AMI Introduces 'Trusted Computing' BIOS 626
An anonymous reader writes "American Megatrends announced its 'trusted computing' Palladium BIOS on Jan 6. It seems that the encrypted BIOS' integrity will be verified by a special chip or flash ROM, and will in turn verify the 'authenticity, integrity and privacy' of the boot loader and the operating system. Does that mean such machines may refuse to boot any other non-'trusted' OS? After all, the list of supporting corporations include AMD, Intel, IBM, and HP, of whom we heard quite favourable statements about Linux (just for example -- *BSDs will be equally affected) so far."
The Inquirer has more info (Score:2, Informative)
A representative from AMI explains some of the ideas behind the Trusted Computing initiave.
Re:The Inquirer has more info (Score:3, Insightful)
Read the TCPA / Palladium FAQ (Score:5, Informative)
Read it here: http://www.cl.cam.ac.uk/%7Erja14/tcpa-faq.html [cam.ac.uk]
The two last sections are worth repeating here:
Re:Read the TCPA / Palladium FAQ (Score:3, Informative)
I don't think Andersson is, as you suggest, biased against TCPA / Palladium and certainly not "heavily biased" (see Bill Arbaugh's comment below). His analysis does however point out very serious consequences of the TCPA / Palladium infrastructure. The consequences are what they are, Anderson just made a very good job in formulating them.
He is far from alone in his view on TCPA / Palladium. In fact, Bill Arbaugh, one of the inventors of TCPA (US patent 6,185,678 here [espacenet.com]), has second thoughts. His comment on Anderson [umd.edu] begins:
By the way, trustedcomputing.org does not allow the general public to view the member list anymore. You can however see one list of 170+ member companies in Lucky Green's presentation below (links from http://www.cypherpunks.to/ [cypherpunks.to]:
Other resources with much information are:
Re:Read the TCPA / Palladium FAQ (Score:3, Informative)
War on terror (Score:5, Funny)
Re:War on terror (Score:5, Insightful)
Fight this all the way. Intel didn't get it when they put the ID on their chips until we decided not to buy it. In the same vein, AMD won't get it that we don't want DRM until we (unfortunately, since I actually like them) tell them to go to hell.
Re:War on terror (Score:5, Insightful)
Given the current number of non-US governments (various South-American, Japan, Germany, UK ?, Malyasia, China, Tiwan, South Korea, Isreal, Pakastian, probably others I've forgotten in the frequent Linux Today announcements) jumping on the open source bandwagon...
Given the Chinese governments' interest in developing their own microprocessors (Dragon? recently on Slashdot)...
I don't think that the forces of evil can force every PC everywhere to have DRM.
As long as some PC's can freely run any software, there will always be ways to defeat DRM. Or said differently, without total control, they control nothing.
Given that there will always be somebody powerful enough that doesn't want DRM, or at least, wants Free software, the DRM folks will never get total control.
Re:War on terror (Score:3, Insightful)
Right on. And even if you live in the US... remember that there are such things as soldering irons and oscilloscopes. Hey, you mastered Linux right? Comparatively speaking, the laws of Ohm and Kirchoff are n00b material. Even an AOL luser could learn! (Ok, that might be stretching things.)
--K.
Re:War on terror (Score:3, Insightful)
Re:War on terror (Score:4, Offtopic)
What I'm trying to say, I guess, is that memes are powerful things. So use your mod points for interesting and thought provoking posts relevant to the subject at hand. You don't have to mod a lot of stuff down, but show some restraint in modding junk up.
I mean, do we really want the second coming to occur during in some long post about Natalie Portman and the basalt content of her nude body?
Re:War on terror (Score:3, Funny)
Ohhh, excuse me, while reading that, I just come - twice. - Does that count?
Re:War on terror (Score:3, Insightful)
To transform this trolling post into a truthful statement, replace the words, "the" and "the", as follows: "Humanism is a religion of some atheists."
Thank you.
Re:I wonder... (Score:3, Insightful)
Re:War on terror (Score:3, Insightful)
Not this time around... (Score:5, Interesting)
I'm pretty sure it won't. For now it'll just not have a trusted signature, so no access to Palladium-protected content. But I'm pretty sure that's the bait of a bait&switch operation...
Kjella
Comment removed (Score:5, Interesting)
Comment removed (Score:5, Interesting)
Re:Not this time around... (Score:4, Interesting)
Re:Not this time around... (Score:5, Insightful)
Provided you only use Palladium-approved hardware. And applications. And operating system. And you don't want to make your own software. Or MP3's.
