Ross's TCPA paper

bear bear at sonic.net
Mon Jun 24 21:54:56 EDT 2002



On Mon, 24 Jun 2002, Ross Anderson wrote:


>The business model, I believe, is this. HP will not dispute that the
>resulting `pruned code' is covered by the GPL. You will be able to
>download it, compile it, check it against the binary, and do what you
>like with it. However, to make it into TCPA-linux, to run it on a
>TCPA-enabled machine in privileged mode, you need more than the code.
>You need a valid signature on the binary, plus a cert to use the TCPA
>PKI. That will cost you money (if not at first, then eventually).
>
>Anyone will be free to make modifications to the pruned code, but in
>the absence of a signature the resulting O/S won't enable users to
>access TCPA features. It will of course be open to competitors to try
>to re-do the evaluation effort for enhanced versions of the pruned
>code, but that will cost money; six figures at least. There will
>likely be little motive for commercial competitors to do it, as HP
>will have the first mover advantages and will be able to undercut them
>on price. There will also be little incentive for philanthropists to
>do it, as the resulting product would not really be a GPL version of a
>TCPA operating system, but a proprietary operating system that the
>philanthropist could give away free. (There are still issues about who
>would pay for use of the PKI that hands out user certs.) The need to
>go through evaluation with each change is completely incompatible with
>the business model of free and open source software.

What they are doing is, in one sense, "bundling" the proprietary
media content with the proprietary operating systems; trying to fix
it so you can't have one without the other. And in this, they may
well succeed.

I think the DRM//media thing needs to be fixed, at the root.  By which
I don't mean denying these clowns their sterile fantasy; I mean just
creating open source alternatives that leave them behind.  We don't
just need open source programmers anymore; we also need open source
bands, singers, actors, directors, animators, and misc. other artists.

Information may want to be free, but it's not going to happen, not for
long, unless the people who create the information *set* it free and
fight to *keep* it free.  Software artists, being sufficiently in demand
to get not-very-oppressive contracts and less financially desperate
on the whole than other artists, have been able to lead the curve in
creating art for the public -- but other kinds of artists need to
follow or the open-source movement is not going to get past this DRM
thing.

				Bear


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list