession.

Privacy without DRM means being able to legally
keep stuff you don't want published to yourself,
even if that means using pseudonymous or anonymous
transactions for non-fraudulent purposes.

Privacy without DRM means being able to simply,
instantly, and arbitrarily change legal identities
to get out from under extant privacy infringements,
and not have the new identity easily linkable to
the old.

Privacy without DRM means people being able to
create keys for cryptosystems and use them in
complete confidence that no one else has a key
that will decrypt the communication -- this is
fundamental to keeping private information
private.

Privacy without DRM means no restrictions whatsoever
on usable crypto in the hands of citizens.  It may
be a crime to withhold any stored keys when under a
subpeona, but that subpeona should issue only when
there is probable cause to believe that you have
committed a crime or are withholding information
about one, and you should *ALWAYS* be notified of the
issue within 30 days.  It also means that keys which
are in your head rather than stored somewhere are
not subject to subpeona -- on fifth amendment grounds
(in the USA) if the record doesn't exist outside
your head, then you cannot be coerced to produce
it.

Privacy without DRM means being able to keep and
do whatever you want with the records your business
creates -- but not being able to force someone to
use their real name or linkable identity information
to do business with you if that person wants that
information to remain private.

Bear

Re: Ross's TCPA paper

[Pete Chown]

Peter D. Junger wrote:

> That isn't the reason why a click-through agreement isn't 
> enforceable---the agreement could, were it enforceable, validlly
> forbid reverse engineering for any reason and that clause would
> in most cases be upheld.

Not in Europe though.  EU directive 91/250/EEC "on the legal protection
of computer programs" makes provision for reverse engineering for
interoperability. In Britain this was incorporated into domestic law by
the Copyright (Computer Programs) Regulations 1992:

http://www.hmso.gov.uk/si/si1992/Uksi_19923233_en_1.htm

See in particular s.50B(4) which the regulations added to the Copyright
Designs and Patents Act 1988.

> (And in the
> actual case involving Linux and DVD players there was no
> agreement not to circumvent the technological control measures
> in DVD's; the case was based on the theory that the circumvention
> violated the Digital Millenium Copyright Act.)

The American cases were, but the European case of course wasn't.  The
DMCA doesn't apply over here, though we have something similar in the
works.

> > I think lawyers will hate this.
>
> I don't see why we should.  We don't hate the law of gravity
> or the law of large numbers.

You should hate it. :-) It is appropriate for the legislature to decide
which acts are restricted by copyright and which are not.  The DMCA and
similar legislation hands that right to private organisations.  To some
extent anti-trust law guards against the worst abuses, but it is more
appropriate for the boundaries of copyright to be set by our "elected
representatives".

BTW, I have been thinking for a while about putting together a UK
competition complaint about DVD region coding.  No promises that
anything will happen quickly.  On the other hand, if people offer help
(or just tell me that they think it is a worthwhile thing to do) it will
probably move faster.

-- 
Pete

Re: Ross's TCPA paper

[Peter D. Junger]

Sandy Harris writes:

: "Peter D. Junger" wrote:
: 
: > : > There is not even social opprobrium; look at how eager
: > : > everyone was to look the other way on the question of whether the DeCSS
: > : > reverse engineering violated the click-through agreement.
: > :
: > : Perhaps it did, but the licence agreement was unenforceable.  It's
: > : clearly reverse engineering for interoperability (between Linux and DVD
: > : players) so the legal exemption applies.  You can't escape the exemption
: > : by contract.
: 
: I certainly agree that that /should/ be the case. However, you assert
: that it /is/ the case. Under what country's laws? Can you cite test
: cases?

I didn't quite assert that it is the case, although it should be if
one reads the applicable provisions of the copyright act and the
sales article of the Uniform Commercial Code.  As to a case, there
is one out of California involving Adobe where a federal district
court went a long way toward holding that recently.

: > : Now, you might say that morally he should obey the agreement he made.
: 
: I'd claim that he made no agreement; a click-through license is not a
: valid contract. If I recall correctly, a Louisiana court did rule that
: way in a well-publicised case, and I've heard several Canadians assert
: that at least some are invalid under our law. 
: 
: > ... The important point
: > is not, however, that click-through agreements are probably
: > unenforceable; the important point is that people---at least
: > those people who think that they own their own computers and
: > the software copies that they have purchased---generally
: > believe that they should be unenforceable.
: 
: However, what people generally believe has little bearing in law.

But it has everything to do with what people believe is moral.

: 
: The question is whether courts -- which courts in which countries
: and on what grounds -- will deem them enforcable and therefore
: will enforce them when asked to do so. It does not matter much
: what you believe if a court can be convinced you're violating a
: law. They have quite effective ways of enforcing such judgements.
: 
: Of course, there are some good legal arguments that click-through
: agreements should not be enforcable, and that contracts should not
: be allowed to restrict reverse engineering. 
: 
: For that matter, there's a good argument that the DVD CCA is an 
: illegal conspiracy to restrict competition and manipulate the
: markets, and should be prosecuted as such. e.g. the Australian
: Competition Board has demanded an explanation of region codes:
: 
: http://www.accc.gov.au//fs-search.htm
: 
: To quote two speeches from that site:
: 
: Difficulties between the pro-competitive community and Intellectual Property
: Mr Ross Jones, Commissioner
: Australian Competition & Consumer Commission
: 
: | Australian consumers are currently suffering from an international cartel t
: hat
: | restricts their access to digital versatile discs (DVDs). The cartel, heade
: d
: | by major film studios in agreement with the manufacturers of DVD players, h
: as
: | divided the world into regions. This ensures that DVDs on sale in Australia
: | will only function on a DVD player licensed for region 4 that includes Aust
: ralia.
: | The stated aim is to protect cinema ticket sales by preventing people viewi
: ng
: | movies on DVDs in their homes before distribution to cinemas. The Australia
: n
: | subsidiaries of US film companies have been requested by the Commission to 
: | explain their actions. It will then decide what action can be taken.
: 
: Globalisation and Competition Policy
: Professor Allan Fels, Chairman
: Australian Competition & Consumer Commission
: 
: | The Commission has requested the Australian subsidiaries of United States f
: ilm
: | companies to explain why their regional restrictions on DVDs should not be 
: deemed
: | a breach of the Trade Practices Act 1974. ...
: |
: | The Commission believes RPC is anti-competitive with Australian consumers l
: acking
: | a choice of DVD videos and possibly paying higher prices.
: 
: The quoted documents are a couple of years old. Does anyone have
: an update? 
:  
: A few of us have been trying, without much success, to convince the
: Canadian Competition Bureau to prosecute these conspirators. It might
: be worth a shot in other countries.
: 
: > (And in the
: > actual case involving Linux and DVD players there was no
: > agreement not to circumvent the technological control measures
: > in DVD's; the case was based on the theory that the circumvention
: > violated the Digital Millenium Copyright Act.)
: 
: Correct, for the case brought on the East Coast (NY? NJ?) by the
: MPAA. However, the first case, brought in California by DVD CCA,
: did not use the DMCA. It alleged theft of trade secrets, and
: violation of the license agreement.

The East Coast case which was decided against the publisher arose
in the federal district court for New York and was finally decided

Re: Ross's TCPA paper

[Ross Anderson]

I don't believe that the choice is both privacy and TCPA, or neither.

Essentially all privacy violations are abuses of authorised access by
insiders. Your employer's medical insurance scheme insists on a
waiver allowing them access to your records, which they then use for
promotion decisions. The fizx is fundamentally legislative: that sort
of behaviour is generally illegal in Europe, but tolerated in the USA.

