Trusted Computing / Digital Restrictions Management debate

[f00dl3]

* Moved from one thread to another by popular demand


quote:
Originally posted by Tormentius:

quote:
Originally posted by f00dl3:
Can you point me to the information (URLs), so I may read up on what you say is the actual truth to the matter?



Why don't you just think it through logically. Does it honestly make sense to you that the largest computer and software manufacturers in the world have some secret conspiracy to crush all freedom or does it seem a little more realistic that they want to extend security so that people keep buying their hardware and software? I mean, we aren't talking about just MS here: AMD, Intel, Microsoft, Sun, IBM, HP, and a ton of others are part of this.

If you want to research the technologies and vendors participating in the project you can get the information sans paranoid delusions here.



The problem with that URL is that it links to the site developing the Trusted Computing platform. One thing you don't realize is that, say, if I owned a business, I could say that it's the best in the world - yet rip everyone off and not mention it on my website. It's called marketing. Anyhow, enough of that.

On a Trusted Computing based operating system, the operating sytem and file system would likely be encrypted because of it being on the Trusted side of the encryption. If one were to introduce, say Fedora Core Linux to the picture, Fedora Core would have no access to the "Trusted" side of the machine (yes, some linux kernels already have a TPM compatibility - but there is great debate between the upcoming updating of the GNU public license and the possibility, as MSN reported a while back, that the Free Software Foundation may make a clause that states that any software developed off of the GNU licensed linux kernal must NOT use Digital Restrictions Management), and no access to the file system.

There has also been much talk about this at various Linux user groups - that possibly they could build the Trusted Computing into the BIOS so it would only let a known operating system load when booted up. This could cause Linux to be disfunctional.

Face it, we could argue this day in and day out.

Until the technology comes out on the market, we have now idea what implications the implementation will have on ordinary home users who just want to be able to rip MP3s off of their new Switchfoot CD so they can put it on their iPod or make MP3 CDs that they can play as many damn times as they want, because hey - they paid $19 for the freaking CD. Really folks, that is the true purpose of Digital Restrictions Management. It's not to help the consumer - it's to help the company make more money by any means possible.

We have no idea of what effect TC will have on their privacy while surfing online. No idea if Spyware companies will invest in Trusted Computing to provide spyware that uses DRM to disable users from uninstalling their marketing software.

We also have no idea what implications that the technology will have if someone discovers how to intercept streams of attensation information being transfered between the "victim" and "attacker". If it transmits product keys and hash / binary values in an encrypted format , and how easy it would be to run a packet sniffer to intercept packets intended for one machine. (Packet sniffers are legal, and a valuable network analysis tool, so hopefully they will still be able to run - although they may be able to utilize this Fritz chip so you can't run it on a home user's machine if we're lucky).

One thing is for sure, though. With this Trusted Computing platform, more and more sensitive information is going to be (nearly) constantly transmitted over the Internet. The more information that is being transmitted, the more open you are to having someone see that information, thus the more vulnerable you are to attacks.

I think you fail to realize how powerfull this technology is. Microsoft can't be trusted, as they have constantly been pushing their luck with the Anti-Trust lawsuit ever since Microsoft formed in the early 80s. Their whole operating system was a blatant ripoff of another companies (Seattle Computer Products' QDOS). Just a few days ago a fedral judge started looking at their practices again ( http://www.usdoj.gov/atr/cases/f212100/212195.htm )
. They have had to remove their Windows Media Player in Europe.

Can you realy put that much trust into a company that has a history of monopolistic practices? I don't think so.

But like I said, only time will tell.\

[f00dl3]

Its Digital Rights Management.

Why should people debate you on something you dont even fully grasp?

It's technically Digital Rights Management, but for the average Joe, it imposes restictions, such as not being able to backup software you purchased, not being able to create backup copies of DVDs or CDs, not being able to transfer music from CDs with DRM to your hard disk in non-protected format, and more.

[axbaby]

don't let them scare you away new guy just take it to R&R because like in q4 this post will go down faster then Drum as a new inmate.

you all made valid points ..let it go

[Tormentius]

The problem with that URL is that it links to the site developing the Trusted Computing platform. One thing you don't realize is that, say, if I owned a business, I could say that it's the best in the world - yet rip everyone off and not mention it on my website. It's called marketing. Anyhow, enough of that.

On a Trusted Computing based operating system, the operating sytem and file system would likely be encrypted because of it being on the Trusted side of the encryption. If one were to introduce, say Fedora Core Linux to the picture, Fedora Core would have no access to the "Trusted" side of the machine (yes, some linux kernels already have a TPM compatibility - but there is great debate between the upcoming updating of the GNU public license and the possibility, as MSN reported a while back, that the Free Software Foundation may make a clause that states that any software developed off of the GNU licensed linux kernal must NOT use Digital Restrictions Management), and no access to the file system.

