Comment the problem is with software, not hardware (Score 1) 481
The TCPA system is designed to protect the system at the hardware level and Palladium is built on top of that. This seems to totally miss the point: most of the recent security problems have occurred because of poor software, not hardware. Even if TCPA guarantees that the hardware layer has not been tampered with, all it takes to compromise the system is a buffer overflow somewhere in the system.
I do not know much about the precise cryptography techniques employed in Palladium, but the following scenario is not wholly unrealistic: Imagine what would happen if a virus infects your box: Would it be able to read all those crypto signatures and certificates off your chips? Will there be databases of such cracked signatures all over the web, similar to those serial key warehouses?
Besides, I don't know when these people will realize that computers are not black boxes like the microprocessor in your washing machine. There are lots of people who play with computers, whether such tinkering is useful or not is immaterial. Sealing hardware within crypto-vaults is being prudish and playing spoil-sport. Mebbe such hardware security is necessary in high-security installations: I am happy with my system the way it is!
I do not know much about the precise cryptography techniques employed in Palladium, but the following scenario is not wholly unrealistic: Imagine what would happen if a virus infects your box: Would it be able to read all those crypto signatures and certificates off your chips? Will there be databases of such cracked signatures all over the web, similar to those serial key warehouses?
Besides, I don't know when these people will realize that computers are not black boxes like the microprocessor in your washing machine. There are lots of people who play with computers, whether such tinkering is useful or not is immaterial. Sealing hardware within crypto-vaults is being prudish and playing spoil-sport. Mebbe such hardware security is necessary in high-security installations: I am happy with my system the way it is!
