text warez on Sun, 30 Jun 2002 01:57:36 +0200 (CEST)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> TCPA / Palladium Frequently Asked Questions

  TCPA / Palladium Frequently Asked Questions

  Version 0.1 26 June 2002

  1. What are TCPA and Palladium? 

  TCPA stands for the Trusted Computing Platform Alliance (TCPA), an
  led by Intel. Their website is here. Their stated goal is `a new computing

  platform for the next century that will provide for improved trust in the
  platform.' Palladium appears to be a Microsoft version which will be
  out in future versions of Windows, will build on TCPA hardware, and will
  some extra features. The Palladium announcement appears to have been
  by a paper I presented on the security issues relating to open source and
  software at a conference on Open Source Software Economics in Toulouse on
  20th June. This paper criticised TCPA as anticompetitive. This has been
  confirmed by new revelations over the past few days. 

  2. What does TCPA / Palladium do, in ordinary English? 

  Its obvious application is to embed digital rights management (DRM)
  in the PC. The less obvious implications include making it easier for 
  application software vendors to lock in their users. 

  3. So I won't be able to play MP3s on my PC any more?

  With existing MP3s, you may be all right for some time. But in future,
  Palladium will make it easier to sell music, movies, books and other
  packaged so that people can play them on their PCs but not copy them. You 
  might be allowed to lend your copy of some digital music to a friend, but
  your own backup copy won't be playable until your friend gives you the
  copy back. Quite possibly you will not be able to lend music at all. (It
  likely that the music publisher will be able to make the rules - and to
  them at will by remote control.) 

  4. How does it work? 

  TCPA provides for a monitoring component to be mounted in future PCs. The 
  likely implementation in the first phase of TCPA is a `Fritz' chip - a 
  smartcard chip or dongle soldered to the motherboard. 

  When you boot up your PC, Fritz takes charge. He checks that the boot ROM
  as expected, executes it, measures the state of the machine; then checks
  first part of the operating system, loads and executes it, checks the
state of 
  the machine; and so on. The trust boundary, of hardware and software 
  considered to be known and verified, is steadily expanded. A table is 
  maintained of the hardware (audio card, video card etc) and the software
  drivers, etc); if there are significant changes, the machine must be re-
  certified. The result is a PC booted into a known state with an approved 
  combination of hardware and software. Control is then handed over to 
  enforcement software in the operating system - this is presumably
Palladium if 
  your operating system in Windows. 

  Once the machine is in this state, Fritz can certify it to third parties:
  example, he will do an authentication protocol with Disney to prove that
  machine is a suitable recipient of `Snow White'. The Disney server then
  encrypted data, with a key that Fritz will use to unseal it. Fritz makes
  key available only so long as the environment remains `trustworthy'. For
  purpose, `trustworthy' means that the media player application won't make
  unauthorised copies of content. 

  5. What else can TCPA and Palladium be used for? 

  TCPA can be used to implement much stronger access controls on
  documents. For example, you might arrange that your soldiers can only
  word processing documents marked at `confidential' or above, and that only
  TCPA PC with a certificate issued by your own armed forces can read such a

  document. This is called `mandatory access control', and governments are
  on it. The Palladium announcement implies that the Microsoft product will 
  support this. Once TCPA is widespread, corporations can do this too - and
  for that matter, can the Mafia. This can make life harder for spies,
  whistleblowers, and FBI agents alike (though it is always possible that
  FBI will get some kind of access to master keys). A whistleblower who
emails a 
  document to a journalist will achieve little, as the journalist's Fritz
  won't give him the key to decipher it. 

  6. This all seems on balance fairly worthwhile. But surely Intel are not 
  investing all this money just for charity? How do they propose to make
  out of it? 

  My spies at Intel tell me that it was a defensive play. As they make most
  their money from PC microprocessors, and have most of the market, they can

  only grow their company by increasing the size of the market. They are 
  determined that the PC will be the hub of the future home network. If 
  entertainment is the killer application, and DRM is going to be the
  enabling technology, then the PC has to do DRM or risk being displaced in
  home market. 

  7. Where did the idea come from? 

  It first appeared in a paper by Bill Arbaugh, Dave Farber and Jonathan
  ``A Secure and Reliable Bootstrap Architecture'', in the proceedings of
  IEEE Symposium on Security and Privacy (1997) pp 65-71. It led to a US
  ``Secure and Reliable Bootstrap Architecture'', U.S. Patent No. 6,185,678,

  February 6th, 2001. Jonathan's thinking came from work done at Cambridge
  he was here on sabbatical in 1996(ish): see here for the most relevant 
  published work. 

