Slashdot Mirror

Apple's roadmap: an OSX kernel built around the TPM built into all new Intel Macs... allowing Apple to enforce hardware DRM, and force you to run or not run certain pieces of code and execute their own code in secret, outside the view of debuggers or scrutiny. I hope *you* trusted *them*. Basically, Treacherous Computing is the dominant thing on Apple's roadmap... just as it is on Microsoft's.

Apple closed the code because they are rearchitecting the system around Trusted Computing. New Intel-based Macs have a TPM (hardware DRM chip) built in, and (among other things) this allows Apple to hide what the code is doing, and allows them to verify that you are only running code that they approve of, for DRM purposes. If you can recompile the kernel, then this is meaningless... so Apple is simply making explicit what has been obvious for a long time. Very soon... the Apple architecture will be designed around Trusted Computing, and unless you have Apple's blessing (and they sign your code), it will not be trusted... and effectively, Apple will have total and complete control over the machine and be able to operate with total secrecy with the hardware protecting their privacy, not yours.

See here for some more examples of what this hardware does, and what Apple has planned.

So you think you control your PC or tape deck ? Think again.

Another cleaner, cheaper route for Titanium production has been developed in Cambridge, UK.

Reach about the FFC Process for Titanium Extraction.

"Nreuuoms pmeeononnhs peossss uiapocmltecnd etaaoilxnpn; nwttdtsniinoahg, the pdseuo-snfiiiectc spssliiimtm is not snfiiiectc and eieecndvs are oetfn mdanleiisg"*.

Though it may be (almost) true, there is little evidence that an English university actually did studies that show this. For more information visit http://www.mrc-cbu.cam.ac.uk/~mattd/Cmabrigde/

Herold: [In environments with] heterogeneous operating systems, VMware is the clear leader. Microsoft's recent addition of Linux support to Virtual Server shows they are moving in the right direction. While Xen has consistently mentioned that they have been able to get Windows booting, it has been eerily quiet lately on that front."

http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
A port of Windows XP was developed for an earlier version of Xen, but is not available for release due to licence restrictions.

If that is not a slander, i don't know what is. Perhaps Herold mispoke, I don't know. However going by the context and the purpose of the article, a cozy little place may be waiting for him in a marketing department.

Nice advertisement for VMWare, but Xen destroies VMWare in every benchmark I've yet seen. I understand they are taking different approaches, but with new CPUs supporting Intel's VT VMWare's OS advantage suddenly disappers. It should be a huge red flashing sign since VMWare's license doesn't allow benchmarks to be published. This page shows VMWare can compete in some places, but is pathetic in others. I don't know what makes them claim ESX server so much better than Xen, maybe they are trying to say VMWare is more stable? Because from my testing, Xen puts VMWare in the dust.

OpenVZ, which is a subset of the commercial Virtuozzo product, is being lobbyed for inclusion in the kernel.

Although Xen requires patching of the kernel, it is the best performing open source virtualization layer at present.

I'm being picky but... it's 11/9 since 9/11 is confusing and could just as well mean 9th of November as it could 11th of September. International date-time standards has the facts.

You Christian being from Sweden of all countries would know how to write a correct date.

From a marketing standpoint, this is the only way Microsoft is going to get a lot of people to buy their new OS.

I can only speak for myself but from what I've heard, Vista will offer few enhancements over XP that I really need in an OS. Better searching? I don't particularly need it, but Google Desktop. IE7? Not a chance, Firefox has me hooked and has many more features. "Gadgets"? No thanks, but Konfabulator (now Yahoo Widgets) if you wanted them.

Additionally, I'm still concerned about Microsoft's (and other companies') plan to control our PCs, even though we haven't heard a lot about it recently. So by the time Vista comes out, I'm likely going to move over to a Linux distribution, probably either Ubuntu or Gentoo, and this is really the only thing I might still want out of Windows: gaming.

This move smacks of Microsoft-brand lock-in, and it still won't convince me to move.

Well I only browsed through the article but more information would have been welcome... what architecture does it support, how does it compare to Xen and other similar products, where do you download it, what license is it under, can I run it on my toaster, and most importantly how long does it take to complete an infinite loop?

