September 22, 2020

Schoen vs. Stallman on "Trusted Computing"

Seth Schoen raises two interesting issues in his response to Richard Stallman’s essay on “trusted computing.” (To see Seth’s posting, click here and scroll down to the “Trusted computing” heading.)

Stallman says

[Trusted computing] is designed to stop your computer from functioning as a general-purpose computer.

Schoen responds:

Neither of these concerns is applicable at all to Palladium (as Microsoft has described it to us) or to TCPA (as the TCPA has specified it and as it has been implemented). While Microsoft could be misleading us about Palladium, the TCPA specification is public and implementations of it have already been made.

It’s possible that some other trusted computing system could have such a misfeature, but the design of TCPA and Palladium doesn’t require these properties at all, as far as I can tell, and they seem to be more or less independent.

Schoen is right here – Palladium and TCPA do not do what Stallman says it does. Stallman seems too eager to blame Microsoft for the sins of others.

The conversation then moves on to the connection between Palladium and the Hollings CBDTPA. The Hollings bill mandates that some kind of “trusted computing” restrictions be made mandatory in essentially all digital devices. But what kind of restrictions would be mandated?

Stallman implies strongly that the CBDTPA would mandate the use of Palladium. Schoen disagrees, saying that he is “not convinced that something like Palladium is the infrastructure contemplated by the CBDTPA.”

Here I don’t know who is right. The CBDTPA is cleverly constructed so that it doesn’t say what it is mandating – it leaves that to be decided later, either by the FCC or by a vaguely-specified industry consortium. This gives CBDTPA advocates a way to dodge hard questions about the bill’s effects, by invoking a hoped-for perfect technical solution that is just around the corner. Given the track record of copy restriction and its advocates, I think we should insist on taking a test drive before we buy this used car.