[linux-elitists] News conference, demonstrations, and talks in mid-July 2003

Jay Sulzberger jays@panix.com
Thu Jul 17 18:51:23 PDT 2003

On Thu, 17 Jul 2003, Seth David Schoen wrote:

> Jay Sulzberger writes:
> > Why does one part of the EFF believe Microsoft's claim that you will be
> > able to run a free operating system on Palladiated hardware?
> I think _all_ of the EFF believes this.  I'm sorry I haven't read
> linux-elitists very recently.

What then is the position of the EFF with regard to Microsoft's EULA?
There is a straighforward declaration at the start of the EULA that you get
a refund if you do not run the already installed Microsoft OS.  Yet
Microsoft in combination with vendors of hardware refuse to give you a
refund if you try to get one.

Clearly the Refund Clause of the Microsoft EULA is a more trustworthy
declaration than any number of white papers, and certainly much more
trustworthy than private declarations made in secret by unofficial
representatives of Microsoft.

> TCG's architecture is such that (1) the TPM chip does not get to
> decide what code can run, and (2) anybody can make a TPM chip.  If you
> want to, _you_ can make a TPM chip according to their specs.  (I have
> not heard about patents.)  Apparently your theory, in a later message,
> is that major manufacturers will make chips not according to spec and
> containing some kind of back door.

No.  An entire infrastructure has now been built and is in process of being
forced into every IBM style peecee motherboard.  What does this
infrastructure support and what is the declared objective of the design and
deployment?  This infrastructure supports a system of inter and intra
device authentication which can be placed under control of the
manufacturers without any inconvenience to the manufacturers.  A tiny
change in the block diagrams, indeed just a one line relabeling of one
component in one diagram, presented in the white papers of the TCPA group,
results in a system which does not boot any OS except an OS signed by
Englobulator Central or a licensee of Englobulator Central.  The design,
mass manufacture, and mass deployment of this infrastructure has cost
billions of dollars.  When Microsoft deploys Palladium, do you honestly
think Microsoft will suddenly abide by its sweet private promises not to
use Palladium against free software?  Why do you believe this?  Why have
the Englobulators spent billions of dollars on TCPA hardware, is it only so
that you may run GNU/Linux, FreeBSD, Hurd, FreeLispOS, etc., more
conveniently than now?  This is what the EFF is claiming, if the EFF
believes the private secret promises made by unathorized representatives of
Microsoft and the TCPA.  To be precise, the EFF must believe that after
Palladium is deployed, the Refund Clause of the Microsoft EULA will be
strictly adhered to, when violation of the Refund Clause will be much
easier to defend than today.

> I participated in a brief thread about back doors in trusted computing
> hardware on the cryptography list.  I'm sure it's possible to find the
> thread with Google.  To summarize, it's a challenging question, but
> it's not obviously different from the problem of deciding whether
> there are back doors in existing silicon or not.  Some people in the
> computer security community believe that existing, deployed hardware
> components contain back doors -- and they could be right, but those
> back doors can exist with or without trusted computing.

No.  It is quite different.  The TCPA and Palladium architectures are
expressly and publically declared to be capable of "shrouding" the
operations of running programs.  So when shrouding begins, the
Englobulators can say, "Look, we laid all this out, and even the EFF had no
real objections, so why are you camplaining now?".  I think that if the EFF
were to discover today that a Microsoft OS, using secret capabilities of
Intel's x86 line of chips were running shrouded Trojans, the EFF would go
to the citizens and say "Look, here is what is happening, and this is
wrong.  Sign here to stop secret trojans on your computer.", and perhaps a
campaign to end such shrouded trojans would succeed.  Once the EFF agrees
that Palladium/TCPA is not really bad, well, you will have a hard time with
your campaign when you notice that it is impossible to boot a free OS on
any computer bought from Dell.

> The inference that TCG TPMs in particular will contain back doors is
> hard for me to follow.  It seems to be coming either from the idea
> that this technology is bad for the public, is being developed with
> the participation of untrustworthy people, or is being developed with
> motives other than the stated motives of its creators.

This hardware is

1. bad for the public

2. being developed with the participation of proven liars and swindlers

3. being developed with motives other than the stated motives of the creators

4. and no matter what their motives the creators have no say in what is
done with this hardware once the assembly lines roll, or perhaps all the
creators have formed a trust not owned by Microsoft nor by Intel, with
really good patent, copyright, and trademark protections, and a one billion
dollar war chest against the suits sure to follow when the hardware and
software is used as I have described

5. and the declared objectives of the project are also very bad.

The issue is not whether the TCPA hardware will contain "back doors".  The
issue is that by the TCPA's own repeated public declarations the TCPA
hardware will enable Palladium's shrouding of the running Microsoft OS.  So
rather than one or two limited specialized "back doors" the entire OS is
now a Trojan horse.

> All of these could be true, but I don't think they get you to the
> conclusion that there will be back doors (in many independent,
> competing, and interoperable implementations).

No, there will not be competing interoperable implementations, since the
objective, stated again and again, is to end interoperability.

> > Microsoft and Intel have spent
> > hundreds of millions of dollars, likely billions, to produce a system which
> > will, by changing one bit on the motherboard,
> Which bit is that?

The bit that says "Allow loading of keys by the home user.".  And it is one
bit.  I agree with you that you might be able to find one diagram in one
white paper that, were the diagram followed, require the introduction of
one very small easily made new component in order to stop booting of free
OSen.  But note that on most diagrams, no such extra device is needed.

The one bit resides in the device which permits the home user to place
their own key in the system, so that only OSes signed by the other half
of the key pair work.

> > be limited to boot only
> > Microsoft OSes.  Further much time, effort, and money has been spent to
> > force Palladium hardware into every IBM style peecee to be sold over the
> > next few years.  If the Palladium hardware actually were to allow free
> > booting, then what is the point of this large scale project?
> It allows security applications which aren't possible today.  Some of
> those are good for computer owners, some are bad, but all are enabled
> by the architectural changes and none require preventing free booting.
> --
> Seth David Schoen <schoen@loyalty.org> | Very frankly, I am opposed to people
>      http://www.loyalty.org/~schoen/   | being programmed by others.
>      http://vitanuova.loyalty.org/     |     -- Fred Rogers (1928-2003),
>                                        |        464 U.S. 417, 445 (1984)

"... none require preventing free booting."

I agree, certainly the bit could be set the other way, if the large company
placing the order of motherboards/cpus says to the fab to allow home users
to place their own keys inside.  But that is not the issue.  The issue is
"What will happen when the prevention of free booting is without money or
social or legal cost to the Englobulators?".

Thanks, Seth, for writing!


More information about the linux-elitists mailing list