Who doesn't know the celebrated George Orwell's novel 1984? There Orwell speculates about a totalitarian society led by Big Brother, which censors everyone's behavior, even their thoughts. Science fiction? That will never happen actually! Well, not really, really, really...really sure that's impossible, let's see FACTS:

- October, 1998, the US Congress passed the Digital Millennium Copyright Act
- 1999, the Trusted Computing Platform Alliance (TCPA) was founded by Intel, Microsoft (aka Wintel ;), HP, Compaq and IBM. As usual, they will change its name later
- January, 1999, Intel announced new Pentium III processors including Processor Serial Number (PSN)
- February, 1999, privacy defense organizations and consumer groups complaint against Intel
- April, 2000, Intel announces that future processors will not include PSN feature (to read the whole story visit the CDT's related web page)
- December, 2001, Microsoft obtained approval for DRM Os patents Microsoft's DRM OS patent (if you can't reach this, please visit http://www.uspto.gov and search for DRM)
- June, 2002, Microsoft talks about its new Palladium project - Microsoft's Palladium page
- March, 2003, Berkeley holds DRM conference
- April, 2003, TCPA became TCG (Trusted Computing Group) and its founders are: AMD, HP, IBM, Intel and Microsoft
- Maj, 2003, Microsoft discuss details of NGSCB (former Palladium, they changed its name, as usual)
- October, 2004, FCC (Federal Communications Commission) proposed the Broadcast Flag regulation 47 CFR 73.9002
- February, 2005, Phoenix (a BIOS software vendor) announce TrustConnector Device Authentication Software
- March, 2005, Intel talks about LaGrande technology (more about LaGrande)
- May, 2005, DC Circuit Court of Appeals tossed out the Broadcast Flag
- May, 2005, Intel quietly adds DRM to new chips: CDRinfo article and DIGITmag article
- June, 2005, During the WWDC Steve Jobs announces that Apple computers will adopt Intel based processors
- July, 2005, Microsoft announced at WinHEC that NGSCB will not included in Windows Longhorn (or Windows Vista, as you like)
- August, 2005, Mac Os X for x86 Intel processors is illegally available on BitTorrent file sharing newtork. Thanks to that, some users notice a TPM based system inside of the iso image of Mac Os X
- August, 2005, Windows Vista and DRM

Unfortunately 'hot' documents appears and disappears so quickly in the Internet, so please do not blame me in case you get a 404 error because the link doesn't exist any longer! Some of these documents require hard job to be found. Just as an example, go to the Microsoft website and search for 'Palladium'...Yeah, they changed its name. In fact the new Palladium's name is NGSCB. The leitmotif here is: let's change names, so users will be confused sooner or later...
Please notice that:
1) I am not talking about computer related issues only: TCG's specifications involve computers, PDAs, servers and mobile phones
2) I am not talking about a few of hardware manufactures only. Check the TCG member list: there are more than 200 manufacturers joining the TCG

Ok, now I would like to say something about FACTS exposed above:

TCPA (Trusted Computing Platform Alliance) or TCG (Trusted Computing Group) are the same thing: some hardware and software vendors (AMD, HP, Intel, IBM and Microsoft) that would like to take care of users' security. They are really good companies, spending money, resources and time just to provide you the securest PC never built. No more viruses, no more spamming, no more piracy because they are shipping you a hardware chip that assists software in order to protect you. This chip is TPM (Trusted Platform Module). TPM stores keys, passwords and digital certificates. It is 'GLUED' over the motherboard and you can't strip it away. This chip is currently provided by: Atmel, Broadcom, Infineon, Sinosun, STMicroelectronics and Winbond. There are desktop and notebook with TPM available from Dell, Fujitsu, HP, Intel, Lenovo, Toshiba and others. TPM needs strong cryptographic algorithms such as RSA SHA-1 and HMAC. I am talking about 2048 bit encryption: hard to force. The TPM provides secure storage and key generation capabilities, so 'it can be used to create both user and platform identity credential for use in authentication'. Again: 'TCG architecture does not specify where to get these certificates or how much you pay for them. Free certificates work as well as certificates you pay for. There is no single source of certificates in the market today. Anyone can set themselves up as a Certificate Authority using any number of different Certificate Authority packages' (follow this link to know more: TPMFAQ).

