Slashdot Mirror
Dartmouth Project Combines Linux With TCPA
SiliconEntity writes "A new project from Dartmouth College demonstrates significant advances in combining Linux with TCPA. The software turns a Linux PC into a 'virtual secure coprocessor', which is able to check that none of its software is compromised and even (in a future version) prove its integrity to a remote system. Full GPL source code is available for the 2.4 kernel.
This work is separate from the earlier IBM research which also combined Linux with TCPA, with the new project apparently more complete and with a road map towards a very functional Linux based trusted computing system. This could be an important technology for Linux to challenge Microsoft as it pushes forward with NGSCB (aka Palladium)."
I think you'll find Linux will have it well before MSFT does... and it'll work... and it won't require special hardware either. And you'll be able to double check the source code instead of having to take it on trust...
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
>Full GPL source code is available for the 2.4 kernel
Please make sure that all the efforts are undertaken to remove any references to the construct 'main()' as it will infringe on SCO copyrights
Desi Noise, Live!
From the PDF :
The exact relation between TCPA and the former Palladium is not clear; one suspects that at some point in the TCPA design process, Microsoft decided to withdraw and build their own variant.
This probably means the two technologies will not be compatible with eachother, files created under one will not be able to be opened under the other.
correction... just managed to get into the site... it will require a "Trusted Computing Module" on the motherboard.
Donald 'Duck' Dunn: We had a band powerful enough to turn goat piss into gasoline.
The TCPA is a comitee and is not something that belongs to Microsoft, although they are part of this comitee. IBM are also working on a TCPA technology. Palladium, or whatever it is called now, is perhaps the most "famous", but definately not the only one.
http://216.239.33.104/search?q=cache:nZrXhIU65ocJ: www.cs.dartmouth.edu/~sws/papers/msmw03.pdf:&hl=en &ie=UTF-8
Sounds like just the thing I need. That hacked together script that I currently use to md5sum all my important system binaries + files and verify them against the Known Goods database every 2 minutes is going out the window along with chkrootkit just as soon as I can go over every LOC with an STM and run this fine piece of software. Thanks be to you my fellow linux-users, I have finally found people who wear more layers of foil on their heads than I.
Anti-social? My code is just platform-specific.
The difference between Palladium and TCPA (Trusted Computing Platform Architecture) may be not obvious at the technological level but it is very simple - TCPA aims at integrity of kernel and system components - to assure you that your system can be trusted. It is easy to achieve with open software, because the system must defend itself from attacs from outside. Palladium, on the other hand, uses similar technology to make sure that the user does not do anything else than what is allowed by content owners. In that case software openness is impossible - otherwise you could do some harm to their system - attacking from inside...
So similar architecture from technical point of view - but different aims yield different results.
You can defy gravity... for a short time
We want to fight Palladium by fighting acceptance of the idea that the computer should control the user and how he can access the data on his own machine, NOT by developing something functionally equivalent that happens to run under Linux.
Building a DRM system of our own, even if it is open and standards based, just strengthens the paradigm that will leed to an Internet where no data can be accessed as plaintext, applications that are allowed read data have to be accepted and certified by the media industry, and computers exist no longer to enable, but to control, their users.
Please protest against Palladium, TCPA, and all the other DRM proposals by refusing to have anything to do with them: not by strengthening their hand.
(And before somebody replies that TCPA isn't about DRM: Bullshit! Look up what an "endorsement key" is in the TCPA vocabulary.)
Who will be the first to start selling mod chips for pc computers?
I love this bit from the microsoft ngscb pagen "Data can be protected with a secure pathway from the keyboard through the computer to the monitor screen, preventing it from being secretly intercepted or spied on" Yeah like this is a major security problem with current day computing. I've always wondered if my information is secure between my keyboard and the monitor :)
Its the end of the world as we know it...
(I could have typed more, but then I would probably owe RIAA 150.000$ per slashdot user who read this)
(all 5 of them since I have a bad karma)
// instant - "I for one welcome our new Decaff Coffee-Flavoured-Coffee Overlords"
Think about this for a moment before you call me a troll, mark this post as flamebait, or bash me for being a MS supporter on the issue. It's not funny, it's serious.
Palladium/TCPA is a security measure, not just a DRM platform. Enabling DRM is impossible in the sense that DRM doesn't cover the analog hole. As long as people have the ability to reproduce video and audio, DRM will only prevent people who do not have other recording mechanisms from copying raw data. Digital cameras get cheaper each day. Multimedia devices are falling in price and becoming higher quality every day. Today I saw a $50 DVD/CD/MP3 player. Star Trek like systems will be here before most of us die of cancer.