Re:Not this time around... (Score:4, Interesting)
Re:Not this time around... (Score:3, Insightful)
How many of the recent big viruses have been binary programs? Nearly all the viruses are macros and scripts infecting installed applications (and those are already supposed to be sandboxed). Nearly all remote cracks are by buffer overflows which means the code runs as if it were part of the attacked application, which presumably is signed. Nearly all computers that are broken into are used only as zombies for DoS attacks - something that requires only normal, installed, user applications.
Taking away users control of their computers can only make the situation worse - soon, even those of us who normally know how to protect ourselves will be beyond hope.
Palladium is no practical help against viruses (Score:4, Interesting)
> MP3s/JPGs/etc, because they are not "trusted" code? I'm not sure how that will relate to unsigned VB scripts. It's designed
> to protect the consumer from themselves... and legislate what (Microsoft's, I assume) programmers could not implement
> properly.
No, Palladium won't help with that. Most viruses and trojans today are just memory resident processes like any other. There is no easy way to separate a "good" program from a "virus" program. (Seriously, how would it? And how would it be able to tell if a "good" program had an exploitable backdoor or buffer-overflow in it?) It's true that palladium might protect you against, say, boot sector viruses, but there are ways a properly implemented operating system can do this, too.
We already have all the hardware we need to provide computer security (namely, protected memory). Palladium's only purpose is removing the ability for users to inspect and modify their own computers (in an attempt to make DRM schemes fly), so don't listen to what they tell you!
Re:Not this time around... (Score:5, Interesting)
You clearly don't understand it at all then.
Ask youself "Why do they need to add special hardware?" Everything you're saying it's for can be done via software.
The point of Palladium is that you will not longer have "root" access to your own machine. The system is only going to trust "trusted" programs, but there's no way for you to decide if a program is trusted or not, is there? You don't get access to the key, this way the OS can stop you from running a program which copies that DRM-protected music file in the Palladium protected part of your hard disk onto a CDR. It pretty obvious that this system was designed for DRM.
Re:Not this time around... (Score:3, Interesting)
Second, you don't need palladium to do any of those things you want to do as a developer
Finally, "trusted computing" does not make business sense. It doesn't make business sense because it doesn't make business sense to be forced to rely on a single vendor for anything. With palladium, it becomes trivial to make software fixes, addons, etc. only work when made by the one company who's OS has control of the palladium hardware. It doesn't make business sense to give up control over your computers.
Trusted computing is a marketing term and is very misleading. Palladium doesn't make your system hackerproof, protect you from email viruses, or add "accountability".
Re:Not this time around... (Score:3, Informative)
Re:Right... (Score:3, Funny)
Re:Not this time around... (Score:5, Interesting)
It's so crazy, it just might work......
Re:Not this time around... (Score:3, Informative)
And where did you find this out? Point me somewhere that says this? Read the documentation, dont jump to conclusions.
Okay, you should of followed your own advice. This is from an interview [microsoft.com] with John Manferdelli, general manager of the Windows business unit that is building Palladium.
PressPass: How will Palladium differ from digital rights management (DRM)?
Manferdelli: First off, Palladium will not require DRM, and DRM will not require Palladium. Palladium is a great complementary technology to the DRM solutions of tomorrow, but the two are separate technologies.
Also, after reading all of the official MS "documentation" you should read this [theregister.co.uk] reaction from the Register.
Read the patent here (Score:4, Interesting)
A distant rumble... (Score:3, Funny)
What isnt stated (Score:3, Informative)
Re:What isnt stated (Score:5, Funny)
Re:What isnt stated (Score:3, Insightful)
So 'trusted' here means that the companies can finally trust 'all us thieves' with 'their' media property.
Explain to me again, why on earth would I want any machine like this as a general computing platform?
Comment removed (Score:4, Insightful)
I *guess* you're being ironic (Score:4, Insightful)
Well, high-quality digital media with no copy protection has been sold for over 15 years and the people selling it made record profits last year.
Its called the "compact disk". Perhaps you've heard of it? Phillips invented it, and it turns out that not only can you make copies for under five cents, you can compress them digitally to make files to store on any device.
It may catch on.
Re:What isnt stated (Score:5, Informative)
How about better online games? Consider MMORPGs. To prevent cheating, they have to do various things server-side that would actually make more sense from a resource allocation point of view to do on the client.
For example, DAoC has to handle stealth on the server, calculating who should be able to see a stealthed character, and only sending that character's positions to clients that should see him, so that people with DAoC's equivalent of ShowEQ won't see them. However, those people can still see people who are hiding behind trees or hills or buildings--it would be too much work for the server to do the visibility calculations for everyone.
