Slashdot Mirror

Today you can find out about this by seeing the site on another connection or proxying around the block.

In a few years most computers will have "trusted computing" hardware enabling a "protected mode" where only signed programs will run. If this takes hold and ISPs start requiring "protected mode" as a condition of getting online, you will never know whether a site is really there or not, or whether what you're seeing is the genuine version of a web page (intended by the authors), or an altered version.

With the TC scheme fully in place, if the holders of the keys of the "trusted" browsers so chose, they could make any content disappear from everyone's point of view, or falsify it undetectably. In this example, you'd have to resort to offline sources for the information the union was trying to get out.

Do you have a URL to back this up?

Does this help?

https://www.trustedcomputinggroup.org/downloads/TN C/

My point is, that the RIAA cannot boo and make this go away with legal measures, it will be always possible to copy data while a Neumann-principle based computer exist, i'd hazard the guess that such computer will exist for a while...

Are you sure?

The analog hole won't be plugged anytime soon, certainly, but trusted computing will make it impossible to copy and read digital data that you don't "own".

In other words: In the future, DRMed music and movies can only be copied freely after they've been converted to analog and then back to digital.

The article is misleading; there is no actual confirmation that apple will use this technology. It's a possible alternative, and nothing more.
For more information on this technology:

Trusted Computing Group's website:
https://www.trustedcomputinggroup.org/about/faq/

An Intel whitepaper on the TPM mentioned in the article:
http://www.intel.com/design/mobile/platform/downlo ads/Trusted_Platform_Module_White_Paper.pdf

And an interesting article from macuser (older, but still relevant):
http://www.macuser.co.uk/macuser/features/61277/tr ust-me-im-your-computer/page7.html

Switching to AMD will only delay it. AMD is part of the Trusted Computing Group.

Look at the top of the content area of this page:
https://www.trustedcomputinggroup.org/about/member s/

Here's the Trusted Computing Group home page, you'll find their TNC press release link on the left side with the Microsoft press release a little below it. The TNC technical spec links are on the right side of the page.

Of course the TCG and Microsoft press releases are going to be very vague with a very positive spin. About half way down this post I explain how TNC operates and what it does. I don't know if you're up for plowing through rather large and dense TNC technical specs on the TCG page, but if you are you should be able to verify what I said about the system.

I also gave someone else an extensive explanation of how they can actually roll out a Trusted Network Connect system.

-

Hate to break it to you, but last I checked AMD was onboard with the TCPA alliance.

Look at the top of this list.
https://www.trustedcomputinggroup.org/about/member s/

The domain www.trustedcomputing.org redirects to the domain I linked to. It's official.

Hey, how about VIA? I don't see them on this list: https://www.trustedcomputinggroup.org/about/member s/members Maybe they're not a gaming platform, but at least they're not DRM nazis. Plus it's nice to see modern CPUs that aren't a fire hazard.

https://www.trustedcomputinggroup.org/home

Note the bottom ("Promoter Members"): AMD, HP, IBM, Intel, Microsoft, Sony, Sun.

AMD will be releasing their own "NGSCB"-compatible chip.

Chipset makers VIA (which also does some low-end CPUs) or SiS are not members of TCG... (That, of course, does not imply that they won't follow if put under pressure from TCG).

IBM is a part of the Trusted Computing Group, too. Look for yourself, for proof.

There doesn't even need to be a lure. All that needs to happen is all of the major processor manufacturers have DRM'd chips (well, all of the major processor manufacturers are on the Trusted Computing Group member list, so they're not to far from it). Where do the computer manufacturers get their processors from? Intel, AMD, IBM, Sun, Transmeta, Motorola, Texas Instruments, and a few other members from this list. If the only computers available are DRM-encumbered, people will still buy these computers, since they're the only computers on the market that can do all of the "new and improved things" that Microsoft and the MPAA/RIAA say that they can do, and also the fact that there would probably be some new "must-have" technologies that you can't get with your old Athlon 64 running Linux. No, everybody would be required to run Windows 2010 with the latest Intel/AMD chip with "Built-In Dang Real Media."

No matter what happens, you'll have to take my old x86 computers running FreeBSD out of my cold, dead fingers.

