On Sat, Jul 13, 2002 at 07:10:07PM -0500, Harmon Seaver wrote:
> On Sat, Jul 13, 2002 at 10:59:23AM -0700, Eric Murray wrote:
> > Microsoft does not do things simply because they enjoy being evil.
> > They are not so worried about Linux (with its small share of the market)
> > that they will spend
On Sat, Jul 13, 2002 at 10:59:23AM -0700, Eric Murray wrote:
> Microsoft does not do things simply because they enjoy being evil.
> They are not so worried about Linux (with its small share of the market)
> that they will spend mega-bucks now on a very long term project that might
> possibly let t
On Sat, Jul 13, 2002 at 06:34:36PM +1200, Peter Gutmann wrote:
> Eric Murray <[EMAIL PROTECTED]> writes:
> >On Fri, Jul 12, 2002 at 07:14:55PM +1200, Peter Gutmann wrote:
> >>From a purely economic perspectice, I can't see how this will fly. I'll pull a
> >>random figure of $5 out of thin air (we
Eric Murray <[EMAIL PROTECTED]> writes:
>On Fri, Jul 12, 2002 at 07:14:55PM +1200, Peter Gutmann wrote:
>>From a purely economic perspectice, I can't see how this will fly. I'll pull a
>>random figure of $5 out of thin air (well, I saw it mentioned somewhere but
>>can't remember the source) as th
On Fri, Jul 12, 2002 at 07:14:55PM +1200, Peter Gutmann wrote:
>
> >From a purely economic perspectice, I can't see how this will fly. I'll pull a
> random figure of $5 out of thin air (well, I saw it mentioned somewhere but
> can't remember the source) as the additional manufacturing cost for t
Peter wrote (potentially quoting somebody else)
> >From a purely economic perspectice, I can't see how this will fly.
> >I'll pull a
> random figure of $5 out of thin air (well, I saw it mentioned
> somewhere but can't remember the source) as the additional
> manufacturing cost for the TCPA ha
Jay Sulzberger <[EMAIL PROTECTED]> writes:
>Nonsense. Let us remember what Palladium is:
>
>Palladium is a system designed to enable a few large corporations and
>governments to run source secret, indeed, well-encrypted, code on home user's
>machines in such a way that the home user cannot see,
On Fri, 5 Jul 2002, AARG!Anonymous wrote:
< ... />
> Right, and you can boot untrusted OS's as well. Recently there was
> discussion here of HP making a trusted form of Linux that would work with
> the TCPA hardware. So you will have options in both the closed source and
> open source worlds t
At 09:43 PM 06/28/2002 +0200, Thomas Tydal wrote:
>Well, first I want to say that I don't like the way it is today.
>I want things to get better. I can't read e-books on my pocket computer,
>for example, which is sad since I actually would be able to enjoy e-books
>if I only could load them onto m
Seth Schoen writes:
> The Palladium security model and features are different from Unix, but
> you can imagine by rough analogy a Unix implementation on a system
> with protected memory. Every process can have its own virtual memory
> space, read and write files, interact with the user, etc. But
On Monday, July 1, 2002, at 07:15 PM, Mike Rosing wrote:
> On Mon, 1 Jul 2002 [EMAIL PROTECTED] wrote:
>
>> --
>> On 1 Jul 2002 at 15:06, Tim May wrote:
>>> I have strong views on all this DRM and TCPA stuff, and
>>> especially on the claim that some form of DRM is needed to
>>> prevent gove
On Mon, 1 Jul 2002 [EMAIL PROTECTED] wrote:
> --
> On 1 Jul 2002 at 15:06, Tim May wrote:
> > I have strong views on all this DRM and TCPA stuff, and
> > especially on the claim that some form of DRM is needed to
> > prevent government from taking over control of the "arts."
> >
> > But we sa
--
On 1 Jul 2002 at 15:06, Tim May wrote:
> I have strong views on all this DRM and TCPA stuff, and
> especially on the claim that some form of DRM is needed to
> prevent government from taking over control of the "arts."
>
> But we said everything that needed to be said _years_ ago. No
> p
PROTECTED]>
Date: Sat Jun 29, 2002 10:03:33 PM US/Pacific
To: Barney Wolff <[EMAIL PROTECTED]>
Cc: "'[EMAIL PROTECTED] '"
<[EMAIL PROTECTED]>, "'[EMAIL PROTECTED] '"
<[EMAIL PROTECTED]>
Subject: Re: Ross's TCPA paper
>
> Here&
[Repost]
Bear writes:
> A few years ago merchants were equally adamant and believed
> equally in the rightness of maintaining their "right" to not
> do business with blacks, chicanos, irish, and women. It'll
> pass as people wake up and smell the coffee. Unfortunately
> that won't be until aft
Barney Wolff wrote:
> My use of "anonym" was a joke. Sorry if it was too deadpan. But
> my serious point was that if a pseudonym costs nothing to get or
> give up, it makes one effectively anonymous, if one so chooses.
