Trusted Computing
May 22, 2004 11:08 PM   Subscribe

see, now that they have people paying for software they can never own, cannot control, and which is not guaranteed to do anything at all whatsoever, the next step is to have people pay for an appliance which they cannot control , on which to run the software they don't own, cannot control, and which is not guaranteed to do anything at all whatsoever. it's just, you know, to protect us from those awful pirates. you think the bushies are good at this orwellian shit? take a long look at mickeysoft...
posted by quonsar at 2:40 AM on May 23, 2004

There's not really any need to freak out about this, in my eyes (I've thought about this quite a bit.) There's too many people that do not like this one bit and like how open everything is in the first place. The average consumer will be dumb enough to buy it, and something like secure I/O could be great for them, but there'll always be options for people who don't want this shit. There's a lot of places where these changes are just more bullshit overhead that the administrators don't want or need.
posted by angry modem at 7:11 AM on May 23, 2004

The tricky bit is that it will be harder and harder to find hardware that will run without trusted computing in place. In other words, the idea that there will always be other options is naive.
posted by y6y6y6 at 7:34 AM on May 23, 2004

But why is it naive to think that if there is enough of an outcry about this, it can be prevented? The public doesn't know any better right now, but if they do, and they can be shown to have serious doubts that may affect their spending, then maybe the industry won't do it....maybe?
posted by bingo at 8:16 AM on May 23, 2004

So maybe there is a need to freak out about this. Eh?
posted by ook at 8:58 AM on May 23, 2004

I haven't read up on this extensively, but I was under the impression that this didn't prevent you from running particular software per se - there's no part of the system that will for example refuse to boot an operating system which it does not know about, it's just that services will be able to authenticate the layers beneath them - the firmware, operating system, device drivers and so on. This extends to remote services, so if I for example connect to a streaming audio server, if it chooses the software running the other end of the connection can make sure I'm not running something that will be recording the stream to disk.

Clearly this does have implications for your ability to use arbitary software to interact with a service, but it does not prevent you from running any software you like on your own machine. I don't think it will come to be that it's impossible to buy a PC that will run Linux.
posted by Singular at 10:21 AM on May 23, 2004

Besides, some smart Linux dev might very well write an extension that is compliant with the trusted core hardware. Really expensive software, like 3D animation packages, might take advantage of it.

In any case, trusted core computing in whatever form(s) it eventually takes, seems inevitable to me.
posted by bz at 11:11 AM on May 23, 2004

"Trusted computing" initiative is, at its core, a shameless attempt by Microsoft to prevent any form of competition on the PC platform now that Linux has started to make some inroads. As a side benefit for Redmond it will also bury the Mac platform by making it prohibitively expensive to develop for both Windows and Mac; now that Adobe has adopted its Windows-first attitude to development this will ensure that Mac versions of software like Photoshop, InDesign, etc. will be substantially more expensive, if they ever appear at all.

As to whether this will make Windows more stable and secure, ask yourself -- do you really trust Microsoft to make secure and stable products now, when the software leviathan announces critical security flaws on an almost-weekly basis?
posted by clevershark at 12:20 PM on May 23, 2004

Better to announce them than to cover them up, I say. Once again, it's a "damned if you do, damned if you don't" scenario - if Microsoft announces them, it casts a harsh shadow on their products. However, not announcing them is just as bad, as "the evil empire" is now attempting to hide its cluelessness.

The product of security and freedom is a constant. You want freedom, you relinquish security (and vice versa.) This has less to do with making Windows stable and secure as it does with making computing in general stable and secure.

But, as soon as Microsoft's name is mentioned, folks start frothing at the mouth and screaming "Macintosh!" or "Open Source!" Gee, I wonder if a more secure platform would help them, too?

Feh.
posted by FormlessOne at 5:28 PM on May 23, 2004

no part of the system that will for example refuse to boot an operating system which it does not know about, it's just that services will be able to authenticate the layers beneath them - the firmware, operating system, device drivers and so on.

So if your audio hardware refuses to, say, play that MP3 because it can't authenticate that you purchased it through an acceptable-to-the-driver-author retailer, how is that not preventing you from running software on your own machine?

Why shouldn't users be able to "use arbitary software to interact with a service"? Why should I cede the right to use whatever damn software I want to use to interact with a given service?

This doesn't make life computing more secure for the user -- all it does is allow the network to lock the user out for not using officially sanction software. I don't care whether the idea came from Microsoft or the FCC or from Steve Jobs pullin a wheelie on a Segway, it's a lousy idea.
posted by ook at 6:37 PM on May 23, 2004

But, as soon as Microsoft's name is mentioned, folks start frothing at the mouth and screaming "Macintosh!" or "Open Source!" Gee, I wonder if a more secure platform would help them, too?

They already have a more secure platform.
posted by bingo at 6:56 PM on May 23, 2004

Lessig's book Code included a section about this. like ook said, this could put limits on what you are able to use on your own computer. i think the best analogy i could make, from what i understand of this, is if your car is not repaired at the dealership (or a shop they approve), with their parts, but by joe mechanic and he uses some other brand of parts, your car won't start. i think this is pretty devious. how to work around it? well, Code is Law, according to the good professor. if the essential code starts to manifest these protocols, it will be difficult for the non-programming folks like me to get out of using. i know, there is Mac and stuff and i have and would use that again, but then "digital divide", i think, would take on a new meaning.
posted by memnock at 8:39 PM on May 23, 2004

So if your audio hardware refuses to, say, play that MP3 because it can't authenticate that you purchased it through an acceptable-to-the-driver-author retailer, how is that not preventing you from running software on your own machine?

Then you install another MP3 player that will - as long as someone is willing to write MP3 playing software that doesn't make use of the authentication systems then there's nothing to stop you running it. Of course, the major labels will come up with new formats, keep them closed and make it difficult to obtain music any other way, but that still doesn't stop anyone who wants to from releasing music in a format which can be played by anyone.

Why shouldn't users be able to "use arbitary software to interact with a service"? Why should I cede the right to use whatever damn software I want to use to interact with a given service?

Essentially for the same reason that your bank probably wouldn't be too pleased if you made your own version of your credit card because you didn't like the colour of the one they gave you... Basically you don't have a ‘right’ to cede.
posted by Singular at 12:49 PM on May 24, 2004

Then you install another MP3 player that will - as long as someone is willing to write MP3 playing software that doesn't make use of the authentication systems then there's nothing to stop you running it.

The problem is that whether a programmer is willing or not eventually becomes irrelevant. In an extreme implementation, a non-trusted program won't install on a trusted system--its signature will have to match the one listed on the Microsoft "certified trusted" list. Why would Microsoft follow any other route? Does it make any sense to create a trusted DRM platform that allows all manner of non-compliant programs to run on it?

Essentially for the same reason that your bank probably wouldn't be too pleased if you made your own version of your credit card because you didn't like the colour of the one they gave you... Basically you don't have a ‘right’ to cede.

Your point is either too vague or too weak--the bank gives you a credit card, basically as a proxy for a check (drawing from a line of credit). You're free to do anything with the credit card, including using it for jimmying a lock or putting PowerPuff Girls stickers on it. I like to keep mine in a black wallet. In fact, I would say I have the right to keep it in a plain, black wallet. If the issuer told everyone they could only use Microsoft-logo-emblazened wallets (thus being protected by trademark law to only come from a single source) to store their cards or it would become unusable, do you think people would really continue being that issuer's customer? Wouldn't it suck if there was only one bank?
posted by bafflegab at 10:08 PM on May 24, 2004