×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

501 comments

Finally ready for the main stream (4, Funny)

kaustik (574490) | more than 9 years ago | (#11552171)

It really makes me happy to see that Linux distributers are finally seeing the light and providing the community with things we need in an Operating System. Hopefully this will lead to other advances in the wonderful world of DRM.
sigh

As sad as it is (5, Informative)

Anonymous Coward | more than 9 years ago | (#11552460)

To have to burst your bubble of uninformed zealotry, there are plenty of good uses for trusted computing and DRM that do no interfere with your quest to get 'fr33 musicz 4 life' or whatever. Not all of this technology is for companies like the RIAA to protect copyrights, despite what Slashbots would have everyone think.

Re:As sad as it is (1)

Blue-Footed Boobie (799209) | more than 9 years ago | (#11552634)

This is not flamebait. I hope someone with a brain mods you up.

If anything, the original parent was the flamebait...

Re:As sad as it is (1)

kaustik (574490) | more than 9 years ago | (#11552795)

Yes, but somehow I got modded up and you got modded down with your childish lash out.
Stupid mods.
Seriously, though - I do agree that there are _some_ potential benefits to this. Unfortunately, the concept opens up the possiblity of DRM restrictions infecting the Linux operating system. If we continue to run on non TCPA hardware, at least we can argue that our system will not support their restrictions. ... "If you build it, they will come..."

Here comes the flood?? (4, Interesting)

Reziac (43301) | more than 9 years ago | (#11552910)

From TF WhitePaper [PDF] [ibm.com] on IBM's site:

The "trusted" boot functions provide the ability to store in Platform Configuration Registers (PCR), hashes of configuration information throughout the boot sequence. Once booted, data (such as symmetric keys for encrypted files) can be "sealed" under a PCR. The sealed data can only be unsealed if the PCR has the same value as at the time of sealing. Thus, if an attempt is made to boot an alternative system, or a virus has backdoored the operating system, the PCR value will not match, and the unseal will fail, thus protecting the data.

At the very least, that sounds like "bye-bye multi-boot systems".

IBM also has a rebuttal to TCPA's detractors [PDF] [ibm.com] . This one talks more about how the TCPA chip as currently designed "not been designed to resist local hardware attack, such as power analysis, RF analysis, or timing analysis." That's all well and good for the moment, and while the chip is (per the PDF) mounted on a presumably-removeable daughterboard, but how about the future? Is this how TCPA will stay, or is it the beginning of our worst fears??

At least these two whitepapers agree with most of us here on one thing -- DRM itself is stupid, for a variety of reasons.

Tee hee... published before editing was finished (4, Funny)

PornMaster (749461) | more than 9 years ago | (#11552174)

From a programmer's perspective, the IBM version of the TPM (or TCPA chip) looks like Figure 1. Garrick, please crop the caption out of the figure itself.

Garrick? Garrick? McFly? McFlyyyyyyyyyy?

Re:Tee hee... published before editing was finishe (2, Funny)

theGreater (596196) | more than 9 years ago | (#11552213)

Poor Garrick:

From the Fine Article:
Garrick, insert this table and the next exactly where indicated. They do not have titles, and the last line of each table should span both columns.


-theGreater.

Apparently this is not the first time... (2, Informative)

sczimme (603413) | more than 9 years ago | (#11552458)


Go to the Linux Journal search function [linuxjournal.com] and search for 'garrick'. You should get eleven hits. I didn't read all of them, but using ctrl+f to search the pages revealed notes to Garrick re: font selection and the like. D'oh.

Do we really need it ? (5, Insightful)

CineK (55517) | more than 9 years ago | (#11552203)

I mean - there are a lot of hardware security modules that can be used for building trusted systems right now.
Isn't the only purpose of pushing things like TCPA locking the platform down ?

Re:Do we really need it ? (4, Informative)

danheskett (178529) | more than 9 years ago | (#11552512)

A locked down platform is very useful for some things.

One thing TCPA provides that many alternatives do not is a system of sealed storage. In this scheme, an application run under the TCPA feature set can access storage that is guaranteed by hardware to be only accessible by that one application, and no others. This storage is protected by hardware encryption, and cannot be accessed directly, even by the OS. If the application itself or any component is tampered with the sealed storage is inaccessible, since the Nexus, or hardware security manager, recognizes the binary itself as the key to the sealed storage. If that binary is modified, it can no longer access the sealed storage.

Sealed storage like this is useful in a lot of ways. Combined with a strongly encrypted internet communications a highly secure messaging system could be devised where the encryption was physically end-to-end. Since TCPA provides encryption from the keyboard, to the memory, to the Nexus to the CPU and every point in between, the plain text is only exposed when it is physically being typed - it never exisits in unecrypted digital form.

Believe it or not (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11552518)

In that crazy thing they call the 'real world' where people do things with their computers besides just surf warez and get on Kazaa... things like this just might have other purposes. And hell, there may even be some crazies who could benefit from them! Insane, isn't it?!

