Trecherous Computing lol

I'm writing a debate on Trusted Computing, and after remembering a flash that's more than likely been bumped off of 4chan's /f/, I decided to ack world4ch about it. Anyone have links to good rants or articles on TC that would provide for some solid pros and cons about the issue? You guys could also throw in what you think about TC, as I can quote discussion groups.


mewtnote (lol): I was about to write this on Jackie T. and the Violence in Video Games baloney, but some professor who's much more important than me has already done it. (Very well, I might add.)

>>79
However, TC prevents people from accidentally sending the document where it shouldn't go
It may be accidental, or "accidental", just like taking a picture.

Current technology may prevent this as well, only that you don't know it.


The same can be said for the BIOS and the rest of the hardware.
With the difference they're not controlled by craposoft or doing anything shitty, and if it did, we'd realize soon enough - the hard thing would be not to realize it. If you're not a sysadmin or a dev you have no authority to talk about this because you don't know how it is. Oh, and you still won't own the keys. You may own subkeys for your documents, but all you do runs under billy's and riaa's keys and rules and with their knowledge, so you're not only not increasing your corporate security, but you're already fucking it because you're revealing private data to absolutely shitty corporations infamous for their evil intentions.

>>81
Current technology may prevent this as well, only that you don't know it.

Like what? Adobe's PDF encryption? Hardly comparable. Keys and pgp? Not transparent, and a lot easier to circumvent (copy resulting plaintext).

Feel free to link me to a robust solution.

With the difference they're not controlled by craposoft

You ignored my post regarding windows, oracle, etc. Nobody has ever fully disassembled them either. Now what's the Fortune 500 running?

Oh, and you still won't own the keys.

I'll wait for actual implementations before deciding. I know I'm being hopelessly naive here, but I can hope. Since businesses in general would be interested in this, I'm hoping Adam Smith's Invisible Hand will work here, at least for some line of machines.

>>82
Like what?
Right now I can think of enforcing PGP for all external email in your SMTP server, or a simple XUL application to serve sensible documents which are never downloaded like normal files, and I'm sure there's better - I'll ask the security department tomorrow.

Even if nobody fully disassembled Windows and Oracle, like I said, we'd realize soon enough that either is fucking with us. Too many users with too much knowledge to let it pass, rest assured. As a matter of fact, all of microsoft's OS protection schemes are caught, studied, and cracked even before the OS is officially released.

I know I'm being hopelessly naive here, but I can hope.
You can have hopes for world peace, free porn, all Japanese games being localized, or winning the lottery, but believe me here, you can't have any hopes that treacherous computing will be one bit good for anybody who is not riaa or microsoft.

Right now I can think of enforcing PGP for all external email in your SMTP server

Doesn't cover laptops, usb drives, cd/dvds, etc. The solution you propose is a default-open policy, because rather than taking care of the problem at the source, you're trying to plug them as they come up.

Too many users with too much knowledge to let it pass, rest assured.

Same could be said for TC.

As a matter of fact, all of microsoft's OS protection schemes are caught, studied, and cracked even before the OS is officially released.

Different problem. Either the OS runs, or it doesn't. That makes hunting for the proverbial needle a whole lot easier. Now, what else might the software be doing?

You can have hopes for world peace

I don't think it's that far out there. As I said, other IT departments would no doubt be

Crud. Well, you get the idea: there's a lot of money to be made by catering to businesses.

>>84
|Same could be said for TC.
No, because Oracle isn't mandatory on all computers.

|Now, what else might the software be doing?
As a matter of fact, all of microsoft's OS protection schemes are caught, studied, and cracked even before the OS is officially released.

>>84
There's no possible "default-closed" policy. Not even treacherous computing for reasons mentioned in previous posts.

OSes and other often cracked software don't just work or not work. Their protection schemes are much more complex. Again, are you a Linux or Windows hacker? You have no clue of what are you talking about, so either learn it (you're welcome to ask, don't be afraid of anything and give it a couple of years) or stop writing about things you don't know.

>>86
No, because Oracle isn't mandatory on all computers.

I fail to see the connection between the line you are replying to, and your reply. Please reread the line directly above the line you replied to: "Too many users with too much knowledge to let it pass, rest assured."

How does that connect Oracle and TC? If anything, it's closer to Windows and TC, since Windows is quite pervasive.

>>87
There's no possible "default-closed" policy.

And you say I don't know what I'm talking about...

>>87
When was the last time you entered a Windows serial? Wait, just about any product!

Most products make the mistake of letting you know very soon after the check that it failed. Makes hunting down the cause with a debugger relatively easy. It's a far cry from figuring out every function in a piece of software, which is what you'll need to do if you're not certain what you're looking for.

Is the software hiding data in-channel? Is it saving certain data in its data files? Is it dumping it somewhere on disk? Is it performing some kind of timing attack? Maybe a buffer overflow when calling a library function? Or another one of the myriad possibilities?

Please enter the serial: _

FCKGW-RHQQ2-YXRKT-8TG6W-2B7Q8, just like everybody else.

That ain't a crack. So someone claims all MS's protection schemes are broken, yet everyone is using serialz?

Actually, MS have broken a lot of their protection schemes on their own. Example: "Everyone must activate their products with us now, that will completely stop piracy and infringement of user licenses. Um. Except corporate customers. We'll make versions of Windows and Office that don't require activation, and trust system builders and network administrators never to release them to the public, because they're all so honest and incorruptible. Yes, that will work."

Even MS's Update Nazi program ("No updates for you!") was cracked within hours, and if it hadn't been, then automatic updates still worked perfectly. GOOD JOB GUYS!