Well, yeah, I'd say that single-use pseudonyms are, in fact, the
definition
R. A. Hettinga wrote:
> At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:
>>No, a pseudonym can be linked to stuff (such as reputation,
>>publications, money). An anonym cannot.
>
> More to the point, there is no such "thing" as an "anonym", by definition.
Hmm. So present the appropriate definition
At 11:30 PM -0400 on 6/30/02, Barney Wolff wrote:
> anonym n : "Mr. and Mrs. John Smith" when signed in a motel register.
No. Pseudonym(s). Subclass "Alias".
An anonym (literally, "no name", right?) is not signing the book at all,
and, thus, as "nyms" go, can't exist except in your mind. Somew
anonym n : "Mr. and Mrs. John Smith" when signed in a motel register.
On Sun, Jun 30, 2002 at 09:55:58PM -0400, R. A. Hettinga wrote:
>
> More to the point, there is no such "thing" as an "anonym", by definition.
--
Barney Wolff
I never met a computer I didn't like.
At 12:06 AM +0100 on 7/1/02, Ben Laurie wrote:
> No, a pseudonym can be linked to stuff (such as reputation,
> publications, money). An anonym cannot.
More to the point, there is no such "thing" as an "anonym", by definition.
There's no way to link the behavior of one event that an "anonym" ca
Barney Wolff wrote:
> A pseudonym that I can give up at will and that can never afterwards
> be traced to me is equivalent to an anonym.
No, a pseudonym can be linked to stuff (such as reputation,
publications, money). An anonym cannot.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
On Sun, 30 Jun 2002, Barney Wolff wrote:
>A pseudonym that I can give up at will and that can never afterwards
>be traced to me is equivalent to an anonym.
Actually, I don't have a problem with it being traced afterwards,
if a crime has been committed and there's a search warrant or
equivalent t
A pseudonym that I can give up at will and that can never afterwards
be traced to me is equivalent to an anonym.
I'm not suggesting that anonymity be outlawed, or that every merchant
be required to reject anonymous or pseudonymous customers. All I'm
suggesting is that "small" merchants MUST NOT
On Sun, 30 Jun 2002, Barney Wolff wrote:
>The trouble I have with this is that I'm not only a consumer, I'm
>also a merchant, selling my own professional services. And I just
>will not, ever, perform services for an anonymous client. That's
>my choice, and the gov't will take it away only when
Yes, this is a debate I've had with the medical privacy7 guys, some of
whom like the idea of using Palladium to protect medical records.
This is a subject on which I've a lot of experience (see my web page),
and I don't think that Palladium will help. Privacy abuses almost always
involve abuse of
Pete Chown wrote:
> BTW, I have been thinking for a while about putting together a UK
> competition complaint about DVD region coding. No promises that
> anything will happen quickly. On the other hand, if people offer help
> (or just tell me that they think it is a worthwhile thing to do) it w
From: <[EMAIL PROTECTED]>
> As a side note, it seems that a corporation would actually have to
> demonstrate that I had seen and agreed to the thing and clicked
> acceptance. Prior to that point, I could reverse engineer, since
> there is no statement that I cannot reverse engineer agreed to. S
David wrote:
> It's not clear that enabling anti-competitive behavior is
> good for society. After all, there's a reason we have
> anti-trust law. Ross Anderson's point -- and it seems to me
> it's one worth considering
> -- is that, if there are potentially harmful effects that
> come with t
Mike Rosing wrote:
>As long as MS Office isn't mandated by law, who cares?
It's not clear that enabling anti-competitive behavior is good
for society. After all, there's a reason we have anti-trust law.
Ross Anderson's point -- and it seems to me it's one worth considering
-- is that, if there
Adam Back wrote:
> I don't mean that you would necessarily have to correlate
> your viewing habits with your TrueName for DRM systems.
> Though that is mostly
> (exclusively?) the case for current deployed (or at least
> implemented with a view of attempting commercial deployment) copy-mark
>
On 27 Jun 2002, David Wagner wrote:
> No, it's not. Read Ross Anderson's article again. Your analysis misses
> part of the point. Here's an example of a more problematic vision:
> you can buy Microsoft Office for $500 and be able to view MS Office
> documents; or you can refrain from buying it
Anonymous wrote:
>The amazing thing about this discussion is that there are two pieces
>of conventional wisdom which people in the cypherpunk/EFF/"freedom"
>communities adhere to, and they are completely contradictory.
I can't agree. Strong protection of copyright is probably possible if
the co
Scott Guthery wrote:
>Perhaps somebody can describe
>a non-DRM privacy management system.