Err, I just found out that IBM is part of the Trusted Computing Group. Motorola is on the list, too, in case you are wondering. Apple isn't on the list, but the processors in Apple's computers come from Motorola or IBM, so if all IBM/Motorola offered were DRM'd chips, where can Apple buy chips from?

And don't tell me that Apple can switch to AMD, Sun's SPARC, Texas Instruments, or Transmeta chips; all of those corporations are also on the list, too.

This is the beginning of the end. Unless the OpenCores project starts making strides in the market, it looks like sooner or later all computer manufacturers would end up caving into the demands made by Microsoft and the MPAA/RIAA, since all of the processors are made by Trutesd Computing members.

This is looking very scary.

Intel, Microsoft and AMD aren't the only members of this NPO.

IBM is too. Won't be too long now, if it isn't there already in some form. I know IBM laptops (including the one I'm typing this on) have had a sort of beta of this for a while now.

Unfortunately, most of the computer industry appears to be behind DRM:

https://www.trustedcomputinggroup.org/about/member s/

Your rant about freedom is fundamentally flawed considering that like Intel, AMD is also a member of the Trusted Computing Group.

https://www.trustedcomputinggroup.org/about/member s/

Essentially, a TCPA compatible computer will refuse to run all code which hasn't been pre-approved by some "trusted" organisation. This would make not-for-profit software development almost impossible.

Supposedly the consumer will have some control over what is "trusted" or not. You can read more about this at the TCG website.

There are three forthcoming technologies that you should watch that will improve this situation:

TNC - Trusted Network Connect from the Trusted Computing Group (a standards group)

NAC - Network Admission Control from Cisco

NAP - Network Access Protection from Microsoft (which supports TNC)

The basic methodology is to keep the good guys with unhealthy or potentially unhealthy systems locked behind a switch port until they get themselves healthy and/or protected.

How do they do that if they are cut off? Well, they aren't entirely cut off. Systems can get to update site(s) for antivirus, patches, etc.

It isn't quite ready for prime time, and unfortunately will require time for systems to turn over (some level of host support is typical). But once it is available, systems that support it should be healthy before they can receive network traffic from unhealthy legacy systems.

Check it out:
https://www.trustedcomputinggroup.org/home
http://tinyurl.com/5ae2j (microsoft.com)
http://tinyurl.com/78al2 (cisco.com)

The security platform depends on a TPM chip being present in the system. The chip is an industry standard governed by the Trusted Computing Group, a non-profit organization which develops security standards.

The defining characteristic of spyware in my view is that the provider does not intend to respect the machine owner's control over their machine.

Aside from diverging from the very definition of "spy" (as in "espionage", the secret recording of information), do you understand that your interpretation labels Microsoft Windows XP as spyware? (along with many other software products, including the whole upcoming "Trusted Computing" thing)

• The TPM manages keys and encrypts and/or signs small blobs of stuff--pretty much other keys. It is not a bulk encryptor.
  
• The root of storage key is used to protect (encrypt) all other keys generated by the TPM. It is generated by the TPM in hardware and you can't export this key.
  
• Other keys created by the TPM or by an application external to the TPM (but stored by teh TPM), can be flagged as exportable, which means they can be backed up (they will be in the (clear). The software that is requesting a new key, has to request it be exportable which means that feature is a software dependency.
  
• You can recover the files (files are just blobs of bits, right?), the problem is that you can't decrypt them.
  
• If the data is protected by an application that uses the TPM, and the key the appliation uses has been exported, then you can reinstall the operating system and software and import your keys back into the TPM. Then you can access your files..
  

Anyone know of a blacklist of this sort of shenanigans? I'm the sysadmin where I work, and it'd be great to know what to stay away from -- and to explain to these companies why they've lost our business.

Yes.

But good freaking luck trying to buy a new PC without giving any of your money to at least a half dozen of the companies on that list.

-

Hardware-level security. At least, this seems to be the way to push for it. "Prove" that security can't be maintained at the software-level, then push for "Trusted Computing" or some such BS. Right now, it is to MS's advantage to prove that security through software is inherently flawed and impossible, then use that to their advantage in locking out other operating systems with hardware-level components. "Run for your lives!" -> "Run to the MS bunker!"

