Slashdot Mirror
IBM Shipping More PCs with Trust Chips
rts008 submits this EWeek story about IBM shipping more computers with trusted computing inside. Since the article mentions none of the downsides, we should: trusted chips will eventually be used by software manufacturers to make sure the computer's owner does not do anything with the software which the manufacturer does not want to permit.
Yeah, paranoia is fun and all, but I wouldn't mind a few links to support the downsides claim.
You'ld think IBM would know better than to associate the word "Trust" with "Technology". That combination is like a buzzword for suspicion to the Tech-wise.
Remember, trusted computing has its place. Maybe not on the desktop, but I can see it useful to lockdown point-of-sale machines, kiosks and librarys. It would be a hell of a lot easier for some places than it is implementing Group Policies and permissions for a computer that should be used only for a specific task.
Industry spokesman: "... but this will stop those evil hackers taking over your system. Surely this is what you want? Oh, well yes, it CAN be used to restrict the way you use your legitimately purchased software, but don't you think that's a small price to pay?"
what I don't like about this concept is that the problems that mainly affect the lower end (non-tech users who can't secure their PCs) will result in more restrictions on the top end (tech users who can 'creatively' use products for a purpose outside their original design parameters). the punters won't notice.
Screw you all! I'm off to the pub
"Putting the data in the system's hardware makes it more difficult for hackers to access, according to National Semiconductor."
If the system software can access it, so can a hacker.
Ignorance is curable, stupid is forever.
When did Slashdot gain the ability to see the future? While I know we disapprove of "trusted computing" and similar systems, and for good reason, for a blurb wanting to talk about balance, that's a pretty damning statement. Trusted chips can be used to lock down software stop users, not will. We're still early in the game, and damn if we don't have any influence, but that future is still a long way off. How about instead of just bitching about "trusted computing" we start to drive it towards something that's mutually beneficial: something that allows businesses to exert power over their internal affairs(locking down documents and such), and something that lets users exert power, such as locking down systems against worms, viruses, and spyware?
The book on trusted computing hasn't been written yet, let's not call it before it's done.
Good.
Instead of encouraging people to break the law (pirate software, etc) - I wish more people would choose software that _grants_ them the right to use it as they see fit.
I wish everyone in the world had to pay full price for Microsoft and Adobe software instead of copy it or buy cheap pirated versions. Then people would start recognising the value of Free Software.
Until then, pirated windows is probably the strongest competitor Linux faces.
trusted chips will eventually be used by software manufacturers to make sure the computer's owner does not do anything with the software which the manufacturer does not want to per
My god, you can see the future too? I thought it was just me! How long have you had the gift?
[/sarcasm]
Seriously, the chips the article is talking about are completely user-controllable. If they don't want to take advantage of the functionality, they don't have to. Did you even read the article? It talks about how the chips facilitate encryption and secure storage of passwords and other sensitive information, not controlling what the user does with their computer.
Making vague, unverifiable assertions about the possible applications of a technology that could potentially be derived from this one is nothing but FUD.
This space intentionally left blank.
While vendor lock-out is definitely a threat, it's not a terrible threat because amateur developers are such a key part of the industry, and always will be.
What concerns me much more is the stuff that's going to start happening when "trusty" computing becomes ubiquitous, if it ever does. More and more important transactions and secret info exchange will take place over the net. and of course you know the government doesn't allow good encryption for "national security" reasons.
the article talks about the security and encryption being in hardware rather than software as though that was some sort of improvement on it, but who wants to replace their hardware as soon as some 1337 5kr1p7 k1d5 figure out an exploit? and it's only a matter of time.
on the other hand this is one of the few technologies that could permanently cure the world of spyware (the other obvious one being dumping windows altogether.). of course with every new anti-spam technology, the spammers are the first on board, so I imagine the industry will sell out again and no good will come of it.
This comment is fully compliant with RFC 527.
It seems that manufacturers and publishers are just determined to alienate the consumer with this kind of shit. The only way to stop it is to take their profit out of it. Just say no with your pocketbook. They'll get the message sooner or later, assuming they don't pay off some politicians and get a law passed to make DRM mandatory. Oh wait... we're screwed.
When all else fails, run.
If these silly licenses will finally be enforced, people will start to demand software that they legally own the rights to - as opposed to simply stealing it from work.
The best thing that could ever happen to Free Software would be if people were no longer able to steal software from their companies an no longer able to buy cheap pirated versions.
Finally the general public would understand what the Free Software movement is all about.
Michael, I'm afraid you're mistaken. No processes will be allowed to run on your machine that *Microsoft* or a similar vendor did not specifically authorize. This means that the boot loader can be signed to prevent you from running a non-Windows operating system, a CD or DVD or hard drive disk can be signed to prevent legal and authorized duplication for what is legal home copying, and emulation software such as OpenOffice can be prevented from making the system calls to open data files generated with Microsoft Office, helping keep the Microsoft monopoly locked up.
