Print
Discuss
Send to friend
RSS feedsWhen you buy a PC today, how much of it is actually yours? The hardware, pretty obviously, belongs to you, and you're free to use it where you like, lend it to people, sell it on or give it away.
But when it comes to the software and firmware, though, things look very different. In many cases, these elements of your computing life don't belong to you at all, and restrictions are placed on what you can do with them.
Most people are aware of Microsoft's insistence that you authenticate new copies of Windows XP by ringing the company or contacting it through the internet, and that you are only buying a licence to use the software.
Restrictions on your use of software, and media such as music CDs and DVDs, tie you down still further.
And then there's spyware, used by various websites to maintain all kinds of statistics about your computer use.
The companies pushing cookies and other programs onto your computer use them to help sell you things, to target you for marketing ploys and to keep an eye on how you use the web.
This isn't a steady state of affairs, either. New developments, such as the Intel-led Trusted Computing Group (TCG), and its Microsoft friend, the Next Generation Secure Computing Base (NGSCB), aim to take this invasion further.
They want to stipulate which software can be run on your PC and refuse to run anything that the software company thinks may be illicit. Do you feel uncomfortable yet?
SOFTWARE/CD/DVD COPY PROTECTION
Keep that music down
When you buy a music CD, you might think it is up to you where you play it. You should be able to play it in a CD player that's part of your hi-fi system, in the car if you have a CD player there and on your computer while you're working. Well, two out of three isn't bad.
Some music companies, such as BMG and EMI, are already using copy protection systems which may prevent you playing their CDs on a PC.
When fitted with so-called copy protection systems, CDs play OK on regular, standalone players, but when you try them on a CD drive in a PC, using the digital output favoured by recent versions of Windows, they can refuse to play.
You can get no response at all, or an error message saying the disc is corrupt. Some hi-fi and car CD players are also tricked by the CDs.
The way copy protection typically works is to introduce artificial noise onto the soundtrack of the music CD.
The error correction in standalone CD players filters this out, but the digital output read by a PC sees the signal as too noisy to reproduce.
Later versions of some of the more popular copy protection systems claim to permit playback on computer CD players, but there's still a wide mix of different regimes used in the recording industry.
As well as restricting your use of the music on the CD you've bought, you may rightly feel indignant that your CD could be of a lower sound quality than an unprotected CD, because of the noise introduced in the copy protection.
Are all people pirates?
The presumption in these protection regimes is that everybody playing a CD on a computer is intending to make illegal copies.
In fact, even though music swapping internet services such as Napster and Kazaa have proved so popular, they're used by a tiny proportion of all computer users and many more people legitimately listen to music on their PCs than swap tracks.
Computer manufacturers and sound specialists like Creative and Pure Digital sell their products specifically as being able to reproduce sound from music CDs, and one of the selling points of most multimedia PCs is that you're buying not just a computer but also a complete leisure centre.
As well as the serious stuff of your business day, you'll be equipped to view photographs, listen to music, watch DVD movies and play games ... if your content providers permit it.
So far, the number of CD titles protected in this way is comparatively small, although the total number of protected CDs exceeds 100 million.
As we went to press, it was estimated that there are over 400 CD titles using some form of copy protection. The number is rising all the time, too, with most of the major players planning to release all future CDs only as copy-protected discs.
If you want some idea of which CDs are protected, you can find a useful list at fatchucks.com.
CDs on PCs
Should you be allowed to copy a music CD to your hard drive so that it's handier for you to play it, and should you be allowed to convert the tracks to MP3, so you can take the same content with you on a portable player when you go jogging?
You've paid for the CD, but what you really want is the music, so shouldn't you be entitled to listen to this in whatever form is most convenient?
Surprisingly, some people within the music industry feel this is reasonable, and some forms of copy protection currently being trialled may allow this. One approach is to include two separate 'sessions' of the music on a music CD.
The first will be a copy-protected full audio version for playing on standard CD players, while a second session, provided specifically for computer use, could be encoded in MP3 or WMA format with extra multimedia features.
One of the ideas here is that by providing the second session, music buyers would even be allowed to make up demo material to email to a friend and encourage them to make a separate purchase of the same CD. The demo would only be playable once.
There is obviously a balance to be hit here between the rights of the purchaser of the music and those of the music provider, which wants to reduce illicit copying.
While the computer user may only be able to hear an MP3 or WMA version of the music, this might be sufficient if balanced by extra, computer-related features.
Being able to legitimately copy the content of a commercial CD for personal use is enshrined in US fair-use legislation, but only to the extent that individuals can't be sued for copyright infringement when making these copies.
There's nothing in the statutes that says recording companies have to make these copies possible. Finding a balance acceptable to both parties could reduce piracy and provide an enhanced experience of the content of a CD.
COOKIES AND SPYWARE
The cookie monster
Most of the software you use on your PC has been invited in. When you install a new application, you tacitly give permission to install all the necessary programs that make it up.
