Discuss BIOS and Palladium Issues With an AMIBIOS Rep

After this Slashdot discussion about the relationship between BIOS biggie American Megatrends Inc. (AMI) and Palladium appeared, we got an email from AMI sales engineer (and former Linux.com contributor) Brian Richardson, who wrote, "I am a bit concerned that the information you provided misled your readers into thinking AMI was promoting Palladium or taking some sort of anti-open-source stance. This might be due to the fact that TCPA was mistakenly equated to Palladium, or questioning how Linux would run on a TCPA-enabled system ... or by the horde of angry Slashdot readers telling us they would never buy an AMI product because we were forcing standards on them." Brian offered himself up as (his words) a "Slashdot interview victim" to clear things up.(Update by RM: And, says Brian, he's happy to answer other BIOS questions as well.) So ask, already, and let's get things cleared up. (Usual Slashdot interview rules.)

Re:TCPA & Palladium

TCPA is a platform for trusted computing whereas Palladium is a software by MS that sits on top of TCPA.
More here

Re:"Trusted" computer

[LostCluster]

Something is trusted when it is put in a position where if it screws up, bad can things happen.

Something is trustworthy when it is thought to not be likely to screw up when it is trusted to do something.

So, when you put up your organization's website on an unpatched IIS server, that computer is trusted to serve that set of pages and not all the pages to be changed by anybody other than those people trusted enough to be authorized to do so.

However, since an unpatched IIS server has security holes that allow for the site to be either taken offline, or replaced with an undesired site, that unpatched IIS server is not trustworthy... which means it's not a good idea to put an unpatched IIS server in a trusted position. If you do, it's very possible the unpatched IIS server might fail to live up to its responsiblites, causing the bad things you didn't want to happen.

Likewise, any of the trusted people might go crazy and decide to use their password to walk right in the front door and tear the site apart. This is why its important that you select trustworthy people, and as few people as possible, to hold that password.

The death of WINE

[Windcatcher]

Here's an interesting scenario:

- Office Palladium will require TCPA

- Linux, as an untrusted OS, won't be able to provide Office Palladium proper authentication, and Office will refuse to run under WINE.

- Windows users become reluctant to migrate to Linux since they can't run Office. (Believe it or not, Office is still the killer app for most folks).

I'm telling ya, the Office division is behind this at least as much as the content industry.

Re:I'm a little blurry on the details here....

[BeBoxer]

If I understood the prior articles correctly, TCPA should provide ... enough checking to insure that the boot sector is signed.

I'm amazed at how common this meme has become despite the fact that it is completely false. TCPA in no way dicates what code can run on the machine. The "security" it offers works in pretty much the reverse fashion. The TCPA BIOS hashes the bootloader and saves that hash in a secure place. That allows the bootloader to verify that it really did run first. The bootloader can then hash some portion of the OS, and then load and execute it. The OS can then verify that the boot process really was TCPA-BIOS->Correct bootloader->Unmodified OS. And more importantly, the OS can have the BIOS give it a cryptographic "proof" of this fact to hand to other programs or web sites.

What does this mean for Linux? Probably nothing. Linux could make use of this functionality, but my guess is it probably won't. The fact is that unless your code actually bothers to check the TCPA state of the machine, it just doesn't matter.

On the other hand, Palladium might make some things a little trickier. Since the bootloader is part of the TCPA chain of trust, it's highly unlikely that Palladium will be able to enter it's "secure" mode if you are using LILO or grub. So if you are somebody who actually dual-boots you will probably have to have an official Microsoft bootloader on /dev/hda and LILO or whatever on /dev/hda1 (for example) and have the Microsoft bootloader pass control to your Linux bootloader. Or just don't run Windows.

Could Microsoft abuse this to try to prevent users from dual booting? Sure. But they could easily prevent people from dual booting today if they wanted to. It's just that it would be such a blatantly anti-competetive move that even Microsoft would have a hard time pulling it off. They could refuse to boot thru LILO. They could complain and offer to "fix" any non-FAT or NTFS partitions at every boot. They could use browser version strings to control access to updates on their web site and bring DMCA charges against browsers which circumvent that by pretending to be IE. TCPA doesn't really make it easier to Microsoft to screw with people who dual boot. It's already trivial today!

Concerns re: Trusted Computing

[E1ven]

One of the most interesting posts I've seen regarding this subject was found at Microsoft.com

I'd love to hear how you'd address some of the points he brings up in the article.

In case the site goes down, or is changed, I've mirrored it at sq7.org/media/ms.html

Palladium is Not TCPA; TCPA is worse

[billstewart]

Palladium is a set of Microsoft software capabilities that lets application programmers content providers have some control over what the operating system will do with their stuff and lets Microsoft provide some control over what you can do with your Microsoft-Operating-System environment. If it wants to avoid hackers working around its limitations, it also needs some hardware support, but you only get Palladium if you install the corresponding Windows versions, and you only care if you've got data files that are in Palladium formats, like whatever music/movies format MS can negotiate. If you're a Linux user, you're used to this problem; nothing to see here, you can move along.

TCPA is a different issue - it's a set of BIOS features that will only let the machine start up if it's running a certified operating system configuration (which the hardware validates as unmodified), and a set of features that let an operating system and application programs check that the system is running in TCPA-approved mode (that's a bit similar to Palladium, but still fundamentally different), and a set of things that the system won't do if it's not running a certified system. Depending on which version of the spec and proposed followons you're reading and how aggressive the implementation is, there may be things that you'd like to do that you can't do on a non-certified system - like use the sound card, or maybe the _video_, or maybe it won't boot at all, or maybe it just won't let you load kernel modules, plus it obviously won't tell the software that you're running in Trust-Us mode if you're not.

Obviously, an aggressive implementation won't fly for many Linux users, but it may still be usable by Linux _consumers_. The best case is somewhat like having a car with the hood welded shut and a security system that disables it if you mess around; you can paint it any color you'd like, and put whatever you want in the trunk, but you can't start the engine unless your seatbelt's on and you blow in the breathalyzer (which is hard to reach when you're wearing your seatbelt, of course), and if you take the radio out, the radio won't work and the car won't let you put a different radio in, so the RIAA knows you're not playing MP3-CDs in your car, but at least it isn't always tuned to MS-NBC, though if you're playing a non-RIAA-certified CD, it only plays on the tinny little mono speaker in the dashboard, not the four-way tunable woofers or the heads-up display system, and if you do tune to a different radio station, it only uses the right-hand speaker if Rush Limbaugh is on, and only uses the left-hand speakers if it's National Public Radio, and I'm sorry but you can't play Free Radio Berkeley at all...