I know I know!!! (1)

Nexus7 (2919) | more than 9 years ago | (#11552606)

Yeah, let's build, you know, VOTING MACHINES, with this!!! I mean, is that a revolutionary idea or what?! At least in these parts, huh? Where wa the TCPA/TCP/fancy_acronym in '04 (for that matter, in '00) when we could've used them for what is th emost important use of them all?

Re:Do we really need it ? (1)

niiler (716140) | more than 9 years ago | (#11552666)

As I really have no problems with viruses, trojans and the like, the only purpose I see to this is restricting content. I, for one, feel that the current Disney/Bono copyright law is decimating the public domain and that fair use is in danger of going extinct. An open source version might allow one to simulate trusted computing when necessary and build in a back door so that fair use can still apply. Last I recall, the Constitution mandated fair use, not the content providers. Of course, this sort of programming would probably violate the DMCA (which as we know, supercedes the Constitution).

Re:Do we really need it ? (1)

ultranova (717540) | more than 9 years ago | (#11552723)

No, of course we, the users, don't need DRM. It's entire purpose is to take control of a computer away from the user and into the hands of some other entity, who can allow or disallow any given function remotely. In such a system, DRM's role is to ensure that the user cannot regain control.

This, of course, is enormously usefull for entertainment and software industries. Especially the latter can force any license terms it pleases after DRM becomes required by law (it will - the two industries combined have deep enough pockets to force the issue). Up to this point, it has been "buy once, run as long as you please"; with DRM, it becomes "buy once per reboot" - especially Microsoft would benefit from this ;(.

So no, we don't need DRM, but they do, and they have all the money and power, so we are fucked.

Aged 83 pope john paul dies! (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11552214)

Read it at the BBC! The pope is dead!

Re:Aged 83 pope john paul dies! (0, Funny)

Anonymous Coward | more than 9 years ago | (#11552243)

Not yet, sorry. I just asked Stephen King...

Re:Aged 83 pope john paul dies! (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11552257)

Damn. Was Christopher Reeve available for comment?

way to get my hopes up, man (-1, Offtopic)

Anonymous Coward | more than 9 years ago | (#11552292)

what is it good for? (2, Insightful)

Anonymous Coward | more than 9 years ago | (#11552222)

The only benefits I can see is increased security for encrypted communication or hard drive encryption. I am really trying to think hard of any other beneficial applications but can't come up with anything.

Re:what is it good for? (1)

essreenim (647659) | more than 9 years ago | (#11552280)

Could be useful for electronic voting.

Re:what is it good for? (1)

mOdQuArK! (87332) | more than 9 years ago | (#11552375)

You mean to make sure that the creators of the black boxes can make the vote turn out _exactly_ the way they want it to, without worrying about anyone else being able to figure out what they did?

Re:what is it good for? (1)

Hobbex (41473) | more than 9 years ago | (#11552392)

Could be useful for electronic voting.

Think again, the manufacturers of TCPA have admitted that they are not secure against hardware manipulation. It is likely that we will begin to see TCPA mod-chips hitting the market soon after TCPA takes hold (that is right people TCPA means you will have mod-chip your PC). The whole point is to make sure that circumvention of DRM requires more effort than the masses will spend - requiring an expensive and illegal modchip to be attained is considered enough.

Re:what is it good for? (1)

nkh (750837) | more than 9 years ago | (#11552361)

Unless TCPA involves some kind of new, enhanced cryptographic algorithm unknown to man (given to Bill Gates by aliens from another planet), there will be no increased security. I have ssh and it's still good for the moment.

We just have to wait for someone to crack the security through obscurity part and hope that my standard Linux/BSD (without all this DRM/TCPA shit) will still boot on future hardware.

Re:what is it good for? (2, Interesting)

Jennifer E. Elaan (463827) | more than 9 years ago | (#11552639)

Actually, it *does* include many enhanced cryptography features that cannot be designed entirely in software.

While I have a problem with the uses of this platform that Microsoft no doubt intends, TCPA can be quite useful for making secure systems based on open standards.

One part of these modules is the ability to send keys to the hardware module in a way that cannot be read back out (but with encryption performed using this write-only data). This allows public-key encryption with the private key stored in a very secure way.

Well. (1)

Kickasso (210195) | more than 9 years ago | (#11552474)

You could send messages that self-destruct in ten seconds after being opened. That's silly, I know.

Well, security of communication is a big plus in any case. These little suckers, among other things, should be more resistant to pwnage than present day systems.

Re:what is it good for? (4, Insightful)

vadim_t (324782) | more than 9 years ago | (#11552496)

Well, it could be useful for a seriously locked down server.

Imagine that you're an admin at some big company, with a hundred Linux boxes. You have this stuff on every of those boxes, and a computer for administration somewhere safe. When you install software you first check it, then sign it, then push updates to your servers.

If somebody gets in, they'll have things quite difficult. Anything unsigned simply won't run at all. Rootkit modules, exploits, etc, will all simply not be able to run at all. This would take out a quite big part of the exploits an attacker could use. Remote ones would hopefully avoided by NX.

This wouldn't protect against things like races, but it certainly could help quite a lot.