Now lets get back to our topic. Security. Palladium. The thing which Palladium prevents is unsigned code from executing. It's literally a form of sandbox for x86 code. Say that you write a program which attempts to install itself into my system registry and that installer mechanism isn't signed, my computer can prevent you from installing software on it. Of course, if I (as the user of the machine) am given the choice, and let you install the software anyway, knowing it is unsigned, then at least I can share the blame for the insecurity.
Bill Gates is no stupid man. It is right that these systems are systems based on trust. If you don't trust Microsoft, it doesn't work. If the magic key-granting-key for granting root keys is ever discovered or hacked at Microsoft headquarters in Redmond, then the game is over. Of course, in the Linux world, that magic key is somewhere else. Maybe there is a new key for each distribution.
Now, I'm not saying that this system doesn't have potential for being abused. If I sign my worm for Red Hat Linux, then the protection system is useless. Worms might still be able to get inside via the older flawed software. Microsoft needs legacy applications to continue its business. The reason that MS owns so much of the computer market is that it had so much of the application share before and it didn't ruin feature compatibility with newer versions, among MS apps and with 3rd parties that were important.
The initial hole in Palladium is the same hole in DRM: In order for it to be successful, it has to work. DRM doesn't work (analog hole, memory and simulation based attacks), and Palladium may make a huge dent in internet worms, but it won't stop Macro Viruses or prevent IE from popping up new windows.
Palladium is one step in the right direction: locking down the OS to only perform installs of "trusted"/signed software. There are several other serious security measures which need to be taken:
1) Buffer Overflow prevention
2) Unsigned Device Driver prevention, and strict certification of Device Drivers
3) Lock-Down of all user and administration activities into appropriate accounts
4) Making all of the above trivial to set up for a newbie
Microsoft isn't much farther along than Linux in any of these areas, but Linux won't gain any momentum among novice users if it doesn't improve in ease of use. The next 4 years should be very interesting in the software market. The industry has matured a great deal recently after its adolescence period/dot com crash.
The long term problem with IBM's model of the TCPA is exactly the same with that of clipper chip encryption, the owner of the PC does NOT control the attestation master keys. This leads to the same escrow agent model which is far to open to exploitation by The New American Corporate Soviet.
You cannot copy the keys inside TCPA hardware. I'll explain what this means (if you don't like reading about technicalities, just skip to the final paragraph)
Every time you buy a new PC with TCPA you will not be able to copy the old TCPA keys on your old PC to your new PC. This means you will completely lose access to your videos and your music which you legally purchased and used on your old PC. Effectively you have to buy another set of keys to regain access to your videos and your music collections.
TCPA and other DRM technologies are being pushed by the publishing industry and hardware manufacturers like IBM who want to sell more of their hardware equipped with DRM to make it attractive to commercial content locked-down publications.
TCPA means LOCK-down, LOCK-out, LOCK-up enabler. Avoid getting anything with TCPA.
Why oil price increase equals economic trouble (Score: Interesti
Couldn't this be defeated by running a Pentium-with-palladium emulator. It would implment all the normal instructions (like add, jmp, etc) properly, it would handle the authentication instructions by always saying yes, and it would handle encryption and decryption opcods with noops. For the icing on the cake, it could log all keys sent to it to /var/www/html/keys.txt.
You would start with a freshly formatted harddrive (prefferably non-DRM crippled, but as long as it can run Linux and your emulator, it's fine) and install Linux on it. Then you would install your Pentium emulator with fake DRM support (a bit like Wine). Then you would install your Windows-with-DRM through the emulator. All the DRM software wouldn't know the difference.
Assuming that a DRM system will allow unsigned code to run (and just stop you from modifying/copying signed data), this will allow crackers and rippers to make perfectly functional non-DRM programs and media files that will run on normal (DRM-crippled) systems, and if not, then there will be a HUGE incentive to get uncrippled machines, much like mod chips for game consoles.
The TPM is a hardware component that implements the security model. It so happens that this exists on a bunch of modern IBM laptops. It is disabled by default.
Background: The TPM contains a number of PCRs. These are (roughly) hashes of bits of code -- the BIOS, the bootloader, the kernel, etc. The TPM also contains a private/public key pair which is generated when you reinitialize the TPM (i.e. the private key is not known to anybody).
