Home > Privacy, Security > “Trusted Computing” Sneaks into PCs “Trusted Computing” Sneaks into PCs David Adams 2005-03-17 Privacy, Security 23 Comments “The three largest computer makers–Dell, Hewlett-Packard and IBM–have started selling desktops and notebooks with so-called trusted computing hardware, which allows security-sensitive applications to lock down data to a specific PC.” About The Author David Adams Follow me on Twitter @david_adams 23 Comments 2005-03-17 7:11 pm I’m afraid it is not about security. We all know what it’s about, and it will be abused to the ends of the Earth. 2005-03-17 7:31 pm I’ve heard of a few (stress few) applications where trusted computing is helpful, such as protecting trade secrets. However, I still doubt people will be comfortable having this in their general-pupose PCs at home. This isn’t like a cell phone or a cable box, where privacy boundaries are well established and, frankly, there needs to be information for billing. PCs are a little bit of everything to people, which is why trusted computing is going to have trouble finding its niche. Trusted computing would be appropriate for those cases where PCs really are nothing more than cellphones or whatever, such as future hosted desktops on in-home terminals. In that case it can actually work in the interest of privacy and not against it. But that business model is a ways out, I think. 2005-03-17 7:53 pm Just more reasons to switch. 2005-03-17 8:02 pm If you don’t like digital restrictions management or people controlling you and your machine, restricting your freedom, buy another laptop. That’s the best advice. 2005-03-17 8:03 pm I can see a need for this in the business world, but it will only hinder personal computing. And I can almost guarantee that it will be incorporated into DRM to make sure Aunt Matilda can’t watch an “illegal” divx file. Consumers need to vote with their dollar on this, and hopefully the manufacturers will listen. 2005-03-17 8:06 pm It will take a while till smaller motherboard maker will integrate this s**t onto their boards. And I hope, there will be operating systems which will not depend on it. 2005-03-17 8:06 pm I really need to investigate this further, but I’m just waiting for the first virus to exploit this. “Yes, I am a valid application; here is my certificate”, and then proceeds to destroy the OS and lock down the hardware. After that there is no recovery, no antivirus/cleanup. You have a paperweight. Furthermore, the user will have not bothered to read the EULA which indemnifies Microsoft against any litigation. 2005-03-17 8:34 pm It is called Treacherous Computing, my friends. This is not about your security, this is about other people deciding what you can do with information. This is about moving software, music, videos and our collective culture to a rental model. If there’s nothing else you do today, read Professor Anderson’s FAQs http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html http://www.gnu.org/philosophy/can-you-trust.html http://www.notcpa.org/ If after reading that, you still want to continue using Windows in the knowledge that Longhorn will support TCPA and possibly WinXP as well with patches, then it is your decision and you will have made an informed choice. I think this will open the floodgates of people trying linux, particularly among Windows power users who will really begin to feel how restricted the platform is. The Free and Open Source Community will welcome you with open arms. 2005-03-17 9:19 pm If IBM is a key player in the trusted computing business I’d read the changelogs on their linux-contributed code. 2005-03-17 9:30 pm //Chalk up another one for Apple Just more reasons to switch.// Not while third-party mobo manufacturers still exist. Which will be for awhile, yet. Plus, who’s to say Apple would never do this? Anyone can be bought, especially Jobs. 2005-03-17 9:55 pm i seem to remember a bunch of people on lkml freaking out about it awhile back. but anyways… tcpa is just a matter of time, and it will take an insane amount of effort to make it go away. 2005-03-17 10:02 pm I think the risk is at least as high with Apple. Since they make the hardware and software you will essentially have no choice on that platform if they adopt a similar trusted comuting model. I use Apple products, but would drop them in a heartbeat if they start any of this nonsense. This will be a good test to see if the average consumer still continues to be a clueless idiot or votes against it with their dollars. 