The situation above is something I wouldn't have any problems with. If an admin wants to have an uber-locked down system where anything not signed by his key that's only present in a computer with no network connection in a secure room with an armored door doesn't run at all, then sure, why not. I'm fairly sure this can mostly be accomplished without hardware support at all, though.

Now, it's when software publishers want to make it impossible for me to control my computer when I have problems with it. But if the user has full control of it, I think it could come quite handy in some cases.

Re:what is it good for? (1)

wasabii (693236) | more than 9 years ago | (#11552548)

It cannot be accomplished without hardware support.

If it's implemented in software, then somebody will just hack that software.

The idea is that every bit executed by the CPU must be signed by a third party, enforced by hardware, with NO WAY TO BE MODIFIED.

Re:what is it good for? (1)

vadim_t (324782) | more than 9 years ago | (#11552719)

Why?

I don't think there's any fundamental problem that makes it impossible to make a VM or emulator that's impossible to break through. If the attacker entered by ssh guessing a password or whatever, and assuming the kernel doesn't have any defects that make bypassing the protection possible, it should work just as well.

The scenario I presented in the grandparent should work just fine with software, IMHO. Now, the chip is certainly useful if you want to take away control from the owner of the machine.

Re:what is it good for? (3, Insightful)

Qzukk (229616) | more than 9 years ago | (#11552820)

When you install software you first check it, then sign it, then push updates to your servers.

In the end, it depends on who gets to sign the software, and how this software is distributed once signed. In our corner of the court, we have the admin signing software for 100 boxes (does he have to sign each separately? Can you sign software for every box out there at once? If its not a specific-to-that-machine signature, how do you keep the attacker for signing software too?) for the purpose of protecting the servers from software you don't want to run.

In the other corner of the court, it appears that we have big business interests who want to have all software signed, who would charge hundreds to sign software for other authors (verisign, et al will certainly be in the business), MPAA and RIAA will be wanting to make sure signed software obeys their rules (and will probably charge for this too), all to make sure your computers are protected from software they don't want you to run.

Things like this IBM article help make the first scenario a reality, and I'm grateful for it. Now, who wants to be the first to be sued by Microsoft for some TCPA submarine patent that nobody knows about?

Re:what is it good for? (1)

Seigen (848087) | more than 9 years ago | (#11552506)

As far as encryption goes all you really need for more security is a very good source of random numbers since the encryption code can easily be in software, but generating good random numbers in general can't. I think the major chip makers already have hardware random number generators, although I've never studied how good they are. Of course implementing anything in hardware can make it faster..

As to the trusted part of trusted computing. It was always my understanding that it meant someone other than the user of the computer could trust the computer to work in a certain way. I.E. they could make a trusted dvd reader only interact with a trusted motherboard, and only allow direct on chip decoding to send it to the overlay section of a trusted video card to prevent one from ripping the dvd. Is such a scheme unbreakable? The answer to that is maybe, if they are really good in their design. You can do similarly for other forms of trusted applications. For instance xbox applications are digitally signed so only approved ones play. Does that mean mod chips for pc's someday? Maybe.

Re:what is it good for? (1)

ichimunki (194887) | more than 9 years ago | (#11552509)

Encrypted communication and hard drive encryption are already possible. Including "trusted computing" in Linux allows Linux users to run closed-source binaries (either applications or libraries) that interact with encrypted files obtained from third parties, where such binaries use this "trusted" nonsense to restrict the use of these files in some way. This allows Linux users to trade their freedom in return for continued access to digital media without having to stop using Linux at the same time. While we can have discussions about whether this is "right" or not, it seems largely inevitable that certain operating systems and computing platforms will get this and that certain digital media providers will take advantage of it. It makes using Linux less of an all-or-nothing decision.

say it again! (0)

Anonymous Coward | more than 9 years ago | (#11552633)

Umph.. oooh

Good God ya'll..

What is it good for? Absolutely nothin'!

Re:what is it good for? (1)

harlows_monkeys (106428) | more than 9 years ago | (#11552791)

The only benefits I can see is increased security for encrypted communication or hard drive encryption. I am really trying to think hard of any other beneficial applications but can't come up with anything

Games.

There are many things, for instance, in MMORPGs and FPSs that have to be done now on the server that could be done better (in terms of performance and in terms of providing a better game experience) on the client, but can't be done there because it would allow cheating.

Distributed Compution with confidential data (0)

Anonymous Coward | more than 9 years ago | (#11552870)

Something like SETI@Home and Folding.com can really only be done today with publically accessible data.

With Trusted Computing, noone else can access it.

Good for Obscene Pr0N, Terrorism, etc. (0)

Anonymous Coward | more than 9 years ago | (#11552919)

If the RIAA/MPAA can hide content completely from the devices it's running on (people's home computers); more questionable organizations like terrorists and MILF porn distributors can use it to hide content from authorities.

Like any encryption tech, it's a double-edged sword.

