Learn about Linux
Download Linux
Get Linux helpSpecial Offers
Feature: Migration
Can you trust your computer?
Share
Print
CommentsWho should your computer take its orders from? Most people think their computers should obey them, not obey someone else. With a plan they call "trusted computing," large media corporations (including the movie companies and record companies), together with computer companies such as Microsoft and Intel, are planning to make your computer obey them instead of you. Proprietary programs have included malicious features before, but this plan would make it universal.
In the past, these were isolated incidents. "Trusted computing" would make it pervasive. "Treacherous computing" is a more appropriate name, because the plan is designed to make sure your computer will systematically disobey you. In fact, it is designed to stop your computer from functioning as a general-purpose computer. Every operation may require explicit permission.
The technical idea underlying treacherous computing is that the computer includes a digital encryption and signature device, and the keys are kept secret from you. (Microsoft's version of this is called "palladium.") Proprietary programs will use this device to control which other programs you can run, which documents or data you can access, and what programs you can pass them to. These programs will continually download new authorization rules through the Internet, and impose those rules automatically on your work. If you don't allow your computer to obtain the new rules periodically from the Internet, some capabilities will automatically cease to function.
Of course, Hollywood and the record companies plan to use treacherous computing for "DRM" (Digital Restrictions Management), so that downloaded videos and music can be played only on one specified computer. Sharing will be entirely impossible, at least using the authorized files that you would get from those companies. You, the public, ought to have both the freedom and the ability to share these things. (I expect that someone will find a way to produce unencrypted versions, and to upload and share them, so DRM will not entirely succeed, but that is no excuse for the system.)
Making sharing impossible is bad enough, but it gets worse. There are plans to use the same facility for email and documents -- resulting in email that disappears in two weeks, or documents that can only be read on the computers in one company.
Imagine if you get an email from your boss telling you to do something that you think is risky; a month later, when it backfires, you can't use the email to show that the decision was not yours. "Getting it in writing" doesn't protect you when the order is written in disappearing ink.
Imagine if you get an email from your boss stating a policy that is illegal or morally outrageous, such as to shred your company's audit documents, or to allow a dangerous threat to your country to move forward unchecked. Today you can send this to a reporter and expose the activity. With treacherous computing, the reporter won't be able to read the document; her computer will refuse to obey her. Treacherous computing becomes a paradise for corruption.
Word processors such as Microsoft Word could use treacherous computing when they save your documents, to make sure no competing word processors can read them. Today we must figure out the secrets of Word format by laborious experiments in order to make free word processors read Word documents. If Word encrypts documents using treacherous computing when saving them, the free software community won't have a chance of developing software to read them -- and if we could, such programs might even be forbidden by the Digital Millennium Copyright Act.
Programs that use treacherous computing will continually download new authorization rules through the Internet, and impose those rules automatically on your work. If Microsoft, or the U.S. government, does not like what you said in a document you wrote, they could post new instructions telling all computers to refuse to let anyone read that document. Each computer would obey when it downloads the new instructions. Your writing would be subject to 1984-style retroactive erasure. You might be unable to read it yourself.
You might think you can find out what nasty things a treacherous computing application does, study how painful they are, and decide whether to accept them. It would be short-sighted and foolish to accept, but the point is that the deal you think you are making won't stand still. Once you come depend on using the program, you are hooked and they know it; then they can change the deal. Some applications will automatically download upgrades that will do something different -- and they won't give you a choice about whether to upgrade.
Today you can avoid being restricted by proprietary software by not using it. If you run GNU/Linux or another free operating system, and if you avoid installing proprietary applications on it, then you are in charge of what your computer does. If a free program has a malicious feature, other developers in the community will take it out, and you can use the corrected version. You can also run free application programs and tools on non-free operating systems; this falls short of fully giving you freedom, but many users do it.
Treacherous computing puts the existence of free operating systems and free applications at risk, because you may not be able to run them at all. Some versions of treacherous computing would require the operating system to be specifically authorized by a particular company. Free operating systems could not be installed. Some versions of treacherous computing would require every program to be specifically authorized by the operating system developer. You could not run free applications on such a system. If you did figure out how, and told someone, that could be a crime.