24. So why is this called `Trusted Computing'? I don't see why I should trust it at all!

It's almost an in-joke. In the US Department of Defense, a `trusted system or component' is defined as `one which can break the security policy'. This might seem counter-intuitive at first, but just stop to think about it. The mail guard or firewall that stands between a Secret and a Top Secret system can - if it fails - break the security policy that mail should only ever flow from Secret to Top Secret, but never in the other direction. It is therefore trusted to enforce the information flow policy.

Or take a civilian example: suppose you trust your doctor to keep your medical records private. This means that he has access to your records, so he could leak them to the press if he were careless or malicious. You don't trust me to keep your medical records, because I don't have them; regardless of whether I like you or hate you, I can't do anything to affect your policy that your medical records should be confidential. Your doctor can, though; and the fact that he is in a position to harm you is really what is meant (at a system level) when you say that you trust him. You may have a warm feeling about him, or you may just have to trust him because he is the only doctor on the island where you live; no matter, the DoD definition strips away these fuzzy, emotional aspects of `trust' (that can confuse people).

During the late 1990s, as people debated government control over cryptography, Al Gore proposed a `Trusted Third Party' - a service that would keep a copy of your decryption key safe, just in case you (or the FBI, or the NSA) ever needed it. The name was derided as the sort of marketing exercise that saw the Russian colony of East Germany called the `German Democratic Republic'. But it really does chime with DoD thinking. A Trusted Third Party is a third party that can break your security policy.

> a screen would have to show different images depending on the angle

In theory you might be able to do that, using the same sort of principle as lenticular animations, with a holographic lens. For some applications you could get away with only doing it in two dimensions, so you show up clearly to anyone lying on the ground looking up at you silouetted against the sky, or anyone looking down at you from a staircase, but not to anyone with eyes at normal head level. Slightly more plausibly, you can be hidden from one particular person whose movements you track (using your magic nano-cameras) and show the image needed for their viewpoint only.

http://www.cl.cam.ac.uk/~nad/pubs/IBC99-Dodgson.pd f
http://kagakukan.toshiba.co.jp/en/02visual/newtech 101.html
http://www.opticsexpress.org/ViewMedia.cfm?id=8665 4&seq=0

Unicode isn't a character encoding, it's a character set. According to this unicode faq, there are 13 different encodings for Unicode. Switching to Unicode doesn't help the problem of character encodings.

*sigh*
make that link:
http://www.cl.cam.ac.uk/

d'oh

This could become a case of chickens coming home to roost with China and other U.S competitors and adversaries using the TCP (Trusted Computing Platform) to have a back door to computers they produce and which are sold to businesses and governments all over the world.

All they need to do is to make note of the keys or signatures from the TPMs(Trusted Platform Module) that are embedded in every modern PC.

In fact this illustrates the greatest challenge of TCP based DRM. Who will be the key escrow / signing authority in a world where China, Russia and India increasingly shun away from U.S centered IT solutions.

Its all about your right to read.

That sounds like a great idea, but how can all that be accomplished without a noticeable performance decrease of nearly everything a user runs inside the guest OS?

It depends on the approach you take to virtualization. Xen offers near-native performance, but it requires specially-modified versions of the guest OS (not a problem for Linux, but it keeps Windows from running). VMware imposes more of a performance penalty, but it can virtualize a closed-source OS such as Windows or OS/2.

For a practical data point, I run my web/mail server on a Xen-based VM hosted by these guys. I've not noticed any performance problems with the apps I'm running--djbdns, qmail, courier-imapd, Apache, TWiki.

You might also want to consider Xen. Coupled with a CPU supporting virtualization it offers most of the benefits of VMWare with no slowdown whatsoever.

No need, they've already done it for him.

Have they?

Do they have a version somewhere where the entire application can be controlled from a mouse with no buttons (like, say, one of those foot paddle things you could wiggle around with your last working muscles)? In a language other than English?

I guess you could pay microsoft to make you one. If you were rich enough for microsoft's attention span. Or, you could hire a small team for a few hundred man-hours and hand them the ODF spec, and get back a product that will do what you need it to do, how you need it to do, probably without going over-budget on a government grant if you got the right guys.

Supposedly the handwriting recognition of Windows Mobile is very good.

