Slashdot Mirror

← Back to Stories (view on slashdot.org)

Dartmouth Project Combines Linux With TCPA

Posted by timothy on from the smoosh dept.

SiliconEntity writes "A new project from Dartmouth College demonstrates significant advances in combining Linux with TCPA. The software turns a Linux PC into a 'virtual secure coprocessor', which is able to check that none of its software is compromised and even (in a future version) prove its integrity to a remote system. Full GPL source code is available for the 2.4 kernel. This work is separate from the earlier IBM research which also combined Linux with TCPA, with the new project apparently more complete and with a road map towards a very functional Linux based trusted computing system. This could be an important technology for Linux to challenge Microsoft as it pushes forward with NGSCB (aka Palladium)."

2 of 227 comments (clear)

  1. actual secure coprocessor by !the!bad!fish! · · Score: 0, Redundant
    'virtual secure coprocessor'
    Where's an actual secure coprocessor?

    --
    Kids today are tyrants. They contradict their parent, gobble their food, and tyrannize their teachers. - Socrates 400 BC
  2. Re:I'm sorry but totally avoid TCPA by SiliconEntity · · Score: 0, Redundant

    The fact that you cannot read the key, and thus cannot simulate the TCPA machine on a different piece of hardware or with a software emulator, is only for DRM. I challenge you to come up with a single reason for this that is not equivalent to DRM.

    How about an online auction site that only wants to let people use approved clients, to prevent "sniping" and other unfriendly bidding prqactices?

    How about an online game site that doesn't want people to use cheating clients which allow them to see through walls, use auto-targetting and other features which are ruining so many online games?

    How about a P2P system which wants to make sure people are running legitimate clients that report accurate hashes of the songs available, to prevent the RIAA from salting networks with bogus songs?

    None of these are DRM, but they all require that people not be able to simulate or fake TCPA, because then they could run bogus clients which would not follow the rules. There are many good applications for setting up networks where you know that everyone is running "good" software and no one is cheating. This is an important capability provided by TCPA (and Palladium).