With a trusted client, they could just send the data on everyone in the area, and trust the client to not show what the player is not supposed to see.
Or how about monster AI? The monsters could be a lot smarter if they could run the AI on the client, instead of on the server.
And how long before... (Score:5, Interesting)
Re:And how long before... (Score:4, Interesting)
No it doesn't. (Score:4, Informative)
BUT FOR HOW LONG!?!?!?!?! (Score:5, Insightful)
The minute Palladium is up and running on these boxes, watch for manufacturers to go "WinModem" only: meaning BIOS's that only boot Windoze.
Want to boot FreeBSD, so you played around with the BIOS? DMCA days "Go Directly To Jail, Do Not Pass SourceForge, Do Not Collect $200"
Re:BUT FOR HOW LONG!?!?!?!?! (Score:5, Funny)
Not necessarily for the masses (Score:5, Insightful)
Not only that we don't know yet what OS they will work with. So lets not start doomsaying until the first of these are out and there is proof they refuse to run certain operating systems.
Re:Not necessarily for the masses (Score:4, Insightful)
sPh
Re:Not necessarily for the masses (Score:3, Informative)
There's a lot of precedent for this. (Ask anyone who took advantage of the upgrade deal on their REB1100 eBook device, for example). Its predecessor, the Rocket eBook let you download your own content into the device. The REB1100 was only advertised as allowing the download of purchased content, but actually permitted download of personal content too. Then a "stealth" upgrade removed that feature.
Comment removed (Score:5, Informative)
Re: (Score:3, Informative)
digital signature? (Score:2, Insightful)
Going by the above statement, one could interpret it as meaning you need a digitally signed bootloader... is this going to be a problem? (OSS that is).
Yes. (Score:2, Insightful)
Re:digital signature? (Score:4, Funny)
So does this mean I can remove the microsoft signatures to prevent any microsoft code being run at all?
Yeah, so I'm offtopic (Score:5, Funny)
Can it boot "Non-Trusted OS's"? (Score:2)
Of course, it entirely feasible that one could be running a Linux distro that has jumped through all of the hoops to become certified "trusted".
Comment removed (Score:4, Interesting)
Q: One BIOS only? (Score:3)
So, with my limited understanding, I think of this thing running the BIOS through a one-way hash and comparing it to what's written in stone on NVRAM.
Doesn't this mean that you cannot upgrade the BIOS?
Or, that any "upgradeability" is tantamount to leaving a door open to unauthorized "upgrades" to the BIOS?
TIA.
Trusted to do what? (Score:5, Insightful)
This will mean that WINE will be useless for many future Windows apps, especially those dealing with multimedia. It also means future versions of Windows will be written specifically to defeat applications like VMware, so as to not violate the security.
These are bad, though they don't prevent one from booting a non-Palladium-enabled OS and using alternative applications. What I keep worrying about is the TCPA *2.0* specification. The original spec allows an alternative to a "trusted" platform, but future specs may require a PC boot a Palladium-enabled OS -- or none at all.
Re:Trusted to do what? (Score:3, Informative)
Re:Trusted to do what? (Score:3, Insightful)
The X-Box is designed like that first class of Palladium chips, and security has been bypassed by placing a mod-chip in the data path of the key access. As I said before, in future implementations the crypto hardware will be inside the CPU chip, so there won't be a line to tap.
You are correct the key is stored somewhere; but it's not anywhere it can be read. It's kept where a separate crypto processor can use it to validate signatures and decrypt code, but the PC has no access to it. Reading the key would involve physically opening and tapping into the chip, which is a practical impossibility for you or me. Such an effort might be worthwhile if reading the key would result in breaking the entire Palladium system, but as I said, the system is designed to thwart class breaks.
You picture the processor decrypting code and storing it in main memory, but in fact the decrypted code is only stored locally. Again, on the first implementations, this code might be intercepted while it's on the bus between the crypto chip and the CPU, in the future it'll be impossible.
As for "tricking the OS into thinking it's trusted"... Nope. The machine won't boot without trusted code, period. The BIOS is signed and trusted. It'll shut down the crypto processor and boot a non-trusted OS (at least in current specs), but from that point no trusted software can run. It will check the signature on a trusted OS and boot that; if the OS is modified, the signature will no longer match, and the OS won't boot.
TCPA/Palladium is an extremely elegant, hardy, and EVIL system. It worries me greatly.
so what does this mean? (Score:2)
Will it not be able to bot multiple operating systems?
I know those companies mentioned have supported GNU/Linux so I doubt they will start making strictly windows only hardware. But what are the immediate effects we can expect to see when this becomes a little more prevalent?
