From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1MeDq1-0002jH-0X for mharc-grub-devel@gnu.org; Thu, 20 Aug 2009 16:02:21 -0400 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1MeDpz-0002h0-Ld for grub-devel@gnu.org; Thu, 20 Aug 2009 16:02:19 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1MeDpv-0002cO-46 for grub-devel@gnu.org; Thu, 20 Aug 2009 16:02:19 -0400 Received: from [199.232.76.173] (port=38905 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1MeDpv-0002cF-0e for grub-devel@gnu.org; Thu, 20 Aug 2009 16:02:15 -0400 Received: from xvm-190-8.ghst.net ([217.70.190.8]:34433 helo=aybabtu.com) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1MeDpu-00053s-FN for grub-devel@gnu.org; Thu, 20 Aug 2009 16:02:14 -0400 Received: from [192.168.10.10] (helo=thorin) by aybabtu.com with esmtp (Exim 4.69) (envelope-from ) id 1MeDps-0003Q6-FN for grub-devel@gnu.org; Thu, 20 Aug 2009 22:02:12 +0200 Received: from rmh by thorin with local (Exim 4.69) (envelope-from ) id 1MeDpr-0007J7-IQ for grub-devel@gnu.org; Thu, 20 Aug 2009 22:02:11 +0200 Date: Thu, 20 Aug 2009 22:02:11 +0200 From: Robert Millan To: The development of GRUB 2 Message-ID: <20090820200211.GA28050@thorin> References: <4A8BDB5B.5000407@labri.fr> <200908201008.01687.michael@gorven.za.net> <200908201033.21202.michael@gorven.za.net> <4A8D7A47.90704@duboucher.eu> <20090820174705.GA18371@thorin> <4A8D9776.9030809@own-hero.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4A8D9776.9030809@own-hero.net> Organization: free as in freedom X-Message-Flag: Worried about Outlook viruses? Switch to Thunderbird! www.mozilla.com/thunderbird X-Debbugs-No-Ack: true User-Agent: Mutt/1.5.18 (2008-05-17) X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6 (newer, 3) Subject: Re: about smartcards (Re: TPM support status ?) X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 20 Aug 2009 20:02:19 -0000 On Thu, Aug 20, 2009 at 08:35:34PM +0200, decoder wrote: > Robert Millan wrote: >> SmartCards are a single-purpose device. Users don't install software in them, >> > You don't install software in a TPM module either. >> and they don't have any user interface (other than a button or so) that could >> be used to implement DRM > This is wrong. Smartcards of course have a an interface to interact with > them. Yes, but it's usually just a button or similar. It doesn't behave like a computer. The same happens with your oven or your fridge. They run software and have a user interface, but they don't work like a computer. > And yes, you could use a Smartcard to do DRM. No, you can't. What you can do is use the smartcard for authentication in a computer that has been previously rigged against its user. In this case it is the computer which implements DRM, not the card. >> , so it's not an issue if their owners can't modify >> their firmware (which could even be in a ROM). >> > The TPM can't modify anything either. A TPM is a _passive_ crypto module. What does this have to do with anything? Being passive doesn't prevent it from being used in coercion schemes like: "Either you use this TPM to certify you're running Crippleware Reader 2.0 or you can't read this book" -- Robert Millan The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and how) you may access your data; but nobody's threatening your freedom: we still allow you to remove your data and not access it at all."