LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

Pencil, Pencil, and Pencil

Dividing the Linux desktop

LWN.net Weekly Edition for June 13, 2013

A report from pgCon 2013

Little things that matter in language design

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

What makes you so optimistic?

What makes you so optimistic?

Posted Jan 6, 2012 0:24 UTC (Fri) by khim (subscriber, #9252)
In reply to: Doctorow: The coming war on general-purpose computation by ibukanov
Parent article: Doctorow: The coming war on general-purpose computation

So far the tendency was to get less secure systems, not more.

Not where people are serious about "trusted computing". 15 years ago game consoles protection was circumvented easily and loophole closure was basically impossible without hardware reissue. 10 years ago you needed to periodically update your modchip - but these problems surfaced rarely and you basically had months of "easy" life separated by weeks of "problematic time" where latest and greatest games were uncopyable. Today on PS3 it's more like weeks if "easy" life (where you can play all available titles) and months-long "problematic times". And network play is basically impossible with pirated software on both XBox360 and PS3!

So it's quite possible to create working "trusted computing" scenario for network-attached computers... and if you'll not be able to physically attach "untrusted" computers to network... nightmare scenario described above is more real then you think..

(Log in to post comments)

What makes you so optimistic?

Posted Jan 6, 2012 2:16 UTC (Fri) by ibukanov (subscriber, #3942) [Link]

The trusted computing just shifts the attack focus. Sony could not keep access to PS3 account information secured. I suppose it is only a matter of time when somebody manages either to get access to their master private keys or to replace the firmwire update with a custom code on their central servers.

Besides, there are devices where the business model is not based on selling locked hardware cheaply and provide expensive software. In those cases there is little incentives to keep the hardware secure.

This is where government steps in...

Posted Jan 6, 2012 8:24 UTC (Fri) by khim (subscriber, #9252) [Link]

I suppose it is only a matter of time when somebody manages either to get access to their master private keys or to replace the firmwire update with a custom code on their central servers.

This already happened. SONY promptly sued GeoHot and others and now we are back on square one.

Number of people who can crack "trusted computing" is small, but yes, they do exist. If it's just "some company vs everyone" contest then it does not matter: you only need to crack protection once. If law is on your side then you can remove these people from the population (one way or another: physical removal is the last resort, obviously) and then "trusted computing" works.

Besides, there are devices where the business model is not based on selling locked hardware cheaply and provide expensive software. In those cases there is little incentives to keep the hardware secure.

Again: government can easily change the rules and make these devices unprofitable.

"Trusted computing" in a free world can not work - it violates the basic principle: you can fool some of the people all of the time, and all of the people some of the time, but you can not fool all of the people all of the time, but government intervention can make it work. And we are talking about laws here, so...

This is where government steps in...

Posted Jan 6, 2012 8:57 UTC (Fri) by ibukanov (subscriber, #3942) [Link]

> Again: government can easily change the rules and make these devices unprofitable.

This nicely allow to repeat my opinion: the Prohibition tried to make selling alcohol unprofitable. It did not work and was reversed. I assume the same will eventually happens with SOPA as the amount of black market for devices that allows unrestricted access to cheap entertainment would be even bigger than the black market for alcohol. Especially given that compared with alcohol people would not see or feel the bad effects of using those devices.

Nope. There are huge difference.

Posted Jan 6, 2012 13:54 UTC (Fri) by khim (subscriber, #9252) [Link]

This nicely allow to repeat my opinion: the Prohibition tried to make selling alcohol unprofitable.

Nope. Prohibition tried something entirely different: it tried to ban it. Alcohol excises are nothing new and they work adequately well - as long as they are not too onerous.

Because Prohibition affected millions it was hopeless.

I assume the same will eventually happens with SOPA as the amount of black market for devices that allows unrestricted access to cheap entertainment would be even bigger than the black market for alcohol.

Oh, SOPA is, of course, fail. This is not a problem. As long as you can watch your illegally gotten entertainment on legally bought hardware it's hopeless.

But the next logical step will be to forbid use of any hardware which is not "trusted". And this may work: most people can not do anything about it and you only need to prosecute few oddballs who can actually crack the protection.

Especially given that compared with alcohol people would not see or feel the bad effects of using those devices.

Sure, but that'll only happen if they will actively seek these devices. Thus yes, you'll need not just a stick but a carrot, too: if you can access enough entertainment legally for adequate price then few people will bother with underground. And then you can start rising prices and watch for the reaction: if people tolerate current prices you can continue to raise them, if too many of them seek illegal devices, then you need increase penalties and if way, way, way too many seek illegal devices then it's time to reduce prices somewhat somewhat.

Remember: it's all about money. There are no need to stop all infringers - only enough of them to guarantee that majority of population will pay "fair" (i.e. outrageous) prices. Salt patents show that you can raise prices pretty significantly before the whole scheme will break apart.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds