Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
News

Trusted Computing Rollout Hits the Desktop 520

Alsee writes "Previously appearing in a few rare laptops, ExtremeTech reports on the first major computer manufacturer making a full scale Trusted Computing rollout. Samsung will now install the Phoenix Core Managed Environment (cME) BIOS in every computer they make. Previous Slashdot reports on this BIOS include Phoenix Bios to Incorporate DRM and Microsoft Taking Over the BIOS."
This discussion has been archived. No new comments can be posted.

Trusted Computing Rollout Hits the Desktop

Comments Filter:
  • The race is off (Score:4, Interesting)

    by ultrabot ( 200914 ) on Tuesday March 16, 2004 @10:55AM (#8578597)
    How long do you think before this hardware gets hacked?

    I would bet on 3 months.
    • Re:The race is off (Score:5, Interesting)

      by raider_red ( 156642 ) on Tuesday March 16, 2004 @11:09AM (#8578747) Journal
      I'm betting no more than four weeks. Two months at the outside.

      Still, this is one more reason I'm considering a Mac as my next computer.
      • Macs etc. (Score:5, Interesting)

        by H4x0r Jim Duggan ( 757476 ) on Tuesday March 16, 2004 @12:00PM (#8579361) Homepage Journal
        Please do buy only hardware which lets you choose your OS.

        This situation sucks because the only way we can fight it is by being Good Consumers - but since non-MS users are in a minority, the value of our informed consumerism is limited.

        GNU/Linux is proof that if freedom only requires hard work, people will work for freedom - now the proprietary world realises that freedom must be made either illegal or obsolete.

        • Re:Macs etc. (Score:3, Insightful)

          A corrolary to this, and one we should remember, is that venerable quip "If voting could change anything, it would be illegal." IOW, watch your back.
      • That's the ticket (Score:4, Insightful)

        by stoolpigeon ( 454276 ) <bittercode@gmail> on Tuesday March 16, 2004 @12:04PM (#8579413) Homepage Journal
        Go with apple and full vendor lock in. I'm replying here since this is the top comment I could find saying this. How is apple the solution?

        The penchant around here for apple is proof to me that more linux geeks are interested in being a part of an 'exclusive' minority than in being involved in things that are open and free (as in speach).

        • by H4x0r Jim Duggan ( 757476 ) on Tuesday March 16, 2004 @12:16PM (#8579577) Homepage Journal
          > How is apple the solution?

          The problem with the new BIOS is that it controls your system software - actions must be validated. To make this work, unfree software will be required. This means that you mightn't be able to install GNU/Linux on DRM-PCs, or if you can, you'll have to run unfree software on your system to validate your actions.

          The idea of Trusted Computing is that the content owners can trust your computer to do what they say. Code Is Law - except when the code is free. On Mac hardware, you can run a free code OS - so buying a Mac (and replacing the OS with GNU/Linux or *BSD) instead of a DRM-PC is a great idea.
    • The question should be :

      How long before this BIOS is hacked...

      And, more precisely, hacked and shipped whithout the extensions, or even funnnier,a modified bios with specialised settings to fry the mobo/cpu/Security chip....

      Bios viruses existed at one time, when bioses where few... Having everyone using the same secure bios from one vendor (phoenix) could bring some interesting results in the long term...

      + On the side, I seem to remember that some chips makers use "windows only" application to upgrade th
  • by BlueCodeWarrior ( 638065 ) <steevk@gmail.com> on Tuesday March 16, 2004 @10:56AM (#8578600) Homepage
    Fujitsu, however, chose to install the FirstWare Vault software designed by Phoenix, a trusted application designed by the company. FirstWare Vault also creates a hidden partition on the hard drive. However, Fujitsu used it to store a backup copy of the OS, in case the user needed to reinstall. Fujitsu's strategy will eliminate the need to ship the OS "reinstall" disks that have begun to ship in today's PCs. The disks don't contain a full version of the OS, but just the files needed to reinstall it in case of an error. By hiding that reinstall software on a protected partition, the company saved itself the costs of distributing the media, Fujitsu said. Wouldn't this take up quite a hefty chunk of hard drive space? I mean, it says 'doesn't contain a full version,' but wouldn't this still be quite a bit? I'm not sure I want other people making those kinds of decisions for me.
    • this is old news (Score:3, Informative)

      by sulli ( 195030 ) *
      my windows 98 laptop has a backup of windows on it. this is nothing new at all (except that it's in a "hidden" HD partition).
      • by cayenne8 ( 626475 )
        Great..so, if you buy a computer...it is STUCK with the same version of windows forever????

        (Assuming you buy a Dell or other one that won't ship without an OS on it..."

    • by KrispyKringle ( 672903 ) on Tuesday March 16, 2004 @10:59AM (#8578638)
      Not only that, but isn't the whole point of a backup disk to be able to restore your OS and software if the hard drive fails? Sure, you can still use this to restore if the software just gets screwed up beyond the hope of fixing, but if the hardware fails, I'd rather have a CD than another partition on the hard drive.

      And seriously, cost of the media? How much could this possibly cost (even if the partition is only the size of a CDROM; 700MB or less)?

