www/philosophy can-you-trust.html

www-commits

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

www/philosophy can-you-trust.html

From:	Richard M. Stallman
Subject:	www/philosophy can-you-trust.html
Date:	Thu, 26 Feb 2015 15:30:11 +0000

CVSROOT:        /web/www
Module name:    www
Changes by:     Richard M. Stallman <rms>       15/02/26 15:30:11

Modified files:
        philosophy     : can-you-trust.html 

Log message:
        TPMs have failed to be practical for remote attestation,
        which makes them harmless in practice.

CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/philosophy/can-you-trust.html?cvsroot=www&r1=1.51&r2=1.52

Patches:
Index: can-you-trust.html
===================================================================
RCS file: /web/www/www/philosophy/can-you-trust.html,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -b -r1.51 -r1.52
--- can-you-trust.html  12 Apr 2014 12:39:58 -0000      1.51
+++ can-you-trust.html  26 Feb 2015 15:30:10 -0000      1.52
@@ -226,6 +226,39 @@
 </ol>
 
 <hr />
+
+<p>As of 2015, treacherous computing has been implemented for PCs in
+the form of the &ldquo;Trusted Platform Module&rdquo;; however, for
+practical reasons, the TPM has proved a total failure for the goal of
+providing a platform for remote attestation to verify Digital
+Restrictions Management.  Thus, companies implement DRM using other
+methods.  At present, &ldquo;Trusted Platform Modules&rdquo; are not
+being used for DRM at all, and there are reasons to think that it will
+not be feasible to use them for DRM.  Ironically, this means that the
+only current uses of the &ldquo;Trusted Platform Modules&rdquo; are
+the innocent secondary uses&mdash;for instance, to verify that no one
+has surreptitiously changed the system in a computer.</p>
+
+<p>Therefore, we conclude that the &ldquo;Trusted Platform
+Modules&rdquo; available for PCs are not dangerous, and there is no
+reason not to include one in a computer or support it in system
+software.</p>
+
+<p>This does not mean that everything is rosy.  Other hardware systems
+for blocking the owner of a computer from changing the software in it
+are in use in some ARM PCs as well as processors in portable phones,
+cars, TVs and other devices, and these are fully as bad as we
+expected.</p>
+
+<p>This also does not mean that remote attestation is harmless.  If
+ever a device succeeds in implementing that, it will be a grave threat
+to users' freedom.  The current &ldquo;Trusted Platform Module&rdquo;
+is harmless only because it failed in the attempt to make remote
+attestation feasible.  We must not presume that all future attempts
+will fail too.</p>
+
+<hr />
+
 <blockquote id="fsfs"><p class="big">This essay is published
 in <a href="http://shop.fsf.org/product/free-software-free-society/";><cite>Free
 Software, Free Society: The Selected Essays of Richard
@@ -270,7 +303,7 @@
 
 <p class="unprintable">Updated:
 <!-- timestamp start -->
-$Date: 2014/04/12 12:39:58 $
+$Date: 2015/02/26 15:30:10 $
 <!-- timestamp end -->
 </p>
 </div>

[Prev in Thread]

Current Thread

[Next in Thread]

www/philosophy can-you-trust.html, Richard M. Stallman <=
- www/philosophy can-you-trust.html, GNUN, 2015/02/26

Prev by Date: www planetfeeds.af.html planetfeeds.ar.html pla...
Next by Date: www/philosophy can-you-trust.html
Previous by thread: www/licenses licenses.de.html licenses.es.html ...
Next by thread: www/philosophy can-you-trust.html
Index(es):
- Date
- Thread