That would just be paranoia, but how does a user get a rootkit in the first place? Visiting a site with a malformed URL?

And you have this so completly wrong in so many ways. First of all, it is not the TCPA, that organiztaion has long since been renamce to the TCG and you can find the site here.

Next, if th TPM is designed according to the TCG specs, you have to manually enable it in the BIOS. Once that happens, then you have to manually allow TSS to interact with it before it will do so. You can choose not to, but then you can't use that software.

The TPM does NOT stop software from running. It will NOT stop open source software from running. and it will NOT stop you from using alternative operating systems.

The FUD you are spreading is already available in cuurrent software platforms and does't require the TPM. Why not try actually *gasp* reading the damn specs before you speak.

sheesh.

And you have this so completly wrong in so many ways. First of all, it is not the TCPA, that organiztaion has long since been renamce to the TCG and you can find the site here.

Next, if th TPM is designed according to the TCG specs, you have to manually enable it in the BIOS. Once that happens, then you have to manually allow TSS to interact with it before it will do so. You can choose not to, but then you can't use that software.

The TPM does NOT stop software from running. It will NOT stop open source software from running. and it will NOT stop you from using alternative operating systems.

The FUD you are spreading is already available in cuurrent software platforms and does't require the TPM. Why not try actually *gasp* reading the damn specs before you speak.

sheesh.

They're waiting for DRM-encumbered PCs to become the norm.

Can we please stop linking to that FAQ about Trusted Computing? Talk about spreading FUD all over the place.

After having done a paper on TC I would really recommend that people read the specs (a bit dry), or the book?

Read "The Diamond Age" as well and see if TC can fit into the idea from there of anonymous, secure communications. You're not going to reach level 20 of Cryptnet without something like it.

If you've got the time then have a look at it from another perspective and wash a bit of the FUD off.

Maybe Google can be the backbone of Internet 2, so when the TCPA finally imposes its fascist ways on us, we can forget those companies and turn to Google instead.

No, no, no.

If this is based on the Trusted Platform Module (TPM) specified by the TCG, then the security features have to be enabled first.

Even if the TPM is enabled, it shouldn't interfere with the boot process at all. The TPM is a passive device. In fact, the TPM won't be used without explicit OS support. So you can load anything you want and it will boot.

Second, assuming this is based on the TCG TPM, individual host indentification should not be possible (there are cases where it may be possible) but in general, not.

See here for more details about the TPM: Design Principles

Now the danger is with application vendors abusing the TPM functionality to limit computer use such as requiring the TPM to be active or storing identitfying information in the TPM.

...the "Storage Root Key" (SRK) which is generated inside the TPM and is non-migrable.*

9.2 Endorsement

...Exporting the PRIVEK must not occur.

9.2.1
The PRIVEK SHALL exist only in a TCG-sheilded location.

* Definitions
Non-migrable:
A particular key which cannot be transported outside a specific TPM.

So your two master keys, the Private Endorsement key (PRIVEK) and your Storage Root Key(SRK), are forbidden to ever be revealed to you. Below the SRK there is an entire tree of keys - Non-Migrable keys - which you are forbidden to ever see. They can be used to encrypt data you can never decrypt yourself, except by requesting the TPM to do it for you, and only under the conditions the TPM permits. One of those conditions is that the request may be restricted to a specific application with an unmodified hash value.

No where in that discussion does it say to me that you have no control over your keys.

By their definition you *do* have "control" over all keys. They just have a rather peculiar and narrow definition of "control".

That "control" is restricted to the available commands. The available commands in many cases do simply not include any way to reveal that key. That "control" may also be restricted by conditions you premitted to be imposed when that key was created. You "permitted" those conditions to be imposed when you allowed an application to run which set those conditions. In many cases key will be created with the condition that only that specific unmodified program may use that key. So for example the decryption key of a music file can be restricted to use by the unmodified RIAA DRM music player which created it.

-

Yeah, the Pentium II had the CPU ID number. And if you read some old Intel speeches they had planned to start rolling Trust functionality into CPU's in 2002. The outrage and backlash against CPUID derailed their plans.