There may be symmetry when we consider the problem as theoretical
computer scientists might, as an issue for abstract machines. This
symmetry breaks rapidly when the applications are seen in context. As
well as the legal aspects, there are also the economic aspects: most
security systems promote the interests of the people who pay for them
(surprise, surprise).

So I do not agree with the argument that we must allow DRM in order to
get privacy. Following that line brings us to a world in which we have
DRM, but where the privacy abuses persist just as before. There is
simply no realistic prospect of American health insurers or HMOs 
settling for one-time read-only access to your medical records, no
matter how well that gets implemented in Palladium

Ross

Re: Ross's TCPA paper

[Sandy Harris]

"Peter D. Junger" wrote:

> : > There is not even social opprobrium; look at how eager
> : > everyone was to look the other way on the question of whether the DeCSS
> : > reverse engineering violated the click-through agreement.
> :
> : Perhaps it did, but the licence agreement was unenforceable.  It's
> : clearly reverse engineering for interoperability (between Linux and DVD
> : players) so the legal exemption applies.  You can't escape the exemption
> : by contract.

I certainly agree that that /should/ be the case. However, you assert
that it /is/ the case. Under what country's laws? Can you cite test
cases?

> : Now, you might say that morally he should obey the agreement he made.

I'd claim that he made no agreement; a click-through license is not a
valid contract. If I recall correctly, a Louisiana court did rule that
way in a well-publicised case, and I've heard several Canadians assert
that at least some are invalid under our law. 

> ... The important point
> is not, however, that click-through agreements are probably
> unenforceable; the important point is that people---at least
> those people who think that they own their own computers and
> the software copies that they have purchased---generally
> believe that they should be unenforceable.

However, what people generally believe has little bearing in law.

The question is whether courts -- which courts in which countries
and on what grounds -- will deem them enforcable and therefore
will enforce them when asked to do so. It does not matter much
what you believe if a court can be convinced you're violating a
law. They have quite effective ways of enforcing such judgements.

Of course, there are some good legal arguments that click-through
agreements should not be enforcable, and that contracts should not
be allowed to restrict reverse engineering. 

For that matter, there's a good argument that the DVD CCA is an 
illegal conspiracy to restrict competition and manipulate the
markets, and should be prosecuted as such. e.g. the Australian
Competition Board has demanded an explanation of region codes:

http://www.accc.gov.au//fs-search.htm

To quote two speeches from that site:

Difficulties between the pro-competitive community and Intellectual Property
Mr Ross Jones, Commissioner
Australian Competition & Consumer Commission

| Australian consumers are currently suffering from an international cartel that
| restricts their access to digital versatile discs (DVDs). The cartel, headed
| by major film studios in agreement with the manufacturers of DVD players, has
| divided the world into regions. This ensures that DVDs on sale in Australia
| will only function on a DVD player licensed for region 4 that includes Australia.
| The stated aim is to protect cinema ticket sales by preventing people viewing
| movies on DVDs in their homes before distribution to cinemas. The Australian
| subsidiaries of US film companies have been requested by the Commission to 
| explain their actions. It will then decide what action can be taken.

Globalisation and Competition Policy
Professor Allan Fels, Chairman
Australian Competition & Consumer Commission

| The Commission has requested the Australian subsidiaries of United States film
| companies to explain why their regional restrictions on DVDs should not be deemed
| a breach of the Trade Practices Act 1974. ...
|
| The Commission believes RPC is anti-competitive with Australian consumers lacking
| a choice of DVD videos and possibly paying higher prices.

The quoted documents are a couple of years old. Does anyone have
an update? 
 
A few of us have been trying, without much success, to convince the
Canadian Competition Bureau to prosecute these conspirators. It might
be worth a shot in other countries.

> (And in the
> actual case involving Linux and DVD players there was no
> agreement not to circumvent the technological control measures
> in DVD's; the case was based on the theory that the circumvention
> violated the Digital Millenium Copyright Act.)

Correct, for the case brought on the East Coast (NY? NJ?) by the
MPAA. However, the first case, brought in California by DVD CCA,
did not use the DMCA. It alleged theft of trade secrets, and
violation of the license agreement.

Re: Ross's TCPA paper

[Ken Brown]

Pete Chown wrote:

[...]
 
> This doesn't help with your other point, though; people wouldn't be able
> to modify the code and have a useful end product.  I wonder if it could
> be argued that your private key is part of the source code?

Am I expected to distribute my password with my code?

Re: Ross's TCPA paper

[Peter D. Junger]

Pete Chown writes:

: Anonymous wrote:
: 
: > Furthermore, inherent to the TCPA concept is that the chip can in
: > effect be turned off.  No one proposes to forbid you from booting a
: > non-compliant OS or including non-compliant drivers.
: 
: Good point.  At least I hope they don't. :-)
: 
: > There is not even social opprobrium; look at how eager
: > everyone was to look the other way on the question of whether the DeCSS
: > reverse engineering violated the click-through agreement.
: 
: Perhaps it did, but the licence agreement was unenforceable.  It's
: clearly reverse engineering for interoperability (between Linux and DVD
: players) so the legal exemption applies.  You can't escape the exemption
: by contract.  Now, you might say that morally he should obey the
: agreement he made.  My view is that there is a reason why this type of
: contract is unenforceable; you might as well take advantage of the
: exemption.

That isn't the reason why a click-through agreement isn't 
enforceable---the agreement could, were it enforceable, validlly
forbid reverse engineering for any reason and that clause would
in most cases be upheld.  But, unless you buy your software from
the copyright owner, you own your copy of the software and
clicking on a so called agreement with the copyright owner
that you won't do certain things with your software is---or,
at least should be---as unenforceable as promise to your doctor
that you won't smoke another cigarette.  The important point
is not, however, that click-through agreements are probably
unenforceable; the important point is that people---at least
those people who think that they own their own computers and
the software copies that they have purchased---generally
believe that they should be unenforceable.  (And in the
actual case involving Linux and DVD players there was no
agreement not to circumvent the technological control measures
in DVD's; the case was based on the theory that the circumvention
violated the Digital Millenium Copyright Act.)
 
: The prosecution was on some nonsense charge that amounted to him
: burgling his own house.  A statute that was meant to penalise computer
: break-ins was used against someone who owned the computer that he broke
: into.
: 
: > The TCPA allows you to do something that you can't do today: run your
: > system in a way which convinces the other guy that you will honor your
: > promises, that you will guard his content as he requires in exchange for
: > his providing it to you.
: 
: Right, but it has an odd effect too.  No legal system gives people
: complete freedom to contract.  Suppose you really, really want to exempt
: a shop from liability if your new toaster explodes.  You can't do it;
: the legal system does not give you the freedom to contract in that way.
: 
: DRM, however, gives people complete freedom to make contracts about how
: they will deal with digital content.  Under EU single market rules, a
: contract term to the effect that you could pass on your content to
: someone in the UK but not the rest of the EU is unenforceable.  No
: problem for DRM though...

I don't think that one should confuse contract limitations, or 
limitations on enforceable contract limitations, with technological
limitations.  There is nothing, for example, in any legal system that
forbids one from violating the law of gravity.

One of the many problems with the use of the Digital Millenium 
Copyright Act to enforce the technological control measures
in DVD's was that it was based on the rather weird theory
that it should be illegal to do something that someone
else tried, but failed, to make technologically impossible
to do.

(Thus I am rather doubtful that Lessig's idea the everything is
code is useful for analytical, rather than rhetorical, purposes.)

: I think lawyers will hate this.

I don't see why we should.  We don't hate the law of gravity
or the law of large numbers.

