Trusted Computing is generally associated with Microsoft, and, as of a short time ago, now Apple as well. On the other hand, little time is spent on the idea of integrating Trusted Platform Module support deep into GNU/Linux and other Free Software desktops. Maybe it is time for that to change.
Could TPM Be Good for Tux?
About The Author
Follow me on Twitter @thomholwerda
2005-08-12 1:01 pmAnonymous
imagine store a server certificate in a chip, by far more secure than in a /root/.secret/mycert.cer i think.
ibm have tools to manage tpm on linux, and make them gpl long time ago.
so it can easly integrated with linux distros.
you can store your pgp key on the chip, or your biometric signatures, or. . . .infinite posibilities for it.
i can understand you don’t want to use itunes, or ipod becouse them uses it badly, or even microsoft, or drm software, etc, etc
but the technology is very nice.
2005-08-12 1:34 pmAnonymous
This is nice usage, but this is not for what TPM was designed.
2005-08-12 3:46 pmAnonymous
i switched to linux because its likely never going to have this. if they start this, i might as well go back to windows. lol
TPM is good for linux as long as you leave it OUT of linux. it will be yet another reason for peeple to switch too linux.
2005-08-12 1:01 pmAnonymous
and also product activation
two excellent linux recruitment tools
I don’t think that TPM/DRM is good for users, but I don’t see any harm with TPM/DRM in Linux.
Like it or not, Microsoft (and the business that fund them) is behind this drive. It will be a Managed Rights world, at least to some extent. Perhaps you view it as mindless sheep being led by a malevolent overlord, or as a useful new technology that will be welcomed by knowledgable users. It doesn’t matter. It is coming, and there will likely be the need to support this ‘feature’ just to remain compatible with the rest of the world.
And, being Open Source, Linux users will have something that Microsoft does not allow. Choice on when to use this module, and when not to.
2005-08-12 2:19 pmraver31
you sir, have not got a clue
you sound like one of those sheep you mention.
at the minute in the UK there is a big advertising campaign being run by the government for ID cards. These ID cards are not going to just have pictures, name and address, but instead, they are to include biometrical data, including a DNA profile.
Now the major point of the governments campaign is to try and get the public to “beg” the government for the ID cards, they cite the recent terrorist attacks as something that would not have happened if we all had these ID cards….. Excuse me, but there is no way to stop a suicide bomber, ID cards or not…
the moral, MS, governments, whover tells you something is a “good idea” then forget it, in fact, fight it
2005-08-12 2:43 pmmarkjensen
So I take it that you disagree with my viewpoint, and decided to vote my post down because you disagree – not because of any forum rule violation. You might want to review them here: http://osnews.com/rules.php
Had you actually read my post, you would see that I see Trusted Computing as bad for users. And that I see it as an unfortunate future that will be hoisted upon the computing masses by the source of funding (always follow the money). Microsoft has plans to include this. Since it is likely that desired media will require some form of TPM, I see no problem in an optional module in Linux to support this. Users can select it or not. Freedom of choice should allow users to select something that others find distasteful (some hate KDE, but that doesn’t mean it should not be an option to install).
And, in the future, please reserve the “minus” moderation for posts that actually violate a rule. Using them to express disagreement is wholly unfair, and contrary to any form of reasonable discussion.
2005-08-12 4:19 pmraver31
no – I did not vote you down. Honestly
I did point out in my post, although it might not have been clear, that I viewed you previous post as if you were one of the sheep that you mentioned,
the way you wrote it, it was as if you have blindly accepted DRM.
I cannot agree to this myself, and this is one of the reasons I switched to Linux. It is MY computer, and they are MY programs on there, accessing MY personal data, I do not want Microsoft locking me out of access to my own stuff, do you ?
Would you blindly accept it if they did ?
Didn’t think so…
2005-08-12 4:27 pmmarkjensen
My apologies, raver31.
I just saw a scathing reply to my post and a -1 moderation, and I jumped the gun.
And, no, I will not blindly accept restrictions on my computer. However, that does not mean that I will blindly reject the use of unpleasant tools in the future, should it become necessary.
As long as any sort of these restrictive technologies were modular and could be activated and removed at will of the user, I will consider them more of an “ugly” technology – and one that may yet be fought back.