    • Well, it would have to be about 650Mb, or a CD's worth of data. I'm sure that nobody is going to miss less than a gigabyte of space in today's hard disks.
      • Unfortunately the HD sizes for laptops aren't quite up there with the ridiculously large desktop format drives yet. It's not unusual to see laptops with 40GB drives, and 700MB is not as negligible there as it would be on a 120 or even 200GB desktop drive.

        And regardless, it's MY disk and I want be able to use it however i please.

    • by mu-sly ( 632550 ) on Tuesday March 16, 2004 @11:03AM (#8578688) Homepage Journal

      What a fucking joke that is!!

      Your hard drive gets screwed (hardware failure, for exmaple), so you can't re-install on a new disk because you don't have the installation media?

      And I suppose it also has the "feature" that it'll automatically "fix" any "corrupt" (Linux/BSD) partitions it discovers on bootup?

      What a stupid, usless waste of hard drive space to save on the price of an install DVD. This just smacks of taking choices away from the user (other than the choice to boycott this kind of shit completely).


      • choice to boycott this kind of shit completely

        I know that I would be interested in getting the latest high performance computer without this TCPA "feature".

        If there were a handy list of MB manufacturers that do not have TCPA I'd be interested. Others might too.

      • It's a long time since Windows systems regularly shipped with install CDs. If you're lucky you get a set of crappy "rescue" CDs which wipe the entire hard drive and replace it with the image the machine shipped with.
    • by throwaway18 ( 521472 ) on Tuesday March 16, 2004 @11:06AM (#8578718) Journal
      Wouldn't this take up quite a hefty chunk of hard drive space?

      No doubt it will be compressed so I'd expect it to be about 1.5GB for a typical consumer PC preinstalled with windows XP, DVD player, burner software etc. They will still describe it as having an 80GB disk,. not 75GB free space. Manufacturers are happy to save a few dollars by slowing down PC's with software modems and sound synthesis done in software so I doubt they will balk at this oportunity.
    • by caino59 ( 313096 ) on Tuesday March 16, 2004 @11:19AM (#8578874) Homepage
      HP has been shipping computers with complete restore info on the HD for about a 1 or 1 & 1/2 years now. If you want CDs, you have to request them on their site, by mail, or phone.

      If the drive dies, they send you a new drive with all the OS info pre-loaded....the average user doesn't even realize that they are using space...
      • One thing that is commonly over looked in cases were hp ships the OS like this is the fact that they provide a way to burn an actual cd from thier restore files. So in addition to the other choices, you can make your own cd.

        http://h20015.www2.hp.com/hub_search/document.j h tm l?lc=en&docName=bph08097

        I also am thinking that it is part of the microsoft license that mandates there be a way to make a restore cd to physical media too (if they don't ship the actual cd. In the past they were allowed to do
      • Who this 'Average User' guy is. He needs some serious computer training! Anyone have his email address?
  • What next. (Score:5, Funny)

    by Omni Magnus ( 645067 ) on Tuesday March 16, 2004 @10:56AM (#8578601)
    First I have to mod my XBOX, and now my laptop. When will it end?
  • by stevens ( 84346 ) on Tuesday March 16, 2004 @10:57AM (#8578611) Homepage
    Detecting USB controller...
    Detecting peripheral: PC104 Keyboard...
    Detecting untrusted user at Keyboard!
    20000 volts sent to keyboard...
  • by scumbucket ( 680352 ) on Tuesday March 16, 2004 @10:57AM (#8578617)
    The problem with most "trusted computing" proposals so far is that "trusted" is an accurate description of them. It's just an imcomplete description. They aren't about insuring that you, the owner of the computer, can trust the computer or the software on it. They're about insuring that third parties (such as Microsoft, HP, etc.) can trust your computer to do what they tell it to do. The proponents omit that part because they know all too well that if they did say all of what they meant that the average consumer would scream bloody murder and refuse to have anything to do with it.

    • by Adrian Lopez ( 2615 ) on Tuesday March 16, 2004 @11:24AM (#8578926) Homepage
      I totally agree with you. Trusted computing does not benefit users as much as it benefits software manufacturers who wish to impose draconian restrictions over our use of software and media. Frankly, with stuff like DRM, the DMCA and now the FBI's attempt at forcing server software to include wiretapping capabilities, I fear for the future of free and unrestricted access to computing technology.
      • by poptones ( 653660 ) on Tuesday March 16, 2004 @12:28PM (#8579745) Journal
        The problem is "trusting the user" MOST often means "trusting" someone to download any shit that pops in front of them in a pretty package, "trusting" them to NEVER update their system to clear up known security problems, and "trusting" them to leave their system online, no matter how badly corrupted it is, until it is so sick it no longer functions at all.

        Remember "eXistenZ?" It's like that - half the world's computers are under the control of anyone willing to run regular nessus scans and a few backdoor control panels. So.. yeah, maybe some in the linux crowd resent this because the boon won't last more than a few more years. But honestly, something HAS to be done. If that means creating software and system that then set the precedent of forcing corporations to become responsibe administrators of the systems they market on wide scale, so much the better.

