Re: TPM support status ?

[Robert Millan]

On Wed, Aug 19, 2009 at 02:25:21PM +0200, Michael Gorven wrote:
> On Wednesday 19 August 2009 13:51:34 Vladimir 'phcoder' Serbinenko wrote:
> > 1) Making use of TPM you become dependent on good will of TPM
> > manufacturer. You can never know if or when the TPM manufacturer or
> > someone connected with them will ask you to use remote attestation to
> > prove them that you use only the software they signed and that they
> > effectively control your computer.
> 
> How are you dependent? If they ask you to use remote attestation then just 
> say 
> no

The trick is, you can't skip a remote attestation test.  Either you prove
you're clean or you're not.  So if you "just say no", what does it mean?

It could mean you can't access your bank account unless you use their
designated non-free browser.

It could mean you can't read a book unless you use their designated non-free
reader (with DRM restrictions, etc).

Since we're going to say no anyway, there's no reason to do it later.  The
longer we wait the stronger they'll be, and the more difficult for us to
reject their unreasonable demands.

> > Why do I as user need someone else to check my computer?
> 
> Because you don't always own or completely control the computer. 

Right, but we're defending the rights of the legitimate owner of that device,
which doesn't have to be the same as the end user (e.g. kiosk).

-- 
Robert Millan

  The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
  how) you may access your data; but nobody's threatening your freedom: we
  still allow you to remove your data and not access it at all."