[DMCA-Activists] BBC/Thompson: Price of "Trusted" Computing?

[Seth Johnson]

> http://news.bbc.co.uk/go/pr/fr/-/2/hi/technology/4360793.stm


What Price for 'Trusted PC Security'?


By Bill Thompson

2005/03/18 12:11:00 GMT


You can now buy "trusted computers", but can we really trust the
PC vendors, asks technology analyst Bill Thompson.


If you have recently bought an IBM ThinkVantage computer, a Dell
Optiplex, or one of a whole range of laptops from Toshiba,
HP/Compaq or Samsung then you may have got more for your money
than you realised.

Inside your shiny new PC is an extra chip called the trusted
platform module (TPM) that can be used for a range of
hardware-based security features.

Eventually the TPM will be built into the main processor itself,
and if the trusted computing group has its way then you will find
one in every piece of hardware you own, from mobile phones to TV
set top boxes to children's toys.

But for the moment it is a separate piece of hardware, providing
enhanced security features to programs that know how to use them.

And as part of a well-designed network system, it can provide a
lot more security than we enjoy today.

A big advantage of the TPM is that it is hardware-based.

Trust the way forward?

At the moment most of us rely on software to keep our information
safe and secure.

It might be password-protected user accounts, data encryption
programs or a firewall, but it all relies on program code running
on an inherently insecure processor.

Because the trusted computing base is also used to make digital
rights management systems more secure, this will give content
providers a lot more control over what we can do with music,
movies and books that we have bought from them

Hardware security is less common, even if it is a lot safer.

This is partly because it is more expensive to give someone a
smartcard than a password, but also because its more work for
users, systems administrators and managers.

As a result we settle for second best.

So when it comes to computer security, trusted systems could be a
major step forward.

After all, if you have a laptop that will only run programs that
have been digitally signed then it will be a lot harder for virus
writers to get their malicious code to run.

And if all your files are locked automatically then even if you
get your computer stolen your personal data will be safeguarded.

At the moment support for trusted hardware is not built into
major operating systems.

Instead you have to use special software, like HP's ProtectTools
or Wave Systems' Embassy.

This provides file encryption, password management and identity
protection, usually for business users who connect to company
networks.

Full support for the trusted computing specification will not be
available from Microsoft until the next release of Windows,
"Longhorn".

This will include what Microsoft, in a typical act of
obscurantism, calls the "Next Generation Secure Computing Base",
and it will give user-level programs access to the trusted
computing hardware.

When that happens we can expect to see a lot of publicity around
the new capabilities, and no doubt the Windows security centre
will encourage users to turn on their trusted computing
capability just as they turn on their firewall.

However there is a downside to the increased security from
viruses, spyware and data theft that this will provide.

Added extras?

Because the trusted computing base is also used to make digital
rights management (DRM) systems more secure, this will give
content providers a lot more control over what we can do with
music, movies and books that we have bought from them.

We have seen recently how allowing digital rights management
services into our lives can lead to unwelcome consequences.

Users of Apple's iTunes used to be able to stream the music they
had brought to up to five other iTunes users, a great way of
letting your mates discover your music collection.

But the latest version of iTunes limits this capability, just as
an earlier upgrade reduced the number of times you could burn a
selected playlist of purchased songs to a CD.

Another took away the ability to play songs downloaded from
Real's Harmony service on your iPod.

Apple can do this because they wrote the software and they
control the rights management.

Once it is embedded in trusted hardware it will be even harder
for dedicated programmers to find their way around these
restrictions and give us back the fair use rights that should be
guaranteed under copyright law.

Similarly, users of TiVo digital video recorders have found that
they cannot record some shows, and other programmes that they
have recorded are automatically deleted after a day.

This happens because of changes that TiVo have made to their
software, and the users cannot control it.

One wonders whether hardware-based DRM will work for those who
believe that locking-down digital content is a bad idea, and that
the flexibility of copyright law is something that should be
embraced and not taken away.

It will not work because of the fundamental flaw at the heart of
the system: in order for the purchaser to view the content it has
to be unlocked.

Once it is unlocked then someone, somewhere, will figure out a
way to make a copy of the unlocked version.

And once an unlocked version leaks onto the network it will be
uncontrollable.

The efforts going into DRM would be much better spent building
efficient distribution services, finding business models that are
based on trusting your customers, and offering high quality
downloads at fair prices.

What we want is not so much a trusted computing platform as a
trusted customer platform.

The record companies and the film industry need to recognise that
most of us, most of the time, will pay a reasonable amount for
good quality material.

They will benefit more by building a market in which I can share
songs with my friends, record shows I want to watch later, and
burn CDs for my kids; a market which respects the spirit of
copyright law and does not seek to replace it by restrictive
contracts or end user agreements.

We need to ensure that trusted computing remains under the
control of the users and is not used to take away the freedoms we
enjoy today.

Bill Thompson is a regular commentator on the BBC World Service
programme Go Digital.

-- 

DRM is Theft!  We are the Stakeholders!

New Yorkers for Fair Use
http://www.nyfairuse.org

[CC] Counter-copyright: http://realmeasures.dyndns.org/cc

I reserve no rights restricting copying, modification or
distribution of this incidentally recorded communication. 
Original authorship should be attributed reasonably, but only so
far as such an expectation might hold for usual practice in
ordinary social discourse to which one holds no claim of
exclusive rights.