In a recent thread about Windows Vista I went on a small rant about the Trusted Computing component of this new version of Windows. Now aware of how little attention the Trusted Computing (TC) concept has received in the general public (largely in part of how major software developers downplay its importance) I think it would be best to explain the implications of the TC platform and make myself sound a little less loony. In fact, this topic is actually very thoroughly discussed on multiple blogs, articles, and forums and the vast majority of the discussions are warnings of the perils of TC, so at the very least, I'm not alone.
First, I suppose people should understand how the TC platform works and what principles lie behind it. From that we can draw conclusions about what will happen, what may happen, and what won't happen if the Trusted Computing initiative succeeds.
How It Works
Trusted Computing is an initiative led by major software and hardware vendors such as Microsoft and IBM, called the Trusted Computing Platform Alliance. In current computing the visible extent of TC is DRM protected media such as movies and mp3s, where the user needs a license decrypt and examine content. This is implemented in software, such as Microsoft's Windows Media Player, which requires a license to view DRM protected media. However, hardware is now being released to enforce TC, generally referred to as a "fritz chip." For the time being this is implemented in new hardware as a chip on the motherboard, but the ultimate goal is to have fritz chips integrated directly into CPUs in not only PCs, but consoles, phones, and any computing device. The framework for this already exists and such CPUs have already been designed. They just need to be manufactured and distributed.
What does a fritz chip do? The crux of TC is encryption (2048-bit encryption to be specific). The ultimate goal is that all data and software is encrypted and can not be decrypted without licenses and permissions, which are not managed by users, but rather servers controlled by software vendors. This means that documents and programs can not be accessed without permission.
In its earliest phases the impact is minimal because TC is not very much enforced, but rather major vendors are implementing necessary hardware and software that will be required to enforce TC. In other words, for now they are just silently putting the pieces in place.
The desired outcome is that all hardware and software must be certified TC compliant and that TC will be enforced by law. The TCPA is already pushing for TC legislature. The end result would be that all software, data, and content would require licenses and permissions to be run, enforced in a practically unbreakable manner (embedded directly into your hardware).
Consequences
It doesn't sound very unreasonable for software vendors to want to be able to enforce licenses, and really, to enforce the law. The danger is in the many, many implications of Trusted Computing. The reality is that TC will irrevocable change the face of computing as we know it, but the change will be rather gradual. We've discussed some of the "pros" of TC, but let us examine the consequences.
Lock-In: TC compliant software and hardware will not work with non-TC software in hardware. What's more, TC compliant software can not access non-TC content and non-TC software can not access TC content. The conclusion could be drawn that this would give the user a choice between the TC world and the non-TC world. The computing world, however, is already in a certain state of lock-in. Most businesses use Microsoft operating systems and software for personal computers, and are not willing to change to cheaper or free alternatives because the immediate cost of the switch-over is greater than the short-term savings.
On a TC platform, Microsoft software will generate TC content, which means that e-mail, spreadsheets, and word processor documents are access-controlled. Microsoft software will deny access to these documents from non-Microsoft software. This will curtail open software initiatives of all kinds such as Open Office. It will magnify the state of lock-in. Most people will have TC hardware and a TC OS. All software must be TC, and so all content must be TC. The option of using non-TC alternatives is no longer viable, and the state of lock-in is magnified intensely.
Censorship: Not black bars across nipples and asterisks in place of F-bombs, but content deemed unacceptable can be blocked out. Even if you already have the content on your computer, when the access policy servers deny you permission you can't access it. What sort of content might be blocked? Pirated software, music, and movies. Anything that a court deems illegal can be censored. All pirate software can be stopped dead in its tracks instantly. Illegal MP3s can be traced, servers can be blacklisted, and distributors can be identified and prosecuted. The issue here is not that the law can be enforced, but that it can be enforced so utterly and invasively. The feeling of privacy is completely diminished.
Another aspect of TC is that it will enforce copyright and licensing in a completely robotic, rigid manner. We all regularly break laws and disobey licenses and agreements. We do it when we e-mail an interesting picture or article to a friend. We might distribute a DLL we aren't licensed to with an application that we are licensed to. TC would essentially eliminate this reasonable "fair use" and "casual use" of what will become controlled content.