I think that handwriting is a MUCH better approach than trying to do voice recognition, which another poster said. You could use it in a croweded room and not worry about either interference or being heard, or in a library. Depending on the application, handwriting recoginition could be better than a keyboard too. It'd probably be faster for almost everyone (even if it would be possible to type faster, I would guess almost no one would spend enough time learning to reach that point) and would have essentially no learning curve.

Finally, you might look at a project called Dasher. I don't think I'd actually want to use it for anything big, but it's a very interesting concept and pretty darn cool.

Can you recommend a good website with some tutorials and examples?

I don't know whether it's good, but suggestions for improvement are welcome for this example/tutorial. A summary of what's there:

This is a sample LaTeX document. You can use it as a start for your own. We give examples of basic LaTeX writing, including using a .bib file for handling bibliographies. We explain how to use the graphicx package to include postscript or PDF figures and the hyperref package to produce an automatically hyperlinked document and to add URL's to your document.

Secure Historied Personae are the best proposal I've seen to sever the competing relationship between privacy & network security.

A network would grant nyms on a truly anonymous basis, but a newly acquired nym would only be as good as the door it comes knocking on decides it should be. That could be based on (still anonymous, but historied) individual encounters, or on what information the nym owner is willing to disclose in return for the right to access the resource in question.

Just like eBay accounts and /. karma, a nym reputation would take time & effort to build up, after which it'd be very much worth preserving. If the system is well secured against nym tracing *and* against forgeries of nyms or their histories, I think that'd represent a substantial improvement to both the privacy and the abuse prevention fronts.

http://en.wikipedia.org/wiki/Pseudonymity

Pseudonymity in the light of evidence-based trust
http://www.cl.cam.ac.uk/Research/SRG/opera/publica tions/Papers/spw04.pdf

Essentially, it boils down to this: the PC hardware itself checks whether you are running the right binaries, and if not, the other end (be it across the internet or a Blu-Ray/HD-DVD drive or anything else with a TC chip included) won't trust you and you don't get the content. Basically, you can't fork the code because it won't work anymore, as you don't have the key to sign the binary and make the hardware trust it.

It also, just as a bonus, lets companies like Fluendo take Free software, make deals with content owners to only work with *their* signed binaries of Gstreamer. In other words, taking Free software and making it proprietary. It's the same thing that Sun is doing with its "open source" DRM... that relies on TC hardware to ensure that you haven't just recompiled their "open source" to remove the restrictions and controls. Naturally, Fluendo and Sun are buddies, and Fluendo has signed up to Sun's version of "open source". Amusingly, Christian Schaller (Fluendo) used to be a big critic of people abusing Free software by calling it "open source" and wrote articles imploring others not to use it. But then he started to get corporate money... and now he's quite happy to steal other people's code to make his DRM framework.

http://www-uxsup.csx.cam.ac.uk/~fanf2/hermes/doc/t alks/2004-02-ukuug/

is how the University of Cambridge do it....

lots of nice details in there

This seems kind of fooliwh. You don't actually own either the Mac or Windows OS, anyway.

You own the hardware on which it runs... a fact that seems to escape you. If the hardware actively hides things from you, under the control of software (and not your control), you don't own it any more. Hence, you don't own the machine.

And all computers are full of chips in little sealed packages with their insides hidden away from the consumer.

None of those chips are "secret". None of them are designed to preserve the secrecy of software away from the owner of the machine. I'm not surprise to find Apple supporter defending this hardware, and not understanding the implications. I suggest reading up on what is possible with a TPM -- not only does it allow Apple to create encrypted shell within the Mac, in which you have no idea what software is running or what it is doing (previously you could use a debugger)... but also remote attestation... to force you to run or not run only code that they specify. Furthermore, they can update the software and add new restrictions and controls at any time... and as I said above, this all happens covered by encryption. You won't even know what is going on, nor will you (or someone with more clue) be able to hold Apple responsible by finding out. But still... no doubt you will still defend Apple for including a Big Brother chip in your machine.

If you'd like a more authortative and technical description, go here. For the Ross Anderson's (Cambridge University) description of just what this hardware implies you for Apple devotees... it might make you less of a bunch of ignorant compliant sheep (doubtfull, but I have to try).

It is on the motherboard now, but it will be in the processor. Read the TCPA FAQ if you haven't already for the details. Suffice it to say that the technology is quite evil.

