Slashdot Mirror
IBM On Trusted Computing, Linux
An anonymous reader writes "A number of IBM's computers have been available with an "embedded security subsystem (ESS)" for some time now. This site lists three research papers regarding the new TCPA (Trusted Computing Platform Initiative) security chip developed by IBM, including the full GPL-ed source code to a Linux driver for this chip. In particular, the 'Why TCPA?' paper claims that IBM's TCPA chip is in fact of extremely limited use for DRM, as it contains no tamper resistance; the chip is designed to fend off software attacks, not physical attacks. An interesting take from a company with very solid products."
Unfortunately, It's not that simple.
There are two possibilities:
M$ software will only run on Trusted Computers.
RIAA music will only play on Trusted Computers.
MPAA(?) movies will only play on Trusted Computers.
M$ & Friends will pressure other software companies to require Trusted Computers, under the name of Security or Reliability or Legal-clarity.
Option two is that non-Trusted computers could be made illegal, there is a draft of a proposal to make this law in USA. Will it happen? The RIAA, M$, and MPAA will claim it's necessary to prevent the growing "piracy" trend.
If you do have the option of buying a general computer, you may find it's not much use. And if you put up with that, don't expect Joe Public to stand with you in solidarity, he'll be too busy bopping away to his new "enhanced" Hooty and the Blowfish CD.
Ciaran O'Riordan
Expert in software patents or patent law? Contribute to the ESP wiki!
MPAA(?) movies will only play on Trusted Computers.
You forgot "the first time" at the end of each of those sentences :).
(Now gov't mandating of TCPA hw/sw is some seriously dangerous shit. Let's keep way away from there).
"Trust the computer. The computer is your friend." :)
- bumpersticker seen on car in Microsoft parking lot
These are absolutely terrific articles. Their distribution of an open source TCPA linux module satisfies a lot of concerns and questions many of us had about TCPA in a concrete and specific manner.
One concern still exists: that DRM and Palladium will be used to create a "mainstream" set of M$ applications which give people the illusion of security, while concentrating most of the information and control in the hands of the few.
The most important step people in the open source community can take next are to get a system with a TCPA chip and start developing drivers, firewall systems, proxies and applications that make good solid use of the technology: tsshd, tsquid, tsftp, thttpsd, tbsd, toggd, tnamed, texim, tkonq...
i HATE what you just said...
beacuse i know its true
how many people do we all know who rushed to get windows media player 9. True example 1 "But tim - it gives them the right to delete all your Mp3's"
"Yeah but they wouldnt do that would they - and anyway it has new flashy effects".
True example 2 "But sam it is full of DRM and adds DRM to all your ripped tracks" -
"Yeah but you can switch it off - look there's an option"
"And if you beleive that then bill gates is my drinking buddy"
Slashdot - The one stop shop for procrastination
Ignore any threat of the local attack, the remote attack is the important one.
Watch out with that line of thinking... The ideal system has reasonable internal security as well. If a disgruntled employee can get access to these public/private key pairs, you're worse off than before, because you still maintain the illusion of security.
... let's just, for a moment, cast aside paranoid suspicion (and I'm a paranoid & suspicious chap!). IFF these papers are correct TCPA is an encrypted storage location with some extra logic. In this location the user can store ~/.ssh/*.key and make shure the application interacting with the logic isn't sniffing the un-encrypted stream to some remote location. This NEEDS to be embedded in the BIOS to prevent kernel backdooring and simply embeds chain of trust throughout the hardware. I'd like to see this chip bussed to a smartcard to authenticate private root keys to a hashed ssh-agent binary (whether roaming on different PCs or on my own WS...)
I'm also shure that MediaPlayer 10 will be DRMd to the marrow but take note that in the past ridiculously encumbered online music services went titsup in no time while more reasonable services (Apple) seem to strke a balance.
In the past ID tracking such as the PentiumIII ID were dealt with properly so I don't think abuses would be tolerated. People always enjoys the empowering thought of having the option to take a free ride and imposing a "police" computer would vastly outrage the consumer base.
