That’s the question that opponents of trusted computing want us to ask. But that’s just as misleading as the suggestions that trusted computing will eliminate piracy thereby bringing about a digital paradise. A better more accurate question to ask is:

Should you be able to offer proof that this result is the output of running that program?

Stated this way the issue of trusted computing becomes much clearer. Obviously, other things being equal, it would be desierable to be able to prove the information you are submitting really did result from the execution of a particular program. For instance this would allow you to purchase processor cycles without the fear of false results or to trust calculations performed by other clients in a distributed virtual world. Moreover, like other technologies it would surely offer benefits that we can’t yet imagine. Below the break I explain why DRM opponents and open source advocates should get behind this useful technology rather than leaving it to falsely identified with DRM and standardized in the worst possible way.

The worry that OS and hardware vendors will gang up with big content and leave you unable to trust your own computer is quite real. However, we need to carefully distingush the motivations some companies might have for pursuing this technology and the technology itself. Bashing the idea of trusted computing or demanding that it’s fundamental utility be compromised by allowing the user to tell their computer to lie just gives big media more influence over how trusted computing will work. A much better solution is to offer a vision of trusted computing that brings all the benefits while avoiding most of the pitfalls.

First of all though it’s important to dispose of the myth that trusted computing is about creating ‘unbreakable’ DRM. Really what makes strong hardware backed DRM possible is secure I/O which, though often represented as part of the trusted computing package, is really a separate technology¹ that is already being implemented². As far as the absurd suggestion that TC will stop you from playing your mp3s not only is this against the OS and hardware vendor’s interests it doesn’t require TC in the first place. It’s obviously impossible to prevent any unprotected content from getting out³ so all DRM really tries to do is make ‘unauthorized’ use sufficiently difficult, something that may require secure I/O but certainly not trusted computing.

So if DRM is only a reason to oppose secure I/O (which we seem to have failed at) that only leaves us with Stallman’s worry that it would rob us of control of our computers, e.g., be unable to run open source software, and Schneier’s concern that it will make life even easier for malware or vendors wishing to track your activities. These worries, however, can be solved with a proper trusted computing stack.

Any attempt to secure the full operating system from video card drivers to virtual filesystems to keyboard input is too absurd to even bother attempting. If code executing in a trusted enviornment depends on the entirety of a modern kernel to be secure it’s a lost cause. There is simply too much stuff going on in a modern OS and it is updated too frequently to be able to trust any signature resting on kernel security. A much more secure and less troublesome way to make everything work is to leave the standard kernel untrusted but run it under a minimal trusted hypervisor. When it becomes necessary to run some code in a trusted environment the kernel hands off the call to the hypervisor which hashes any necessary inputs and starts the program behind a memory curtain. It will be in everyone’s interest to make this hypervisor as small as possible and as broadly compatible as possible so not only is there no threat to open source software but I would expect such a hypervisor to be open source.

Armed with this conception of trusted computing it’s easy to see that most of the criticisms don’t apply. With such a simple environment for trusted programs they will never control the GUI or become a vendor controlled citadel telling users what they can and can’t do with their computers. The absurd worries of external control of our computers simply don’t make sense. It will only make sense to run simple computational engines and security modules as trusted applications so it won’t give the court or microsoft magical power over your whole software stack. Heck, if the public was willing to buy it MS could insert remote censorship software in word right now and only a small digital elite would be able to circumvent it. Worries about compatibility or vendor lock in are really moot since these can already be achieved quite effectively for 99% of users.

Trusted computing is not a magic wand that solves our digital security and ownership issues but nor is it a great menace. It’s simply a useful tool that will allow a new interesting class of applications to be created. So let’s object to the really troubling things like secure I/O (aka HDCP) and offer positive suggestions for a sane trusted computing platform⁴ instead of rejecting it out of hand. I want to be able to buy and sell CPU time like they are always doing in scifi novels and I think it’s a shame open source advocates and anti-DRM campaigners are pointlessly standing in the way.

The most well known ‘feature’ of trusted computing is to enable secure digital rights management (DRM) for digital media. For instance an online music store like the apple music store might encrypt the song they sell you so that only the iTunes player on a system with TC technology could access the decrypted data and unlike current DRM technology it would be (in principle) secure [insecure]. Among other things this would make it very difficult to illegally copy the content you purchased. For this reason trusted computing is being strongly promoted by the Trusted Computing Group which includes some of the biggest companies in the computer world (Intel, Microsoft, IBM, HP and AMD). However, TC faces significant opposition from many computer hobbyists, open source advocates and the EFF. The concern of these groups isn’t that TC and DRM would prevent piracy, they convincingly argue that it would not, but that it would take too much power away from the user and give it to the vendor.

The essential concern is that the vendor has complete control over your use of their content enabling anti-competitive behavior, blocking fair use, preventing the use of third party of hobbyist enhancements and forcing unnecessary repurchase. These problems have been widely discussed and the EFF can explain the harms far better than I. Suffice it to say that DRM technology could be really fucking bad for the consumer as well as culture.

However, these misuses of the technology are something that can be addressed by proper legislation (the market isn’t sufficient as many of the harms occur via a tragedy of the commons or are opaque to the average consumer). One ambitious solution I think has promise would be for congress to define a set of mandatory rights for the retail purchase of media/IP by individuals. This could deal with the DRM problem and End User License Agreements (EULA) in one fell swoop and if the rights were broad enough undermine the motivation for DRM technology or even ban it’s use for retail media entirely.

While I’m worried about the effects of DRM technology, especially during the time it takes to pass new laws, the fact that it can be used for unsavory purposes isn’t enough of a reason to oppose the technology. In fact it is downright inconsistent for the hacker/open source community to defend services like bittorrent and programs like DeCSS (unencrypts DVDs) because they have upstanding uses as well as enabling piracy but dismissing trusted computing because it could be used for evil. Like bittorrent and DeCSS trusted computing also has many compelling applications.

Utilization of all the excess computing power in PCs around the world has been a dream of researchers and hackers for years but apart from free projects like Seti@Home it has yet to come to fruition. One large obstacle is the technological inability to guarantee the results of a remote computation are valid. Few people are going to fake results for Seti@Home or other charitable work but once you start paying people for the use of their computer their is an incentive to make more money by only pretending to run the computations. Also more serious projects need to worry about malicious interference. Trusted computing can solve these problems by providing a cryptographic guarantee the result you receive is the result of running a certain piece of code. Additionally companies will be reluctant to make use of commoditize computing power if their competitors can see their private data just by selling time on their CPUs. While it is more difficult than generally acknowledge to provide truly cryptographically secure computation (timing attacks) trusted computing can make it very very difficult to decipher the encrypted data while still allowing your computer to work on it.

This is just one potential application of trusted computing other than DRM. Many others have been proposed including, email with guaranteed deletion dates, to better protection of personal information, greater computer security, digital cash and perhaps the ability to run your programs on anyone’s computer. As with any major computing advance the most compelling uses are probably things that haven’t even been thought of yet. Given all these potential advantages it would be a shame to throw out a whole technology just because it can also be used for evil. It would be unfortunate even to adopt the EFF’s solution that would give the computer owner an override of trusted computing facilities as this would eliminate all but the computer security application of trusted computing.

If computer freedom advocates want to be consistent they should recognize that it is wrong to demonize the technology of trusted computing just because it can be used for evil just like it is wrong to demonize P2P networks or DeCSS because of their illicit applications. Certainly their are improvements that can be made to trusted computing to make it better (instead of verifying the software stack thus requiring a trusted kernel features to authenticate valid context switching should be used instead) but we should work to improve the technology not throw it out.