Linux will support TCPA - Tech @ 4-ch Archives

Linux will support TCPA (9)

1 Name: CYB3R H4XX0R G33K 05/02/02(Wed)18:51 ID:K/mR3m2a [Del]

http://linux.slashdot.org/linux/05/02/02/1543255.shtml?tid=172&tid=106

I weep for the future.

2 Name: CYB3R H4XX0R G33K 05/02/02(Wed)19:30 ID:Heaven [Del]

Uhm...

So what?

3 Name: CYB3R H4XX0R G33K 05/02/02(Wed)20:01 ID:K/mR3m2a [Del]

http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

That's what.

4 Name: dmpk2k!hinhT6kz2E 05/02/03(Thu)09:42 ID:vKMpaE+0 [Del]

It has good sides. It has bad sides.

It can certainly be abused. But from a security standpoint I can also see the allure.

5 Name: CYB3R H4XX0R G33K 05/02/03(Thu)12:18 ID:Heaven [Del]

>>4

For the uneducated like myself, mind explaining the "good" sides of a fritz chip in consumer hardware?

6 Name: !WAHa.06x36 05/02/03(Thu)13:15 ID:jO2jY2IS [Del]

>>5

One big problem in computer security is that you can never, ever trust the software. You always have to assume that somebody will take it apart, to get decryption keys and the like, and re-write it, to be able to monitor the data and keys while it runs, or to forge the output from it. It would be very tempting to have a guarantee that the user is running the exact version of the software that you wrote, and nothing else.

For instance, take a program like Share: it is built to be fair P2P program, uploading files to others while you download, and limiting the number of connections and searches it will do to stop you from hogging a too large part of the network. However, with a bit of work, I could take it apart, and remove these limitations, and have a version that will let me download my files quicker than others at the expense of everyone else on the network. This sort of thing has been a problem on other P2P networks, too. So you can see that it would be tempting for the author to be able to restrict access only to clients that he himself created and authorized, and that's what TCG is supposed to be able to do.

Well, that's the allure. The reality is of course much different.

7 Name: dmpk2k!hinhT6kz2E 05/02/03(Thu)21:23 ID:Ry4+B8Gs [Del]

It could be used to build a chain of software that can be effectively audited. You need not worry about third-party software opening a hole.

Of course, there are other ways to go about this, as long as you can trust the OS itself (which is by no means guaranteed). My understanding is that VMS did very well in this regard.

Don't misunderstand me though, I am not looking forward to this. I wouldn't be surprised if the doom'n'gloom scenarios played out.

8 Name: hk0!0khonVgaHI 05/02/08(Tue)22:10 ID:YIqCvZ7U [Del]

Support for linux is not going to make or break the inclusion of such devices in systems. It's good that this particular implementation of the device can be used by anyone for any purpose. You can focus on the uses that empower the end user instead of the less desirable ones.

9 Name: dmpk2k!hinhT6kz2E 05/02/14(Mon)12:04 ID:Huusntri [Del]

From the site we love to hate:

http://it.slashdot.org/comments.pl?sid=139325&cid=11663359

I make no claims to its accuracy.

	Return Entire thread Last 50 posts
	This thread has been closed. You cannot post in this thread any longer.