Sprucing up open source's GPL foundation

TalkBack 18 of 34:: Next »; « Previous

Thread View
Flat View

cryptographically signed STUPIDITY: To anyone who knows anything about encryption,
the concept of using Public Private key
technology based on asymmetric keys is weak in
the first place, and then by inserting the public
key into a billion peices of hardware (where you
can't change it when it is compromised) is about
as trustable as a guy selling watches from his
raincoat in a train station.

The problem here is that the people working on
this idea start with the predicate "well the
hardware has to have a key in it that will only
run our software which is signed", before then
thinking about "Trusted computing".

Keys MUST be DISCARDABLE to be trustable.
I came across this concept when working with
Lotus Notes, which uses an Asymmetric key
signature system with hierarchical organisational
certifiers and so on.
At one stage the company I worked for suspected
the Organisational root certifier was compromised
by a competitor.
You can only recreate trust by creating a new Org
root certifier and new versions of EVERY OTHER
KEY. This would have meant going around every
customer and recreating org to org trust
certificates. The management decided not to do it
since it was too big a job, and therefore had to
continue with a situation.

The problem was that too much Trust was placed in
certificates. Put these certificates in hardware
and you'd have to throw away the hardware to
regain trust.

CERTIFICATES MUST BE DISCARDABLE TO BE TRUSTABLE.
Therefore "Trusted Computing" will never be
Trustable in it's current envisioned form.

GNU Public Licence is the strongest licence (most
tried and tested, simplest and so on) to date.
It sounds like Richard Stallman is writing an
improved licence (added features). The article
sounds like he's writing a new one because the
existing one is weak. I don't think this is the
case at all. (Note software patents don't exist
in a large part of the world, and in the USA most
people think there should be massive USPTO
reform, therefore it's the USPTO that is weak,
not the GPL).; Posted by: hipparchus2000 Posted on: 12/24/04 You are currently: a Guest | Members login | Terms of Use

Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Would have been nice to have some of these provisions before SCO DonnieBoy | 12/23/04

IMHO Patents Are the Forthcoming Battlefield... BanjoPaterson | 12/23/04

Patents will lose... Omch'Ar | 12/23/04

not in the EU they're not hipparchus2000 | 12/24/04

Europe has issued scores of software patents... Anton Philidor | 12/24/04

Once again Anton you totally miss the point hipparchus2000 | 12/25/04

Think of it as a negotiation. Anton Philidor | 12/25/04

because contrary to your belief it holds back innovation hipparchus2000 | 12/25/04

Patents don't hold back innovation... Anton Philidor | 12/25/04

royalties are not supposed to be a form of income CobraA1 | 12/25/04

what about addressing the points I raised, anton hipparchus2000 | 12/26/04

Patents are valuable... Anton Philidor | 12/26/04

Patents need not stop work on a project... Anton Philidor | 12/26/04

Short lesson in economics CobraA1 | 12/27/04

anton in part you are right hipparchus2000 | 12/28/04

Adam Smith influenced Darwin... Anton Philidor | 12/28/04

How can I dispute being "right"? In the other part... Anton Philidor | 12/28/04

cryptographically signed STUPIDITY hipparchus2000 | 12/24/04

'Tis the season... Anton Philidor | 12/24/04

disgusting hipparchus2000 | 12/25/04

Sometimes it's possible to enjoy life. Anton Philidor | 12/25/04

I beg to differ. I think patents do the opposite of causing innovation hipparchus2000 | 12/25/04

Killer quote seosamh_z | 12/27/04

euphemism for a future threat hipparchus2000 | 12/28/04

What if? Mack DaNife | 12/28/04

Quetzalcoatl's revenge Anton Philidor | 12/28/04

digression hipparchus2000 | 12/28/04

Smug states Anton Philidor | 12/29/04

About time CobraA1 | 12/25/04

Trusted computing Is The Enemy RobertoSalazar | 12/27/04

I suspect... rapson | 12/27/04

Fear.... Mack DaNife | 12/28/04

Amen! but your forget the Sheeple. Laff | 12/30/04

The joy of standards. Anton Philidor | 12/30/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Building the Virtualized Enterprise with VMware Infrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
Three Steps You Need to Know to Stop Data Loss Varonis Sensitive data exposed to misuse or loss... it is the stuff of nightmares ... Download Now
Why Isn't Server Virtualization Saving Us More? A Few Small Changes May Dramatically Increase Your Efficiency VMware Companies have rapidly adopted server virtualization over the past few ... Download Now

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

SmartPlanet

Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
More from IBM
How to Drive Better Business Outcomes with Exceptional Web Experiences Download the eBook
Driving Business Agility through SOA Connectivity & Integration Read the White Paper from IBM
Linking Decisions and Information for Organizational Performance Read the Tom Davenport study

Read the original story

Sprucing up open source's GPL foundation

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

SmartPlanet

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More

ZDNet News & Blogs

Product Reviews

Product Blogs

White Papers & Webcasts

Downloads