Slashdot Mirror
Trusted Computing Rollout Hits the Desktop
Alsee writes "Previously appearing in a few rare laptops, ExtremeTech reports on the first major computer manufacturer making a full scale Trusted Computing rollout. Samsung will now install the Phoenix Core Managed Environment (cME) BIOS in every computer they make. Previous Slashdot reports on this BIOS include Phoenix Bios to Incorporate DRM and Microsoft Taking Over the BIOS."
IBM has had thinkpads containing TCPA chips for years! On top of that, they provide a Linux driver for it on their website!
I recall something about one of the Phoenix guys saying that the consumer was not their customer, the media companies were.
Uh, no.
He said that the motherboard manufacturers are their customers. Which is true. Have you ever called pheonix and ordered a BIOS?
He said nothing about your imagined conspiracy theory about the "media companies".
Oh, BTW, the FDIC mandated those thumbprints.
I don't need no instructions to know how to rock!!!!
You might want to take a look at the LinuxBIOS project if you're interested in an unrestricted alternative.
SmashTech - No smashing of tech involved
HP has been shipping computers with complete restore info on the HD for about a 1 or 1 & 1/2 years now. If you want CDs, you have to request them on their site, by mail, or phone.
If the drive dies, they send you a new drive with all the OS info pre-loaded....the average user doesn't even realize that they are using space...
First, I think it's partly the fear of being poised at the top of a slippery slope. (Granted, the "slippery slope" argument is a logical fallacy--but debates are not won on logic alone.)
...which is not precisely an answer to the question you asked, but does explain why the question you asked is not precisely the right one. ;)
So it's completely peachy and great that there's a backup copy of your OS partitioned off on your drive, and tech support can just walk you through a reinstall unless you somehow managed to hose the partition.
Then, they start shipping computers that do an automatic OS reinstall when certain conditions are met. Maybe annoying for power users, but it will serve most people well.
Then a third-party vendor asks, "Hey, can we get in on this? Have our software phone home telling how the owner uses it. Then we can improve future versions." Annoying, but for a good cause, right?
Then the data this third-party is getting shows that people are jumping ship on their application for one that costs less, and they cripple cross-functionality...and keep sending updates to your computer even if you patch it back the way you want it to be. But you don't get to say anything, because you clicked Yes on the EULA.
Then, seeing the success, a bunch of other vendors jump on the "trusted" bandwagon, and suddenly your computer is about as much yours as if it were part of a bot net. Incremental steps toward a worst-case DRM-everything, your-PC-is-controlled-by-vendors future is what the worry is about.
Is it a justified worry? Given the tendency of, well, humanity to take a mile when given an inch, and the disturbingly long and broad reach of corporations, I'd say yes.
Second, I think the furor over trusted computing is a matter of principle. Allowing control of one's computer to be placed in the hands of one or many corporations, or the government, is something many people, me included, find abhorrent. It's a thread of libertarianism (little "l," moderators, not the political party) that, as far as I can tell, runs through a great many of the more common Slashdot opinions.
-Carolyn
Like Daddy always said: if you can't dazzle 'em with brilliance, baffle 'em with bullshit.
For a slightly doom-spelling (unforunately Ross tends to be right far too often) check Cambridge University professor Ross Anderson's Trusted Computing FAQ. There is also his Cryptography and Competition Policy - Issues with `Trusted Computing' paper as well.
You can also look at documents at Trusted Computing Platform Alliance, and I recommend reading The TCPA; What's wrong; What's right and what to do about by William A. Arbaugh
I submitted the article.
I've a programmer and I've been reading the techincal specifications on the system. I'm pretty much an expert on it. I will keep this post as non-technical as I can.
Trusted Computing pertty much does two things. Number one, it keeps some keys hidden inside a special chip. These keys are sort of a cross between a unique seirial number to identify your computer and a password to lock files. The nasty part is that it secures the computer AGAINST the owner. It locks your data such that YOU can't get at it, except in the approved manner. Number two, it allows other people to "look" inside your computer to see EXACTLY what programs are running - it snitches on the owner.
If you don't like something about how your computer works and you try to change anything, your files go dead and unusable. If you try to change anything then whenever you connect to a website or any other machine, and that machine asks to "look" inside, then your computer will report that the owner has made an "unauthorized modification" and the other computer will refuse your connection.
To put it in more concrete terms, say you go to a website. Say the website has ADs. As soon as you try to connect the website will ask to peek inside your machine. If is sees that you have pop-ups blocked it will refuse to you see the webpage. It will be impossible to see the website unless you "voluntarily" view their ADs, and do so in exactly the manner they want.
If you go to another website it can refuse to show the webpage unless you install their spyware. If you refuse the spyware it is impossible to see the webpage.
Microsoft is advertizing new DRM e-mail. If you you don't have a Trusted machine, or if your machine is non-compliant then it is impossible to see the e-mail. If your machine is compliant then you can see the e-mail, but your computer will be physically incapable of printing out that e-mail or saving it or forwarding it, and your computer will enforce it's deletion after a certain date. Some companies (like Microsoft) will love this feature because it means that old incriminating e-mails vanish and can't embarassingly pop-up in court later.
Cisco has announced a new router. It is supposedly an "anti-virus" system, and even the Slashdot story on it reported "Cisco to block viruses at the router". Actually it does not block viruses. What is actually does is look inside your computer to verify that you are running specific approved software. The *advertized* purpose is to check that you are running approved and up-to-date anti-virus software and firewall. It then locks out any potentialy "vulnerable machines" becuase they are a "threat" becuase they "might get infected". If your ISP isntalls one of these machines then you will be denied any internet access at all unless your machine is "compliant". It you aren't running Trusted Computing then they can't verify compliance and you are denied acces. If you aren't running EXACTLY the software they require, or of you alter it in any way, then you are denied internet access. And they can require you to run anything they like, not just security software. Tehy can require you to run software that forces your computer to throttle your own internet connection speed. They can force you to run software that displays ADs. They can force you to run software that tracks everything you do to collect marketing data.
The President's Cybersecurity advisor spoke at a computer conference where he called on ALL broadband providers to install such routers and to REFUSE access to anyone not running a Trusted Computing compliant system.
Pretty much all software will require "Product Activation". It will be impossible to even install the software without submitting to any activation procedure they dream up. If you try to alter the installed program in any way then your data will be locked and unusable, and the software won't run at all.
It will be impossible for people to make interoperable software. And "secure" data saved by on
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.