2005-08-12 4:35 pmraver31
they are indeed ugly tools, ugly tools from an ugly technology.
there is one thing I cannot stand in the IT world, and it really grates me is this…
someone invents an excellent format, like MP3 for example, and everyone uses it….
then some greedy slime thinks “how can this make money for me?”
it is that sliming off other peoples work that I really hate, and it was one of the reasons I switched from Windows.
Why should my money make some other bloke richer, granted, if he actually deserved it through his own deeds, then no problem, but stealing/coercing/coniving other peoples work is just not on.
now, this article is on a “linux” website, but if you actually look at the content of the rest of the site, you have to wonder what the hidden agenda of the guy actually is.
DRM would not survive in linux, it goes against the whole ethos
2005-08-13 9:45 amAnonymous
(by Bjarne Nilsson)
>> As long as any sort of these restrictive technologies were modular and could be activated and removed at will of the user.
the user you ar talking about, is that a normal user, or root? Who shold decide?
1: if root decides it will potensialy prevent users
from viewing DRM’ed content. (Impleementing DRM in a
kernel mudule is a bad idea)
2: a per user drm.conf with manages the apropriate
Please corect me if you think this is wrong/incomplete/unclear
2005-08-12 7:25 pmre_re
I totally agree with you raver31
This is a little off topic but there is a smiliar ID initiative that has already been passed (sneaked it through with another bill) here in the states
this DRM/coorporate/gov’t control is unfortunately going to be a part of all our futures and people are ignorant to think it will stop with protecting copywrited media. This will penetrate deep into our lives in the not so distant future.
I am very anti-DRM and if it means i cannot use itunes or other digital media, so be it.
2005-08-12 8:21 pmraver31
I am very anti-DRM and if it means i cannot use itunes or other digital media, so be it.
in fact, I needed an MP3 player to listen to while I commute to work each day, and as I use Linux only, I was not prepared to install Windows on any of my PCs just to use an Ipod,
so I bought a generic MP3/WMA player from Mulberry. It is most impressive, however, as it is generic, I cannot find a support site for it, to see if it can play OGG.
but then again, I haven’t tried yet
I would assert that the pros seem likely to outweigh any cons.
What about freedom?I don’t want anybody telling what to do or not with my hardware.I’m sure i can make a decent decision on my own.Furthermore there’s a big shadow side,those chips will certainly only exist on coming new hardware so you pretty much exclude all with no chip installed from watching/listening any drm content.
In the end it depends how it’s going to be implemented.I ouldn’t like to see such a chip permanent on my mobo.I would rather see it as an chip on some flash card or a usb/firewire device so i can dismount the chip whenever i please to.
2005-08-12 1:26 pmAnonymous
Apparently the mass has shown it can’t make a decent decision on his/her own, maybe you can, but the broad use of p2p for mainly illegal music sharing and illegal software has shown that most can’t. I myself don’t like drm, but I can see why some people would like to have it added. Freedom is good, as long as most of the people use it carefully, and not the way people use it now (regarding to IT-stuff). Therefore some restriction are to be forced. It’s the same as the earlier thing: bsd- vs gpl-licence, bsd would be better, if it wouldn’t be abused that much, therefore some people invented gpl, which is a cross bread (breed?…) between bsd and closed source. The only thing we have to make sure is that we don’t switch to not being able to do anything without being controlled. But for some things drm is necessary.
2005-08-13 4:56 amJLF65
Apparently the mass has shown it can’t make a decent decision on his/her own, maybe you can, but the broad use of p2p for mainly illegal music sharing and illegal software has shown that most can’t.
I think the numbers only show SOME can’t, not MOST. Don’t let a few bad apples spoil it for everyone else.
2005-08-12 1:34 pmAnonymous
> What about freedom?I don’t want anybody telling what to
> do or not with my hardware.
That’s perfectly possible with Butler’s proposal, if I understand it correctly. He suggests that DRM is implemented in hardware, thus making it possible that you have full control over the software.
The intention is probably to have the software deal only with encrypted data, and finally send the encrypted data to the DRM chip without getting unencrypted data back (but rather send it directly to the outputs).
This is another reason why you build your own distro, so you can leave sick garbage like this out. No one don’t needs to look at their content, the crap only works if you’re a sheep, so if nobody looks or listens to it they will find a decent license to use, be a ram.
