Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Trustworthy Computing Mini-Poll
From: Georgi Guninski <guninski () guninski com>
Date: Mon, 23 Dec 2002 19:44:58 +0200

Bruce Ediger wrote:

On Sun, 22 Dec 2002, Simon Richter wrote:

>I believe they have thought about this. Trusted software can only be
>debugged on a special "developer" machine. My personal favourite would
>be the "carefully crafted" DVD, which uses a buffer overflow in a player
>routine (where people optimize for speed over security anyway). :-)

So, let me get this straight:

(1) TCPA will only protect us against the what's traditionally been
the least virulent form of computer viruses, file infectors.
(2) TCPA won't help the spam situation.
(3) Only specially licensed machines can run a debugger.
(4) TCPA machines won't allow us to copy arbitrary files - the hardware
or something prevents us from copying some "magic" files.

The upshot of #3 seems like "you can compile programs only if you you've
got a special license", but I don't know if the whole thing goes that far.

Why on earth would I pay money for such a deliberately, cynically crippled
piece of hardware?  "Sure, Mr Gates and Mr Grove!  I'll pay a thousand
dollars for your new Tee Vee I mean Pee Cee!"  You've got to be kidding
about all this.  Surely a free market won't allow this kind of crippling
to take place - it will have to be performed by some kind of government

IMHO they can't do it technologically right. It will be the same sh*t as now.
Just check the m$ advisory which states - "remove microsoft from the trusted publishers". lol. And funny things may happen if an important key gets compromised as it have happened before. Also there is great chance it will piss off even microsoft certified solitaire experts. Judging from the amount of spam which offers to "copy any dvd to cd", it will be broken as soon as a beta is out if not earlier.


Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]