--
Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
 EMAIL: [EMAIL PROTECTED]URL:  http://samsara.law.cwru.edu   
NOTE: [EMAIL PROTECTED] no longer exists

Re: Ross's TCPA paper

[Morlock Elloi]

> Speaking personally, if asked "DRM & privacy, both or neither?"
> then I will take "both" --  YMMV.

This bullshit is getting deeper and thicker.

(dis)ability to replay received information at will has next to nothing to do
with ability to stop unwanted parties from obtaining secret information.

Let me rephrase this for stupids:

DRM is about enforcing NDA between me and someone who made information
available to me. DRM is about preventing me to transmit information which
became a part of my experience.

DRM is about who owns my memories.

One *is* the sum of information obtained from the outside world. Information
becomes (a small) part of you. This is why people share songs - they identify
with something there and want to communicate it. THAT'S WHY THEY LIKE IT IN THE
FIRST PLACE. 

The ultimate DRM is city government stopping you from describing streets,
leased apartment owner stopping you from reminiscing sex you had there, school
suing you from passing on the knowledge learned. Put a newborn in a sensory
deprivation tank and twenty years later observe someone who fully obeys
"rights".

There is no moderate answer to this. The only possible answer is FUCK YOU.

Privacy is about stopping unwanted from knowing my private bits, bits I share
with my chosen circle of associates and friends.

And guess what - I am not a friend or associate with entertainment publishers.
I am not a member.

Sale of information is always a sale to the group one belongs to. After few
iterations it quickly expands to the whole connected world. So publishers can
choose to (a) become pipes more convenient and faster than information working
its way through degrees of separations or (b) go out of business. In the
meantime a lot of money and maybe some blood will be spent trying to accomodate
sheer greed.

There is no middle road. Keep your fingers off my memories or I'll pulverize
yours.




=
end
(of original message)

Y-a*h*o-o (yes, they scan for this) spam follows:
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

Re: Ross's TCPA paper

[Dan Geer]

Over the last six months, I'd discovered that Carl Ellison (Intel),
Joan Feigenbaum (Yale) and I agreed on at least one thing: that the
problem statements for "privacy" and for "digital rights management"
were identical, viz., "controlled release of information is yours at
a distance in space or time" and that as such our choices for the
future of digital rights management and privacy are "both or neither"
at least insofar as technology, rather than cultural norms & law,
drive.

Last week at USENIX 2002 I tried this out on Larry Lessig as his
keynote had been a takeoff from his recent _The Future of Ideas_ book.
His response was confirming: "Of course they are the same!" and he
went on to describe that when Mark Stefik (Xerox PARC) had submitted
his patent on DRM in the early '90s it had roughly said "wrap data
such that if you try to abuse it it will self destruct."  Sometime
in the late '90s a Canadian inventor had attempted to patent a
privacy technology with the rough description "wrap data such that
if you try to abuse it it will self destruct."  The USPTO denied
the patent request on the grounds that it duplicated an application
that had already been granted.

Speaking personally, if asked "DRM & privacy, both or neither?"
then I will take "both" --  YMMV.

--dan

RE: Ross's TCPA paper

[Lucky Green]

Pete Chown wrote quoting Ross:
> > You need a valid signature on the binary, plus a cert to 
> use the TCPA 
> > PKI. That will cost you money (if not at first, then eventually).
> 
> I think it would be a breach of the GPL to stop people 
> redistributing the signature: "You must cause any work that 
> you distribute or publish, that in whole or in part contains 
> or is derived from the Program or any part thereof, to be 
> licensed as a whole at no charge to all third parties under 
> the terms of this License."

The application or OS vendor can in confidence distribute not just the
code, but also the also the signature and cert. In fact, the application
vendor can distribute absolutely everything they have access to
themselves and you still won't be able to run the application in trusted
mode.

The cert that enables an application to run in trusted mode is tied to a
specific TPM and therefore to a specific motherboard. For this cert to
work on another motherboard without a new and different cert, the
software vendor would need to extract the 2048-bit secret RSA key [1]
from their own motherboard's TPM, make the secret key available for
download, followed by the customer importing the key into their own TPM.
The TPM, for obvious reasons, offers no facilities to export or import
the TPM's internal keys.

The GPL cannot possibly require a software author to distribute a
hardware crack with their software or be in violation of the GPL.
Distributing a crack for TPM's is distributing an infringement device
and as such is illegal under US law. Even if the GPL were to be modified
to mandate what is technically near impossible to a software vendor to
achieve, even this layperson knows that contracts that require illegal
acts are unenforceable. Note that I am not referring to acts that might
be illegal in the future under the Hollings bill. Doing the above is
illegal today.

The GPL might be modified to require that the application vendor do
whatever is necessary for a user to utilize an application in the way
the user deems fit (i.e. in privileged mode), but that would put the GPL
into very dangerous, and I believe thoroughly undesirable, territory.
With such modifications, the hypothetical new GPL would mandate, to use
Richard Stallman's terminology, not just freedom of speech, but free
beer as well. That has never been the intend of the GPL.

Furthermore, the certs required to run the OS or application will in may
cases be issued by a party other than the application author or vendor.
To continue using Richard's terminology, to cover this case the GPL
would need to be rewritten to mandate that a third-party provide the
free beer.

I will leave it to the attorneys on this list to elucidate on the legal
deficiencies of such a hypothetical contract, since I am not an attorney
I will simply state that I sincerely doubt such contract would hold up
in litigation.

Of course I do not believe the FSF would make such changes. Which gets
us back to Ross's point that the TCPA threatens the core of the GPL,
from which this discussion started. For completeness I would like to
state that I have no personal stake in the continued enforceability of
the GPL, being a long-time supporter of the BSD licensing scheme myself.

[1] 1024-bit RSA keys were rejected during the design phase of the TPM
by members of the TCPA, which, as Anonymous pointed out in a previous
post, contains several well-known crypto companies. The TCPA's website,
which only makes specs, but not design documents, available to the
public, unfortunately does not provide any documentation which reasoning
lead to this decision.

--Lucky Green

Re: Ross's TCPA paper

[Pete Chown]

Anonymous wrote:

> Furthermore, inherent to the TCPA concept is that the chip can in
> effect be turned off.  No one proposes to forbid you from booting a
> non-compliant OS or including non-compliant drivers.

Good point.  At least I hope they don't. :-)

> There is not even social opprobrium; look at how eager
> everyone was to look the other way on the question of whether the DeCSS
> reverse engineering violated the click-through agreement.

Perhaps it did, but the licence agreement was unenforceable.  It's
clearly reverse engineering for interoperability (between Linux and DVD
players) so the legal exemption applies.  You can't escape the exemption
by contract.  Now, you might say that morally he should obey the
agreement he made.  My view is that there is a reason why this type of
contract is unenforceable; you might as well take advantage of the
exemption.

The prosecution was on some nonsense charge that amounted to him
burgling his own house.  A statute that was meant to penalise computer
break-ins was used against someone who owned the computer that he broke
into.

> The TCPA allows you to do something that you can't do today: run your
> system in a way which convinces the other guy that you will honor your
> promises, that you will guard his content as he requires in exchange for
> his providing it to you.

Right, but it has an odd effect too.  No legal system gives people
complete freedom to contract.  Suppose you really, really want to exempt
a shop from liability if your new toaster explodes.  You can't do it;
the legal system does not give you the freedom to contract in that way.

DRM, however, gives people complete freedom to make contracts about how
they will deal with digital content.  Under EU single market rules, a
contract term to the effect that you could pass on your content to
someone in the UK but not the rest of the EU is unenforceable.  No
problem for DRM though...

I think lawyers will hate this.

-- 
Pete

Re: Ross's TCPA paper

[Mike Rosing]

On Mon, 24 Jun 2002, Anonymous wrote:

> The amazing thing about this discussion is that there are two pieces
> of conventional wisdom which people in the cypherpunk/EFF/"freedom"
> communities adhere to, and they are completely contradictory.