So Intel founded a lobbying group Americans for Computer Privacy (ACP) and invited others in the industry to join. According to Intel's own speech ACP is lobbying to RELAX government regulations. The new Trusted Computing system has a huge focus on pro-privacy spin. While every Trust Chip (or CPU, if it's in the CPU) will have a unique ID code, there are features in the system that CAN be used by software if specifically wants to protect privacy. There are certain systems in there that CAN be used to make you semi-anonymous. But those features are entirely optional, up to the software to choose to use them.

What about software or website or whatever that do want your identity and want to violate your privacy? Well the Trusted Computing Group's own FAQ says it best:

What has the TCG done to preserve privacy?
TCG believes that privacy is a necessary element of a trusted system. The system owner has ultimate control and permissions over private information and must "opt-in" to utilize the TCG subsystem.

MUST OPT-IN to utilize the Trust system. If something or someone wants to see your unique ID code, if someone or something asks for unlimited permission to violate your privacy, if you do not "opt-in", then the Trust system refuses to work at all. The software will not install or run. The website will be unviewable. The music or other file will be unusable. You will be denied a network connection.

Wasn't this supposed to cause the sky to fall in 1999 or something?

Thier plan was derailed. But if the new plan goes forward then somewhere around 2008 or 2009 you may beforced to "opt-in" or be denied any access to the internet at all. At a Global Tech summit the President's cyber security advisor asked ISP's to plan to make it a mandatory part of their terms of service. That they should do it to fight viruses and to protect the National Information Infrastructure, to defend against Terrorist cyber attack. And get this - he literally called on them to do it to defend against Osama bin Laden himself.

So yes, in a few years the sky really could fall.

-

Here you go...

For a TPM 1.1 compliant solution:

The TCG 1.1 Main specification:
https://www.trustedcomputinggroup.org/downloads/Ma in_TCG_Architecture_v1_1b.zip

For a TPM 1.2 compliant solution:

Design Principles:
https://www.trustedcomputinggroup.org/downloads/tp mwg-mainrev62_Part1_Design_Principles.pdf

Structures of the TPM:
https://www.trustedcomputinggroup.org/downloads/tp mwg-mainrev62_Part2_TPM_Structures.pdf

TPM commands:
https://www.trustedcomputinggroup.org/downloads/tp mwg-mainrev62_Part3_Commands.pdf

Here you go...

For a TPM 1.1 compliant solution:

The TCG 1.1 Main specification:
https://www.trustedcomputinggroup.org/downloads/Ma in_TCG_Architecture_v1_1b.zip

For a TPM 1.2 compliant solution:

Design Principles:
https://www.trustedcomputinggroup.org/downloads/tp mwg-mainrev62_Part1_Design_Principles.pdf

Structures of the TPM:
https://www.trustedcomputinggroup.org/downloads/tp mwg-mainrev62_Part2_TPM_Structures.pdf

TPM commands:
https://www.trustedcomputinggroup.org/downloads/tp mwg-mainrev62_Part3_Commands.pdf

Here you go...

For a TPM 1.1 compliant solution:

The TCG 1.1 Main specification:
https://www.trustedcomputinggroup.org/downloads/Ma in_TCG_Architecture_v1_1b.zip

For a TPM 1.2 compliant solution:

Design Principles:
https://www.trustedcomputinggroup.org/downloads/tp mwg-mainrev62_Part1_Design_Principles.pdf

Structures of the TPM:
https://www.trustedcomputinggroup.org/downloads/tp mwg-mainrev62_Part2_TPM_Structures.pdf

TPM commands:
https://www.trustedcomputinggroup.org/downloads/tp mwg-mainrev62_Part3_Commands.pdf

Here you go...

For a TPM 1.1 compliant solution:

The TCG 1.1 Main specification:
https://www.trustedcomputinggroup.org/downloads/Ma in_TCG_Architecture_v1_1b.zip

For a TPM 1.2 compliant solution:

Design Principles:
https://www.trustedcomputinggroup.org/downloads/tp mwg-mainrev62_Part1_Design_Principles.pdf

Structures of the TPM:
https://www.trustedcomputinggroup.org/downloads/tp mwg-mainrev62_Part2_TPM_Structures.pdf

TPM commands:
https://www.trustedcomputinggroup.org/downloads/tp mwg-mainrev62_Part3_Commands.pdf

https://www.trustedcomputinggroup.org/downloads

Any spec on sight, anyone?