There are proposals already for U.S. laws that would require all computers to support treacherous computing, and to prohibit connecting old computers to the Internet. The CBDTPA (we call it the Consume But Don't Try Programming Act) is one of them. But even if they don't legally force you to switch to treacherous computing, the pressure to accept it may be enormous. Today people often use Word format for communication, although this causes several sorts of problems (see http://www.gnu.org/philosophy/no-word-attachments.html). If only a treacherous computing machine can read the latest Word documents, many people will switch to it, if they view the situation only in terms of individual action (take it or leave it). To oppose treacherous computing, we must join together and confront the situation as a collective choice.
For further information about treacherous computing, see http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html.
To block treacherous computing will require large numbers of citizens to organize. We need your help! The Electronic Frontier Foundation (www.eff.org) and Public Knowledge (www.publicknowledge.org) are campaigning against treacherous computing, and so is the FSF-sponsored Digital Speech Project (www.digitalspeech.org). Please visit these Web sites so you can sign up to support their work.
You can also help by writing to the public affairs offices of Intel, IBM, HP/Compaq, or anyone you have bought a computer from, explaining that you don't want to be pressured to buy "trusted" computing systems so you don't want them to produce any. This can bring consumer power to bear. If you do this on your own, please send copies of your letters to the organizations above.
Postscripts:
1. The GNU Project distributes the GNU Privacy Guard, a program that implements public-key encryption and digital signatures, which you can use to send secure and private email. It is useful to explore how GPG differs from treacherous computing, and see what makes one helpful and the other so dangerous.
When someone uses GPG to send you an encrypted document, and you use GPG to decode it, the result is an unencrypted document that you can read, forward, copy, and even re-encrypt to send it securely to someone else. A treacherous computing application would let you read the words on the screen, but would not let you produce an unencrypted document that you could use in other ways. GPG, a free software package, makes security features available to the users; they use it. Treacherous computing is designed to impose restrictions on the users; it uses them.
2. Microsoft presents Palladium as a security measure, and claims that it will protect against viruses, but this claim is evidently false. A presentation by Microsoft Research in October 2002 stated that one of the specifications of Palladium is that existing operating systems and applications will continue to run; therefore, viruses will continue to be able to do all the things that they can do today.
When Microsoft speaks of "security" in connection with Palladium, they do not mean what we normally mean by that word: protecting your machine from things you do not want. They mean protecting your copies of data on your machine from access by you in ways others do not want. A slide in the presentation listed several types of secrets Palladium could be used to keep, including "third party secrets" and "user secrets" -- but it put "user secrets" in quotation marks, recognizing that this is not what Palladium is really designed for.
The presentation made frequent use of other terms that we frequently associate with the context of security, such as "attack," "malicious code," "spoofing," as well as "trusted." None of them means what it normally means. "Attack" doesn't mean someone trying to hurt you, it means you trying to copy music. "Malicious code" means code installed by you to do what someone else doesn't want your machine to do. "Spoofing" doesn't mean someone fooling you, it means you fooling Palladium. And so on.
3. A previous statement by the Palladium developers stated the basic premise that whoever developed or collected information should have total control of how you use it. This would represent a revolutionary overturn of past ideas of ethics and of the legal system, and create an unprecedented system of control. The specific problems of these systems are no accident; they result from the basic goal. It is the goal we must reject.
Copyright 2002 Richard Stallman
Verbatim copying and distribution of this entire article is permitted
without royalty in any medium provided this notice is preserved.
Editor's note: This article first appeared in Richard Stallman's new book, "Free Software, Free Society." This is the first time the article has appeared online, and Stallman has added some new material.
Comments
on Can you trust your computer?Note: Comments are owned by the poster. We are not responsible for their content.
http://www.newsfactor.com/perl/story/19707.html
Microsoft Beta Software Site Hacked
Microsoft's password-protected beta test site, where software can be tested before it hits the market, has been hacked, forcing Microsoft to
issue new passwords to more than 20,000 members of its developer networks.
