[p2p-hackers] Stop Palladium and TCPA Now!
lists.p2phackers at imperialviolet.org
Mon Feb 3 07:39:02 UTC 2003
On Mon, Feb 03, 2003 at 12:04:34AM -0500, Seth Johnson wrote:
> Tell American Megatrends and Transmeta not to make chips
> that let others control your computer!
This is sensationalist and wrong. TCPA chips do not let other people `control
your computer', in fact the abilities of the TCPA chip are rather limited.
It would help if you read the spec for TCPA (http://www.trustedcomputing.org/)
before posting such stuff, but I will admit that the TCPA spec is a wonderful
example of exactly how not to write a spec. I'm sure much of the
min-understanding of TCPA is due to the poor quality of this document.
for a wonderful work about TCPA which may alay some of your fears.
> Palladium and TCPA would hardwire your home computer so that
> these four entities and their partners would be able to run
> processes on your computer, entirely outside your control,
> indeed, without your knowledge.
If you are running Windows this pretty much happens already.
> The mechanics are as follows: only code that has been signed
> with a special Microsoft provided key will run. Microsoft
> will retain at all times the power to revoke any other
> entity's keys. In particular, no operating system will be
> able to boot without a key from Microsoft. So if Palladium
> is forced into every home computer, there will be no more
> free software.
Total crap. It M$ wish to implement code signing in Windows they can do that
with or without TCPA . TCPA allows you to seal data and only unseal it when
booted in the same configuration. It also allows you to `prove' to another
party that you are running a given configuration (with a number of assumptions)
"The TCPA chip doesn t execute anything. It accepts request data, and replies
with response data. The TCPA chip does not and cannot control execution!"
(IBM paper). *TCPA chips do not prevent free-software running on the computer*
> Microsoft will be able to spy on each and every keystroke,
> and mouse movement, and send encrypted messages from your
> machine to Microsoft headquarters. Microsoft will also be
> able to examine every file on your system.
As they can (and, by some accounts, do) currently.
> Your encryption
> programs will not work against Microsoft, or any other
> entities which have full power keys from Microsoft.
Utter crap again. TCPA does not alter mathematical reality. Boot Linux
and encrypt all you like.
> There are two reasons most people will not be able to escape
> the All Seeing Eye and Invisible Hand of Palladium.
You are mixing up Palladium and TCPA. And we don't even have details on
> Once Microsoft and Intel have forced Palladiated hardware
> into every personal computer, it will be impossible to run a
> free OS.
Rubbish. See above.
Now, TCPA does allow some nasty things to happen. See
for an example of `content providers' using TCPA to only trust a computer
running a given OS. But, personally, I would like a TCPA system. That way I
can encrypt my filesystem and store the key in the TPM; which would only
decrypt it when my kernel was booted. As a crypto junkie that appeals quite a
Adam Langley agl at imperialviolet.org
http://www.imperialviolet.org (+44) (0)7986 296753
PGP: 9113 256A CC0F 71A6 4C84 5087 CDA5 52DF 2CB6 3D60
More information about the P2p-hackers