[Am-info] TCPA / Palladium FAQ

[Erick Andrews]

On Tue, 02 Jul 2002 14:30:20 -0400, John J. Urbaniak wrote:

>
>
>"Fred A. Miller" wrote:
>
>> Long, but VERY good!
>
>I found this gem particularly interesting (emphasis mine):
>
>22. But isn't PC security a good thing?
>
>The question is: security for whom? The average user might prefer not to
>have to worry about viruses, but TCPA won't fix that: viruses exploit
>the way software applications (such as Microsoft Office) use scripting.
>He might be worried about privacy, but TCPA won't fix that; almost all
>privacy violations result from the abuse of authorised access, often
>obtained by coercing consent. If anything, by *entrenching and expanding
>monopolies*, TCPA will increase the incentives to price discriminate and
>thus to harvest personal data for profiling.
>
>The most charitable view of TCPA is put forward by a Microsoft
>researcher: there are some applications in which you want to constrain
>the user's actions. For example, you want to stop people fiddling with
>the odometer on a car before they sell it. Similarly, if you want to do
>DRM on a PC then you need to *treat the user as the enemy. *
>
>Seen in these terms, TCPA and Palladium do not so much provide security
>for the user, but for the PC vendor, the software supplier, and the
>content industry. They do not add value for the user. Rather, they
>*destroy* it, by constraining what you can do with your PC - in order to
>enable application and service vendors to extract more money from you.
>
>...
>
>John

I liked that part the most, too.

I'm sure there are many ways to implement good security, even hardware
dependent methods, but I sure don't want MS and their Intel and RIAA 
cronies doing it.

So what does that mean?  Simple.  It means this should be done through
a *bona fide* standards organization, like IEEE, ECMA, IEC, ISO, or you 
name it.   But no, MS wants to sneak around and spring it on everyone
in the 11th hour.

-- 
Erick Andrews