New versions of<nobr> <wbr></nobr>.NET, Windows XP and other software were reportedly downloaded without authorization, as were experimental software
programs that have not been made public yet.
Microsoft emphasized that no source code was compromised in the breach and that the stolen software will be problematic to use and copy as a
result.
I wouldnt buy microcrap os if it was on sale for<nobr> <wbr></nobr>.5 cents what a bunch of idiots i know some hacker is havind fun with all their latest software right now
Im a beta tester and i can tell you for sure it wasnt hacked
i post anonynously because i am:
a) lazy
b) paranoid
c) ADD
More than anything, it is this disturbing evolution of Microsoft Windows that makes run for the safety of Linux.
One might also consider the legality of a U.S. company having complete authorization control over the computer systems of, say, France.
I know that I'll support freedom by promoting Linux to those who want alternatives.
This really is the end result of supporting proprietary software, though. It's the fact that proprietary software is even accepted at all that makes it possible for companies to do this.
If Free Software were the expected default, we wouldn't be worrying about Microsoft, the MPAA, and the RIAA.
I was wrong.
I re-read it about six months ago, and in the light of the DMCA, CBDTPA and TCPA, it no loner seems extreme at all. In fact, it seems eerily prescient.
Practically all the major points in "The Right to Read" are either enacted or pending legislation.
This is a Bad Thing. (But a very good essay!)
A "strike" where everybody writes free software would accomplish more.
can you help me out with what exactly you mean here?
Didn't you read the part about old hardware not being permitted to connect to the internet? Or about "untreacherous" software not being allowed access?
The easiest single response is to dismantle Microsoft and the government of the United States.
When you get done with that part, give me a call and I'll fill you in on the rest.
as for the government...the ranks of those with nothing to lose are growing daily. at the same time there are many with plenty to lose who are becoming more and more disillusioned with the system of corporate government, in which the freedom and rights of the people are usurped by politicians willing to sell them to the highest bidder. when these two groups get together and start to share resources and ideas...well, maybe then i can give you that call.
All they would do is give more people incentive to develop for Linux.
You mean like they do here on newsforge?
Grant
So any kiddie that 0wnz this box has full permission to rm -rf /
interesting aproach.<nobr> <wbr></nobr>;-D
What RMS was writing about happens on YOUR computer.
Moron! Free speech != posting w/e u want on NF
Posted by: Anonymous Coward on October 25, 2002 07:10 AMJust because you have free speech doesn't mean
NewsForge has to print whatever the hell you
want it to say. God, you are simple-minded
and childish. Graduate from high school ya dope!
It seems to me the poster you replied to raised a legitimate question that has nothing to do with whatever you are spouting off about. A good deal of "computing" is moving away from the area of the traditional PC, and it seems to me that the questions of control raised in the article are equally valid in this newer arena. I guess I got the sense that all the poster was trying to do was include this arena in the discussion.
Or are you suggesting that RMS is spreading anti-Microsoft (I'm not afraid to spell it out) FUD. If that is the case, go on being a sheep. The intellectual slaughter will come soon enough. Baa. .<nobr> <wbr></nobr>.Baa. . .
I had to read to find out that Tivo and PS2 have the linux kernel inside. I guess as consumers we have to be more careful at what we buy and who we buy it from. But there will probably always be folks would
take things like the Xbox and install free software on them for us to use. I just hope they do it outside the US so they don't get persecuted.
Don't buy them. This isn't intended as a smartass remark- I'm totally serious. Nothing you've mentioned can be characterized as a necessity, and going without any of them long enough to put the hurt on companies who insist on promoting palladium-laced products certainly won't harm anyone. This is one of many cases where a little self-discipline will be well worth the cost.
In a battle of wits, you are unarmed.
it's good to know you can read now go back to your english class and be a good bitch.
you posted on a public site bad mouthing backwoods individuals while claiming to be smarter than politicians, yet your poor use of grammar and insatiable use of fowl language only demised your own intelligence.
so in a sense, yes, you did ask for them.
Well said.
Gramatically correct.
Everyone is entitled to an opinion, and people without one should get one, whether they are right or wrong. But it is a persons ability to convey their opinion that is what is important.