…especially with: “would send out a signal that GNU/Linux is not pro-piracy”.
This is bullshit. It’s like when they say that using gpg means you got something to hide. It’s like when you don’t like being taken your fingerprints, body/luggage-searched constantly means you got something to hide. It’s like when not conforming to the Man’s stupidity means you are a terrorist.
Sending out signals. Right. So now it’s not enough to behave good, one should loudly state that one’s pro or contra something. Brave new stupid world. Or just yet another of those article writers.
There is a fundamental problem that makes it extremely hard if not impossible to combine trusted computing and an open source operating system.
The point is that you can only trust a kernel and drivers that have not been thinkered with. Otherwise, anyone could just change the sound driver a bit, for example to make it dump to file whatever it’s playing.
Since you cannot have a trusted Linux kernel if you compile the kernel yourself, let alone have made any modifications, you can only have “trusted” Linux if it has been precompiled and signed by a “trusted” vendor.
And without a trusted kernel, well, it’s a very nice thought to do the decryption in hardware so the algorithms can be closed, but that’s not much use if the decrypted output stream of that hardware is then handed over to a kernel wide open to thinker with…
2005-08-12 4:47 pmg2devi
I couldn’t agree more. The key assumption in the article is “DRM could be completely done in hardware”. It can’t unless your hardware contains all the mixing features that you expect in a software application and all those features are integrated into the motherboard.
And what’s the point? DRM will always be defeated until they can DRM our minds. Even in the worst case where there is no hole in the actual hardware, DRM would just talk to *audio* speakers which can easily be tapped into.
Couldn’t Trusted Computing built in to the harware enhance security such as for example SELinux?
For example, if you are in control of the hardware then it could certainly be used to make your machine even more robust?
2005-08-12 2:02 pmyouknowmewell
It’s a double-edged sword. If you’re a Good Guy(TM), then this can help you be secure. If you’re a Bad Guy(TM), then this can help you be secure. Unfortunately, the Bad Guy’s idea of security is locking the Good Guy out of fair use of his bought-and-payed-for goods. Security in general is a double-edged sword, whether in OS’s, airports, grocery stores, etc. The laws of Thermodynamics apply.
I simply can’t see much reason to support TPM but I can see MANY good reasons not to support it. At least in the academic world most leading computer scientists agree: stay away from TPM as much as you can.
Fairplay is transparent? Linux is pro-piracy? What is this guy smoking? First off, most software pirates rip… are you ready for this… CLOSED SOURCE APPLICATIONS FOR WINDOWS! Most of the FOSS world is, well, FOSS. Free. Open source. Not piracy.
And Fairplay is utterly transparent until you try to exercise fair use like, oh say, moving it to other devices or putting it on certain hardware. Or if your hard drive gets scratched and you find you’re not allowed to use your own backups. That’s about as transparent as a brick wall in the middle of a freeway. And roughly as pleasant a user experience.
No, I say this guy is another uninformed suit with a Master’s degree in technobabble. “Everybody’s doing TPM… Linux needs to follow the crowd!” is basically his thesis. The whole reason for the creation of Linux and free software in general was to provide a FREE and OPEN means of computing. TPM and DRM fly directly in the face of this philosophy. Embracing DRM in Linux is the first step toward giving the MPAA, RIAA, Microsoft and every other major monopoly a free license to trample users’ rights and dictate what users may or may not do with products the rightfully own.
unstoppable force: legal online media distribution
Please stop telling us about this. The aim is of course to prevent people to save video from TV to any media or at least reduce quality or prevent copy in order to oblige everybody to buy something. Behing DRM I see a way of making everybody pay for everything related with sound/video.
Do we want to give more power to the media that what they have ?
My answer is no.
Well I won’t even try to guess where you go the idea that trusted computing is associated with MS but just so I get your sorry straight the 2 companies that come to mind are IBM and Sun and ONLY THEN MS. Provided that Sun has a trusted computing OS based on Unix and IBM uses as400 and that IBM is so keen on making Linux the next big thing there is no reason why there would be any problem. As far as DRM goes it is hardly considered trusted computing an it is a very very dumb idea to incude it in any OS for user safety purpose.
But that’s just my 2c.
