Slashdot Mirror
Trusted Computing Rollout Hits the Desktop
Alsee writes "Previously appearing in a few rare laptops, ExtremeTech reports on the first major computer manufacturer making a full scale Trusted Computing rollout. Samsung will now install the Phoenix Core Managed Environment (cME) BIOS in every computer they make. Previous Slashdot reports on this BIOS include Phoenix Bios to Incorporate DRM and Microsoft Taking Over the BIOS."
How long do you think before this hardware gets hacked?
I would bet on 3 months.
Save your wrists today - switch to Dvorak
Fujitsu, however, chose to install the FirstWare Vault software designed by Phoenix, a trusted application designed by the company. FirstWare Vault also creates a hidden partition on the hard drive. However, Fujitsu used it to store a backup copy of the OS, in case the user needed to reinstall. Fujitsu's strategy will eliminate the need to ship the OS "reinstall" disks that have begun to ship in today's PCs. The disks don't contain a full version of the OS, but just the files needed to reinstall it in case of an error. By hiding that reinstall software on a protected partition, the company saved itself the costs of distributing the media, Fujitsu said. Wouldn't this take up quite a hefty chunk of hard drive space? I mean, it says 'doesn't contain a full version,' but wouldn't this still be quite a bit? I'm not sure I want other people making those kinds of decisions for me.
First I have to mod my XBOX, and now my laptop. When will it end?
The problem with most "trusted computing" proposals so far is that "trusted" is an accurate description of them. It's just an imcomplete description. They aren't about insuring that you, the owner of the computer, can trust the computer or the software on it. They're about insuring that third parties (such as Microsoft, HP, etc.) can trust your computer to do what they tell it to do. The proponents omit that part because they know all too well that if they did say all of what they meant that the average consumer would scream bloody murder and refuse to have anything to do with it.
CMDRTACO CHECK YOUR EMAIL!
IBM has had thinkpads containing TCPA chips for years! On top of that, they provide a Linux driver for it on their website!
Just remember:
The trust is them in you, not the other way around.
I still have my soldering iron, copper sheet, etc.
Time for 8k computers : P
If I remember correctly doesnt the Record Industry have to label "protected" CDs?
Would be a good idea if these PC manufacturers labeled their PCs as using BIOS DRM.
That way an informed consumer can make a choice whether or not they want DRM on their system.
Just a thought.
.... ... }
int main (void) {
We're all going to be surfing the net with a government approved "conduct officer" standing behind us.
Okay, how about a more rational question: Will the drivers for this thing be OSS, or at least open enough to run Linux w/o violating the DMCA in the process?
Quo usque tandem abutere, Nimbus, patientia nostra?
my windows 98 laptop has a backup of windows on it. this is nothing new at all (except that it's in a "hidden" HD partition).
sulli
RTFJ.
Good thing I build all my computers from components recycled from the dumpster bay at Texas Instruments in Austin.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
So this is the dawn of the Unpersonal Computer? One that hides things from it's users and gives control to other people.
Screw that idea!
...or treat this as impetus to finally make the switch to Apple-based computing.
Vote with your dollars, folks.--rc
I just refuse to believe that the Trusted Computer Initiative will deliver more secure computing.
The XBOX was an attempt at some kind of DRM and it got hacked to pieces because DRM is just impossible. Plus the fact that Microsoft write overly complicated software with bad tools and bad programmers.
But Microsoft bashing aside, they aint alone. I don't think there is any company or organisation capable of deliverying decent computer security at the moment.
The tools do not yet exist to manage projects containing millions of lines of code in a way that won't introduce security flaws.
Si.
Problem solved.
It will never work until program encapsulation is implemented in the ISA. These silly software switches will be easily circumvented.
Repeal the DMCA!
FirstWare Vault also creates a hidden partition on the hard drive.
I wonder if it is possible to delete the partition if someone actually wanted to? I guess not from what it says. Also, Can Linux be run on these with out a hacked BIOS?
Fly me to the moon Let me sing among those stars Let me see what spring is like On jupiter and mars
As soon as "Trusted Computing" and DRM hit "real" levels in hardware at the computer store I'll then buy a couple of the fastest machines without it.
;)
With double the parts I figure it would last around 5 years as most computers I have last that long before anything breaks down. I'd expect at that point in time at least 5000 (pr rating or MHz take your pick) models will be available then. That is all I need quite frankly to last me a loooooong time.
If I ever do need new hardware, I'll turn to Apple. If they too have fallen in, then I'll turn to Sun hardware. Nothing wrong with NetBSD on a Sparc machine
please nip this in the bud
Spread the word: DO NOT BUY THEM
send a clear message of dollars (or lack of them) that we do not want "BIG BROTHER INSIDE"
Everyone, listen up! We are headed to Apple! Throw your notebooks and laptops away, pick up a iBook to your left. Thank you.
Besides anti-MS statements and rhetoric about DRM, can someone actually tell me how this will affect what I can do with my computer?
I always save my last mod point to mod up a good troll. You people are too serious.
What really worries me is the unannounced DRM / Trusted Computing BIOS boards that will be coming out. Since this is an anti-consumer feature, and the BIOS companies know it, they don't want to impede their rollout with a consumer backlash.
I recall something about one of the Phoenix guys saying that the consumer was not their customer, the media companies were. DRM put directly into the BIOS, with no option to get a motherboard without it is going to be a real issue. Reminds me of when all the local banks in my area added thumbprint for check cashing on the same day. You couldn't bring your business elsewhere because they all did it.
So wants to start up a BIOS company?
OK guys, I think the time is come to buy one last decent computer before this whole TPC-NGSCB-hell breaks loose...
In general, I think that most /.ers would agree that invasive DRM practices are not a Good Thing(tm), but I wonder how the general public will see these initiatives, if at all. I think that either of two things will happen:
People inexperienced with computers will see the nice friendly keywords like 'safe' and 'trusted', and favor these products out of fear, which is obviously what the manufacturers want.
Alternatively, Joe User, who neither knows nor cares about security will simply ignore such concerns as fine print, since any kind of technical explanation is of no interest.
Unfortunately, I think the principal outcome may be that, like it or not, these Trusted Computing initiatives may propagate, either from adoption by fearful masses, or simply by sliding under the average consumer's radar.
the dawn of the BBC (Big Brother Computer) ;)
The cesspool just got a check and balance.
You could always blindly elect not to support the companies that are locking you out of the BIOS and other DRM technologies. Or look into what they are trying to accomplish.
As a Sysadmin for a corperation these kind of tools are great, but as a power user I wouldn't want this at home. There will always be vendors that provide parts for the tinkerer. They might be at a premium due to low volume sales, but them's the breaks.
Post: Sigged, for your pleasure.
It uses a hidden partition that can be easily defeated by going back to all floppy-based operating systems. They were so stupid to have missed that one.
That's the ONLY way to stop these things, is to band together and NOT buy them.
If Microsoft end up having to use their own money to buy these like they are doing buying up SCO stock, in the end we'll have defeated an insidious threat and led MS to bankruptcy.
Win-win!
I don't know the meaning of the word 'don't' - J
There may soon be a market for untrusted computers among terrorists and patriots.
...and consumers will buy it because it's a "feature". This wonderful new "trusted computing" will give you access to all sorts of places, simply because we're not going to offer access to anyone else. See?
Kjella
Live today, because you never know what tomorrow brings
Perhaps at first it will work with Linux, but it is obvious that "Trusted Computing" aims to do two things: eliminate software/media piracy, and eliminate competition against Microsoft. Period.
Case in point : DIVX.
