Free Republic

Needless to say, this floored those of us who were shocked to discover that Rush does not have 20 million friends.

He was painting a picture of rush where he was so alone and isolated after the show that he certainly didnt have the benefit of those 20 million "friends", if you call them that. He wasnt taking any of those friends to a bar to bond with them or whatever.

I'm wondering why they can't just sit in the library and read the books and take notes and even photocopy graphics and stuff. Surely thats less risky than checking them out, whether the records of your having checked them out last for two days or two years or forever or not at all.

For example, that part about deleting programs off the hard drive? That's part of the plan, honest - and the current windows media player user agreement already specifies it.

There is something in the user agreement that looks alot like that and would perhaps include that but does not in a million years describe something they would do:

"You agree that in order to protect the integrity of content 
and software protected by digital rights management ('Secure 
Content'), Microsoft may provide security related updates to 
the OS Components that will be automatically downloaded onto 
your computer. These security related updates may disable 
your ability to copy and/or play Secure Content and use other 
software on your computer. If we provide such a security 
update, we will use reasonable efforts to post notices on a 
web site explaining the update."

They mean, the DRM fixes might break the DRM media and thereby break 3rd party media-viewing applications that use the DRM apis. Thats what theyre talking about. Also, any time they are automatically installing updates on your computer there is the chance something else will break. Theyve got to have their butts covered for that.

I can't find anything about deleting files, though. Just breaking them. Alot of people talk about the deleting but i cant find the EULA text in question. Only the one I posted.

Also do you know any other forum or irc server where people argue about this kind of stuff?? Ive been looking for one and I can't find anything. I think that if any of this comes to pass (which I still doubt), those that struggle against it will be heroes. And we had better start planning ahead as soon as possible!

1) The operating system decides it dosen't like your untrusted browser anymore, and deletes it off the hard drive

That will never, ever happen. They can try to keep us from running untrusted software, but they dont dare delete files that they dont approve of.

Nonetheless, the bottom line remains - unless untrusted machines are eventually excluded from the internet, this entire effort will fail.

I don't see that. As I see it, the keep-them-from-running-kazaa issue is completely independent of the be-confident-in-sending-them-encrypted-media issue.

If they can make it hard enough to get media onto your computer (trusted cdroms,dvdroms) that only downloading it is feasible, then be-confident-in-sending-them-encrypted-media is quite enough. The Masses wont know the difference between DRM-media and free media until they download the DRM-media from kazaa and try to play it, and it wont work because they dont have the license. At the same time, the sharing will drop off because the #1 source of shared files is The Masses leaving downloaded files in their "my kazaa downloads" folder, or whatever it is called.

Aside: when i install windows: palladium edition, will I have to replace every bit of my hardware to be new trusted hardware? I mean, I expected the motherboard and cpu to need replacing, but what about everything else? How can windows: palladium edition allow my crusty old un-trusted cdrom to work in the system? Certainly my old sound cards and video cards wont work either. Could that be why all the hardware firms are behind this? Or maybe theyve just signed on so they wont be left behind.

However, I see no reason why the ISPs cannot easily filter untrusted traffic.

The traffic would be trusted, because it would be generated by my emulated trusted platform. You could say that the drm-wrappers would be added in the emulated platform, and then passed through the host OS bare without wrapping the packets with anything else. The computer at the ISP's end wouldnt be able to tell the difference.

I am currently considering potential problems in the emulator approach.

If every chip has an ID number associated with it (I am having trouble imagining every piece of hardware in a system having its ID numbers verified somehow) then you may have to own a legitimate piece of hardware, and use some mechanism to determine the chip's ID number, and program that into the emulator so that the correct ID number can be emulated.

So how can you get that chip ID number? It may be rigged so that the chip wont output the id number except encrypted with a public key that the requestor of the chip ID number supplies. Then we would not be able to intercept and decrypt the chip ID number--unless we had access to an Illegitimate Requestor. We could be in trouble if the Illegitimate Requestor had to be an operating system. The cpu might refuse to run an operating system that is not signed. But unless the CPU has some set of keys hardcoded in it, there will be a key exchange step that can be intercepted. But that seems like putting an awful lot of eggs in one basket, where a whole lot could be compromised just by someone leaking the keys.