What is wrong in that? The answer is: keeping humans (PCs owners) out of the authentication loop. On the first level comes the hardware, then comes TCPA and finally comes the user. In other words the risk is that hardware and software can gain control over users and not the contrary as supposed to be. Remember that hardware and software are not a sort of inanimate objects: they are companies such as Intel, Microsoft, IBM and so on. If you think that it is not a real problem, let me remind you some FACTS (again):

1) November, 2004, PC World published an article stating that 'several printer companies quietly encode the serial number and the manufacturing code of their color laser printers and color copiers on every document those machines produce'. Those codes could be used to track the document back to the printing machine (you). Look at the Xerox DocuColor tracking dot decoding guide provided by EFF
2) 2002, Lexmark sued SCC (a third-party vendor) claiming that they used copyright software to produce the data allowing Lexmark printers to only accept Lexmark cartridges (to protect their ink sales from competitors), and SCC duplicated that software in order to produce those chips
3) Mac Os X for x86 Intel processors was illegally available on BitTorrent network. Anyway, thanks to that, some users found TPM technology inside of the Apple's Developers Transition Kit (Infineon SLD9630 inside of the Apple's Developers Transition Kit )
4) Windows Media Player supports DRM now
5) Currently IBM Thinkpad notebooks support TPM

As you can see these are FACTS not speculations. There are really too many interests involved here. What has DRM to do with TCG activities? DRM stands for Digital Rights Management. It's a technology to protect copyright owners' rights. It's a good thing I think. I don't think piracy is right. I think prices are really too high though. But this is not the right place to discuss about that. So DRM is right but there is a strong temptation to prevent copying altogether. This is bad. Hardware and software vendors want take decision by yourself, preventing you from taking decisions. TPM, NGSCB (former Palladium) and DRM efforts are directed to prevent users from taking decisions by themselves. And that is really bad. The really BAD thing is that hardware and software vendors are already providing goods containing TPM and DRM technology. They do that QUIETLY. In case you are not aware of that, well, 'the work' is in progress. On the IBM web site, they are making available some white papers to explain their point of view about the whole issue. They make differences between TPM and DRM. They are not interested in NGSCB/Palladium and DRM. Well, they say that (you can read their white papers following the links at the end of this page). So the whole thing is a little bit controversial.

Let's talk about that in this forum: Big Brother

M. Silvestri
(not a journalist, just an italian enthusiast computers user who thinks that information must be free)

Meaning of some acronyms:

DMCA: Digital Millennium Copyright Act, a law passed on 1988 by the US Congress to protect Copyright's owner rights
DRM: Digital Rights Management, a technology to protect copyrights' owner rights
LaGrande: Intel's technology inside of new Pentium chips
NGSCB: Next-Generation Secure Computing Base, another name but it is PALLADIUM again
PALLADIUM: 'is Microsofts code name for an evolutionary set of features for the Windows operating system. Combined with a new breed of hardware and applications, these features will give individuals and groups of users greater data security, personal privacy, and system integrity.' (Microsoft PressPass)
PSN: Processor Serial Number, a unique identifier placed inside of Pentium III processors. If you have a Pentium III processor and you have this PSN turned ON, you are unequivocally trackable over the Internet
TCDA: TrustConnector Device Authentication Software. It is placed inside of Phoenix's BIOSes
TCG: Trusted Computing Group, just another name, but it is the former TCPA (they like changing names)
TCPA: Trusted Computing Platform Alliance, a not-profit organization founded by Intel, Microsoft, HP, Compaq and IBM to make 'trustworthy' (really?) computers

REAL Not-profit Organizations:

CDT: Center for Democracy and Technology
EFF: Electronic Frontier Foundation
EPIC: Electronic Privacy Information Center
FSF: Free Software Foundation
GNU: Gnu is Not Unix

Related links:

http://www.research.ibm.com/gsal/tcpa/
http://www.research.ibm.com/gsal/tcpa/tcpa_rebuttal.pdf
http://www.research.ibm.com/gsal/tcpa/
http://www.gnu.org/philosophy/can-you-trust.html
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
http://www.eff.org/Infrastructure/trusted_computing/
http://www.againsttcpa.com/index.shtml
http://www.info-mech.com/drm_home_page.html


Go back