  The basic idea, of a specially trusted `reference monitor' that supervises
  computer's access control functions, goes back to the early 1970s and has
  a feature of US military secure systems thinking since then. 

  8. How is this related to the Pentium 3 serial number? 

  Intel started an earlier program in about 1997 that would have put the 
  functionality of the Fritz chip inside the main PC processor, or the cache

  controller chip, by 2000. The Pentium serial number was a first step on
  way. The adverse public reaction seems to have caused them to pause, set
up a 
  consortium with Microsoft and others, and seek safety in numbers. 

  9. Why call the monitor chip a `Fritz' chip? 

  In honour of Senator Fritz Hollings of South Carolina, who is working 
  tirelessly in Congress to make TCPA a mandatory part of all consumer 

  10. OK, so TCPA stops kids ripping off music and will help companies keep
  confidential. It may help the Mafia too, but apart from the pirates, the 
  industrial spies and the FBI, who has a problem with it? 

  A lot of companies stand to lose out. For example, the European smartcard 
  industry may be hurt, as the functions now provided by their products
  into the Fritz chips in peoples' laptops, PDAs and third generation mobile

  phones. In fact, much of the information security industry may be upset if

  TCPA takes off. 

  But there are much deeper problems. The fundamental issue is that whoever 
  controls the Fritz chips will acquire a huge amount of power. There are
  ways in which this power could be abused, and Intel has refused to answer 
  questions on the governance of the TCPA consortium. 

  11. How can TCPA be abused? 

  One of the worries is censorship. An application enabled for TCPA, such as
  media player or word processor, will typically have its security policy 
  administered remotely by a server. This is so that content owners can
react to 
  new piracy techniques. However, the mechanisms might also be used for 

  For example, the police could get an order against a specific pornographic

  picture of a child, and cause the policy servers to instruct all PCs under

  their control to search for it and notify them if it were found. As
  example, the scientologists have a record of getting courts to give them 
  injunctions against their critics. In future, if they can convince a court

  that a certain document should be banned, they might also get an order
  a policy server. 

  12. Scary stuff. But can't you just turn it off? 

  Sure - one feature of TCPA is that the user can always turn it off. But
  your TCPA-enabled applications won't work, or won't work as well. It will
  like switching from Windows to Linux nowadays; you may have more freedom,
  end up having less choice. If the applications that use TCPA / Palladium
  more attractive to the majority of people, you may end up simply having to
  them - just as many people have to use Microsoft Word because all their 
  friends and colleagues send them documents in Microsoft Word. 

  13. So economics are going to be significant here? 

  Exactly. The biggest profits in IT goods and services markets tend to go
  companies that can establish platforms (such as Windows, or Word) and
  compatibility with them, so as to manage the markets in complementary 
  products. For example, some mobile phone vendors use challenge-response 
  authentication to check that the phone battery is a genuine part rather
than a 
  clone - in which case, the phone will refuse to recharge it, and may even 
  drain it as quickly as possible. Some printers authenticate their toner 
  cartridges electronically; if you use a cheap substitute, the printer
  downgrades from 1200 dpi to 300 dpi. The Sony Playstation 2 uses similar 
  authentication to ensure that memory cartridges were made by Sony rather
  by a low-price competitor. 

  TCPA appears designed to maximise the effect, and thus the economic power,
  such plays. Given Microsoft's record of competitive strategic plays, I
  that Palladium will support them. So if you control a TCPA-enabled 
  application, then your policy server can enforce your choice of rules
  which other applications will be allowed to use the files your code
  These files can be protected using strong cryptography, with keys
  by the Fritz chips on everybody's machines. What this means is that a 
  successful TCPA-enabled application will be worth much more money to the 
  software company that controls it, as they can rent out access to their 
  interfaces for whatever the market will bear. So there will be huge
  on software developers to enable their applications for TCPA; and if
  is the first operating system to support TCPA, this will give it a
  advantage over GNU/Linux and MacOS with the developer community. 