        This doesn't mean I have to buy one, or that there won't always exist other mechanisms for connecting to the public internet. But most people don't know a fucking thing about free specch - hell, many of them believe "free software" is illegal in any form. All they want is a terminal in their home that feeds them the latest buzz from aol and msn and ebay - and the internet is a fucking mess today because of these users and their five year old Windows 98 and ME security siphons.

        The internet exists well outside the US, and many countries are making a giant leap in the direction of OSS. Combine that with a giant push toward obsoleting those fucked up "legacy" systems and we all move closer to a more secure AND more usable internet for everyone.

        Sorry... I'll go put my chicken little costume back on now and join you all back at the shack...

    • Every time I hear the phrase "trusted computing" or "trustworthy computing" I think of the "trusted" prisoners who get to work in the prison library. It's the same level of trust, and the same overseers doing the trusting.
  • this just in! (Score:5, Informative)

    by Anonymous Coward on Tuesday March 16, 2004 @10:57AM (#8578619)
    IBM has had thinkpads containing TCPA chips for years! On top of that, they provide a Linux driver for it on their website [ibm.com]!
    • Re:this just in! (Score:5, Interesting)

      by capn_nemo ( 667943 ) on Tuesday March 16, 2004 @11:34AM (#8579036) Homepage
      Just wanted to point out that the 2nd of the listed papers on this IBM link, "TCPA Misinformation Rebuttal" is an excellent explanation of the differences between TCPA, Palladium, and DRM. It also helps explain fact vs. fiction in much of the misinformation circulating about what TCPA can and cannot do. An excellent read!

      http://www.research.ibm.com/gsal/tcpa/

      • DON'T BUY IT! (Score:5, Interesting)

        by hanssprudel ( 323035 ) on Tuesday March 16, 2004 @12:41PM (#8579921)
        No, that paper is a basically a bunch of mis-leading propaganda designed to obfuscate the truth that TCPA exists solely for the purpose enabling Palladium and Palladium type DRM and user controlling mechanisms.

        Read the EFF report [eff.org] to see why if TCPA were not designed with user control in mind, they could have implemented some very simple changes (user override) to make sure that the user had access and control over all aspects of his own machine. They didn't: instead they opted for to create a system whereby the TCPA chips can be used exactly for the things they claim they have nothing to do with (shipping them with so called "Endorsement keys" which are vendor signed, user inaccessible keys that can verify to third parties that you are using an Operating System that they like).

        The logic of the rebutle is backwards all over the place. For instance they claim that TCPA is not for DRM since the chips are not tamper resistant to hardware attacks: This rather shows, unlike what some people have argued, that the chips are not designed to help against things like hardware theft and corporate espionage. For DRM you don't need tamper resistance since laws like the DMCA will keep the means of tampering out of the hands of most of the population.

        Also, the argument against the endorsement keys being used for DRM is something like "nobody has a system to running for signing and verifying them today" which is supposed to convince us that such a system will not exist when they are widely deployed (note that as a feature they are 100% useless without such a system.)
    • Re:this just in! (Score:3, Insightful)

      by ajs ( 35943 )
      The line I found most interesting in IBM's "Why TCPA" paper was:
      "... the TCPA chip is not well suited to DRM tasks, and IBM's implementation of the chip was neither designed nor evaluated for the necessary tamper resistance needed to provide effective copy protection..."
      Interesting stuff, and certainly not what I had been lead to believe previously. Anyone out there that's looked at TCPA to verify this?
  • BIOS DRM Labeling (Score:5, Interesting)

    by codeonezero ( 540302 ) on Tuesday March 16, 2004 @10:58AM (#8578624)
    If I remember correctly doesnt the Record Industry have to label "protected" CDs?

    Would be a good idea if these PC manufacturers labeled their PCs as using BIOS DRM.

    That way an informed consumer can make a choice whether or not they want DRM on their system.

    Just a thought.
    • by ultrabot ( 200914 ) on Tuesday March 16, 2004 @11:00AM (#8578658)
      That way an informed consumer can make a choice whether or not they want DRM on their system.

      It won't matter much, because most people don't care either way. Worse yet, the salesman simply tells the customer that the feature will "enable access to new media formats" and the sucker takes the bait.
      • by IANAAC ( 692242 ) on Tuesday March 16, 2004 @11:11AM (#8578785)
        It won't matter much, because most people don't care either way.

        But people will start to care once stories start coming out of people not being able to run their software that they "brought home from work".

        You'll then start to see people actively looking for PC's that don't have DRM enabled.

        • You'll then start to see people actively looking for PC's that don't have DRM enabled.

          And shortly after that you'll find that PCs that don't have DRM enabled aren't available unless you're a government agency or a corporation on contract to one.

    • I'm sure they will (Score:5, Insightful)

      by Kjella ( 173770 ) on Tuesday March 16, 2004 @11:07AM (#8578732) Homepage
      ...and consumers will buy it because it's a "feature". This wonderful new "trusted computing" will give you access to all sorts of places, simply because we're not going to offer access to anyone else. See?

      Kjella
  • by captain igor ( 657633 ) on Tuesday March 16, 2004 @10:58AM (#8578625)
    We're all going to be surfing the net with a government approved "conduct officer" standing behind us.
  • by Thud457 ( 234763 ) on Tuesday March 16, 2004 @10:58AM (#8578631) Homepage Journal
    Well it's time to add Samsung to the anticorporate do not buy shitlist.