The reason we are in so much trouble now is only partly to do with the media companies. They pushed for DRM systems, and the computer industry (or rather Microsoft, Intel and Compaq) setup the secretive Trusted Computing Initiative. A system designed to introduce DRM into the PC... without distrupting current applications, of course.

Trusted Computing rolled forward slowly for 8 or 9 years... all the while Intel and Microsoft (and now HP) were busy rearchitecting software protocols and designing things like HDCP.

Now we are in a situation where most of the big technology companies have all signed up for this Trusted Computing stuff... and very few people seem to be asking the important questions. You may ask why I said the music industry is only partly responsible? It's because this has now gone way beyond them. Companies like Microsoft and Intel now understand that DRM is about far more than music and video. DRM is, fundamentally, about the hardware encforcing access to data "X" only to code which matches the digital signature "Y". They can enforce absolute control over what code gets to access a piece of data... if you code doesn't obey their arbitrary rules, it doesn't get access. For example: an application that accesses a particular word processing document must be written to ask a Microsoft Rights Management server (perhaps on the internet) what the user can do with this document -- are they allowed to open it at all, how much does it cost, how long can they keep it open, can they print etc etc. Applications which haven't got the correct digital signature doesn't get access by default. You, of course, have no say in any of this. You can't make a decision to trust... it is made for you, because *you* aren't trusted.

This technology allows tech companies to completely control a PC... to specify what it can and cannot do. To be the brokers for access to digital data (be it music, video, emails, word processing documents) -- the hardware is essentially a big brother chip on the motherboard. So you see... DRM is far beyond music and video these days. The tech companies all know how much power it will give them, and they all want it badly. And if you think using Free software will save you... it won't. This hardware operates on the digital signature of a binary. If you have the source code for a program, you can't compile it and use it as you did because you can't sign the resulting binary.

This is where Real's claims come in... to implement DRM, you first need to ensure that the kernel doesn't do anything you don't want it to (that it is "Trusted"). What Real is talking about is an unmodifiable Linux kernel... if you change it in anyway, it is no longer trusted and won't be allowed to access the data. Interested parties might also like to ask Red Hat just what the fuck they are doing working on the Linux equivalent of Microsoft's Protected Media Path -- a technology that relies on you not being able to modify your own software... so much for Red Hat being a supporter of Free software. They don't like talking about this much, for obvious reasons. Considering how much influence they have over the kernel, they should have to. One might also consider just what their game is with SELinux -- that's the basis for a DRM system when it is tied with an unmodifiable Linux kernel and TCG hardware (indeed, that was it's original design purpose at the NSA... only for controlling access to intelligence information, rather than music).

More information:

Trusted Computing' Frequently Asked Questions

EFF: Trusted Computing: Promise and Risk

Virtualization is really cool.

But Parallels seems pretty dangerous; I was curious about how it can claim to be a Hypervisor based system but not require restarting after installation. This made no sense to me as a real hypervisor runs underneath all of your full OSs including the so called primary OS (see Xen and The Art Of Virtualization. So I downloaded the linux tarball to see what I could learn about how this amazing new hypervisor works.

Fortunately for me, the source code to some of the kernel modules was included in the tarball. I have not completely analyzed it, but have found a few things that trouble me pretty deeply. For example:

Extracted from parallels-2.1.1670-lin/data/drivers/drv_main/ioctl s.c

<snip>

if (copy_from_user(&mFunc, arg, sizeof(struct monitor_functions_def_t) * MONFUNC_COUNT))
          break;

/* setup functions pointers */
for (i = 0; i < MONFUNC_COUNT; i++)
          param->iData.MonitorFuncs[i] = (monitor_funct_t)mFunc[i].fId;

/* initialize callbacks */
vmSetExports(param);

/* Monitor open */
if (param->iData.MonitorFuncs[MONFUNC_OPEN]) {
          ret = param->iData.MonitorFuncs[MONFUNC_OPEN](&param->dr vInfo, 0, param);
}

</snip>

This is part of the ioctl() handler for a device created by the drv_main module installed by Parallels workstation.

Basically, it copies some function pointers in from user space, installs them as event handlers (for what I'm not entirely sure yet),
then calls one of them! RUNNING AS KERNEL CODE! And it presumably calls the others at some point.