Small Vendors and Open Software: There are major consequences for the computer industry. Presumably all software will have to be TC-certified. The impact might be lesser on general application programming, where developers are only allowed to use TC components to construct their applications and the product can be safely deemed trusted, but TC will hinder the processes of creating, for instance, standards, frameworks, and hardware.
For a relevant demonstration, consider Windows Xp, which warns users about installing uncertified drivers for peripherals. Smaller hardware manufacturers (such as the manufacturer of my wireless mouse and my video game controllers) can't afford Microsoft's certification process. Even this has an impact as it causes concern among some casual users when they install this product which is in reality high quality, reliable, and well priced and perfectly safe. Consider the impact when this sort of product is simply not allowed to exist.
There is also an impact on open software. Projects such as WINE, MONO, Open Office, and React OS (an open-source OS whose goal is to be 100% compatible with Windows) will all be all but gone since they will not be granted permission to interoperate with software they need to or open documents they are designed to.
Then Why Is There So Little Fuss About Trusted Computing?
Software vendors downplay the importance of TC by using a slew of euphemisms and near-propaganda. They generally do not discuss the concept in public channels and when they do they discuss how TC will provide users with security and protection against viruses and other malware and unwanted content. The ironic reality is that this is not what the core principles of TC address. TC will not eliminate malware or mal-content, and in some cases may make it easier for software to operate in an undesired manner (for instance, there would be no more pop-up blockers).
Trust and Control
The term "trust" is intentionally misleading in its ambiguity. While trust is the central pillar of TC, the question is who is trusting who? It ultimately breaks down to control. The idea is not that users trust their computer. Rather, the idea is that software vendors can trust users and their computers to behave as they see fit, hence the control. The goal is that licenses and permissions are enforced in a manner that is practically impossible to circumvent. This sounds reasonable and fair. The threat comes in the implications, some of which were outlined above.
One of the biggest concerns with TC is control. Control is taken from the end user and given to major vendors. Vendors don't seek to trust you in the classical sense of the term--to have faith that you will behave as they would like you to behave. This trust is given a new twist: vendors will trust you because you are forced to behave as they would like. In this sense of the word, trust requires control.
First, I suppose people should understand how the TC platform works and what principles lie behind it. From that we can draw conclusions about what will happen, what may happen, and what won't happen if the Trusted Computing initiative succeeds.
How It Works
Trusted Computing is an initiative led by major software and hardware vendors such as Microsoft and IBM, called the Trusted Computing Platform Alliance. In current computing the visible extent of TC is DRM protected media such as movies and mp3s, where the user needs a license decrypt and examine content. This is implemented in software, such as Microsoft's Windows Media Player, which requires a license to view DRM protected media. However, hardware is now being released to enforce TC, generally referred to as a "fritz chip." For the time being this is implemented in new hardware as a chip on the motherboard, but the ultimate goal is to have fritz chips integrated directly into CPUs in not only PCs, but consoles, phones, and any computing device. The framework for this already exists and such CPUs have already been designed. They just need to be manufactured and distributed.
What does a fritz chip do? The crux of TC is encryption (2048-bit encryption to be specific). The ultimate goal is that all data and software is encrypted and can not be decrypted without licenses and permissions, which are not managed by users, but rather servers controlled by software vendors. This means that documents and programs can not be accessed without permission.
In its earliest phases the impact is minimal because TC is not very much enforced, but rather major vendors are implementing necessary hardware and software that will be required to enforce TC. In other words, for now they are just silently putting the pieces in place.
The desired outcome is that all hardware and software must be certified TC compliant and that TC will be enforced by law. The TCPA is already pushing for TC legislature. The end result would be that all software, data, and content would require licenses and permissions to be run, enforced in a practically unbreakable manner (embedded directly into your hardware).
Consequences
It doesn't sound very unreasonable for software vendors to want to be able to enforce licenses, and really, to enforce the law. The danger is in the many, many implications of Trusted Computing. The reality is that TC will irrevocable change the face of computing as we know it, but the change will be rather gradual. We've discussed some of the "pros" of TC, but let us examine the consequences.
