Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dartmouth Project Combines Linux With TCPA

Posted by timothy on from the smoosh dept.

SiliconEntity writes "A new project from Dartmouth College demonstrates significant advances in combining Linux with TCPA. The software turns a Linux PC into a 'virtual secure coprocessor', which is able to check that none of its software is compromised and even (in a future version) prove its integrity to a remote system. Full GPL source code is available for the 2.4 kernel. This work is separate from the earlier IBM research which also combined Linux with TCPA, with the new project apparently more complete and with a road map towards a very functional Linux based trusted computing system. This could be an important technology for Linux to challenge Microsoft as it pushes forward with NGSCB (aka Palladium)."

7 of 227 comments (clear)

  1. Re:Sweet by advocate_one · · Score: 4, Informative
    and it won't require special hardware either

    correction... just managed to get into the site... it will require a "Trusted Computing Module" on the motherboard.

    --
    Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
  2. Don't like pdfs? Here's the TCPA paper in HTML by flopsy+mopsalon · · Score: 4, Informative

    http://216.239.33.104/search?q=cache:nZrXhIU65ocJ: www.cs.dartmouth.edu/~sws/papers/msmw03.pdf:&hl=en &ie=UTF-8

  3. Difference between Palladium and TCPA by kompiluj · · Score: 5, Informative

    The difference between Palladium and TCPA (Trusted Computing Platform Architecture) may be not obvious at the technological level but it is very simple - TCPA aims at integrity of kernel and system components - to assure you that your system can be trusted. It is easy to achieve with open software, because the system must defend itself from attacs from outside. Palladium, on the other hand, uses similar technology to make sure that the user does not do anything else than what is allowed by content owners. In that case software openness is impossible - otherwise you could do some harm to their system - attacking from inside...

    So similar architecture from technical point of view - but different aims yield different results.

    --
    You can defy gravity... for a short time
  4. Re:The source code by kasperd · · Score: 4, Informative

    main() as it will infringe on SCO copyrights

    Luckily no important part of Linux uses that construct. It is mentioned a few times in the documentation and comments, but we can remove that without breaking anything. (Hint: Linux is a kernel, not a program.)

    --

    Do you care about the security of your wireless mouse?
  5. Re:The source code by sholden · · Score: 3, Informative

    Does it takes lots of efforts to be that stupid?

