{"id":400406,"date":"2004-03-09T23:00:00","date_gmt":"2004-03-09T23:00:00","guid":{"rendered":"https:\/\/exindex.hu\/?p=400406"},"modified":"2022-06-14T09:28:59","modified_gmt":"2022-06-14T08:28:59","slug":"miert-ne-bizzunk-a-megbizthato-szamitastechnikaban","status":"publish","type":"post","link":"https:\/\/exindex.hu\/en\/tema\/miert-ne-bizzunk-a-megbizthato-szamitastechnikaban\/","title":{"rendered":"Why You Should Distrust \u201cTrusted Computing\u201c"},"content":{"rendered":"
\r\n\r\n\t\t\r\n\t\t
\r\n\t\t\t\"img\"<\/a>\r\n\t\t<\/td>\r\n\t\t
<\/div>\r\n\r\n\t\t
left \u00b7 COPY \u00b7 right<\/a><\/div>\r\n\t\t
The Oxymoron of Intellectual Property<\/div>\r\n\t\t<\/td>\r\n\t<\/tr>\r\n\t<\/table>\r\n<\/div>\r\n\r\n
\r\n\r\n\r\n\r\n

 <\/p>\r\n\r\n\r\n\r\n\r\n\r\n

Wouldn‘t it be nice if you were able to trust your computer? If you could be confident that it would do only and exactly what you\r\nwant it to do? Initiatives for “Trusted” and “Trustworthy Computing” imply that they will turn computers into just\r\nthat kind of machine. In fact, there are good reasons to distrust them.<\/p>\r\n\r\n

In the mid-1990s, Mark Stefik from Xerox PARC developed a computing environment for controlling delivery, access to, and use of digital\r\ncontent. The digital revolution had empowered individuals to freely manipulate and distribute any text, image, and sound. The music companies,\r\nfollowed by other branches of the entertainment industry, came to see this as a threat to their business models, and pushed to solve the\r\nperceived problem caused by technology with the help of a technology that is known as DRM (Digital Restrictions Management). Stefik still\r\ncalled them “Trusted Systems” and left no doubt about whose trust they are supposed to gain: “Trusted systems presume\r\nthat the consumer is dishonest”.<\/p>\r\n\r\n

Since then, a whole range of DRM technologies has emerged. Based on cryptography, they include encryption and scrambling, watermarking,\r\nauthentication, online registration, remote update, and revocation of rights. All of them have one thing in common: they were broken as soon as\r\nthey arrived on the market. The entertainment industry therefore called upon lawmakers to create special protection for DRM. It started with the\r\nCopyright Treaty of the World Intellectual Property Organization (WIPO) in 1996. This was first implemented into US-American Copyright Law in\r\n1998 as the Digital Millennium Copyright Act (DMCA). Europe followed in 2001 with the EU Copyright Directive which is currently being\r\nimplemented into the national European copyright laws. Technically, it‘s still possible to circumvent DRM technology, but it has become\r\neven more illegal than it would be without the new law provisions.<\/p>\r\n\r\n

On the technical front, a more radical approach has been pursued by the Trusted Computing Platform Alliance (TCPA), a large consortium\r\nset up in 1999, superseded in April 2003 by the Trusted Computing Group (TCG). The idea to not only control data but the whole computing\r\nenvironment has been around in the military field since the early 1970s. A cryptographic chip with a unique “endorsement key“ is\r\nput in charge of starting the PC, validating BIOS, operating system, hardware drivers, and application programs. This can be used for detection of\r\nviruses and Trojans and for access control.<\/p>\r\n\r\n

TCG adds two features to it. It allows the system to report a kind of an x-ray of the currently running software configuration to a third\r\nparty, e.g. a bank or a music service (“remote attestation”). If the requested service sees programs it doesn‘t like it will\r\nrefuse to conduct the transaction. If it is satisfied with the user‘s configuration and decides to send data, it can lock them to the current\r\nsystem state (“sealed storage”). They can only be decrypted if the system is in exactly the same state. As MIT cryptologist and\r\nTuring Award winner Ron Rivest put it: “The right way to look at this is you are putting a virtual set-top box inside your PC. You are\r\nessentially renting out part of your PC to people you may not trust.”<\/p>\r\n\r\n

Microsoft, though a member of the consortium, has its own plans. Within the larger framework of its “Trustworthy Computing\r\nInitiative” it calls its interpretation of TCG “Next-Generation Secure Computing Base” (NGSCB), formerly known as\r\nPalladium. It involves not only a new crypto chip but changes to the CPU, chip-set, memory, graphics processor, and USB-hub for connecting\r\nmouse and keyboard. It is essentially a complete re-design of the architecture of the PC. <\/p>\r\n\r\n