It wouldn't hurt for slashdotters to educate people when the chance comes up. To be effective, try to be informed, not shrill.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Assuming it's the bios stopping you from nuking the partition, just pull the drive and put it in a box with free (as in speech) BIOS.
Gee, software security falls to physical attack. Who woulda thunk it.
All praise the mighty screwdriver, defender of freedom!
Why this is going in the BIOS beats me since most modern OSs (certainly linux) and even windows use the bios as something to boorstrap their boot
loader whether it be LILO or NT loader. After that the bios is bumped out of memory and ignored. Windows may well use portions of this BIOS if it suits MS but linux and other
OSs can just happily ignore it and nothing will change. Or have I missed something?
I would like to see whether this is, indeed, trusted computing. The article was somewhat vague in some ways. If it is the full-fledged hardware portion of the Pallidium initiative, as part of the article implies, it's very, very bad. If, instead, it's a way to save money on a system restore disk by having the hardware hide a portion of the hard drive from normal software, it's annoying, but probably fine, depending on how it is done (if there's a PKI, that's bad, but if it's just read-only, that's fine).
If trusted computers do appear in your area, I would suggest the following strategy for making them go away:
This assumes the companies have a 30-day no-questions-ask return policy (which is usually the case). You can even say that the "trusted" computing was the reason you returned it. Once they start losing tons of money, it'll go the way of DiVX (not the codec -- the old DVD standard which needed to call home to get authorization). It was pushed by Circuit City, which had a ton of people do this to them, so they introduced restocking fees, and lost a lot of customers who knew nothing about DiVX. Eventually, Circuit City backed off the DiVX thing.
If you want to be illegal (which I don't recommend), some people have a modified scheme:
This costs them a heck of a lot more, and gets around the place of returns without restocking fee. If you need to buy a DRMed product, you can also use this to make sure the company pays the manufacturing costs for 2 of 'em instead of one, and loses money on the sale. It is, however, illegal, and probably unethical.
who the hell would buy a Samsung computer anyway?
I was gonna buy a Samsung monitor, DVD drive and floppy drive. Now i'll be getting a Phillips, Lite-On and oem brand. Let them know with your wallets people.
"Sic Semper Tyrannosaurus Rex."
This is Bob Barker reminding you to help control the spam population and have your operating system spayed or neutered. (patch patch patch!)
-- I'm not a pessimist, I'm a realist. It's not my fault that life sucks so much. --
Anyone really think "Trust Us Computing" won't be any different!
Hey, that's a good phrase:
Trust Us Computing!!!
I think Microsoft and Sony are locked in a struggle right now (hence the XBOX, Microsoft's shot accross Sony's bow), so I can't see Sony going along with this.
All the creatures will die, And all the things will be broken. That's the law of samurai. (Jubai, 1605)
No more computers from Samsung...er..wait...when did Samsung start making computers???
I guess they think that didn't work out too good for them, and are wanting to try something new. Let's all hope that "something new" turns out to be "chapter 11".
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
Got it 2 weeks ago while travelling to South Korea. The Samsung desktop was pretty heavy to handle in the return trip, but I think it was worth the trouble. Now I have a computer that can only run the software that Microsoft allows, so no viruses or open source suspicious code will run on it. This feature is what I was waiting for. Now I won't need to run antiviruses and firewalls just to make my computer safe, while taking over resources from other applications. I wonder if Linux will be able to copy this feature, or if its developers will steal code as they did with SCO.
ever use one of these machines at home. Flat out I don't agree with it. It would be the equivilent of car makers telling me what I could do with my engine, or what kind of tires I could put on it. Then enforing that by saying if I don't my car won't run.
I don't think that the majority of business will look at this situation and care, and even *IF* consumers reject it, I think that we will see it in the work place is some form at some point, however we didn't *really* have control over our workstations anyway. If my company chooses to give control of my workstation to Microsoft (or anyone else), I guess that is their choice.
However one of these machines has no place in my home. I thinks its a bad idea, but I'm not sure that people will see it (buisness minds anyway) until its too late.
-Adam C. Greenfield
IIRC, some older Compaq-machines had this sort of thing with their BIOS; once the disk went bad on these, that was it. Instant boat-anchor.
Then there is the question of allowing other OSes on there besides or instead of the supplied one... Monopoly and anti-trust issues anyone?
SIGBUS @ NO-07.308
Is this Slashdot or www.iamaconspiracynut.com?
If a pion (n-) collides with a proton in the woods & noone is there to hear it, does lamdba decay into the source pa
Don't buy DRM capable hardware, and make sure everyone else knows which products have it. This is a PR battle. Go public, particularly on review boards where many people go to get advice before making purchases. If the sales of Samsung notebooks plummets, hardware makers will realize DRM is poison. Trusted Computing will only succeed if a sufficient market share of DRM enabled hardware is available for content makers to control.
Good heavens Miss Sakamoto - you're beautiful!
is great and all but without a massive movement that information doesn't always flow upstream very quickly. In other words speak with your wallet and with your voice. Email is still free (mostly) so everytime your specifically purchase a non-DRM product over theirs write and tell them! Let them know how much $$$ they're losing on a sale-to-sale basis. Companies live and die by numbers and having another level of data tells them even more forcefully that, yes a boycott is in progress, and they're actively losing our money.
-- I'm not a pessimist, I'm a realist. It's not my fault that life sucks so much. --
So what makes an application "trusted" is that it has been blessed by Microsoft, ie. any software publisher with the funds to pony up the fee to Microsoft to get the trusted seal of apporval I suppose. So that's supposed to make computing more secure... and what is a "secure" computing environment anyway? Most of us define a secure computing environment as a desktop we can work at where our data is secure, private, stable, and uninterupted by rogue applications that pop up in your face unexpectedly refuse to be ignored... this is where "trusted" vendors are trying our patience. It has become more common for every Windoze desktop application sold today to hag nag screens popping up for any number of reasons: "Do you want to check for updates?" ... "Do you want to register now or be reminded to register in the next 15 minutes?" ... "Would you like to see some exciting new offers? I'll just go ahead and add them to your bookmarks menu anyway..." ... and all this happening when the offending application is not even running! Desktop software is becoming increasingly intrusive and interupting the workflow process.
So I ask you, what's worse: having a malicous virus annoy you and interupt your workday or having an application you paid for essentially behave even worse? At least virus authors don't nag you to register.
So my point is "secure" and "trusted" computing is obviously a joke when the companies driving this initiative are more intrusive and disruptive to the average work day than most virus authors.
What he actually should've said is that he thinks most users won't know the difference/care one way or the other, and they'll make big bucks from Microsoft/Phoenix to do it...so as to tie users even more tightly to their soft/firmware.
An Indian-American Hindu committed to non-violent thought/speech/action alarmed by the global explosion of radical Islam
Hey all,
While it's easy for us geeks to be upset by this, do you think that it's just the media companies that want this sort of thing?
For instance, Lotus Notes (used by corporations "serviced" by IBM the world around) has a nifty feature whereby should a sender wish, they can block access to many client features like, oh, printing or forwarding. Making an unpopular/possibly illegal move with your company? Do it by e-mail! No whistleblowers (save the truly geekiest that can get around this sort of thing) will bother you. Being subpoenaed by the FBI (like Microsoft has been over and over and over again via e-mails)? Have your trusty computer eat it! Simple!
The geeks, for our part, must take a stand and make sure people who buy this equipment are appropriately punished for it. This includes our friends and family -- if they buy something containing this sort of embedded DRM, refuse to help them with anything and everything regarding the cursed device. Assuming you'll be able to get around the DRM and help them to begin with...
Bah. Paranoia sucks.