Linus Torvalds himself has blessed DRM (5, Insightful)

Xpilot (117961) | more than 9 years ago | (#11552229)

Linus himself said DRM is ok [theregister.co.uk] , as long as it's used in the interests of the user. This is a good thing, think about it; EvilCorp(tm) wants to use DRM to cripple computers, but the PR guy will say "it's for the user". Of course their intent is nothing of the sort, but the Linux folks are the only ones who will actually implement something that *is* in the interest of the user. Then EvilCorp won't be able to lobby making Linux illegal, since Linux also uses DRM which does what EvilCorp claims it's doing "for the users". Well, hopefully.

Good point... (0)

Anonymous Coward | more than 9 years ago | (#11552308)

Maybe that's because the linux devs are actually linux hackers / lovers like the rest of us (well, those of us that do... not saying everyone is, and if you aren't, that's ok!), and they don't want to make using linux painful.

I think it's cool. In fact, this may be one of the things that helps drive linux to a popular position in the desktop realm. Just need to get some big companies behind it, like, say Intel, HP or IBM... oh wait, they all support linux. Maybe this isn't so improbable.

I'm kind of excited to see what will happen.

Re:Linus Torvalds himself has blessed DRM (2, Insightful)

scorp1us (235526) | more than 9 years ago | (#11552389)

You touched on something there that I want to bring out further.

Linux can show what user-centric trusted computing can/should do. Microfoft et. al. will be showing what Big Business trusted computing wants/can do.

Eventually there will be those that will ask why it has to work against them so much when running Billy Bob's OS, and then they'll realize that their PC is not their PC, but the industry's PC.

Re:Linus Torvalds himself has blessed DRM (2)

EpsCylonB (307640) | more than 9 years ago | (#11552441)

Then EvilCorp won't be able to lobby making Linux illegal

Sillier things have happened.

Re:Linus Torvalds himself has blessed DRM (3, Insightful)

Minna Kirai (624281) | more than 9 years ago | (#11552450)

Linus himself said DRM is ok, as long as it's used in the interests of the user.

Linus is not a lawyer. More importantly, he's not even a free software or open source evangelist. Unlike RMS or ESR, he doesn't even hang out with lawyers or devote serious thought to legal matters.

Since DRM is a combined legal-technical area, it falls outside Linus's expertise, and his opinion carries little weight. (From a practical standpoint, TCPA is incompatible with the Linux philosophy of open-source modifications)

Re:Linus Torvalds himself has blessed DRM (0, Flamebait)

GoofyBoy (44399) | more than 9 years ago | (#11552504)

This gets modded +5 Insightful? There wasn't a better post to mod up?

It reads like an overactive child who just getting too excited about his toys.

"Maybe Linux will get rockets and laser and missles and guns with super-bullets blessed by the Pope. And then they could go up to M$ campus and then destroy Steve Ballmer and all his evil minions. And then Bill Gates will regret all the evil things that he did. Well, hopefully."

If you can't beat 'em, join 'em. (2, Insightful)

Kickasso (210195) | more than 9 years ago | (#11552250)

Better yet, lead 'em. It would be ridiculously funny if Trusted $FREENIX were released before Trusted Windows or Trusted MacOS.

Linux needs all the help it can get, cmpd to OS X (-1, Troll)

Anonymous Coward | more than 9 years ago | (#11552255)

OS X was recently ranked the most secure operating system, so I applaud the Linux community in doing all it can to try to match Apple. Good luck with that.

Lacking One Thing (5, Interesting)

SpottedKuh (855161) | more than 9 years ago | (#11552286)

Though the specifications detailed in the article are definately a Good Thing, they lack (at least as far as I could tell) any way of preventing unauthorized physical access to the chip.

Physical access to machines is always a big issue in security, and one that is often overlooked. And while it's probably not a big deal for your home machine, consider large companies whose machines could conceivably be targetting for a physical attack to recover the keys directly from the TPM (Trusted Platform Module).

Stajano's "Ubiquitous Computing" book has excellent coverage of the rationale, issues, and complexity of attempting to prevent physical access to chips and devices which store sensitive information. It's an easy read, and well worth it: http://www-lce.eng.cam.ac.uk/~fms27/secubicomp/ind ex.html [cam.ac.uk]

Re:Lacking One Thing (1)

cpeikert (9457) | more than 9 years ago | (#11552407)

The TPM is supposedly very tamper-resistant, not just a piece of solid-state memory holding the keys. This should make physical attacks very expensive and labor-intensive.

Re:Lacking One Thing (1)

SiliconEntity (448450) | more than 9 years ago | (#11552761)

Though the specifications detailed in the article are definately a Good Thing, they lack (at least as far as I could tell) any way of preventing unauthorized physical access to the chip.

Slashdot ran a story a few weeks ago about a new set of chips with built-in TPM [slashdot.org] features. These chips have the Trusted Computing capabilities built into the CPU. It will make it much more difficult to attack them physically since the TPM is not a separate module but is integrated into the whole system. Probably this is how all TC systems will be built eventually.