    Good thing I build all my computers from components recycled from the dumpster bay at Texas Instruments in Austin.

  • Not a PC (Score:5, Insightful)

    by FrostedWheat ( 172733 ) on Tuesday March 16, 2004 @10:58AM (#8578633)
    So this is the dawn of the Unpersonal Computer? One that hides things from it's users and gives control to other people.

    Screw that idea!
  • Trusted? (Score:5, Interesting)

    by Ckwop ( 707653 ) * on Tuesday March 16, 2004 @10:59AM (#8578637) Homepage
    I just refuse to believe that the Trusted Computer Initiative will deliver more secure computing.

    The XBOX was an attempt at some kind of DRM and it got hacked to pieces because DRM is just impossible. Plus the fact that Microsoft write overly complicated software with bad tools and bad programmers.

    But Microsoft bashing aside, they aint alone. I don't think there is any company or organisation capable of deliverying decent computer security at the moment.

    The tools do not yet exist to manage projects containing millions of lines of code in a way that won't introduce security flaws.

    Si.
    • Re:Trusted? (Score:4, Interesting)

      by jacksonyee ( 590218 ) on Tuesday March 16, 2004 @11:10AM (#8578767) Homepage

      The problems with digital information management have never come from the tools and software involved. Design flaws in the software can certainly make it easier to do stupid or ignorant things, but the real issue is that the vast majority of computer users view their computer as an appliance like a dishwasher or a laundry machine rather than the complicated, time-consuming device that it really is. As such, they will never take the time to proper train themselves on security and rights management.

      In the corporate environment, this is not that large of an issue since the IT department normally takes care of training, containing, and issuing permissions. In the SOHO market though, this is a real issue, and this is one reason why these Microsoft worms have been spreading as fast as they could. I would love it if computer use was regulated the way a car was here in the U.S. You're allowed to do whatever you want with it when you're on the roads, but you have to be trained to use it before you can drive, and you have to be periodically inspected to make sure that you're not a danger to everyone else on the roads. It sounds like a big hassle, I know, but I really think that it's the only way to rid us of the ignorance clause, even if it involves nothing more than studying a pamphlet and answering 20 out of 25 multiple choice questions correctly.

  • It will never work (Score:3, Insightful)

    by Tuxinatorium ( 463682 ) on Tuesday March 16, 2004 @10:59AM (#8578641) Homepage
    It will never work until program encapsulation is implemented in the ISA. These silly software switches will be easily circumvented.
    • Circumvented or reburnt. If we are able to flash the area of the chip containing the "TCPA" bullshit, then we can just inject our own "trusted" code on there. Since the code can't possibly be too complex (unless a Linux/BE/DOS/all non-Windows lockout is attempted) it shouldn't be much to dump, disassemble, and alter.
  • Honest question (Score:5, Interesting)

    by kneecarrot ( 646291 ) on Tuesday March 16, 2004 @11:01AM (#8578666)
    Besides anti-MS statements and rhetoric about DRM, can someone actually tell me how this will affect what I can do with my computer?
    • Re:Honest question (Score:3, Insightful)

      by RickHunter ( 103108 )

      Let me put it this way.

      Right now, you have control over your computer. You control what gets installed, what can run, and what you do with your data.

      This means that you can no longer do any of that except insofar as whoever DOES have control of your computer sees fit to allow you to. In other words, you no longer own or control your data.

      • Re:Honest question (Score:5, Insightful)

        by back_pages ( 600753 ) <back_pages@@@cox...net> on Tuesday March 16, 2004 @11:32AM (#8579010) Journal
        Another way to look at it is that there are two kinds of computer users: Those for whom the computer is a big mystery and are constantly plagued by spyware, popups, et cetera; and those who know how the computer works, solve their own problems, and could generally be known as computer enthusiasts.

        With DRM infected appliances, the latter is locked out of their own machines to a certain extent. You'll no longer have the ability to solve your own problems but have to rely on the magical mystery software that comes with the computer.

        The distinction will probably be slight at first, but I think it's hardly appropriate to call a DRM infected machine a "computer", since there will be technology in place to prevent the owner from doing certain general purpose computations. DRM infected machines will be entertainment/office appliances and horribly undesirable to people interested in their computers.

    • Re:Honest question (Score:5, Interesting)

      by IgnoramusMaximus ( 692000 ) on Tuesday March 16, 2004 @11:25AM (#8578932)
      As the other posters mentioned from the "basic consumer rights" standpoint you will no longer be in charge of your own computer but the signatories to the "trusted computing" will.

      One additional note: It is very likely that anyone wishing to make software that would install on your PC will need to obtain a license from whomever is the encryption key issuing "authority" in the "trusted" computing world. This will put an end to making your own sofware and also it probably will financially impact small software companies. Not to mention that it will give total control of what software will be granted a "license" to the few signatories of the "trusted" computing. In essence Microsoft will get to decide who will be allowed to make software for the PC platform.

