June 04, 2003

Palladium as P2P Enabler - cypherpunk fantasy redux

A little late, since I was busy, but just to have this in the blog-ether:
Edward Felten has a posting about the paper Trusted Computing, Peer-To-Peer Distribution, and the Economics of Pirated Entertainment, and remarks:

A new paper by Stuart Schechter, Rachel Greenstadt, and Mike Smith, of Harvard, points out what should have been obvious all along: that "trusted computing" systems like Microsoft's now-renamed Palladium, if they work, can be used to make peer-to-peer file sharing systems essentially impervious to technical countermeasures.

I'm having a bad flashback to the days of the censorware wars. Then, some pundits would opine that if we had a totally "rated" net (i.e. all content had a label on it), then - ha ha, unintended consequences - people could use the censorship system to find cool things. Or, elsewhere, taking the no-privacy ideas most often associated with David Brin, then - ha ha, unintended consequences - people could use the surveillance system against corrupt government officials. Here, if we have total computing control - ha ha, unintended consequences - people can construct a secure INTRAnet.

The problem with this approach in this case is mentioned down around the seventh page in the paper:

If the attacker can write programs that impersonate genuine clients, there is no limit to the number of malicious peers that can be introduced into the system.

Bingo. In any widely-distributed file-sharing system, RIAA/MPAA/Axis-Of-Evil will have access to clients too. Ultimately, all we've done is gone around that issue all over again. Nothing new here folks, there's going to be no techno-judo.

By Seth Finkelstein | posted in security | on June 04, 2003 12:38 PM (Infothought permalink) | Followups
Seth Finkelstein's Infothought blog (Wikipedia, Google, censorware, and an inside view of net-politics) - Syndicate site (subscribe, RSS)

Subscribe with Bloglines      Subscribe in NewsGator Online  Google Reader or Homepage