Similarly, when you download material from the internet you have actively requested it and accept the files as legitimate.
In some cases, though, files that are downloaded to your computer are not requested and are there to provide benefit to the people putting them there, rather than to you.
The simplest of these are known as 'cookies' - the term derives from the 'magic cookie' objects used in Unix.
In their simplest form, cookies contain information you have provided to a website, which the site's server then stores on your computer for future reference.
It might help to provide a personalised welcome page the next time you visit the site, or to determine which ads to display, based on previous transactions.
You can delete cookies at any time from within Internet Explorer or Netscape and make the browsers refuse to accept them.
This ploy may help you remain anonymous on the internet, but may also prevent access to certain sites. Some online banking facilities, for example, refuse to work if cookies are turned off.
Cookies can't be used as agents for viruses or Trojans, but they can access your hard drive to check certain aspects of your system, and many people find this intrusive.
More onerous is so-called spyware, which extends the power of cookies to examine how you make use of the internet.
This information, usually used for advertising, is sent back to its owner to build up a profile of the things that interest you, so that you may be targeted for email or pop-up advertising. This kind of program works similarly to many Trojans.
TRUSTED AND LEGACY-FREE COMPUTING
Trust me, I'm a PC
Two new developments by major hardware and software suppliers are perhaps the most worrying of all restrictions on computer use. They go under the umbrella term 'trusted computing'.
The Intel-founded TCG, formerly the Trusted Computing Platform Alliance (TCPA), is the less worrying of the two.
The Alliance (www.trustedpc.org) includes Compaq, Hewlett Packard, IBM and Microsoft, as well as Intel itself. The idea behind this project is to produce a PC platform which is 'trusted'.
In its least contentious form, this means that a TCG computer will perform a series of tests at start-up, to ensure that all its components are correct and have not been tampered with.
It will do this by checking components against a list of approved parts. It also checks that the software components have been authorised and that their serial numbers are legitimate.
In the same way that Windows XP may refuse to authenticate your PC if you make substantial changes to its configuration, a TCG computer may well need to check things out when you change components.
By making these checks, a TCG computer can ensure that it's started up into a known state and, according to the proposed standards, is fit to handle secure documents and to exchange information with other trusted computers.
The second development, NGSCB, previously code-named Palladium, takes this idea further by checking all your software licences and reporting to third-party media suppliers, such as music or movie download sites, that you have an approved player and are entitled to make use of any content you request.
From one point of view, none of this sounds too bad, and you can see the advantage to government, military and commercial enterprises of having 'trusted' computers throughout their organisations. These would will check themselves against leaks and only deal with other computers that are in a known state.
Files can be routinely encrypted, too, to ensure that they don't fall into the wrong hands. We'll leave aside for the moment the potential for misuse of this kind of built-in security.
Microsoft is claiming that NGSCB will put an end to viruses and spam, which it says will be rejected automatically as untrustworthy code.
This would certainly be a major benefit to virtually anybody who makes use of the internet and is constantly troubled by unwanted programs, emails and advertising.
It's hard to see, though, how a 'trusted' PC could distinguish between legitimate email and spam, if they both come from another 'trusted' source.
It's not beyond the budgets of most spammers to set themselves up with replacement computers that abide by NGSCB rules.
It's also difficult to believe that, with the undoubted cunning of most virus writers, they couldn't find ways to circumvent the checks performed on them by a trusted computer.
Rights and wrongs
What NGSCB is really about is Digital Rights Management (DRM), the ability to prevent illicit copying of music, pictures and video.
Microsoft, and most of the major content providers on the internet, have long wanted to prevent their copyright material being shared freely from person to person and, however you may feel about the power of the major corporations, you have to have a certain amount of sympathy with this view.
As a writer, musician, photographer or film-maker, your only source of income is the book, album, photo or film you produce. For people to give copies to others without paying you anything for your efforts is galling and potentially impoverishing.
Enforced DRM could be used to redress the balance and provide a fair compromise between the interests of content users and content providers.
NGSCB can potentially do this by forcing all media played on a PC to be paid for. In the extreme, it could be used to remotely delete illicit files that haven't been paid for.
It could also open up new marketing regimes where, for example, you could download music or movies for a limited number of plays at a reduced price.
Once you have tried out the media, you could pay extra for a full copy or try something else at the same low trial rate. There are many opportunities for different kinds of payment systems, once a trusted computing environment can be established.
The danger, of course, is that this kind of monitoring of the content of your PC can easily be misused and that, as an individual, you're subject to the whims of the major music companies.
And when the policing system is controlled by the same company that provides much of the content, there's a danger that the balance could swing too far in the direction of a few, very large corporations.
Microsoft has already gone some way down the road towards remote management of your computer.
The user agreement in the latest Windows Media Player requires you to agree to a process where "security related updates to the operating system components ... will be automatically downloaded onto your computer. These security related updates may disable your ability to copy and/or play secure content and use other software on your computer."
