December 20, 2002
TCPA, an Offering You Can't Refuse

Hit the power button on your computer, and once it's off, what have you got? An unwieldy, expensive paperweight. Now imagine that each file on your computer is connected to a unique power button of its own. Hit the file's power button and the file turns off. It still exists, you just can't use it. Turn off a single MP3 file, and you can't listen to it. Turn off the MP3 player program, and you can't listen to any MP3s. Every file switched off would nudge your computer infinitesimally closer to its powered off, paperweight state.

Now imagine that someone else had his finger on the power buttons. As a user, you would never want this 'feature', but the very companies that spent the last decade putting computers into millions of homes and businesses are working to implement just such a scheme. The initiative is called the Trusted Computing Platform Alliance or TCPA.

TCPA was formed by HP/Compaq, IBM, Intel and Microsoft in order to develop a specification for and realize a 'trusted computing platform'. In English, the TCPA specification adds extra hardware to the PC in order to make it more trustworthy and secure. Of course, the TCPA hardware additions would be dead silicon without software that uses them. Naturally, Microsoft is quite happy to provide this software. It's called Palladium. Press materials for TCPA and Palladium suggest that the systems will somehow reduce spam, mitigate the damage caused by viruses, and provide enhanced protection for users' personal information. Strangely, the jargon filled FAQ (PDF) provided by the TCPA shows a noticeable disconnect from the PR. It uses terms like security capabilities, cryptographic building blocks, and platform integrity metrics, but it is notably unclear on the subject of just what, exactly, the TCPA system is supposed to do.

Fortunately, Ross Anderson, leader of the Security Group at the University of Cambridge Computer Laboratory has written a TCPA / Palladium FAQ for the rest of us. It asks the one key question that the TCPA rhetoric carefully sidesteps, "Security for whom?" The unsettling answer is the content industry. The TCPA specification adds hardware to the PC needed to make it a device that the content industry can trust. One where your media files only run on a single machine, and where they can revoke the ability to view or play your files at will.

Robert Cringely, a respected tech industry observer, is firmly in Anderson's camp. Furthermore, a system like TCPA is not necessary to prevent the rapid spread of viruses or worms like ILOVEYOU. The unix world has not experienced a major virus or worm since The Morris Worm in 1988.

All of this begs the question, why are companies that were once committed to enabling society through computers now backing this TCPA snake oil designed to cripple the next generation of computers? Unfortunately, the sad answer comes down to simple economics.

There is an old adage in the computer industry, "Groves giveth and Gates taketh away." Every time Intel produced a newer, faster processor, Microsoft produced a bigger, more bloated piece of software that made the current generation of PC technology seem too slow. It was a symbiotic, if somewhat perverse, relationship. Users were chained to the cycle, and obediently upgraded to new hardware every two or three years. The industry thrived thanks in part to this continual upgrade cycle, and in part due to a market that seemed to expand without limit. Every new hardware purchase put money in Intel and Microsoft's pockets.

Unfortunately for the industry, the market did finally reach its saturation point. To make matters worse, Moore's law, which predicted Intel's ability to produce faster and faster chips, held until Intel was finally able to produce a generation of hardware that Microsoft couldn't make slow. When was the last time you bought a new PC because your existing computer couldn't run the latest version of Windows, Office, or Internet Explorer fast enough?

Microsoft and Intel earned record revenues in the '90s thanks to the cycle of forced upgrades, but the cycle has come to a screeching halt. They need a new killer app to jump-start it, but not just any killer app will do, it has to be one that won't run on existing hardware. TCPA and Palladium make it possible. What about HP/Compaq and IBM? In this case, what's good for Intel and Microsoft is good for the industry.

Palladium content is viral. Documents made with Palladium enabled versions of Microsoft Word will be encrypted so they won't be viewable with older, non-Palladium versions, and they certainly won't be viewable with open source alternatives. Thus, each Palladium MS Office document coerces users to adopt Palladium, and makes it significantly more difficult for the market to refuse it.

As an added bonus for Microsoft, TCPA PCs will likely do irreparable harm to alternative open source operating systems, such as Linux. TCPA PCs can boot into two modes, trusted or untrusted. In order to view TCPA content, the PC must boot in trusted mode, and this requires that the operating system has a valid digital certificate issued by the TCPA. For a number of reasons, it is very unlikely that an open source OS will be able to obtain a certificate. Even if open source users don't care about TCPA content, there is another problem. When a TCPA computer boots into untrusted mode, it will almost certainly display an ominous warning message to the effect of, "Warning! Booting into Untrusted Mode!" Granted, it's just a message, but there are convincing arguments that a questionable error message generated by Microsoft did substantial damage to sales of Caldera's DR DOS, a competitor to Microsoft's MS DOS. Linux could easily suffer from a similar fate.

Of course, all this doesn't explain why anyone would want a TCPA PC in the first place. Enter the content industry, which will release a smorgasbord of media that plays exclusively on TCPA PC's. This content will come with numerous strings attached. The producers will control how you consume it. It will be priced to maximize profit. It will be designed to minimize sharing, prevent time and media shifting, and limit other legitimate fair uses through technological means. If consumers are duped into buying this content, then they will buy the hardware needed to play it.

Unfortunately, if history is any judge, consumers will buy this crippled content. Consumers readily accepted the DVD format, in spite of draconian, anti-fair use measures. For example, the DVD Region Coding system prevents a DVD from being played in a geographic region other than the one where it was purchased. It exists purely to protect industry sales. So if you live in the US, and your friend in the UK wants to lend you his Wallace and Gromit DVDs, you lose. The industry benefits at the expense of your fair use rights.

This is the future that the Trusted Computing Platform Alliance is writing for us. It's a future of mandatory upgrades and byzantine content controls, a future without sharing. It's a future where the fair use rights granted to consumers by law are revoked by technical measures. But most of all it's a read-only future. And, if we're not careful, we'll eat it up like a New York Times bestseller.

Posted by Daniel C. Silverstein at December 20, 2002 12:04 PM

What about Macintosh? Is the new OS X going the same way? Will OS 9 users win, but with out dated software?



p/s I wish the the world could know what we do. Your right history shows most people are not as smart as we would like.

Posted by: ruark inman on January 6, 2003 05:08 AM

will there be any liux compatible hardware in the future?

Posted by: Joseph Goss on May 22, 2004 09:00 AM
Post a comment

Email Address:



Remember info?