There has also been much talk about this at various Linux user groups - that possibly they could build the Trusted Computing into the BIOS so it would only let a known operating system load when booted up. This could cause Linux to be disfunctional.

Face it, we could argue this day in and day out.

The link I posted is to the group of companies involved in the project. From the start, you have made this sound like a Microsoft-only plot to take over the world and its laughable. An OS vendor is never going to be able to tell you what OS can run on your hardware platform as that is something that is your right to choose as a consumer. You realize that Sun offers Solaris and HP, Dell, and IBM all have millions invested in Linux development right? All laws aside, do you seriously think any of those vendors are going to proceed with a restriction which would prevent their own products from running? Of course they wouldn't as it would invalidate their own investments. All of those companies also employ huge legal teams and know full well that any such restriction, even if they were crazy enough to think about it, would be quickly struck down in the courts.

As for an encrypted partition of course there wouldn't be any access from another OS since that's the very fucking point of encrypting a volume in the first place.

Until the technology comes out on the market, we have now idea what implications the implementation will have on ordinary home users who just want to be able to rip MP3s off of their new Switchfoot CD so they can put it on their iPod or make MP3 CDs that they can play as many damn times as they want, because hey - they paid $19 for the freaking CD. Really folks, that is the true purpose of Digital Restrictions Management. It's not to help the consumer - it's to help the company make more money by any means possible.

We have no idea of what effect TC will have on their privacy while surfing online. No idea if Spyware companies will invest in Trusted Computing to provide spyware that uses DRM to disable users from uninstalling their marketing software.

We also have no idea what implications that the technology will have if someone discovers how to intercept streams of attensation information being transfered between the "victim" and "attacker". If it transmits product keys and hash / binary values in an encrypted format , and how easy it would be to run a packet sniffer to intercept packets intended for one machine. (Packet sniffers are legal, and a valuable network analysis tool, so hopefully they will still be able to run - although they may be able to utilize this Fritz chip so you can't run it on a home user's machine if we're lucky).

We know right now what the implications are. As it stands you are able to copy songs onto your iPod even if they are DRM'ed. There are laws protecting this in both the EU, Canada, and the US. It doesn't mean that there aren't restrictions on where you can copy it or how many CDs you can burn but face it, if you legitimately purchased a product theres only so many copies you need anyways. The only people who have reason to be concerned are those who are ripping off software vendors. Spyware companies wouldn't be able to magically use this technology to enforce marketing software either. Their product is something you didn't consent to running on your system and, even if you did, that consent is yours to revoke.

You also mention interception of data streams. Those streams are encrypted and in many cases (like Kerberos) the signature is only valid if it isn't tampered with and if it arrives in a specified time limit. What do you think happens today with online banking? Do you think those SSL packets couldn't be intercepted? Of course they can be but the encryption is strong enough that it doesn't matter. What you've postulated as a risk is called a "man in the middle" attack and its something cryptographers have plenty of options to prevent and, with technology like TC, those options would greatly increase. In your argument in the past paragraph you have again clearly illustrated that you have no idea about the basics of cryptography or public key infrastructures. It is a complex subject and apparently its one that is quite beyond you.

One thing is for sure, though. With this Trusted Computing platform, more and more sensitive information is going to be (nearly) constantly transmitted over the Internet. The more information that is being transmitted, the more open you are to having someone see that information, thus the more vulnerable you are to attacks.

I think you fail to realize how powerfull this technology is. Microsoft can't be trusted, as they have constantly been pushing their luck with the Anti-Trust lawsuit ever since Microsoft formed in the early 80s. Their whole operating system was a blatant ripoff of another companies (Seattle Computer Products' QDOS). Just a few days ago a fedral judge started looking at their practices again ( http://www.usdoj.gov/atr/cases/f212100/212195.htm )
. They have had to remove their Windows Media Player in Europe.

Can you realy put that much trust into a company that has a history of monopolistic practices? I don't think so.

But like I said, only time will tell.\

Sensitive information already crosses the Net all the time in huge quantities. The very reason we have technologies like SSL and VPNs is to safeguard it and they do a perfect job if implemented correctly. The ability to crack the algorithms simply doesn't exist and by the time they do, we will have moved on to even more secure solutions.

As for your personal little issue with Microsoft, this technology isn't just about them, its about many multinational software and hardware vendors working to increase the security of our computers and networks. The benefits for this type of tech are myriad but just for a simple example you would be able to send a document and specify who could read it, whether it could be printed, and for how long it could be read. I don't know about you but for most businesses that ability is worth its weight in gold.

You're right in the fact this subject could be argued day in and out but you haven't done so yet. In order to debate a point a person requires at least a rudimentary understanding of the subject being debated, something you clearly don't possess. Reading some conspiracy site and posting links doesn't qualify as an argument, it qualifies you as a moron.