TPM is actually worse than many people think. The more I read and think about it the more it creeps me out. If you value your and your kids’ future and freedom you should stay away from TPM. I vote with my wallet and buy only TPM and DRM free products.
Excuse me, but there is no way to stop a suicide bomber, ID cards or not…
That’s true you can’t stop a well organized and determined group of terrorists unless you are prepared to live inside a cage and give up any human contact.However we should fight them with all we got,while still not living inside a cage feeling hopefully.
Now i’m without any doubt fiercely against terrorism and oppression.But isn’t it time to think about wether our presence in some countries is meaningless or not?And at what prize.Does the goverment really give a shit or just wants oil and treats the arms lobby to maintain status quo as much as possible for (their) economic stabillity?
Take Iraq for example,it should have been liberated back in ’91,the resistance was ready and left alone.
All you hear in the news is the new prize of a barrel of oil,and the current middle East situation.
If they really wanted to help people why don’t they liberate Sudan?Why don’t they help the starving people in allready at least 7 African countries where the starvation problem is terrifying?
I would rather face the unlikely possibillity of a bomb attack than having nothing to eat for my childeren.
the moral, MS, governments, whover tells you something is a “good idea” then forget it, in fact, fight it
Just be critical and don’t believe everything you hear,see,read.
2005-08-12 4:28 pmraver31
you seemed to have picked up on my point about the terrorism, but missed the main point about the ID Cards.
The UK government are currently almost pushing Biometrical ID Cards down their citizens throats, they are using every excuse you can imagine to try and get the public to vote for them… even though they would cost more than £300 each for every person in the UK, a cost that the government is expecting the public to pay for !
now, I know that the US and UK have armies in places where they do not belong, I live in northern ireland remember, but no matter how much resistance a people have for an occupying force, there is no reason for a man to become a suicide bomber, and less of a reason for a government to say they can stop them..
Be carefull not confuse Trusted Computing with Trusted Merchandizing.
If FOSS supports DRM what OS will i switch to when it casues problems for me in Windows or Mac OS?
… and that’s why i don’t buy it.
I did not say Linux is pro-piracy, I said some people seem to see it that way. Supporting DRM would show people what we already know to be the case: Linux is not pro-piracy.
2005-08-12 5:06 pmAnonymous
Pirates rob ships. The fact that you have already internalized the language of the content cartels shows that they already have won you over, maybe even inadvertently.
As to your comment, Linux cannot be pro or against anything. It is a kernel and it is the expression of those that work on it.
Some linux uses may commit copyright infringement just as I am sure that some Windows and Mac users do.
The incentive is to educate these people and to give them tools, such as the distributed payment system that I talked about before, to do the right thing without violating the rights of those of us that have never “pirated” any music.
Mr Butler, may I humbly ask you to propose alternatives to DRM/TPM rather than to allow yourself to be coopted by those that have neither yours nor the interests of the community in mind.
2005-08-13 8:07 amCelerate
Actually in my opinion TPM and trusted computing will not get rid of piracy, they will simply allow the roles to switch and it’ll be companies screwing over everyone instead of a few people screwing over companies that really don’t suffer anywhere near as much from the losses.
Am I not correct in my recollection that with the iTunes and Napster music store, songs you “purchased” have a limit of mediums they can be stored on, such as a limit of being burned to no mare than 3 CDs. Such limitations do not need to be limited to music, but they are right now because companies are stategically moving slowly into DRM so people won’t revolt until it’s too late. Tell me why I would pay full price for a song on iTunes with rediculous limitations; music CDs used to cost the same considering how much they costed and how much music they had on them. The next step may be movies that will only play on three different DVD players, taking the idea of region code limitations to the extreme. Then comes software that only runs on one computer, can’t be transfered to another computer even if it’s no longer on the first, and works for only three years before shutting down until upgraded.
Of course companies know people won’t accept this right away, which is why they are taking things slowly and planning strategically. An example of how easily people will accept these limitations was made obvious to me when it was rumoured that Apple had TPM chips in their upcoming x86 systems; all of a sudden people went from taunting wintel users and being afraid of “trusted computing” to saying “if Apple is doing it, it must be safe/acceptable/good”.
Correct me if I’m wrong, but didn’t I see TPM in the kernel 220.127.116.11? I could swear I saw an option enable or disable it when doing a make menuconfig.