Hardware Security (3, Interesting)

quadra23 (786171) | more than 9 years ago | (#11552296)

This is indeed good news! Security that is solely-based on software is far easier to compromise than hardware-based (provided that the hardware can't be tampered with by malicious software). Far better to have the security co-ordinated between both. I'd be interested to see how widely accepted this open specification will be.

Big Bro (0)

Anonymous Coward | more than 9 years ago | (#11552319)

It would be ironic that Linux users used the cryptography system to keep information _out_ of the hands of EvilCorp, instead of the other way around.

Re:Big Bro (1)

Yaa 101 (664725) | more than 9 years ago | (#11552539)

This is not as strange as you imply...

There are many small businesses looking for ways to keep people from reading stuf, people like competition and secret services.
While not asuming it gives any vast security, it gives another layer of it to some people.
Better would be seperate networks for internal systems and internet systems, the fact is that most simply cannot afford that.

As long as the specs and software are open source and as long as one can decide themselfs what OS to install on a machine there is room for the chip.
It all really depends on Law, hence politicians, lobbieng, etc... what rights we keep as individuals, this is not different from yesterday.

Anyway, all tech, all that exists has good and bad sides...

WTF?? (-1, Redundant)

rbarreira (836272) | more than 9 years ago | (#11552330)

I thought this kind of bullshit would only affect proprietary systems such as windows!

Arrrghhhhhh, the human race sucks.

TCPA is a DRM smokescreen (4, Informative)

Hobbex (41473) | more than 9 years ago | (#11552335)

It has been said a million times, yet apparently it bairs repeating. The "security" aspects of TCPA are redundant, unnecessary, and at best useful but could be made a lot better if the chip was designed for security rather than DRM. The whole system really exists only for one purpose: as a trojan horse to implement something called "remote attestation" in PCs.

What is remote attestation? Basically, it means that the TCPA chip, which you cannot control, can read what operating system you have loaded, and send a reponse proving that you are running a certain operating system to others on the Internet. The purpose of this, of course, is so that the operating system can be verified not to have it's DRM functions cracked, so that the RIAA and MPAA can send you data and make sure that they get to decide what you do with it.

The people pushing TCPA will claim that it is not for DRM, but that is a smokescreen and only a smokescreen. While TCPA does not do DRM itself, it is the enabling component that is needed so that software can implement DRM without being circumventable.

What does this mean for a "trusted Linux"? It means that while it is completely possible to have a Linux system working with TCPA, once you change anything in the system, the TCPA chip will notice you are running a modified system, and nolonger let your data. So while the software may nominally remain under the GPL, it will be the death of the free software model, because users who wish to tinker with their systems will be locked off the Internet (Cisco is already talking about systems to have ISPs demand remote attestation when TCPA is in place). TCPA and Linux can be combined in theory, but only in theory - in reality they cannot ever coexist.

Those who do not believe me (or those who are inclined to believe the MS shills who will respond saying that I am wrong), should read EFFs analysis of TCPA [eff.org] where they give a simple way that the chip could be changed to allow all uses except remote attestation intended to force people to use certain operating systems and enforce DRM over the user. It has been completely ignored by the manufacturers of TCPA.

Re:TCPA is a DRM smokescreen (1)

Yartrebo (690383) | more than 9 years ago | (#11552499)

I can already think of a workaround.

Use an x86 emulator and two copies of Linux, one that uses TCPA and one that doesn't. Run the x86 emulator on the unrestricted Linux copy, and use it to run the TCPA copy under emulation. The x86 emulator would just have some security 'flaws' when it comes to storing keys or it might do stuff like forgetting to apply the encryption. It would still report as a valid DRM chip, and would be able to provide keys and authentication on demand.

Re:TCPA is a DRM smokescreen (1)

Minna Kirai (624281) | more than 9 years ago | (#11552502)

The whole system really exists only for one purpose: as a trojan horse to implement something called "remote attestation" in PCs.

Trusted Computing is genuinely pursuing security as long as you understand that it's the end-user who is evil and needs to be held back. It protects entertainment companies from members of the public, making it the exact opposite of "user friendly".

Re:TCPA is a DRM smokescreen (1)

EpsCylonB (307640) | more than 9 years ago | (#11552538)

....

The purpose of this, of course, is so that the operating system can be verified not to have it's DRM functions cracked, so that the RIAA and MPAA can send you data and make sure that they get to decide what you do with it. ....

(Cisco is already talking about systems to have ISPs demand remote attestation when TCPA is in place). TCPA and Linux can be combined in theory, but only in theory - in reality they cannot ever coexist.


Lets be clear about what it is that you are saying here, even Linux OS's that are TCPA enabled are unlikely to be approved for use with media services provided bye the RIAA and MPAA. This is probably true, but saying that TCPA and linux can never co-exist is, I think, an exageration, TCPA by itself will not kill Linux.

Re:TCPA is a DRM smokescreen (1)

MetaPhyzx (212830) | more than 9 years ago | (#11552838)

Sounds like it almost ideal, when dealing with workstations in financial businesses/organizations that handle sensitive data. I'm sure we've all run across user X who didn't see the harm in installing "that little weather application" (I know this doesn't happen with linux specifically, but on XP/2000 this could save a lot of headache support wise) It can help ensure uniformity. From that side of things, I can immediately see the bonus.