Leaking of keys is an entirely wicked problem. Do you revoke all trusted hardware that has been compromised by the release of keys that will allow false hardware to mimic that trusted hardware? That will leave alot of users/owners very angry.

etc

Obviously, untrusted machines will be the only machines used for file sharing at that point (kaazaa will not run on a trusted box) and it will be hard to explain why this sort of thing should still be allowed, when it can be so easilly cut off.

That is the point I do not agree on. That sort of thing should still be allowed, because the scenario where PCs only run trusted software is impossible. The PC can't even run programs that I write? It can't run shareware that independent authors write who can't afford or be bothered to get the software certified as trusted? Wait until someone gets a trusted PC and finds out they can't run winamp or ICQ or old windows games. No one will stand for that. Which is why it won't happen.

The guy who posted the pdf: A trusted platform can be set to either not allow any untrusted apps, or it will allow an untrusted app to run, but all running trusted apps will be notified (and will likely shut down in response)

Trusted PCs will be able to run untrusted software. Note, however, that this may only be through a protected emulation layer that will gimp up or slow down most of the programs.

Eventually, it is possible - and I personaly believe, likely - that ISPs will face a growing risk of liability for allowing untrusted machines to access their networks

The first ISP that ceases to allow untrusted machines to access their networks will be at a huge competitive disadvantage, when their users realize that their internet connection dies whenever they run one of the millions of pieces of untrusted software that they cannot understand why they should not have access to.

I have complete faith in the total impossibility of a court finding that an ISP is required to make a good faith effort to block illicit activities in such a way that millions of other legitimate activities are also blocked.

home PC that makes a direct connection to the internet will not allow an untrusted machine to share its connection, and I expect that the same will be true of consumer-level routers and hubs.

Just be aware that this necessity for home networking to be trusted is an extrapolation of the scenario where internet connections via ISPs are trusted. It wont be a battleground, because the real battleground would be at the point of the ISP requiring connections only from trusted machines.

Incidentally, there is a big philosophical difference between the machine being trusted and the network being trusted. They are building the trusted root into the hardware because it is so darn difficult to intercept and subvert at that level, because you cannot readily tap into it. But it is downright impossible to keep people from subverting your network, because they unavoidably tap into it at the level of the physical network connection. I can easily put a device that mimics a trusted device on the network (but that device is not really trusted; it does whatever I want). The parallel situation with the PC hardware is this: either replacing the fritz chip components built into the cpu die with false circuits, or replacing the cpu altogether with a false one off the black market. This may even be more difficult due to clever cryptographic stuff. I am not sure about all of that.

The very concept of abstraction that has enabled such complicated machines and systems to be built piece by piece by making assumptions about what lies beneath will work against the TCPA. Because as soon as one layer can be subverted, all the dominos fall. For example, who can stop me from emulating a trusted system, routing all network input and output through it, instead of processing the traffic on the host system, and pausing the VM at any time and picking whatever I want out of memory? (I guess this is why they need network trusting! :p I will have to think about that one..)

Maybe I misunderstand, but if your ISP will only allow you to log in via a trusted machine, and that trusted machine will not connect to untrusted machines, how do you expect to log on through an untrusted proxy?

I was assuming that your trusted machine would be able to make http connections to untrusted machines. If this is not the case, then every web server in the world is going to need to be switched over to trusted machines, which is a very unlikely scenario.

When they say that a trusted machine will not connect to an untrusted machine, they do not mean that this a universal. A trusted Big Media content server would not connect to an untrusted computer, this is true. But it would be restricted to specific cases like that.

The truth is, no one wants to keep you from accessing untrusted resources. What they want is to be able to certify that your computer is trusted, which mostly means that it is only running trusted software. They won't send you content until your computer is trusted. It doesnt matter if you can access untrusted resources, if you still cannot use untrusted software on your machine to do untrustworthy things.