And what will be the long term effects? Will I be able to boot the Hurd when it's released?
Congratulations, AMI (Score:3, Interesting)
WHile this may not seem like a big deal, I _am_ in the market for a new system, and have a decent budget to do it with.
Re:Congratulations, AMI (Score:3, Informative)
Open Firmware predates the iMac. OF was not an iMac innovation.
Open Firmware has been in Macs since about 1995. The first Mac PowerPC's model 6100, 7100, 8100 used NuBus ran Mac OS 7.1 and did not have Open Firmware. The next round of Macs did away with NuBus in favor of PCI and had Open Firmware -- in 1995. All subsequent Macs (many many models) have had Open Firmware, including the iMac.
Maybe I am dense... (Score:5, Interesting)
I honestly don't understand the value (or perceived value) in having this.
It will enable you to get DRMed content. (Score:5, Informative)
Re:Maybe I am dense... (Score:5, Insightful)
No, you aren't dense...just fooled by the doublespeak that Microsoft and the like use when describing this type of Digital Restriction Mechanisms. You aren't supposed to trust the hardware or software - this system is not being created to protect the user from anything. The intent is to protect developers (of software or media) from the users.
Think of it as a way for Microsoft to write an OS - however buggy and insecure you like - and, supposedly, have the ability to run programs and display media with the knowledge that it is secure from being manipulated or used by the user in a way that Microsoft does not want.
read for yourself (Score:2)
Is the TPM based platform limited to a particular operating system or microprocessor?
No. The TCPA specification is designed to be platform and OS agnostic. The TCPA specification is not limited to a specific platform, OS or CPU.
The specifications are available for download free from trustedcomputing.org [trustedcomputing.org] - Any linux distro should be able to take advantage of them.
Its up to you to decide if you want to trust it or not, but that's what their website states.
Not so fast (Score:3, Informative)
So, is there a problem? Yes, there is. You can't modify the kernel. If you try, it will not be trusted by the TCPA chip and so no application running on that kernel can gain access to any feature, media or application that requires TCPA. Certifying a Linux kernel (or any other OS) as TCPA-compliant is expensive and you would need to do it for every modification of the kernel. What value is the GPL if you can't use the source to create your own kernel?
Ross Anderson's TCPA / Palladium FAQ [cam.ac.uk] has a more detailed discussion (excerpt from section 18):
[TCPA hardware is referred to as the "Fritz chip" in the FAQ]
I hate to say it (Score:3, Funny)
Trust whom? (Score:5, Interesting)
1) BIOS on new motherboard will only go into "Palladium-mode" if you're booting a "trusted" OS. For the time being, you can still run linux, but it won't have access to any "Palladium" features.
2) If you're running a "trusted" OS (eg. MS Windows UY [Up Yours]), the OS can hit the 'Net and automatically download and apply updates to itself. At some point, it could quite easily detect the BIOS on your system and apply an update so that...
3) The BIOS will no longer boot non-trusted systems. Also...
4) The OS could download a new protocol stack that could render it inoperable with other protocols. An entire new Internet based on the MSOY/BO (Microsoft Ownz You/Bend Over) protocol could spring up almost over night. MS-only network services, online shopping, etc.
Is any of this likely to happen? I don't know. But it would be possible, and I'm not sure I trust Microsoft not to try it. Even if Open Source doesn't relegate MS to the
BIOS features (Score:4, Interesting)
I suspect that the "trusted computing" features will be similar it its ability to disable such things. It will be required of virtually every motherboard manufacturer who wants to compete. I can't imagine hardware manufacturers being pressured into making a palladium only system.
Re:BIOS features (Score:3, Interesting)
Yes, but Intel CPUs allows software to reenable the serial number at whim, so even though you've turned it off the BIOS, MS Spyware is still able to read it and stamp in onto every video library file you make, or even view, if it so desires.
The BIOS setting was a public relations gesture, with no real substance, and no protection for the consumer from exactly the sorts of abuses the public outcry against the feature engendered in the first place.
I suspect that the "trusted computing" features will be similar it its ability to disable such things. It will be required of virtually every motherboard manufacturer who wants to compete. I can't imagine hardware manufacturers being pressured into making a palladium only system.
I suspect you're right
Worse, as another noted quite insightfully, Version 2 may not allow non-compliant OSes to boot at all. Goodbye FreeBSD, goodbye GNU/Linux, goodbye Free Software, goodbye Freedom. At least in the western world
Ahem. (Score:3, Insightful)
Tell them what you think! (Score:5, Interesting)
Re:Tell them what you think! (Score:3, Interesting)
I got a new DVD player for Christmas. An APEX 3201. So far, I love it. I just eject the tray, press 8 4 2 1 on the remote, and get a secret menu. From here I can choose whether or not I would prefer Macrovision, and which region I would like, or can select All regions. (Sort of like asking, would you like to be kicked in the balls or not?)
