On Sat, Jul 13, 2002 at 10:59:23AM -0700, Eric Murray wrote:
> Microsoft does not do things simply because they enjoy being evil.
> They are not so worried about Linux (with its small share of the market)
> that they will spend mega-bucks now on a very long term project that might
> possibly let t
o pull Newsweek stories after a few
days that don't contribute to the MS shine.
Further still, shine thine eyes on this line-up of TCPA wiseguys:
Date: Fri, 12 Jul 2002 18:39:50 -0500
From: Jolley <[EMAIL PROTECTED]>
Subject: [dvd-discuss] Technology Admin comments
To: dvd-discuss <
Ross Anderson charged that Microsoft "censored" Newsweek because the
Stephen Levy article disappeared. Actually Newsweek moves articles to
their for-pay archives after a week. You can still find a pointer to
it by going to www.newsweek.com and entering Palladium in the "Search
the archives" box.
itional manufacturing cost for the TCPA
> hardware components. Motherboard manufacturers go through redesigns in order
> to save cents in manufacturing costs, and they're expected to add $5 to their
> manufacturing cost just to help Microsoft manage its piracy problem?
Motherboard mak
purely economic perspectice, I can't see how this will fly. I'll pull a
random figure of $5 out of thin air (well, I saw it mentioned somewhere but
can't remember the source) as the additional manufacturing cost for the TCPA
hardware components. Motherboard manufacturers go throu
Peter wrote (potentially quoting somebody else)
> >From a purely economic perspectice, I can't see how this will fly.
> >I'll pull a
> random figure of $5 out of thin air (well, I saw it mentioned
> somewhere but can't remember the source) as the additional
We failed to save a copy of Steven Levy's Palladium article in Newsweek
and online at MSNBC, now withdrawn by MSNBC. We can find no copy
online. Whoever save a copy: we would like to receive it for publication to
assure its continued availability.
A Microsoft programmer, John DeTreville, named
On Fri, 5 Jul 2002, AARG!Anonymous wrote:
< ... />
> Right, and you can boot untrusted OS's as well. Recently there was
> discussion here of HP making a trusted form of Linux that would work with
> the TCPA hardware. So you will have options in both the closed source and
I see that MSNBC has pulled the original article on Palladium:
http://www.msnbc.com/news/770551.asp
Anyway, I have just put up version 1.0 of the TCPA / Palladium FAQ
at the same URL:
http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html
Enjoy!
Ross
The academics think that TCPA technology is already solved. I haven't
read the whole paper, but y'all might find it interesting.
--Begin Forward ---
From: Sean Smith <[EMAIL PROTECTED]>
Date: Wed, 10 Jul 2002 09:18:22 -0400
You know,
At or about 09:22 AM 07/04/2002 -0700, [EMAIL PROTECTED] replied thusly:
> > If they can't even ban crypto, you think they'll be able to ban
> > Perl?
>
>They cannot ban crypto without first banning Perl. That was the
>point of the Crypto-on-a-T-Shirt movement. Obvious solution.
>First ban Perl,
At 09:43 PM 06/28/2002 +0200, Thomas Tydal wrote:
>Well, first I want to say that I don't like the way it is today.
>I want things to get better. I can't read e-books on my pocket computer,
>for example, which is sad since I actually would be able to enjoy e-books
>if I only could load them onto m
rs
preventing people from typing virus-triggering command lines are utterly
absurd. What are people trying to prove by raising such nonsensical
propositions? Palladium needs no such capability.
> Interestingly, Palladium and TCPA both allow you to modify any part of
> the software installed
--
On 5 Jul 2002 at 14:45, AARG! Anonymous wrote:
> Right, and you can boot untrusted OS's as well. Recently there
> was discussion here of HP making a trusted form of Linux that
> would work with the TCPA hardware. So you will have options in
> both the closed source and o
On Thu, Jul 04, 2002 at 10:54:34PM -0700, Lucky Green wrote:
>
> Sure you can use shell scripts. Though I don't understand how a shell
> script will help you in obtaining a dump of the protected data since
> your script has insufficient privileges to read the data. Nor can you
> give the shell sc
Hadmut Danisch wrote:
> On Wed, Jul 03, 2002 at 10:54:43PM -0700, Bill Stewart wrote:
> > At 12:59 AM 06/27/2002 -0700, Lucky Green wrote:
> > >I fully agree that the TCPA's efforts offer potentially beneficial
> > >effects. Assuming the TPM has not been compromised, the TPM should
> > >enable t
radiction in terms.
