Microsoft's copyright play and the Trusted Computing Group
Bruce Schneier wrote this piece "Is Microsoft skirting the issue?" but maybe he should have titled it "I hate hardware TPMs because they enable copy protection". It's not that I necessarily disagree with Bruce over the issue that the new copy protection features in Windows Vista are a little scary, I just wish he'd be a little more up front and say that rather than skirt around the issue by beating up on the TPM.
As I read Bruce's article, I thought it was a bit strange to hear a security guy rail against a hardware cryptographic module since the NIST gives these hardware modules the highest rating in authentication security. Bruce vehemently objects to the obstruction of a software-only based implementation of the TCG, but the whole point of a trusted platform is that it can't be modified in software form because of the inclusion of a hardware module. The reality is that the same hardware cryptographic module that enables strong cryptography for strong security can also be used by the movie and music industry to limit our ability to copy music. While it's true that the entertainment industry can be overzealous in their copy protection tactics and step on consumer rights, that is a different argument than the security value of a hardware module. If Bruce wants to rail against something, rail against the entertainment industry rather than an inanimate piece of hardware that has real value in strong security. The fact that the entertainment industry might abuse the security hardware is a whole different topic.
There is even some talk that Microsoft can use the hardware to block the third world from using pirated copies of Windows, but I really doubt that because Microsoft will be pushing the developing countries towards Linux and Open Office. Bill Gates himself has even stated that he understands why someone in China who makes $100 a month isn't going to buy a copy of Windows or Office and those things will be different when their economies and wages rise. Microsoft wants to be friendly to the Entertainment industry so that they will produce content for the PC in the first place. Consumers want the freedom and flexibility to use their paid content without any hassles and they will ultimately revolt if the entertainment industry or Microsoft goes overboard. It's all just a matter of finding the right balance between the rights of the content producers and the consumers and it will all work itself out in the end.