A new paper by Stuart Schechter, Rachel Greenstadt, and Mike Smith, of Harvard, points out what should have been obvious all along: that “trusted computing” systems like Microsoft’s now-renamed Palladium, if they work, can be used to make peer-to-peer file sharing systems essentially impervious to technical countermeasures.
The reason is that Palladium-like systems allow any software program absolute control over which hardware/software configurations it will interoperate with. So a P2P system can refuse to interoperate with any “unauthorized” version of itself. This would keep copyright owners (or anyone else) from spoofing file contents. Although the paper doesn’t point this out directly, a clever Palladium-enabled P2P system would make it much harder for anyone to trace the true source of a copyrighted file.
The moral of this story is simple. Computer security is, ultimately, a battle for control of a computer system; and in that battle, both sides will use the available tools. The same tools that make robust networks also make robust P2P networks. The same tools that prevent infiltration by viruses also prevent infiltration by spoofing agents.
