Intel to include DRM in new Pentium 4 series processors
Brian Gladman
Brian Gladman" <brg at gladman.plus.com
Fri, 13 Sep 2002 22:35:02 +0800
----- Original Message -----
From: "Pete Chown" <1@234.cx>
To: <ukcrypto@chiark.greenend.org.uk>
Sent: Friday, September 13, 2002 9:46 PM
Subject: Re: Intel to include DRM in new Pentium 4 series processors
> Brian Gladman wrote:
>
> > This [TCPA secure boxes] seems to me to be an incredibly stupid thing to
allow on a machine that
> > any owner wants to continue to trust.
>
> What happens if one of the boxes gets 0wned? For example, say I wrote
> some software that needed to run in a secure box, but the software
> itself was insecure. Subsequently someone finds this out and takes over
> the boxes on different people's machines where my software was running.
>
> At the moment, the more subtle break-ins are the most dangerous. If a
> web site is defaced it can soon be put back. If a subtle change was
> made to a company's accounting system, it may not be so simple.
>
> We have various procedures to help identify when a break-in of the
> second type has occurred. However, these become much more difficult
> when the hardware protects the malicious code. Any of these boxes could
> contain a time-bomb, and there would be no way for the IT department to
> find out.
Yes - I pointed to these issues in my original posting.
Brian