Idiot.

Here you go.

Fuck. No one can do even a little bit of searching anymore.

AMD is a member of the Trusted Computing Group, along with MS, Sun, IBM, Intel, HP, Sony, and a whole slew of contributors and adopters of this technology, too.

Yes I am a programmer and yes I've programmed in assembly and yes I've used debuggers. I have been reading the Trusted Computing Group's technical specifications, documentation and research papers from IBM and HP and Intel and numerous companies, as well as research from universities.

The fact that you are familiar with assembly language and CPU's will be a big help - usually I need to avoid getting technical. However you do not appear to be adaquately familiar with assymetric public key cryptography (PKI) and signatures and what they allow. If you are familiar with PKI, well, you clearly overlooked it in several places in your post. If you you're not well familiar with PKI then you need to Google and read up on it.

Ah! This is getting to the good stuff. Ok, somehow the sound card (which has its own, special master key) can understand what the master key encoded on the CPU has given it.

Yes, using public key encryption (PKI). Snoop all you like, you can't decrypt the video data. I'll walk you through it;

The CPU has a private key which never leaves the chip, and a public key you can see. The soundcard has a private key which never leaves the chip, and a public key you can see. The CPU's public key is signed by the manufacturer. You cannot fake that signature. The sound card's public key is signed by the manufacturer. You cannot fake that signature. The manufacturer's signatures are both signed by the Trusted Computing Group's private key, you cannot fake that signature. So:
(1) The sound card and CPU exchange public keys and signatures. You are free to watch this and record the data.
(2) The sound card and CPU each look at the data they received and validate the Trusted Computing Group's signature, they now know the manufacturer public key they got was valid.
(3) They then use the manufacturer public key to validate the signature on the chip public key. They now know they were given a valid chip public key.
(4) One of them (lets say the CPU) then generates a 128 bit symetric key for encrypting data. This is the session key. This is inside the CPU, you can't see it.
(5) The CPU encrypts the session key using the sound card's pulic key and sends it out. You are free to watch this and record the data.
(6) The sound card then decrypts the session key using its private key. Both chips know the secret session key for all future data.

You got to watch all of the data fly back and forth, but all you saw was public data and an encrypted session key. You can't read that session key without the secret PRIVATE key. Without the session key you cannot decrypt any of the video data.

PKI magic, you get to see everything but you can read nothing.

Debuggers do this so why would it suddenly become impossible?

As I said, NEW HARDWARE.
I am quite aware that on current hardware a debugger can access anything and everything. However on the new hardware there is no CPU instruction for reading certain keys. There are no instructions for assuming another program's identity.

One of the ADVERTIZED features of Microsoft's Next Generation Secure Computing Base (Palladium) is "strong process isolation". This means that when a program requests a secure "memory compartment" that no other program can read that compartment, not a debugger, not even the operating system itself. The memory is reserved for that program ad that program alone. The most the operating system can do is wipe and free that memory.

This process isolation can be acheived in different ways. The "lesser" way is for the hardware to simply grant/deny access to certain segments of RAM based on a process ID. And remember there are no CPU instructions for directly manipulating this ID value - the value is generated by hardware when the process is spawned, the current ID is changed by hardware when an interrupt occurs, and the old ID is restored by hardware when the interrupt retur

We've all read disturbing reports on how Trusted Computing is supposed to be nailing open-source software, and keeping keeping good citizens from causing a little less income for the poor media-industry (that just made its record profit this year).

Imagine a whole new kind of knight: black to the industry, but white to freedom-loving people. A knight that, just before no non-signed applications will run anymore, patches all systems it infects to destroy the immoral TCPA-lockdown. I'd like to see how many users, after realizing that they can again run their own programs again, would like to install the latest security (whos security...?) for Windows.

Indeed, the idea is not new, and I'd sure like to see an implementation of that. We'd probably need a freenet-like public-key command structure for such a virus, for one sane person to stay in control.

That would be so cool... Ah, dream on. (And go for it!).

A nice exercise would be to "patch" all iTunes clients out their to save unencrypted AAC-files to the disk. Just an idea... ;)

And what on earth is the problem with existing BIOS's?

