Untitled

Transcription

Untitled
Chapter17: Can You Trust Your Computer?
115
Who should your computertake its orders from? Most people think their computers should obey them, not obey someoneelse. With a plan they call "trusted
computing," large media corporations(including the movie companiesand record
companies),together with computercompanies such as Microsoft and Intel, are
planning to make your computer obey them instead of you. Proprietaryprograms
haveincluded malicious featuresbefore, but this plan would make it universal.
Proprietarysoftware means,fundamentally, that you don't control what it does;
you can't study the sourcecode, or changeit. It's not surprising that clever businessmenfind ways to use their control to put you at a disadvantage.Microsoft has
done this severaltimes: one version of Windows was designedto report to Microsoft all the software on your hard disk; a recent "security" upgradein Windows
Media Playerrequiredusersto agreeto new restrictions. But Microsoft is not alone:
the KaZaamusic-sharingsoftwareis designedso that KaZaa'sbusinesspartnercan
rent out the use of your computerto their clients. Thesemalicious featuresare often secret,but evenonce you know aboutthem it is hard to removethem, since you
don't havethe sourcecode.
In the past, thesewere isolated incidents. "Trusted computing" would make it
pervasive."Tr~acherouscomputing" is a more appropriatename,becausethe plan
is designedto make sure your computerwill systematicallydisobeyyou. In fact, it
is designedto stopyour computerfrom functioning as a general-purposecomputer.
Every operationmay require explicit permission.
The technical idea underlying treacherouscomputing is that the computer includesa digital encryption and signaturedevice, and the keys are kept secretfrom
you. (Microsoft's version of this is called "palladium.") Proprietaryprogramswill
use this device to control which other programs you can run, which documents
or data you can access,and what programs you can passthem to. Theseprograms
will continually download new authorizationrules through the Internet,and impose
thoserules automaticallyon your work. If you don't allow your computerto obtain
the new rules periodically from the Internet, some capabilities will automatically
ceaseto function.
Of course,Hollywood and the record companiesplan to use treacherouscomputing for "DRM" (Digital RestrictionsManagement),so that downloadedvideos
and music can be played only on one specified computer. Sharingwill be entirely
impossible,at leastusing the authorizedfiles that you would get from thosecompanies. You, the public, ought to have both the freedom and the ability to sharethese
things. (I expectthat someonewill find a way to produceunencryptedversions,and
This is the first publishedversionand is part of Free Software,FreeSociety: SelectedEssaysofRichard M. Stallman, 2002, GNUPress(http://www.gnupress.org);
ISBN 1-882114-98-1.
Verbatimcopyingand distribution of this entire article is
pennitted in any medium,provided this notice is preserved
116
Free Software,Free Society: SelectedEssaysof Richard M. Stallman
to upload and sharethem, so DRM will not entirely succeed,but that is no excuse
for the system.)
Making sharingimpossible is bad enough,but it gets worse. There are plans to
use the samefacility for email and documents-resulting in email that disappears
in two weeks,or documentsthat can only be read on the computersin one company.
Imagine if you get an email from your bosstelling you to do somethingthat you
think is risky; a month later, when it backfires,you can't use the email to show that
the decision was not yours. "Getting it in writing" doesn't protect you when the
order is written in disappearingink.
Imagine if you get an email from your boss stating a policy that is illegal or
morally outrageous,suchas to shred your company's audit documents,or to allow
a dangerousthreat to your country to move forward unchecked. Today you can
send this to a reporter and expose the activity. With treacherouscomputing, the
reporter won't be able to read the document;her computerwill refuseto obey her.
Treacherouscomputing becomesa paradisefor corruption.
Word processorssuchas Microsoft Word could usetreacherouscomputing when
they save your documents,to make sure no competing word processorscan read
them. Today we must figure out the secretsof Word format by laborious experiments in order to make free word processorsread Word documents. If Word encrypts documentsusing treacherouscomputing whensavingthem, the free software
community won't have a chanceof developingsoftware to read them-and if we
could, suchprogramsmight evenbe forbidden by the Digital Millennium Copyright
Act.
