sad treacherous computing day

simo simo.sorce at
Mon May 7 15:08:56 UTC 2007

On Mon, 2007-05-07 at 16:28 +0200, Alfred M. Szmidt wrote:
>    On Mon, 2007-05-07 at 15:52 +0200, Alfred M. Szmidt wrote:
>    > This is the exact case I stated, prohibiting others from updating
>    > their software.  It is one thing to _verify_ the binary, and still
>    > allow it to run, and another to simply say `You're bad! Go away bad
>    > person!'; and this is exactly what DRM/TC does.  Signing binaries is a
>    > great way to check their integrity, but that doesn't mean that one
>    > shouldn't be able to run unverifiable binaries.  So I still don't see
>    > how DRM/TC can be a useful thing.
>    Let's try to make it clear.  I don't want Alfred Szmidt to be able
>    to get access to my machine and take it over by installing his
>    malicious kernel or any of his malicious binaries.  I, myself,
>    under my personal control, do you get it?
> This example has nothing to do with TC or DRM.  This is how just about
> any modern operating system works.  I cannot update the kernel on this
> machine since I do not have the permission to do so because the kernel
> disallows me to do that task, but there is no need for a specially
> crippled chip for this task.  So I still do not see the use of DRM/TC.

It is an additional measure that can help you in case of bugs. If I have
a vulnerability, in a service, that let you get root privileges on a
machine, I can still prevent you from changing vital components because
of the hardware protection. A reboot will make sure my machine is not
compromised because I know you were not able to change vital system
components like the kernel as you don't have the signing key I keep

> You are confusing two things, hardware and software.  TC is purley
> hardware based, and TC with DRM is even more evil.

Please document yourself a bit before going on.

As I said before it's the use you make of a technology that is good or
bad, and I agree that using TC/DRM against a user is bad. But this does
not make a Fritz chip bad per se.


More information about the Discussion mailing list