At Sat, 2 Sep 2006 17:07:27 +0200, Christian Stüble <[EMAIL PROTECTED]> wrote: > Am Freitag, 1. September 2006 19:16 schrieb Marcus Brinkmann: > > > I must admit I'm a bit confused here: what argument shows that the > > > technology fundamentally doesn't work in the long run? And what do you > > > mean exactly by this? > > > > "Trusted computing" is the attempt to put information into a box, > > providing only restricted views on the data inside it. It is the > > attempt to turn information into something material, that only exists > > once, and that can be alienated by giving it from one person to > > another. > I disagree. "Trusted Computing" is the attempt to (i) verify the > configuration > running on a remote computer (e.g., to be able to derive its trustworthiness) > and (ii) to ensure that data can only be accessed under certain > configurations.
Yes. This is achieved by putting the running operating system into a box such as I described. If you disagree, then probably not on the characterization of TC, but on the level of abstraction that is relevant for discussion. That's interesting, but would require further clarification. > I don't say that it is not possible to implement based on TC what you are > saying, but TC is much more. You focus on one derived use case that was and > is, imo, not even the main motivation behind TC. > > One TC implementation, a TPM, does not allow users to access the bits of the > keys stored insode. As far as I know, *all* applications of TC that are usually cited in support of it are compromised if the secret key can be read out by the machine owner. Can you give a counter example? If this is not true for your model, I do not know what you mean by TC, and I would like to ask you to elaborate on what your model for TC is. > But this is only am implementation detail, similar to > smartcards. BTW, I never heard all this critics regarding smartcards.. Well, I have drawn the comparison to smart cards before on this list. I agree that they provide essentially the same mechanism. It is thus not surprising that introduction of smart cards has often been subject to an intense public discourse. In 2004, for example, the plans for the smart card at the TU Berlin were mostly chopped due to protests and technical and legal difficulties. Also in other areas with social impact, for example the health card. However, there are important differences as well. First of all, smart cards are only issued for a very narrow selection of applications, and each application is discussed carefully. They are provided and signed by local agents, which are much easier subjected to a democractic process, than a multi-national corporation with assets bigger than the gross domestic product of most countries. Introduction of smart cards is a user-visible, transparent process. In contrast, it is attempted to introduce TPM silently, built into consumer devices, and only activate them for a broad range of applications when they are widespread, but unknown to the users. Consider the alternative: Why does the movie industry not sell smart card readers and smart cards for 20 bucks, and DVDs that can only be watched with the smart card attached to the computer? Because it would be a desaster in any respect: Publicity-wise, economical, etc. Thus, if there is a difference in criticism (and I agree there is), it can be easily explained by differences in social impact and potential dangers. Again, only looking at the technical mechanisms does not give full insight into these matters, as it is all about politics. Thanks, Marcus _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
