http://www.bbc.co.uk/news/technology-11483008
BBC reports that Microsoft's idea seems to be that if your computer doesn't present a valid "health certificate" to your ISP, then your ISP wouldn't let it be on the net, or would throttle it down to a tiny bandwidth. The Health Certificate would, of course, be provided by Intel and Microsoft, but only from machines with Treacherous Computing hardware, after examining everything in your computer to make sure Intel and Microsoft approve of it all. (This is the same DRM procedure they've been pushing for a decade -- the system would cryptographically "attest" to arbitrary information about what's running in your machine, using proprietary hardware and software you have no control over and no ability to inspect, and the outsiders would decide not to deal with you if they didn't like your attestation. The only change is that they've revised their goal from "record companies won't sell you a song if you won't attest" to "nobody will give you an Internet connection if you won't attest".) Homebrew computers and Linux machines need not apply. They don't explain how this would actually be implemented -- in Ethernet switches? In DSL routers or NAT boxes? In ISP servers? They're not quite sure whether the health certificate should *identify* your device, but they're leaning in that direction. But they're quite sure that it all needs doing, by voluntary means or government coercion, and that the resulting info about your "device health" should be widely shared with governments, corporations, etc. This proposal comes from Microsoft VP Scott Charney, well known to many of us as the former Chief of the Computer Crime and Intellectual Property Section in the Criminal Division of the U.S. Department of Justice, or as he puts it, "the leading federal prosecutor for computer crimes from 1991 to 1999". He joined Microsoft in 2002 and is running their "Treacherous Computing" effort as well as several other things. The vision that Charney is driving is described in six papers here (one of which is the one the BBC is covering): https://www.microsoft.com/mscorp/twc/endtoendtrust/vision/ He's pushing the "Public Health Model" because public health bureacracies have huge, largely unchecked powers to apply force to people who they disfavor. Along those lines, he converts the public health departments' most draconian measure, used only in extreme circumstances - quarantine - into the standard procedure for his New Internet: quarantine EVERY device -- unless and until it "proves" that it should evade the quarantine. In his "Establishing End to End Trust" paper (another of the six), he lays out the computer security problem and decides that defense isn't enough; authentication, identification, and widespread auditing are the next step in solving it. He concludes: As we become increasingly dependent on the Internet for all our daily activities, can we maintain a globally connected, anonymous, untraceable Internet and be dependent on devices that run arbitrary code of unknown provenance? If the answer to that is "no," then we need to create a more authenticated and audited Internet environment -- one in which people have the information they need to make good trust choices. He makes halfhearted attempts to address privacy and anonymity issues, but ultimately decides that those decisions will be made somewhere else (not by the user or consumer, of course). His analysis completely ignores the incentives of monopoly hardware and software providers; of corrupt governments such as our own; of even honest governments or citizens desiring to act secretly or without attribution; of advertisers; of the copyright mafia; of others actively hostile to consumer and civil freedom; and of freedom- supporting communities such as the free software movement. It ignores DRM, abuse of shrink-wrap contracts, copyright maximalization, censorship, and other trends in consumer abuse. It's designed by a career cop/bureaucrat/copyright-enforcer and implemented by a monopolist - hardly viewpoints friendly to freedom. I'd recommend merely ignoring his ideas til they sink like a stone. But it looks like Intel and Microsoft are actively sneaking up on the free Internet and the free 10% of the computer market by building in these techniques and seeking partnerships with governments, ISPs, telcos, oligopolists, etc to force their use. So some sort of active opposition seems appropriate. Perhaps Linux systems should routinely delete all the manufacturer-provided device attestation and identification keys from every Treacherous Computing device they ever boot on. (This won't affect keys that the *user* stores in their TPM if they want to.) If a significant part of the Internet is physically incapable of attesting to the monopolists, ISPs will never be able to require such attestation. I've certainly deleted those keys on my own PCs that came with such crap -- so far, no downside. Let's keep it that way. Security measures should report to the system owner -- not to the ISP or the manufacturer. The owner of the machine should determine which software it's appropriate for it to run. This whole idea of collectivist "approval" of your computing environment gives me the willies. In their model, you'd be perfectly free to write a new piece of software, sort of the way you are perfectly free to design and build a new house. First you spend tens of thousands of dollars on a government-licensed architect and a similarly licensed structural engineer. Then you submit your plans to a bureaucrat, and wait. And wait. And they demand changes. And you negotiate, but they really don't care what you want; you NEED their approval. So you wait some more, then give in to whatever they want. Don't forget to use union labor to build your software -- it'll be required. And any bureaucrat can come by after an alcoholic lunch to "inspect" your software -- and if you don't properly kiss their ass and/or bribe them, their "red tag" will physically keep your software from being usable on every computer. Periodically politicians will write bizarre new requirements into the rules (e.g. you can't use PVC pipe because that would put local plumbers out of work; or you can't use portable languages because then your software might run on competing platforms), and you'll just have to follow orders. At least that's how the Planning Department and Building Inspection Department work here in San Francisco. I don't see why a software monopoly enforced from the top would work any different. Writing software for any Apple platform except the Mac is already like that. John Gilmore --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com