If I understand this correctly, the TCPA or Palladium hardware
will include some kind of memory management device, very similar
to the ones we have in hardware of the last years, but which stores
some kind of de-/encryption information for each page segment and
which de-/en
es. That limitation
doesn't stop you from writing your own application software or scripts.
Interestingly, Palladium and TCPA both allow you to modify any part of
the software installed on your system (though not your hardware). The
worst thing which can happen to you as a result is that the system
wil
1 the government floated one timid trial balloon about
possibly restricting crypto, and it was shot down in a hail of criticism
from all directions.
If they can't even ban crypto, you think they'll be able to ban Perl?
People who believe this are utterly disconnected from reality.
To the ex
tricted. They'll be like assault weapons. Use a compiler,
> go to jail. This despite the fact that they are necessary tools for
> technological progress today.
Basically, the concern I have is not that any *particular* end-user developed
application, in a post-DRM/TCPA world, will be ren
running a web site?
If just anyone is allowed to run a web site, they can do all kinds
of scams and push all kinds of lies. Besides which hacking will
make the cow's milk dry up.
> To the extent that people fear the TCPA and DRM because they
> think it will take us down a path to
--
On 3 Jul 2002 at 10:48, xganon wrote:
> Do you really think that DRM systems could eliminate cypherpunk
> applications? Have you thought this through in detail? Please
> expand on it.
The system as specified is harmless, because it can run anyone's
code, and thus can run napster like
ed, and more draconian.
>
> DRM-capable TCPA-type systems are evil by the same argument, even if
> not used for DRM.
>
> The primary reason they are evil is not the stated goal of DRM systems
> (copy protection in various forms), but the ease with which they could
> be used to
Robert Hettinga writes:
> If it's encrypted, and it's on my hard drive, than it's my property. I own
> it, not someone else. That's a private good. I can turn around, and sell it
> to you. You can encrypt it, and put it on your hard drive, and you can sell
> it. It's *your* property.
This has not
Quoting Joseph Ashwood <[EMAIL PROTECTED]>:
> The same argument can be applied to just about any tool.
>
> A knife has a high likelihood of being used in such a manner that it causes
> physical damage to an individual (e.g. you cut yourself while slicing your
> dinner) at some point in its usefu
On Monday, July 1, 2002, at 07:15 PM, Mike Rosing wrote:
> On Mon, 1 Jul 2002 [EMAIL PROTECTED] wrote:
>
>> --
>> On 1 Jul 2002 at 15:06, Tim May wrote:
>>> I have strong views on all this DRM and TCPA stuff, and
>>> especially on the claim that some
At 6:46 PM -0700 on 7/1/02, Joseph Ashwood wrote:
> DRM is a tool.
I agree. And I don't think any tool is evil, either, and, I bet, Ryan
probably doesn't want to come across as a hoplophobe as you're depiction of
his calling a particular technology evil makes him sound either. :-).
That said,
At 4:02 AM +0200 on 7/2/02, AAA, the Annoying Anonymous Austrian wrote:
> But you claimed that signed pieces of digital information were private
> goods. Please explain.
If it's encrypted, and it's on my hard drive, than it's my property. I own
it, not someone else. That's a private good. I c
On Mon, 1 Jul 2002 [EMAIL PROTECTED] wrote:
> --
> On 1 Jul 2002 at 15:06, Tim May wrote:
> > I have strong views on all this DRM and TCPA stuff, and
> > especially on the claim that some form of DRM is needed to
> > prevent government from taking over control of th
--
On 1 Jul 2002 at 22:10, Anonymous wrote:
> The fact is that the market can't solve this kind of problem.
> That's right, markets are not perfect. [] But information
> objects, absent successful DRM restrictions, are effectively
> public goods. Markets do not handle public goods well.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Traffic Analysis is A Bitch, boys and girls. At 10:10 PM +0200 on
7/1/02, The Single-Remailer-Hop Anonymous Austrian Innumerate
returns, writing:
> They do fine for ordinary, private
> goods.
A signed, much less encrypted, copy of a piece of digita
PROTECTED]>
Date: Sat Jun 29, 2002 10:03:33 PM US/Pacific
To: Barney Wolff <[EMAIL PROTECTED]>
Cc: "'[EMAIL PROTECTED] '"
<[EMAIL PROTECTED]>, "'[EMAIL PROTECTED] '"
<[EMAIL PROTECTED]>
Subject: Re: Ross's TCPA paper
>
> Here&
- Original Message -
From: "Ryan Lackey" <[EMAIL PROTECTED]>
> I consider DRM systems (even the not-secure, not-mandated versions)
> evil due to the high likelyhood they will be used as technical
> building blocks upon which to deploy mandated, draconian DRM systems.
