Slashdot Mirror
AMI Introduces 'Trusted Computing' BIOS
An anonymous reader writes "American Megatrends announced its 'trusted computing' Palladium BIOS on Jan 6. It seems that the encrypted BIOS' integrity will be verified by a special chip or flash ROM, and will in turn verify the 'authenticity, integrity and privacy' of the boot loader and the operating system. Does that mean such machines may refuse to boot any other non-'trusted' OS? After all, the list of supporting corporations include AMD, Intel, IBM, and HP, of whom we heard quite favourable statements about Linux (just for example -- *BSDs will be equally affected) so far."
Does that mean such machines may refuse to boot any other non-'trusted' OS?
I'm pretty sure it won't. For now it'll just not have a trusted signature, so no access to Palladium-protected content. But I'm pretty sure that's the bait of a bait&switch operation...
Kjella
Live today, because you never know what tomorrow brings
...the first "trusted" bootsector virus appears?
Comment removed based on user account deletion
You've just lost one customer, from this point forward, no matter how difficult it may be for me to find other products, I will not buy ANY hardware that contains a BIOS made made by your company.
WHile this may not seem like a big deal, I _am_ in the market for a new system, and have a decent budget to do it with.
"See, we plan ahead! That way, we never have to do anything now."
I honestly don't understand the value (or perceived value) in having this.
My beliefs do not require that you agree with them.
Comment removed based on user account deletion
Just follow this little (hypothetical) chain of events:
/dev/null of the computing industry, the OS community is going to need each other to maintain a DRM-free computing zone. Open source, open protocols, open formats, open beer.
1) BIOS on new motherboard will only go into "Palladium-mode" if you're booting a "trusted" OS. For the time being, you can still run linux, but it won't have access to any "Palladium" features.
2) If you're running a "trusted" OS (eg. MS Windows UY [Up Yours]), the OS can hit the 'Net and automatically download and apply updates to itself. At some point, it could quite easily detect the BIOS on your system and apply an update so that...
3) The BIOS will no longer boot non-trusted systems. Also...
4) The OS could download a new protocol stack that could render it inoperable with other protocols. An entire new Internet based on the MSOY/BO (Microsoft Ownz You/Bend Over) protocol could spring up almost over night. MS-only network services, online shopping, etc.
Is any of this likely to happen? I don't know. But it would be possible, and I'm not sure I trust Microsoft not to try it. Even if Open Source doesn't relegate MS to the
bytesmythe
Hypocrisy is the resin that holds the plywood of society together.
-- Scott Meyer
I think this reminds me of the situation with the CPU IDs in the Intel Pentium processors. I have yet to see a BIOS supporting such processors without the ability to disable the serial number.
I suspect that the "trusted computing" features will be similar it its ability to disable such things. It will be required of virtually every motherboard manufacturer who wants to compete. I can't imagine hardware manufacturers being pressured into making a palladium only system.
I just thought about this a bit more and...
Say someone is running a certain email program
and a 12 year old writes a script to exploit this mail program
his exploit does nothing more than pad the kernel with garbage
The original hapless individual shuts his computer down
When he powers it up the next day, it refuses to boot as the kernel has been modified
since his hard disk is encrypted he can't retrieve any of his data from the system, nor can the tech he brought it to...
So he smiles, reinstalls and rebuilds all the work he just lost, as a backup isn't anything he ever thought of making.
Give this a year or two and we'll see IBM make a push to bring reliable, centrally maintained machines into workplaces.
Comment removed based on user account deletion
According to US patent 6,327,652 that is indeed correct-- unsigned code simply doesn't get any access to secured data, and may not even be allowed to run on the same desktop as signed code. If the boot sector doesn't pass the BIOS's signature check, it's not given access to the machine private key, and therefore can neither unlock locally stored encrypted content nor pose as a trusted system to other machines on the net. The only bait-and-switch here is the possibility of a concerted push by software or content producers to require a trusted runtime. One minor wrinkle is that this will require boot-selector programs like LILO to either be code-signed or be unable to properly boot signed operating systems.
...when you're writing a game...tweak the difficulty of "Easy" to something [your mother] can cope with. -- onion2k
I told AMI (link in the article: marketing@ami.com) that I don't think of this as a "feature". Computer manufacturers have backed down on much less invasive technologies (Pentium III's unique ID, for instance) before; I'm still a little bit hopeful that with all the competition in the mainboard scene we might be able to convince manufacturers not to adopt consumer-hostile technology like this.
