The EFF has posted a very nice piece (apparently written by Seth Schoen) on “trusted computing” systems. The piece makes two important contributions to the debate. First, it gives the best simple introduction to trusted computing technologies that I have seen. Second, it suggests “owner override,” a technological tweak that would largely eliminate the downside of trusted computing (i.e., our loss of control over our own computers), while preserving most of trusted computing’s security benefits.
Fixing Trusted Computing
October 7, 2003 by
See the comments at Unlimited Freedom for a critique of this EFF report.
To excerpt and abbreviate what I wrote to one engineer recently on the same question:
“(1) Defeating a policy someone is trying to enforce against you on your computer, like remedying any other misbehavior on your computer’s part, shouldn’t require ‘attacking’ [or modifying] your computer at all.”
“(2) Hardware attacks are very expensive (relative to software attacks) […]”
(3) A claim that modifying your hardware in this way, or distributing the means of doing so, could violate the DMCA is colorable. At least, some people would be chilled by the DMCA from providing the means of fixing trusted computing systems this way.
(4) Even if local hardware attacks are currently easy, trusted computing technologies could evolve in the future to be more resistant to attack by local hardware modification.
If we were given full ownership to trusted computers, and the government had no backdoors to the encryption, I would LOVE a trusted computer.
Actually, why do we need the TCG groups to implement “Owner Override?” If the history of mod chips and game consoles has anything to tell us, we can expect that within a matter of weeks there will be hardware mods directly to the computer which will let you broadcast whatever Remote Attest you wish.