28 June 2002
Microsoft Palladium patent:
http://cryptome.org/ms-drm-os.htm
Ross Anderson FAQ on TCPA and Palladium:
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
24 June 2002: See Ross Anderson comments today: http://cryptome.org/tcpa-rja2.htm
22 June 2002
From: "Lucky Green" <shamrock@cypherpunks.to>
To: <cryptography@wasabisystems.com>
Cc: <cypherpunks@lne.com>
Subject: Ross's TCPA paper
Date: Sat, 22 Jun 2002 19:03:49 -0700
I recently had a chance to read Ross Anderson's paper on the activities of the Trusted Computing Platform Alliance (TCPA) at
http://www.ftp.cl.cam.ac.uk/ftp/users/rja14/toulouse.pdf
I must confess that after reading the paper I am quite relieved to finally have solid confirmation that at least one other person has realized (outside the authors and proponents of the bill) that the Hollings bill, while failing to mention TCPA anywhere in the text of the bill, was written with the specific technology provided by the TCPA in mind for the purpose of mandating the inclusion of this technology in all future general-purpose computing platforms, now that the technology has been tested, is ready to ship, and the BIOS vendors are on side.
Perhaps the Hollings "Consumer Broadband and Digital Television Promotion Act" bill would be more accurately termed the "TCPA Enablement Act". BTW, the module that Ross calls a "Fritz" in his paper after the author of the bill, long had a name: it is called a Trusted Platform Module (TPM).
Granted, in the context of the TCPA and the Hollings bill, the term "trusted" is used somewhat differently than the customers of future motherboards, which are all slated to include a TPM, might expect:
"trusted" here means that the members of the TCPA trust that the TPM will make it near impossible for the owner of that motherboard to access supervisor mode on the CPU without their knowledge, they trust that the TPM will enable them to determine remotely if the customer has a kernel-level debugger loaded, and they trust that the TPM will prevent a user from bypassing OS protections by installing custom PCI cards to read out memory directly via DMA without going through the CPU.
The public and the media now need to somehow, preferably soon, arrive at the next stage of realization: the involvement in the TCPA by many companies who's CEO's wrote the widely distributed open letter to the movie studios, telling the studios, or more precisely -- given that it was an open letter -- telling the public, that mandating DRM's in general-purpose computing platforms may not be a good idea, is indicative of one of two possible scenarios:
1) the CEO's of said computer companies are utterly unaware of a major strategic initiative their staff has been diligently executing for about 3 years, in the case of the principals in the TCPA, such as Intel, Compaq, HP, and Microsoft, several years longer.2) the CEO's wrote this open letter as part of a deliberate "good cop, bad cop" ploy, feigning opposition to DRM in general computing platforms to pull the wool over the public's eye for hopefully long enough to achieve widespread deployment of the mother of all DRM solution in the market place.
I do not know which of the two potential scenarios holds true. However, I believe public debate regarding the massive change in the way users will interact with their future computers due to the efforts of the TCPA and the Hollings bill would be greatly aided by attempts to establish which of the two scenarios is the fact the case.
--Lucky Green