TCPA is the trusted computing platform alliance. A consortium of businesses who in the most simple terms want to take control of your computer. They want to do this because they don't trust you and they want more of your money.
To do this they are advocating the addition of specialised hardware to every PC, the so called "Fritz" chip. In conjunction with a tcpa aware BIOS and operating system they will be able to say what software you can or cannot run, what you can and cannot do with your hardware and so on. Eventually this harware will be built in to the processor effectively making its removal or examination impossible.
For more information visit Ross Anderson's excellent TCPA/Palladium FAQ
In my opinion one very telling aspect of tcpa is that they seem reluctant to let people know who they are. At their web site The link to the membership list used to require a username and password. At the time of writing it is a broken link, on a secure server!
For every one that doeth evil hateth the light, neither cometh to the light, lest his deeds should be reproved." (JOHN 3:19-20)
Palladium is Microsofts1 proposed tcpa aware operating system. See the FAQ link above for more info.
As usual it seems that Microsoft are pursuing their usual embrace and extend policy, so you can count on palladium being incompatible with other tcpa standards.
Microsoft are also making some pretty ludicrous claims. eg "Palladium will stop spam email forever".
No one knows for certain. They won't let us see the up to date specifications without an NDA2 so the specification they are currently working with obviously differs considerably from that which they have made available.
The core of the model is that as the machine boots it is continually checked and profiled. Each component must be approved for the machine to be "trusted". If you have Windows XP you may already have run into problems with "unsigned drivers", with tcpa this concept is applied to every aspect of your hardware and software (doesn't that inspire confidence). Once the machine has fully booted a profile is stored in an area of memory which you the user cannot access under any circumstances. This profile along with other information including a unique identifier is the key to the "trust". Once you have succesfully booted then every time you run a programme or do anything to change the state of your machine the profile will be updated to reflect the changes.
Now when you try to run a tcpa aware package it can send this profile back to the vendors headquarters and they will decide whether your profile is trustworthy enough by their standards.
Suppose for example, you have succesfully booted and decide to listen to some music. Your favourite band is signed up to BullyMusic so you connect to their website and pay to listen. BullyMusic then verify that your machine is trusted by sending strongly encrypted messages back and forth that verify you are who you say you are, that your machine is in a trusted state, that the music will be played by an approved application eg the BullyMusic audio player and so on. The file will then be sent to you in an encrypted form that only the BullyMusic audio player can decrypt and that only when it is running on your uniquely identified machine. You can then listen to the music.
If while you are listening you foolishly load an "untrusted" application the music will immediately stop, the BullyMusic player will report to headquarters that you loaded an untrusted application and chances are you will be blacklisted and forever after will be refused music content from BullyMusic. BullyMusic will likely pass your PC's unique identifier to other content providers so they can blacklist you as well. Thats what trust is about.
In a similar manner other software packages can protect themselves from unlicensed copying and use. For instance your favourite office suite may actually be encrypted and unable to run without being decrypted. You fire it up and a small application (not the office suite itself) contacts headquarters to check that all is well. License is paid up, running on the same machine the license was purchased for etc, etc. Assuming all is well a key for decrypting the main application is sent to your machine and the application is decrypted in memory and run. If all is not well the small starter application may get an instruction to delete itself and the entire office suite. Bang, its gone before you know it. Even if you can undelete it you can't decrypt and run it.
This one is quite simple. You won't have any privacy. Every tcpa enabled device will be uniquely identifiable.
Absolutely. If you have a file that is on a banned list palladium will delete it without asking you. Who decides what constitutes a banned file? Why big business of course, and most definitely not you, you cannot be trusted.
TCPA/Palladium is the censors dream tool. They can delete your files at will. Writing and publishing a document criticising your government for example could become a pointless act. The file will get blacklisted and next time your machines connects, pooof, your file is gone. Not only is it deleted from your machine but every other machine with a copy will have it deleted as well. Think this can't happen? If you have Microsoft's media player version 9 you have already agreed to let them do this.
Again the answer is a big fat yes! A possible (and I think very likely) scenario for future releases of software will be a timed lease. When your time is up and your application connects back to headquarters at startup it will either be deleted as desribed above or simply refuse to run until you pay (again, and again and again...).
Tough. Your computer is a worthless hunk of junk or you have to physically take it somewhere to get it certified. Next time you make the slightest change to any of your hardware or install more software you will have to get it recertified. Not likely to be a cheap process either. Chances are a machine will only boot so many times without recertification as well. Some companies may simply decide not to support unconnected computers.
This is one of the fields where you will really notice it. A tcpa/palladium machine simply won't let you make an mp3 from a cd you own. Can anyone say fair use? It's possible it won't even let you play a cd on your computer at all, thats far too risky. As described above you will have to be very careful when trying to listen to music online. You are going to have to pay over and over again.
Remember that collection of mp3 files you built up over the years? Upgrade to palladium and they will be gone, silently deleted without your permission. Restore from a backup, same thing. Even on a CD-ROM where they cannot be deleted the OS can simply refuse to allow access. Chances are Palladium will also report your collection to some central piracy agency, garnering Microsoft a fee in the process no doubt.
This is a tricky question. Some claim that you will be able to turn it off but even if this is true it seems unlikely that you will be able to do much at all. Microsoft are simply not going to let any of their software run in a non tcpa environment for fear of piracy. The same goes for any software company that is interested in protecting (and enhancing) its fat profits.
In short the true answer is no. Without it you won't be able to do much at all.
No definite answers here. The lack of real information makes a straight answer impossible. There is no doubt that it could be used to stop hardware running uncertified software and certifying open source software may be a violation of the GPL.
One thing we can be certain of is that Microsoft will do their utmost to make dual booting palladium and linux as close to impossible as they can. If they can convince the tcpa to specify the hardware in such a way as to make running Linux impossible you can safely bet that they will.
A pretty short list really.
TCPA is not about trust. It is about an absence of trust, that and money. Prior to tcpa a computer was a general purpose machine, it did what its programmes told it to do and you could write your own programmes that could control every function. With tcpa the machines use will be limited to that subset of functions that big business feels will enhance their profits or at the very least not threaten them. Any real benefits to the user are merely serendipitous.
You may think I have painted things black, maybe it won't be that bad. The truth is, given the information available, that all the above is possible. Given the records of some of the known tcpa members you can safely assume the worst.
While this piece has focused on the impact of tcpa on computers you should be aware that the consortium want tcpa hardware in every piece of electronics you buy. Think on that and be dismayed.
George Orwell was only 19 years out.