Their makers are involved in Treacherous Computing Group, whose specification relies on keeping information secret from the owner of a piece of computer hardware in order to be able to sell you a computer capable of doing less.

As part of TCG compliance, a TPM must be controlled by the user. The user must have the ability to turn it off, and compliant TPMs cannot have the ability to dictate what software can and cannot run.

I recommend reading the TCG FAQ, paying special attention to questions 29 and 30.

I'm struggling to determine if you actually know what you are talking about, or if this is looney tunes paranoia.

It's funny, after I wrote my last post it crossed my mind that you might wonder exactly that, lol.

I am a programmer. I have been reading the Trusted Computing Group's own Techncical Specification Documentaion, and countless other documents. I can give a detailed explanation of exactly how almost every part of the system works. The problem is that it gets extremely technical, private encryption keys, public encryption keys, four or five layers of certificates, crypto signatures to authenticate crypto signatures of other crypto signatures, storage root keys, keys encrypted under keys encrypted under other keys, various registers building hash-chains and a system to log those chains, encryption keys bound to various registers. And a whole system for remote authentication of the system state verifying exactly what software you are running and that it has not been modified.

If you have any technical questions, go right ahead. I can almost guarantee I can answer it.

I generally work pretty hard to avoid all of that and put it in terms any casual computer user can understand. It's often hard to explain with a system that isn't available yet. But as a programmer I see exactly what it can do and cannot do, and the documentation it quite explicit about all of the things the owner is forbidden to do.

For example the specs specifically require that if your Trust chip glitches/dies, that it *must* be impossible for you to recover certain kinds of data (it is complex what you can and cannot get back). If the chip dies your backups are useless. All of your music files are gone. Your installed and registered applications - gone - you need to rebuy and install them from scratch.

Why? Because there is no way for the RIAA to Trust that your computer really did die. For all they know you're lying and pretending your chip died. If you were able to "recover" all of your stuff onto a new computer and still have it all on the supposedly dead computer then you could have two copies at the same time. That is a voilation of the TRUST system. "Trust" is not about you trusting your computer. Trust is about everyone else trusting that your computer will enforce the rules against you, that it will never permit two working copies to exist at the same time.

The central design requirement is that the owner is forbidden to know his PrivEK and SRK keys.

Anyway, a slightly different story here:
http://www.microsoft.com/technet/security/news/ngs cb.mspx

Okey dokie! Let's go over that info! It's spin-city.

NGSCB employs a unique hardware and software design to enable new kinds of secure computing capabilities to provide enhanced data protection, privacy and system integrity.

Sure it can protect your data and your integrity for you, but an identical system where you merely know your keys could give you the exact same protection. There is no possible way that knowing your master keys (PrivEK and SRK) can reduce your computer's ability to do protect you. Holding a printed copy of your keysin your hand does not change the computer's functionality at all. Those two keys will be a running theme here.

What "data protection" and "integrity" here really refer to is DRM. Since you are forbidden to know your master keys you cannot decrypt your own data. Your data is protected against you. Since you don't know your master keys it is impossible for you to modify any of the software on your computer without the Trust chip exposing that "tampering" to everyone else and to any program. You computer's integrity is protected against you and your "tampering".

a trust policy that can be dynamically created and

Why does he want to get trusted computing and DRM hardware running in Linux? I thought that was the kind of thing we were trying to avoid in Linux. Why should we trust M$ and the Trusted Computing Group

The DRM + security features are those of the Group formerly known as the TCPA. TCPA has frequently been discussed on Slashdot.

From http://www.intel.com/design/pca/prodbref/253820.ht m>:

"The Intel PXA27x processor family incorporates the Intel® Wireless Trusted Platform that is designed to provide platform trust and robust security services required for today's wireless devices. Built around the concepts developed by the Trusted Computing Group* (TCG) industry forum..."

You need a Trusted Computer :-)

You might want to actually do some reading about the actual technology

You just stepped in way over your head. I'm an expert.

I'm a programmer and I've been reading the technical design specifications in detail. As I said, you missunderstand how Trusted Computing works. If you don't believe me then I suggest you go read the specs yourself if you can handle it. (Don't take "if you can handle it" as an insult, they are engineering specs and you pretty much need to be an engineer and/or programmer to decipher it.)

