|
From: | Michal Suchanek |
Subject: | Re: Part 1: Ownership and Contracts |
Date: | Fri, 5 May 2006 15:26:57 -0700 |
On 5/4/06, Pierre THIERRY <address@hidden> wrote:
Scribit Marcus Brinkmann dies 04/05/2006 hora 15:34: > I am not saying that they in fact, do have that control. I am only > saying that they are the ones that could have that control. This > makes them nominally, the one in control, even if they do not make use > of that. Even if they _can not_ make use of it, because they took > precautions to make it impossible for them to exercise that control. > The reason is that you have no guarantee that they in fact, took these > precautions, and in fact, do not exercise that control. I'm pretty sure your text about DRM is written with the strong assumption that would use this control. At least that is how I've understood your text. But this control is a very very hypothetical one, and I'm not even sure it is theoretically possible. There you do not take active defense, but merely paranoid abusive defense, IMHO.
I do not think that this is very hypothetical. The manufacturer of the TPM chips is in a position where their components cannot be verified (because their function requires that) yet the chips are the central part that guarantees the security and reliability of a DRM system (or any system using the TPM chip). A similar example of security model that relies on central authority is SSL encryption. There are CAs (certificate authorities) who issue certificates for SSL enabled web servers. Web browsers ship with CA root certificates preinstalled so that they can check that a web server has a 'properly' issued certificate. There are CA policies, CA certifications, and whatnot. Yet there is a bug [1] in Mozilla's bugzilla describing problems of this system at great lengths (among some useless whining). One of the comments also mentions that Verisign (one of the certified, 'trustworthy' CAs) issued Microsoft code signing certificate to a hacker. Admittedly I have not verified this. But the comment is there for quite some time and I am quite positive that somebody would have corrected it if it was without merit. Anyway, the point is that such a 'trusted' third party is in a position where their procedures cannot be verified to be correct. You can only tell that something went wrong after the fact. Perhaps it could take quite some time to discover. And while a certificate can be revoked, revoking TPM chips may be much harder. Thanks Michal [1]https://bugzilla.mozilla.org/show_bug.cgi?id=215243
[Prev in Thread] | Current Thread | [Next in Thread] |