The same argument ca
--
On 1 Jul 2002 at 15:06, Tim May wrote:
> I have strong views on all this DRM and TCPA stuff, and
> especially on the claim that some form of DRM is needed to
> prevent government from taking over control of the "arts."
>
> But we said everything that needed t
[Repost]
Bear writes:
> A few years ago merchants were equally adamant and believed
> equally in the rightness of maintaining their "right" to not
> do business with blacks, chicanos, irish, and women. It'll
> pass as people wake up and smell the coffee. Unfortunately
> that won't be until aft
On Mon, Jul 01, at 10:10PM, Anonymous wrote:
| Brilliant. Let the market solve the problem. Why bother with the auction
| part, then? If the market's going to solve the problem for the 2nd guy
| to hold the copy, why not let it solve the problem for the 1st? The fact
| is, quot
Robert Hettinga writes:
> All they have to do is auction the first copy off for a lot of money, cash,
> and let the market take care of the rest. That, by the way, is what people
> do now, of course, with advances, record contracts, and so on.
Brilliant. Let the market solve the problem. Why b
At 7:25 PM -0500 on 6/30/02, xganon wrote:
> The only evil here is the viewpoint that people must not have choices,
> that they must be forced into a Communist from-each-according-to-his-
> ability system where creative people have no choice or control over the
> products of their minds.
All th
Barney Wolff wrote:
> My use of "anonym" was a joke. Sorry if it was too deadpan. But
> my serious point was that if a pseudonym costs nothing to get or
> give up, it makes one effectively anonymous, if one so chooses.
Well, yeah, I'd say that single-use pseudonyms are, in fact, the
definition
Ryan Lackey provides a detailed analysis, but he gets off to a bad start
right at the beginning:
> DRM systems embedded in general purpose computers, especially if
> mandated, especially if implemented in the most secure practical
> manner (running the system in system-high DRM mode and not allow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
At 11:37 AM +0100 on 7/1/02, Ben Laurie wrote:
> Hmm. So present the appropriate definition?
Well, like I said, (and to be completely pedantic about it :-)), it
seems to me that logically there's no such thing as an "anonym" even
though you could d
My use of "anonym" was a joke. Sorry if it was too deadpan. But
my serious point was that if a pseudonym costs nothing to get or
give up, it makes one effectively anonymous, if one so chooses.
On Mon, Jul 01, 2002 at 11:37:28AM +0100, Ben Laurie wrote:
> R. A. Hettinga wrote:
> > At 12:06 AM +0
At 11:30 PM -0400 on 6/30/02, Barney Wolff wrote:
> anonym n : "Mr. and Mrs. John Smith" when signed in a motel register.
No. Pseudonym(s). Subclass "Alias".
An anonym (literally, "no name", right?) is not signing the book at all,
and, thus, as "nyms" go, can't exist except in your mind. Somew
R. A. Hettinga wrote:
> At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:
>>No, a pseudonym can be linked to stuff (such as reputation,
>>publications, money). An anonym cannot.
>
> More to the point, there is no such "thing" as an "anonym", by definition.
Hmm. So present the appropriate definition
he high likelyhood they will be used as technical
building blocks upon which to deploy mandated, draconian DRM systems.
DRM systems inevitably slide toward being more mandated, and more draconian.
DRM-capable TCPA-type systems are evil by the same argument, even if
not used for DRM.
The primary re
anonym n : "Mr. and Mrs. John Smith" when signed in a motel register.
On Sun, Jun 30, 2002 at 09:55:58PM -0400, R. A. Hettinga wrote:
>
> More to the point, there is no such "thing" as an "anonym", by definition.
--
Barney Wolff
I never met a computer I didn't like.
At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:
> No, a pseudonym can be linked to stuff (such as reputation,
> publications, money). An anonym cannot.
More to the point, there is no such "thing" as an "anonym", by definition.
There's no way to link the behavior of one event that an "anonym" ca
Barney Wolff wrote:
> A pseudonym that I can give up at will and that can never afterwards
> be traced to me is equivalent to an anonym.
