[linux-elitists] defanging TCPA?

Seth David Schoen schoen@loyalty.org
Thu Feb 6 18:12:51 PST 2003


Jay Sulzberger writes:

> Just one quick note: Assume you are running on fully Palladiated hardware.
> Further assume that one of the kernels on your disk is a kernel with an
> Englobulator signature.  Then you cannot modify even one bit of that kernel
> without making the kernel either unbootable and/or unable to run certain
> Englobulator signed programs, programs which are to deliver "DRMated
> content".  Some variants of Palladium style systems would make it
> impossible even to change one bit of the on-disk kernel.  This is so, even
> if you load your own fine free kernel to do/attempt-to-do the modification.

You have to slightly stretch the definition of "unable to run" here,
but I thought Don _expected_ that outcome (breaking the functionality
of certain DRM applications).

The particular effect on the applications' functionality is that they
become unable to receive and/or unable to display certain third-party
information.  Don, isn't that the outcome you were anticipating?

If a DRM system is implemented with good security engineering
practices[1], it should "fail safe".  From the point of view of the
people whose interests DRM systems are actually intended to protect,
failing safe means not functioning at all in an environment which is
determined to be significantly different from the intended operating
environment.


[1] Heh heh.

-- 
Seth David Schoen <schoen@loyalty.org> | Reading is a right, not a feature!
     http://www.loyalty.org/~schoen/   |                 -- Kathryn Myronuk
     http://vitanuova.loyalty.org/     |



More information about the linux-elitists mailing list