C
The Sun is proof that we can't even do fire properly.
DRM becomes prevalent, and Gator learns how to use the DRM features to make itself uninstallable. And every GD spamzombie worm soon follows.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
These things are all now flashable anyway, right?
"A microprocessor... is a terrible thing to waste." --
GeneralEmergency
and I thought that these bios changes were just a way to hurt Linux somehow...
Really, I think the first customer of these Samsungs is going to be some giant corporation that will pick up a pile of these and deploy them all over. Perhaps the Attorney General's office in California will grab some. :P
Companies like Verisign, Network Solutions, and Microsoft have shown that those who are supposed to be trusted, can't and shouldn't.
How is 'Trustworthy Computing' supposed to work when you can't trust the providers of the technology?
Think of the software lock-in and stranglehold that licenses are going to have on these machines - or the uselessness of a boat anchor when it gets hacked by a virus that will be allowed to run on it during its rollout period, or when it gets hacked.
Ugh. Keep your old machines, geeks! (Sorry, wives and girlfriends...)
If you're really ingenious, you'll go for a very large FLASH RAM for the BIOS and use WOLK or some other seriously over-patched kernel (FOLK will return! Bwahahahaha!) using modules and one of the FLASH RAM FS' to retrieve them on demand.
That would blow anything Microsoft-based out of the water.
It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
Which is what, ten a year? I've never seen a Samsung box, and thanks to this, I probably never will. Fools.
Slashdot couldn't band together to boycott a certain hole, I certainly don't think they're going to band together to boycott...well...pretty much anything!
Only one thing matters... I trust Linux.
Gentoo Linux - another day, another USE flag.
I am not only not ever going to buy a Samsung computer, I am going to boycott ALL samsung products. Fuck you samsung!
I am going to boycott every product by every company that puts out these DRM computers. I am also going to buy the most exspensive -DRM computer that I can afford right before they make them all DRM. This is such bullshit. It won't increase safety or security IMO.
All it will do is make a personal computer more like a TV. It's basically corporations saying "Bend over cuz we've got a 12" rod and we are gonna fuck you for as long and as hard as we feel like". No thanks, I think I'll pass.
The problem is that most consumers will gladly take about 6" up the ass all the time from companies. However, the companies know that once they have that 6" in place they can basically ram in another 6" and most jps will just take it. They may moan and grumble a bit over the pain and the extra 6", but they will just keep buying the products anyway. The time to stop this crap is BEFORE they insert the dick in your ass. Boycott all DRM computers!
Episode XP . . . when we last left our hero, he was in the grip of the mighty Giddy Billionaire.
Darth RaMaul: Trusted Computing has been rolled out, my Master
Bill: Everything is going as I have forseen
Kernel 2.6.4-rc2-bk3: Your overconfidence is your weekness
Bill: Your faith in the OSS community is yours.
to be continued. . .
Now I am compelled to take measures to ensure that no potentially illegal activities (corporate) are able to be hidden by this DRM nonsense. I will have to bring a digital camera into my workplace as soon as I start running into unprintable emails, documents, etc. As soon as I get any document with an expiration/self-destruct date. I will start taking steps to ensure that all such items are "documented" via digital photography, if need be, so that I can safely be a whistleblower as required. I will not, under any circumstances, EVER be party to illegal activities by any corporation for the sake of money. I will not be party to unethical activity of any kind. If I come across such, I am compelled to blow the whistle and if M$ and other corporations feel the need to try to cover their unacceptable, illegal, unethical behavior via DRM crap, then I WILL sidestep it one way or another. I am honor-bound to do no less.
On a personal note, it is automatic that I will never ever again purchase any system that contains a phoenix bios chip in it. Old or DRM-enabled new, phoenix has ceased to exist as far as my money is concerned.
In Bushworld, they struggle to keep church and state separate in Iraq as they increasingly merge the two in America.
ebay reports record prices on older motherboards.
Well, there's spam egg sausage and spam, that's not got much spam in it.
I will now go educate myself (which I probably should have done before my quick draw post, but anyway).
I always save my last mod point to mod up a good troll. You people are too serious.
It varies, depending on what *they* want you to see.
It's very rare, but Slashdot users are missing the conspiracy theory on this one. This is a scheme to legally tie proprietary software (Windows) to the hardware. At some point in the near future, this BIOS will only allow you to install Windows. To install Linux, you will need to circumvent the BIOS. Circumvention is a DMCA violation and will get you sued by Microsoft and/or the hardware vendor. If the RIAA, MPAA and Microsoft have their way, DMCA violations will become a criminal offense. How about going to jail for installing Linux on a computer you purchased? Tightens foil hat...
many of of us may have to walk to 'heaven'?
lookout bullow.
consult with/trust in yOUR creators... the daze of the greed/fear/ego based corepirate nazi execrable is WANing into coolapps/the abyss, at the speed of illumination.
when did Samsung start making computers???
Around 1987. I was selling PC-XT from them that year.
If I was still selling computers, I would dump them this very second.
Avoid the MS tax, always buy I.B.M. PC's (I Built-it Myself)
People are saying that these computers are likely to be hacked very quickly.
I agree.
I also predict the reaction of the companies will be to
(1) make it even *more* draconian.
(2) Whine that the entire computer industry as we know it will be destroyed (and the terrorists will win!) unless Congress enacts laws that will make it illegal to break into "Trusted" computers which given the way Congress usually drafts laws will probably be so vague and broad that merely open the case of any computer (w/o a government sanctioned license) will count as infringement worthy of 5 years jail. (Maybe we should call this the Patriot Computing Act?) And if they are really good, enact laws force everyone to upgrade to Trusted computing within say 5 years or else via legislating that within 5 years every new computer sold in the US has to be a "Trusted" computer.
Remember, in the field of "intellectual property" and anything associated with "computers" or "digital" or "internet", if something fails, it's not because it's a technological impossibility, your business model is failing or your customers plain don't want it or even hate it. It's because you just haven't made it draconian enough, your customers are your enemies who need to be punished and made to toe the line and you need draconian broad-based legislation otherwise the economy will collapse, WWIII will happen and of course, the terrorists will win.
I am willing to vote with my wallet - not only by not purchasing these "Trusted" computers and buying Macs instead, but also by donating money to "anti-trusted" / "untrusted" computing groups.
Does anyone know of a legal, non-profit group that one can send tax deductable donations to to fight "trusted compuing", WMA, and DRM other than fairplay?
I only came here to do two things; kick some ass, and drink some beer...looks like we're almost out of beer.
The way to really fight this is to refuse to work for a company that issues you one of these things. How many of you are willing to do that?
`Trusted Computing' Frequently Asked Questions
Scary stuff...
All the creatures will die, And all the things will be broken. That's the law of samurai. (Jubai, 1605)
The question should be :
:
How long before this BIOS is hacked...
And, more precisely, hacked and shipped whithout the extensions, or even funnnier,a modified bios with specialised settings to fry the mobo/cpu/Security chip....
Bios viruses existed at one time, when bioses where few... Having everyone using the same secure bios from one vendor (phoenix) could bring some interesting results in the long term...
+ On the side, I seem to remember that some chips makers use "windows only" application to upgrade the firmware of hardware, and that some others try to get the same thing to update the bios from within the Windows OS...
Knowing the high level of security provided by windows, the next betting question
how long before the first worm designed for modifying the "secure bios" on a worldwide basis (install the virus, if it install from windows do it now, if needing out of Windows execution, mark the bios modifier to launch at next windows startup, using a sort of dos mode and a blank and/or fake "microsoft testing HDD" screen , or defeating the "trusted computing" security thingy by wiping out all the partitions on disks including the hidden ones...
