Trusted Computing FAQ TCPA / Palladium / NGCSB / TCG
Trusted Computing Frequently Asked Questions
- TCPA / Palladium / NGSCB / Longhorn / TCG
Version 1.0
Ross<br>Anderson
Translations into German, Spanish, Italian, Dutch, Chinese, Norwegian, Swedish, Finnish, Hungarian, Greek, Hebrew and French. This<br>document is released under the GNU Free Documentation<br>License.
Additions since July 2002 are at the foot of this<br>document. See also the Economics and Security<br>Resource Page which gives a lot of background to the issues raised here.
Microsoft has renamed Palladium<br>NGSCB - for `Next Generation Secure Computing Base' and pronounced `enscub',<br>while TCPA has been renamed (somewhat brusquely)<br>as TCG - for the Trusted<br>Computing Group. Meanwhile, opposition is<br>mounting. Expect further twists and turns as the battle<br>develops. And read on ...
1. What are TCPA and Palladium?
TCPA stands for the Trusted<br>Computing Platform Alliance, an initiative led by Intel. Their<br>stated goal is `a new computing platform for the next century that<br>will provide for improved trust in the PC platform.' Palladium<br>is software that Microsoft says it plans to incorporate in future<br>versions of Windows; it will build on the TCPA hardware, and will add<br>some extra<br>features. Palladium has recently been renamed NGSCB<br>while TCPA has been renamed TCG; however I'll continue to refer to<br>them here by their original names as they are still more widely used.
2. What does TCPA / Palladium do, in ordinary English?
It provides a computing platform on which you can't tamper with the<br>applications, and where these applications can communicate securely<br>with the vendor. The obvious application is digital<br>rights management (DRM): Disney will be able to sell you DVDs that<br>will decrypt and run on a Palladium platform, but which you won't be<br>able to copy. The music industry will be able to sell you music<br>downloads that you won't be able to swap. They will be able to sell<br>you CDs that you'll only be able to play three times, or only on your<br>birthday. All sorts of new marketing possibilities will open up.
TCPA / Palladium will also make it much harder for you to run<br>unlicensed software. Pirate software can be detected and deleted<br>remotely. It will also make it easier for people to rent software<br>rather than buying it; and if you stop paying the rent, then not only<br>does the software stop working but so may the files it created. For<br>years, Bill Gates has dreamed of finding a way to make the Chinese<br>pay for software: Palladium could be the answer to his prayer.
There are many other possibilities. Governments will be able to<br>arrange things so that all Word documents created on civil servants'<br>PCs are `born classified' and can't be leaked electronically to<br>journalists. Auction sites might insist that you use trusted proxy<br>software for bidding, so that you can't bid tactically at the<br>auction. Cheating at computer games could be made more difficult.
There is a downside too. There will be remote censorship: the<br>mechanisms designed to delete pirated music under remote control may<br>be used to delete documents that a court (or a software company) has<br>decided are offensive - this could be anything from pornography to<br>writings that criticise political leaders. Software companies can also<br>make it harder for you to switch to their competitors' products; for<br>example, Word could encrypt all your documents using keys that only<br>Microsoft products have access to; this would mean that you could only<br>read them using Microsoft products, not with any competing word<br>processor.
3. So I won't be able to play MP3s on my PC any more?
With existing MP3s, you may be all right for some time. Microsoft says<br>that Palladium won't make anything suddenly stop working. But a recent<br>software update for Windows Media Player has caused controversy<br>by insisting that users agree to future anti-piracy measures, which<br>may include measures that delete pirated content found on your<br>computer. Also, some programs that give people more control over their<br>PCs, such as VMware and Total Recorder, are unlikely<br>to work under TCPA. So you may have to use a different player - and if<br>your player will play pirate MP3s, then it seems unlikely to be<br>authorised to play the new, protected, titles.
It is up to an application to set the security policy for its<br>files, using an online policy server. So Media Player will determine<br>what sort of conditions get attached to protected titles, and I expect<br>Microsoft will do all sorts of deals with the content providers, who<br>will experiment with all sorts of business models. You might get CDs<br>that are a third of the price but which you can only play three times;<br>if you pay the other two-thirds, you'd get full rights. You might be<br>allowed to lend your copy of some digital music to a friend, but then<br>your own backup copy won't be playable until your friend gives you the<br>main copy back. More likely, you will not be able to lend music at<br>all. These policies will make life inconvenient...