(Hint to stupid moderators: this post is NOT offtopic!)
Re:Tell them what you think! (Score:3, Interesting)
Windows incompatibility (Score:3, Funny)
DRM DRM DRM (Score:3, Interesting)
Is Oracle, BEA, IBM or any of the OSS projects going to do this? For what? What value is brought by wasting time and money implementing a strategy that has little or no benefit to the customer?
Bah, this is a scarcely concealed attempt to appease the media giants (the people who FUND RIAA). Lack of customer interest will likely cause this to fail.
But what do I know? My company (who's in a "budget crunch") burns enough cash to single-handedly cause global warming, and we're profitable. Whatever, I'm going back to Oz where things make sense...
Blarf ... (Score:3, Informative)
Black boxes (Score:5, Funny)
1. Input
2...499. None of your your damn business
500. Output
"Trusted computing", hah! Sure, the apps might trust each other and the system, but I won't!
Trusted Computing (Score:4, Informative)
Re:Trusted Computing (Score:3, Informative)
Right, but the military (the authors of the Orange Book) are operating from similar assumptions as Hollywood: the operator of the machine is considered an untrustworthy person whose behavior must be carefully controlled. In this context, he or she must be prevented from bypassing operating system checks. Military multi-level security is also a form of DRM, and seeks to restrict even the most "trusted" users. And this may be entirely appropriate in many circumstances.
The question is whether the purchaser of a machine is entitled to the equivalent of root or administrator privilege on the machine he or she owns, or whether the true administrator of the machine will live in Redmond or Washingon DC or Hollywood.
evil (Score:5, Insightful)
Microsoft is not interested in your security. Microsoft doesn't even much care about their own security, as long as the license is already paid for. They only want to make money and lock you into long term deals. The massive and drastic tactics by Microsoft to lock consumers into their platform indefinately is because there is actual competition (Linux, and an invigorated Macintosh) now. It is so plainly obvious that it stuns the senses.
History should already be telling the world never to trust anything from Microsoft.
If our worst nightmare comes true... (Score:5, Interesting)
Well, I am worried about the development too, but at the same time, I think we must realize that no matter what they throw at us, someone will crack the protection.
Ultimately, the entertainment industry will only be able to control individuals who allow themselves to be controlled.
The rest of us will actively seek solutions that remove us from the evil claws of "Digital Rights Management", or rather "Consumer Ass Ramming" as it should really be called.
They can encrypt and protect all they want, but someone will come through. Someone will work constantly on giving us our rights back - even if it means doing so illegally.
If it becomes illegal to have control over one's own system and play off whatever one pleases, I will stand in line to break the law. Constantly. The more they try to control me, the more I will break laws.
I am not saying that people's concerns about violated rights to control one's own system is not justified. I am just saying that we will prevail in the end. With the incredible amount of brainpower available to those with a liberal mind, the entertainment industry may win over the sheep who do not realize what is happening, but they will not get the ones that don't want to be ass-rammed.
Sorry for the rant, but hopefully someone else agrees that the fight is far from over, and no matter what they tro to do, we will continue to fight...
Re:If our worst nightmare comes true... (Score:4, Insightful)
Sure. And the rest of us are going to legally become criminals for hacking our own machines (see: DMCA). Wanna go to jail? I'll be dead before I put out a penny for any type of hardware that contains DRM. Go milk someone else...
Re:If our worst nightmare comes true... (Score:3, Interesting)
The litigation would be easy to get around by building it in a foreign country. Wouldn't it be ironic if China became the only place you could get a processor which gives you the freedom to run whichever OS you want?
Re:If our worst nightmare comes true... (Score:3, Interesting)
Can you stop drugs, child porn and other illegal things? No, it is still being manufactured because there is a demand for it. And even though some are busted, you will never get even a tiny part of the people doing it. My guess is that drug and child porn busting is just for show, so the police can justify their funds and pretend that they are actually making a huge difference.
The corporation whores in our governments will naturally call us "terrorists" and compare us to drug abusers and child pornographers, but that is a small price to pay for freedom.
They can call me what they will, but if they make it illegal to do what I want with my own equipment, then so be it. I will be a criminal, big time. In fact, I will probably spend considerable resources to spread the word about illegal chips and do whatever I can to work against the government.