This idea patented, if you do it, I'll reclaim a large sum to be taken from the "Wanted!" announce made for your head by Microsoft... 8p
It takes 40+ muscles to frown, but only four to extend your arm and bitchslap the motherfucker
Here is a fictious first account from a Microsoft sales rep:
SECRETARY: Sir, the Microsoft sales rep is here for a walk-in appointment.
MANUFACTURER: Tell him I'm busy and reschedule.
SECRETARY: Sir, he says its important- something about a new product.
MANUFACTURER (to secretary): Send him right in.
MANUFACTURER (to sales rep): Hi, what can I do for you?
MSFT SALES REP: Let me tell you about an offer you can't refuse....
MANUFACTURER (gulps)
Nah, it was likely before that - they made MSX machines, which were around in ~1984.
Registering accounts later than some other chrisb since 1997
...pretty much everyone agrees it doesn't work that way. It's not going to take away worms, or viruses or anything like that because you can't stop people from running programs. And there is abso-fucking-lutely NO reason why any of this needs to run off the BIOS. The BIOS controls the OS, the OS controls the applications.
The only reason you'd need to have a "trusted" BIOS is if you have an untrusted OS. If your OS doesn't have enough self-integrity so that applications can compromise the OS, let me clue you in: That's not a very good OS.
Kjella
Live today, because you never know what tomorrow brings
So trusted computing only lets you run software that is approved by microsoft? Then how can developers use this computer to make software?. Will trusted computing let you run the programs you develop? If so just you and noone else? Can someone clear this up for me.
Please do buy only hardware which lets you choose your OS.
This situation sucks because the only way we can fight it is by being Good Consumers - but since non-MS users are in a minority, the value of our informed consumerism is limited.
GNU/Linux is proof that if freedom only requires hard work, people will work for freedom - now the proprietary world realises that freedom must be made either illegal or obsolete.
Please help publicise swpat.org - the software patents wiki
Go with apple and full vendor lock in. I'm replying here since this is the top comment I could find saying this. How is apple the solution?
The penchant around here for apple is proof to me that more linux geeks are interested in being a part of an 'exclusive' minority than in being involved in things that are open and free (as in speach).
It's hard to believe that's how Micronians are made. Why don't we see it right now by having you both kiss one another?
next time you go into a computer store ask this question (and the time after, and the time after that) ... want a computer from Samsung .... "I hear you have a MicroSoft approved 'trusted bios' .. does it run Linux? will it dual boot?" .... if we don't ask it over and over again wont be on the Samsung(insert other vendor here) marketing dept check list for each new computer they release
You mean, there is a difference?
What do you think, how much russian or chinse generals, security and governments would like the idea their laptops controlled by Microsoft, Samsung or whatever ? With unaccesseble partition on the hard drive ? It this thing will not flop soon enough there will be alternative bios for sure. May be more expensive. We don't have a world government. yet.
Connecting mains electricity to the motherboard will leave scorch marks and hence, evidence of willful damage. The best way to inactivate 'faulty' electrical goods is to zap them in a microwave for one second. This leaves no trace and totally destroys the electronics.
Speaking with your wallet is great and all but without a massive movement that information doesn't always flow upstream very quickly. In other words speak with your wallet and with your voice. Email is still free (mostly) so everytime your specifically purchase a non-DRM product over theirs write and tell them! Let them know how much $$$ they're losing on a sale-to-sale basis.
Excellent point, but it does not go far enough.
Each time you make such a purchase, tell NOT ONLY the DRM manufacturer why they lost a sale, be sure to also tell the DRM-Free manufacturer that you bought their product specifically because you value consumer rights and resent their competitors. In other words, give positive feedback to the people who are doing the right thing as well...lest they be befuddled by the likes of Microsoft as well.
The Future of Human Evolution: Autonomy
Does anyone have any more info on how this affects the ISA for the chips in question? I have been in to this TCIA and how it also can be a trojan horse for DRM and I was wondering if anyone could offer some more insight (links maybe) into how this actually affects the hardware. Will this ultimately fork the ISA's for x86 or is that just fear talk chittering in the background? any response would be appreciated.
// Empires come and go we live forever
If the trusted bios will be denying all code that hasn't been signed then this is doomed to fail.
:
Let me explain why
Large corporations still (and always will) run custom build applications. If this new "TRUSTED" computing initiative is going to deny all these applications then this will all go away very quickly. No-one likes to be told what they can or can't do on their computer this includes corporations so there will always be alternatives to this insidious scam.
So far DRM hasn't touched upon the basic needs of large and medium sized businesses. They've just made it harder for the average joe to copy MP3's.
In a few years this will all look like betamax.
My 2 cents
b.t.w. wait until the bough breaks and lawsuits begin to stream out: WE CAN'T RUN OUR CRITICAL APPS..........
We should stop saying "trusted" as it might confuse consumers. It means the computer has a deliberately insecurity so it can only be used in a trusted environment (like Linux or *BSD), and not an insecure one (like Windows).
"Planned Insecurity"--like planned obsolesence.
So this comment is not so far off the mark as it sounds...
Good thing I build all my computers from components recycled from the dumpster bay at Texas Instruments in Austin.
Meaning what? That the components in the dumpster don't have the same stuff as in the Samsung hardware? Heh. Not to feed your paranoia or anything, Hansel, (or perhaps Gretel?) but how do you know the gingerbread house you are nibbling on doesn't belong to a witch who wants to eat you?
Speak truth to power.
That same virus could also delete the "product activation" databases of MSFT software -- chaos!
Napster-to-go says "Fill and refill your compatible MP3 player", which is a lie. It's not MP3. It's WMA with DRM.
Hell is breaking loose!
Since when does anyone trust M$ to do anything but make money for crap that won't work right? If this performs as well as most M$ code they will be lucky if it will boot or post.
Professional Politicians are not the solution, they ARE the problem.
Unethical, though? Think about the future we'll all have to deal with if this comes to pass. I don't want to live there, do you? These corporations don't have the right to do this to humanity, or even to make the attempt. Therefore, they lost their right to make a living, to own property, or to continue to exist as organizations when they started doing this.
They aren't taking away our rights with just bad hardware and software, that wouldn't be a threat. They are taking a two pronged approach, making the bad hardware and software and changing the structure of laws and legal rights to make the alternative illegal. (If it was just the former, I wouldn't care.)
The sad thing is, where this is really being lost is on the legislative front. Everyone brings up DIVX, but these companies all learned from DIVX. DVD is hardly purchaser-rights friendly, but it has won.
What we really need is some way to attack this problem that is as effective as the GPL was for software, but part of the problem is that the GPL was based on previously existing copyright law, not custom crafted laws created by the adversaries themselves.
All the creatures will die, And all the things will be broken. That's the law of samurai. (Jubai, 1605)
Remember "eXistenZ?" It's like that - half the world's computers are under the control of anyone willing to run regular nessus scans and a few backdoor control panels. So.. yeah, maybe some in the linux crowd resent this because the boon won't last more than a few more years. But honestly, something HAS to be done. If that means creating software and system that then set the precedent of forcing corporations to become responsibe administrators of the systems they market on wide scale, so much the better.
This doesn't mean I have to buy one, or that there won't always exist other mechanisms for connecting to the public internet. But most people don't know a fucking thing about free specch - hell, many of them believe "free software" is illegal in any form. All they want is a terminal in their home that feeds them the latest buzz from aol and msn and ebay - and the internet is a fucking mess today because of these users and their five year old Windows 98 and ME security siphons.
