On Mon, 2005-11-07 at 13:54 +0100, Marco Gerards wrote: > > And honestly, I don't see a problem with XBox or Playstation. It's the > > user's right to buy a crippled device. > > This sounds like a dangerous statement to me. Will you say the same > when PC's are crippled like this?
Absolutely. The bottom line is that you cannot stop a buyer from buying the wrong thing. All you can do is make sure there is a marketplace sufficient to support the manufacture, sale, and distribution of the a better thing. It doesn't matter what the bad thing is, and it is not our job to stop either the creation of the bad thing or the purchase of it. Our job is to offer a better alternative. One problem we face is that the majority of the world does not subscribe to the idea that information should be redistributable without restriction. In fact, most of the world thinks this is a simply silly idea. It isn't important whether their belief is technically correct. What matters is that this belief governs their purchasing decisions. The battle over DRM will not be won by shipping an OS that cannot play commodity movies. It will be won (or lost) in the hearts and minds of the users and in the legislatures of the respective countries. > My point is that if such PC is made and it replaces the common PCs for > some reason, some users can't buy a normal PC (perhaps because they > are out of production or because they need the newest hardware > features). So in that case people might not have the choice anymore. > So in that case it would not be someone's right to buy a crippled > device, but it is forced upon him. Then the fault will be ours for failing to wage an adequately planned and executed *social* campaign. > > If we want to argue that Hurd should not be ported to a system that > > precludes installation of some other operating system, I have no > > objection to this. However, this would not preclude running on systems > > that implement either the TPM or the TCPA chips. > > If you can tell us something more about this than the speculations I > am hearing all the time, please do. In all of the proposals for desktop and server machines that I know about, the situation is that you are free to load any OS that you want. The chip determines what OS is booted using a cryptographic hash. Using encryption, it is possible for one OS to store data that a second OS cannot read. Finally, the chip can store a key that is unique to your machine, but this key can be re-initialized. These chips also have an attestation function: they are able to generate a signed attestation about what OS is currently running. However, they cannot do this behind your back. A third party can ask for an attestation about your OS and you can refuse to provide it. The third party can then refuse to work with you. Most of the people who use the term "treacherous computing" do not understand that the request to present your ID can be refused. All of the PC-based chips can be re-initialized. You can alter your ID at the cost of giving up the content associated with your previous ID. So what these chips provide is the *ability* to identify your OS and the *ability* to store data under one OS that cannot be retrieved (at least, not as clear text) by a second. My personal opinion is that the ability to present an operating system ID has extremely limited practical value. The difficulty is that operating systems are being patched all the time, so the ID is constantly changing, and the number of possible valid configurations is exponentially large. In order for vendors to use this scheme successfully, they need to track this exponentially large data set. Ultimately, I think this is why Microsoft has sharply reduced their commitment to the TC technology lately, and has quietly stopped pushing the TPM/TCPA chip quite so hard. This link is the missing link that is needed in order for DRM to be technically enforceable. The ability to preclude data use by a second OS is where I think the real issue lies. In essence, it precludes forensics. On the one hand, this means that you can no longer read out the audio data of an MP3 file by booting a second OS. On the other hand, this means that the police cannot read your personal information after you reinitialize the TPM chip on the machine (of course, neither can you unless you have made arrangements for backup). So: yes, DRM permits me to store data on your machine that you cannot decrypt, but only with your consent. The challenge is to educate people that giving this consent is a really dumb thing to do. shap _______________________________________________ L4-hurd mailing list L4-hurd@gnu.org http://lists.gnu.org/mailman/listinfo/l4-hurd