Makes for lively conversation doesn't it :-)

> Cypherpunks alternate between smug assertions of the first claim and
> panicked wailing about the second.  The important point about both of
> them, from the average cypherpunk's perspective, is that neither leaves
> any room for action.  Both views are completely fatalistic in tone.
> In one, we are assured victory; in the other, defeat.  Neither allows
> for human choice.

A good discussion should alternate.  Certainly it's not the same people.
And both urge the same action - tell your congress critter to butt out!

> This means that whether the Hollings bill passes or not, the situation
> will be exactly the same.  People running in "trusted" mode can prove
> it; but anyone can run untrusted.  Even with the Hollings bill there
> will still be people using untrusted mode.  The legislation would
> not change that.  Therefore the Hollings bill would not increase the
> effectiveness of the TCPA model.  And it follows, then, that Lucky and
> Ross are wrong to claim that this bill is intended to legislate use of
> the TCPA.  The TCPA does not require legislation.

Exactly.  Let the market decide.  This is why it's necessary to
contact your congress critter - they don't need to be involved.

> Lucky, Ross and others who view this as a catastrophe should look at
> the larger picture and reconsider their perspective.  Realize that the
> "trusted" mode of the TCPA will always be only an option, and there
> is no technological, political or economic reason for that to change.
> The TCPA gives people new capabilities without removing any old ones.
> It makes possible a new kind of information processing that cannot be
> accomplished in today's world.  It lets people make binding promises that
> are impossible today.  It makes the world a more flexible place, with
> more opportunities and options.  Somehow that doesn't sound all that bad.

As long as it's not legislated, nobody needs to worry about what
gets fabbed.  The market will decide if DRM makes any economic sense.
I'm betting it doesn't, but I've been wrong before.  Untrusted
platforms will be cheaper than trusted ones, so there has to be some
incentive for customers to buy them.  Economic incentives make far
more sense than legislated ones.

The main point is not the content of the bill, or its purpose.  The
main point is that government is being told to get involved in the market
place, and that, all by itself, is a *bad* idea.  If people want to
build trusted platforms and put them on the market they can go ahead
and do it.  If people don't want to buy them, that's their choice,
and if others do decide it's worth it, they should be allowed to.

As long as TCPA is really an option, the market place is a good way
to sort things out.  But S.2048 needs to die, not for scary reasons,
but just because there's no reason for it in the first place.

Patience, persistence, truth,
Dr. mike

Re: Ross's TCPA paper

[Nomen Nescio]

Ross Anderson writes:

> During my investigations into TCPA, I learned that HP has started a
> development program to produce a TCPA-compliant version of GNU/linux.
> I couldn't figure out how they planned to make money out of this. On
> Thursday, at the Open Source Software Economics conference, I figured
> out how they might.
> ...
> The business model, I believe, is this. HP will not dispute that the
> resulting `pruned code' is covered by the GPL. You will be able to
> download it, compile it, check it against the binary, and do what you
> like with it. However, to make it into TCPA-linux, to run it on a
> TCPA-enabled machine in privileged mode, you need more than the code.
> You need a valid signature on the binary, plus a cert to use the TCPA
> PKI. That will cost you money (if not at first, then eventually).

H Not clear that this really works to make money.  The GPL
allows everyone to redistribute HP's software verbatim, right?  So a
cert on one copy of the software will work on everyone's.  How can HP
make money on a product that everyone can copy freely, when they can
all share the same cert?

It's true that modified versions of the software would not be able to
use that cert, and it would no doubt be expensive to get a new cert for
the modified software.  But that still gives HP no monopoly on selling
or supporting its own version.  Anyone can step in and do that.

Is the cert itself supposed to be somehow copyrighted?  Kept secret?
Will it be illegal to publish the cert, to share it with someone else?
This seems pretty questionable both in terms of copyright law (since
a cert is a functional component) and in terms of the GPL (which would
arguably cover the cert and forbid restrictively licensing it).

It seems more likely that the real purpose is to bring the benefits of
TCPA to the Linux world.  As an innovator in this technology HP will gain
in reputation and be the source that people turn to for development and
support in this growing area.  The key to making money from open source
is reputation.  Being first makes good economic sense.  You don't need
conspiracy theories.

Re: Ross's TCPA paper

[Anonymous]

The amazing thing about this discussion is that there are two pieces
of conventional wisdom which people in the cypherpunk/EFF/"freedom"
communities adhere to, and they are completely contradictory.

The first is that protection of copyright is ultimately impossible.
See the analysis in Schneier and Kelsey's "Street Performer Protocol"
paper, http://www.counterpane.com/street_performer.pdf.  Or EFF
columnist Cory Doctorow's recent recitation of the conventional wisdom
at http://boingboing.net/2002_06_01_archive.html#85167215: "providing
an untrusted party with the key, the ciphertext and the cleartext but
asking that party not to make a copy of your message is just silly,
and can't possibly work in a world of Turing-complete computing."

The second is that evil companies are going to take over our computers
and turn us into helpless slaves who can only sit slack-jawed as they
force-feed us whatever content they desire, charging whatever they wish.
The recent outcry over TCPA falls into this category.

Cypherpunks alternate between smug assertions of the first claim and
panicked wailing about the second.  The important point about both of
them, from the average cypherpunk's perspective, is that neither leaves
any room for action.  Both views are completely fatalistic in tone.
In one, we are assured victory; in the other, defeat.  Neither allows
for human choice.

Let's apply a little common sense for a change, and analyze the situation
in the context of a competitive market economy.  Suppose there is no
law forcing people to use DRM-compliant systems, and everyone can decide
freely whether to use one or not.

This is plausible because, if we take the doom-sayers at their word,
the Hollings bill or equivalent is completely redundant and unnecessary.
Intel and Microsoft are already going forward.  The BIOS makers are
on board; TPM chips are being installed.  In a few years there will
be plenty of TCPA compliant systems in use and most new systems will
include this functionality.

Furthermore, inherent to the TCPA concept is that the chip can in
effect be turned off.  No one proposes to forbid you from booting a
non-compliant OS or including non-compliant drivers.  However the TPM
chip, in conjunction with a trusted OS, will be able to know that you
have done so.  And because the chip includes an embedded, certified key,
it will be impossible to falsely claim that your system is running in a
"trusted" mode - only the TPM chip can convincingly make that claim.

This means that whether the Hollings bill passes or not, the situation
will be exactly the same.  People running in "trusted" mode can prove
it; but anyone can run untrusted.  Even with the Hollings bill there
will still be people using untrusted mode.  The legislation would
not change that.  Therefore the Hollings bill would not increase the
effectiveness of the TCPA model.  And it follows, then, that Lucky and
Ross are wrong to claim that this bill is intended to legislate use of
the TCPA.  The TCPA does not require legislation.

Actually the Hollings bill is clearly targeted at the "analog hole", such
as the video cable that runs from your PC to the display, or the audio
cable to your speakers.  Obviously the TCPA does no good in protecting
content if you can easily hook an A/D converter into those connections and
digitize high quality signals.  The only way to remove this capability
is by legislation, and that is clearly what the Hollings bill targets.
So much for the claim that this bill is intended to enforce the TCPA.

That claim is ultimately a red herring.  It doesn't matter if the bill
exists, what matters is that TCPA technology exists.  Let us imagine a
world in which most new PCs have TCPA built-in, Microsoft OS's have been
adapted to support it, maybe some other OS's have been converted as well.