Uhh, anonymous remailers? I never disclose my identity, hence there is
no need for parties I don't trust to "manage" it.
Come on, folks. This ought to be cypherpunks 101. DRM might be one
way to achieve
On Wed, 26 Jun 2002, Barney Wolff wrote:
> Do you really mean that if I'm a business, you can force me to deal with
> you even though you refuse to supply your real name?
When was the last time you had to give your name when you bought a
newspaper, CD or a DVD in a non-online/non-mail order st
Interesting Q&A paper and list comments. Three
additional comments:
1. DRM and privacy look like apple and speedboats.
Privacy includes the option of not telling, which DRM
does not have.
2. Palladium looks like just another vaporware from
Microsoft, to preempt a market like when MS promised
Wi
On Wed, 26 Jun 2002, Barney Wolff wrote:
>Do you really mean that if I'm a business, you can force me to deal with
>you even though you refuse to supply your real name? Not acceptable.
>I won't give up the right NOT to do business with anonymous customers,
>or anyone else with whom I choose not
On Wed, Jun 26, 2002 at 03:57:15PM -0400, C Wegrzyn wrote:
> If a DRM system is based on X.509, according to Brand I thought you could
> get anonymity in the transaction. Wouldn't this accomplish the same thing?
I don't mean that you would necessarily have to correlate your viewing
habits with yo
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html
Ross
I'm slightly confused about this. My understanding of contract law is
that five things are required to form a valid contract: offer and
acceptance, mutual intent, consideration, capacity, and lawful
intent. It seems to me that a click-through agreement is likely to
fail on at least one, and poss
ar" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, June 26, 2002 3:37 PM
Subject: Re: Ross's TCPA paper
> On Wed, Jun 26, 2002 at 10:01:00AM -0700, bear wrote:
> > As I see it, we can get either privacy or DRM,
> > but t
t; <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Orig-To: "bear" <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Wednesday, June 26, 2002 3:37 PM
Subject: Re: Ross's TCPA paper
> On Wed, Jun 26, 2002 at 10:01:00AM -0700, bear wrote:
>
Do you really mean that if I'm a business, you can force me to deal with
you even though you refuse to supply your real name? Not acceptable.
I won't give up the right NOT to do business with anonymous customers,
or anyone else with whom I choose not to do business.
The point about DRM, if I und
On Wed, Jun 26, 2002 at 10:01:00AM -0700, bear wrote:
> As I see it, we can get either privacy or DRM,
> but there is no way on Earth to get both.
> [...]
Hear, hear! First post on this long thread that got it right.
Not sure what the rest of the usually clueful posters were thinking!
DRM syst
Peter D. Junger wrote:
> That isn't the reason why a click-through agreement isn't
> enforceable---the agreement could, were it enforceable, validlly
> forbid reverse engineering for any reason and that clause would
> in most cases be upheld.
Not in Europe though. EU directive 91/250/EEC "on t
Sandy Harris writes:
: "Peter D. Junger" wrote:
:
: > : > There is not even social opprobrium; look at how eager
: > : > everyone was to look the other way on the question of whether the DeCSS
: > : > reverse engineering violated the click-through agreement.
: > :
: > : Perhaps it did, but the l
"Peter D. Junger" wrote:
> : > There is not even social opprobrium; look at how eager
> : > everyone was to look the other way on the question of whether the DeCSS
> : > reverse engineering violated the click-through agreement.
> :
> : Perhaps it did, but the licence agreement was unenforceable.
Pete Chown wrote:
[...]
> This doesn't help with your other point, though; people wouldn't be able
> to modify the code and have a useful end product. I wonder if it could
> be argued that your private key is part of the source code?
Am I expected to distribute my password with my code?
I don't believe that the choice is both privacy and TCPA, or neither.
Essentially all privacy violations are abuses of authorised access by
insiders. Your employer's medical insurance scheme insists on a
waiver allowing them access to your records, which they then use for
promotion decisions. The
Pete Chown writes:
: Anonymous wrote:
:
: > Furthermore, inherent to the TCPA concept is that the chip can in
: > effect be turned off. No one proposes to forbid you from booting a
: > non-compliant OS or including non-compliant drivers.
:
: Good point. At least I hope they don't. :-)
:
: >
> Speaking personally, if asked "DRM & privacy, both or neither?"
> then I will take "both" -- YMMV.
This bullshit is getting deeper and thicker.
(dis)ability to replay received information at will has next to nothing to do
with ability to stop unwanted parties from obtaining secret information
Anonymous wrote:
> Furthermore, inherent to the TCPA concept is that the chip can in
> effect be turned off. No one proposes to forbid you from booting a
> non-compliant OS or including non-compliant drivers.