Moreover, it can prevent experimenters from being able to design new drivers and software tools to work with the crypto-authorized hardware without spending very large amounts of money on development tool suites with frankly larcenous intellectual property agreements.
This development is potentially extremely nasty: while we're somewhat paranoid about it, the history of abuse of standards to lock customers into their monopoly justifies extreme concern about what Microsoft might do with these features.
That's complete bullshit, and anyone with half a clue about the industry knows it.
Even Linus has no problem with trusted computing. As far as sensible people are concerned, Microsoft is free to make their OS as cumbersome and useless as possible.
You mean a similar vendor like SuSE, Debian, or gentoo.org?
Trusted computing enables software vendors to enforce the license restrictions that they put on their software. If you don't like the licensing terms of your OS provider, you should really look for a different one.
I'm fine with most of the restrictions Debian puts in their licensing agreement. I never did understand Microsoft's (what, you mean I can't install it on all my machines!?!) so I don't buy OS's from them.
And just because somebody slaps the name "trusted computing" on a piece of silicon it does not mean that I am going to "trust" it without question- even if they are being shipped by IBM (who can do no wrong!)
You're wholly missing the point. "Trusted computing" is not a term aimed at the consumer. It's a term aimed at the content-providers. As in, "even though PCs gave rise to rampant copyright infringement, you can trust these not to do so."
The attempt is futile because every attempt to prevent illegal copying has been defeated. Some Taiwanese engineer will design a hardware addon to enable the customer to illegally copy the software.
The only way to protect the trust chips is to obtain a federal injunction (from a judge) barring hardware hackers from circumventing the hardware anti-piracy chips. However, those injunctions apply only to the USA. The Taiwanese engineers will gleefully ignore the injuntion -- as is their wont. The Chinese in China (including Taiwan province and Hong Kong) routinely ignore Western standards and custom.
After all, China is the software-piracy capital of the world. The piracy rate exceeds 91%.
At the moment, its just too easy to pop the CD in, or download something you only want to use this one time.
If that one time _really_ did cost you the $400, its suddenly not the package for you, is it?
Example - The missus complains that she doesn't want to use or understand Linux, so what do we have to do, we have to install that nasty stuff - but we shouldn't fork out the list price of $900 for the software - O no. You're in IT aren't you, you can easily grab a copy from work .....
TCPA (the chip that's in these PCs) is simply a Crypto co-processor. It provides acceleration for common crypto algorithms and it also provides a tamper-resistant storage location for keys. IBM maintains an Open Source implementation for the processor.
There's already been really neat things done with the chip like a truely secure version of Linux that's entirely tamper proof (this is doing by signing the kernel and boot loader with the TCPA.
Put away the foil hats people, this is actually really cool innovative technology that so far has given Linux an edge in the security world over Windows.
int func(int a);
func((b += 3, b));
Right. Just until the BIOS uses Treacherous Computing to determine wether you're launching an approved operating system.
Phoenix has already announced they support TCPA... and many others do too.
I seem to recall Apple having an anti-trusted computing and drm stance.
iTMS and AAC anyone?
Just because their DRM is the least evil one going doesn't mean that it isn't DRM.
LK
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
This sounds like a nice idea until you find out that the hardware manufacturers are working with the software vendors, and will prohibit you from installing anything other then what *they* approve..
Approval wont techincally be 'restricted', but you will have to go thru a approval process, which wont be cost-free.. ( just look at getting ISO certification.. its not cheap )
So, that means little LEGAL free software will run on your 'trusted PC', as the cost of 'certification' ( as well as the rules and regulations you must follow for approval ) will be far to high for an OSS project to afford.
In the end, its got little to do with piracy, and more to do with control.
---- Booth was a patriot ----
If trusted computing does become a reality, I hope that it is successful in enforcing one thing... preventing the pirating of large commercial applications like Photoshop, MS Office, and Windows itself. How many "Joe Users" do you think would actually be using MS Office if they actually had to PAY for it? I'm sick of my friends/collegues saying, "Why would I use The Gimp or Openoffice for free when I can use Photoshop or MS Office for free?". I'd like to see how quick they are to dismiss OSS alternatives when they actually have to PAY for the software they are so used to stealing.
I'm not saying that Trusted Computing isn't without a myriad of faults, I just think it will be a big eye opener for the general populus when they realize how much they would be getting ripped off if they were actually playing by the rules.
What do you think?