No, a pseudonym can be linked to stuff (such as reputation,
publications, money). An anonym cannot.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
ely both smartcards and dongles are forms of hardware tokens
> the issue would be whether a smartcard form factor might be utilized in a
> copy protection scheme similar to TCPA paradigm a single hardware chip
> that you register for all you applications or in the dongle parad
On Sun, 30 Jun 2002, Barney Wolff wrote:
>A pseudonym that I can give up at will and that can never afterwards
>be traced to me is equivalent to an anonym.
Actually, I don't have a problem with it being traced afterwards,
if a crime has been committed and there's a search warrant or
equivalent t
On Sat, Jun 29, 2002 at 10:03:33PM -0700, bear wrote:
> ...
> >I won't give up the right NOT to do business with anonymous customers,
> >or anyone else with whom I choose not to do business.
>
> A few years ago merchants were equally adamant and believed
> equally in the rightness of maintaining
On Sun, 30 Jun 2002, Barney Wolff wrote:
>The trouble I have with this is that I'm not only a consumer, I'm
>also a merchant, selling my own professional services. And I just
>will not, ever, perform services for an anonymous client. That's
>my choice, and the gov't will take it away only when
"security modules" are also inside the swipe & pin-entry boxes that you see
at check-out counters.
effectively both smartcards and dongles are forms of hardware tokens
the issue would be whether a smartcard form factor might be utilized in a
copy protection scheme similar to
sor) are stored on vendor-controlled
hardware centrally located, with only the UI executing on the end user's
machine.
What I'd really like is a design which accomplishes the "good" parts of TCPA,
ensuring that when code claims to be executing in a certain form, it really is,
a
Phil Youngblood posted the following to the securecomp server - thought
it might interest people here, given the recent discussion of M$'s DRM
stuff...
--
This from the Eula for the latest Windows Media Player patch.
* Digital Rights Management (Sec
A pseudonym that I can give up at will and that can never afterwards
be traced to me is equivalent to an anonym.
I'm not suggesting that anonymity be outlawed, or that every merchant
be required to reject anonymous or pseudonymous customers. All I'm
suggesting is that "small" merchants MUST NOT
On Wed, 26 Jun 2002, Barney Wolff wrote:
>Do you really mean that if I'm a business, you can force me to deal with
>you even though you refuse to supply your real name? Not acceptable.
I don't think that privacy (in the sense of having the right
to keep private details of your life from being l
[summary: "TCPA is a tool which even if not necessarily always used
for DRM applications, and other far more evil applications, is
dangerous enough that it must be killed to prevent the introduction
of, and legal mandate for, these DRM and other more evil
applications. People should be pre
Yes, this is a debate I've had with the medical privacy7 guys, some of
whom like the idea of using Palladium to protect medical records.
This is a subject on which I've a lot of experience (see my web page),
and I don't think that Palladium will help. Privacy abuses almost always
involve abuse of
On Mon, 24 Jun 2002, Anonymous wrote:
>The important thing to note is this: you are no worse off than today!
>You are already in the second state today: you run untrusted, and none
>of the content companies will let you download their data. But boolegs
>are widely available.
The problem is that
er, enabling platform security, as much as might be stressed
> otherwise by the stakeholders, has never been the motive behind the
> TCPA. The motive has been DRM. Does this mean that one should ignore the
> benefits that TCPA might bring? Of course not. But it does mean that one
> sho
Pete Chown wrote:
> BTW, I have been thinking for a while about putting together a UK
> competition complaint about DVD region coding. No promises that
> anything will happen quickly. On the other hand, if people offer help
> (or just tell me that they think it is a worthwhile thing to do) it w
On Wed, Jun 26, 2002 at 09:10:25PM -0700, Lucky Green wrote:
> Below are two more additional TCPA plays that I am in a position to
> mention:
>
> 1) Permanently lock out competitors from your file formats.
>
> >From Steven Levy's article:
> "A more interes
From: <[EMAIL PROTECTED]>
> As a side note, it seems that a corporation would actually have to
> demonstrate that I had seen and agreed to the thing and clicked
> acceptance. Prior to that point, I could reverse engineer, since
> there is no statement that I cannot reverse engineer agreed to. S
[Minor plug: I am scheduled to give a talk on TCPA at this year's DEF
CON security conference. I promise it will be an interesting talk.
http://www.defcon.org ]
Below are two more additional TCPA plays that I am in a position to
mention:
1) Permanently lock out competitors from your
Mike Rosing wrote:
>As long as MS Office isn't mandated by law, who cares?