    • Re:Honest question (Score:5, Informative)

      by Unknown Kadath ( 685094 ) on Tuesday March 16, 2004 @11:31AM (#8579005)
      First, I think it's partly the fear of being poised at the top of a slippery slope. (Granted, the "slippery slope" argument is a logical fallacy--but debates are not won on logic alone.)

      So it's completely peachy and great that there's a backup copy of your OS partitioned off on your drive, and tech support can just walk you through a reinstall unless you somehow managed to hose the partition.

      Then, they start shipping computers that do an automatic OS reinstall when certain conditions are met. Maybe annoying for power users, but it will serve most people well.

      Then a third-party vendor asks, "Hey, can we get in on this? Have our software phone home telling how the owner uses it. Then we can improve future versions." Annoying, but for a good cause, right?

      Then the data this third-party is getting shows that people are jumping ship on their application for one that costs less, and they cripple cross-functionality...and keep sending updates to your computer even if you patch it back the way you want it to be. But you don't get to say anything, because you clicked Yes on the EULA.

      Then, seeing the success, a bunch of other vendors jump on the "trusted" bandwagon, and suddenly your computer is about as much yours as if it were part of a bot net. Incremental steps toward a worst-case DRM-everything, your-PC-is-controlled-by-vendors future is what the worry is about.

      Is it a justified worry? Given the tendency of, well, humanity to take a mile when given an inch, and the disturbingly long and broad reach of corporations, I'd say yes.

      Second, I think the furor over trusted computing is a matter of principle. Allowing control of one's computer to be placed in the hands of one or many corporations, or the government, is something many people, me included, find abhorrent. It's a thread of libertarianism (little "l," moderators, not the political party) that, as far as I can tell, runs through a great many of the more common Slashdot opinions. ...which is not precisely an answer to the question you asked, but does explain why the question you asked is not precisely the right one. ;)

      -Carolyn
    • Re:Honest question (Score:5, Informative)

      by plcurechax ( 247883 ) on Tuesday March 16, 2004 @11:35AM (#8579053) Homepage
      For a slightly doom-spelling (unforunately Ross tends to be right far too often) check Cambridge University professor Ross Anderson [cam.ac.uk]'s Trusted Computing FAQ [cam.ac.uk]. There is also his Cryptography and Competition Policy - Issues with `Trusted Computing' [cam.ac.uk] paper as well.

      You can also look at documents at Trusted Computing Platform Alliance [trustedcomputing.org], and I recommend reading The TCPA; What's wrong; What's right and what to do about [umd.edu] by William A. Arbaugh [umd.edu]

    • Re:Honest question (Score:5, Informative)

      by Alsee ( 515537 ) on Tuesday March 16, 2004 @12:55PM (#8580097) Homepage
      I submitted the article.

      I've a programmer and I've been reading the techincal specifications on the system. I'm pretty much an expert on it. I will keep this post as non-technical as I can.

      Trusted Computing pertty much does two things. Number one, it keeps some keys hidden inside a special chip. These keys are sort of a cross between a unique seirial number to identify your computer and a password to lock files. The nasty part is that it secures the computer AGAINST the owner. It locks your data such that YOU can't get at it, except in the approved manner. Number two, it allows other people to "look" inside your computer to see EXACTLY what programs are running - it snitches on the owner.

      If you don't like something about how your computer works and you try to change anything, your files go dead and unusable. If you try to change anything then whenever you connect to a website or any other machine, and that machine asks to "look" inside, then your computer will report that the owner has made an "unauthorized modification" and the other computer will refuse your connection.

      To put it in more concrete terms, say you go to a website. Say the website has ADs. As soon as you try to connect the website will ask to peek inside your machine. If is sees that you have pop-ups blocked it will refuse to you see the webpage. It will be impossible to see the website unless you "voluntarily" view their ADs, and do so in exactly the manner they want.

      If you go to another website it can refuse to show the webpage unless you install their spyware. If you refuse the spyware it is impossible to see the webpage.

      Microsoft is advertizing new DRM e-mail. If you you don't have a Trusted machine, or if your machine is non-compliant then it is impossible to see the e-mail. If your machine is compliant then you can see the e-mail, but your computer will be physically incapable of printing out that e-mail or saving it or forwarding it, and your computer will enforce it's deletion after a certain date. Some companies (like Microsoft) will love this feature because it means that old incriminating e-mails vanish and can't embarassingly pop-up in court later.

      Cisco has announced a new router. It is supposedly an "anti-virus" system, and even the Slashdot story on it reported "Cisco to block viruses at the router". Actually it does not block viruses. What is actually does is look inside your computer to verify that you are running specific approved software. The *advertized* purpose is to check that you are running approved and up-to-date anti-virus software and firewall. It then locks out any potentialy "vulnerable machines" becuase they are a "threat" becuase they "might get infected". If your ISP isntalls one of these machines then you will be denied any internet access at all unless your machine is "compliant". It you aren't running Trusted Computing then they can't verify compliance and you are denied acces. If you aren't running EXACTLY the software they require, or of you alter it in any way, then you are denied internet access. And they can require you to run anything they like, not just security software. Tehy can require you to run software that forces your computer to throttle your own internet connection speed. They can force you to run software that displays ADs. They can force you to run software that tracks everything you do to collect marketing data.