The TPM can be used to encrypt a blob of data using the private key. It can also mark the encrypted blob such that it will only decrypt it if (some set of) the PCRs have the *same* value.
What is this good for?
This means that you can tell if your kernel has been modified in a very secure way. If your application is stored encrypted on disk, then you can ask the TPM to decrypt it (probably you just ask it for the key). It will only perform this operation *if* the boot process was the same as when the application was setup.
It means that someone with a boot floppy cannot get to your data (different boot process). You could also arrange to have the data protected from single-user mode.
However, there is a downside -- upgrading the OS becomes really tricky!
Are there any websites that offer high quality streaming video? Or even high quality downloadable movies? How about high quality MP3s? Anything at all the publishers are offering "legally" in a format of higher quality than I have been getting (for years) absolutely free via USENET?
How about plain ol' "information" websites? Hmmm... let's see. Geocities might be a good example. No streaming video (big deal) but they host tens of thousands of home pages. So does AOL. So let's say they decided to use this Palladium-Longhorny stuff to keep their "members pages" available only to those willing to use their client software.
Uhhhh... so what? I can't recall the last time I visited a geocities page (much less an AOL members page), and I'm pretty sure if I go over the proxy logs I'll not find anything more than a few "404" pages with their name on'em. Yahoo? I used to read a couple of their groups, but they're gonna send spam to you one way or another so I quit that long ago. There's just as much content in usenet, and I get to call the shots.
See? This doomsday scenario really isn't much different than what we have now - it's just more of the same but with encryption. I really don't give a shit if universal wants to put their movies online and lock them away behind MS-centric operating systems, because I wouldn't use the service even if they slapped a Penguin on the door and made the "movie viewer" part of the RH12 base distribution. I wouldn't use it because a) I don't have broadband and b) if I want my own copy of a movie I will rent the DVD and rip it myself, or do a sneakernet trade for a copy from someone I trust to do a good job of it.
"Content providers" will lock away only as much as is economically viable. If there's no money in it, they won't lock any of it away. But right now they have it all "locked" away (at least as much as they are able). So what does any of this "evil" new technology change?
Having a system I can trust even if it's hanging out on a raw IP is a very good thing. If the tradeoff I have to accept is that Universal will use the same technology to sell movies to people with plenty of disposable income, more power to'em.
TCPA needs an agreed-upon, standard microkernel around which different OSes could be built. A whole bunch of new open source OSes and, yes, new Microsoft OSes. This microkernel would be developed by an independent body and signed by DRM-loving vendors. Because it would be very small, and change very rarely, there should be little problem with it. Yes, end-users won't be able to modify it; that's the price one pays. They won't want to do it very much because the microkernel provides very little functionality.
Hardware vendors would release drivers for their wares that would work with this microkernel. These drivers would be otherwise OS-independent and would include decryptors and decoders needed for playing content. The vendors would get their drivers signed, too. (And open-source OSes will get closed-source drivers for free: a nice bonus!)
The rest of the OS and the entire universe of user apps would need not be trusted at all. They would run in user space and be totally unprivileged.
So I think open-source people should approach TCPA and offer to work together along these lines. There's nothing to lose, and much to gain, so why not at least try it?
[ Disclaimer, I'm one of the primary developers. ]
That is blatantly not true. Whoever does the "Take Ownership" command of the TPM controls the master key. In the case of the Enforcer, the admin is the one that owns the TPM.
Omen
2. Has the kernel module loading facility been disabled?
No, but it verifies that any modules have also been signed before loading them. (Alternatively, the superuser could force an untrusted module to be loaded, but this will taint the whole kernel and it will lose the ability to open protected files until you reboot)
1. Its open source. You must (by requirements of the GPL) be given everything you need to compile a derivitive work of this.
The currently prevaling legal interpretation (shared by Linus Torvalds amoung others) is that the signing key cannot be construed as part of the source code. Source code is human-readable description of what software does. A key is just 1024 bits of random noise.
The argument is that the GPL requires people to give you the source code to a program; they don't have to buy you the hardware needed to run it.
Suppose you buy a Playstation5 from Sony and request the kernel code under GPL. If you compile the kernel without having the key, you've got a working kernel. The hardware you own won't load it, but that's not Sony's problem. If you sign a pile of NDAs and supply a check for $65000, Sony will rent you one of the same developer-class machines their own programmers use to write games. That system will load unsigned code, although you've sworn in blood not to abuse that great priviledge.
I would rather that this legal interpretation doesn't hold, as it perverts the intent of GNU "Free Software", but it hasn't been seriously challenged yet.