A process where a third-party program gains access to your PC and changes programs so they no longer work as they did is very similar to what happens in a virus attack.
Judge dread
How would a trusted PC know which files were legitimate and which should be prevented from running as potentially pirated?
Microsoft's proposed answer is to have a hot-list of suspect files on an web server, which would be interrogated by your NGSCB-driven PC when you try to run media.
There are a number of questions which immediately spring to mind in this scenario. For a start, it implies that all PCs have always-on, high-speed internet connections to a Microsoft server, which will take virtually no time to validate a run request.
This certainly doesn't ring true of most home-based systems in the UK at the moment, which still make use of a standard 56Kbits/sec modem.
And with the number of concurrent requests that will be made by all the millions of PCs trying to run software or content, it's hard to believe that there won't be congestion - at the start of each working day, for example.
Then there's the question of how meticulously the database will be maintained. Imagine if, rather than being advised by Windows XP that a new driver has not been digitally signed by Microsoft's WHQL laboratory, you were actually prevented from running the device which used it.
There wouldn't be much new hardware available for use, except from very major manufacturers.
And critically, who is to decide which programs and content are included on the list of suspect items held by Microsoft? Couldn't it be all too easily misused for censorship or to gain commercial advantage?
And even if the maintainers of the list weren't tempted to bend the rules, such a register would be an ideal target for hackers.
Putting this kind of control into the hands of any company with a vested commercial interest is bad for personal rights.
Creeping restrictions
As personal computing matures, the wild and heady days of its youth are giving way to a more ordered society where the rule of law holds sway.
The danger is that in a back-swing against copyright theft through file sharing and CD copying, the rights of the legitimate computer user are being knocked for six.
Each new iteration of Windows and each new chipset and system board from Intel imposes more restrictions on the way we use our computers. We need to be extremely vigilant and raise questions at every stage before new regulations are imposed on us.
Accepting the content provider's rules because they have a virtual monopoly on the hardware and software we need to use for business or want to use for leisure, affects our real freedom. We still have the ultimate veto of voting with our wallets.
An awkward legacy
Connecting external devices to your computer relies on compatible plugs and sockets and the standards which drive them. For many years, printers have been connected to computers using a parallel interface.
Similarly, external devices like modems have been connected through serial ports and small amounts of data have been carried around on 1.44MB floppy disks.
All of this is now changing, as Intel tries to remove the so-called 'legacy' connections. It intends to remove serial ports, parallel ports and floppy drive interfaces from future system board designs and, where Intel leads, other manufacturers normally follow.
There's no real reason for a Luddite revolt against these changes, as the replacements for all three standards are already in place and offer considerable improvements.
Parallel and serial ports have been replaced by USB2 and FireWire (IEEE 1394), which offer fast serial access for printers, scanners and all kinds of external storage.
The requirement for removable disks that the floppy provided for so long has now largely been superseded by CD-R and CD-RW discs. With much higher capacities and similar cost, these two media represent faster and more convenient removable storage than the disk they're set to replace.
The book analogy
One analogy that used to be made quite regularly to demonstrate a fair-use regime for software was that of the book.
The argument ran that when you buy a book you can read it, lend it to a friend (without retaining a copy yourself) and sell it on second hand, individually or as part of a library.
To most people, this seems reasonable. You have paid for a copy of the book and, as long as there's only ever one copy around, you should be allowed to use it and dispose of it as you see fit.
As far as copying a book goes, the UK copyright law means you'd be hard put to find a library prepared to let you photocopy a complete book. In any case, it would be likely to cost you more than buying a second copy from the bookshop next door.
Move to software, music CDs or video DVDs, and the means of copying is much cheaper - in most cases, just the cost of the blank media. Add to this that the copy is identical to the original (rather than a sheaf of scruffy photocopies) and the temptation to duplicate is much greater.
You can see why most music and film companies look on file sharing, in whatever form, as theft.
First round inconclusive
Intel has already made an attempt to introduce an 'identifier' for a specific computer, in the form of the Processor Serial Number (PSN), which was introduced with the Pentium III processor and is still there in current Pentium 4 chips.
The idea of the PSN was to provide a security handle in online transactions, to ensure that a computer could tell which other machine it was dealing with.
What the company didn't seem to realise was that the same serial number could be used for government surveillance or other undesirable invasions of personal privacy.
Under pressure from civil rights bodies and complaints from individual and corporate users, Intel changed the feature from being 'normally on' to 'normally off', and most responsible PC suppliers now provide their machines with the feature disengaged.
Disengaged doesn't mean disabled, though, and it can still be switched on through software.
Even so, the changes made and the lack of take-up of the facility demonstrates that protest against intrusive moves can change things, even with companies the size of Intel. Whether that's also true of NGSCB and Microsoft remains to be seen.
See also:
All Software Applications
del.icio.us
Digg this
reddit!
