Intel to include DRM in new Pentium 4 series processors

[Ross Anderson]

I recall a previous debate about the value of trustworthy
booting.

In 1996, after Markus Kuhn and I had published our first
paper on smartcard security, we were attacked by Dave
Maher of AT&T who was working on an early DRM system that
used Clipper technology. He claimed that trusted boot was
one of the critical ingredients, as Brian and Intel do.

We pointed out to him that the Sky smartcards available
at the time (series 7? series 9? I'm at home and don't
have the files to hand) were particularly easy to break
simply because the programmers had computed a checksum on
memory as the first thing they did. If you were diligent,
you used microprobes to get the memory contents out from
the bus as they were fed into the checksummer. If you 
were a bit smarter, you glitched the card at the right 
point and got everything out on the serial port.

Trusted boot is still an article of deep religious faith
with the NSA guys, like multilevel security. But Sky has
given up on it. 

The moral is that you should solve the problem you need 
to, rather than the problem that you think you know how
to. And you should avoid doctrinal rigidity

Ross