TCPA / Palladium FAQ
Markus Kuhn
Markus.Kuhn at cl.cam.ac.uk
Thu, 11 Jul 2002 18:42:28 +0100
"Roland Postle" wrote on 2002-07-11 13:32 UTC:
> > Ross's (excellent) FAQ states:-
> > >"Pirate software can be detected and deleted remotely."
"deleted" should probabaly read "disabled".
Also note that in the UK, such functionality might violate the Computer
Misuse Act, which has currently no provisions to allow "unauthorized
modifications" that "prevent or hinder access to any program or data
held in any computer" for the purpose of digital rights management.
http://www.hmso.gov.uk/acts/acts1990/Ukpga_19900018_en_2.htm#mdiv3
[Many other countries have similar laws.]
> > They wish. How exactly does a TCPA machine delete a file if the owner of
> > the machine, suspecting the file may be dodgy, has taken the trivial
> > precaution of burning it onto a CD.
>
> How does the owner of this machine plan to persuade their TCPA-compliant CD
> burner to touch the file? Or indeed persuade any of their TCPA-compliant
> CD/DVD drives to read it back.
A storage medium that can provide such functions while it is connected
to a general-purpose computer is science fiction. Any form of detector
of illicit material in a storage device can be trivially evaded by
encrypting the stored content and labeling it as unprotected arbitrary
data. Any form of positive cryptographic authorization for copyable
content would be completely impractical, not only for Backwards
Compatibility (the holly grail of the PC industry!), but also as it
would prevent the storage of material owned by the end user. Any form of
information flow control has to be implemented in the file access
primitives of the operating system, not in the storage peripherals or
device drivers. Therefore, there will likely never be such a thing as a
"TCPA-compliant CD burner/reader", at least not any that would provide
any meaningful DRM functionality in a PC. It's all up to the CPU and the
operating system kernel in the end.
Markus
--
Markus G. Kuhn, Computer Laboratory, University of Cambridge, UK
Email: mkuhn at acm.org, WWW: <http://www.cl.cam.ac.uk/~mgk25/>