No, I know it's not that easy, but someone will do most likely it because there will be big money in it.
Don't lose sight of the purpose (Score:5, Interesting)
This technology is intended to support the TCPA 1.0 specification for "trusted computing". What "trusted computing" is supposed to mean is that if a file has a label on it saying "don't copy me", then it is in principle impossible for the user to copy the file (other than in the ways permitted by the digital "rights" management label).
Once you understand this, you'll see that the purpose is quite clear: of course boxes equipped with this BIOS will refuse to boot Linux. That's the whole point; they will be intended only to boot operating systems that strictly support DRM. Each machine will have unique "integrity tokens" which can be used as digital signatures, so that everything you do on the machine (create a document, contact a web site) can be traced. Since you'll have to pay for your downloads on a credit card, this can all be cross-correlated. The integrity tokens will be digitally signed by the manufacturer, so that any action taken on the net by the owner of one of these beauties can, at least, be traced to the original purchaser of the machine. Secret, DMCA-protected protocols will assure that only "trusted computers" can connect to their web sites.
Now, of course, initial implementations of this concept are likely to have flaws that can be exploited by crackers (example: find some way to write a program that replaces the "trusted" OS with a BSD or Linux kernel; reprogram the flash chip to disable checks), but I fear that they will get it right eventually.
At some point, then, the net will bifurcate: there will be a world of glorified DVD players calling themselves computers interacting with restricted network sites, and a world of general-purpose computers interacting with sites that follow standard protocols. Attempts to outlaw the "free world" will not succeed because it will do too much damage, but those who participate in the "free world" will be viewed with suspicion, called pirates, etc. ISPs might be pressured into refusing to connect with "untrusted" machines.
After five years or so, though, I expect the whole thing to fall apart, because countries that don't go along with this brain damage will acquire a technological lead, as the US enters an era where computer science is treated the way that the USSR treated science: dangerous state secrets not to be shared.
My take. (Score:5, Interesting)
'Trusted computing' relies on the fact that every component is known to be secure. Of course 'secure' is a cagey term, but in this case, it means that the end application knows that nothing is interfering with it. The uses vary, from DRM to financial transactions, to other uses we haven't thought of. But, there are three main pieces in a trusted system:
1. The hardware. The hardware needs to be 'trusted' in that we are certain that there is no hardware tampering or eavesdropping going on (of course, this applies only the the internals of the computer, a packet sniffer, or even a keyboard monitor, would be external, and ouside the scope of monitoring,) and to make sure that the machine is the machine it's supposed to be. This really started with Intel's Pentium III adding a processor serial number. The point of that (as with Palladium) was that each machine could be positively identified. If you had previously made that computer 'trusted', then set it so that only trusted machines could perform a said transaction, we could guarantee that the end user is who he says he is, from a hardware standpoint. This new BIOS is much the same way. Each board with this BIOS will be able to say "Yes, I am the motherboard that was here when this software was installed, so yes, I am the same computer." Obviously, this has implications for hardware failure, even moreso than Windows XP's activation problems.
2. The OS. The OS must have support for trusted computing. It must be able to partition off the 'trusted' applications from the untrusted ones. It must be able to encrypt the contents of the drive, and only allow trusted applications to access protected data, and only allow trusted applications to access the 'trusted' part of memory. (So as to disallow one program from sniffing the program files, memory, or data transport streams of a protected application.) This would probably see alot of use by multiplayer online games, as they could make certain that no third-party applications that reside on the game-running-PC could be used to cheat. (As with some of the 'god map' programs for Everquest.) Again, this does not protect the data stream once it leaves the computer, an encrypted network connection would be required. Obviously, for the OS parts to work, users must log in to the system with a username and password at least. Biometric security would be better, so as to more certainly guarantee that the user is who he says he is.
3. Applications. The entire purpose of 'trusted computing' is the applications. Applications that need to know that the user is who he says he is, and that is done by both the OS and the hardware. As with the game example above, other uses are financial transactions (for example, you could set it so that only your computer has access to your bank account records, so that even if someone stole your hard drive, and your username and password, they still wouldn't be able to get at your data,) and DRM. It makes a perfect DRM vehicle, as now the labels can enforce the one-computer rule. A downloaded file would refuse to play without the original application, OS, and hardware.
The question is if these systems can boot a non-trusted OS? Of course they can! You won't be able to use trusted features (for example, your bank's online account access wouldn't work,) but you could use it just fine for applications that don't use MS' Palladium. Just like the Pentium III's serial number could be disabled, and all you lost was access to the (very few) programs that required it.
