Home > Privacy, Security > AMI Guy Talks About TCPA, Palladium, and Other BIOS Issues AMI Guy Talks About TCPA, Palladium, and Other BIOS Issues Eugenia Loli 2003-01-17 Privacy, Security 17 Comments Brian Richardson, AMI’s engineer, replies to a long interview on Slashdot about TCPA, Palladium, and other BIOS issues. Interesting read. About The Author Eugenia Loli Ex-programmer, ex-editor in chief at OSNews.com, now a visual artist/filmmaker. Follow me on Twitter @EugeniaLoli 17 Comments 2003-01-17 6:21 pm TCPA allows an un-forgeable check of the configuration of any given machine (and sealed storage, which is an even bigger disaster). Websites that now check for the browser-id field, will check using tcpa, and since you cannot lie about your config, these sites will truly be windows-only. Same thing for programs. This is what tcpa is good for (what it WILL be used for) “forced incompatibility”. If your os supports taking screenshots of my site, I will not allow you. If you os doesn’t let me install spyware, you will not connect with my network, … This means (obvious consequences only, there will be many more) : no more msn for linux users, no more hotmail, no more access to ANY windows-only site (which obviously include government sites, online stores, …). Look at the ‘”use cases” on http://www.trustedpc.org . <quote>Keys can be bound to a specific platform (ie to windows)</quote> A bit further we will go with DRM. Which will be used to impair fair use, prevent you taking screenshot, prevent you from copying any music file to anywhere (you will need to pay double for listening on your pc and your mp3-player) … 2003-01-17 6:34 pm I agree, but it will take a long time. It may take years for a large enough mass of people to have these bioses; maybe *never*. As little as I trust MS, they’d be shooting themselves in the foot to require hotmail & msn et al to require these bioses for, at a minimum, 5 years. Then, however, we’re all in big trouble. “My” computer will no longer be mine. Hopefully, in the future I can just buy an black market taiwanese/korean/etc box which will still let me do what I want (run linux, write my own code, etc). 2003-01-17 6:45 pm After reading more, and understanding a bit more, I’m no longer quite as paranoid. The whole framework has a shocking potential for abuse (e.g., not letting you write your own code, not letting you boot alternative OSes, etc) but in and of itself, it doesn’t seem all that dangerous. In fact, it seems in some ways a good idea. Let’s just hope that cooler, not-Microsoft heads prevail here. And note: I’m not saying MS is evil above! But we all know that the only thing MS truly hates is competition, and if they can strongarm manufacturers into making MS locked down hardware, you KNOW they will. 2003-01-17 7:05 pm I don’t like interviews like this. They show one of two things: 1. The person is being very careful about what they say so as not to upset anyone on any side with any “realistic and honest” responses. 2. the person is completely convinced that Palladium/DRM/whatever is a good idea (for business or people??). This is more frightening by far than number 1 above. I honestly see ZERO benefit to consumers through this “new technology.” Though they have all kinds of pseudo-beneficial claims to make… All I see is corporate benefit: increased profit for a limited few corporations via the further limitation of our already abused rights (our choice of software, fair use rights, etc). 2003-01-17 7:49 pm Actually, unless a substantial amount of pressure is placed on companies such as AMIBIOS from ordinary users, they and other “privacy-breaking” technologies, WILL gradually make onto into standard PCs, within a few years. History has proven that. AFAIK, at the moment only techies care so much about Palladium/DRM/whatever. 2003-01-17 8:18 pm If I run say Vxx on Linux/Mac, guesting Windows, I have a BIOS that exists only in simulation in the Vxx files. Hence it can’t be as secure, this would seem to be a back door. So VMWare/VPC will fix this, but another OpenSource Vxx could come along and pretend to support TCPA etc yet being open would allow it to be modified. When I booted VPC guest I think I saw a very simple AMI BIOS so I guess VMWare & VPC are both regular BIOS customers too. Still, I would think that a guested Windows could be made to pretend to be something it is not! 2003-01-17 9:06 pm He didnt answer anything. he used his knowledge of the technology to jump around the issues without really answering what benefits it has for the people that use their crappy bios. He may think that hes only selling to the board manufacturers,, but the board manufacturers are reselling it to us. So we ar e their customers by third party intervention. He only talked about customers not users, also.. 2003-01-17 10:04 pm This means (obvious consequences only, there will be many more) : no more msn for linux users, no more hotmail, no more access to ANY windows-only site (which obviously include government sites, online stores, …). Look at the ‘”use cases” on http://www.trustedpc.org . <quote>Keys can be bound to a specific platform (ie to windows)</quote> The problem with this sort of thinking is you forget that for the first few years there will still be old versions of windows running. Not everyone will upgrade. So to stop Linux users would also block out most of the old windows users. Most sites would not do this. Some will start using it to distribute certain contents like movies, music etc. The big question is. Will people upgrade to palladium en masse to get such content or will it trickle into effect. Also the Linux sites will not use palladium because they don’t need too. This will create a huge rift in the web if succesful. Just like MSN could have been. But history shows that the web mostly wants to be free. If on the other hand palladium allowed websites to charge per view easily then I can see a lot of websites swithcing real quick. 