      The President's Cybersecurity advisor spoke at a computer conference where he called on ALL broadband providers to install such routers and to REFUSE access to anyone not running a Trusted Computing compliant system.

      Pretty much all software will require "Product Activation". It will be impossible to even install the software without submitting to any activation procedure they dream up. If you try to alter the installed program in any way then your data will be locked and unusable, and the software won't run at all.

      It will be impossible for people to make interoperable software. And "secure" data saved by on
  • by onyxruby ( 118189 ) * <onyxruby AT comcast DOT net> on Tuesday March 16, 2004 @11:01AM (#8578669)
    What really worries me is the unannounced DRM / Trusted Computing BIOS boards that will be coming out. Since this is an anti-consumer feature, and the BIOS companies know it, they don't want to impede their rollout with a consumer backlash.

    I recall something about one of the Phoenix guys saying that the consumer was not their customer, the media companies were. DRM put directly into the BIOS, with no option to get a motherboard without it is going to be a real issue. Reminds me of when all the local banks in my area added thumbprint for check cashing on the same day. You couldn't bring your business elsewhere because they all did it.

    So wants to start up a BIOS company?
  • Consumer Aspect? (Score:5, Interesting)

    by RandomLinguist ( 712026 ) <onelinguist@gTWAINmail.com minus author> on Tuesday March 16, 2004 @11:02AM (#8578679) Homepage
    In general, I think that most /.ers would agree that invasive DRM practices are not a Good Thing(tm), but I wonder how the general public will see these initiatives, if at all. I think that either of two things will happen: People inexperienced with computers will see the nice friendly keywords like 'safe' and 'trusted', and favor these products out of fear, which is obviously what the manufacturers want. Alternatively, Joe User, who neither knows nor cares about security will simply ignore such concerns as fine print, since any kind of technical explanation is of no interest. Unfortunately, I think the principal outcome may be that, like it or not, these Trusted Computing initiatives may propagate, either from adoption by fearful masses, or simply by sliding under the average consumer's radar.
  • by Quixote ( 154172 ) on Tuesday March 16, 2004 @11:04AM (#8578695) Homepage Journal
    Samsung will now install the Phoenix Core Managed Environment (cME) BIOS in every computer they make.

    ... and in other news, geeks (who make the majority of the purchasing decisions worldwide) have decided that they will boycott every computer that Samsung makes.

  • by Viol8 ( 599362 ) on Tuesday March 16, 2004 @11:11AM (#8578776) Homepage
    Why this is going in the BIOS beats me since most modern OSs (certainly linux) and even windows use the bios as something to boorstrap their boot
    loader whether it be LILO or NT loader. After that the bios is bumped out of memory and ignored. Windows may well use portions of this BIOS if it suits MS but linux and other
    OSs can just happily ignore it and nothing will change. Or have I missed something?
    • Let's just hope that the BIOS dosen't require the bootstrap code to be digitally signed or something.

      BIOS ERROR: Unsigned bootloader (LILO) detected on Primary Master drive.
    • The bios now has crypto features to authenticate 'trusted' applications that the OS can use, or choose not to use. IIRC, it can be completely disabled in the BIOS.

      Even if MSFT, in some future version of Windows, decides that Windows won't run at all unless it's enabled, it still wont have affected linux.

  • by arrianus ( 740942 ) on Tuesday March 16, 2004 @11:11AM (#8578784)

    I would like to see whether this is, indeed, trusted computing. The article was somewhat vague in some ways. If it is the full-fledged hardware portion of the Pallidium initiative, as part of the article implies, it's very, very bad. If, instead, it's a way to save money on a system restore disk by having the hardware hide a portion of the hard drive from normal software, it's annoying, but probably fine, depending on how it is done (if there's a PKI, that's bad, but if it's just read-only, that's fine).

    If trusted computers do appear in your area, I would suggest the following strategy for making them go away:

    1. Order a trusted computer from one of the trusted computer makers
    2. Return it
    3. Go back to step 1

    This assumes the companies have a 30-day no-questions-ask return policy (which is usually the case). You can even say that the "trusted" computing was the reason you returned it. Once they start losing tons of money, it'll go the way of DiVX (not the codec -- the old DVD standard which needed to call home to get authorization). It was pushed by Circuit City, which had a ton of people do this to them, so they introduced restocking fees, and lost a lot of customers who knew nothing about DiVX. Eventually, Circuit City backed off the DiVX thing.

    If you want to be illegal (which I don't recommend), some people have a modified scheme:

    1. Order a trusted computer from one of the trusted computer makers
    2. Take out the batteries (which are potentially explosive), and connect the battery plugs or some port in back to 120VAC, thereby frying the motherboard
    3. Return it as defective
    4. Go back to step 1

    This costs them a heck of a lot more, and gets around the place of returns without restocking fee. If you need to buy a DRMed product, you can also use this to make sure the company pays the manufacturing costs for 2 of 'em instead of one, and loses money on the sale. It is, however, illegal, and probably unethical.

    • It is, however, illegal, and probably unethical.

      For what it's worth, I don't think it is unethical, but I think it may be bad strategy. If a person got caught doing it, it would reflect badly on any organized resistance to trusted computing.

