HTW des Saarlandes - Prof. Dr.-Ing. Damian Weber - Fakultät IngWi HTW

Palladium/TCPA and DRM

Big Brother Everywhere?

What are Palladium, TCPA and DRM?

Using Palladium, a Windows-Extension to be delivered in 2005, the software and Hollywood industry wants to control the actions of every PC on the planet. The reason is digital rights management (DRM), allegedly used to protect the rights of artists.

The Palladium-enabling hardware is called TCPA (=Trusted Computing Platform Alliance), which is currently supported by about 200 manufacturers lead by Intel.

Evidently, Windows becomes a DRM-OS = "Digital Rights Management Operating System", the concept of which is already patented. This has enormous consequences. Within the cryptography mailing list there are commented excerpts from the patent.

An early description of the rationale and the motives behind all this is to be found in Ross Anderson's TCPA/Pd-FAQ.

Motive of the Hardware and Software Companies?

Let Intel speak:

"This is a new focus for the security community, [...] 
 The actual user of the PC - someone who can do anything they want 
 - is the enemy."

 David Aucsmith, security architect for Intel, 
 as quoted in an article by Robert Lemos of ZD Network News, 
 Feburary 25, 1999

from Trusted Computing: Trusted by Whom? 
by  Eric Smith

Microsoft praising its new baby: here.

Why is this worrying?

Richard Stallman, Founder of the GNU project which already has developed and distributed a lot of free software:
Microsoft presents Palladium as a security measure, and claims
that it will protect against viruses, but this claim is evidently
false. A presentation by Microsoft Research in October 2002 stated
that one of the specifications of Palladium is that existing
operating systems and applications will continue to run; therefore,
viruses will continue to be able to do all the things that they
can do today.

When Microsoft speaks of "security" in connection with Palladium,
they do not mean what we normally mean by that word: protecting your
machine from things you do not want. They mean protecting your copies
of data on your machine from access by you in ways others do not
want. A slide in the presentation listed several types of secrets
Palladium could be used to keep, including "third party secrets"
and "user secrets" -- but it put "user secrets" in quotation marks,
recognizing that this is not what Palladium is really designed for.

The presentation made frequent use of other terms that we frequently
associate with the context of security, such as "attack," "malicious
code," "spoofing," as well as "trusted." None of them means what it
normally means. "Attack" doesn't mean someone trying to hurt you,
it means you trying to copy music. "Malicious code" means code
installed by you to do what someone else doesn't want your machine
to do. "Spoofing" doesn't mean someone fooling you, it means you
fooling Palladium. And so on.

from Can you trust your computer? by Richard Stallman

Palladium/TCPA Links



Copy Protection

Technical Aspects

Free Applications



Further Links

page updated Oct 3, 2009