Keep in mind, also, that this business about ISPs is only seriously extrapolated conspiracy theory. I don't think anyone has ever proposed it except while thinking through the possible array of consequences, as we have been doing. Granted, once the government decrees that only trusted computers shall be used, anything is possible, but that is the very reason why i think such a decree is very unlikely.

They don't want to keep us from connecting to kazaa. That is a much sloppier solution (since kazaa is untrusted, it also would also keep us from connecting to almost everything else untrusted, which is almost everything) than just setting up a system where some PCs are trusted, and only those trusted PCs are given legit content.

I'll be worried when i see all this unholy data mining amount to something terrible, but not until then.

I think that issue is far from settled. But regardless, I thought it was more of a gentleman's agreement. That is, industry and law enforcement wont make ISP's life miserable if the ISP cooperates and reveals information about users and responds to cease-and-desists for removing potentially infringing content.

You're right--many of the servers will attempt to remember which MAC addresses had which IP and give that same ip address back to it. Thats just one way of setting it up. But if it only has ten addresses available, and it has used up nine of them, and someone is requesting an IP address, and it remembers that the last one available was used by another MAC address, it will almost certainly hand out that last IP address regardless. The MAC address is just a guideline to make everyone's life easier.

Well, remember that the ISP industry has worked out arrangements with law enforcement and Big Media to the effect of: ISP is not responsible for anything, as long as they cooperate. In the spirit of that agreement, keeping records to link IPs to users is sort of a minimal requirement.

But it makes me burn with wrath and desire strongly to set up my own ISP where i promise to not keep track of anything like that, and if we go down, we all go down together.

Theyre not supposed to change every eight hours. That would mean you could never sustain a connection for longer than eight hours, which would be a very crippled internet connection indeed. They are supposed to see if your PC is turned on and plugged in every eight hours, and if not, free up that IP address.

I do not think the duration of the use of a dynamic IP address is an issue. I mean, I doubt very much that they don't know which customer has it at 0:59:59 but at 1:00:00 hours, they do. I would imagine they log which customer received which ip address at the time it is assigned.

What I am not sure about is how they relate the request for an IP address to the customer. Do they have a serial number for the cable modem that you are supposed to be using? What if you use another modem? Does their equivalent of a dhcp server (they use something else complicated that sends back alot of other configuration information) actually check a database to determine if the modem is authentic?

An even better question is why the ISPs log this anyway. Legal requirements? Or is there some reason why it is smart for an ISP to do this (to curb system abuse somehow?)

The recording industry then issued a subpoena to Comcast, the user's Internet service provider, demanding the name, address, and e-mail address of the person behind the IP address.

<Comcast> "Oops. did we make a mistake? so sorry."

. If we need qualified people, spread the burden around, run a deficit, and offer "huge" recruiting bonuses (e.g., no income tax for the rest of your life).

Or quit teaching them to hate their country, civilization, and way of life in school, so they might be more willing to volunteer to defend it all.

Total cost of the OSP, including integration with the booster, will likely exceed six billion dollars, and the overall effort will require hundreds of thousands of workforce hours. I believe there are several higher priority efforts that could better use these resources.

We can make a space elevator [ http://www.freerepublic.com/focus/f-news/984384/posts ] for $6B

A good start would be to quit releasing CRAP in the first place. That's just what theyre proposing to do. Of course, it will never be up to your standards.

My expectation is that your router will need to be trusted before your ISP allows it to connect, and your trusted router will only accept connections from trusted machines.

Then I shall use my trusted PC to make a connection to a proxy that is definitely not trusted. There's no way they can stop all the ways of doing that.

If there were a move to these types of computers i say fine.

Guess what....my 486 and me using BBS's again will be like old times.

Amen brother. I dont understand this paranoia. Bring it on, I say. No industry or government is big and strong enough to keep us from using whatever computers we want, on whatever networks we set up. Alcohol, drugs, and now computers--prohibition won't ever work. If the only computer I can freely use is the one I wraught in my basement with my bare hands, with a network going from house to house with phone lines strung across backyards, then thats what I'll do. Its sort of romantic anyway.

They also have restricted the size of files which can be sent as attachments in emails.

Thats shameful. Which free service can I use to send 600M CD images through email?