Good point. At least I hope they don't. :-)
> There is not even social opprobrium; l
Pete Chown wrote quoting Ross:
> > You need a valid signature on the binary, plus a cert to
> use the TCPA
> > PKI. That will cost you money (if not at first, then eventually).
>
> I think it would be a breach of the GPL to stop people
> redistributing the signature: "You must cause any work t
On Mon, 24 Jun 2002, Anonymous wrote:
> The amazing thing about this discussion is that there are two pieces
> of conventional wisdom which people in the cypherpunk/EFF/"freedom"
> communities adhere to, and they are completely contradictory.
Makes for lively conversation doesn't it :-)
> Cyphe
Ross Anderson writes:
> During my investigations into TCPA, I learned that HP has started a
> development program to produce a TCPA-compliant version of GNU/linux.
> I couldn't figure out how they planned to make money out of this. On
> Thursday, at the Open Source Software Economics conference,
The amazing thing about this discussion is that there are two pieces
of conventional wisdom which people in the cypherpunk/EFF/"freedom"
communities adhere to, and they are completely contradictory.
The first is that protection of copyright is ultimately impossible.
See the analysis in Schneier a
Ross Anderson wrote:
> ... that means making sure the PC is the hub of the
> future home network; and if entertainment's the killer app, and DRM is
> the key technology for entertainment, then the PC must do DRM.
Recently there have been a number of articles pointing out how much
money Microsoft
On Mon, Jun 24, 2002 at 08:15:29AM -0400, R. A. Hettinga wrote:
> Status: U
> Date: Sun, 23 Jun 2002 12:53:42 -0700
> From: Paul Harrison <[EMAIL PROTECTED]>
> Subject: Re: Ross's TCPA paper
> To: "R. A. Hettinga" <[EMAIL PROTECTED]>
> The
> imp
It seems clear at least if DRM is an application than DRM applications would benefit
from the "increased trust" and architecturally that such "trust" would be needed to
enforce/ensure some/all of the requirements of the Hollings bill.
hawk
Lucky Green wrote:
> other
> technical solution th
I, for one, can vouch for the fact that TCPA could absolutely
be applied to a DRM application. In a previous life I actually
designed a DRM system (the company has since gone under). In
our research and development in '96-98, we decided that you need
at least some trusted hardware at the client
> It's an interesting claim, but there is only one small problem.
> Neither Ross Anderson nor Lucky Green offers any evidence that the TCPA
> (http://www.trustedcomputing.org) is being designed for the support of
> digital rights management (DRM) applications.
Microsoft admits it:
http://www.msn
> Date: Sun, 23 Jun 2002 12:53:42 -0700
> From: Paul Harrison <[EMAIL PROTECTED]>
> Subject: Re: Ross's TCPA paper
> I would think a TCP _with_ ownership of the TPM would be every paranoid
> cypherpunk's wet dream. A box which would tell you if it had been tamper
--- begin forwarded text
Status: U
Date: Sun, 23 Jun 2002 12:53:42 -0700
From: Paul Harrison <[EMAIL PROTECTED]>
Subject: Re: Ross's TCPA paper
To: "R. A. Hettinga" <[EMAIL PROTECTED]>
User-Agent: Microsoft-Outlook-Express-Macintosh-Edition/5.02.2022
on 6/23/02
Lucky Green writes:
> I however encourage readers familiar with the state of the art in PC
> platform security to read the TCPA specifications, read the TCPA's
> membership list, read the Hollings bill, and then ask themselves if they
> are aware of, or can locate somebody who is aware of, any oth
On Sun, 23 Jun 2002, Lucky Green wrote:
> Anonymous writes:
> > Lucky Green writes regarding Ross Anderson's paper at:
> > Ross and Lucky should justify their claims to the community
> > in general and to the members of the TCPA in particular. If
> > you're going to make accusations, you are obl
Anonymous writes:
> Lucky Green writes regarding Ross Anderson's paper at:
> Ross and Lucky should justify their claims to the community
> in general and to the members of the TCPA in particular. If
> you're going to make accusations, you are obliged to offer
> evidence. Is the TCPA really,
Lucky Green writes regarding Ross Anderson's paper at:
http://www.ftp.cl.cam.ac.uk/ftp/users/rja14/toulouse.pdf
> I must confess that after reading the paper I am quite relieved to
> finally have solid confirmation that at least one other person has
> realized (outside the authors and proponents
I recently had a chance to read Ross Anderson's paper on the activities
of the TCPA at
http://www.cl.cam.ac.uk/ftp/users/rja14/.temp/toulouse.pdf
I must confess that after reading the paper I am quite relieved to
finally have solid confirmation that at least one other person has
realized (outside
67 matches
Mail list logo
