[ISN] American tech alliance's security plan attacked

R. A. Hettinga rah at shipwright.com
Thu Jun 20 14:59:36 EDT 2002 

--- begin forwarded text


Status:  U
Date: Thu, 20 Jun 2002 05:00:40 -0500 (CDT)
From: InfoSec News <isn at c4i.org>
To: isn at attrition.org
Subject: [ISN] American tech alliance's security plan attacked
Sender: owner-isn at attrition.org
Reply-To: InfoSec News <isn at c4i.org>

http://www.siliconvalley.com/mld/siliconvalley/3505238.htm

By John Markoff
New York Times
Wed, June 19, 2002

A leading European computer security and privacy advocate is
challenging an effort by the American computer industry to create a
standard to protect software and digital content, calling the plan a
smoke screen by established companies to protect their existing
markets.

In a paper to be presented today at a technical conference in
Toulouse, France, today, Ross Anderson, a University of Cambridge
computer scientist, attacks the Trusted Computing Platform Alliance,
an organization formed in October 1999 by Compaq Computer,
Hewlett-Packard, IBM, Intel and Microsoft. The companies say their
intent is to provide a cryptographic system that would insure privacy
and protect intellectual property.

The technology that the alliance has developed uses an encryption
scheme intended to positively identify computer hardware and operating
system software and determine that their configuration has not been
altered. The companies say it will help detect virus invasions and
provide security for commercial transactions such as online purchases
and banking.

But Anderson argues that the potential exists for the technology to be
used in a more sinister fashion: to create a new form of censorship
based on the ability to track and identify electronic information.

He compares the technology to a proposal by Intel in January 1999 to
insert a distinct serial number into each of its Pentium processors,
an effort that drew widespread consumer opposition after privacy
advocates warned that the technology could be used for surveillance
purposes. The plan was quickly withdrawn.

Anderson also warns that widespread adoption of the standard from the
alliance, known as TCPA, could put large U.S. computer companies in a
position to thwart competition by controlling who gets to use the
standard and on what computer platforms.

``The TCPA appears likely to change the ecology of information goods
and services markets so as to favor incumbents, penalize challengers
and slow down the pace of innovation and entrepreneurship,'' he wrote.

A Microsoft spokesman said the company had not been able to review the
paper and would not comment.

Anderson is a Cambridge computer scientist who is also chairman of the
Foundation for Information Policy Research, a British Internet policy
research group.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo at attrition.org with 'unsubscribe isn'
in the BODY of the mail.

--- end forwarded text


-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list