Re: Separate trusted computing designs

[Christian Stüble]

Am Donnerstag, 31. August 2006 13:35 schrieb Michal Suchanek:
> On 8/31/06, Christian Stüble <address@hidden> wrote:
> > Am Donnerstag, 31. August 2006 09:58 schrieb Tom Bachmann:
> > > Jonathan S. Shapiro wrote:
> > > > The term "owner" has a specific and well-defined legal meaning, and I
> > > > have (in the past) understood Marcus to be using this meaning when he
> > > > uses the term "owner". His position (as I understand it) might be
> > > > captured with two statements:
> > > >
> > > >   1. The legal owner should be able to read and write every bit of
> > > > this computer's ram (at any time).
> > > >   2. This right should be inalienable -- it should not be possible
> > > > for an owner to give up this right in whole or in part.
> > > >
> > > >      [This is the part where Marcus and I disagree.]
> > >
> > > Just for this mail, let me define this (2-statement-definition) as
> > > "full ownership" and only point 1 as "partial" or "shared ownership".
> > > This is a bit misleading, because as long as the ownership is not given
> > > up whole or in part, these two are equal.
> >
> > I suggest not to use the term "ownership" in this context at all. As
> > discussed earlier, ownership in the real world does not neccessary  mean
> > that you can do everything: You own a pet, but you are not allowed to
> > kill or excruciate it. You are the owner of your car, but you are not
> > allowed to manipulate it. You are the owner of a radio, but you are not
> > allowed to receive al frequencies (e.g., those used by the policy).
>
> That's exactly it. You are not allowed to do it but you aren't
> physically prevented from doing it.
>
> DRM and TPM systems differ in that thay technologically prevent you
> from doing somethig, even if the law changed, the enforcement
> mechanism was configured incorrectly in the first place, etc.
You should separate DRM and TPM. TPM may give you the technical background to 
implement DRM systems that are harder to break than systems without a TPM.

But who says that it is impossible to change the behavior of a DRM system if 
the law changes? (again, imo a technical system can enforce law only on a 
very simple level, e.g., it can allow users to always make 7 copies of a 
document.)

Who says that TPM-based DRM systems may enforce security policies at all? 
Lightweight DRM does not enforce such policies, but nevertheless it makes 
sense do build it on TPM-like functions.

Chris