Re: Separate trusted computing designs

[Christian Stüble]

Am Freitag, 1. September 2006 01:24 schrieben Sie:
> Hi,
>
> I will make this short because you have indicated that you are not
> interested in more discussions on these topics, and I don't want to
> impose it, and furthermore I do not have much to add to the issues you
> are interested in discussing.  I will find other, more appropriate
> venues to raise my concerns to your group and the public in general in
> the near future.
This is your interpretation, but not what I have written. First, I said that I 
am interested in this discussion, but that I cannot spend too much time on
it. Second, I said that I would like to focus the discussion on this list to
hurd-related discussions and to continue the more general discussions at 
another place. Third, I said that I am interested in criticism, questions, 
and suggestions regarding our projects, but that I do not want to continue 
the discussion here (i) because of lack of time, and (ii) because I neither 
represent the project(s) not our group here officially. I do not want to mix 
up my personal opinion regarding TPM and related topics, and statements
about our group and/or projects. I would expected that you can understand 
this.

Regards,
Chris
 
>
> However, let me clarify one issue and respond to your direct questions
> at least.
>
> At Thu, 31 Aug 2006 20:06:46 +0200,
>
> Christian Stüble <address@hidden> wrote:
> > You are not consistent here. What is the difference between "possess"
> > and "own"?
>
> I admit I was inconsistent.  The reason is that I was confused about
> the ownership and possession of the computer hardware on the one hand,
> and the secret key on the TPM on the other hand.  As I do not believe
> in ownership of information, the secret key on the TPM can not be
> owned in my opinion.  However, if you do believe in ownership, or
> proprietarization, the key can be owned, and then it is very clear
> that the user does not own it (whoever it is, it is not the user).
>
> Anyway, whatever view one holds on the issue of proprietarization of
> information, it doesn't change the facts (information doesn't care
> what one believes about it) and the consequences to be expected
> (society doesn't care what one believes about how it is working,
> either).  Foregoing the ownership discussion actually makes my
> argument easier and much more consistent, so I am grateful for having
> that eliminated.  I am sorry for the confusion.
>
> > Okey, this statement shows again that you assume a very uncommon
> > definition of "ownership". You have a knife, but you are not allowed to
> > kill people with it. Now, you are not the owner of the knife any more?
>
> Killing other people certainly invades the ownership of other people,
> so that is the sphere of contracts, and not the sphere of private
> ownership.
>
> > > However, it is useful for the sake of discussion to simplify away some
> > > of the more remote public rights to make more clear where the major
> > > parts of control come from.
> >
> > But for now in my opinion your definition of ownership does not make
> > sense at all, because it cannot be applied in practice. Why do you
> > require full ownership of a PC then?
>
> Actually, that is a misunderstanding which I may have caused by
> simplifying the discussion too early.  The point is of course not that
> you do not retain exclusive control, but the degree to which you lose
> control by adoption of TPM technology.  It's a differential argument,
> not an absolute one.  In the rush I probably got it wrong, but that is
> moot now as I do not believe in it anymore anyway.
>
> Nevertheless, the question stands with slight adoption, so let me give
> you the short answer: Because I like to express my personality and
> free will through my computer.  It's the same reason I want to have
> full control over my diary, my pyjamas, and any other personal item.
>
> [...]
>
> > the license. In practice, there are more concrete examples: You get your
> > printer, tooth-brush, shaver, etc for free, but you have to pay whenever
> > you use it (buying ink, brushes, razor blade, ...) But in real life, you
> > can decide whether you accept this business model when you sign the
> > contract. If enough customers do not accept this business model, another
> > vendor will provide other business models. This is real life. Why
> > shouldn't this happen in virtual life, too?
>
> What you describe is not even true in the real world, not on the
> surface, and certainly not under analysis.  It can happen the way you
> describe, but it can also happen that the will of the customers is
> forcefully repressed, often with government complicity, as happened
> many times in the past, early and recent, and well documented in history.
>
> > Before I start another discussion here. Do you already have a definition
> > what a free choice is? And please ensure that real life can provide such
> > free choices.
>
> I have a definition, but I do not know if you will find it useful.
> It's the best I can come up with, and it works surprisingly well in
> practice.  Here it comes:
>
>  A free choice is one that can be made independent of any other
>  choices.
>
> In practice, every second of our life can only be spent once, so this
> can never be true.  However, as technically inclined people, we will
> find it easy to abstract away from such trivial border cases, and only
> consider "atoms of choices" in an appropriately chosen "universe of
> choices" that brings attention to the issues at hand.
>
> I welcome better definitions.  However, I have never heard of a
> meaningful definition which turns what is obviously a requirement into
> a free choice.
>
> Thanks,
> Marcus