      Unethical, though? Think about the future we'll all have to deal with if this comes to pass. I don't want to live there, do you? These corporations don't have the right to do this to humanity, or even to make the attempt. Therefore, they lost their right to m

  • by pair-a-noyd ( 594371 ) on Tuesday March 16, 2004 @11:12AM (#8578794)
    who the hell would buy a Samsung computer anyway?
  • by Cyno01 ( 573917 ) <Cyno01@hotmail.com> on Tuesday March 16, 2004 @11:12AM (#8578795) Homepage
    I was gonna buy a Samsung monitor, DVD drive and floppy drive. Now i'll be getting a Phillips, Lite-On and oem brand. Let them know with your wallets people.
    • by Jtheletter ( 686279 ) on Tuesday March 16, 2004 @11:25AM (#8578935)
      is great and all but without a massive movement that information doesn't always flow upstream very quickly. In other words speak with your wallet and with your voice. Email is still free (mostly) so everytime your specifically purchase a non-DRM product over theirs write and tell them! [samsung.com] Let them know how much $$$ they're losing on a sale-to-sale basis. Companies live and die by numbers and having another level of data tells them even more forcefully that, yes a boycott is in progress, and they're actively losing our money.
      • Speaking with your wallet is great and all but without a massive movement that information doesn't always flow upstream very quickly. In other words speak with your wallet and with your voice. Email is still free (mostly) so everytime your specifically purchase a non-DRM product over theirs write and tell them! Let them know how much $$$ they're losing on a sale-to-sale basis.

        Excellent point, but it does not go far enough.

        Each time you make such a purchase, tell NOT ONLY the DRM manufacturer why they lo
  • I wonder.... (Score:3, Interesting)

    by ronfar ( 52216 ) on Tuesday March 16, 2004 @11:14AM (#8578822) Journal
    I wonder what Sony would do if Microsoft wanted to put out this BIOS that would only run Microsoft operating systems. Would they put such a BIOS in their computer? Come out with VAIO Linux? (Or maybe more realistically, a proprietary VAIO-OS based on BSD?)

    I think Microsoft and Sony are locked in a struggle right now (hence the XBOX, Microsoft's shot accross Sony's bow), so I can't see Sony going along with this.

  • by Kurt Gray ( 935 ) on Tuesday March 16, 2004 @11:25AM (#8578937) Homepage Journal
    So what makes an application "trusted" is that it has been blessed by Microsoft, ie. any software publisher with the funds to pony up the fee to Microsoft to get the trusted seal of apporval I suppose. So that's supposed to make computing more secure... and what is a "secure" computing environment anyway? Most of us define a secure computing environment as a desktop we can work at where our data is secure, private, stable, and uninterupted by rogue applications that pop up in your face unexpectedly refuse to be ignored... this is where "trusted" vendors are trying our patience. It has become more common for every Windoze desktop application sold today to hag nag screens popping up for any number of reasons: "Do you want to check for updates?" ... "Do you want to register now or be reminded to register in the next 15 minutes?" ... "Would you like to see some exciting new offers? I'll just go ahead and add them to your bookmarks menu anyway..." ... and all this happening when the offending application is not even running! Desktop software is becoming increasingly intrusive and interupting the workflow process.

    So I ask you, what's worse: having a malicous virus annoy you and interupt your workday or having an application you paid for essentially behave even worse? At least virus authors don't nag you to register.

    So my point is "secure" and "trusted" computing is obviously a joke when the companies driving this initiative are more intrusive and disruptive to the average work day than most virus authors.
  • by CompSci101 ( 706779 ) on Tuesday March 16, 2004 @11:25AM (#8578946)

    Hey all,

    While it's easy for us geeks to be upset by this, do you think that it's just the media companies that want this sort of thing?

    For instance, Lotus Notes (used by corporations "serviced" by IBM the world around) has a nifty feature whereby should a sender wish, they can block access to many client features like, oh, printing or forwarding. Making an unpopular/possibly illegal move with your company? Do it by e-mail! No whistleblowers (save the truly geekiest that can get around this sort of thing) will bother you. Being subpoenaed by the FBI (like Microsoft has been over and over and over again via e-mails)? Have your trusty computer eat it! Simple!

    The geeks, for our part, must take a stand and make sure people who buy this equipment are appropriately punished for it. This includes our friends and family -- if they buy something containing this sort of embedded DRM, refuse to help them with anything and everything regarding the cursed device. Assuming you'll be able to get around the DRM and help them to begin with...

    Bah. Paranoia sucks.
    C

  • Hmmmm...I wonder... (Score:4, Interesting)

    by GeneralEmergency ( 240687 ) on Tuesday March 16, 2004 @11:28AM (#8578961) Journal

    ...could it now be the time for an open source BIOS project?

    These things are all now flashable anyway, right?

  • but I think I'll just hang on to them. Not like I'll get any $$$ for them - right now...

    Really, I think the first customer of these Samsungs is going to be some giant corporation that will pick up a pile of these and deploy them all over. Perhaps the Attorney General's office in California will grab some. :P

    Companies like Verisign, Network Solutions, and Microsoft have shown that those who are supposed to be trusted, can't and shouldn't.