Programsthat usetreacherouscomputing will continually download new authorization rules through the Internet, and impose those rules automatically on your
work. If Microsoft, or the U.S. government,does not like what you said in a document you wrote, they could post new instructionstelling all computersto refuse to
let anyoneread that document. Each computerwould obey when it downloadsthe
new instructions. Your writing would be subjectto 1984-styleretroactive erasure.
You might be unableto read it yourself.
You might think you can find out what nasty things a treacherouscomputing
applicationdoes,study how painful they are,and decide whetherto acceptthem. It
would be short-sightedand foolish to accept,but the point is that the deal you think
you are making won't stand still. Once you come depend on using the program,
you are hookedand they know it; then theycan changethe deal. Someapplications
will automaticallydownload upgradesthat will do somethingdifferent-and they
won't give you a choice aboutwhether_toupgrade.
Today you can avoid being restricted by proprietary software by not using it. If
you run GNU/Linux or anotherfree operating system,and if you avoid installing
proprietary applications on it, then you are in chargeof what your computerdoes.
If a free program has a malicious feature, other developersin the community will
take it out, and you canusethe correctedversion. You canalso run free application
programs and tools on non-free operating systems;this falls short of fully giving
you freedom, but many usersdo it.
Treacherouscomputing puts the existenceof free operatingsystemsand free applications at risk, becauseyou may not be able to run them at all. Someversionsof
Chapter17: Can You Trust Your Computer?
treacherouscomputing would requirethe operating systemto be specifically authorized by a particular company.Freeoperatingsystemscould not be installed. Some
versionsof treacherouscomputing would require every program to be specifically
authorized by the operating systemdeveloper. You could not run free applications
on such a system. If you did figure out how, and told someone,that could be a
come.
There are proposals already for U..S.laws that would require all computersto
support treacherouscomputing, and to prohibit connecting old computers to the
Internet. The CBDTPA (we call it the ConsumeBut Don't Try Programming Act)
is one of them. But evenif they don't legally force you to switch to treacherous
computing, the pressureto accept it may be enormous. Today people often use
Word format for communication,althoughthis causesseveralsortsof problems(see
http://www.gnu.org/no-word-attachments.html).If only a treacherouscomputing
machine can read the latest Word documents, many people will switch to it, if
they view the situation only in terms of individual action (take it or leave it). To
opposetreacherouscomputing,we must join togetherand confront the situation as
a collective choice.
For
further
information
about treacherous computing,
see
http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html.
To block treacherouscomputing will require large numbers of citizens to organize. We need your help! The Electronic Frontier Foundation (www.eff.org) and
Public Knowledge (www.publicknowledge.org)are campaigning againsttreacherouscomputing, and so is the Digital SpeechProjectsponsoredby the Free Software
Foundation(www.digitalspeech.org).Pleasevisit theseWeb sites so you can sign
up to support their work. You can also help by writing to the public affairs offices
of Intel, IBM, HP/Compaq,or anyoneyou have bought a computer from, explaining that you don't want to be pressuredto buy "trusted" computing systemsso you
don't want them to produceany. This can bring consumerpower to bear. If you do
this on your own, pleasesendcopiesof your letters to the organizationsabove.
The GNU Projectdistributesthe GNU PrivacyGuard,a program that implements
public-key encryption and digital signatures,which you canuse to sendsecureand
private email. It is useful to explore how GPG differs from trusted computing, and
seewhat makesone helpful and the other so dangerous.
When someoneusesGPG to sendyou an encrypteddocument,and you useGPG
to decode it, the result is an unencrypted document that you can read, forward,
copy, and even re-encryptto sendit securelyto someoneelse. A treacherouscomputing application would let you read the words on the screen, but would not let
you produce an unencrypteddocumentthat you could use in other ways. GPG, a
free software package,makes security featuresavailable to the users; they use it.
Treacherouscomputing is designedto imposerestrictionson the users; it usesthem.