Re: Separate trusted computing designs

[Christian Stüble]

Am Donnerstag, 31. August 2006 12:35 schrieb Tom Bachmann:
> Christian Stüble wrote:
> >>> The TC/TCPM design that is currently being implemented on PCs is
> >>> entirely consistent with statement (1). It is not consistent with
> >>> statement (2).
> >>
> >> So within this design, I own my computer only partially.
> >
> > You own a house. You lease a flat. You are not allowed to enter the flat
> > without permission of the leaser. -> You are not the owner of the house
> > any more?
>
> As you say, using the all-day term "owning" here confuses things. The
> abstract concept "full ownership" does not apply to this situation.
I prefer Jon's term "full control". The TCG, e.g., uses the term TPM Ownership 
which is abolutely not what you want. Own and ownership and full ownership
are imo too similar. 

>
> >> And if I
> >> play them, I partially give up ownership of my monitor and graphic card.
> >> Hell, what component of my computer _do_ I fully own?
> >
> > Bad example. You see every single bit on the screen, thus you have access
> > to the content in this case.
>
> But I cannot technically access it to, say, convert the movie into
> another format.
>
> >> Despite the possibility of abusement, why should I pay the same price
> >> for something I own together with others I neither know nor trust?
> >
> > You do not pay the same price. Owning a DVD including permission to watch
> > the movie is different from owning the movie.
>
> I am not speaking about the price of the movie here, but about the price
> of the hardware.
>
> >> Would you think it is OK if government would have the legal right to
> >> prevent you from going into your kitchen if tv is running?
> >
> > No. But this is exactly what we do not allow.
>
> I do not understand that answer. I can (e.g.) relate "tv running" to
> "watching protected movie" and "going into the kitchen" to "accessing
> the graphics memory". And I can make up an insane relation (to, say,
> "playing protected music from the shell" and "accessing graphics
> memory"), too, which might look more like the kitchen-tv example.
One goal of our design, as descibed earlier, is to allow remote parties to 
control their own applications (within their address space and the I/O), but 
not influence other applications if not permitted by the MAC.

You can access the bits of your VGA card whenever you want, but you cannot see
the movie at the same time. => You are allowed to drink alcohol (maybe), you 
are allowed to drive a car (maybe), but you are not allowed to do it at the 
same time. Where is the problem?

Chris