So long as the control on the hadware keys is left to the users I agree with this particular spin from IBM; it's just a secure smartcard system.
It still CAN be extended to require encryption and trust all the way to the DVI interface but that I think would require a heck of a business infrastructure to implement, maintain and persuasion effort.
And given IBM's perspective there's no interest in the user base to proceed in further HW lockdown... all WE would do is to sign on OUR terms a kernel build and that's it; once that's in place, the chip will process OUR keys in OUR best interest... and if some pigopolist wants force something down our throat their business model will fail (as it has repeatedly done).
I'd go for it, just for the sake of my ssh/gpg keyring, and in the future credit card numbers... do you trust an ecommerce site asking to handle it for you?)
Mi domando chi à il mandante di tutte le cazzate che faccio - Altan
There ability to be attach locally is like cable modems firmware chips. Descused on CableModemHack.com (A website of tools to uncap your cable modem), an effort to replace the firmware locally is underway for a lot of models of cable modems. It seems that cable modems are wonderful against software attacks, but very open to hardware attacks.
Hardware attacks, I guess, are not a common senerio that hardware designers really think much about.
No.
Is there a private key that third parties know that it is impossible for the owner of the computer to know?
The paper makes it sound like all key pairs are either randomly generated or that the chip can be fed a public key. However it is a bit vague, and I suspect the answer is that there are also non-random pairs in there, where third parties know the private key but you don't. They skirt around this by saying "Bios startup is quite complex" but I think the real answer is that there unless hashes have matched up to a point these secret public keys are inaccessible.
This system is absolutely useless for security as all exploits actually cause supposedly correct programs to follow the wrong instructions. This is like claiming current systems are secure because you cannot change the microcode and invent new machine instructions. It's purpose is so that it is impossible to get any kind of modified or different operating system in there, and still be able to run DRM programs, which could decode information using the secret key.
The fact that IBM and everybody else has refused to answer this question (I think the answer here was skirted around with some bullshit about the "BIOS startup being quite complex") makes me think they are lying.
The fact that having a high-speed encryption chip is quite useful is being used to hide the real purpose. Do you really think the same people who think Winmodems are a good idea are that interested in adding hardware just to speed up a function that can be done in software?
They also make a point about the random key generation, which is interesting, because it keeps the private key completely in the hardware where no program can see it and thus be fooled to reveal it. However I am curious if this is actually a defense against any real exploits. I have not heard of exploits that involve revealing the private key of a previously-negotiated pair, most involve fooling the system into doing something unwanted through an already opened and legitimate channel, or fooling it into using another public key that the attacker already knows the private one for. Can any experts find any real exploits where a temporary and untransmitted private key was revealed? If not then I would also suspect this is a smoke-screen, attempting to turn the fact that the chip has secret keys into a benefit. I would also think that 99% of the benifit, if any, could be achieved by loading the chip with a random pair and then making sure the program has eradicated all knowledge of the pair. There have been expoits in weak random number generators, and in this case the random number generator is in hardware and no longer easily fixed.
and even the fact that you can generate key pairs
I think there is a communication problem here. The article used "remote" to mean not-in-hardware; i.e., all software. It didn't mean just over the network.
An employee can get to the keys, but only by hacking the hardware. A possibility (as clearly explained in the articles), but not likely. It's also questionable when getting these keys would _do_; they only seem useful for the single machine itself. And I'd presume a good admin would clear/reset any keys if the machine is transfered to another employee.
I will NOT use any system that involves FORCED TCPA, DRM, Fritz or any implementation of M$ code, embeded OS, hidden serial numbers, or any other Big Brother features.
You people can use all that stuff you like, I will not.
And when they finally force people to use it, in that you can not connect to other systems that DO use it unless you too use it, then that's when I become a total luddite and will just go live in the woods and live off the land...
This whole thing stinks and no one can convince me otherwise...