On the flip side, I'm not interested in it on linux, just because it won't work. And it sounds like I'd have to depend on the maintainers of a distro for digitally signed binaries for anything I MAY run. I really don't like that idea.

Re:TCPA is a DRM smokescreen (1)

SiliconEntity (448450) | more than 9 years ago | (#11552930)

Those who do not believe me (or those who are inclined to believe the MS shills who will respond saying that I am wrong), should read EFFs analysis of TCPA where they give a simple way that the chip could be changed to allow all uses except remote attestation intended to force people to use certain operating systems and enforce DRM over the user.

And see this rebuttal to the EFF report [invisiblog.com] .

Further see this blog entry by the same author on good uses of Trusted Computing [invisiblog.com] all of which rely on the supposedly evil Remote Attestation feature. EFF's proposal to allow people to override their systems' attestations would ensure that none of these applications would be possible.

The truth is that TC along with Remote Attestation is a new feature set for your computer which allows new ways for people to cooperate online. Some people oppose this because they don't believe that others should be allowed to cooperate in ways they don't approve of. They don't want you to be able to credibly commit to obeying certain rules in processing data. But they have no right to interfere in your private decision making processes.

Talking of Gentoo... (1, Funny)

bcmm (768152) | more than 9 years ago | (#11552372)

I am having problems with my system clock under Gentoo.
It keeps saying it is the Second of February, when I know it must be the First of April...

Re:Talking of Gentoo... (0)

Anonymous Coward | more than 9 years ago | (#11552579)

Obviously the moderators arent very bright, and thought you were being serious. Offtopic my ass.

Re:Talking of Gentoo... (April Fools Joke) (0)

Anonymous Coward | more than 9 years ago | (#11552588)

Offtopic? He's making a joke about april fools. What kind of mods do we have here?

Re:Talking of Gentoo... (0)

Anonymous Coward | more than 9 years ago | (#11552669)

# rm -rf /

Trusted Linux is ILLEGAL (3, Interesting)

Minna Kirai (624281) | more than 9 years ago | (#11552393)

It's very simple:
1. Linux is distributed under the GPL (and other licenses).
2. To comply with the GPL, end-users must be able to acquire the source code (which means everything they need to reproduce the binary executble, with or without modifications).
3. If you don't comply with the GPL, you are committing copyright infringement, a federal offense.

But from the other direction:
4. Trusted computing means that all binaries are signed with a secret key.
5. The Trusted CPU will not execute binaries that weren't signed with that key.
6. In this way, it is impossible for end-users to create modified binaries to add/remove features from the software.

The GPL is too much in conflict with Trusted Computing to ever allow them to work correctly together. To obey the GPL, end-users must have access to everything needed to rebuild working binaries- which includes the secret key. But for Trusted Computing to work, it must be impossible for end-users to get the key- otherwise there's no point.

So, Linux or Trusted Computing. Choose one, because you can't have both.

Re:Trusted Linux is ILLEGAL (2, Insightful)

kormoc (122955) | more than 9 years ago | (#11552493)

easy, have linux tell the chip what key to use (user set) and then when you compile something, you sign it with *your* key, and it runs, then if joe blow hacks in and compiles a root kit, it won't run, cause it's not signed by you. Why should ms be the only one who can sign things?

Re:Trusted Linux is ILLEGAL (0)

Anonymous Coward | more than 9 years ago | (#11552653)

But if jow blow can access your computer, I would assume he has access to your private key as well as you would store it most likely on your computer.

Re:Trusted Linux is ILLEGAL (0)

Anonymous Coward | more than 9 years ago | (#11552527)

Aside from the fact that this post is completely nonsensical, it should be noted that the GPL comes with no warranties of operation... meaning that if you get all the source code and then it doesn't compile... so what.
Beyond that, key material is not source code, or if it were then it would literally be impossible to distribute any kind of GPL software that interacts with encryption because by your twisted logic you'd have to distribute everyone's private key to everyone else. So are you going to start us off by posting all your private keys and passwords to this thread?

Re:Trusted Linux is ILLEGAL (1)

pe1chl (90186) | more than 9 years ago | (#11552528)

Trusted software means the binary has been signed and the running binary has not been tampered with.

This does not mean you cannot have the source or you cannot modify it. Only, the modified version will not be trusted. That is what trusted code is all about.

So there is no conflict between GPL and trusted code. There is a conflict between modified code and trust, but that is the purpose of the entire concept.

Of course you can generate your own secret key, publish the public key, sign your binaries, and everyone can verify that they are genuine binaries from you. Then, anyone who trusts you, can trust your binaries just as they trust binaries signed by Microsoft.

You can create modified binaries. (1)

Kickasso (210195) | more than 9 years ago | (#11552559)

You just can't get them signed. Unless you somehow persuade the signing authority to review your modifications, that is.

Unsigned binaries won't be able to play play DRMed files (which you shouldn't have anyway) but should still work with your normal files. The trusted CPY will be happy to execute them, it will just refuse to flag them as trusted.