2003-01-18 1:33 am >>>>I honestly see ZERO benefit to consumers through this “new technology.” Who ever said this is a consumer technology. TCPA is designed for corporate desktops, which is something like 8 out of every 10 PC’s sold in the world. If TCPA can lock out the everyday office worker from doing silly things like installing their own programs themselves or downloading unauthorized softwares, then ten’s of thousands of IT department staff can be laid off. That’s why corporations want it and that’s why silicon valley is designing it. 2003-01-18 1:44 am As the article said, TCPA is vendor-neutral and Linux can implement it. It is just like saying PGP or SSL would block competition. 🙂 2003-01-18 1:54 am >>>As the article said, TCPA is vendor-neutral and Linux can implement it. It is just like saying PGP or SSL would block competition. 🙂 And the first linux people to implement it will probably be RedHat. RedHat will spend hundred’s of thousands of dollars doing TCPA compliance and have a valid signed key for their paying customers. You can still download the source code and binaries for RedHat linux for free, but you won’t get the signed key. TCPA is a god-send for linux distributors looking for a business plan. 2003-01-18 3:14 am It is just like saying PGP or SSL would block competition Except it will cost so much for certificates that small and free Linux distros will be put out of buisness. Also Palladium doesn’t allow you to alter the software and keep the cert. Everytime you recompile the kernel you will need to re-cert. 2003-01-18 3:27 am >>>Except it will cost so much for certificates that small and free Linux distros will be put out of buisness. You don’t see RedHat and SuSE crying over it. In fact, it could the perfect business plan for the smaller linux distributions who rely on selling their distributions at your local retail store. Cuts off the freeloaders who download these smaller distributions without paying for them. The majority of commercial linux distributions have lengthened the period between releases (to somewhere like 18 months for RedHat Enterpise edition), so they are only shelling out the money on re-cert every 18 months. >>>Also Palladium doesn’t allow you to alter the software and keep the cert. Everytime you recompile the kernel you will need to re-cert. Palladium is Microsoft. You mean TCPA. Who knows exactly what you did when you recompile the kernel, that’s why re-cert is necessary. 2003-01-18 5:14 am >>This is what tcpa is good for (what it WILL be used for) “forced incompatibility”. If your os supports taking screenshots of my site, I will not allow you. If you os doesn’t let me install spyware, you will not connect with my network, …<< you act like these are bad things, i think this is great. There very well may be down sides but this isn’t it. I think in many ways what people fear (these people being towards the everything should be free persasion) is they won’t be able to go around and rip everything off the net. You will have to start to obey copyright laws and the wishes of the creator, or site owner or publisher etc. Many people do not agree with everything free idea. This may be surprising but many people out there obey all copyright laws, the wishes of companies, EULA’s, and so forth. they buy their music, they buy their software. And for these people it will only help them. The have more power to stop being ripped of if they create something. Nothing in this had anything to do with not being able to play music on differant machines and such, this is differant issues. >>This means (obvious consequences only, there will be many more) : no more msn for linux users, no more hotmail, no more access to ANY windows-only site<< yes, once again this is fine. You chose to use something differant, these services have no reason to work with you over your desision. If you want to access them install windows. No body is stopping you. Just because it’s not what you want doesn’t mean it’s wrong. If not being able to access these things bothers you it would stand to reason you wouldn’t want to use them for the same reasons you don’t want to use windows. If you can’t work with this your simply missing the reality of the world. The world is not going to work on your ideas. There will be things that hamper opensource and such. This is opensources problem. The world for the most part does not care. Just because you come up with the way something should be, and then something stops is doesn’t mean it’s bad, it means you need to work with it or around it. 2003-01-18 12:45 pm Okay, how much is it for a TCPA certification? After all, you seem to know a lot about the pricing of this. Palladium isn’t even release, don’t talk about that. How much TCPA certification cost? Besides, how many people, especially Linux customers actually recompile their kernels? How many of them are interested in TCPA? 2003-01-18 3:41 pm You know what? nobody knows yet, which I *THINK* is your point. None of this stuff has been decided, and there’s no “TCPA compliant” branding and certification process yet. If there is, let’s hope it is made affordable, or “tiered” for corporations (more) to small businesses (less) to individual software developers (reasonable) individuals (very little or free). That way, certs and re-certs can be managed. Don’t know what Palladium and LaGrande will become, but at least TCPA isn’t controlled by one company. –JM 2003-01-18 3:59 pm LG is just Intel’s implementation of TCPA. Doesn’t really promises as much as Palladium. It is just integrated into its Banias chipset.