Slashdot Mirror
Trusted Computing Rollout Hits the Desktop
Alsee writes "Previously appearing in a few rare laptops, ExtremeTech reports on the first major computer manufacturer making a full scale Trusted Computing rollout. Samsung will now install the Phoenix Core Managed Environment (cME) BIOS in every computer they make. Previous Slashdot reports on this BIOS include Phoenix Bios to Incorporate DRM and Microsoft Taking Over the BIOS."
First I have to mod my XBOX, and now my laptop. When will it end?
IBM has had thinkpads containing TCPA chips for years! On top of that, they provide a Linux driver for it on their website!
If I remember correctly doesnt the Record Industry have to label "protected" CDs?
Would be a good idea if these PC manufacturers labeled their PCs as using BIOS DRM.
That way an informed consumer can make a choice whether or not they want DRM on their system.
Just a thought.
.... ... }
int main (void) {
We're all going to be surfing the net with a government approved "conduct officer" standing behind us.
So this is the dawn of the Unpersonal Computer? One that hides things from it's users and gives control to other people.
Screw that idea!
I just refuse to believe that the Trusted Computer Initiative will deliver more secure computing.
The XBOX was an attempt at some kind of DRM and it got hacked to pieces because DRM is just impossible. Plus the fact that Microsoft write overly complicated software with bad tools and bad programmers.
But Microsoft bashing aside, they aint alone. I don't think there is any company or organisation capable of deliverying decent computer security at the moment.
The tools do not yet exist to manage projects containing millions of lines of code in a way that won't introduce security flaws.
Si.
And seriously, cost of the media? How much could this possibly cost (even if the partition is only the size of a CDROM; 700MB or less)?
Besides anti-MS statements and rhetoric about DRM, can someone actually tell me how this will affect what I can do with my computer?
I always save my last mod point to mod up a good troll. You people are too serious.
In general, I think that most /.ers would agree that invasive DRM practices are not a Good Thing(tm), but I wonder how the general public will see these initiatives, if at all. I think that either of two things will happen:
People inexperienced with computers will see the nice friendly keywords like 'safe' and 'trusted', and favor these products out of fear, which is obviously what the manufacturers want.
Alternatively, Joe User, who neither knows nor cares about security will simply ignore such concerns as fine print, since any kind of technical explanation is of no interest.
Unfortunately, I think the principal outcome may be that, like it or not, these Trusted Computing initiatives may propagate, either from adoption by fearful masses, or simply by sliding under the average consumer's radar.
What a fucking joke that is!!
Your hard drive gets screwed (hardware failure, for exmaple), so you can't re-install on a new disk because you don't have the installation media?
And I suppose it also has the "feature" that it'll automatically "fix" any "corrupt" (Linux/BSD) partitions it discovers on bootup?
What a stupid, usless waste of hard drive space to save on the price of an install DVD. This just smacks of taking choices away from the user (other than the choice to boycott this kind of shit completely).
Organic free-range music... yum!
I recall something about one of the Phoenix guys saying that the consumer was not their customer, the media companies were.
Uh, no.
He said that the motherboard manufacturers are their customers. Which is true. Have you ever called pheonix and ordered a BIOS?
He said nothing about your imagined conspiracy theory about the "media companies".
Oh, BTW, the FDIC mandated those thumbprints.
I don't need no instructions to know how to rock!!!!
...and consumers will buy it because it's a "feature". This wonderful new "trusted computing" will give you access to all sorts of places, simply because we're not going to offer access to anyone else. See?
Kjella
Live today, because you never know what tomorrow brings
Case in point : DIVX.
It wouldn't hurt for slashdotters to educate people when the chance comes up. To be effective, try to be informed, not shrill.
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
You might want to take a look at the LinuxBIOS project if you're interested in an unrestricted alternative.
SmashTech - No smashing of tech involved
I would like to see whether this is, indeed, trusted computing. The article was somewhat vague in some ways. If it is the full-fledged hardware portion of the Pallidium initiative, as part of the article implies, it's very, very bad. If, instead, it's a way to save money on a system restore disk by having the hardware hide a portion of the hard drive from normal software, it's annoying, but probably fine, depending on how it is done (if there's a PKI, that's bad, but if it's just read-only, that's fine).
If trusted computers do appear in your area, I would suggest the following strategy for making them go away:
This assumes the companies have a 30-day no-questions-ask return policy (which is usually the case). You can even say that the "trusted" computing was the reason you returned it. Once they start losing tons of money, it'll go the way of DiVX (not the codec -- the old DVD standard which needed to call home to get authorization). It was pushed by Circuit City, which had a ton of people do this to them, so they introduced restocking fees, and lost a lot of customers who knew nothing about DiVX. Eventually, Circuit City backed off the DiVX thing.