The ultimate goal, according to the doom-sayers, is that digital content
will only be made available to people who are running in "trusted"
mode as determined by the TPM chip built into their system.  This will
guarantee that only an approved OS is loaded, and only approved drivers
are running.  It will not be possible to patch the OS or insert a custom
driver to intercept the audio/video stream.  You won't be able to run
the OS in a virtual mode and provide an emulated environment where you
can tap the data.  Your system will display the data for you, and you
will have no way to capture it in digital form.

Now there are some obvious loopholes here.  Microsoft software has a
track record of bugs, and let's face it, Linux does, too.  Despite the
claims, the TCPA by itself does nothing to reduce the threat of viruses,
worms, and other bug-exploiting software.  At best it includes a set of
checksums of key system components, but you can get software that does
that already.  Bugs in the OS and drivers may be exploitable and allow
for grabbing DRM protected content.  And once acquired, the data can
be made widely available.  No doubt the OS will be bu

Re: Ross's TCPA paper

[Pete Chown]

Ross Anderson wrote:

> ... that means making sure the PC is the hub of the
> future home network; and if entertainment's the killer app, and DRM is
> the key technology for entertainment, then the PC must do DRM.

Recently there have been a number of articles pointing out how much
money Microsoft is losing on Xbox sales.  To some extent, of course,
console makers expect to lose money on the consoles themselves, making
it up on the games.  However Microsoft seems to be losing more than
anyone else.

Perhaps Microsoft don't care, because the Xbox is one vision they have
of the future.  Gradually it starts running more than just games, but
you still get the ease of use and security of a console.

It's always risky making predictions, but I think that over the next few
years, free software will do in the desktop space what has already
happened in the server space.  There is a kind of economic inevitability
about it; competing with a free product of equivalent quality is
virtually impossible.

Now, Gates isn't stupid, and I'm sure he's aware of this risk.  So we
have various alternative strategies.  One is web services.  The other
strategy is to become more closed at the same time as everyone else is
becoming more open.  That strategy is the Xbox, which may over time
evolve into the kind of tamper resistant system that we have been
talking about.

> During my investigations into TCPA, I learned that HP has started a
> development program to produce a TCPA-compliant version of GNU/linux.
> I couldn't figure out how they planned to make money out of this.

It might simply be useful that it exists.  If people complain that they
can't run Linux on the new systems, it could create all sorts of
anti-trust problems.  However, even if they didn't try to make money out
of the product, it still wouldn't be free in the freedom sense.

A similar problem to this has already come up, albeit in a much less
serious form.  When the Mindterm ssh client is used as an applet, it
needs to be signed in order to be maximally useful.  At one point it was
available under the GPL, but of course if you changed it the signature
was invalidated.  In this case you could at least get your own code
signing key, but there were problems.  Firstly it cost money.  Secondly
by signing code that you didn't write, you would be taking
responsibility for something being secure when you had no easy way of
verifying that.

> You need a valid signature on the binary, plus a cert to use the TCPA
> PKI. That will cost you money (if not at first, then eventually).

I think it would be a breach of the GPL to stop people redistributing
the signature: "You must cause any work that you distribute or publish,
that in whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License."

This doesn't help with your other point, though; people wouldn't be able
to modify the code and have a useful end product.  I wonder if it could
be argued that your private key is part of the source code?

> Anyone will be free to make modifications to the pruned code, but in
> the absence of a signature the resulting O/S won't enable users to
> access TCPA features.

What if the DRM system was cracked by means of something that you were
allowed to do under the GPL?  If they use the DMCA, or the Motherhood
and Apple Pie Promotion Act against you, they have to stop distributing
Linux.  "If you cannot distribute so as to satisfy simultaneously your
obligations under this License and any other pertinent obligations, then
as a consequence you may not distribute the Program at all."

BTW, Ross, does Microsoft Research in Cambridge work on this kind of
technology?

-- 
Pete

Re: Ross's TCPA paper

[Adam Shostack]

On Mon, Jun 24, 2002 at 08:15:29AM -0400, R. A. Hettinga wrote:
> Status:  U
> Date: Sun, 23 Jun 2002 12:53:42 -0700
> From: Paul Harrison <[EMAIL PROTECTED]>
> Subject: Re: Ross's TCPA paper
> To: "R. A. Hettinga" <[EMAIL PROTECTED]>

> The
> important question is not whether trusted platforms are a good idea, but
> who will own them.  Purchasing a TCP without the keys to the TPM is like
> buying property without doing a title search.  Of course it is possible to
> _rent_ property from a title holder, and in some cases this is desirable.
> 
> I would think a TCP _with_ ownership of the TPM would be every paranoid
> cypherpunk's wet dream.  A box which would tell you if it had been tampered
> with either in hardware or software?  Great.  Someone else's TCP is more
> like a rental car:  you want the rental company to be completely responsible
> for the safety of the vehicle.  This is the economic achilles heal of using
> TCPA for DRM.  Who is going to take financial responsibility for the proper
> operation of the platform?  It can work for a set top box, but it won't fly
> for a general purpose computer.

In general, I'm very fond of this sort of ownership analysis.  If I
have a TCPA box running my software, and thinking that its mine, how
do I know there isn't one more layer?  Leave it off, and my analysis
is simpler.

I suspect that verifying ownership of the TPM will be like verifying
ownership of property in modern Russia: There may be a title that
looks clean.  But what does the mafia think?  What about the security
services?  There may even be someone with a pre-Bolshevik title
floating around.  Or a forgery.  Hard to tell.  It's annoying to have
one's transaction costs pushed up that high.

I can get very high quality baseline software today.  What I need for
my cypherpunk wet dreams is ecash, and a nice anonymizing network.
What I also need is that the general purpose computing environment
stay free of control points, in Lessig sense.


Adam

Re: Ross's TCPA paper

[Harry Hawk]

It seems clear at least if DRM is an application than DRM applications would benefit
from the "increased trust" and architecturally that such "trust" would be needed to
enforce/ensure some/all of the requirements of the Hollings bill.

hawk

Lucky Green wrote:

>  other
> technical solution that enjoys a similar level of PC platform industry
> support, is anywhere as near to wide-spread production as TPM's, and is
> of sufficient integration into the platform to be able to form the
> platform basis for meeting the requirements of the Hollings bill.
>
> Would Anonymous perhaps like to take this question?

Re: Ross's TCPA paper

[Ross Anderson]

> It's an interesting claim, but there is only one small problem.
> Neither Ross Anderson nor Lucky Green offers any evidence that the TCPA
> (http://www.trustedcomputing.org) is being designed for the support of
> digital rights management (DRM) applications.

Microsoft admits it:

http://www.msnbc.com/news/770511.asp

Intel admitted it to me to. They said that the reason for TCPA was that
their company makes most of its money from the PC microprocessor; they
have most of the market; so to grow the company they need to grow the
overall market for PCs; that means making sure the PC is the hub of the
future home network; and if entertainment's the killer app, and DRM is
the key technology for entertainment, then the PC must do DRM.

Now here's another aspect of TCPA. You can use it to defeat the GPL.

During my investigations into TCPA, I learned that HP has started a
development program to produce a TCPA-compliant version of GNU/linux.
I couldn't figure out how they planned to make money out of this. On
Thursday, at the Open Source Software Economics conference, I figured
out how they might.

Making a TCPA-compliant version of GNU/linux (or Apache, or whatever)
will mean tidying up the code and removing whatever features conflict
with the TCPA security policy. The company will then submit the pruned
code to an evaluator, together with a mass of documentation for the
work that's been done, including a whole lot of analyses showing, for
example, that you can't get root by a buffer overflow.