    How is 'Trustworthy Computing' supposed to work when you can't trust the providers of the technology?

    Think of the software lock-in and stranglehold that licenses are going to have on these machines - or the uselessness of a boat anchor when it gets hacked by a virus that will be allowed to run on it during its rollout period, or when it gets hacked.

    Ugh. Keep your old machines, geeks! (Sorry, wives and girlfriends...)

  • A shame... (Score:5, Interesting)

    by praedor ( 218403 ) on Tuesday March 16, 2004 @11:34AM (#8579031) Homepage

    Now I am compelled to take measures to ensure that no potentially illegal activities (corporate) are able to be hidden by this DRM nonsense. I will have to bring a digital camera into my workplace as soon as I start running into unprintable emails, documents, etc. As soon as I get any document with an expiration/self-destruct date. I will start taking steps to ensure that all such items are "documented" via digital photography, if need be, so that I can safely be a whistleblower as required. I will not, under any circumstances, EVER be party to illegal activities by any corporation for the sake of money. I will not be party to unethical activity of any kind. If I come across such, I am compelled to blow the whistle and if M$ and other corporations feel the need to try to cover their unacceptable, illegal, unethical behavior via DRM crap, then I WILL sidestep it one way or another. I am honor-bound to do no less.


    On a personal note, it is automatic that I will never ever again purchase any system that contains a phoenix bios chip in it. Old or DRM-enabled new, phoenix has ceased to exist as far as my money is concerned.

  • Easily hacked? (Score:5, Insightful)

    by tehanu ( 682528 ) on Tuesday March 16, 2004 @11:46AM (#8579191)
    People are saying that these computers are likely to be hacked very quickly.

    I agree.

    I also predict the reaction of the companies will be to
    (1) make it even *more* draconian.
    (2) Whine that the entire computer industry as we know it will be destroyed (and the terrorists will win!) unless Congress enacts laws that will make it illegal to break into "Trusted" computers which given the way Congress usually drafts laws will probably be so vague and broad that merely open the case of any computer (w/o a government sanctioned license) will count as infringement worthy of 5 years jail. (Maybe we should call this the Patriot Computing Act?) And if they are really good, enact laws force everyone to upgrade to Trusted computing within say 5 years or else via legislating that within 5 years every new computer sold in the US has to be a "Trusted" computer.

    Remember, in the field of "intellectual property" and anything associated with "computers" or "digital" or "internet", if something fails, it's not because it's a technological impossibility, your business model is failing or your customers plain don't want it or even hate it. It's because you just haven't made it draconian enough, your customers are your enemies who need to be punished and made to toe the line and you need draconian broad-based legislation otherwise the economy will collapse, WWIII will happen and of course, the terrorists will win.
  • by msimm ( 580077 ) on Tuesday March 16, 2004 @12:53PM (#8580079) Homepage
    Someone suggested that we speak [samsung.com] up. I'm game:
    I am writing you to share my disappointment over the announcement of your planned use of the DRM enable Phoenix bios. I believe that any product that contains 'features' able to limit users in their freedom to use their computer (and included data) is an anti-consumer feature. I can not in good conscience support a company who willingly chooses to support such a technology. As a the chief technology representative for my company and a trusted knowledge base for many family and friends I am afraid I will have to recommend against any purchases of Samsung hardware or equipment.


    I understand that these time are hard between the push from big businesses and media conglomerates and the promise of additional features, DRM can sound like a very appealing solution. Unfortunately at this time I do not believe DRM to be beneficial to the consumer and must make my recommendations based on the very real possibility that this technology will be used to the disadvantage of the consumer.

    Thank you,
    My Name (ha ha I have more then just a NICK!)
  • China (Score:5, Interesting)

    by ickoonite ( 639305 ) on Tuesday March 16, 2004 @02:11PM (#8580922) Homepage
    As we've seen recently [theregister.co.uk] in Intel vs. China regarding China's own wireless standard (labelled GB15629.11-2003 for those interested), we can probably at least count on China to get hissy about this.

    Simply put, whether the threat they perceive is real or not, there is no way they are going to allow American proprietary rubbish (with evil spyware code to boot) to penetrate the Peoples' Republic. So if we have to start importing all our parts from the commies, then so be it, but even if dumbass consumers in the West buy this kinda rubbish (and, as others have said, they undoubtedly will), it simply will not fly politically elsewhere.

    The push for Linux in Asia is clear - HP are going to ship Linux boxen [slashdot.org], China has variously shown its keenness towards the open OS, NTT DoCoMo [nttdocomo.co.jp] are putting Linux in phones [infoworld.com] and so on - this kind of stuff really does matter. At the very least, American hardware manufacturers are going to consider the bigger picture before alienating large numbers of potential consumers.

    Microsoft is not invincible. It has failed in the mobile phone market, failed to crush Java (now, of course, flourishing on mobiles) and has a long time to examine consumers' reactions before Longhorn comes out. I really don't think it will try to push this too hard...

    iqu :?

Repel them. Repel them. Induce them to relinquish the spheroid. - Indiana University fans' chant for their perennially bad football team

Working...