    $ find linux-2.6.0-test5 -name '*.c' | xargs grep '^int main('
    linux-2.6.0-test5/drivers/scsi/aic7xxx/aic asm/aica sm.c:int main(int argc, char *argv[]);
    linux-2.6.0-test5/drivers/atm/fore200e_ mkfirm.c:in t main(int argc, char** argv)
    linux-2.6.0-test5/arch/i386/boot98/tools/bu ild.c:i nt main(int argc, char ** argv)
    linux-2.6.0-test5/arch/i386/boot/tools/buil d.c:int main(int argc, char ** argv)
    linux-2.6.0-test5/arch/sparc/boot/piggyback .c:int main(int argc,char **argv)
    linux-2.6.0-test5/arch/sparc/boot/btfixup prep.c:in t main(int argc,char **argv)
    linux-2.6.0-test5/arch/sparc64/boot/piggy back.c:in t main(int argc,char **argv)
    linux-2.6.0-test5/arch/um/kernel/skas/uti l/mk_ptre gs.c:int main(int argc, char **argv)
    linux-2.6.0-test5/arch/um/sys-i386/util/m k_thread_ kern.c:int main(int argc, char **argv)
    linux-2.6.0-test5/arch/um/sys-i386/util/m k_sc.c:in t main(int argc, char **argv)
    linux-2.6.0-test5/arch/um/util/mk_constan ts_kern.c :int main(int argc, char **argv)
    linux-2.6.0-test5/arch/um/util/mk_task_ke rn.c:int main(int argc, char **argv)
    linux-2.6.0-test5/arch/um/main.c:int main(int argc, char **argv, char **envp)
    linux-2.6.0-test5/arch/mips/boot/elf2ecof f.c:int main(int argc, char *argv[])
    linux-2.6.0-test5/arch/cris/arch-v10/ker nel/asm-of fsets.c:int main(void)
    linux-2.6.0-test5/arch/cris/arch-v10/b oot/tools/bu ild.c:int main(int argc, char ** argv)
    linux-2.6.0-test5/arch/m68knommu/kernel/asm -offset s.c:int main(void)
    linux-2.6.0-test5/arch/arm26/boot/comp ressed/misc. c:int main()
    linux-2.6.0-test5/arch/arm26/kernel/asm-of fsets.c: int main(void)
    linux-2.6.0-test5/arch/m68k/kernel/m68 k_defs.c:int main(void)
    linux-2.6.0-test5/arch/m68k/tools/amig a/dmesg.c:in t main(int argc, char *argv[])
    linux-2.6.0-test5/arch/ppc/boot/prep/dum my.c:int main(void)
    linux-2.6.0-test5/arch/ppc/boot/openfi rmware/dummy .c:int main(void)
    linux-2.6.0-test5/arch/ppc/boot/simple /dummy.c:int main(void)
    linux-2.6.0-test5/arch/ppc/boot/utils/ addSystemMap .c:int main(int argc, char **argv)
    linux-2.6.0-test5/arch/ppc/boot/utils/add RamDisk.c :int main(int argc, char **argv)
    linux-2.6.0-test5/arch/ppc/boot/utils/mkb ugboot.c: int main(int argc, char *argv[])
    linux-2.6.0-test5/arch/ppc/boot/utils/mk prep.c:int main(int argc, char *argv[])
    linux-2.6.0-test5/arch/ppc/boot/utils/mk tree.c:int main(int argc, char *argv[])
    linux-2.6.0-test5/arch/ppc/boot/utils/ad dnote.c:in t main(int ac, char **av)
    linux-2.6.0-test5/arch/ppc/boot/utils/mknot e.c:int main(void)
    linux-2.6.0-test5/arch/ppc/kernel/find _name.c:int main(int argc, char **argv)
    linux-2.6.0-test5/arch/ppc64/kernel/asm-o ffsets.c: int main(void)
    linux-2.6.0-test5/arch/ppc64/boot/pigg yback.c:int main(int argc, char *argv[])
    linux-2.6.0-test5/arch/ppc64/boot/addSys temMap.c:i nt main(int argc, char **argv)
    linux-2.6.0-test5/arch/ppc64/boot/addRamD isk.c:int main(int argc, char **argv)
    linux-2.6.0-test5/arch/ppc64/boot/mknote. c:int main(void)
    linux-2.6.0-test5/arch/arm/kernel/asm- offsets.c:in t main(void)
    linux-2.6.0-test5/arch/arm/boot/compre ssed/misc.c: int main()
    linux-2.6.0-test5/arch/parisc/kernel/asm-o ffsets.c

  6. I'm sorry but totally avoid TCPA by FeatureBug · · Score: 5, Informative

    You cannot copy the keys inside TCPA hardware. I'll explain what this means (if you don't like reading about technicalities, just skip to the final paragraph)

    Every time you buy a new PC with TCPA you will not be able to copy the old TCPA keys on your old PC to your new PC. This means you will completely lose access to your videos and your music which you legally purchased and used on your old PC. Effectively you have to buy another set of keys to regain access to your videos and your music collections.

    TCPA and other DRM technologies are being pushed by the publishing industry and hardware manufacturers like IBM who want to sell more of their hardware equipped with DRM to make it attractive to commercial content locked-down publications.

    TCPA means LOCK-down, LOCK-out, LOCK-up enabler. Avoid getting anything with TCPA.

    --
    Why oil price increase equals economic trouble (Score: Interesti
    1. Re:I'm sorry but totally avoid TCPA by omen · · Score: 3, Informative
      TCPA means LOCK-down, LOCK-out, LOCK-up enabler. Avoid getting anything with TCPA.

      [ Disclaimer, I'm one of the primary developers. ]

      Score: -3 Mis-informative

      You are assuming that TCPA is being used to enforce DRM, and that that is the only valid use of TCPA. Have you looked at what we have done? We are using TCPA, but not for DRM. We are providing a way for the admin to use TCPA to help secure their computer against outside attack. Again, check out the IBM white papers: http://www.research.ibm.com/gsal/tcpa/.

      Omen