2005-08-12 5:03 pmCloudNine
If you saw the acronym ‘DRM’, don’t worry, the Linux kernel isn’t taking away your freedom just get, it’s the ‘Direct Rendering Module’ for X11.
Anyhow, this is one stupid idea. If it does get implemented, the Linux kernel will be forked between a version that restricts your freedom totally unnecessarily (i.e. one with Digitals Restrictions Management and Treacherous Platform Module), and the Linux kernel that retains the user’s freedom.
The media companies would not agree with an open-source DRM system, and the open-source community would not agree with a closed-source DRM system. Case closed.
2005-08-12 5:47 pmAnonymous
No, no – a TPM driver made it into the 2.6.12 kernel…… it’s already in.
Have a look here:
Linus Torvalds has released version 2.6.12 of the Linux kernel, a major revision including support for Trusted Platform Modules (TPM), significant changes to many drivers, and other changes.
The revision arrives more than three months after version 2.6.11 and is the first release since Torvalds switched to a different system for managing the kernel source code, a move that slowed development. The 2.6 kernel was introduced in late 2003, succeeding the 2.4 kernel and adding a number of improvements aimed at large companies.
The revision introduces a driver for TPM chips such as those found in some IBM laptops; the TPM is designed as a hardware safeguard for critical data such as passwords. The driver supports TPM devices from National Semiconductor and Atmel. TPM will store cryptographic keys, passwords, and digital certificates, typically on the motherboard. Embedding security measures in the hardware makes a system far more resistant to tampering than does using a software-based security scheme.
2005-08-12 6:16 pmjoelito_pr
So it’s already happening…
And like SeLinux It’s probably not the best thing for desktops but can be usefull on secure servers and professional workstations(Like the IBM and CISCO comercials).
The last thing i’d want is to be forced to use Mac OSX or Windows because of TPM. So I think Linux should be able to deal with it.
A good read on the subject (allthough seemingly a bit biased): http://en.wikipedia.org/wiki/Trusted_computing
2005-08-12 9:47 pmJohn Nilsson
Look it’s REALLY simple. More and more people will begin to use Linux and other FOSS systems. This means there will be a HUGE market.
If you wan’t a pice of that market, you’d bett make sure that your product has a value in that market.
The article shows profound misunderstanding of most of the people that work on free software. We want the world to be more open, not less.
Tell me why I should allow the content cartel to get rights via software that they do not enjoy via copyright. Digital restriction management has no place in a Linux system.
We need to work for a distributed way to compensate artists directly without going through any content cartel, be it the MPAA, RIAA or Apple. Gatekeepers have no place in an open world. A distributed compensation application that allows people to pay artists directly and download unencumbered music from them is what we need.
Humanity is generally good and most people would send a few bucks for their favorite album if they knew that the artist received all of it.
There is lots of unencumbered music out there. Knock yourself out:
TPM will come. Linux isn’t popurlar enough to prevent this, at least not on the desktop. And this could very well mean that many important pieces of information cannot be acquired by non-TPM machines. Linux users would simply be locked out of this information.
However, if TPM is adopted in Linux correctly – and that means with all relevant software being free, because that’s the advantage of Linux – they could participate. TPM isn’t bad per se, it’s only bad if done the wrong way. If Linux takes part in the development, it can show what right and wrong means. If it doesn’t, then TPM will simply evolve without intervention from Linux, meaning that it could in fact become the monster it is claimed to be.
Satan wants to secure your computer. He promises absolute security. You only need to sign right here…
Would you do it? Would you? Honestly? *grin*
TPM was design with abuse in mind. There are no compelling reasons for TPM and many against it. In fact, my institute is in the process of establishing an initiative “Consumer Choice” against TPM and DRM that is designed to inform consumers about the lurking dangers behind these controversial technologies. The initiative is backed by many concerned professors including some the most famous names in computer science.
Hmm we finally get rid of cookies and have TPM instead?
the thing is that like all tools, this can be a good thing or it can be a bad thing depending on how its used.
the good thing is that when you want to set up a secure network you can so, basicly by telling the os to have its kernel and other critical parts signed by the chip and thereby verified. then the same signatures can be sendt over the net so that any servers you access can verify that the system in use have not been compromised.
the “bad” thing (bad depending on what side your on) is that this can be forced upon you. apple can verify that your using a specific version of itunes that have not been modified and so on. this is the first link in enforcing drm.
yes there are ways around this, there allways are. but for the avarage user this will be enough of a lockdown…
2005-08-13 1:48 amAnonymous
The “bad” is much worse than you’re suggesting.