The internet exists well outside the US, and many countries are making a giant leap in the direction of OSS. Combine that with a giant push toward obsoleting those fucked up "legacy" systems and we all move closer to a more secure AND more usable internet for everyone.
Sorry... I'll go put my chicken little costume back on now and join you all back at the shack...
Just look at mp3 and file sharing in general. It developed with no real help from mainstream companies. Hell people have been trading illicit files as long as computers have been around. This drm nonsense will not slow that down.
I can certainly understand why everybody is totally against trusted computing on personal computers, and I really truly agree. However, despite how 'scary' this 'innovation' might be, I think it does have its place in the office. Perhaps using this in the office could keep workers from participating in some anti-productive activities (like games) or more importantly prevent them from participating in illegal activities (P2P networks). I hate the stuff too and do not like the threat is poses to OSS. But perhaps it still could have its place. Just a thought.
No, that paper is a basically a bunch of mis-leading propaganda designed to obfuscate the truth that TCPA exists solely for the purpose enabling Palladium and Palladium type DRM and user controlling mechanisms.
Read the EFF report to see why if TCPA were not designed with user control in mind, they could have implemented some very simple changes (user override) to make sure that the user had access and control over all aspects of his own machine. They didn't: instead they opted for to create a system whereby the TCPA chips can be used exactly for the things they claim they have nothing to do with (shipping them with so called "Endorsement keys" which are vendor signed, user inaccessible keys that can verify to third parties that you are using an Operating System that they like).
The logic of the rebutle is backwards all over the place. For instance they claim that TCPA is not for DRM since the chips are not tamper resistant to hardware attacks: This rather shows, unlike what some people have argued, that the chips are not designed to help against things like hardware theft and corporate espionage. For DRM you don't need tamper resistance since laws like the DMCA will keep the means of tampering out of the hands of most of the population.
Also, the argument against the endorsement keys being used for DRM is something like "nobody has a system to running for signing and verifying them today" which is supposed to convince us that such a system will not exist when they are widely deployed (note that as a feature they are 100% useless without such a system.)
The user will not have control of what there PC does and who it sends their data to, and potentially users will not be able to access their own data or their data will be stored encrypted so they cannot read it. Also, I'd imagine their must be some real compatibility problems with genuine IBM-PC-architecture hardware.
Once this is made clear to the potential users (tell your friends) and the sellers (tell them, boycott them and tell them why, tell their customers as they go into stores), I very much doubt anyone will buy these things.
I'd be interested in how vendors sell these things (are they normal PC's) and what they tell the customers the advantages are to get customers to buy them -- particularly whether they tell the truth.
Joe Llywelyn Griffith Blakesley
[This post is in the public domain (copyright-free) unless otherwise stated]
Didn't think about that one...
How about we join and increase our patent portofolio in case of future legal actions ?
(this comment driven by reading slashdot for too long 8)
It takes 40+ muscles to frown, but only four to extend your arm and bitchslap the motherfucker
Step 1: Lock user out of BIOS
Step 2: Relentlessly download and display ads to user's PC during boot before allowing user to work.
Step 3: PROFIT!
2-cents
Computing can never be fully trusted unless the code instruction memory is "physically" segregated from the data upon which the code will operate upon. With Moore's Law doing its thing, trusted computing must and will ultimately first take place at the hardware level to effectively implement the more expensive Harvard architecture CPU. The rest is just marketing OS BS.
There is no reason for trusted computing to be proprietary, unless hardware vendors want to sell fewer chips in the long-run.
Quack, quack.
It means it can only be used in a trusted environment--i.e. not on the internet with an MS or other proprietary operating system.
As soon as people figure out "trusted" means "I can't trust it to do what I want", we will see the end of the monopoly.
This is great news--a big gaping, unfixable hole for proprietary OSs. They just broke their business model for good.
Way to go!
=googol=
IP Law in two easy lessons:
1. Theft by value: you have something, I take it.
2. Theft by reference: you think of something, I think of the same thing.
Personally, I view DRM as a more unbreakable version of license management / anti-piracy software. A much, much harder-to-break version of FLEXlm combined with Safedisc.
That way, if you write software for a living it's extra insurance you'll be paid for it. Not to mention a having a single standard for doing this rather than competing licensing schemes.
I'm sure someone will try to abuse DRM. That's what courts are for.
This has been covered in a previous discussion, but it may be appropriate to revisit the topic.
If Windows is integrated into the BIOS, then presumably the computer makers would have to pay M$ for the privilege of selling this BIOS. Fine. No problem because the computer makes will be able to sell systems with regular BIOS.
But Wait! Now M$ tells the manufacturers that if they do use regular BIOS, then they won't sell them the rights to use the "Trusted" BIOS or they charge more for the "Trusted" BIOS. It's Deja Vu all over again.
So then all the manufacturers stop selling anything that does not use the "Trusted" M$ owned BIOS, which or course will not work with Linux, or anything else other than an M$ OS. And maybe even the latest one. No more foregoing those paid upgrades.
Just Say No
When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
licly.
It's much nicer to find out in advance that you
DON'T want to buy someone's products anymore.
Thank you Samsung for pointing that out to us.
I think two words sum these events up pretty neatly:
It's started.
But your PC will - and Apple, by actions they have taken, have shown they are interested in the user having control over the computer. Audio DRM that lets you burn as often as you like, and makes the files your own. Use of Open Firmware and other open technologies (like Darwin or BSD). Lack of product activation on any Apple software.
As we all know "trusted" computing is eaxctly about not trusting the users. Apple trusts the users, and therefore has no reason to deploy a "trusted" platform (which also adds cost, a double whammy).
Basically, Apple is your last large commercial hope. If you want to stop stuff like trusted computing, then head over and support the vendor who is at least trying to head the other way, instead of joining the crowd headed down the path you don't like.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Consider also the Viacom vs. Dish squabble, when Dish went nuclear and pulled the channels. SCO could have done the same thing to IBM if TCPA were pervasive. I for one will not be purchasing any system that includes TCPA.
-paul
Pistol caliber is like religion: everyone has their favourite, and theirs is the only right choice.
As usual there are many comments about how Microsoft is taking over your bios. Just because your laptop has a security device in it (my thinkpad does) doesn't mean Microsoft is going to gain control over your machine. People frequently speak about TCPA and DRM as if they refer to the same thing because TPCA is prerequisite for DRM. That is NOT true.
... too bad. You won't be able to rip that DVD or burn or fry or copy whatever. Last I heard it *was* illegal. Get out and play frisbee instead. Write your own music. Build a toy car with your kid.
TPCA just means the motherboard has some hardware for generating and possibly storing cryptographic keys. There might also be some secure memory and other things that assist with performing security critical computing on a PC without someone deciphering the keys or reading private data or media directly from memory. It is a feature that should probably be considerd good particularly for people who wish to use such a computer for monitary transactions or other highly secure communications.
Digital Rights Management has to do with delivering media to a PC in a way that restricts the user from decoding and copying it as it is displayed on the target output device. TCPA would be necessary to do this but that is incedental (but not coincidental).
People think TCPA and DRM equates to the consumer loosing control of their computers. In some cases this will be true. Your employer could lock down your workstation tight as drum so you can't install that scewball program. But the TCPA hardware is just another couple of chips on the board. How keys are managed and how the secure memory is accessed is understood. I believe there's a GPL driver for the security chip in my Thinkpad T30. As for DRM, well
Why do we need these new computers anyway? Is 3.4GHz *really* that much better than 2.8GHz? I can live with Linux on a slightly slower machine in order to not have to use that fuck-awful drm bios crap. It'll work just fine even on my old pentium-pro 200 machine. Also, my G5 doesn't have this crap on it, and hopefully never will.