Bot furgive me spealing
That is why I use GNU/linux ( also it is a greate OS) & my ( I am a student ) college had these problem earlier & now Linux is every where in my college.
Now also thanks to RMS & also comming to my country some monthes ago , though I missed the seminer as it was in bangalore & I lives in Calcutta.
Anirban Biswas.
In fact, according to syllabi in many state schools, use of a word-processor implies use of MS$ word-processors !! And this country claims to be a "democracy" based on "freedom".
Reverse engineering should explicitly be allowed. This is very different from copying. At the rate things are moving, it will be illegal to make software that operates in a similar way to other software.
I think consumers must wholly refuse to accept initiatives such as palladium. Vote with your dollars. Don't buy the palladium systems. And I am sure there are alternatives to M$. Many platforms to choose from. Think RISC.
Lastly the Linux community must not kid itself and think that people will just run to Linux if M$ goes ahead with its outrageous plan. We must develop software that is as feature rich as in the proprietary world, even if it means that at times it is less secure and so on. That is the basis of choice. If you want people to use Linux then you should cater for those who might not want to configure their ftp servers in some text file. Cater for everyone.
I'll swicth back to plain paper, and let the no
brain people to use my pc<nobr> <wbr></nobr>;-)
"The specific problems of these systems are no accident; they result from the basic goal. It is the goal we must reject."
I think he could have used a copy editor in several places. For example, in the above text what is "the goal". He needs to explicit refer back to "the goal" by either stating "that goal" or explicity restating what is the "goal" of treacherous computing.
The goal is to take away our freedom to use a computer in the way a computer has become known to be useful - that is what must be rejected.
Privacy for the *licensed by TCPA?* user, the usefulness of a *licensed by TCPA?* computer to the developer and passage for *licensed by TCPA?* content/software *licensed by TCPA?* producers and/or *licensed by TCPA?* distributers will be controlled.
A locked box may be interesting but is useless to me *until the lock is picked*.<nobr> <wbr></nobr>:)
I Told You SO
j<A HREF="http://www.pbs.org/cringely/pulpit/pulpit20020627.html">
http://www.pbs.org/cringely/pulpit/pulpit20020627<nobr>.<wbr></nobr> html</a pbs.org>
RMS actually told us so a LONG time AGO
<A HREF="http://www.gnu.org/philosophy/right-to-read.html">
http://www.gnu.org/philosophy/right-to-read.html</a gnu.org>
To begin with, the name 'Free Software Foundation' is a mockery of the word 'free'. If they really wanted _free_ software they wouldn't impose on the programmers that the source code has to be available in_all_derivative work. To me the BSD-license is the only one that really gives you free software in it's true sense.
Regarding the latter, is <A HREF="http://www.altlinux.ru/pipermail/devel/2001-August/003208.html">a very good article</a altlinux.ru> written by Ulrich Drepper. It describes how RMS tried to force himself into control of glibc.
What I would like RMS to answer is: Do you want "free" software or _free_ software and the free programmers that brings?
<nobr> <wbr></nobr>//Christian
No one is forcing you to use GPL'ed software. Yes, RMS advocates that you do, but he is not forcing you to do so. But if you do use GPL'ed software then you have to abide by its rules.
Freedom does not mean absense of laws . In fact, democratic countries that value freedom also have strong laws to protect that freedom. That is exactly what the FSF aims to do for GPL'ed software.
The objective of the FSF is that free software remain free. That is not the objective of the BSD licence. That doesn't mean one of them is wrong. These are two different views of the world.
WRONG! BSD give you the power to take the gift of my free software away from the community and make it your own. The minute this happens, it is no longer free. GPL ensures that my software will ALWAYS be free. If you don't like it, get your hands off of it, and write your own crap.
How's that free?
Now if someone buys the MS Apache, and they get shafted in the long run, than they have no one else to blame. But as free thinking persons, they have the choice. Just like MS has the choice to provide affordable software with a sensible license -- or not.