No Big Deal, Right? (Score:4, Interesting)
Let's say the Microsoft Watch is a big success. Go ahead and laugh. They've got the bucks to seed these sorts of things into the marketplace for years. Eventually something will stick. If not the Watch then the MS Clock or the MS Hairdryer or the MS Refrigerator, or something.
Now, let's say you, as a geek, have reprogrammed the thing so that it runs FreeWatch, the oss embedded watch OS that does all the cool stuff you want it to.
The next version of the MS Watch is Trusted. It only runs approved software. It only runs approved services. And if it doesn't recognize the os and the software, it just doesn't run. Of course, approved means approved by Microsoft, or by the Watch Software Consortium. And they'll be happy to add FreeWatch, for $500 million and a 25% cut of the profits.
If you don't think that's the way it will work, think again, very carefully. It isn't Trusted to Microsoft until it's utterly predictable. It will only run MS-approved software. It will only display MS colors. Once it's utterly predictable, then support costs go down, service fees go up, and 3. Profit!
Now, extend that to the PC platform. Microsoft's stated goal is for computers to be as predictible as kitchen appliances. That means they run exactly the way it runs. Support costs go down, service fees go up. Paladium, TCPA, DMCA, DRM, it's all the same. It is to give you absolutely reliable computing. To end hacking, cracking, viruses, tinkering, end-user encryption, and everything else most geeks hold near and dear. And incidently, to put the hands of the electronics and entertainment industries into your wallet, forever.
If you think this is unlikely, as yourself, why is the membership list of the TCPA secret?
Maybe you still don't agree with me. Maybe I'm wrong. I really hope so. But perhaps it's worth keeping an eye on things.
Nothing to worry about... (Score:3, Funny)
No one is controlling my hardware but me. I still worry about the way that Microsoft is &$^^ *$(#@) ()%)$! but other than that it's not too bad.
Oh yeah and I still have concerns about how the government is )^%$ $^*** $#*%$ &^. (&$# %$*@% (^% . But I'm sure we'll be able to stop that.
We do need to watch the entertainment industry also because they're still trying to #@*^ %#^ &$ (&$%)*%.
Yep these new BIOS are nothing to worry about.
TCPA != Palladium (Score:3, Informative)
Both TCPA and Palladium are ways of achieving "trusted computing", which is the ability for a program to run in an environment where the program knows (and can certify to people other than the computer's owner) that no other unwanted software is monitoring or modifying its actions. But how they are implemented is quite different.
TCPA uses a secure boot process. The BIOS verifies that the boot block is trusted; the boot block verifies that the os kernel is trusted; the kernel then verifies the trust level of specific applications; etc. This is what this BIOS implements. The main feature of TCPA (in my mind) is HARDWARE SIMPLICITY -- all that is needed is a small extension to the BIOS which modifies the boot process.
Palladium is from Microsoft, and it shows. Palladium is designed to start up in already running copy of pretty-much-unmodified Windows. Loading the Palladium subsystem (now known as a nexus) is supposed to be fairly easy, sort of like loading a device driver. But to get this ability they PAY with hardware complexity -- the CPU itself has to be changed so that the address space of the nexus can be partitioned, so it is not visible to or under the control of the main Windows kernel. This is one of many reasons why you don't see any Palladium enhanced systems in the real world yet -- Intel (or AMD) has not yet started selling a chip which supports what Microsoft needs to make Palladium work. A main design goal in Palladium seems to be "don't mess with Windows, we don't want to break legacy code".
I wrote AMI and this is their response (Score:4, Informative)
of your decision to not seek out an AMI solution for your next purchase.
While we respect your right to make that decision we would like to take a
minute to underline some relevant points about our announcement that were
not adequately conveyed in the "article" posted on Slashdot. We urge you to
please give us a minute of your time to fully understand what AMI is
offering and thus be able to make a fully informed decision.
It must be noted that AMI has not announced support for Palladium. Palladium
is an initiative by an OS entity that is slated for the future. To be
honest, though we do know about it, AMI has not begun any development
related to it. At this point we have not made any decisions on support
either.
TCPA does not equal Palladium. While certainly there is some future
development overlap between the two, TCPA is being introduced by OEM's as a
security option to protect systems through hardware and firmware. This
feature is completely optional to our customers (OEM's, ODM's, CM's and
other system builders) that they may choose to make it available or not
depending on the needs of their market. We have had requests from a number
of customers for this technology.
Regarding the limitations of a system with TCPA I would offer the link below
to the public specification for further information on compatibility with
different OS's, and hardware. Based on that spec we can tell you that it
does not limit the ability to run Linux (or any other open source solution).