Re:Trusted Linux is ILLEGAL (0)

Anonymous Coward | more than 9 years ago | (#11552560)

So, Linux or Trusted Computing. Choose one, because you can't have both.

Really? Then what's this?

TrouSerS [sf.net] - An open-source TCG Software Stack implementation, created and released by IBM.

MOD DOWN _ STUPID (0)

Anonymous Coward | more than 9 years ago | (#11552591)

Can't you even read the blurb? "Published open standards" "Published open standards" "Published open standards" "Published open standards" "Published open standards" "Published open standards"

Got it yet? This means it will be in the kernel if you want to use it and it will be completely open source, fool. Illegal...please.. you're such a moron.

Re:Trusted Linux is ILLEGAL (1)

aardvarkjoe (156801) | more than 9 years ago | (#11552595)

Frankly, if the GPL doesn't allow me to sign a binary, then the GPL is broken. However, I rather doubt that's the case -- much open-source software is already signed by the creator / distributor, so you know that the binary you got was actually made by him. Because hardware DRM relies on exactly the same idea -- guaranteeing that you got your binaries from a particular source -- from a practical standpoint, there's no difference between the two scenarios.

Re:Trusted Linux is ILLEGAL (1)

Minna Kirai (624281) | more than 9 years ago | (#11552801)

Frankly, if the GPL doesn't allow me to sign a binary, then the GPL is broken

Conversely, if the GPL allows me to sign binaries on a system where unsigned binaries don't run, then the GPL is broken, because it's got a loophole allowing GPL'd works to be effectively seized by corporate programmers with no compensation.

much open-source software is already signed by the creator / distributor, so you know that the binary you got was actually made by him.

Sure, you can sign binaries. But if you give that binary to someone, and he later demands the source code from you, you'd better include the private key along with it.

Otherwise, once he recompiles and finds that his new binary doesn't match the one you supplied, you are in breach of contract and could be arrested for criminal copyright infringement (that is, in a bizarre alternate dimension where the police enthusiastically pursue such crimes).

Some people might argue that the binary itself isn't modified by the signing, and that the "sign" is just a tiny file distributed alongside (basically a hash of the binary that's been signed, rather than the whole thing). Hashes are technically partial copies of the original work, but they such a small proportion of the source material that they are usually considered to fall under Fair Use.

However! Fair Use has 4 factors to consider, and size is just one of them. Economic impact on the original author is another. And since keys used in TCPA operate to so completely subvert the intent of the GPL, they are indeed working strongly counter to the original software's author.

But let's step away from the legalities and look at it from a practical standpoint: What is the GPL meant to do? It's there to ensure that the users of software are able to modify the software, to stay in control of their own computing lives. TCPA is trying to create exactly the opposite effect: the central goal of TCPA is that a DRM-controlled video/audio file you play on the computer screen cannot be ripped by some other program and stored in a non-copy-protected file.

In short, it is trying to prevent the addition of certain key features to software. It wants to prevent software progress. And that is completely against the spirit (not to mention letter) of licenses like the GPL.

Re:Trusted Linux is ILLEGAL (2, Informative)

nomellames (818773) | more than 9 years ago | (#11552637)

From your post, I belive you don't understand what trusted computing is, or what the TCG specifications imply. Trusted Computing is based in the assumption that there is a Core Root of Trust. This CRT is trusted, and should be verifiable (not the current state, but maybe in the future we will have an open source BIOS). This CRT will measure the next entity (bootlader, whatever) and will hash the reult into a repository (the Trusted Platform Module). Then the bootloader will do the same with the OS, and so on. Of course, this is an over simplification, but there is no signatures here. Later, a program wil want to attest the software you are running, and will ask for this integrity measuraments. Also note that this (attestation, measuraments) is only a tiny part of the TCg specifications I dont see any trouble with this and linux.

Re:Trusted Linux is ILLEGAL (1)

Minna Kirai (624281) | more than 9 years ago | (#11552952)

dont see any trouble with this and linux.

The trouble is not between TCG and Linux, but TCG and GPL (and Linux is one of many GPL programs).

Later, a program wil want to attest the software you are running,

The whole idea of that "attesting to the software you are running" is restricting who can modified the software. In particular, TCG wants to forbid amateurs and especially end-users from modifying the software. That is completely against the open-development spirit of Linux and all GPL projects.

Re:Trusted Linux is ILLEGAL (1)

Qzukk (229616) | more than 9 years ago | (#11552657)

The Trusted CPU will not execute binaries that weren't signed with that key.

wrong. They'll still execute, they just won't be trusted.

Trust itself is a feature at the OS level! Do you think the BIOS knows whether some data you read off the disk is an application? Does the CPU know the difference between a current application and the one that just executed just because of a context switch (which happens all the time just during timesharing between all the different applications you already have running)?