Main_TCG_Architecture_v1_1b.zip

That's a zipped PDF of the engineering specs, hosted on the Trusted Computing Group's own website. You can't get any more official and authoritative than that.

You're confusing TCP with DRM.

No I'm not. Everything I said is 100% accurate. Trusted Computing is not based on signatures. I'll give a simplified summary of how it actually works:

You load an application. The TPM (Trusted Platform Module) takes the hash of that software and places it in a PCR (Platform Configuration Register). The PCR value is then used to create an encryption key inside the chip. That key is then used to decrypt that application's data files.

Any change to the software will alter the hash of that software. Any change to that hash changes the key. Any change to the key means you can't read the data. Only the original and unmodified software has that hash. Only the original and unmodified software can get at that key. Only the original and unmodified software can read the file. Even the owner of the computer can't read the file - the key is locked inside the chip.

Note that there is no signature used anywhere in that process. The software is its own signature. Any change in that 'signature' makes the data unreadable.

It's currently solved by software which generates a hash ... assumption that the hash stored in the external file was not altered

Yeah, but that's not what I was reffering to. I was reffering to a system that gives you the EXACT same protection you get from Trusted Computing.

Lets say you have two machines with *identical* hardware. The first machine is Trusted Computing. The second machine is not Trusted Computing. The *only* difference between the two machiones is that you have a printed copy of the master key for the second machine. The second machine isn't "Trusted" becuase you know your master key and you can defeat DRM or anything else by using that key whenever you want to do so.

There is *nothing* the Trusted Computing machine can do for you that the second machine couldn't do just as well. Simply knowing your key cannot possible reduce your computers ability to protect you.

Someone who hacks into either machine cannot modify any of your software or falsify any of your data files because he cannot get access to the key hidden inside either of the chips. The NON-Trusted computer - the one where you have a printed copy of your key - is just as secure.

Therefore the security example you gave does not justify Trusted Computing. You could get the exact same protection from a non-Trusted machine using the same hardware.

The problem is that they refuse to sell you that second machine - the one where you get a printed copy of your master key. They refuse to do so for the sole reason that Trusted Computing's primary purpose is for your computer to enforce DRM and other abuses against the owner. There is *no* legitimate reason to forbid an owner to know his own key.

-

You fucking moron.

Do you actually *know* anything about Trusted Computing, or are you just a typical Slashdot weenie spouting disapproving shite about a technology you're too ignorant to investigate?

If you actually spent the time to look at what Trusted Computing *is*, you would see that your reaction is a) totally over the top, b) demonstrating a mis-understanding due to your fucked-up views.

I'm not concerned about software-based DRM because so far it seems to be limited to Windows. What REALLY concerns me is the large number of news items I've seen lately about hardware based on "Trusted Computing".

TCG TPM is the standard settled upon for trusted computing. An interesting EETimes article is about TPM chips going into systems (costs & chipsets, etc). Described as "low-cost silicon safes for a digital key" the article states, "IBM plans to put the current version 1.1b TPM parts in all but its lowest cost notebook computers by the end of the year." As well as the inclusion of these chips in Gb Ethernet, storage, memory, and I/O buses. The TPM v1.2 standard is worth a look over to see what the future holds.

Much of the software that goes into DRM is moving up the chain (especially seeing how effective DeCSS was for DVD decoding) and into silicon. I do not quite see how Trusted Computing is really that different from a full-fledged DRM hardware system. It seems to be an easy step to make those buses and storage devices scanning for 'trusted keys' to be applied to digital finger prints of unauthorized DRM-licensed media moving around on your motherboard.

that this story is submitted today, as it was on Martin Luther King Day in 1990 that the AT&T long distance service crashed due to a poorly implemented software update and provides us with both an example of the inherent weakness of a Software Monoculture, and the efforts of law enforcement to misrepresent such events in order to increase government regulation over communications. (I wrote more about this in another post.)

Giving in to pressure to limit access to information, and to allow a centralized service manage our personal privacy and security, will do nothing to increase the security of the internet and will do everything to limit our expectations of privacy and personal liberties.