As a smaller company itself, AMI has always supported innovation and
creativity as these have been our main tools in competing against much
larger companies in our industry. We would not do anything that in our
minds would damage our credibility or reputation for world class BIOS
solutions and will carefully evaluate this type of feedback when it does
come time to examine any future technologies. We would also like to
recommend that anyone who is opposed to a Palladium-type solution in the
future, please make that known to OEM's and system builders. As they are
our customers, we definitely listen to them in terms of what they (and
hopefully their customers) will want in future BIOS.
Thank you again for your time in contacting us and we hope that this and
some of the links below will shed some light on AMI's plans.
LINKS
Original Articles on theinquirer.net
http://www.theinquirer.net/?article=7089
http:
AMI TCPA module Whitepaper
http://www.ami.com/support/doc/TCPA_w
TCPA Website
Basically wrote them and told them I wouldn't be buying from them from now on. I would reckon this looks like the company is receiving a bit of angry emails from people who build their own computers and/or are involved in the computer industry.
Maybe they're worried about what WE think!? Nahhh...
Maybe Gigabyte's Dual BIOS could fit here (Score:3, Informative)
Re:before eveyone gets all worked up (Score:4, Insightful)
The whole thing will be a BIOS option, just like the P3 serial number was.
This thing will probably stay in the corporate/military domain forever. I see a ton of added complexity to the OS that Joe User wouldn't deal with.
There's a potential for abuse in pretty much any new technology, but I can also see when and where a 'trusted OS' will be a huge step forward.
'Untrusted' hardware will exist so long as there's a market for it. I see no reason to get too worked up over it.
Re:before eveyone gets all worked up (Score:3, Insightful)
Right, because the PC market is governed by pure capitalism. There are no monopolies out there abusing their power and causing the market to do things it wouldn't otherwise do. Good, I guess there's no reason to be worried at all. (shudder)
Re:before eveyone gets all worked up (Score:3)
"'Untrusted' hardware will exist so long as there's a market for it. I see no reason to get too worked up over it.
There will be no market for it. Why would an OEM install hardware that disrupts most "innovative" OS and office software maker that brings them all of there profits!
Linux makes up %2 of the market!
If joe six pack buys a "Free" pc yet can not bring "trusted" word docs home from work or have the latest and greatest XP Media edition to watch all the new hollywood hits or visit porn sites that are "protected" then he will return it. Return == lost profits. I bet Microsoft is blackmailing all the motherboard makers and threatening to throw them out of bussiness if they do not include drm oops I mean pallidium. Porn sites already encrypt alot of there video's into WMV files and I noticed that they also use javascript to prevent copying and pasting pics from there site to your computers. Like the vcr's before them they will drive the market and Microsoft and Hollywood will join them.
The average ignorant joe will demand it and will be forced on everyone. If oracle pisses off Ms then bam they can not develop on Windows. If borland wants to write
We all should be worried and worked up about it. If the apps require it then it will be everywhere.
Re:before eveyone gets all worked up (Score:3, Insightful)
Re:Seat of Trust is infinite regression (Score:5, Insightful)
Ever tried to replace a BIOS that is soldered directly to the board? if so, please let me know how it went.
The BIOS verifies itself? (Score:5, Insightful)
BIOS starts...addressing the TPM chip that verifies the authenticity of the BIOS.
What good is it for the BIOS to verify itself?
If it's not authentic (i.e. compromised), would it really bother to address the TPM chip at all?
It doesn't... (Score:3, Informative)
Re:Can you say..PPC Chips? (Score:5, Insightful)
I don't need a 4 gig chip to type a paper or Photoshop a picture of Rumsfeld and a goat.
Frame rate for games? Got my PS2 for that.
Re:Can you say..PPC Chips? (Score:3, Interesting)
Don't forget SPARC [sparc.org]! It is also an open alternative to Wintel with a good selection of excellent operating systems: Solaris, Linux, and *BSD.
We all should embrace PowerPC, SPARC, MIPS, and other well-known and easily licensed brands of ISAs. These--as long as Congress doesn't screw everything up--will be the path forward when Microsoft, Intel, et. al. try to shove TCPA down everyone's throats.
Also, it certainly doesn't hurt that Sun, SGI, IBM (RS/6000), and Apple all produce really good hardware that lasts into the secondary markets. It isn't hard to find ten-year-old examples of each of these brands still serving useful purposes throughout server rooms and hobbyist desktops all over the world.
When the Wintel-brainwashed masses find themselves backed into an alley with the only exit closing rapidly, we can say to them, "We have the way out!" (imagine Microsoft reeling at the bitter taste of their own words:)