An OS could be written so that everything you try to run is verified through whatever TCPA hardware and then deny you the right to run untrusted software, but I can pretty much assure you that Linux wouldn't bother with this and if it did that someone would fork it. Microsoft probably wouldn't even bother with this (outside of the corporate empire where they could sell the admins keys to encrypt all of the software they allow on the computer to prevent users from installing other stuff), unless they really think that their monopoly is so strong it'd survive being the only company making windows software anymore, or give away the signing keys for free.

Re:Trusted Linux is ILLEGAL (1)

Minna Kirai (624281) | more than 9 years ago | (#11552906)

They'll still execute, they just won't be trusted.

Fine. They'll "execute", but since they're not trusted, not all of the features will work. Meaning that not all of the binary is "executing"... so I guess I was right after all.

but I can pretty much assure you that Linux wouldn't bother with this and if it did that someone would fork it

How would they fork it? You can't fork if it won't run, and it won't run if you don't have the key. The only way to fork would be if you could use the GPL to coerce the signers to give you that

Do people not understand how TCPA is trying to kill Linux? Trusted CPUs will be introduced. Then a decade later, 100% of new and fast CPUs will be trusted. Newspapers, magazines, TV shows, audio, and software will all be DRMed so that only Trusted OSes can run them.

Commercially-produced Linuxes will be able to remove traditional commands like "cp" and "dd" to qualify for trusted status, so Linux as software won't die. What will be killed is the open atmosphere where anyone can modify the software and then try it out without killing 90% of the other functions.

Some features could be usefull... (1)

bcmm (768152) | more than 9 years ago | (#11552421)

If, for example, this provided a way to make sure that a computer on the internet is really who it claims to be, that would be good.

But trusted windows, at least, is going to be about remote deletion/disabling of data.

Re:Some features could be usefull... (0)

Anonymous Coward | more than 9 years ago | (#11552775)

oh teh noes deys gonna delete my puter? =/

Software DRM (2, Interesting)

Yartrebo (690383) | more than 9 years ago | (#11552439)

Since the source is available for Linux, what would stop someone from sandboxing 'trusted' software by having the OS validate code before it's executed (slow, though a bit faster than emulation and without all the bugs), and then implenting the DRM hardware (or BIOS) instructions in software in a way that stores the keys (or plaintext information, if that is not doable) and allows access to any software to get the info.

The software DRM implementation would be 100% transparent to the application and noone would be the wiser.

It should also be workable with a x86 emulator running a closed source 'trusted' application along with its closed source OS, with the emulator doing the DRM instructions a little differently than normal.

TCPA - TCG (3, Informative)

SiliconEntity (448450) | more than 9 years ago | (#11552469)

It hasn't been called the Trusted Computing Platform Alliance, TCPA, for a couple of years now. It's now the Trusted Computing Group, TCG. Same technology, just a new name.

Newspeak Framing at its finest (1, Informative)

frankie (91710) | more than 9 years ago | (#11552557)

If Gentoo wants to add a TCPA compatibility module, have fun. But absolutely do NOT call it "Trusted Gentoo" when its actual meaning is "Gentoo that doesn't trust YOU".

Gentoo's public communications guy needs to read some George Lakoff [gracecathedral.org] . It's a wonderful life, folks. Every time you use their words, a devil gets his pitchfork.

Wow (0)

Anonymous Coward | more than 9 years ago | (#11552715)

You couldn't be a bigger dumbass missing the point.

/me points finger and laughs at your regurgitation of stupid FUD

TCG and Linux make sense (2, Informative)

SiliconEntity (448450) | more than 9 years ago | (#11552649)

Trusted Computing Group (TCG) technology makes sense in the context of Linux. Microsoft refuses to implement it. They had their own conception, which was Palladium, then NGSCB, then was dropped. So if TCG is going to go forward at all, it has to be with Linux.

It's kind of ironic, because Ross Anderson's lying Anti-TCPA [cam.ac.uk] FAQ tries to claim that TC exists to kill Linux. And yet it is turning out that Linux is the salvation of Trusted Computing.

There are a number of research projects in TC on Linux, including TPM Device Driver [ibm.com] , Trusted GRUB and Secure GUI [prosec.rub.de] , tcgLinux [ibm.com] , TCPA Open Source Platforms [crazylinux.net] , Enforcer [sourceforge.net] , and more. All Linux based.

Don't believe the FUD about TC. When implemented in Linux using Open Source software, TC gives you new options for securing and expanding the capabilities of your computer.

DUMB (0)

Anonymous Coward | more than 9 years ago | (#11552681)

HEY THIS IS STUPID, people post good comments AND THEN GET TROLLED?

That's no moon... (1)

William_Lee (834197) | more than 9 years ago | (#11552695)

Why do I get the feeling there is going to be a thriving blackmarket in hacked BIOSs and OSs in the unfortunate event that these chips are actually deployed and implemented in a widespread manner?!

Whatever happened to the user having full control over a piece of hardware they plunked down hard earned cash on?!

Not so funny anymore (2, Funny)

Anonymous Coward | more than 9 years ago | (#11552927)

In Soviet Union, your GPL'd software doesn't trust YOU!

Hmmm. This puts the whole concept of so-called "Trusted Computing" into a realistic, and sad, perspective.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...