Re: Separate trusted computing designs

[Jonathan S. Shapiro]

On Thu, 2006-08-31 at 14:17 +0200, Marcus Brinkmann wrote:
> At Wed, 30 Aug 2006 14:56:05 -0400,
> "Jonathan S. Shapiro" <address@hidden> wrote:
> > A contract cannot alienate ownership. It can grant exclusivity of use
> > for a period of time, and it may contain provisions for indemnification
> > of liability. These things do not alter ownership. They do not alter
> > certain conditions pertaining to seizure.
> > 
> > This aside, I disagree with an assumption that you appear to be making
> > here. It appears to me that you deny the possibility that a machine may
> > be contracted on a non-exclusive but isolated basis.
> 
> I am disappointed.  At your request, I have compiled a long essay on
> this matter, including definitions of the words "ownership" and
> "contract", based on definitions suggested by Hegel.

Marcus: When you read point (3), please keep in mind that I am trying to
express what I perceive. These statements are not intended as an attack.
The "fault" may be entirely mine. I hope that it may be helpful in our
discussion to understand how my perceptions are failing and (to some
degree) why.

Concerning the essay your reference:

1. It would be helpful to have a URL to refresh my memory. Better still,
if it is truly a reference essay for Hurd, put it on the Wiki!

2. Definitions by Hegel are not terribly interesting or helpful. The
relevant definitions are the ones commonly used in law.

3. For me, your messages containing definitions are very hard to
understand. The definitions are not clearly separated from long
philosophical dialogs. To you, these dialogs are very clear. To me, they
are often confused, unclear, disconnected, and sometimes even (with
apologies) absurd. The boundaries between definitions, assertions of
fact, statements subject to refutation, and philosophical treatise are
not clearly differentiated in your writing (or perhaps I simply do not
see them). Because of this, I regret that I find it *extremely* hard to
internalize the emails that are most important to you. In particular,
that long essay was incomprehensible to me.

Yes, there is a long essay that I have never understood, but there is no
concise reference statement of definitions gathered in one place. I
think this would be a very useful thing to have.

Speaking for myself alone, I am not greatly interested in long,
disconnected treatises on philosophical principals. I don't have time
for them, and our views are far enough apart that I do not find reading
your essays productive. This is not a negative value judgment about your
views intrinsically. It is a value judgment about my inability to
understand your philosophy given the gap in our perspectives and the way
in which you present them. Your presentation seems to be clear for many
other people; the problem here may be entirely with me.

Some of the critical term definitions that you have adopted do not, in
my view, correspond to conventional usage, and I therefore find it
impossible to adopt (or even remember without explicit conscious effort)
your definitions. Your definition of "ownership" is one example (see
below). I have no objection to the concept that I think you are trying
to capture. My problem is that I am unable to form any persistent
binding between the word "ownership" and that concept, because to me
ownership is a legal term that means something quite different.

> Given that my definitions (which agree with the common understanding
> of the terms) have not been challenged, I am upholding them.  If you
> disagree, you will have to provide your own definitions.

Very well. I challenge your definitions. In fact, I have been doing so
from the very beginning; you simply haven't been listening. Your
definition of "ownership" clearly incorporates by reference a notion of
"alienation of ownership" that has no foundation in law or common usage.
I do not object to your concepts per se. I object strongly to your
choice of terms for these concepts.

I believe that we could simply replace your terms "ownership" and
"alienation of ownership" with "control" and "alienation of control". I
am not sure if this captures what you mean precisely, but I think it is
a clearer way to capture what is happening in DRM.

> ...the "trusted computing" model of multi-party
> computing diffuses ownership.

It does not. The "trusted computing" model of multi-party computing has
exactly zero effect on ownership. Ownership is a legal concept whose
meaning is not altered by trusted computing in any way.

What *is* true is that the "trusted computing" model of multi-party
computing alters the distribution of *control*.

Aside: I do not like the term "diffuses" in this context. The division
and distribution of control that DRM enables is very concrete and
deterministic. The term "diffuses" suggests something imprecise to me.

> > I claim that Marcus's essential concern here is not about the features
> > of any particular operating system, but about the balkanization of
> > content.
> 
> This is one of my concerns, but by _far_ not the only one.  I have
> expressed many other concerns in my essay.  Ignoring these concerns is
> your choice, however, doing so does not remove them from my list, nor
> does it invalidate them.

