[p2p-hackers] [Fwd: RE: TCPA? - No thanks!]

Thorsten Strufe thorsten.strufe at tu-ilmenau.de
Tue Feb 4 05:33:02 UTC 2003


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------- Original Message --------
Subject: RE: Palladium? - No thanks!
Date: Montag, 3. Februar 2003 15:35
From: "Umbertina E. Vezzani" <Umbertinav at ami.com>

Hello [...],

Thank you for taking time to contact us here at AMI.

We are sorry to hear of your decision to not seek out an AMI
~ solution for your next purchase.  While we respect your right to
~ make that decision, we would like to underline some relevant points
~ about our announcement and  the purpose of TCPA.  We urge you to
~ please give us a minute of your time to fully understand what AMI
~ is offering and thus be able to make a fully informed decision

It must be noted that AMI has not announced support for Microsoft's
Palladium. Palladium is an initiative by an OS entity that is slated
~ for the future.  To be honest, though we do know about it, AMI has
~ not begun any development related to it.  At this point we have not
~ made any decisions on support either. TCPA is completely optional
~ to our customers (OEMs, ODMs, CMs and other system builders). They
~ may choose to make it available or not, depending on the needs of
~ their market.  We have had requests from a number of customers for
~ this technology.
Depending from the motherboard manufacturer, you will continue to
~ find motherboards enabled by AMIBIOS that do not feature TCPA. I
~ must also add that AMIBIOS is not the first to offer this feature -
~ There are already PCs featuring this technology or other BIOS
~ vendors enabling this technology or other hardware-based security
~ options based on encrypted authentication.

TCPA does not equal Palladium.  While certainly there is some future
development overlap between the two, TCPA is being introduced by
~ OEM's as a security option to protect systems through hardware and
~ firmware. The purpose of TCPA is to implement a subsystem to
~ protect computer clients from software hackers, not DRM. It is
~ poorly suited, even from a technical point of view, for DRM. DRM
~ applications might use TCPA applications or not, and DRM can be
~ introduced without TCPA. If you are against DRM,  your concerns
~ should be expressed to the organizations that promote it.

On TCPA goals and functions:
http://www.research.ibm.com/gsal/tcpa/why_tcpa.pdf

On misconceptions in circulating papers:
http://www.research.ibm.com/gsal/tcpa/tcpa_rebuttal.pdf

Another common misconception is that TCPA would not allow people to
~ run Linux. It actually does not limit the ability to run Linux (or
~ any other open source solution). Linux device drivers for TCPA are
~ available as well.

In addition to this, the TCPA FAQ document reports several
~ protections for those users that are concerned with their privacy:

*	The system owner has ultimate control and permissions over private
information and must opt-in to utilize a TCPA subsystem.(...) A TCPA
subsystem can be disabled permanently
*	The specification allows the system owner to create multiple
~ and/or anonymous identities to enhance personal security and remove
~ avenues for identity cross-correlation
*	Supports multiple certificate authorities to give user choice
*	Code, applets or drivers used on a TCPA subsystem do not need to
~ be signed, unless the Operating system used specifically requires
~ it.

Please refer to: TCPA FAQ
http://www.infineon.com/cmc_upload/documents/048/002/TCPA_FAQ_1.pdf

As a smaller company itself, AMI has always supported innovation and
creativity, as these have been our main tools in competing against
~ much larger companies in our industry.  We would not do anything
~ that in our minds would damage our credibility or reputation for
~ world class BIOS solutions and will carefully evaluate this type of
~ feedback when it does come time to examine any future technologies.
~  We would also like to recommend that anyone who is opposed to a
~ Palladium-type solution in the future, please make that known to
~ OEM's and system builders.  As they are our customers, we
~ definitely listen to them in terms of what they (and hopefully
~ their customers) will want in future BIOS.

Thank you again for your time in contacting us and we hope that this
~ and some of the links below will shed some light on AMI's plans.



LINKS

Original Articles on theinquirer.net

http://www.theinquirer.net/?article=7089
http://www.theinquirer.net/?article=7103

Interview with Slashdot ("real, not laundered")
<http://interviews.slashdot.org/>

AMI TCPA module Whitepaper
http://www.ami.com/support/doc/TCPA_whitepaper.pdf

TCPA FAQ
http://www.infineon.com/cmc_upload/documents/048/002/TCPA_FAQ_1.pdf

TPM FAQ
http://www.infineon.com/cmc_upload/documents/048/003/TPM_FAQ_1.pdf

TCPA Website
<http://www.trustedcomputing.org/>


- --
Dipl.-Inf. Thorsten Strufe         +49(0)3677-694553, CC 442
Fachgebiet Telematik               Institut Praktische Informatik	
Technische Universität Ilmenau     http://www-ia.tu-ilmenau.de/IPI/FGT
Sartre:Begehe keine Dummheit zweimal, die Auswahl ist doch groß genug!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQE+P4OlOQ9e8ojbqFYRAhD2AJ9s6zV7v/G6et1YbFmSKt370MbA+QCfQfja
BaVx0mv41WmqYBfe66vM60k=
=ZeD+
-----END PGP SIGNATURE-----




More information about the P2p-hackers mailing list