It is true that prior to this there is a check to ensure some salt matched the value provided at module load, but this seems incredibly dangerous. It is effectively creating a rootkit installation device. Learn the magic salt and own the machine. I was pretty excited about this product until I started digging. Given my interpretation of what I've found I don't think I'll be installing anything from Parallels any time soon.

As I said, I haven't finished analyzing the code. I could be wrong, but this sure looks bad. If someone from Parallels (or anyone else) would like to convince me that this isn't exceedingly dangerous they are certainly encouraged to try.

Indeed. That didn't stop them from trying, though - prior to the introduction of computers, Chinese typewriters for a long time had more than 2,000 individual characters on their keyboards. Take a look here:[http://www.msm.cam.ac.uk/phase-trans/2004/HI T4/HIT4-Images/25.jpg%5D and here: [http://acc6.its.brooklyn.cuny.edu/~phalsall/texts /chinlng2.html%5D (at the bottom of the page).

Interestingly, the typists still had to stop and manually write in about every 10th character.

Gotta give them points for tenacity, if nothing else.

"Some colleges and departments at Cambridge University also ban Skype"

honestly, i'm happy to see competion in the virtualization market...but those two open source products meet my own needs as well, and in some ways better, than vmware did

So why not block/filter these services? Skype and p2p "borrow" bandwidth. A student installs Skype for their _own_ purpose. The student has imposed an outside demand on the college network. The student will in general not have a grasp of what extra load they have imposed on the college network. How much of a load is determined solely by the Skype program. It is closed source, and so you are left assuming that Skype is all they are leeching.

The banning of Skype at some departments and colleges at Cambridge comes as no surprise to me.

I was at Cambridge during the late 90's-early Noughties, and I seem to recall a number of stern warnings to students about bandwidth usage from both College and University computing authorities. One of them even included a plea to use European or British mirrors as much as possible.

The shame is that while the Cambridge University Data Network had bandwidth to burn within Cambridge, it seems that the trouble was always further upstream on JANET.

Things got so bad that there were rumours at the time that the poorer colleges were going to start charging their students for bandwidth. I never heard anything of it, and it didn't stop the proliferation of p2p (both in the form of Napster and samba shares) in my time there.

"Unfortunately, Xen hasn't learned one of the prime lessons of history: partnering with Microsoft is merely the first step towards being put out of business by Microsoft."

*rolls eyes*

"Xen is Open Source software, released under the terms of the GNU General Public License. [emphasis for the thinking impaired]"

Also

"Work on Xen has been supported by UK EPSRC grant GR/S01894, Intel Research, HP Labs, Microsoft Research, Network Appliance, and XenSource Inc. [emphasis for the "website? What website?" impaired]"
--
http://www.cl.cam.ac.uk/Research/SRG/netos/xen/

If you scroll to the bottom of the Cambridge page (http://www.cl.cam.ac.uk/Research/SRG/netos/xen/), you can see that MS Research was involved with its development.

MS is calling it a "hypervisor", and plans to include it in Vista (probably as an add-on, later).

I don't doubt that giving away Virtual Server is related to putting a stop on VMWare. At the same time, they may see it as a non-issue, long-term, because they aren't likely to make a bunch of money off of Virtual Server when the hypervisor ships.

Of course not! India has always been using the dd/mm/yyyy format, and 4/1 means 4th of January.

It is true that in China, 4/1 means 1th of April, but that's because they use the yyyy-mm-dd format, which is a logical order (most significant–least significant), unlike your American mm-dd-yyyy order which makes no sense.

The ISO standard (ISO 8601) is to use yyyy-mm-dd (as you see in dates on Slashdot and all websites that actually realise it's the World Wide Web).

To prevent ambiguity, it is best to spell out the name of the month in full, when you are not specifying the year, and there is no way of telling whether month/date or date/month is being used.

Compilers are being held back by the programming languages chosen by developers. As hardware concurrency increases, the technology behind compilers for imperative and procedural languages (C, Pascal, Fortran, Java) shows just ill-suited it is take advantage of that power. Instead, we will need to move to new languages that will enable compilers to optimize for concurrency

Such languages exist and have been around for quite some time. Occam was originally designed for the transputer which was supposed to herald the arrival of seriosuly concurrent computing back in the 1980s. As it happened the transputer never took off and Occam has remained a largely fringe language (though it has continued to develop). If you want to have easy to write highly concurrent code with a compiler that can optimize well for concurrency then Occam might be a good place to look.

