full-disk subversion standards released

Thor Lancelot Simon tls at rek.tjls.com
Fri Jan 30 20:35:28 EST 2009


On Fri, Jan 30, 2009 at 04:08:07PM -0800, John Gilmore wrote:
> 
> The theory that we should build "good and useful" tools capable of
> monopoly and totalitarianism, but use social mechanisms to prevent
> them from being used for that purpose, strikes me as naive.

Okay.  In that case, please, explain to me why you are not opposed
to the the manufacture and sale of digital computers.

More gently: it seems to me that there is an "only" missing from your
sentence above, or else it is almost by necessity a straw-man argument:
it will, if consistently applied as you have stated it, hold against
various tools I do not believe you actually oppose the manufacture or
sale of, such as printing presses, guns, and door locks.

Many of TCG's documents purport to specify mechanisms that are in fact
generally useful for beneficial purposes, such as boot-time validation
of software environments, secure storage of cryptographic keys, or
low-bandwidth generation of good random numbers.

Do you actually mean that such things should not be built, or only that
you are suspicious of TCG's intent in building them?

In text I've snipped, you claimed to describe TCG's charter.  I must
admit that I don't know if they even actually have such a document.
But, on the other hand, they describe their own purpose like this
(these are their actual words):

"The Trusted Computing Group (TCG) is a not-for-profit organization formed to
develop, define, and promote open standards for hardware-enabled trusted
computing and security technologies, including hardware building blocks and
software interfaces, across multiple platforms, peripherals, and devices. TCG
specifications will enable more secure computing environments without
compromising functional integrity, privacy, or individual rights. The primary
goal is to help users protect their information assets (data, passwords, keys,
etc.) from compromise due to external software attack and physical theft."

I happen to think that if those _stated_ goals were achieved, that would
be a good thing, and that there are in fact hardware and software mechanisms
that could help achieve them -- some of which TCG has made stabs at
specifying, though they've generally missed the mark.

Leaving aside your assertions about TCG's _actual_ goals -- which may be
correct -- are you really of the position that what's described above,
no matter who were to build it nor how well, would be only useful for
"monopoly and totalitarianism"?

Thor

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list