The problem is that DRM gives the vendor total control of the consumer’s software. It is an all-or-nothing proposition.
Want to block reverse engineering? No problem, the debugger won’t run and the data lines are embedded in a chip. Want to block interroperability? No problem and no competition or free market. Want to include subtle malware in your product? No problem and the consumer can never know they’ve being manipulated. e.g. Like the router that randomly redirected http requests to the vendor home page. Except much more sophisticated and manipulative. And completely hidden. Want to expire your product with subtle bugs when the new version is available? No problem. Want to block advertising from the competition? No problem. Want to manipulate the consumer’s perception long term with no alternative viewpoints? No problem.
I would support DRM, but only with very strong legislative safeguards in place. We aren’t even close to that yet. I don’t think many people realise just how badly DRM can be misused to hide illegal activity.
TPM drivers are now available in linux kernel. With plenty of other developments going on…
Even a TPM emulator for linux 🙂 http://developer.berlios.de/projects/tpm-emulator/
DRM/TPM should be used in linux to force enforcement of the GPL. DRM should be used to make GPL bins and src ‘hardtied’ together, inseperable, so GPL ‘binary only’ violations become impossible.
2005-08-12 9:22 pmre_re
how about we just treat everybody like criminals?
i would rather deal with the pains of freedom then to have everybody live in a virtual cage where nobody can do anything wrong.
What exactly is good about encrypting people’s files and refusing to tell them the password ? Yeah they can’t give away the password by mistake. No a virus cannot get stupid users to tell them because they don’t know.
Please explain why I would do this, because I REALLY don’t understand.
There is absolutely no reason to have Linux be a DRM-centric OS like Windows.
It doesn’t make sense to try and make Linux into the ultimate “I want my Hollywood mind pollution!” media player.
There are many of cheap if not free devices that will do a better job — Tivos with hard drives and the like.
While Microsoft will make some small money off of offering a player for DRM-media, this “I want my Hollywood!” is just a ploy by the New World Order to deeply control everything on your personal computer. Under the false pretense of “enabling access”, all “trusted computing” does is to implement a control protocol that removes you, the user, from control of your own machine.
The simple solution is to have a safe computer (no unknown hardware, no Microsoft, etc) and then to use some cheap media device for “I want my Hollywood!”.
Of course, it will become very clear that the people who have done too much “I want my Hollywood!” in life have no skills and are fit only to be soylent green. You cannot move forward in an ever more competitive and challenging world by poisoning your brain with mind-numbing and mind-dumbing Hollywood trash.
I admire your honesty, although i don’t think this is the “new world order”, this may be a step towards that, but as i see it now…. it is govt’s and corporations trying to control the people, noting more, nothing less.
The advantages of trusted computing are not the ablity to running DRM’d content.
It’s about hardware level security. Software that won’t be able to run unless it’s signed by the administrator.
This is a very useful technology. This would mean a great reduction in the amount of malicious software that could run on peoples machines. Don’t try and tell me that GNU/Linux doesn’t allow any malicious software to run, because thats just being ignorant.
I’m sure companies will DRM their the content they provide, well screw them. Just don’t use their content. It’s their right to distribute their content with what ever restrictions they wish and it’s our right to not buy their product.
This technology gets such a bad rap due to peoples silly fears.
2005-08-13 2:54 amre_re
I don’t think you have followed history
In virtually every instance where governments and coorporations have been able to abuse a products or techonolgys they have (without exception)….. why should we believe differently for drm.
Do you really think the government (any gov’t) would not take advangage of drm? I mean come on, think about it, it’s easy control.
I don’t like big brother and I don’t think most others do either.
How about we Leave DRM out of linux.
2005-08-13 12:31 pmg2devi
Software that won’t be able to run unless it’s signed by the administrator.
This is already possible in Linux.
(a) Create a user account, called “guest”
(b) Give “guest” only access to the binaries that an administrator installed. Make sure GCC is not one of those binaries.
(c) If you want to be extra paranoid, set up a chroot or Xen environment.