The story said:
It should be noted that what we're really talking about is preventing the computer's owner from doing things that Microsoft and their allies (such as the MPAA) don't want to permit.The computer manufacturer, such as IBM, is largely irrelevant, except to the extent that they may eventually offer hardware that will refuse to run operating systems they don't approve of. Since IBM supports Linux, it doesn't seem likely that they will build machines that can't run Linux, but many other vendors have hitched their wagons more firmly to Microsoft.
Seriously: we have this already. We have the Playstation 2, we have the X-Box, we have (name your favourite piece of controlled hardware here). Both of them incorporate something that could be called "trusted computing". If it ain't signed properly - it ain't trusted - it ain't run.
Few consumers accept(s/ed) this and buys a modkit to solve the problem. Same way it will be for the IBM hardware.
Maybe this even has a more negative impact for software sales than they envision:
If software manufacturers rely on this piece of technology to protect their investment completely (as with XBox and PS2), their software is going to go just as easily as buying the modkit. And because their software get's spread more easily (any person with a modkit can copy their software), they will lose more money - and need larger margins to keep afloat, which leads to a spiral of less software sales. Thus, in the end, noone but large players will stay behind.
I vote for a namechange:
Trusted computing becomes Assured economic software failure...
Slashdot: stuff for news, nerds that matter, matter for news, stuff that nerd
If this prevents the computer illiterate people from running malicious software (which probably makes up 99% of the world), I'm all for it. If you think this can be used to prevent legitimate software from running, I wouldn't be worried about it. How quickly do you think an anticompetitive lawsuit would be filed if that happened? There's a good chance this feature can be enabled/disabled (preferrably not programmtically).
Oh, like THAT will take the virus/worm writers all of 3 minutes to work around...
They'll just make the same mistakes in the hardware/firmware as they do over and over again in the software. Nothing will change, other than the less technically savvy losing more of their computer to the manufacturers and developers.
I work for the Department of Redundancy Department.
Since none of the big time hardware makers also make major software, why the heck do they give a second thought about software piracy issues at all?
There'll be a nice licensing scheme for the key.
Which will first be incompatible with Open Software (licences) and second cost so it can't be included in freely distributed software.
Microsoft, Adobe etc. will just hold up their hands, it's not *their* fault this 'free' software will not run...
"The likes of Facebook and WhatsApp are free to those whose privacy is of zero value."
Wouldn't matter. 12 years after the lawyers drag it all out, the game will be over.
I'll get the most cutting edge PC I can that doesn't contain any builtin DRM, and then see how long I'll last.
You missunderstand the threat. There is absolutely no reason to hold onto a Trust-free machine. It's like holding onto a speaker-free machine. You can just go out and buy a new computer that happens to have speakers, and then pretend the speakers aren't there. Simply don't use them.
The new Trusted-enhanced machines can do everything the old machines can do.
The entire plan is that ordinary old machine will increasingly get locked out of everything. New software will only run on the new machines, and only in the new Trusted-enhanced handcuff mode. New websites will only be viewable on the new machines, and only in the new Trusted-enhanced handcuff mode.
You'll get a FREE music CD with your McDonalds Happymeal. If you try to play it on a normal old computer it will give an error message that you need a new Trust-enhaced machine. Your old machine is obsolete and incompatible. So Uncle Bob will run out to buy a new Trusted-enhanced machine just to get the damn free music to play. And that music will only play in Trusted-enhanced handcuff mode.
You will start getting get secure e-mail from your friends and family and maybe even your boss. And it will be impossible to read that e-mail except on the new machines, and only in the new Trusted-enhanced handcuff mode. And if you refuse to submit to Trusted Computing then your friends and family and boss all blame YOU for having an old obsolete and incompatible machine, that YOU are causing the problem.
So not only will you get locked out of more and more as long as you refuse to submit, they even subvert your friends and family and boss (who have moved to Trusted Computing) into making you suffer even more.
There is absolutely no reason to hold onto old hardware. That is part of the insidious nature of their plan. It is the old Microsoft Embrace Extend Exterminate tactic. They Embrace everything current computers can do, Extend it with stuff that only Trusted machines can do in handcuff mode, and Exterminate normal old computers which are now incompatible with everything new.
-
- - You can't take something off the Internet! That's like trying to take pee out of a swimming pool.
Yeah, and 15 years after they crushed all competition, they will get a terrible slap in the hand, everything wiull be forgotten.
Sure, after you've inserted your national ID into the smart card reader.
One CPU cycle wasted on digital restrictions management is ONE TOO MANY.
Phoenix were the original makers of knock-off IBM BIOSes. I bet soon there'll be a Phoenix knock-off without the Pal^H^H^H Trusted Computing thingy.
503 Sig Unavailable
The Signature could not be accessed. Please try again later or contact the administrator