I think there might end up being "Windows PCs" that will have motherboards that support the Palladium standard and then "other PC's" that won't. When you want to build a box for linux or BSD or whatever else, you'll have to buy the "other" hardware instead of Windows hardware. If there is enough profit in it, somebody will make it.
Is Oracle, BEA, IBM or any of the OSS projects going to do this? For what? What value is brought by wasting time and money implementing a strategy that has little or no benefit to the customer?
Bah, this is a scarcely concealed attempt to appease the media giants (the people who FUND RIAA). Lack of customer interest will likely cause this to fail.
But what do I know? My company (who's in a "budget crunch") burns enough cash to single-handedly cause global warming, and we're profitable. Whatever, I'm going back to Oz where things make sense...
Computer Science is Applied Philosophy
Who says the trusted OS has to come from MSFT?
Maybe I'm going to sign a linux kernel, and only add my own signature to my trusted list. Now nothing will run on my machine that I haven't signed.
I understand all the knee-jerk 'the sky is falling' reactions - this is slashdot, after all - but can't anyone see the benefit of knowing that next time Eunice the Twit in accounting opens a "hilarious" e-mail, she won't bring every machine in the network to a halt?
I don't need no instructions to know how to rock!!!!
Well, I am worried about the development too, but at the same time, I think we must realize that no matter what they throw at us, someone will crack the protection.
Ultimately, the entertainment industry will only be able to control individuals who allow themselves to be controlled.
The rest of us will actively seek solutions that remove us from the evil claws of "Digital Rights Management", or rather "Consumer Ass Ramming" as it should really be called.
They can encrypt and protect all they want, but someone will come through. Someone will work constantly on giving us our rights back - even if it means doing so illegally.
If it becomes illegal to have control over one's own system and play off whatever one pleases, I will stand in line to break the law. Constantly. The more they try to control me, the more I will break laws.
I am not saying that people's concerns about violated rights to control one's own system is not justified. I am just saying that we will prevail in the end. With the incredible amount of brainpower available to those with a liberal mind, the entertainment industry may win over the sheep who do not realize what is happening, but they will not get the ones that don't want to be ass-rammed.
Sorry for the rant, but hopefully someone else agrees that the fight is far from over, and no matter what they tro to do, we will continue to fight...
Clever signature text goes here.
This technology is intended to support the TCPA 1.0 specification for "trusted computing". What "trusted computing" is supposed to mean is that if a file has a label on it saying "don't copy me", then it is in principle impossible for the user to copy the file (other than in the ways permitted by the digital "rights" management label).
Once you understand this, you'll see that the purpose is quite clear: of course boxes equipped with this BIOS will refuse to boot Linux. That's the whole point; they will be intended only to boot operating systems that strictly support DRM. Each machine will have unique "integrity tokens" which can be used as digital signatures, so that everything you do on the machine (create a document, contact a web site) can be traced. Since you'll have to pay for your downloads on a credit card, this can all be cross-correlated. The integrity tokens will be digitally signed by the manufacturer, so that any action taken on the net by the owner of one of these beauties can, at least, be traced to the original purchaser of the machine. Secret, DMCA-protected protocols will assure that only "trusted computers" can connect to their web sites.
Now, of course, initial implementations of this concept are likely to have flaws that can be exploited by crackers (example: find some way to write a program that replaces the "trusted" OS with a BSD or Linux kernel; reprogram the flash chip to disable checks), but I fear that they will get it right eventually.
At some point, then, the net will bifurcate: there will be a world of glorified DVD players calling themselves computers interacting with restricted network sites, and a world of general-purpose computers interacting with sites that follow standard protocols. Attempts to outlaw the "free world" will not succeed because it will do too much damage, but those who participate in the "free world" will be viewed with suspicion, called pirates, etc. ISPs might be pressured into refusing to connect with "untrusted" machines.
After five years or so, though, I expect the whole thing to fall apart, because countries that don't go along with this brain damage will acquire a technological lead, as the US enters an era where computer science is treated the way that the USSR treated science: dangerous state secrets not to be shared.