Both forms of Trusted Computing (TC) supposedly address security problems and serve the content industry in controlling their works on\r\nthe computers of the users. Both implement the distrust in the user that Stefik mentioned, and are therefore rightfully called Treacherous\r\nComputing.<\/p>\r\n\r\n

TC creates a whole range of problems. Encrypted data becomes unreadable not only when the crypto chip fails but even when the system is\r\nchanged by updating or installing new software. It marks the end of the flexible general-purpose computer as we know it, which will be replaced\r\nby a special purpose machine optimized for the needs of the content industry. Privacy is threatened because DRM is intended to create high-\r\nresolution personalized usage profiles. The fair use provisions of copyright law need to be decided on a case-by-case basis. Since they can\r\n‘t be implemented in technology, TC will abolish them. The TCG claims that in order to work, TC has to become ubiquitous. Legislating\r\nindustry-wide adoption is not opportune today, so the consortium will exert its power through means like bundled licensing to prevent non-TC\r\nsystems from being offered. This obviously raises antitrust issues. It blocks innovation, leads to customer lock-in, and reduces consumer\r\nchoice. The high cost of development and roll-out of the technology will have to be born by consumers.<\/p>\r\n\r\n

A less obvious problem is that the interlocking technological, legislative, and industrial steps are hardening a path of development that\r\nmakes other solutions unthinkable. Since it becomes increasingly clear that DRM and TC are inefficient and a dead-end street with unacceptable\r\ncosts for industries, consumers, and the society at large, alternatives need to be thought about.<\/p>\r\n\r\n

Secure rather than “trusted” computing is possible today through means like firewalls, intrusion detection systems, layered\r\npermissions, and smart cards for generating and storing cryptographic keys. The major security issues, as is well known in computer science,\r\nhave nothing to do with security technology but with their social acceptance. Trust is obviously not a technical feature but a quality in inter-\r\nhuman relations, and the object of a booming field of research into networks of trust and reputation. And also the intricacies of copyright law\r\nlike fair use and parody can only be solved at the social level. What we want is secure computing and trustable social relations.<\/p>\r\n\r\n

This leaves the question of how creators can be compensated in the light of a media industry that only rewards a few stars. Practitioners\r\nand scholars all over the world are working on alternatives that include voluntary contributions and changed business models. Four Microsoft\r\nDRM specialist conclude their famous Darknet paper: “In short, if you are competing with the darknet, you must compete on the darknet\r\n’s own terms: that is convenience and low cost rather than additional security”. The digital revolution allows authors and users to\r\ncircumvent media oligopolies altogether. A promising solution is to extend the existing system of lump-sum levies to the digital realm. No TC\r\nneeded. You trust no one? Well, then allow no one to control your computer. <\/p>\r\n\r\n

 <\/p>\r\n\r\n

Volker Grassmuck is researcher at the Humbold University Berlin, and initiator of the Wizards of OS conferences on the social dynamics\r\nof open source systems.<\/i>
http:\/\/waste.informatik.hu-berlin.de\/Grassmuck\/<\/a><\/p>\r\n\r\n\r\n

 <\/p>\r\n

\r\n

 <\/p>\r\n\r\n\r\n\r\n

Source:
\r\nhttp:\/\/world-information.org\/wio\/wsis\/texts<\/a><\/b>

\r\n\r\n\r\n\r\n<\/div>","protected":false},"excerpt":{"rendered":"

left \u00b7 COPY \u00b7 right The Oxymoron of Intellectual Property   Wouldn‘t it be nice if you were able to trust your computer? If you could be confident that it would do only and exactly what you want it to do? Initiatives for “Trusted” and “Trustworthy Computing” imply that they will turn computers into just […]<\/p>\n","protected":false},"author":1,"featured_media":630399,"parent":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[11],"tags":[],"class_list":["post-400406","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-tema"],"acf":[],"_links":{"self":[{"href":"https:\/\/exindex.hu\/en\/wp-json\/wp\/v2\/posts\/400406","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/exindex.hu\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/exindex.hu\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/exindex.hu\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/exindex.hu\/en\/wp-json\/wp\/v2\/comments?post=400406"}],"version-history":[{"count":1,"href":"https:\/\/exindex.hu\/en\/wp-json\/wp\/v2\/posts\/400406\/revisions"}],"predecessor-version":[{"id":2023835,"href":"https:\/\/exindex.hu\/en\/wp-json\/wp\/v2\/posts\/400406\/revisions\/2023835"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/exindex.hu\/en\/wp-json\/wp\/v2\/media\/630399"}],"wp:attachment":[{"href":"https:\/\/exindex.hu\/en\/wp-json\/wp\/v2\/media?parent=400406"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/exindex.hu\/en\/wp-json\/wp\/v2\/categories?post=400406"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/exindex.hu\/en\/wp-json\/wp\/v2\/tags?post=400406"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}