It's not clear that enabling anti-competitive behavior is good
for society. After all, there's a reason we have anti-trust law.
Ross Anderson's point -- and it seems to me it's one worth considering
-- is that, if there
placed you NIC with the
rarer, but not unheard of, variant that ships out the contents of your
operating RAM via DMA and IP padding outside the abilities of your OS to
detect.
However, enabling platform security, as much as might be stressed
otherwise by the stakeholders, has never been the motive
eployment) copy-mark
> (fingerprint) systems, there are a number of approaches which
> have been suggested, or could be used to have viewing privacy.
The TCPA specs were carefully designed to permit the user to obtain
multiple certificates from multiple CA's and thus, if, and that's
hased Microsoft Office for $500.)
> Now notice that the same idea can be used to inhibit competition in
> just about any computer market, and I hope you appreciate Ross's point.
> TCPA/DRM has the potential for anti-competitive effects, and the result
> may well be worse off than we are today.
Scott Guthery wrote:
>Perhaps somebody can describe
>a non-DRM privacy management system.
Uhh, anonymous remailers? I never disclose my identity, hence there is
no need for parties I don't trust to "manage" it.
Come on, folks. This ought to be cypherpunks 101. DRM might be one
way to achieve
On Wed, 26 Jun 2002, Barney Wolff wrote:
>Do you really mean that if I'm a business, you can force me to deal with
>you even though you refuse to supply your real name? Not acceptable.
>I won't give up the right NOT to do business with anonymous customers,
>or anyone else with whom I choose not
On Wed, Jun 26, 2002 at 03:57:15PM -0400, C Wegrzyn wrote:
> If a DRM system is based on X.509, according to Brand I thought you could
> get anonymity in the transaction. Wouldn't this accomplish the same thing?
I don't mean that you would necessarily have to correlate your viewing
habits with yo
oft.com won't give you the key unless you've
bought a "secure" "trusted" OS and purchased Microsoft Office for $500.)
Now notice that the same idea can be used to inhibit competition in
just about any computer market, and I hope you appreciate Ross's point.
TCPA/DRM has the potential for anti-competitive effects, and the result
may well be worse off than we are today.
On Wed, 26 Jun 2002, Barney Wolff wrote:
> Do you really mean that if I'm a business, you can force me to deal with
> you even though you refuse to supply your real name?
When was the last time you had to give your name when you bought a
newspaper, CD or a DVD in a non-online/non-mail order st
:
> http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
>
> Ross
>
> -
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
Ross
; : Anonymous wrote:
> :
> : > Furthermore, inherent to the TCPA concept is that the chip can in
> : > effect be turned off. No one proposes to forbid you from booting a
> : > non-compliant OS or including non-compliant drivers.
> :
> : Good point. At least I hope they do
t; <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Orig-To: "bear" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, June 26, 2002 3:37 PM
Subject: Re: Ross's TCPA paper
> On Wed, Jun 26, 2002 at 10:01:00AM -0700, bear wrote:
>
ar" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, June 26, 2002 3:37 PM
Subject: Re: Ross's TCPA paper
> On Wed, Jun 26, 2002 at 10:01:00AM -0700, bear wrote:
> > As I see it, we can get either privacy or DRM,
> > but t
Do you really mean that if I'm a business, you can force me to deal with
you even though you refuse to supply your real name? Not acceptable.
I won't give up the right NOT to do business with anonymous customers,
or anyone else with whom I choose not to do business.
The point about DRM, if I und
On Tue, 25 Jun 2002, Dan Geer wrote:
> the problem statements for "privacy" and for "digital rights management"
> were identical
Hmm, so:
privacy : DRM :: wiretapping : fair use
- RL "Bob"
On Wed, Jun 26, 2002 at 10:01:00AM -0700, bear wrote:
> As I see it, we can get either privacy or DRM,
> but there is no way on Earth to get both.
> [...]
Hear, hear! First post on this long thread that got it right.
Not sure what the rest of the usually clueful posters were thinking!
DRM syst
On 6/25/02 4:15 AM, "Dan Geer" <[EMAIL PROTECTED]> wrote:
> Over the last six months, I'd discovered that Carl Ellison (Intel),
> Joan Feigenbaum (Yale) and I agreed on at least one thing: that the
> problem statements for "privacy" and for "digital rights management"
> were identical, viz., "con
[EMAIL PROTECTED];
[EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: 6/25/02 11:56 AM
Subject: Re: Ross's TCPA paper
I don't believe that the choice is both privacy and TCPA, or neither.