  14. But hang on, doesn't the law give people a right to reverse engineer 
  interfaces for compatibility? 

  Yes, and this is very important to the functioning of IT goods and
  markets; see Samuelson and Scotchmer, ``The Law and Economics of Reverse 
  Engineering'', Yale Law Journal, May 2002, 1575-1663. But the law in most 
  cases just gives you the right to try, not to succeed. Back when
  meant messing around with file formats, there was a real contest - when
  and Word Perfect were fighting for dominance, each tried to read the
  files and make it hard for the other to read its own. However, with TCPA
  game is over; without access to the keys, or some means of breaking into
  chips, you've had it. (Locking competitors out of application file formats
  one of the motivations for TCPA: see a post by Lucky Green.) 

  15. So can't TCPA be broken? 

  The early versions will be vulnerable to anyone with the tools and
patience to 
  crack the hardware (e.g., get clear data on the bus between the CPU and
  Fritz chip). However, from phase 2, the Fritz chip will disappear inside
  main processor - let's call it the `Hexium' - and things will get a lot 
  harder. Really serious, well funded opponents will still be able to crack
  However, it's likely to go on getting more difficult and expensive. 

  Also, in many countries, cracking Fritz will be illegal. In the USA the 
  Digital Millennium Copyright Act already does this, while in the EU the 
  situation may vary from one country to another, depending on the way
  regulations implement the EU Copyright Directive. 

  Also, in many products, compatibility control is already being mixed quite

  deliberately with copyright control. The Sony Playstation's authentication

  chips also contain the encryption algorithm for DVD, so that reverse
  can be accused of circumventing a copyright protection mechanism and
  under the Digital Millennium Copyright Act. The situation is likely to be 
  messy - and that will favour large firms with big legal budgets. 

  16. What's the overall economic effect likely to be? 

  The content industries may gain a bit from cutting music copying - expect
  Michael Jagger to get very slightly richer. But I expect the most
  economic effect will be to strengthen the position of incumbents in 
  information goods and services markets at the expense of new entrants.
  may mean a rise in the market cap of firms like Intel, Microsoft and IBM -
  at the expense of innovation and growth generally. The majority of the 
  innovations that spur economic growth are not anticipated by the
  of the platforms on which they are based; and technological change in the
  goods and services markets is usually cumulative. Giving incumbents new
  to make life harder for people trying to develop novel uses for their
  will create all sorts of traps and perverse incentives. 

  There may also be distinct regional effects. For example, many years of 
  government sponsorship have made Europe's smartcard industry strong, at
  cost of crowding out other innovation. Senior industry people to whom I
  spoken anticipate that once the second phase of TCPA puts the Fritz 
  functionality in the main processor, this will hammer smartcard sales.
Many of 
  the functions that smartcard makers want you to do with a card will
instead be 
  done in the Fritz chips of your laptop, your PDA and your mobile phone. If

  this industry becomes a casualty of TCPA, Europe could be a significant
  loser. Other large sections of the information security industry may also 
  become casualties. 

  17. Who else will lose? 

  We expect that copyright regulations due out later this year in Britain
  deprive the blind of the fair-use right to use their screen scraper
  to read e-books. Normally, a bureaucratic stupidity like this might not
  much, as people would just ignore it, and the police would not be idiotic 
  enough to prosecute anybody. But if the copyright regulations are enforced
  hardware protection mechanisms that are impractical to break, then the
  may lose out seriously. (There are many other marginal groups under

  18. Ugh. What else? 

  TCPA may undermine the General Public License (GPL), the license under
  many free and open source software products are distributed. The GPL is 
  designed to prevent the fruits of communal voluntary labour being hijacked
  private companies for profit. Anyone can use and modify software
  under this licence, but if you distribute a modified copy, you must make
  available to the world for free. 

  At least one company has started a development program to produce a TCPA-
  enhanced version of GNU/linux. How could they make money out of this?
  making a TCPA version of the product will involve tidying up the code and 
  removing a number of features. The sponsor will then submit the pruned
code to 
  an evaluation lab, together with a mass of documentation for the work
  been done, including a whole lot of analyses showing why various known
  on the code don't work. 

  The trick is this. Although the modified program will be covered by the
  and will be free to everyone, it will not make full use of the TCPA
  unless you have it signed, and have a certificate that enables you to use
  TCPA Public Key Infrastructure (PKI). That is what will cost you money (if
  at first, then eventually). 