The business model, I believe, is this. HP will not dispute that the
resulting `pruned code' is covered by the GPL. You will be able to
download it, compile it, check it against the binary, and do what you
like with it. However, to make it into TCPA-linux, to run it on a
TCPA-enabled machine in privileged mode, you need more than the code.
You need a valid signature on the binary, plus a cert to use the TCPA
PKI. That will cost you money (if not at first, then eventually).

Anyone will be free to make modifications to the pruned code, but in
the absence of a signature the resulting O/S won't enable users to
access TCPA features. It will of course be open to competitors to try
to re-do the evaluation effort for enhanced versions of the pruned
code, but that will cost money; six figures at least. There will
likely be little motive for commercial competitors to do it, as HP
will have the first mover advantages and will be able to undercut them
on price. There will also be little incentive for philanthropists to
do it, as the resulting product would not really be a GPL version of a
TCPA operating system, but a proprietary operating system that the
philanthropist could give away free. (There are still issues about who
would pay for use of the PKI that hands out user certs.) The need to
go through evaluation with each change is completely incompatible with
the business model of free and open source software.

People believed that the GPL made it impossible for a company to come
along and steal code that was the result of community effort. That 
may have been the case so long as the processor was open, and anyone
could access supervisor mode. But TCPA changes that completely. Once
the majority of PCs on the market are TCPA-enabled, the GPL won't work
as intended any more. There has never been anything to stop people
selling complementary products and services to GPL'ed code; once the
functioning of these products can be tied to a signature on the
binary, the model breaks.

Can anyone from HP comment on whether this is actually their plan?

Ross

Re: Ross's TCPA paper

[Derek Atkins]

I, for one, can vouch for the fact that TCPA could absolutely
be applied to a DRM application.  In a previous life I actually
designed a DRM system (the company has since gone under).  In
our research and development in '96-98, we decided that you need
at least some trusted hardware at the client to perform any DRM,
but if you _did_ have some _minimal_ trusted hardware, that would
provide a large hook to a fairly secure DRM system.

Check the archives of, IIRC, coderpunks... I started a thread entitled
The Black Box Problem.  The issue is that in a DRM system you (the
content provider) wants to verify the operation of the client, even
though the client is not under your control.  We developed an online
interactive protocol with a sandbox environment to protect content,
but it would certainly be possible for someone to crack it.  Our
threat model was that we didn't want people to be able to use a hacked
client against our distributation system.

We discovered that if we had some trusted hardware that had a few key
functions (I don't recall the few key functions offhand, but it was
more than just encrypt and decrypt) we could increase the
effectiveness of the DRM system astoundingly.  We thought about using
cryptodongles, but the Black Box problem still applies.  The trusted
hardware must be a core piece of the client machine for this to work.

Like everything else in the technical world, TPCA is a tool..  It is
neither good nor bad; that distinction comes in how us humans apply
the technology.

-derek

"Lucky Green" <[EMAIL PROTECTED]> writes:

> Anonymous writes:
> > Lucky Green writes regarding Ross Anderson's paper at: 
> > Ross and Lucky should justify their claims to the community 
> > in general and to the members of the TCPA in particular.  If 
> > you're going to make accusations, you are obliged to offer 
> > evidence.  Is the TCPA really, as they claim, a secretive 
> > effort to get DRM hardware into consumer PCs? Or is it, as 
> > the documents on the web site claim, a general effort to 
> > improve the security in systems and to provide new 
> > capabilities for improving the trustworthiness of computing platforms?
> 
> Anonymous raises a valid question. To hand Anonymous additional rope, I
> will even assure the reader that when questioned directly, the members
> of the TCPA will insist that their efforts in the context of TCPA are
> concerned with increasing platform security in general and are not
> targeted at providing a DRM solution.
> 
> Unfortunately, and I apologize for having to disappoint the reader, I do
> not feel at liberty to provide the proof Anonymous is requesting myself,
> though perhaps Ross might. (I have no first-hand knowledge of what Ross
> may or may not be able to provide).
> 
> I however encourage readers familiar with the state of the art in PC
> platform security to read the TCPA specifications, read the TCPA's
> membership list, read the Hollings bill, and then ask themselves if they
> are aware of, or can locate somebody who is aware of, any other
> technical solution that enjoys a similar level of PC platform industry
> support, is anywhere as near to wide-spread production as TPM's, and is
> of sufficient integration into the platform to be able to form the
> platform basis for meeting the requirements of the Hollings bill.
> 
> Would Anonymous perhaps like to take this question?
> 
> --Lucky Green
> 
> 
> -
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

-- 
   Derek Atkins
   Computer and Internet Security Consultant
   [EMAIL PROTECTED] www.ihtfp.com

Re: Ross's TCPA paper

[Mike Rosing]

> Date: Sun, 23 Jun 2002 12:53:42 -0700
> From: Paul Harrison <[EMAIL PROTECTED]>
> Subject: Re: Ross's TCPA paper
> I would think a TCP _with_ ownership of the TPM would be every paranoid
> cypherpunk's wet dream.  A box which would tell you if it had been tampered
> with either in hardware or software?  Great.  Someone else's TCP is more
> like a rental car:  you want the rental company to be completely responsible
> for the safety of the vehicle.  This is the economic achilles heal of using
> TCPA for DRM.  Who is going to take financial responsibility for the proper
> operation of the platform?  It can work for a set top box, but it won't fly
> for a general purpose computer.

Exactly my point - economicly it can't work for the "nightmare" scenario.

The whole DRM concept is seriously flawed, and the fact it's being
pushed by a guy who used to run a paint-ball arena is really no
supprise.

There's a large group of academics working on DRM concepts for access
to university facilities, including libraries and computers.  They
use secure platforms, but they still have to worry about who gets
physical access to the platform.

And I also don't think "conspiricy" is the right term.  The article
Lucky quoted from indicated that use of the trusted platform for
DRM was an afterthought, and that's much more believeable.  A bunch
of sharks looking for money all swim around the same target.  It has
to do with where the money is, not any collusion between the players.

S.2048 is not likely to see the light of day.  The automotive
industry is bigger than the entertainment industry, and they have
more sway in washington when it comes to how much some bill is
going to cost them.  S.2048 makes cars way too expensive, and when
union workers find out that a) they will have fewer jobs and b)
they won't be able to watch videos when they get home, the shit
will hit the fan big time.

Definitly write a letter to your congress critter to let them know
the whole thing is stupid.  But don't call it a conspiricy, that
gives the morons thinking this whole thing up a bit too much
intellect.

Patience, persistence, truth,
Dr. mike

Re: Ross's TCPA paper

[R. A. Hettinga]

--- begin forwarded text


Status:  U
Date: Sun, 23 Jun 2002 12:53:42 -0700
From: Paul Harrison <[EMAIL PROTECTED]>
Subject: Re: Ross's TCPA paper
To: "R. A. Hettinga" <[EMAIL PROTECTED]>
User-Agent: Microsoft-Outlook-Express-Macintosh-Edition/5.02.2022

on 6/23/02 6:50 AM, R. A. Hettinga at [EMAIL PROTECTED] wrote:

>
> --- begin forwarded text
>
>
> Status:  U
> From: "Lucky Green" <[EMAIL PROTECTED]>
> To: <[EMAIL PROTECTED]>
> Cc: <[EMAIL PROTECTED]>
> Subject: RE: Ross's TCPA paper
> Date: Sat, 22 Jun 2002 23:01:12 -0700
> Sender: [EMAIL PROTECTED]
>

> None of these obstacles are impossible to overcome, but not by Joe
> Computer User, not by even the most talented 16-year old hacker, and not
> even by many folks in the field. Sure, I know some that could overcome
> it, but they may not be willing to do the time for what by then will be
> a crime. Come to think of it, doing so already is a crime.
>
> --Lucky Green
>
> --- end forwarded text
>
The discussion of TCPA has a tendency to avoid serious discussion of what I
feel is the core security issue:  ownership of the platform.  Comments such
as Lucky's:

"TPM will make it near impossible for the owner of that motherboard to
access supervisor mode on the CPU without their knowledge"

obfuscate this.  The Trusted Computing Platform includes the TPM, the
motherboard and the CPU, all wired together with some amount of tamper
resistance.  It is meaningless to speak of different "owners" of different
parts.  The owner of a TCP might be a corporate IT department (for employee
machines), a cable company (for set-top boxen), or an individual.  The
important question is not whether trusted platforms are a good idea, but
who will own them.  Purchasing a TCP without the keys to the TPM is like
buying property without doing a title search.  Of course it is possible to
_rent_ property from a title holder, and in some cases this is desirable.