For a range of other experimental options there's JoCaml (based on OCaml), Pict, Acute (extending OCaml), and Cw (pronounced C-omega) (an extension of C#) which all make some use of Pi-calculus ideas. Some are more experimental than others.

Jedidiah.

Could try the Cambridge University Library cataloguing system, which shelves books on the basis of book size in four (IIRC) separate categories. It's counter-intuitive at first, but very effective at saving space. Link: NEWTON catalogue.

Yes, it runs Linux

Science is the practice of using long words to make things that explode, and is the number three cause of deaths in Americans under 45. Science is performed by Scientists, a cannabalistic but peaceful race who resemble rats more than humans and live deep before the earth. By far the most important scientist today is Pope John Ratzinger, inventor of DNA. Without science, life would not be possible and we would all have to live in big piles of stacked rocks, because we wouldn't be able to invent nails or hammers or wood.

Resources

        * "The Vatican Website". Biography of Pope John Ratzinger.
        * "U.S. Department of Defense". The inventors of science, and giant laser enthusiasts.
        * "NEWTON BBS Ask A Scientist". This site is crap. I don't know why we're linking it but everyone on the talk page is a huge fanboy for it so there you go.
        * "Herbal viagra". Herbal viagra cheap grow a bigger today.

My Laptop is a full 3Ghz P4 with 1 Gb of 400DDR ram dual channeled (DELL Inspiron 9100).
I also have a 7200RPM drive with 8MB of cache... it's a monster really. ;)

I've been using gentoo linux in my VM as my primary work VM for some time now (SAP and Linux admin work) as well as a XP guest for .NET dev a RH8 guest for C++ dev and a win2000 guest for Delphi dev.

I've also inatlled the latest SAP Netweaver server as a VMWare, but that was only looking for trouble as 700MB of RAM just did not cut it.

I've tried the kernel optimizations suggested on the gentoo forums for a more responsive guest on gentoo, but this only gave me a kernel panic.

Perhaps I'm spoilt using native? -grin-

Don't get me wrong, I can live with the performance knock that vmware gives me so that I can get a stable, portable and consistent work enviroment(s). I am running 5.5 (and was using the beta before that to get the SMP support. I've set up the graphics to work with my laptop's native display of 1920x1200 under linux and windows.

I've reconverted all my disks to be fixed size, and do not use snapshots either.

I've disabled practically all my services not needed for games on my host to boot, so my host *should* not be very busy.

Anyway... it's all moot now... I got my MacBook Pro 2.0 GHz (2GB RAM) just this morning!

*cheer*

And, yes.... it's fast. The first thing I did was re-partition it in preparation to installing XP later.

I'm already doing my (linux) work from it now and typing this too.

As for the 95% of native speed... I also get that sometime... it depends on what you do... check out these benchmarks using the (admittedly old) VMware and Xen:

http://www.cl.cam.ac.uk/Research/SRG/netos/xen/per formance.html

The latest 5.5 uses cool new tech that uses built-in virtulization support of some CPUs. Perhaps my CPU is just a wee bit old? My experience is not as bad as the link suggests, but it's still not native.

Only time will tell... ;)

Refer http://www.cl.cam.ac.uk/Research/SRG/netos/xen/ or http://en.wikipedia.org/wiki/Xen_(virtual_machine_ monitor).

From what I gathered from the article, it looks like Red Hat is porting their distro to the Xen virtual machines and then packaging that with the natively-compiled OS as a virtual machine manager. It's nice to see a distro pick up Xen officially and package it an easy-to-use way, since Xen has very impressive performance. The article or the summary probably should have included a link to the Xen web site, so if you want to know more: the Xen site.

chromatic abberation test

you won't see the effect unless you're wearing glasses though.

Ok they specify that this "L4Linux" is a modified kernel to allow linux programs to run. Now is it using a virtualiztion layer and running a FULL kernel or is it a PARTIAL kernel that simply provides familliar hooks that the real linux kernel uses.

If it is a Partial kernel do they have plans to include something like Xen to allow for the use of this as a server base and then have linux on top?

