AMI Replies on “Trusted Computing”
An extended and reasonable reply from Umbertina E. Vezzani at AMI to the message I sent them:
It must be noted that AMI has not announced support for Microsoft’s Palladium. Palladium is an initiative by an OS entity that is slated for the future. To be honest, though we do know about it, AMI has not begun any development related to it. At this point we have not made any decisions on support either. TCPA is completely optional to our customers (OEMs, ODMs, CMs and other system builders). They may choose to make it available or not, depending on the needs of their market. We have had requests from a number of customers for this technology. Depending from the motherboard manufacturer, you will continue to find motherboards enabled by AMIBIOS that do not feature TCPA. I must also add that AMIBIOS is not the first to offer this feature – There are already PCs featuring this technology or other BIOS vendors enabling this technology or other hardware-based security options based on encrypted authentication.
TCPA does not equal Palladium. While certainly there is some future development overlap between the two, TCPA is being introduced by OEM’s as a security option to protect systems through hardware and firmware. The purpose of TCPA is to implement a subsystem to protect computer clients from software hackers, not DRM. It is poorly suited, even from a technical point of view, for DRM. DRM applications might use TCPA applications or not, and DRM can be introduced without TCPA. If you are against DRM, your concerns should be expressed to the organizations that promote it.
On misconceptions in circulating papers
Another common misconception is that TCPA would not allow people to run Linux. It actually does not limit the ability to run Linux (or any other open source solution). Linux device drivers for TCPA are available as well.
In addition to this, the TCPA FAQ document reports several protections for those users that are concerned with their privacy:
* The system owner has ultimate control and permissions over private information and must opt-in to utilize a TCPA subsystem.(…) A TCPA subsystem can be disabled permanently
* The specification allows the system owner to create multiple and/or anonymous identities to enhance personal security and remove avenues for identity cross-correlation
* Supports multiple certificate authorities to give user choice
* Code, applets or drivers used on a TCPA subsystem do not need to be signed, unless the Operating system used specifically requires it.
Please refer to: TCPA FAQ
As a smaller company itself, AMI has always supported innovation and creativity, as these have been our main tools in competing against much larger companies in our industry. We would not do anything that in our minds would damage our credibility or reputation for world class BIOS solutions and will carefully evaluate this type of feedback when it does come time to examine any future technologies. We would also like to recommend that anyone who is opposed to a Palladium-type solution in the future, please make that known to OEM’s and system builders. As they are our customers, we definitely listen to them in terms of what they (and hopefully their customers) will want in future BIOS.
Thank you again for your time in contacting us and we hope that this and some of the links below will shed some light on AMI’s plans.
LINKS
Original Articles on theinquirer.net
http://www.theinquirer.net/?article=7089
http://www.theinquirer.net/?article=7103Interview with Slashdot (“real, not laundered”)
I don’t feel insulted by this, which means it’s good boilerplate. Has he changed my mind? Not yet. I’m posting this before I’ve looked into all the links he provides. But since I want anonymity to remain the Net’s default and since I believe that the mere existence of an identity system will lead – because of the tilt in the market’s playing field – to abuses, I am unlikely to be brought to think that hardware-enabling such systems is a good idea. But my mind is still open. A bit.
Categories: Uncategorized dw
David-
…don’t mean this as an insult (don’t ya love it when people start that way), but i’m wondering:
why is your base assumption that when someone other than you has power, they will abuse it?
am i misinterpreting?
ejn
Eric, the other “someone” isn’t a person. It’s a set of corporations that have shown themselves to be abusers of power. One of them is, as I recall, a convicted monopolist. Given that they, as corporations, are mandated to maximize shareholder value and have proven themselves untrustworthy, why do you trust them?
fair enough….
but “abuses” occur on the internet as it stands today, and yet you use that….
ejn
Yeah, but I don’t want to see more abuses, esp. ones that will be built into the Net experience for the benefit of of the Big Content crowd.
Let me state here and now for the record: I am against abuses.