2005-03-17 10:14 pm > If IBM is a key player in the trusted computing business This, i’m wondering about as well… (Don’t they know/remember M$ screws over anyone close enough for them to do so?) > I’d read the changelogs on their linux-contributed code. Well, they did provide a Linux driver for their TPM (trusted platform module): http://www.deviceforge.com/news/NS4201870894.html But this Palladium/NGSCB business i see no use for but DRM and/or (application) vendor lock-in… 2005-03-17 10:18 pm > Not while third-party mobo manufacturers still exist. Well, at least until TC makes it into the CPU/chipset. [shrug] What would be handy for the community is if there were a web site cataloguing not just hardware which is compatible with GNU/Linux, but hardware that is manufactured by companies who refuse to participate in TC. It could also provide a “stay away” list of companies who push TC. 2005-03-17 11:06 pm >>Just more reasons to switch. The main reason why Sony, Nintendo and Microsoft are using PowerPC chips to run the next generation of game consoles — that trusted computing is already built into silicon by IBM. 2005-03-17 11:06 pm dont know, but torvalds said he didnt see a problem with the tech itself. and under linux your more likely to find software and kernel patches that allow you to fake a system i can see the need for a way to verify that a system someone is using is inside the building and so on (think wifi and similar as an example). the problem is how the application verification system will be used, to lock the user of a service to only use say internet explorer of a specific version and so on. then one can start talking about forced upgrades… the question becomes, will the abusable scenarios outnumber the usefull ones? 2005-03-17 11:11 pm >>>What would be handy for the community is if there were a web site cataloguing not just hardware which is compatible with GNU/Linux, but hardware that is manufactured by companies who refuse to participate in TC. RedHat will be using “trusted computing” to force you to buy their enterprise edition OS. You can still get the source code to compile their linux distribution, but you won’t get the proper “trusted computing” certificates. 2005-03-17 11:14 pm Bullshit. Prove what you said or shut up. Red Hat is not doing any such thing. 2005-03-17 11:46 pm The sooner Microsoft makes it hard to impossible for people to warez stuff, the sooner people will start rejecting restricted culture for free culture. Anything that increases the diversity of culture in the general population is a good thing. Wanna watch Hollywood and listen to Brittney? Go sit in front of the tv? Wanna watch grass roots independant film and listen to aspiring artists with actual talent? Go visit a web site. 2005-03-18 12:20 am My views are not new and they have been extensively talked about for the last 2 to 3 years. http://techrepublic.com.com/5100-6313-5081241-2.html 2005-03-18 12:53 am Locked down trusted computing is good as long as you can trust your computer (ie. as long as you have control over it). With Windows this is not so, you have little control over what the OS does and is allowed to do. The best is to use an open OS that you can trust and you know exactly what it is asking of the hardware and exactly what it is doing with it. This is almost impossible to know in any closed system. 2005-03-18 2:35 am only problem then is that one is then back at square one as its not you thats supposed to be able to trust the computer but the third party. but as long as you control the computer it cant be trusted. only solution i can see is a usb based black box or similar. b asicly the big brother of the old fashion dongle. dont want it? unplug it. but dont come complaining that you cant access a site or media that require it… if the corps could, they would have tried to reset the whole computer industry and turn it into a collection of console boxes with added storage for user files and programs… 2005-03-18 3:35 am “The sooner Microsoft makes it hard to impossible for people to warez stuff, the sooner people will start rejecting restricted culture for free culture.” “Free culture” doesn’t produce itself. Someone has to create it. If “Free culture” is the community producing their own movies, music, books, games, software, and all the other commercial stuff I presently see on P2P, usenet, web sites, and FTP, then great? “Anything that increases the diversity of culture in the general population is a good thing.” For loose definitions of “anything”. If people’s ideas of “Free culture” are however simply not doing the hard work, and taking others hard work and dispersing it without permission? Then no. “Wanna watch Hollywood and listen to Brittney? Go sit in front of the tv?” Free will thanks you for that insight. “Wanna watch grass roots independant film and listen to aspiring artists with actual talent? Go visit a web site.” You mean we couldn’t before? How about after? Does anyone here realize that a lot of this situation wouldn’t have come about if *some* had been able to, “Just Say NO!”, and had the actions to back it up?* *This is the point were someone brings up “rental model”. Maybe so, but the illegal downloaders aren’t helping the situation, and in fact are making it worse. There are good guys out there trying to make the situation right, by working within the system. Kind of hard though when your “enemy” can point and say “See!”.