Trusted computing
I still haven't written up my notes from our TCPA meeting and our second Microsoft meeting.
Richard Stallman wrote an essay on trusted computing which makes a lot of good points. But I have trouble with a couple of suggestions:
In fact, it is designed to stop your computer from functioning as a general-purpose computer. Every operation may require explicit permission.
and similarly
Treacherous computing puts the existence of free operating systems and free applications at risk, because you may not be able to run them at all. Some versions of treacherous computing would require the operating system to be specifically authorized by a particular company. Free operating systems could not be installed. Some versions of treacherous computing would require every program to be specifically authorized by the operating system developer. You could not run free applications on such a system. If you did figure out how, and told someone, that could be a crime.
Neither of these concerns is applicable at all to Palladium (as Microsoft has described it to us) or to TCPA (as the TCPA has specified it and as it has been implemented). While Microsoft could be misleading us about Palladium, the TCPA specification is public and implementations of it have already been made.
It's possible that some other trusted computing system could have such a misfeature, but the design of TCPA and Palladium doesn't require these properties at all, as far as I can tell, and they seem to be more or less independent.
I do share the two concerns in this paragraph:
There are proposals already for U.S. laws that would require all computers to support treacherous computing, and to prohibit connecting old computers to the Internet. The CBDTPA (we call it the Consume But Don't Try Programming Act) is one of them. But even if they don't legally force you to switch to treacherous computing, the pressure to accept it may be enormous. Today people often use Word format for communication, although this causes several sorts of problems (see http://www.gnu.org/philosophy/no-word-attachments.html). If only a treacherous computing machine can read the latest Word documents, many people will switch to it, if they view the situation only in terms of individual action (take it or leave it). [...]
I'm not convinced that something like Palladium is the infrastructure contemplated by the CBDTPA. I think Microsoft made a good argument that the current Palladium design is not as restrictive as the measure called for by the CBDTPA and desired by the Hollywood studios. (As Microsoft pointed out to us, there's nothing in the current Palladium design which prevents you from recording, playing, or distributing MP3 or Ogg files, or other media without DRM; there is no watermark detection, and there are even things which appear to create technical obstacles to adding watermark detection where the user doesn't want it.)
However, it's possible to imagine a legal mandate for some kind of trusted computing system, which would be a bad outcome, and I'd love to hear more about what trusted computing vendors are doing to oppose that. (Part of Microsoft's answer seems to be roughly "by not actually designing the things the studios would most like to see", which is not a terrible answer.) I ought to talk more about trusted computing technologies, self-protecting content, and 1201(c)(3), so remind me if I don't get back to that, OK?
The network effects point is also one I take very seriously, perhaps most seriously of all. I've been stressing the anticompetitive applications point when I talk to people -- as I did in an interview with Technology Review earlier today. I see the problem from a slightly different angle, but a closely related one. If you're a minority platform user, network effects can cause real trouble for you. Right now, the extent of that trouble is mitigated by the possibility of doing reverse engineering to create interoperability with majority platforms, even if they use file formats and protocols which someone hoped would remain proprietary. With trusted computing infrastructure, attaining full interoperability with minority platforms may never be possible. (And that's just the beginning of the sorts of troubles which might result from network effects.)
I'm thinking about other things after our meetings last week, and I should try to write them up soon. One of the really interesting things has to do with hardware attacks and trying to assess how easy they are (and what that means). I'm glad Bunnie was able to come to our second meeting with Microsoft.