I did not suggest or imply that your other concerns were invalid or
removed. I responded in the context of an ongoing discussion.

> My concern goes right to the heart of the "trusted computing" model,
> which is the assumption that information shared with other people can
> and should be proprietarized.  My concerns are the various social
> implications of an attempt to do so.

Yes. You have clearly expressed this concern. Ultimately, this is the
fundamental place where you and I (and FSF and I) disagree
foundationally. The ultimate source of our disagreement is that we have
very different expectations about the long-term social impact of DRM.

I have been intending to send a note on this subject expressing *my*
views, but I think I should do it separately.

> The rest of your argument is based on broad assumptions that the
> struggle is already lost.

I was very careful NOT to say that. In fact, I said that *because* the
struggle is not yet lost, Hurd should delay supporting DRM as long as
possible.

However, I do believe that the ultimate loss of this struggle is
inevitable, and *after* it is lost I think that the ethical tradeoffs of
DRM support and the resulting losses of some freedoms must be balanced
against the preservation of other freedoms.

> Nevertheless, I agree with the core of your argument, that there can
> be a moral case in support of a morally offensive system to ease the
> damage inflicted by it on its victims.  However, I think the argument
> is not quite as strong as you present it, certainly not in this case,
> where I think superior options are available.

Obviously we do not agree about whether DRM is morally offensive. Also,
I do not agree that superior options are available in any meaningful
sense. DRM is not fully deployed, but no viable alternative has any
market presence and so the DRM momentum is probably unstoppable.

> > 
> > I am not aware of any general-purpose computer that is "designed to deny
> > *owners* access to install or run modified versions of the software
> > inside them". Perhaps some are being developed. This description
> > certainly does not fit the TCPM-based technology that is being
> > implemented in PC's.
> 
> The error in logic is that you think the people who bought TCPM-based
> technology are the owners of the machine.  My analysis showed that
> this is not the case, using suitable definitions of the terms.

They are unquestionably the owners of the machine. That is a legal
matter. What is debatable is whether they are the *controllers* of the
machine that they own. Provided they do not enable the TCPM function,
they are the controllers of the machine.

As owners, they can *elect* to enable the TCPM functions in pursuit of
other objectives such as access to controlled content. In this case they
are ceding some control in exchange for what they perceive as value
(access to content), but they are not altering their legal ownership
status.

> One of the cases that triggered these developments is the TiVo device...

I used to own one, and I looked in to hacking it, so I'm pretty aware of
this. No, I don't consider this a general purpose computer.

I agree that the TiVo provisions restrict the owner's control. I do not
agree that they restrict the owner's ownership.

But even here, we must consider what exists in the relationship between
ownership and control. The fact that I own a pen does not grant me any
intrinsic right to use the pen as a telephone. As the owner, I have the
right to use the object in any way that I am mechanically able to
accomplish. I also have the right to adapt the object, but any risk in
the attempted adaptation lies with me -- up to and including the fact
that I may render the object non-functional for its originally intended
purpose. Further, it is well established in law that the vendor may seek
to impede the owner's attempts to adapt the object through the
incorporation of design features intended to make such adaptation
difficult.

In the same way, the TiVo box can be used by the owner for its original
purpose, and the owner is welcome to *attempt* to adapt it at their own
risk.

Your argument seems to rest on the assumption that the TiVo box should
be openly adaptable merely because it contains a powerful computer. I do
not see any fundamental moral or ethical reason why this should be the
case. To me, the *definition* of a general purpose computer is that it
is openly adaptable in this way. That is what makes it general purpose.
TiVo is not a general-purpose computer.

You might argue (and I might agree) that a TCPM-disabled PC is general
purpose and a TCPM-enabled machine is not. If we go into this argument
deeply, we will come to the self-evident conclusion that the
"generality" in the concept "general purpose" is not an absolute -- it
is a continuum.

> > However, denying this to *users* is possible *without* TCPM. It is
> > simply a matter of setting a BIOS password to prevent OS reinstall. This
> > is true whether or not the OS supports TC.
> 
> BIOS passwords are a joke, and you know it ;)

I agree, but this isn't relevant to the argument. You seem to be saying
"because BIOS passwords are ineffective they are not a problem". This is
true, but it is orthogonal to the question. The question is "Are BIOS
passwords a mechanism for depriving owners of control?" The answer is
clearly "yes". If so, why is FSF not screaming about them?


shap