I would think a TCP _with_ ownership of the TPM would be every paranoid
cypherpunk's wet dream.  A box which would tell you if it had been tampered
with either in hardware or software?  Great.  Someone else's TCP is more
like a rental car:  you want the rental company to be completely responsible
for the safety of the vehicle.  This is the economic achilles heal of using
TCPA for DRM.  Who is going to take financial responsibility for the proper
operation of the platform?  It can work for a set top box, but it won't fly
for a general purpose computer.

--- end forwarded text


-- 
-
R. A. Hettinga 
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

RE: Ross's TCPA paper

[Nomen Nescio]

Lucky Green writes:
> I however encourage readers familiar with the state of the art in PC
> platform security to read the TCPA specifications, read the TCPA's
> membership list, read the Hollings bill, and then ask themselves if they
> are aware of, or can locate somebody who is aware of, any other
> technical solution that enjoys a similar level of PC platform industry
> support, is anywhere as near to wide-spread production as TPM's, and is
> of sufficient integration into the platform to be able to form the
> platform basis for meeting the requirements of the Hollings bill.
>
> Would Anonymous perhaps like to take this question?

Gladly.  One need only look at a recent cause celebre in the cypherpunk
community to see what the Hollings bill intends to mandate.  We were
assured by the professional paranoids among the cypherpunks that there
was a serious measure being promoted by the content companies, a new
restriction which we were all going to have to deal with.

Remember?  They were going to limit all A/D converters.

That's right, thanks to the Hollings bill your rectal thermometer will
be upgraded so that you can't watch Snow White on it (not that it's
likely to be anything like snow white after you're finished with it).
Yes, Hollings is determined to plug your analog hole.

You heard it here first, folks.  And how can you doubt, when it comes
from a group with such a balanced and accurate view of the world, and
such a marvelous record for accurate predictions?  Every cypherpunk
knows that paranoid conspiracy theories are by far the most reliable
way to interpret events.

RE: Ross's TCPA paper

[Mike Rosing]

On Sun, 23 Jun 2002, Lucky Green wrote:

> Anonymous writes:
> > Lucky Green writes regarding Ross Anderson's paper at:
> > Ross and Lucky should justify their claims to the community
> > in general and to the members of the TCPA in particular.  If
> > you're going to make accusations, you are obliged to offer
> > evidence.  Is the TCPA really, as they claim, a secretive
> > effort to get DRM hardware into consumer PCs? Or is it, as
> > the documents on the web site claim, a general effort to
> > improve the security in systems and to provide new
> > capabilities for improving the trustworthiness of computing platforms?
>
> Anonymous raises a valid question. To hand Anonymous additional rope, I
> will even assure the reader that when questioned directly, the members
> of the TCPA will insist that their efforts in the context of TCPA are
> concerned with increasing platform security in general and are not
> targeted at providing a DRM solution.
>
> Unfortunately, and I apologize for having to disappoint the reader, I do
> not feel at liberty to provide the proof Anonymous is requesting myself,
> though perhaps Ross might. (I have no first-hand knowledge of what Ross
> may or may not be able to provide).

That makes the claim a might weak, at least in my perspective.

> I however encourage readers familiar with the state of the art in PC
> platform security to read the TCPA specifications, read the TCPA's
> membership list, read the Hollings bill, and then ask themselves if they
> are aware of, or can locate somebody who is aware of, any other
> technical solution that enjoys a similar level of PC platform industry
> support, is anywhere as near to wide-spread production as TPM's, and is
> of sufficient integration into the platform to be able to form the
> platform basis for meeting the requirements of the Hollings bill.

Is the Hollings bill you refer to S.2048?  In S.2048 they want to "plug
the analog hole".  It's far worse both econmicly and "big brother" wise.

How are they going to deal with all the processors now running that don't
have this "fritz" chip?  Deny them access to data?  Won't win over a whole
lot of votes that way, pissing off every grandfather in the country.

Patience, persistence, truth,
Dr. mike

RE: Ross's TCPA paper

[Lucky Green]

Anonymous writes:
> Lucky Green writes regarding Ross Anderson's paper at: 
> Ross and Lucky should justify their claims to the community 
> in general and to the members of the TCPA in particular.  If 
> you're going to make accusations, you are obliged to offer 
> evidence.  Is the TCPA really, as they claim, a secretive 
> effort to get DRM hardware into consumer PCs? Or is it, as 
> the documents on the web site claim, a general effort to 
> improve the security in systems and to provide new 
> capabilities for improving the trustworthiness of computing platforms?

Anonymous raises a valid question. To hand Anonymous additional rope, I
will even assure the reader that when questioned directly, the members
of the TCPA will insist that their efforts in the context of TCPA are
concerned with increasing platform security in general and are not
targeted at providing a DRM solution.

Unfortunately, and I apologize for having to disappoint the reader, I do
not feel at liberty to provide the proof Anonymous is requesting myself,
though perhaps Ross might. (I have no first-hand knowledge of what Ross
may or may not be able to provide).

I however encourage readers familiar with the state of the art in PC
platform security to read the TCPA specifications, read the TCPA's
membership list, read the Hollings bill, and then ask themselves if they
are aware of, or can locate somebody who is aware of, any other
technical solution that enjoys a similar level of PC platform industry
support, is anywhere as near to wide-spread production as TPM's, and is
of sufficient integration into the platform to be able to form the
platform basis for meeting the requirements of the Hollings bill.

Would Anonymous perhaps like to take this question?

--Lucky Green

Re: Ross's TCPA paper

[Nomen Nescio]

Lucky Green writes regarding Ross Anderson's paper at:
http://www.ftp.cl.cam.ac.uk/ftp/users/rja14/toulouse.pdf

> I must confess that after reading the paper I am quite relieved to
> finally have solid confirmation that at least one other person has
> realized (outside the authors and proponents of the bill) that the
> Hollings bill, while failing to mention TCPA anywhere in the text of the
> bill, was written with the specific technology provided by the TCPA in
> mind for the purpose of mandating the inclusion of this technology in
> all future general-purpose computing platforms, now that the technology
> has been tested, is ready to ship, and the BIOS vendors are on side.

It's an interesting claim, but there is only one small problem.
Neither Ross Anderson nor Lucky Green offers any evidence that the TCPA
(http://www.trustedcomputing.org) is being designed for the support of
digital rights management (DRM) applications.

In fact if you look at the documents on the TCPA web site you see much
discussion of applications such as platform-based ecommerce (so that
even if a user's keys get stolen they can't be used on another PC),
securing corporate networks (assuring that each workstation is running
an IT-approved configuration), detecting viruses, and enhancing the
security of VPNs.

DRM is not mentioned.