Essentially all privacy violations are abuses of authorised access by
insiders. Your employer's medic
On Wed, 26 Jun 2002, Scott Guthery wrote:
>Privacy abuse is first and foremost the failure
>of a digital rights management system. A broken
>safe is not evidence that banks shouldn't use
>safes. It is only an argument that they shouldn't
>use the safe than was broken.
>
>I'm hard pressed to ima
Peter D. Junger wrote:
> That isn't the reason why a click-through agreement isn't
> enforceable---the agreement could, were it enforceable, validlly
> forbid reverse engineering for any reason and that clause would
> in most cases be upheld.
Not in Europe though. EU directive 91/250/EEC "on t
Sandy Harris writes:
: "Peter D. Junger" wrote:
:
: > : > There is not even social opprobrium; look at how eager
: > : > everyone was to look the other way on the question of whether the DeCSS
: > : > reverse engineering violated the click-through agreement.
: > :
: > : Perhaps it did, but the l
I don't believe that the choice is both privacy and TCPA, or neither.
Essentially all privacy violations are abuses of authorised access by
insiders. Your employer's medical insurance scheme insists on a
waiver allowing them access to your records, which they then use for
promotion
"Peter D. Junger" wrote:
> : > There is not even social opprobrium; look at how eager
> : > everyone was to look the other way on the question of whether the DeCSS
> : > reverse engineering violated the click-through agreement.
> :
> : Perhaps it did, but the licence agreement was unenforceable.
Pete Chown wrote:
[...]
> This doesn't help with your other point, though; people wouldn't be able
> to modify the code and have a useful end product. I wonder if it could
> be argued that your private key is part of the source code?
Am I expected to distribute my password with my code?
Pete Chown writes:
: Anonymous wrote:
:
: > Furthermore, inherent to the TCPA concept is that the chip can in
: > effect be turned off. No one proposes to forbid you from booting a
: > non-compliant OS or including non-compliant drivers.
:
: Good point. At least I hope t
> Speaking personally, if asked "DRM & privacy, both or neither?"
> then I will take "both" -- YMMV.
This bullshit is getting deeper and thicker.
(dis)ability to replay received information at will has next to nothing to do
with ability to stop unwanted parties from obtaining secret information
Over the last six months, I'd discovered that Carl Ellison (Intel),
Joan Feigenbaum (Yale) and I agreed on at least one thing: that the
problem statements for "privacy" and for "digital rights management"
were identical, viz., "controlled release of information is yours at
a distance in space or t
Pete Chown wrote quoting Ross:
> > You need a valid signature on the binary, plus a cert to
> use the TCPA
> > PKI. That will cost you money (if not at first, then eventually).
>
> I think it would be a breach of the GPL to stop people
> redistributing the signature:
Anonymous wrote:
> Furthermore, inherent to the TCPA concept is that the chip can in
> effect be turned off. No one proposes to forbid you from booting a
> non-compliant OS or including non-compliant drivers.
Good point. At least I hope they don't. :-)
> There is not even
t. Therefore the Hollings bill would not increase the
> effectiveness of the TCPA model. And it follows, then, that Lucky and
> Ross are wrong to claim that this bill is intended to legislate use of
> the TCPA. The TCPA does not require legislation.
Exactly. Let the market decide. This i
Ross Anderson writes:
> During my investigations into TCPA, I learned that HP has started a
> development program to produce a TCPA-compliant version of GNU/linux.
> I couldn't figure out how they planned to make money out of this. On
> Thursday, at the Open Source Software Eco
For those who question the use of the TCPA spec as part of a DRM
system, I refer you to the following article where the author
interviewed Jim Ward of IBM (one of the authors of the TCPA spec) --
http://www.101com.com/solutions/security/article.asp?ArticleID=3266
In particular, note the
es who can only sit slack-jawed as they
force-feed us whatever content they desire, charging whatever they wish.
The recent outcry over TCPA falls into this category.
Cypherpunks alternate between smug assertions of the first claim and
panicked wailing about the second. The important point abou
to become more closed at the same time as everyone else is
becoming more open. That strategy is the Xbox, which may over time
evolve into the kind of tamper resistant system that we have been
talking about.
> During my investigations into TCPA, I learned that HP has started a
> development p
201 - 300 of 314 matches
Mail list logo