Okay, my take, based on working knowledge of 'trusted' computing and hardware design (I used to be a support enginner in Intel's server division,) is as follows:
'Trusted computing' relies on the fact that every component is known to be secure. Of course 'secure' is a cagey term, but in this case, it means that the end application knows that nothing is interfering with it. The uses vary, from DRM to financial transactions, to other uses we haven't thought of. But, there are three main pieces in a trusted system:
1. The hardware. The hardware needs to be 'trusted' in that we are certain that there is no hardware tampering or eavesdropping going on (of course, this applies only the the internals of the computer, a packet sniffer, or even a keyboard monitor, would be external, and ouside the scope of monitoring,) and to make sure that the machine is the machine it's supposed to be. This really started with Intel's Pentium III adding a processor serial number. The point of that (as with Palladium) was that each machine could be positively identified. If you had previously made that computer 'trusted', then set it so that only trusted machines could perform a said transaction, we could guarantee that the end user is who he says he is, from a hardware standpoint. This new BIOS is much the same way. Each board with this BIOS will be able to say "Yes, I am the motherboard that was here when this software was installed, so yes, I am the same computer." Obviously, this has implications for hardware failure, even moreso than Windows XP's activation problems.
2. The OS. The OS must have support for trusted computing. It must be able to partition off the 'trusted' applications from the untrusted ones. It must be able to encrypt the contents of the drive, and only allow trusted applications to access protected data, and only allow trusted applications to access the 'trusted' part of memory. (So as to disallow one program from sniffing the program files, memory, or data transport streams of a protected application.) This would probably see alot of use by multiplayer online games, as they could make certain that no third-party applications that reside on the game-running-PC could be used to cheat. (As with some of the 'god map' programs for Everquest.) Again, this does not protect the data stream once it leaves the computer, an encrypted network connection would be required. Obviously, for the OS parts to work, users must log in to the system with a username and password at least. Biometric security would be better, so as to more certainly guarantee that the user is who he says he is.
3. Applications. The entire purpose of 'trusted computing' is the applications. Applications that need to know that the user is who he says he is, and that is done by both the OS and the hardware. As with the game example above, other uses are financial transactions (for example, you could set it so that only your computer has access to your bank account records, so that even if someone stole your hard drive, and your username and password, they still wouldn't be able to get at your data,) and DRM. It makes a perfect DRM vehicle, as now the labels can enforce the one-computer rule. A downloaded file would refuse to play without the original application, OS, and hardware.
The question is if these systems can boot a non-trusted OS? Of course they can! You won't be able to use trusted features (for example, your bank's online account access wouldn't work,) but you could use it just fine for applications that don't use MS' Palladium. Just like the Pentium III's serial number could be disabled, and all you lost was access to the (very few) programs that required it.
Another non-functioning site was "uncertainty.microsoft.com."
The purpose of that site was not known.
Let's say the Microsoft Watch is a big success. Go ahead and laugh. They've got the bucks to seed these sorts of things into the marketplace for years. Eventually something will stick. If not the Watch then the MS Clock or the MS Hairdryer or the MS Refrigerator, or something.
Now, let's say you, as a geek, have reprogrammed the thing so that it runs FreeWatch, the oss embedded watch OS that does all the cool stuff you want it to.
The next version of the MS Watch is Trusted. It only runs approved software. It only runs approved services. And if it doesn't recognize the os and the software, it just doesn't run. Of course, approved means approved by Microsoft, or by the Watch Software Consortium. And they'll be happy to add FreeWatch, for $500 million and a 25% cut of the profits.
If you don't think that's the way it will work, think again, very carefully. It isn't Trusted to Microsoft until it's utterly predictable. It will only run MS-approved software. It will only display MS colors. Once it's utterly predictable, then support costs go down, service fees go up, and 3. Profit!
Now, extend that to the PC platform. Microsoft's stated goal is for computers to be as predictible as kitchen appliances. That means they run exactly the way it runs. Support costs go down, service fees go up. Paladium, TCPA, DMCA, DRM, it's all the same. It is to give you absolutely reliable computing. To end hacking, cracking, viruses, tinkering, end-user encryption, and everything else most geeks hold near and dear. And incidently, to put the hands of the electronics and entertainment industries into your wallet, forever.