Hell, you can take Apache and code up your own Front Page extensions, just the way you like them. That's what the BSD license is about. Providing something that EVERYONE can use. Completely altruistic. A person who releases software under the BSD WANTS their code to be used EVERYWHERE -- no strings attached. Even if the software gets wrapped up in a closed product, it is still their providing a benefit to its users -- who are saved a little aggravation since at least that part of the software works.
(quote taken from http://httpd.apache.org/ABOUT_APACHE.html)
And perhaps the code isn't free either: Say you program an AI that can improve itself and you have used some GPL'd code in work. The AI after careful consideration decides that it likes the freedom that the BSDL gives you better and it wants to make itself available under that license instead. Well well, no can do because it now has the GPL-virus. So from this point of view not even the code is free.
And by the way, why hasn't anyone mentioned the article by Drepper? It seems to me that letting your software reside under a license that is modified by RMS from time to time is quite insane. If I were you, I sure wouldn't write 'this software is licensed under the latest version of the GPL' into my source code. Who knows what could happen then? (besides RMS, that is)
<nobr> <wbr></nobr>//Christian
And why does that make you see red? Freedom as used in the society is not _just_ about a person's freedom. It's about a person's freedom to get his/her rights. Think of it this way -- would you like a society that is so free that it allows people to resort to crime at their own discretion? How would it be like, if someone invents a knife to make it easier to process food and someone else uses that knife to resort to anti-social practices?
The primary motive of having GPL was indeed to protect the source code from being locked up in some corporate storage. I fail to understand what's wrong in that.
Think again. Freedom != freedom to do _anything_.
It's completely childish to complain about being unable to take the products of other people completely on your own terms. I believe the term "freeloader" is the most appropriate description of an individual who behaves in such a fashion.
Second, the Linux kernel is provided under the GNU GPL. Stallman wrote the GNU GPL.
Put two and two together and maybe this time you'll get four. You got three last time. Try again please.
>program an AI that can improve itself and you have
>used some GPL'd code in work. The AI after careful
>consideration decides that it likes the freedom >that the BSDL gives you better and it wants to
>make itself available under that license instead.
>Well well, no can do because it now has the
>GPL-virus.
So read the license on the code before using it.
And if you don't want to GPL it, then make sure you
don't use GPLed code.
Would you just click the "I Agree" button on an
online EULA without actually reading it, and then
complain about the EULA's terms later?
Freeloading is when you take something and give nothing back, but when Apple or MS takes BSD code and adds into their propriety software that actually adds to the community in the form of competition.
You don't seriously think that a good GUI design like the one Apple/MS has developed (and KDE/GNOME copied) could have been created without money (in that case; Newsflash: designers and cognition researchers don't work for free).
The fact that Apple can take the BSD code and make an operating system better than FreeBSD is mainly due to money, which wouldn't be available in the open-source community. To the community this kind of a "secondary access to money". Since Apple can hide the code to their GUI but not the GUI itself it is actually a form of contibution.
<nobr> <wbr></nobr>//Christian
Freeloading is when you take something and give nothing back, but when Apple or MS takes BSD code and adds into their propriety software that actually adds to the community in the form of competition.
Sure, when Ms takes BSD code and uses into IE, it increases competetion. Yeah right.
You don't seriously think that a good GUI design like the one Apple/MS has developed (and KDE/GNOME copied)
Correction: A Gui design which Xerox created and Apple/Ms copied. Newsflash for you: Most computer science related algorithms and advances have been available to others for free.
The fact that Apple can take the BSD code and make an operating system better than FreeBSD is mainly due to money,
Oh really? You seem to be confusing the Os with the GUI. Get over it, man. KDE/Gnome today are far better than anything Apple/Ms can do. period.
Since Apple can hide the code to their GUI but not the GUI itself it is actually a form of contibution.
Yeah, that neighbhour of yours bought a brand new spanking sports car, and its a form for contribution to the fish in the ocean. Some logic, I must say.
Can You trust your Computer
Posted by: Anonymous Coward on October 22, 2002 12:50 AMWAR ANYONE?? NO GIVE THEM CAKE.
What ever happened to Inocient till proven guilty.
Also couldent this view on law be used for guns also.
#