Hey, wait... If MS and/or the computer companies are not shipping a fully user installable version of the OS then what is the consumer paying for?
Essentially, MS and the computer resellers are lying to consumers when they say your computer purchase includes the OS when it really does not.
So this leads to the question if you don't get a fully operational OS CD-ROM with your purchase who owns the "copy" that is on your shipped system? And is this covered under the EULA that EVERY HOME USER clicks through when they first start up their "new - OS included" PC>
This would make for some interesting situations if MS every tried to accuse a home user of pirating software when in fact the home user never really owned a full version of the OS in the first place!
Perhaps this is a good time to make a list of distributors that sell computers 'trusted' computing, so people can avoid them. Just like that crippled 'copy protected' CDs list.
To get rid of the DRM crap?
Some are indeed from the start, most only require a little (explained in the manual) tinkering via the remote to get this Freedom to play the DVD's you legally bought.
I understand that the big $$$ lobbyists from the U$ are trying to influence European legislation towards a DMCA-style system but that has yet to happen.
Europeans keep in touch with your representatives!!
What happened in the last 60 years, then (1945) America brought us Freedom, now they try to take it away...
"The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
This wouldn't work for DRM, as that operates at the hardware level, but wouldn't it be nice if someone started releasing viruses that, instead of screwing up a user's computer, nulified evil corporate software? For example, a virus that overwrites the HOSTS file in IE to block ad servers, or disables the NET SEND feature in win2k to block "IP" ads.
BTW, if DRM uses a static port to communicate with "trusted" companies, couldn't one use port forwarding on a firewall or router send bogus liscenses?
And it never has been. Thats just newspeak for Controlled Computing. Never use their newspeak. Always call it controlled computing. Whenever someone asks what it means, you have a great explanation of it.
Does this force me to use an approved OS, or can i still choose what i run.
If the 'features' that are added are optional, does it matter if they are there? Why do i care?
Or can this choice change tomorrow 'automagically', forcing me to switch my OS and applications to fit their view of trusted?
---- Booth was a patriot ----
As we've seen recently in Intel vs. China regarding China's own wireless standard (labelled GB15629.11-2003 for those interested), we can probably at least count on China to get hissy about this.
:?
Simply put, whether the threat they perceive is real or not, there is no way they are going to allow American proprietary rubbish (with evil spyware code to boot) to penetrate the Peoples' Republic. So if we have to start importing all our parts from the commies, then so be it, but even if dumbass consumers in the West buy this kinda rubbish (and, as others have said, they undoubtedly will), it simply will not fly politically elsewhere.
The push for Linux in Asia is clear - HP are going to ship Linux boxen, China has variously shown its keenness towards the open OS, NTT DoCoMo are putting Linux in phones and so on - this kind of stuff really does matter. At the very least, American hardware manufacturers are going to consider the bigger picture before alienating large numbers of potential consumers.
Microsoft is not invincible. It has failed in the mobile phone market, failed to crush Java (now, of course, flourishing on mobiles) and has a long time to examine consumers' reactions before Longhorn comes out. I really don't think it will try to push this too hard...
iqu
Just a side-question: Can you get/make bootable (el-torito) style DVD's?
I've certainly used/create a lot of bootCD's, but I've yet to see it done on a DVD (would be nice, I could make a base image of my server... fully configured, and have an auto-restoring backup).
Who this 'Average User' guy is. He needs some serious computer training! Anyone have his email address?
I can't afford a sig!
but this could be the end for OSS. its obvious that its microsofts intention to force its operating system upon us all. if they can trick apple into licensing the gui code off them all those years ago, they can convice the courts (if they even get there) that they're doing it to protect us all.
bastard bush administration. they should have followed the anti-trust lawsuit that was started by the clinton administration.
Q; What's wrong with you using a login password, GPG, encrypted FS, etc. to protect your stuff?
A: Nothing. No matter how hard various curious people might hate that.
Q: What's wrong with your company using login passwords, permissions, etc. to control their stuff?
A: Nothing. No matter how hard various spies might hate that.
Q: What's wrong with content authors, publishers using DRM to protect their stuff?
A: Nothing. No matter how hard various P2P-spoiled folks might hate that.
And don't you worry about "control". Your personal data as well as all the noncommercial content will remain as yours as before. And neither PC makers nor content publishers will abuse their DRM power, because their interest is in providing a reasonable proposition that will not be rejected by consumers.
Right?
So, you say, you're ready to reject DRM stuff anyway? What are you gonna do ten years from now when the only way to access paid contend will be DRM-enabled gadget? Choose to live in a digital equivalent of a "cave"?
And how do you propose to load it onto one of these restricted beasts... It will need to be keysigned, and duplicating that is a crime.
Oh, and what about all that esoteric proprietary hardware? ( especially in laptops, but this point holds true for future appliance based PC's ) Who is going to write bios routines for those, with out any documentation?
Its a grand idea, but i dont think it will work out in practice, when it counts and we really need alternatives...
---- Booth was a patriot ----
I forgot two other points in the TCPA rebuttal. He states that TCPA will not block execution based on signatures, revokation lists, or approval lists. Well, yeah, that is *technically* true.
TCPA can't prevent software from running, but it *does* cause software to FAIL. It "runs" but it doesn't work. All of the data is encrypted. Without a proper signature and/or the approval list all the data is encrypted and the program dies on it.
As for revokation lists, TCPA can't block something on the list, but it TCPA can certianly ensure that your computer won't WORK unless you are running software that does block anything on the list.
He also says that there are no "TCPA Certificate Authorities". Yeah, they aren't and up and running yet. However the Trusted Computing Group has TONS of documentation on Certificate Authorites. Yeah, TCPA chips "work" without certificate Authorities, kinda like televisions "work" even when there are no TV stations broadcasting anything. They don't do much. The chips were specificly designed to work with Certificate Authorities and you will get locked out of everything if you don't "voluntarily" submit to whenever demands the Certificate Authorities make.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
actually, the whole point is to let the user have that cosy feeling
of having the ability to recover from the enevitable massively-hosed
windows install, without giving out potentially "abused" cdrom copies of the
[Windows (TM)] OS.
i remember that we all used to get the cd(s) for the OS with new computer purchases..
thats history since XP. the ibm thinkpad has this same setup for at
least 3 years now.
- yummy rootbeer.
Well, I can honestly say that I'll now never purchase a computer made by Samsung.
> FirstWare Vault also creates a hidden partition
> on the hard drive. However, Fujitsu used it to
> store a backup copy of the OS, in case the user
> needed to reinstall.
Can anyone say "Compag Diagnostics Partition"?
I knew you could.
And how many so-called "partition management utilities" get totally hosed when they see this thing because it's NOT a "Windows partition"?
Richard Steven Hack - This sig is TOO GODDAMN SHORT TO DO ANYTHING USEFUL WITH! MORONS!
i'm a consultant and i have *hundreds* of clients.
i will never buy or recommend a samsung (or any other manufacturer's) computer (or motherboard) with the Phoenix Core Managed Environment (cME) BIOS.
in fact, i already tell my customers that i will *NOT* support these devices.
i *will buy* non-DRM'd motherboards from every other possible source. the day that this becomes impossible will be the day i quit the computer consulting business.
ciao
who's more the troll, the troll or the troll who trolls him?
i can't imagine them leavint he bios open to flashing unless it just allows for patches or something instead of an overwrite
how else are they going to insure the evil empire comes to fruition
The word "trust" loses it's meaning in this case as i don't trust Microsoft. Actually, i don't really trust any company that makes profit.
