IBM Shipping More PCs with Trust Chips

rts008 submits this EWeek story about IBM shipping more computers with trusted computing inside. Since the article mentions none of the downsides, we should: trusted chips will eventually be used by software manufacturers to make sure the computer's owner does not do anything with the software which the manufacturer does not want to permit.

IBM

[rampant+mac]

Does anyone know if PPC chips have "Trusted Computing" components built into them? With the G5 becoming more prevalent in Apple's product line, and being manufactured by IBM, I wonder if Apple would hop aboard. My PowerBook is fairly new and I won't have to upgrade for a few more years but this worries me a bit. Hell, I started using a Mac to get away from Windows Activation and all that crap in the first place.

Re:IBM

[CoolMoDee]

I seem to recall Apple having an anti-trusted computing and drm stance. All it does is complicate things, not something that apple would want, since its a computer for "the rest of us" and such.

the death of "owning software" ?

[lawngnome]

The main problem, as I see it isnt even with using this kind of technology fro copy protection - its the changes in software licensing that will come as a result of this. Think windows XP activation is a bitch? imagine quicken refusing to install because your new laptops trust chip is different... :(

The beginning of the end?

[Judg3]

I wonder how long it will be until everything contains trust chips.

I was thinking about this earlier last week, and made a decision I'll try to stick with - I'll get the most cutting edge PC I can that doesn't contain any builtin DRM, and then see how long I'll last.
Except for games, I think I can last quite some time. As it stands, the only thing I need a lot of extra horsepower for is gaming. I don't mind waiting an extra bit of time for a program to compile, and everything I use now works fine even on an old P3 667. If push comes to shove, I'll just game on a console and do my compiling on a stand alone machine.

The only 'bite me in the ass' possibility is if they start building hardware (video cards, hard drives, ram, etc) that demands the use of this DRM chipset, then I'd be screwed. If not, I bet I could push my next PC purchase out to easily over 5 years.

It probably won't end up being that big of a deal

[ShatteredDream]

Knowing how exposed most software is to things like worms, it would be very easy with powerful control hardware to lock people out of their systems without actually damaging the system. One of the things I find very interesting is how does one go about preventing a worm from rewriting certain parts of Windows and user apps so that they think the trusted hardware is either not present or does not let the user do what they are trying to do?

If after a year and incredible amounts of money spent on R&D, Microsoft cannot really slow down the spread of worms, how can they write an operating system that cannot be totally mindfucked by a worm that twists how Windows deals with the trusted hardware? So maybe Microsoft requires code signing, who is to say that someone isn't going to find a way to spoof a real code signature so that the worm appears to be Microsoft?

My money is the proposition that they'll try it, it'll work great for 3-6 months then people will start writing worms that target trusted systems and that totally ruin them. Then it will be a big flop within 2 years. IBM, Microsoft and other companies need to realize that the human component of security simply cannot be automated. Despite all of their attempts at real security, Microsoft cannot deal with the fact that the single greatest security hole in its OS is the user that never patches and that thinks it's not cool to remember what they aren't supposed to do to avoid getting worms and other hacks.

And if it doesn't work, just stock up on as much pre-trusted hardware as possible and put it into a closet for safe keeping....

Can I trust my computer?

[einhverfr]

You bet I can. I run only Free Software!!!

Personally I am not opposed to the trust chip technologies because I think that we are to the point now where the interests against extending copyright protections are stronger than those for it. I also think that such trust chips may allow many new applications which we can't think of today in the Free Software world.

One trend I think people often fail to understand is that freedom from EULA's becomes more appealing the more the mainstream technologies become encumbered. If Microsoft wants to fight their users, great! We welcome the refugees :-)

Re:Can I trust my computer?

[einhverfr]

Right. Just until the BIOS uses Treacherous Computing to determine wether you're launching an approved operating system.

At which point, if they do not allow for competition, they are vulnerable to Antitrust suits, I would think, though IANAL.

I would think that would be a good case for collusion.....

Re:Can I trust my computer?

[DrSkwid]

reading the source code is not enough

unless you taped out the CPU, wrote the BIOS, wrote the compiler & wrote the OS

http://cm.bell-labs.com/who/ken/trust.html

Less evil?

[brunes69]

And exactly why is AAC's DRM "less evil" than WMA's DRM? Because it is made by Apple and not MS??!?!

Anyone else like a big slice of bias with that? Anyone?

Re:Paranoia or truth?

[cgenman]

You do realize that protecting machines against malicious attacks has always been a red herring, right? Trusted Computing ensures that signed code runs in a protected space which unsigned code cannot effect. However, most computing will still occur outside of the signed code space, and for legacy reasons every feature of today's Windows computing environment will need to remain exposed to unsigned code. In other words, this has no more chance of stopping a someone from hacking into your computer than insulating your house will stop someone from stealing your car.

If they really wanted to reduce the amount of damage malicious code could do, they would create a unix like permissions environment, with an automated way of setting permissions levels. Not only is this the obvious way of reducing malware, it is the proven way. It is a lot like what Trusted Computing proports to be, but with the user retaining full control. But the user having full control is what this is supposed to stop.

No, what Trusted Computing means, and has always meant, was not that you could trust your computer but that the media owners could trust your computer... Creating a sandbox environment where no code can touch any other code or modify its behavior in any way would not function in an environment where your typing enhancement systray app was correcting your spelling in your legacy e-mail client, but rather preventing you from recording a movie as it is written out and watching it later.

Trusted Computing is DRM.

I'm not saying DRM is necessarily a bad thing... Quite frankly if it does open up the floodgates of every movie in IMDB's database available to the public at a moment's notice, I'm all for it, at least in theory. In practice it needs to be defended against, because the industry leaders have shown themselves to use every inch of power they gain over their users to manipulate them and cement their power. While Microsoft may not trust me not to steal movie trailers from their website, I sure as hell don't trust them to let me run SkyOS 5 without interference.

I'm glad that you've brought up what the TCPA is claimed to do, because there are still large swathes of people out there who believe the lies. To be quite frank, if they were more honest about the goals of the platform we might be more inclined to trust them. But when they're trying to smuggle in more control over their users in the guise of protecting them from something they have no hope of protecting them from, there can be no option but resistence.