Problem solved. Yes, it requires the administrator to set things up, but who do you think is signing the software?
Don’t try and tell me that GNU/Linux doesn’t allow any malicious software to run, because thats just being ignorant.
How is this different from TPM? TPM doesn’t prevent malicious software from running, only unsigned software.
Look at who TPM in linux is aimed at. Who is using it? IBM. TPM is not for the average linux user, it’s for the big business where the users are already locked into a limited user account. TPM makes it that much harder for someone without authorization to hack into the administrator level. TPM allows the company to prevent employees from installing software on the company computer that isn’t allowed by said company. In the situations given above, TPM makes sense and is perfectly acceptable. You shouldn’t be messing with the company’s computer anyway.
On your home system, YOU are the administrator, so YOU control who has access and what goes onto the computer. I could see parents using this with younger children’s computers as well. Once they get old enough to figure out how to get around TPM, they’re old enough to be administrator of their own computer.
> […] (Impleementing DRM in a kernel mudule is a bad
Well, they’ll probably implement it underneath any OS kernel, i.e. in firmware cq microcode: http://lwn.net/Articles/146615/
Probably a way to stay clear of this – for now – is to buy only motherboards supported by LinuxBIOS: http://www.linuxbios.org/index.php/Supported_Motherboards
It is always possible to run malicious code on any machine but security should be achieved by a well written operating system. The notion of having to “sign” software invites to abuse and privacy violations from the start. Also, TPM introduces a myriad of other problems and is simply not desirable by any means. After thinking about the various consequences thoroughly I decided not to buy any hardware that has TPM or DRM built in.
I am a Linux user, and I wan’t Trusted Computing as soon as possible.
If companies use Trusted Computing for handling personal information, and give me the source code that handles this information, I would give out a lot more information.
Also, I would connect my blackdogkey or mobile phone to a friends (or public) computer, let it connect to my trusted server, get relevant hardware information for the computer running and see that it doesn’t have any keyloggers or any other privacy degrading software.
He can give me an account with few acces rights – so I get security and privacy, and he get security (so I cannot change or read anything on hes computer that I should not). Then I can use his resources as much as I like – e.g. playing games, and connect to accounts without worrying of my account getting stolen.
The most important thing about trusted computing, is that personal information can only be used for a specific purpouse.
There is a mobile service, that can take a picture of a person, and match it against celebreties. This is a fun little service, but got the problem that a firm now got name/picture and so on connected to a person. This information can go for the highest bidder, so people in stores know who you are, and can make commercials based on that.
I will never use this service, unless it is based on Trusted Computing, and I can read the sourcecode, which deletes my image after processing.
The last thing that would be really nice, is that I can have processing jobs done at facilities without worrying that my computations is recorded – and even sell my own computerpower to whoever wants this.
I will never by hardwaredrm enabled music/videos. It should _always_ be the seller who has the TCPA installed, and never the buyer. This is not the same as saying im against copyright, but just that I can do everyting with the things I buy as long as it stays in my own house.
So if the media companies make it easy to identify the license on music (pretty icons on every file), I will certainly adhere to this.
If enough people have the same way of thinking, a market will be created, which will be filled by however wants to. (Right now magnatune.com, is doing a nod in that direction).
2005-08-14 7:07 amCelerate
I don’t think you really have any clue what this is about, Trusted computing is touted as a way to make your content more secure, but only companies will be able to take serious advantage of it. That example with the “blackdogkey” was poorly worded and difficult to understand, but from the sounds if it you really don’t have a clue what you are talking about.
Trusted computing will provide content providers (ones with $$ in the bank) to get more control over the products they sell and how they are used on customers computers. It will not make your remote connections from computer a to computer b over the internet more secure, it will not make your data private simply by being there, and it won’t keep your friends from using software or hardware keyloggers on their own computers.
Trusted computing could hypothetically be used with some software like MS Office to make sure that a document you wrote will only work on one or several computers you specify, or will only work with the software you specify, or will have stronger password protection that will be more difficult to crack, but that’s about it. Trusted Computing as far as your security is concerned is only going to be a stronger version of the protection already available today, ready and waiting to be cracked; most of what you have implied will simply not happen.
The read advantage of trusted computing and TPM will only be available to major corporations who will undoubtedly cross moral barriers with the stuff; it wasn’t created with users in mind, major corporations invested in it to protect their interests, not yours.
