dear Joe,

thanks for your input

Disclaimer: I'm biased towards software implementations in general, even
when it comes to computer graphics or desktop accelleration FWIW.
Because I see hardware as inherently limiting freedom unless carefully
designed for opennes - and as of today there is much talking about open
hardware but very few actual implementations.

On Tue, 23 Dec 2014, Joe Awni wrote:

>    [2]http://www.thinkwiki.org/wiki/Embedded_Security_Subsystem#Using_the_Embedded_Security_Subsystem
>    also note: "it is also useless for DRM and other Treacherous
>    Platform corporate ideas."

the whole sentence says "The current version of the TPM chips found on
ThinkPads (TPM 1.1b) isn't secure at all against moderately
sophisticated physical attacks, and it is also useless for DRM and other
Treacherous Platform corporate ideas."

Hence I interpret the sentence to be referred to the TPM 1.1b
implementation found on ThinkPads and it being useless for DRM because
this specific implementation is too slow.

I like to specify this because, as I stated in my previous message, I
still imagine cases for TPM to be used in more than a few scenarios of
digital restriction management of sorts. Just as a sketch of this: take
a ride on a Google Chromebook and let me know what you see. More in
general I follow RMS argumentations and find also the last FAQ he links
quite informative http://www.gnu.org/philosophy/can-you-trust.html

TPM in my eyes configures itself as a device intentionally designed to
allow lockdown scenarios, strictly following a logic of security "buried
into chips" which IMHO just restricts the access to its attack surface,
makes it less detectable and, in the eventuality of an implementation
flaw, is hard to update.

ciao

--
Jaromil, Dyne.org Free Software Foundry (est. 2000)
We are free to share code and we code to share freedom
Web: https://j.dyne.org Contact: https://j.dyne.org/c.vcf
GPG: 6113 D89C A825 C5CE DD02 C872 73B3 5DA5 4ACB 7D10
Confidential communications: https://keybase.io/jaromil