Intel to include DRM in new Pentium 4 series processors

[Owen Lewis]

----- Original Message -----
From: Brian Gladman <brg@gladman.plus.com>
To: <ukcrypto@chiark.greenend.org.uk>
Sent: 12 September 2002 12:40
Subject: Re: Intel to include DRM in new Pentium 4 series processors


> I expect the following to be true:
> (a) TCPA features can be switched off completely.
> (b) A remote agent requires the explicit permission of the PC owner in
order
> to install a 'trusted box'.
> (c) At the point of a contract between a PC owner and such an agent (e.g.
a
> software supplier) the full consequences of the contract will be set out
> (e.g. no later changes to what the trusted box can do).

Without mutual consent to a chenge in the contract.

> (d) A code of ethics on the use of these features will be published and
> 'agreed' by the community at large.
>
> In the hands of an informed and vigilant owner these safeguards will be
> sufficient in my view to protect their interests in a DRM sense.

I agree with you, Brian.

> But I am very unsure that this will be sufficient.  The _big_ problem here
> is that most owners will not understand these issues and this may mean
that
> suppliers will be able to use these facilities in such a way that the
> balance of power in the market will shift away form PC owners to
suppliers.
> And while it is not unreasonable for suppliers to want some way of
> protecting their 'crown jewels', we all know that this power will not
simply
> be used for this purpose but also to fragment the market and boost profits
> in the way that DVD suppliers have tried to do with region coding.

This seems properly a matter for government legislation. It would be nice to
think that for the EU and EEA where would be a directive. And that the
legislation be coordinated in principle between the EU and the US. (For EU
read also the African, American and Asial trading blocs).

Sad to say though, the manufacturing market is US dominated and, for as long
as that is so, USG will see to it that the board tilts in the direction of
the US (or, at the very least, does not tilt against it). The world was and
will be ever thus.

The only truly lasting and satisfactory solution is to improve the design,
content and manufacturing talent in other regions - and that is definitely
beyond the scope of discussion here.

Owen


>
> Hence, while I disagree with Ross on the GPL issue, I support Ross's
> concerns here.
>
> But I also have additional worries.  While it is true that some TCPA
> features can help in a limited way to prevent virii, worms etc., other
> features might well prove to be a hacker's paradise.  A user who does not
> fully understand the nature of the 'trusted boxes' on their machine could
> easily be persuaded to allow the installation of a box that gave a hacker
a
> powerful influence over the operation of their machine.  Those who have
> studied crypto-virus techniques will immediately recognise the seriousness
> of this form of attack and that a 'trusted box' would be a pretty well
ideal
> hiding place from which to conduct operations of this kind.
>
> The TCPA way around this is to suggest that the ability to install trusted
> boxes will be controlled by a third party called a 'privacy CA'.  This CA
> will, in effect, say to the PC owner "the remote agent who wants to
install
> a trusted box on your machine is a good guy" and to the remote agent "the
PC
> on which you want a trusted box can supply one".  And I see this as a big
> problem since I am _very_ sceptical about the security value of third
party
> CAs.
>
> At this stage, therefore, I don't have a problem with TCPA features that
are
> designed to allow PC owners to exert better control over the security of
> their machines (secure boot, OS signing etc.).  But in respect of the DRM
> features, I am distinctly uneasy about their functionality in the hands of
> the average PC owner and on the way in which this may change the balance
of
> power in the market.  I am also worried that these features might actually
> help very powerful forms of attack and I am unconvinced about the reliance
> of key aspects of the architecture on third party CA principles.
>
> I apologise for the length of this post but this is a very important issue
> and one that deserves careful study.  I hope that by setting out my own
> thoughts I can encourage others to take a look for themselves (TCPA
> specifications are openly available). In my view it is vital that these
> developments are subjected to careful and determined open scrutiny before
> they enter the marketplace.
>
> Finally I want to make it clear that I am consulted on TCPA regularly and
> also consulted by a number of the companies who are building related
> implementations.  At no time have I ever taken money for this consultation
> work and where I have signed NDAs these only constrain my ability to
reveal
> proprietary implementation details.  At no time have I hidden the fact
that
> I do this work, nor have I ever advertised the fact for self
aggrandisement
> purposes.
>
>   Brian Gladman
>
>
>
>
>
>
>