Is the claim by Ross and Lucky that the TCPA is a fraud, secretly designed
for the purpose of supporting DRM while using the applications above
merely as a cover to hide their true purposes?  If so, shouldn't we expect
to see the media content companies as supporters of this effort?  But the
membership list at http://www.trustedcomputing.org/tcpaasp4/members.asp
shows none of the usual suspects.  Disney's not there.  Sony's not there.
No Viacom, no AOL/Time/Warner, no News Corp.  The members are all
technology companies, including crypto companies like RSA, Verisign
and nCipher.

Contrast this for example with the Brodcast Protection Discussion
Group whose ongoing efforts are being monitored by the EFF at
http://www.eff.org/IP/Video/HDTV/.  There you do find the big media
companies.  That effort is plainly aimed at protecting information and
supporting DRM, so it makes sense that the companies most interested in
those goals are involved.

But with the TCPA, the players are completely different.  And unlike
with the BPDG, the rationale being offered is not based on DRM but on
improving the trustworthiness of software for many applications.

Ross and Lucky should justify their claims to the community in general
and to the members of the TCPA in particular.  If you're going to make
accusations, you are obliged to offer evidence.  Is the TCPA really, as
they claim, a secretive effort to get DRM hardware into consumer PCs?
Or is it, as the documents on the web site claim, a general effort to
improve the security in systems and to provide new capabilities for
improving the trustworthiness of computing platforms?

RE: Ross's TCPA paper

[Lucky Green]

Mike wrote quoting Lucky:
> > "trusted" here means that the members of the TCPA trust 
> that the TPM 
> > will make it near impossible for the owner of that motherboard to 
> > access supervisor mode on the CPU without their knowledge, 
> they trust 
> > that the TPM will enable them to determine remotely if the customer 
> > has a kernel-level debugger loaded, and they trust that the 
> TPM will 
> > prevent a user from bypassing OS protections by installing 
> custom PCI 
> > cards to read out memory directly via DMA without going through the 
> > CPU.
> 
> I don't see how they expect this to work.  We've already got 
> cheap rip off motherboards, who's gonna stop cheap rip off 
> TPM's that ain't really T?  I think it moves the game into a 
> smaller field where the players all have some bucks to begin 
> with, but somebody will create a "TPM" that looks like the 
> real thing, but runs cypherpunk code just fine.

I agree with your assertion that TPM's can't prevent DRM from being
broken. Nor is this the intent of introducing TPM's. The vendors have
realized that they have to raise the technical bar only so high to keep
those most inclined to break their systems (i.e. 16-year old Norwegians)
from doing so. Those that have the knowledge and resources to break TCPA
systems either won't have the time because they are engaged in gainful
employment, won't be willing to take the risk, because they have
accumulated sufficient material possessions to be unwilling to risk
losing their possessions, not to mention their freedom, in litigation,
or will break the security for their own gain, but won't release the
crack to the public. Criminal enterprise falls into the latter category.

The content vendors, which in this case includes the operating system
and application vendors, dislike, but can live with, major criminal
enterprise being the only other party to have unfettered access, since
criminal enterprise is just another competitor in the market place. Most
business models can survive another competitor. Where business models
threaten to collapse is when the marginal cost of an illegal copy goes
to zero and the public at large can obtain your goods without payment. I
don't know if the TCPA's efforts will prevent this, but in the process
of trying to achieve this objective, the average computers users, and
even many advanced computer users, will find themselves in a new
relationship with their PC: that of a pure consumer, with only the
choices available to them the what the 180 TCPA's members digital
signatures permit.

Cloning TPM's is difficult, though not impossible. Note that all TPM's
unique initial internal device keys are signed at time of manufacture by
a derivative of the TCPA master key. Unless you are one of the
well-known chipset or BIOS manufacturers, you can't get your TPM
products signed. It is theoretically possible, though far from easy, to
clone an entire TPM, keys and all.

However, the moment those fake TPM's show up in the market place, their
keys will simply be listed in the next CRL update. And if your OS and
TPM's miss a few CRL updates, your commercial OS and all your
applications will stop working. As might in the future your video card,
your PCI cards, your hard drive, and your peripherals.

You can try to hack around the code in the OS or firmware that performs
the checks, as long as you are willing to operate your machine
permanently off the Net from then on, because your system will fail the
remote integrity checks, but given that this and other security relevant
code inside the OS and applications are 3DES encrypted and are only
decrypted inside the TPM, you can't just read the object code from disk,
but get to first microprobe the decrypted op codes off the bus before
taking a debugger to the code. Not a trivial task at today's PC bus
speeds. Nor can you get too aggressive with the hacks, since your Fritz
may simply flush the keys and leave you with a bunch of 3DES encrypted
op codes and no corresponding decryption keys. Reverse engineering turns
pretty dim at that point.

None of these obstacles are impossible to overcome, but not by Joe
Computer User, not by even the most talented 16-year old hacker, and not
even by many folks in the field. Sure, I know some that could overcome
it, but they may not be willing to do the time for what by then will be
a crime. Come to think of it, doing so already is a crime.

--Lucky Green

Re: Ross's TCPA paper

[Mike Rosing]

On Sat, 22 Jun 2002, Lucky Green wrote:

> I must confess that after reading the paper I am quite relieved to
> finally have solid confirmation that at least one other person has
> realized (outside the authors and proponents of the bill) that the
> Hollings bill, while failing to mention TCPA anywhere in the text of the
> bill, was written with the specific technology provided by the TCPA in
> mind for the purpose of mandating the inclusion of this technology in
> all future general-purpose computing platforms, now that the technology
> has been tested, is ready to ship, and the BIOS vendors are on side.

A touch hand wavy, but interesting.  (and thank you to JY for the
pointer.)

> "trusted" here means that the members of the TCPA trust that the TPM
> will make it near impossible for the owner of that motherboard to access
> supervisor mode on the CPU without their knowledge, they trust that the
> TPM will enable them to determine remotely if the customer has a
> kernel-level debugger loaded, and they trust that the TPM will prevent a
> user from bypassing OS protections by installing custom PCI cards to
> read out memory directly via DMA without going through the CPU.

I don't see how they expect this to work.  We've already got cheap
rip off motherboards, who's gonna stop cheap rip off TPM's that ain't
really T?  I think it moves the game into a smaller field where the
players all have some bucks to begin with, but somebody will create
a "TPM" that looks like the real thing, but runs cypherpunk code
just fine.

> 1) the CEO's of said computer companies are utterly unaware of a major
> strategic initiative their staff has been diligently executing for about
> 3 years, in the case of the principals in the TCPA, such as Intel,
> Compaq, HP, and Microsoft, several years longer.
>
> 2) the CEO's wrote this open letter as part of a deliberate "good cop,
> bad cop" ploy, feigning opposition to DRM in general computing platforms
> to pull the wool over the public's eye for hopefully long enough to
> achieve widespread deployment of the mother of all DRM solution in the
> market place.

3) some people think DRM will work and some people don't, and they all
work at the same company.

Anyone who can comprehend the physical reality of computers can see DRM
can't possibly work.  Unfortunatly, that's a minorty of the human
population.  I think the CEO's may actually have a clue, but if there's
money to be made from suckers, why not!!??

Well, I know why not, and so do you all.  But I don't think mandated
"Fritz" chips will fly - and it's simple economics.  Logic will never work
:-)

Patience, persistence, truth,
Dr. mike

Re: Ross's TCPA paper

[John Young]

Ross has shifted his TCPA paper to:

  http://www.ftp.cl.cam.ac.uk/ftp/users/rja14/toulouse.pdf

At 07:03 PM 6/22/2002 -0700, Lucky wrote:

>I recently had a chance to read Ross Anderson's paper on the activities
>of the TCPA at http://www.cl.cam.ac.uk/ftp/users/rja14/.temp/toulouse.pdf