I couldn't come up with any better sign....
I'm not a BIOS writing guru but I imagine that it'd be easy enough to provide for transparent bits in BIOS flashing utilities or even in the .bin file that contains the BIOS code. If it becomes industry standard to leave a certain block of BIOS addresses reserved for TCPA/DRM capability then reflashing the BIOS won't rempve it. If the TCPA/DRM movement picks up enough steam then the proper values for the proper registers corresponding to TCPA/DRM awareness could be a requirement for hardware compatibility at the processor or bus level which would render LinuxBIOS unusable unless it also left the requisite registers untouched.
+++ATHZ 99:5:80
* Can't use all of the hardrive space you ordered/paid for because you HAVE to keep a recovery partition. (Jeez Toshiba, whats a 50 cent CD compared to your profits on a $1500 laptop and the goodwill of your victi.. err.. buyers?)
* Can't reinstall your laptop if/when your hard drive crashes because you've just lost your hidden install partition too. Does your laptop just become a very expensive doorstop?
*Can't re-partition your hard drive for fear of messing up the hidden install image partition.
* ever install or use the copy of Windows that YOU PAID FOR on any other computer.
Please people, vote with your money. Dont buy this Toshiba shit.
Is there a company i can get a 17" widescreen lcd, (DVI in, no TV tuner, preferably no speakers...) from that everyones ok with? (not as sarcastic as it sounds...)
"Sic Semper Tyrannosaurus Rex."
It's really time for people to be using and promoting Open Hardware. With projects like Open Hardware and Open Cores available, why would anyone ever use hardware that works against their own best interest?
OpenCores has a System-on-a-Chip (SoC) called the OpenRisc 1200 that runs Linux and uClinux. It was demoed in December at the Freedom Technology Center.
Evan Prodromou | evan@prodromou.name | http://evan.prodromou.name/
Anyone who thinks Apple is any different in hoping to domintate your computing experience is sadly mistaken. They have already instituted the use of DRM with Itunes, the fact that the DRM is pretty user friendly is in fact not the point. They expect you to pay for something that is lower quality than you can get for free via filesharing. The only reason people do this is becuase they think it won't cause a problem. The limitation that is added in and of itself is a problem; it is just one many users haven't realized yet. Apple just wants control just Like M$.
It is in fact a war against freedom and open source. If they can make your data & Hardware propriatary they can add yet another hurdle to get out of track of the OS you've been riding for so long.
It's not a feature. To every user it ought to be considered a bug. That is how I see it.
The first rule of trusted computing is do not trust someone who is trying to sell you something other than what you want.
There is evidence to prove both Democrats and Republicans are lying cocksuckers. Vote independently.
While TCPA does not imply DRM, it is closely tied to it.
... too bad. You won't be able to rip that DVD or burn or fry or copy whatever. Last I heard it *was* illegal. Get out and play frisbee instead. Write your own music. Build a toy car with your kid.
* TCPA or a TCPA-like system is necessary to implement DRM.
* TCPA's primary current application is in implementing DRM. There have been a few alternate suggestions, such as perhaps ensuring that nobody has attached a monitoring device to your computer or installed similar software, such as Magic Lantern. However, for Joe Q. Public, TCPA's primary use is to implement DRM.
* TCPA adds to the cost of hardware. If you are buying TCPA-capable hardware, you are throwing money down the drain if you do not intend to use TCPA.
* TCPA significantly increases complexity. Complexity is a major factor in determining reliability. I feel that PCI, AGP, ATA, USB, Firewire devices (and the BIOS) should be as a reliable as possible -- frankly, people have enough problems with flakiness as it is. It's not as if you need to have a burning desire to pirate movies to want to avoid TCPA.
It is a feature that should probably be considerd good particularly for people who wish to use such a computer for monitary transactions or other highly secure communications.
This statement of yours, while true in theory, is misleading, and I can't help but shake the suspicion that you intended it to be misleading. TCPA allows computer components to authenticate to each other. For all intents and purposes, the only attacks this avoids are local, physical attacks on a computer. Furthermore, short of a user using a smartcard or carrying some other kind of cryptographic security device with him, TCPA provides zero security unless the initial system configuration is trusted. It doesn't do a thing to allow me to trust another person's computer or a mall kiosk. For any of this to be useful, a comprehensive and well-built supporting software system is required. That software infrastructure does not currently exist.
TCPA's primary benefit over other proposed DRM systems is that it may be disabled in the BIOS if so desired. At that point, it becomes little more than the MP3 player that's built into my own computer's BIOS -- another useless feature that I dumped money into that increases complexity and reduces reliability.
I believe there's a GPL driver for the security chip in my Thinkpad T30.
The GPL is almost irrelevant when it comes to TCPA systems. The entire point of the BIOS-level support (rather than just doing everything in software) is that it loads signed binaries, and you won't have a signing key. So you cannot make modifications -- perhaps some Linux distro vendor might be able to put out a signed kernel binary, but that's it.
As for DRM, well
If TCPA lasts more than three months in the wild once people start using it for DRM, it will blow my mind. What the TCPA people are trying to do is *vastly* more complex and less feasible than what Microsoft's X-Box people are doing -- and the X-Box's DRM was broken multiple ways.
For starters, they are trying to make a huge array of hardware that has been designed by ordinary old hardware folks (*not* security people, and there is a *huge* freaking difference) work securely. Microsoft failed to do this perfectly -- they didn't encrypt some data that went over a bus, and incredibly minor error, and it came back to haunt them. And that was (a) a closed system -- all Microsoft has to do is stop making X-Boxes that are exploitable and (b) a system where a break only allows *bogus media to be played on that system*. Two *huge* impediments, either of which would kill TCPA as an effective DRM system.
First, the fact that TCPA is designed for use in an open system -- the PC architecture. It only takes one vendor of video cards to include a debugging feature on their card, or a diagnostic mode, or running so
May we never see th
The only operating system that I would trust if I had a choice would be OpenBSD, not some stupid Operating System thats has holes in it like a sponge....
It looks like they're really about to establish a locked-down IT environment like we were all afraid they would do.
That's why I suggest that instead of talking and talking, we should actually get something done about it.
The most problematic aspect of the OSS community is that it doesn't have a single entity which decides how to react. Instead, we're millions of very diverse voices which tend to get drowned in the flood rather fast if they don't react in union.
Witness the DMCA, the recent outrageous European Software Patents legislation process, the even more recent equally problematic European new copyright regulation, and of course, TCPA activities. All of those have met strong anger from the community, but nobody was actually organized enough to demonstrate against it properly (i.e.: with a sufficient amount of people for the lazy mainstream media to take notice!).
I suggest we build a big platform which would essentially be a big server with a web portal and a huge database where hundreds of thousands of people could sign up for activities (and activate a personal portfolio of activity types that the user is interested in).
Whenever a new problematic regulation that seems to have been pushed through by interests of evil corporations appears on the horizon, an admin could add a new event to the database. All users that registered to be interested in such an event type would then get a short notice that a new event was being planned with demonstrations in many medium to big cities. They could then visit the site and set a boolean flag that indicates whether they plan to participate in that activity
(and add further data as to when and where they plan to participate).
Such a database may have the following features
(and many more that I haven't thought of yet, of course):
- register a user (nick, name, location + coordinates, activities of interest)
- submission of new activity places
- search for nearby activity places
- flagging "yes, I'll participate"
- notification email 4 hours before activity takes place
- grouping of users according to local groups (with local admins?)