If you think this is unlikely, as yourself, why is the membership list of the TCPA secret?
Maybe you still don't agree with me. Maybe I'm wrong. I really hope so. But perhaps it's worth keeping an eye on things.
You can use this technology to verify, for example, that some software (for example, DVD viewing software) you want to run has not been altered by a virus to perform functions other than those you choose. Functions like spyware, worm propagation, etc.
The down side is that it enables anyone else to perform the same verification. This could be used (again, for example) by the MPAA to ensure that the DVD viewing software you want to run has not been altered (by you) to perform functions other than those they choose. Functions like allowing the movie to be saved as a file or played on a non-compliant display device.
The fear is that eventually content providers will refuse to offer any content to your general-purpose computing device unless you allow them to verify the software you are running on it. Which will, by economic necessity, require that you be running one of a very limited set of "approved" configurations to get the approval you would need. In essence, your "general-purpose computing device" will need to become a "single purpose computing device". Digital content marketers are probably drooling over the thought of some souped-up Windows system which plays DVD's and Digital Audio and games (and what not) and never lets anyone pirate the content. Instead, it will likely become something more like: Insert the DVD-Player CDROM and reboot to turn your PC into a DVD player, insert the Digital Audio Player CDROM and reboot to turn your PC into a Digital Audio player...
But the fear is misplaced. The real use is not in protecting digital content, but rather in allowing someone who doesn't own a piece of hardware to reliably use the processing power of that piece of hardware.
In reality, however, none of this will come to pass. The world of hardware is nowhere near as clean as the software world. Hardware designers have to make all kinds of assumptions, like assuming that the clock is accurate, assuming that supply voltage remains within spec, assuming at no one tied that patricular bus line to Vcc at the exaxt instant when the "failed" result was being relayed, etc. As soon as there is a hint that someone, somewhere has hacked their hardware enough to create a untrustable trusted system, no content provider will will accept any trusted system as trustable ever again.
Game over.
The thing about things we don't know is we often don't know we don't know them.
"It is perfectly acceptable for a TCPA system running a TCPA software to reject Windows signatures as invalid while accepting a specialized version of say MacOS X or FreeBSD."
And if you think that you'll be able to run your trusty older versions of Windows, such as (ick) Windows 9x, or even newer, more modern (and musch more usefull) Windows 2000 in the trusted mode, you're likely to be in for a big suprise.
This can be used to screw far more people than just Linux/BSD/other alternative users over. Just one more way to force you to "upgrade".
> But isn't one of the "advantages" of Palladium that your friendly neighborhood viruses can no longer run and erase your
> MP3s/JPGs/etc, because they are not "trusted" code? I'm not sure how that will relate to unsigned VB scripts. It's designed
> to protect the consumer from themselves... and legislate what (Microsoft's, I assume) programmers could not implement
> properly.
No, Palladium won't help with that. Most viruses and trojans today are just memory resident processes like any other. There is no easy way to separate a "good" program from a "virus" program. (Seriously, how would it? And how would it be able to tell if a "good" program had an exploitable backdoor or buffer-overflow in it?) It's true that palladium might protect you against, say, boot sector viruses, but there are ways a properly implemented operating system can do this, too.
We already have all the hardware we need to provide computer security (namely, protected memory). Palladium's only purpose is removing the ability for users to inspect and modify their own computers (in an attempt to make DRM schemes fly), so don't listen to what they tell you!
PPC
Don't forget SPARC! It is also an open alternative to Wintel with a good selection of excellent operating systems: Solaris, Linux, and *BSD.
We all should embrace PowerPC, SPARC, MIPS, and other well-known and easily licensed brands of ISAs. These--as long as Congress doesn't screw everything up--will be the path forward when Microsoft, Intel, et. al. try to shove TCPA down everyone's throats.
Also, it certainly doesn't hurt that Sun, SGI, IBM (RS/6000), and Apple all produce really good hardware that lasts into the secondary markets. It isn't hard to find ten-year-old examples of each of these brands still serving useful purposes throughout server rooms and hobbyist desktops all over the world.
When the Wintel-brainwashed masses find themselves backed into an alley with the only exit closing rapidly, we can say to them, "We have the way out!" (imagine Microsoft reeling at the bitter taste of their own words:)
Healthcare article at Kuro5hin