Is there a hole (from the RIAA perspective) in this approach:
1. hp loads win9 + win9mediaPlayer at factory
2. hp configs tpm at factory to only permit connections to www.hollywood.com when consumer is using stock bios, stock bootloader, stock OS, stock DLLs, and stock mediaPlayer.exe (and per another comment by 20xx-or-so all tpm chips will have the EK and presumably 'all' devices will have tpm).
3. jane cannot watch www.hollywood.com movies on her new PC without paying the monthy subscription fee, and cannot record what she does watch unless she pays another fee, and can only watch movies in the fee-category she has signed up for. Software as a service is also fully enforceable: substitute microsoftStreamingAppStoreRuntime.exe for mediaPlayer.exe
4. none of the requirements in #3 are performed by the tpm, they are all part of mediaPlayer.exe, which is really just a shim which downloads the current list of restrictions from the hollywood.com mothership once a week or thereabouts.
Since in this running example mediaPlayer.exe is written to strictly follow those restriction-instructions downloaded from hollywood.com (and verify their SSL key is the real hollywood.com and verify the current timestamp via time.windows.com digisigs), and since the TPM is guaranteeing that no fiddling with the support-layers (bios/boot/os/dll) has happened, it sounds like rock-solid drm to me, barring security flaws in all the complicated parts of this dance, of course. See also, discussion of RestrictedBoot elsewhere on this mjg59 website, for how to keep an untrusted OS out.
I definitely don't understand TPM well enough, however. Be gentle when pointing out the glaringly-obvious-to-you holes in my design. :-)
Re: Let the TPM do the enforcement...
1. hp loads win9 + win9mediaPlayer at factory
2. hp configs tpm at factory to only permit connections to www.hollywood.com when consumer is using stock bios, stock bootloader, stock OS, stock DLLs, and stock mediaPlayer.exe (and per another comment by 20xx-or-so all tpm chips will have the EK and presumably 'all' devices will have tpm).
3. jane cannot watch www.hollywood.com movies on her new PC without paying the monthy subscription fee, and cannot record what she does watch unless she pays another fee, and can only watch movies in the fee-category she has signed up for. Software as a service is also fully enforceable: substitute microsoftStreamingAppStoreRuntime.exe for mediaPlayer.exe
4. none of the requirements in #3 are performed by the tpm, they are all part of mediaPlayer.exe, which is really just a shim which downloads the current list of restrictions from the hollywood.com mothership once a week or thereabouts.
Since in this running example mediaPlayer.exe is written to strictly follow those restriction-instructions downloaded from hollywood.com (and verify their SSL key is the real hollywood.com and verify the current timestamp via time.windows.com digisigs), and since the TPM is guaranteeing that no fiddling with the support-layers (bios/boot/os/dll) has happened, it sounds like rock-solid drm to me, barring security flaws in all the complicated parts of this dance, of course. See also, discussion of RestrictedBoot elsewhere on this mjg59 website, for how to keep an untrusted OS out.
I definitely don't understand TPM well enough, however. Be gentle when pointing out the glaringly-obvious-to-you holes in my design. :-)