Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Whatever happened to Microsoft's DRM plan?

Verily I say unto thee, that Linonut spake thusly:
> * Erik Funkenbusch peremptorily fired off this memo:

>> Yep.  All the TPM chip is is a hardware repository for encryption 
>> keys.

Oh dear, I thought it was only your protégé Smith who feigned obtuseness
to obfuscate the truth. Here's the part you missed:

[quote]
Remote attestation allows changes to the user's computer to be detected
by authorized parties. For examples, software companies can avoid users
tampering with their software to circumvent technological protection
measures.
[/quote]

http://en.wikipedia.org/wiki/Trusted_computing#Remote_attestation

This is an abuse of technology that violates consumers' fair-use rights,
that might (for example) be used to prevent making (or subsequently
using) backup copies of purchased media. IOW this is DRM.

>> For example, it's hard to have a fully encrypted hard drive without
>> something like a TPM (otherwise you have to carry keys on a USB 
>> drive or CD or something similar)
> 
> Isn't the latter kind of what you'd want to do anyway, to keep the 
> machine safe when you're not around?

I would imagine it's easier to access (and subsequently hack) keys
stored on a standard mass storage device than a TPM, but I suppose that
depends on the hacker and his tools. Of course the upside to using
removable storage is that the hacker must first /find/ and steal that
device (in addition to the machine being hacked) before he can proceed.

In either case, there's always cold-boot attacks:

[quote]
Generally, pushing the security down to the hardware level in
conjunction with software provides more protection than a software-only
solution that is more easily compromised by an attacker. However even
where a TPM is used, the key is still vulnerable while a software
application that has obtained it from the TPM is using it to perform
encryption/decryption operations, as has been illustrated in the case of
a cold boot attack.
[/quote]

http://en.wikipedia.org/wiki/Trusted_Platform_Module

-- 
K.
http://slated.org

.----
| "Stallman has frequently pointed out, Free Software is by no means
| antithetical to making money: it's just a question of how you make
| money." ~ Glyn Moody: http://tinyurl.com/4wn2l2 (ComputerworldUK)
`----

Fedora release 8 (Werewolf) on sky, running kernel 2.6.23.8-63.fc8
 17:28:21 up 190 days, 14:03,  2 users,  load average: 0.05, 0.05, 0.06

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index