EFF had another meeting with some trusted computing people yesterday — this time, it was the crew from TCPA, and some Intel folks who briefed us on LaGrande. The trusted computing people maintain that trusted computing is like any other general-purpose technology: it has good uses and bad ones. Trusted computing can be a critical piece of end-to-end crypto in private communications, and (the supporters maintain), can be used to safeguard the public's privacy. Supporters of trusted computing also say that their invention was not built or optimized for DRM.
Of course, I don't buy this — entirely. Trusted computing might be a useful component in end-to-end secrecy. It might be useful to build, for example, a Gnutellanet where badly written clients that jabber and break the network can't connect. But I don't think it will be a tool for helping the public to keep its private data private from the IRS or hospital administrators, since that supposes that the public can convince the IRS or hospital administrators to accept information in crypto wrappers that favor the public. All the people against whom I would like to protect my private data are people whom I can't compel to accept my data in my privacy wrapper. If I was in a position of power over those people, I wouldn't need trusted computing!
Moreover, the anti-competitive aspects of trusted computing must be stressed. Trusted computing can be used as a tool to eliminate unauthorized interoperability: in English, that means that trusted computing can be used by, say, your the company that sold you your word-processor to ensure that you can't open your own documents with their competitors' products.
One thing that the trusted computing folks we met asked us is how trusted computing could be redesigned to ensure that this tool is predominantly used to help users trust their computers, as opposed to Hollywood or Microsoft trusting you with their software and movies. Seth is noodling around with an idea for a trusted computing design that preserves the positive uses of trusted computing but breaks most of the negative ones. If vendors wanted to make a public-friendly trusted computing system, this is one way that they could:
I'm going to call this feature an Owner Override function, because it allows the owner of the computer to override certain policies the owner might consider disadvantageous (such as not allowing the owner to read some data which was saved using sealed storage). In the alternative, you can implement this in a technically different way and call it something like "owner-directed migration", a direct attack on Pd "migration disposition" in which a creator of a file or an application might have defined certain rules about migration.
We know that the basic technology for assuring that a function like this is never triggered from software is already implemented; it's a design requirement of TCPA and Palladium, ordinarily referred to as "physical presence indication". The system is required to be engineered in such a way that it can reliably determine whether you are there in front of it or not. (In particular, it needs to be able to reliably determine that a particular instruction was generated from hardware by a physical action, and not from software. This is meant to guarantee that malicious code can't impersonate an end-user in order to trick the system into undermining certain kinds of privacy or security protections.)
On reflection, I don't see anything in the physical presence indication concept which prevents it from being extended to include a broad mechanism for overriding policies. Already, there are things you can do with physical presence in these trusted computing system which you simply can't do otherwise; why is "override security" not one of them? (It is, de facto, in all existing PC hardware! What's more, I don't believe that any parts of ordinary PC hardware before 1995 were specifically designed to prevent users from altering any part of user-visible functionality. Maybe someone can find an interesting counterexample, because it seems very possible that there is one. Incidentally, the feature I'm proposing as an Owner Override is not really very different technically from existing suspend-to-disk functionality provided in many laptops.)
