Loke said:
You seemed to repeat this alot, so let me get your oppinion on this. Not that I disagree, because it most certainly can be implemented in software, but you have to see the bigger picture here IMO.
Why do members of the TCG invest millions of dollars developing such technology, only to make it perhaps slightly easier and faster as you claim, if it can already be implemented in software?
Ultimately, when you boil away all the hype. these chips are simply encryption coprocessors. As others have said, they don't include PKI systems, so they rely entirely on keys from other sources, like firmware and OS code. And they don't know a thing about operating systems, file systems or applications. And they can't, if they're going to be made general-purpose enough to be useful.
They are necessary if you want to do things like encrypt an entire hard drive, because software systems would slow the system down a lot. They are also extremely useful if you want to encrypt the boot-code from the hard drive (since this kind of encryption is more complicated than most people want to code into a BIOS chip.)
They come in handy (but are still not necessary) if you want to DRM-wrap the ROM code (to prevent someone from installing a hacked flash image) or encrypt passwords stored in PRAM.
For everything else, they're for performance reasons and not much else. Application-level DRM will always require application support, because no chip is going to understand your file formats, or even the layout of your disk partition.
OS-level support for DRM allows application developers to do it more easily, to eliminate bugs (or at least ensure that any bugs are isolated to the OS, where they are more likely to get patched.)
Hardware support for OS-level encryption speeds things up. This isn't so important when you're decrypting a music file with a 128K bitrate, but it will take a huge load off of the CPU if you're decrypting an HD DVD file that has bitrates in the tens of Mbps.
Loke said:
The time aspect we are dealing with are probably 10 - 15 years and this is the first small step towards something bigger.
The "something bigger" is already here. You already have corporations that lock-down their PCs to keep unauthorized programs out. A hardware security chip speeds things up but doesn't create any new abilities.
If you're worried about a manufacturer locking users out of their own computers, that's just silly. They want to sell computers. To do that, their customers have to be able to run whatever they buy on them. Even with Microsoft's monopoly, do you think Dell, HP and Sony would sell many PCs if customers were prohibited from running third-party programs?
If you're worried about government lockdowns, that is going to require legislation, not a chip. If they would ever want to do this, they could do it right now. But it will still require massive OS-level support, which means it could not happen in secret. There's no way governments are going to dictate stuff like this to Microsoft, Apple, Sun, and the rest without the entire world finding out.
It would also kill the nation's economy, since such a move would cause foreign governments to ban the import of US hardware and software.
As I've said, the chip is no big deal - it doesn't give anyone any new abilities. It just makes existing security code run faster. And all the nightmare scenarios, while technically possible, are not going to happen, because the effects would destroy the entire industry. Even the most fascist government officials don't want to collapse the world's economy.