- local communities to be able to discuss and plan local events properly
I'm SICK of the continually increasing amount of legislational crimes and bribery committed by influential companies! Let's do something about it, goddammit! Simply resorting to talking is a sure way to lose all our influence and freedom!!
If we manage to get such a setup going properly,
then that should actually enable us to establish PERMANENT (0.5 * 24/7) demonstrations in front of shops selling DRM hardware or software once we have an enormous number of people registered!!
That'd be quite a feat, huh?
Well it's all just a matter of proper management!
The very least we should do for now is set up a mailing list somewhere to discuss further activities.
To start such a project, I would be interested in people skilled with web server maintenance, database design (remember, it will be a quite complicated database) and people who can contribute new interesting ideas.
If you want to take part in such a mailing list or can offer advice or a useful server infrastructure, then please send a mail to
andi AT lisas.de in order for us to get more organized.
Again, problematic corporations keep thumbing their noses at us, so it's bloody time for us to organize some counter force!
Thanks for listening!
This isn't actually true.
TCPA can be used in conjunction with an OS to set up an operating environment that does not run untrusted software.
I don't think anyone has proposed doing so, but it's certainly technically possible.
May we never see th
SOHO users don't care about computer security because generally, the consequences are suffered by the rest of us.
We don't care which a clueless technophobe does, one or the other works fine.
Tech Public Policy stuff
It will get hacked anyway, because there is always a trade-off between security and ease of use. And it so happens that ease of use is a primary selling point...
Set up a totally new internet.. sell non drm machines and make lotsa dosh??... Thats what we'll end up having to do to get out of this mess when all the dumbfucks buy these computers.
Sig (appended to the end of comments you post, 120 chars)
Open source is gay
As a computer user and decision maker within my place of employment, I am writing to inform you that I will not be buying any Samsung, LG or Fujitsu products in the future and will be making recommendations on both my website and within my company that the products from these three companies are boycotted.
I am a responsible computer user and do not, in any way, condone piracy of software, music or video. However, I also believe in maintaining my personal freedoms to run what software I choose on hardware that I own - primarily Open Source software. I also intend to maintain my rights "free use" of software and media products that I have rightfully purchased - for example, to make personal backups of software, to convert CDs I own to MP3 for use on my personal players and to convert DVD movies to DivX to play on portable machines.
Trusted Computing is a misnomer and a clever name to cover up for existing deficiencies in computing and to allow Microsoft to ultimately control who can create and run software on the PC platform - hardware vendors ultimately become the lap dogs of Microsoft, a convicted monopolist that is currently under investigation in the European Union.
Even worse, Trusted Computing's role is to ultimately hands over my responsibilities to the hardware manufacturer and to Microsoft with the expectation that in future, a "tax" will be levied against me as an additional charge on any software and hardware that I purchase.
I will not pay that tax, particularly one that does not allow me to run my OS of choice on what should be the "open" IBM-PC platform.
I am currently setting up my website on which I will highlight all hardware that is sold under the "Trusted Computing" platform in order to inform as many potential users as to the dangers of Trusted Computing in terms of its restrictions on personal freedom - I will forward the URL of this to yourselves once the site is up as it is not my intention to misrepresent your products in any way, merely to inform people of vendor products that incorporate Trusted Computing hardware and to advise them against purchasing those products.
It is my personal belief that this is a poor marketing decision made by Samsung, Fujitsu and LG and that Trusted Computing will ultimately fail when general users recognise the stranglehold it places on their computer rights and freedoms.
At that time, Samsung, LG, Fujitsu and any other hardware manufacturers supporting trusted computing will be left looking very foolish indeed...
Oh, BTW, the FDIC mandated those thumbprints.
Nope. The courts ruled that banks *may* allow thumbprints. This is not an FDIC mandate at all, but merely an allowance.
No bank in my area requires thumbprints, and all are FDIC insured.
Microsoft is to software what Budweiser is to beer.
No, that paper is a basically a bunch of mis-leading propaganda designed to obfuscate the truth that TCPA exists solely for the purpose enabling Palladium and Palladium type DRM and user controlling mechanisms.
I don't think you read the IBM paper carefully enough. The TCPA implementation in IBM's laptops is completely unrelated to the most insidious forms of trusted computing. IBM's chip serves as a repository for encryption keys. It does not provide any kind of "rights management" features.
This is different from Microsoft's Next Generation Secure Computing Base (NGSCB -- formly known as Palladium), or the Trusted Computing Initiative (formerly known as TCPA Stage 2 -- hence the confusion). This project is the one which should cause us all concern. Program binaries are stored in encrypted form, are run in secure memory areas, and have their own secure storage area on the hard drive. In other words, programs can do whatever they want without you knowing.
Let's get our terminology straight, folks. We can't do anything about DRM if we're attacking the wrong products!
I'm not anti-microsoft. I'm anti-bullshit. Which means I'm anti-microsoft.
Which brings me back to the question "why doesn't AOL just tell MS to go to hell and deliver all those DVDs as bootable linux based machines? It would sure save their users some headaches, not to mention the poor techs who have to clean up the piles of shit their product leaves behind.
Oh, wait - dumb question, ain't it? If they did that then they'd have no one to blame when their overblown, poorly kludged together product blew up someone's account.
Never mind...
NO! NO! NO! NO! NO!!! They took the computer, which was a fun toy, and turned it into something more like the car. It's yours, but because of non-standard bolts and some black boxes, you can hardly do anything with your car without being certified by some dealership or whatever. This makes me so angry.
On a not-so-side note... anyone up for buying up non-DRMed computers when the mad rush to ditch them is on with the psychotic intention of building a really big Beowulf cluster? What can be done with the cluster doesn't require much imagination... >:D
This isn't the first time Phoenix did something like this. Search for PhoenixNet or "phone home BIOS" and you'll get an idea what this company is all about. Or, read this:
cexx.org/phoenix.htm
There are hardware keyloggers out there you know.
Also, get some new friends, man...
"First lesson," Jon said. "Stick them with the pointy end."
Your mention of "the PC platform" made me wonder:
Are Macs not going to be affected by this? Probably not, right?
Alright, I am off to the local apple store.
From what I've read about (un)Trusted Computing, yes, there will be an option in the BIOS config to turn off T.C.. The problem(s) then is any data/documents/images/etc. that were created or imported while T.C. was enabled are now inaccessable. Plus, if the Cisco T.C.-enabled routers get implemented widely enough that turning on the T.C. functionality becomes practical (widspread in P.C.s', etc.), you won't be able to access the net in any meaningful way. So, sure, you can turn it off, but you'll be left with a crippled (for practical purposes), isolated box. I kinda look at it as, I'm paying the same $X dollars for a crippled P.C., in terms of functionality, as I *was* paying for a non-crippled box, and, to add insult to injury, the only coin they accept in payment to use my own PC/data, is my control of my PC/data. :/
Progressivism (aka US 'Liberalism'): Ideas so good they need a police/surveillance-state to enforce.
Original comment
Check my comment history (or scumbucket's) this isn't the first time
That "ghetto" you're talking about is basically 90% of the world. In this case I affirm with all my heart that the only "ghetto" is the one already being built right here in the US - a ghetto that I rarely find need to visit. CNN, MSNBC, AOL - I don't buy CDs, I don't buy cable TV, I don't even receive dead tree magazines. The only DVDs I've purchased recently came form Hong Kong and the only CDs I've bought recently (that weren't part of a creative commons project) are from Russia and Turkey. So your assertion is that all these countries will just bend over and wait for us to deliver "the big package" of culture and commerce? That the creative commons project will fail even when it has available to it hosts like those operating in Norway and Russia?
Ooookay. Sure. Aaaaaaaanything you say....