DRM should be kept out of Linux… so what? Do you think this stops DRM? Just think for a moment which market is bigger, the Linux market or the media/content market?
Simply denying the ongoing strive towards DRM by all media companies is extremely stupid. It will not stop DRM, but rather make you unprepared for it.
Oh, and remarks about “unencumbered” content suggest that you haven’t understood the size of the markets nor the precendences set by the consumers. They decide by content, not by encumberance.
When George Bush Jr says he’s fighting for Freedom, who’s freedom is it?
The Freedom for the people to choose what they want?
The Freedom for greedy corporations to screw the whole world over? (We’ve clearly seen the fantastic moves of the RIAA and MPAA, haven’t we?)
DRM = control.
You can dress it up in the form of Windows Vista’s GUI, but there’s no denying its all about control.
There is NO freedom to choose.
They dictate what is suitable for you.
This is the very reason I jumped off Windows in the first place.
To be entrenched with crap like Product Activations, “Windows Genuine Advantage” (which has caused more problems than its worth), and Vista shutting down your display because of DRM enforced HD content…And they expect YOU, the consumer to foot the bill!
Notice how its not advertised?
Tell them to get f**ked.
The day that Linux and BSD get TPM/DRM enforced technologies, is the day I start my own Operating System. Keep that sh*t out of Linux and BSD.
Windows can drown in that crap for all I care.
BTW, Intel’s DRM technology in those Apple Dev Kits has been bypassed. Congrats, wasted time and money on technology which was a walk over.
Has ANY anti-piracy technology worked?
Hasn’t that sunk-in to those dopes in management of those corporate empires?
2005-08-13 7:41 pmre_re
I mostly agree with you
but there is a delicate balance that must be maintained or maybe restored (the balance is teedering), it is important that we keep it somewhat balanced between the freedom and rights of business and the freedom and rights of consumers. If it falls to much to the business side, consumers get screwed, if it falls to much to the consumer side, businesses get screwed and people lose their jobs.
we need a ballance of freedom for businesses and freedom for consumers.
now, that being said, I think DRM would drastically tip this ballance towards business and take rights away from consumers.
What we need to do is launch an add campaign against DRM and highlight the horriable things it can and will do in a way that will get people angry, but not make them think we are conspiracy theorists.
2005-08-13 10:31 pmpravda
we need a ballance of freedom for businesses and freedom for consumers.
You bring up an important point. There exists today in the world a giant dichotomy between a “business” and a “person”. The “person” is often labeled a “consumer” and the “business” is often an artificial person, or “corporation”.
Something as basic as controlling rights to all PCs, content, software, media, etc., should not be put into this “business vs. consumer” or “artificial person” vs. “person” framework.
Like any basic right of freedom, it needs to be part of the law of the land and apply equally to all.
The USA has long passed the point where freedom is increasing. So the USA will not be the place that this happens. The USA will have DRM up the a$$ in every device that can possibly have DRM. It will mess up the fragile US economy in ways that the dumb$hit DRM fanatics cannot even predict. Much business will be driven underground.
The same could be said of any European country or any country under control of the IMF/WorldBank/WTO/etc. There is no real freedom in any of these countries.
And perhaps this massive police state buildup is for the best. Let the current system induce maximum cruelty as soon as possible so a new system with slightly differently flavored cruelty can take its place. Maybe the world is tired of “Classic Cruelty” and is looking forwad to “New Cruelty”.
2005-08-14 7:15 amCelerate
Could you explain to me some of the new freedoms the US has actually gotten recently, and tell me how the PATRIOT act does not in fact infringe on freedom?
I’m saying I don’t believe you, I would simply like to compare our observations to find out why exactly they don’t match.
Couldn’t agree more.
Did you know they have conducted a labtest on samples taken from the WC’s (toilets) of the european parliament and where really suprised to find so much residu of cocaine sniffing.These guys have to make policy against terrorism and crime.
no in fact, a really stupid idea
in fact, so stupid, I cannot believe I read the whole article…
we do not need DRM in linux, no matter if Ipods need it, no matter if microsoft make it compulsary on windows
we do not need it with FOSS
in fact, we need people to use open standards like Ogg Theora and DIRAC