Lock-In: TC compliant software and hardware will not work with non-TC software in hardware. What's more, TC compliant software can not access non-TC content and non-TC software can not access TC content. The conclusion could be drawn that this would give the user a choice between the TC world and the non-TC world. The computing world, however, is already in a certain state of lock-in. Most businesses use Microsoft operating systems and software for personal computers, and are not willing to change to cheaper or free alternatives because the immediate cost of the switch-over is greater than the short-term savings.
On a TC platform, Microsoft software will generate TC content, which means that e-mail, spreadsheets, and word processor documents are access-controlled. Microsoft software will deny access to these documents from non-Microsoft software. This will curtail open software initiatives of all kinds such as Open Office. It will magnify the state of lock-in. Most people will have TC hardware and a TC OS. All software must be TC, and so all content must be TC. The option of using non-TC alternatives is no longer viable, and the state of lock-in is magnified intensely.
Censorship: Not black bars across nipples and asterisks in place of F-bombs, but content deemed unacceptable can be blocked out. Even if you already have the content on your computer, when the access policy servers deny you permission you can't access it. What sort of content might be blocked? Pirated software, music, and movies. Anything that a court deems illegal can be censored. All pirate software can be stopped dead in its tracks instantly. Illegal MP3s can be traced, servers can be blacklisted, and distributors can be identified and prosecuted. The issue here is not that the law can be enforced, but that it can be enforced so utterly and invasively. The feeling of privacy is completely diminished.
Another aspect of TC is that it will enforce copyright and licensing in a completely robotic, rigid manner. We all regularly break laws and disobey licenses and agreements. We do it when we e-mail an interesting picture or article to a friend. We might distribute a DLL we aren't licensed to with an application that we are licensed to. TC would essentially eliminate this reasonable "fair use" and "casual use" of what will become controlled content.
Small Vendors and Open Software: There are major consequences for the computer industry. Presumably all software will have to be TC-certified. The impact might be lesser on general application programming, where developers are only allowed to use TC components to construct their applications and the product can be safely deemed trusted, but TC will hinder the processes of creating, for instance, standards, frameworks, and hardware.
For a relevant demonstration, consider Windows Xp, which warns users about installing uncertified drivers for peripherals. Smaller hardware manufacturers (such as the manufacturer of my wireless mouse and my video game controllers) can't afford Microsoft's certification process. Even this has an impact as it causes concern among some casual users when they install this product which is in reality high quality, reliable, and well priced and perfectly safe. Consider the impact when this sort of product is simply not allowed to exist.
There is also an impact on open software. Projects such as WINE, MONO, Open Office, and React OS (an open-source OS whose goal is to be 100% compatible with Windows) will all be all but gone since they will not be granted permission to interoperate with software they need to or open documents they are designed to.
Then Why Is There So Little Fuss About Trusted Computing?
Software vendors downplay the importance of TC by using a slew of euphemisms and near-propaganda. They generally do not discuss the concept in public channels and when they do they discuss how TC will provide users with security and protection against viruses and other malware and unwanted content. The ironic reality is that this is not what the core principles of TC address. TC will not eliminate malware or mal-content, and in some cases may make it easier for software to operate in an undesired manner (for instance, there would be no more pop-up blockers).
Trust and Control
The term "trust" is intentionally misleading in its ambiguity. While trust is the central pillar of TC, the question is who is trusting who? It ultimately breaks down to control. The idea is not that users trust their computer. Rather, the idea is that software vendors can trust users and their computers to behave as they see fit, hence the control. The goal is that licenses and permissions are enforced in a manner that is practically impossible to circumvent. This sounds reasonable and fair. The threat comes in the implications, some of which were outlined above.
One of the biggest concerns with TC is control. Control is taken from the end user and given to major vendors. Vendors don't seek to trust you in the classical sense of the term--to have faith that you will behave as they would like you to behave. This trust is given a new twist: vendors will trust you because you are forced to behave as they would like. In this sense of the word, trust requires control.