[linux-elitists] defanging TCPA?

Jay Sulzberger jays@panix.com
Thu Feb 6 16:54:27 PST 2003

On Thu, 6 Feb 2003, Don Marti wrote:

> begin Nathaniel Smith quotation of Wed, Feb 05, 2003 at 11:53:45PM -0800:
> > Obviously, the next Windows virus to make the rounds should be
> > designed to alter the OS's kernel in a random non-destructive way, and
> > install security patches.
> >
> > Not that I actually advocate such a thing.  But we all know there'll
> > be a next virus; it'd be amusing if the next one did the socially
> > conscious thing.  Denials of service are so passe.
> >
> > (Of course, back in the real world, the public relations backlash of
> > having TCPA protest associated with a virus would probably suck.  Alas.)
> The installer for a peer-to-peer application would be a better
> place than a virus.  You could have the user read some anti-DRM
> information while the program installs.
> It would be helpful for someone with more knowledge than me of the
> TCPA spec to look at the random kernel tweaking idea and see if it
> would actually be effective against using TCPA for DRM.
> --
> Don Marti                  Even if we don't get DMCA reform, loudly

I think your "tweaks" proposal depends upon the explicit assumptions you
make, and also a few others, and I believe that the whole class of attacks
fails, for several reasons.  I hope to have a short piece out soon which
explains what Palladium does.

Just one quick note: Assume you are running on fully Palladiated hardware.
Further assume that one of the kernels on your disk is a kernel with an
Englobulator signature.  Then you cannot modify even one bit of that kernel
without making the kernel either unbootable and/or unable to run certain
Englobulator signed programs, programs which are to deliver "DRMated
content".  Some variants of Palladium style systems would make it
impossible even to change one bit of the on-disk kernel.  This is so, even
if you load your own fine free kernel to do/attempt-to-do the modification.

I assume that no special nor general crack is known against the Palladium
system.  If a crack is available then you may be able to modify the kernel,
have it boot, and then attest that it is an
Englobulated-kernel-in-good-standing to the DRMated content program.

It is possible I have not grasped the plan of attack of your proposed
anti-DRM tactic.


More information about the linux-elitists mailing list