  You will still be free to make modifications to the modified code, but you

  won't be able to sign the resulting code (at least, not with a key that
  make third parties trust the code). Something similar happens with the
  supplied by Sony for the Playstation 2; the console's copy protection 
  mechanisms prevent you from running an altered binary, and from using a
  of the hardware features. Even if a philanthropist does a not-for-profit 
  secure linux, the resulting product would not really be a GPL version of a

  TCPA operating system, but a proprietary operating system that the 
  philanthropist could give away free. (There are still issues about who
  pay for use of the PKI that hands out user certs.) 

  People believed that the GPL made it impossible for a company to come
  and steal code that was the result of community effort. That may have been
  case so long as the processor was open, and anyone could access supervisor

  mode. But TCPA changes that. Once the majority of PCs on the market are
  enabled, the GPL won't work as intended. 

  19. I can see that some people will get upset about this. 

  And there are many other political issues -- the transparency of
processing of 
  personal data enshrined in the EU data protection directive; the
  issue, of whether copyright regulations will be written by national 
  governments, as at present, or an application developer in Portland or 
  Redmond; whether TCPA will be used by Microsoft as a means of killing off 
  competitors such as Apache; and whether people will be comfortable about
  idea of having their PCs operated, in effect, under remote control --
  that could be usurped by courts or government agencies without their 

  20. But hang on, isn't TCPA illegal under antitrust law? 

  Intel has honed a `platform leadership' strategy, in which they lead
  efforts to develop technologies that will make the PC more useful, such as
  PCI bus and USB. Their modus operandi is to set up a consortium to share
  development of the technology, have the founder members of the consortium
  some IP into the pot, publish a standard, get some momentum behind it,
  license it to the industry on the condition that licensees in turn cross-
  license any interfering IP of their own, at zero cost, to all corsortium 

  The positive view of this strategy was that Intel grew the overall market
  PCs; the dark side was that they prevented any competitor achieving a
  position in any technology that might have threatened Intel's dominance of
  PC hardware. Thus, Intel could not afford for IBM's microchannel bus to 
  prevail, not just as a competing nexus of the PC platform but also because
  had no interest in providing the bandwidth needed for the PC to compete
  high-end systems. The effect in strategic terms is somewhat similar to the
  Roman practice of demolishing all dwellings and cutting down all trees
  to their roads or their castles. No competing structure may be allowed
  Intel's platform; it must all be levelled into a commons. But a nice,
  well-regulated commons: interfaces should be `open but not free'. 

  The consortium approach has evolved into a highly effective way of
  antitrust law. So far, the authories do not seem to have been worried
  such consortia - so long as the standards are open and accessible to all 
  companies. They may need to become slightly more sophisticated. 

  21. When is this going to hit the streets? 

  It has. The first specification was published in 2000. In May, IBM
  the T-30 version of the Thinkpad which can be bought with a TCPA-compliant

  security subsystem. Some of the features in Windows XP and the X-Box are
  features: for example, if you change your PC configuration more than a
  you have to reregister all your software with Redmond. The train is

  22. But isn't PC security a good thing? 

  The question is: security for whom? The average user might prefer not to
  to worry about viruses, but TCPA won't fix that: viruses exploit the way 
  software applications (such as Microsoft Office) use scripting. He might
  worried about privacy, but TCPA won't fix that; almost all privacy
  result from the abuse of authorised access, often obtained by coercing 
  consent. If anything, by entrenching and expanding monopolies, TCPA will 
  increase the incentives to price discriminate and thus to harvest personal

  data for profiling. 

  The most charitable view of TCPA is put forward by a Microsoft researcher:

  there are some applications in which you want to constrain the user's
  For example, you want to stop people fiddling with the odometer on a car 
  before they sell it. Similarly, if you want to do DRM on a PC then you
need to 
  treat the user as the enemy. 

  Seen in these terms, TCPA and Palladium do not so much provide security
  the user, but for the PC vendor, the software supplier, and the content 
  industry. They do not add value for the user. Rather, they destroy it, by 
  constraining what you can do with your PC - in order to enable application
  service vendors to extract more money from you. 

  No doubt Palladium will be bundled with new features so that the package
as a 
  whole appears to add value in the short term, but the long-term economic, 
  social and legal implications require serious thought. 

  Ross Anderson


GMX - Die Kommunikationsplattform im Internet.

#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: majordomo@bbs.thing.net and "info nettime-l" in the msg body
#  archive: http://www.nettime.org contact: nettime@bbs.thing.net