Somebody set me strait.

I don't know about all countries, but certainly in the UK you can usually change both your debit and credit card PINs.

It looks like you can, but in reality you can't. Generally the bank creates PINs which are fixed for the life of the account. What you receive is that PIN xor'd with a random mask. You can change this random mask. The banks can verify whether PINs are what they should be for a given account.

Lots of information about PIN security can be found in articles about decimalisation table attacks, for example this paper.

It seems to fit with Microsoft's support of Xen...

"Work on Xen has been supported by UK EPSRC grant GR/S01894, Intel Research, HP Labs, Microsoft Research, Network Appliance, and XenSource Inc."

http://www.cl.cam.ac.uk/Research/SRG/netos/xen/

and for you conspiracy theorists...

"the Xenoboot system for remote boot and management of x86 machines on the public Internet."

http://www.cl.cam.ac.uk/Research/SRG/netos/xeno/

It seems to fit with Microsoft's support of Xen...

"Work on Xen has been supported by UK EPSRC grant GR/S01894, Intel Research, HP Labs, Microsoft Research, Network Appliance, and XenSource Inc."

http://www.cl.cam.ac.uk/Research/SRG/netos/xen/

and for you conspiracy theorists...

"the Xenoboot system for remote boot and management of x86 machines on the public Internet."

http://www.cl.cam.ac.uk/Research/SRG/netos/xeno/

http://www.cl.cam.ac.uk/Research/SRG/netos/xen/

There's surprisingly little discussion of this... I remember, about 8 years ago, hearing an Intel engineer talking about how the next step in security was going to be ensuring that a PC was secure against its owner -- along with his updates on such things as encryption from end-to-end with media. I said at the time that what Intel was planning was nothing less than a total lockdown of the previously open PC platform.

And here we are... the final step. With this hardware in a PC, it does not belong to you... you have paid for a car with the bonnet welded shut and no keys.

It's important for everyone to realise just what an enormous amount of control this hardware gives to technology companies... in simple terms: your PC will be nothing more than a set-top box. Technology companies are furiously spinning this as improved security... which is not entirely wrong. This hardware does have security benefits... but as things stand, *YOU*, the person who paid money for the machine, are not in control of it. As others have noted, trusted computing is about them not trusting you -- and not about you trusting your machine. On the contrary, the only thing you can trust is that machines with this hardware are not working for you. Hence the strong link with DRM -- this hardware will enforce DRM on a PC, not to mention allow companies to make any FOSS proprietary (see the discussions about the GPL v3 for examples). Indeed, the TCPA system was designed in conjuction with the RIAA and the MPAA. It's supported by all the technology companies. And don't think that Linux distributors are against it either -- Red Hat is busy working with IBM to produce a TCPA version of Linux... software that cannot be modified by you and continue to work as it did. How about Gstreamer - the media framework used in GNOME? the company behind that has developers who are actively welcoming the introduction of signed Linux kernels (yes, Christian Schaller, I'm talking about you) that will ensure that media is never intercepted and stored... but which will also no longer function if you modify them, or even recompile them yourself. Source code means little in a Trusted Computing world, all that matters is who digitally signed the binary... and this hardware will enforce that. Companies like Red Hat, IBM, Novell, Fluendo etc can all effectively take ownership of FOSS code. Remember: DRM is all about applications. To control data, you must control what applications can access it. DRM is about apps, not data.

You are going to have to fight for your rights on this one. Apple users have rolled over and accepted the introduction of a TPM into the new Intel-based Macs... but then, they can never be relied on to say anything critical of Apple, even when they are being lied to and sold a lemon. They are quite happy to accept this. I would hope the PC crowd is different. Read Professor Ross Anderson's TCPA FAQ. Read Seth Schoen's updates on what Microsoft is planning to do with this hardware -- if that doesn't scare you, nothing will. Join things like the EFF's push to ensure that the hardware you pay good money for works for you, and not Intel/Microsoft and Hollywood. Do not assume that "someone will hack it"... this stuff is not your average dumbass security measure. Educate yourself before its too late and this technology, in its present form, becomes ubiquitous. Support the push to ensure that you, as the owner, have access to the master key... and some method of owner override. Otherwise, in five years, there will be a big brother in every single PC and no way of escaping it.