Sunday, December 09, 2007




Economists who have studied the software industry concluded that the value of a software business is about equal to the total costs of its customers switching out to the competition; both are equal to the net present value of future payments from the customers to the software vendor. This means that an incumbent in a maturing market, such as Microsoft with its Office product, can grow faster than the market only if it can find ways to lock in its customers more tightly. There are some ifs and buts that hedge this theory around, but the basic idea is well known to software industry executives. This explains Bill G's comment that `We came at this thinking about music, but then we realized that e-mail and documents were far more interesting domains'.

7. Where did the technical ideas come from?

The TC concept of booting a machine into a known state is implicit in early PCs where the BIOS was in ROM and there was no hard drive in which a virus could hide. The idea of a trusted bootstrap mechanism for modern machines seems to have first appeared in a paper by Bill Arbaugh, Dave Farber and Jonathan Smith, ``A Secure and Reliable Bootstrap Architecture'', in the proceedings of the IEEE Symposium on Security and Privacy (1997) pp 65-71. It led to a US patent: ``Secure and Reliable Bootstrap Architecture'', U.S. Patent No. 6,185,678, February 6th, 2001. Bill's thinking developed from work he did while working for the NSA on code signing in 1994, and originally applied to rebooting ATM switches across a network. The Microsoft folk have also applied for patent protection on the operating system aspects. (The patent texts are here and here.)

There may be quite a lot of prior art. Markus Kuhn wrote about the TrustNo1 Processor years ago, and the basic idea behind a trustworthy operating system - a `reference monitor' that supervises a computer's access control functions - goes back at least to a paper written by James Anderson for the USAF in 1972. It has been a feature of US military secure systems thinking since then.

8. How is this related to the Pentium 3 serial number?

Intel started an earlier program in the mid-1990s that would have put the functionality of the Fritz chip inside the main PC processor, or the cache controller chip, by 2000. The Pentium serial number was a first step on the way. The adverse public reaction seems to have caused them to pause, set up a consortium with Microsoft and others, and seek safety in numbers. The consortium they set up, the Trusted Computer Platform Alliance (TCPA), was eventually incorporated and changed its name to TCG.

9. Why call the monitor chip a `Fritz' chip?

It was named in honour of Senator Fritz Hollings of South Carolina, who worked tirelessly in Congress to make TC a mandatory part of all consumer electronics. (Hollings' bill failed; he lost his chairmanship of the Senate Committee on Commerce, Science and Trasportation, and he's retiring in 2004. But the Empire will be back. For example, Microsoft is spending a fortune in Brussels promoting a draft Directive on IP enforcement which is seriously bad stuff.)

10. OK, so TC stops kids ripping off music and will help companies keep data confidential. It may help the Mafia too, unless the FBI get a back door, which I assume they will. But apart from pirates, industrial spies and activists, who has a problem with it?

A lot of companies stand to lose out directly, such as information security vendors. When it first launched TC as Palladium, Microsoft claimed that Palladium would stop spam, viruses and just about every other bad thing in cyberspace - if so, then the antivirus companies, the spammers, the spam-filter vendors, the firewall firms and the intrusion detection folk could all have their lunch stolen. That's now been toned down, but Bill Gates admits that Microsoft will pursue the computer security market aggressively: "Because it's a growth area, we're not being that coy with them about what we intend to do."

Meanwhile, the concerns about the effects on competition and innovation continue to grow. The problems for innovation are well explained in a recent New York Times column by the distinguished economist Hal Varian.

But there are much deeper problems. The fundamental issue is that whoever controls the TC infrastructure will acquire a huge amount of power. Having this single point of control is like making everyone use the same bank, or the same accountant, or the same lawyer. There are many ways in which this power could be abused.

-There are 3 points to object here:
--the TCB is not removable and the remote keys of the TCP are in too many hands
--people chat a lot when given money
--technology is reversible when hardware is available and labor is cheap

-The result will be:
--viruses will be able to "revoke" compliant applications six months later
--criminals and terrorists will be able to "revoke" their traces easier
--the FBI may have to fight a new crime of "revocation extorsion"
--anybody on his right mind will switch out the architectures that enforce such junk
--old say, "if it was built by humans, it can be broken by humans" (I add, if they have all the pieces :)

Most of the times, no security is preferrable to a faulty false security
It would be funny if some joker "revoked" micro$oft, LOL
This is a solution for "national vulnerability" instead than the opposite


Labels:






<< Home

This page is powered by Blogger. Isn't yours?

Subscribe to Posts [Atom]