End TCPA and Invasions of Privacy

  • Author:
  • Send To:
    To the TCPA and computer-related companies of the world
  • Sponsored By:
  • More Info at:
To the TCPA- Trusted Platform Computing Alliance.

It has come to the attention of the petition-makers that you are creating a new standard for the PC, Trusted Platform Computing. Far from creating a better PC and online experience for the home or business user, these new standards would enable the TCPA to dominate and control the computing market and to essentially take control of any user's computer any time the company wishes (even when the user does not desire the control). In addition, it would take away the rights of users to use their legally purchased software in the manner that they choose.

A quote from the TCPA, and it's refutation below.

Quote: "The Trusted Computing Platform Alliance, or TCPA, was formed by Compaq, HP, IBM, Intel and Microsoft. All five companies have been individually working on improving the trust available within the PC for years. These companies came to an important conclusion: the level, or "amount", of trust they were able to deliver to their customers, and upon which a great deal of the information revolution depended, needed to be increased and security solutions for PC's needed to be easy to deploy, use and manage. An open alliance was formed to work on creating a new computing platform for the next century that will provide for improved trust in the PC platform."

From: http://www.trustedcomputing.org

The truth is that the TCPA software and hardware would leave gaping, massive holes in the majority of our nation's information infrastructure- holes that would be purposely placed, so that the TCPA could use them to control your computer and the data placed on the computer.

The consequences for national and world security could be disastrous. Terrorists or criminals who manage to gain access to the control methods that would be hardwired into your hardware and hardcoded into your software could wreck massive havoc on the world. By using the Internet to send commands that could shut down PC's using Windows software or Intel/AMD hardware, or by deleting and altering data on your computer, nefarious persons could wreck the security that TCPA claims to create.

It is also a massive invasion of privacy. Your private data is essentially public to the TCPA. Governments with influence over the TCPA could potentially force the TCPA to share the data with them, to delete your files, or submit them as evidence against you.

Some explanation on how TCPA can be abused-

Quote: "11. How can TCPA be abused?

One of the worries is censorship. TCPA was designed from the start to support the centralized revocation of pirate bits. Pirate software will be spotted and disabled by Fritz when you try to load it, but what about pirated songs or videos? And how could you transfer a song or video that you own from one PC to another, unless you can revoke it on the first machine? The proposed solution is that an application enabled for TCPA, such as a media player or word processor, will have its security policy administered remotely by a server, which will maintain a hot list of bad files. This will be downloaded from time to time and used to screen all files that the application opens. Files can be revoked by content, by the serial number of the application that created them, and by a number of other criteria. The proposed use for this is that if everyone in China uses the same copy of Office, you do not just stop this copy running on any machine that is TCPA-compliant; that would just motivate the Chinese to use normal PCs instead of TCPA PCs in order to escape revocation. So you also cause every TCPA-compliant PC in the world to refuse to read files that have been created using this pirate program.

This is bad enough, but the potential for abuse extends far beyond commercial bullying and economic warfare into political censorship. I expect that it will proceed a step at a time. First, some well-intentioned police force will get an order against a pornographic picture of a child, or a manual on how to sabotage railroad signals. All TCPA-compliant PCs will delete, or perhaps report, these bad documents. Then a litigant in a libel or copyright case will get a civil court order against an offending document; perhaps the Scientologists will seek to blacklist the famous Fishman Affidavit. Once lawyers and government censors realize the potential, the trickle will become a flood.

Now the modern age only started when Gutenberg invented movable type printing in Europe, which enabled information to be preserved and disseminated even if princes and bishops wanted to ban it. For example, when Wycliffe translated the Bible into English in 1380-1, the Lollard movement he started was suppressed easily; but when Tyndale translated the New Testament in 1524-5, he was able to print over 50,000 copies before they caught him and burned him at the stake. The old order in Europe collapsed, and the modern age began. Societies that tried to control information became uncompetitive, and with the collapse of the Soviet Union it seemed that democratic liberal capitalism had won. But now, TCPA and Palladium have placed at risk the priceless inheritance that Gutenberg left us. Electronic books, once published, will be vulnerable; the courts can order them to be unpublished and the TCPA infrastructure will do the dirty work.

So after the Soviet Union's attempts to register and control all typewriters and fax machines, TCPA attempts to register and control all computers. The implications for liberty, democracy and justice are worrying."

From: http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

The potential for abuse is staggering.

TCPA's "features" cannot all be turned off. And it is possible that they will, in the future, be made mandatory by legislation in some countries, including the United States.

Only Apple Computer, among the major corporations, has refused to collaborate with the ironic and falsely named "Trusted Computing Platform".

Further information on the TCPA is contained in these URLs-



A final point, by the respected computer journalist Robert X. Cringely-
(note for reader: Palladium is Microsoft's implimentation of TCPA)

"What bothers me the most about it is not just that we are being sold a bill of goods by the very outfit responsible for making possible most current Internet security problems. "The world is a fearful place (because we allowed it to be by introducing vulnerable designs followed by clueless security initiatives) so let us fix it for you." Yeah, right. Yet Palladium has a very real chance of succeeding.

How long until only code signed by Microsoft will be allowed to run on the platform? It seems that Microsoft is trying to implement a system that will enable them, once and for all, to charge game console-like royalties to software developers.

But how will this stop the "I just e-mailed you a virus" problem? How does this stop my personal information being sucked out of my PC using cookies? It won't. Solving those particular problems is not Palladium's real purpose, which is to increase Microsoft's market share. It is a marketing concept that will be sold as the solution to a problem. It won't really work."
From: http://www.pbs.org/cringely/pulpit/pulpit20020627.html

The Undersigned understand that such attempts at blatant abuse of the trust of computer users should not be tolerated. And they will reward computer companies that do not join or sell TCPA related hardware or software, or who leave the TCPA, with their wallets.

Persons interested in further contacting the TCPA with your opinion ( hint- letters and phone calls often count more than e-mail) on this matter should send their correspondence to-

Phone: (US)

Fax: (US)

TCPA Program Office:
[email protected]

Mailing Address:
TCPA Program Office
Carol Burke, M/S JF1-229
Intel Corporation
2111 NE 25th Avenue
Hillsboro, OR 97124
United States of America

Please be polite, and tell them that you oppose the TCPA and will not use the product until it stops inserting backdoors into the software and hardware that harm the user's computing experience, creates the potential for corporate and governmental abuse of the program, and creates the potential for worldwide security breaches.