If you want to be illegal (which I don't recommend), some people have a modified scheme:
This costs them a heck of a lot more, and gets around the place of returns without restocking fee. If you need to buy a DRMed product, you can also use this to make sure the company pays the manufacturing costs for 2 of 'em instead of one, and loses money on the sale. It is, however, illegal, and probably unethical.
I was gonna buy a Samsung monitor, DVD drive and floppy drive. Now i'll be getting a Phillips, Lite-On and oem brand. Let them know with your wallets people.
"Sic Semper Tyrannosaurus Rex."
HP has been shipping computers with complete restore info on the HD for about a 1 or 1 & 1/2 years now. If you want CDs, you have to request them on their site, by mail, or phone.
If the drive dies, they send you a new drive with all the OS info pre-loaded....the average user doesn't even realize that they are using space...
is great and all but without a massive movement that information doesn't always flow upstream very quickly. In other words speak with your wallet and with your voice. Email is still free (mostly) so everytime your specifically purchase a non-DRM product over theirs write and tell them! Let them know how much $$$ they're losing on a sale-to-sale basis. Companies live and die by numbers and having another level of data tells them even more forcefully that, yes a boycott is in progress, and they're actively losing our money.
-- I'm not a pessimist, I'm a realist. It's not my fault that life sucks so much. --
So what makes an application "trusted" is that it has been blessed by Microsoft, ie. any software publisher with the funds to pony up the fee to Microsoft to get the trusted seal of apporval I suppose. So that's supposed to make computing more secure... and what is a "secure" computing environment anyway? Most of us define a secure computing environment as a desktop we can work at where our data is secure, private, stable, and uninterupted by rogue applications that pop up in your face unexpectedly refuse to be ignored... this is where "trusted" vendors are trying our patience. It has become more common for every Windoze desktop application sold today to hag nag screens popping up for any number of reasons: "Do you want to check for updates?" ... "Do you want to register now or be reminded to register in the next 15 minutes?" ... "Would you like to see some exciting new offers? I'll just go ahead and add them to your bookmarks menu anyway..." ... and all this happening when the offending application is not even running! Desktop software is becoming increasingly intrusive and interupting the workflow process.
So I ask you, what's worse: having a malicous virus annoy you and interupt your workday or having an application you paid for essentially behave even worse? At least virus authors don't nag you to register.
So my point is "secure" and "trusted" computing is obviously a joke when the companies driving this initiative are more intrusive and disruptive to the average work day than most virus authors.
No, that paper is a basically a bunch of mis-leading propaganda designed to obfuscate the truth that TCPA exists solely for the purpose enabling Palladium and Palladium type DRM and user controlling mechanisms.
Read the EFF report to see why if TCPA were not designed with user control in mind, they could have implemented some very simple changes (user override) to make sure that the user had access and control over all aspects of his own machine. They didn't: instead they opted for to create a system whereby the TCPA chips can be used exactly for the things they claim they have nothing to do with (shipping them with so called "Endorsement keys" which are vendor signed, user inaccessible keys that can verify to third parties that you are using an Operating System that they like).
The logic of the rebutle is backwards all over the place. For instance they claim that TCPA is not for DRM since the chips are not tamper resistant to hardware attacks: This rather shows, unlike what some people have argued, that the chips are not designed to help against things like hardware theft and corporate espionage. For DRM you don't need tamper resistance since laws like the DMCA will keep the means of tampering out of the hands of most of the population.
Also, the argument against the endorsement keys being used for DRM is something like "nobody has a system to running for signing and verifying them today" which is supposed to convince us that such a system will not exist when they are widely deployed (note that as a feature they are 100% useless without such a system.)
Hmm. The PC hardware platform is more open? What was the name of that firmware Apple uses? Oh that's right. Open Firmware. It had been used by HP and Sun in the past. If you want to make a difference in the world instead of spreading fud about Apple not using open standards for hardware and software, petition PC makers to start using Open Firmware instead.
Jesus was a compassionate social conservative who called individuals to sin no more.
But your PC will - and Apple, by actions they have taken, have shown they are interested in the user having control over the computer. Audio DRM that lets you burn as often as you like, and makes the files your own. Use of Open Firmware and other open technologies (like Darwin or BSD). Lack of product activation on any Apple software.
As we all know "trusted" computing is eaxctly about not trusting the users. Apple trusts the users, and therefore has no reason to deploy a "trusted" platform (which also adds cost, a double whammy).
Basically, Apple is your last large commercial hope. If you want to stop stuff like trusted computing, then head over and support the vendor who is at least trying to head the other way, instead of joining the crowd headed down the path you don't like.
"There is more worth loving than we have strength to love." - Brian Jay Stanley