Slashdot Mirror
DRM Tinkering with Intel's PXA270?
putko asks: "Intel has a new line of chips with DRM built in. This appears to be the very first DRM-enabled chip to hit the streets. This microprocessor is unlike others available, because the user doesn't have complete control over the thing, and your computer can (theoretically) betray you.
For a while now, there have been computers (IBM ThinkPad) that won't boot unless you give the password, but you could always rip out the hard drive and read it, right? With this chip, the keys and RAM are on the chip, and the flash is encrypted, so this really looks locked up tight.
Has anyone worked with this chip, and is possible to build your own device that uses the Intel Trusted Wireless Platform to protect your secrets (like your software, perhaps)?"
"I'm reminded of this due to Slashdot's recent story on the iPAQ, which uses the chip (and has some neat security features too). Somewhat surprisingly, nobody brought up the Doomsday scenarios, there. It should also be mentioned that there are companies selling incredibly tiny boards for it. Maybe you can run Linux on them?
Wouldn't it suck if the chip had the capabilities and you couldn't use them in your own projects -- e.g. if that was just reserved to big companies like Microsoft? On the other hand, if you can use the features, you might see some neat applications. Assuming you can program the DRM stuff, how do you avoid locking yourself out of the chip while developing? What extra pitfalls may developers run into using it?"
Wouldn't it suck if the chip had the capabilities and you couldn't use them in your own projects -- e.g. if that was just reserved to big companies like Microsoft? On the other hand, if you can use the features, you might see some neat applications. Assuming you can program the DRM stuff, how do you avoid locking yourself out of the chip while developing? What extra pitfalls may developers run into using it?"
I have been writing/ranting on this topic for quite sometime on Slashdot (see here, here, and here). My worst predictions are coming true. In order for DRM to work it needs to be embedded in the OS, the BIOS, and various pieces of hardware.
Yeah, there is a possibility that non-DRM'd pieces of hardware (including LinuxBIOS) will have a market but the vast majority of people want stuff to work and work w/o problems. Microsoft, Intel, Phoenix, etc, will all tell everyone that they will end viruses, worms, trojans, spyware, etc if they just use their hardware solutions.
Yeah, well, that's great and all but you won't be doing anything on the net unless you are running trusted hardware. People's arguments that an "alternative" network will show up to solve that is bullshit. Just wait till your online banking, your taxes, and your foo are all on the "secure" Internet.
Nevermind that, but it may become illegal (through creative lobby) to own and operate an unlicensed/unprotected piece of hardware. Enjoy finding an ISP that will let you connect.
While this particular CPU might only find a niche market and may very well flop completely, I have a feeling that we will start seeing more and more of this sort of product coming out of the hardware giants. Who knows, maybe my paranoia will be justified?
How dare you try to protect your own secrets??!!?!? Information wants to be free, you...you...capitalist!!!
Proud member of the American Non Sequitur Society. We might not make much sense, but boy do we love pizza!
One more reason to not buy an Intel chip.
I've never worked with this chip yst, however I have used the IBM version. Actually their next round of laptops will have A fingerprint reader as well, so you don't need to remember any passwords
I LIKE TOAST!!!
Whatever happened to being able to do whatever you wanted to with the computer you bought? If it's locked up for the media companies - the media companies need to provide them for free - cause I WILL NEVER buy something like this.
Joe Blow: Open warez site please
PXA270: I am sorry Joe, but I am afraid I can't do that...
ELOI, ELOI, LAMA SABACHTHANI!?
... because this is nothing new.
First of all, this is an *EMBEDDED* processor, not an x86-class CPU. It may be used in PDAs and the like, but it is not going to be running your desktop anytime soon.
Secondly, embedded devices with encrypted onboard flash are nothing new - they've been around for years.
www.eFax.com are spammers
...don't buy it. If you feel your personal liberties being threatened vote with your wallet and just stop bitching about it.
Yeah, I had all of that info you're looking for... but I forgot the password on that system ;)
Real programmers use "copy con program.exe"
More to the point.. how do you hack this good for nothing piece of shit?
This comment does not represent the views or opinions of the user.
Didn't Howard Dean teach you once and again that dirty hippies, whether they be just plain dirty hippies, or enhanced dirty techno-hippies, have absoulutely no lobbying power and are always going to be laughed at and ignored?
Can anyone say 'Clipper Chip'?
Remember what happened to that brilliant idea? This is it in a new guise, this time reborn to lock-in traditional media.
Never fear, either too many objections will be raised to make it viable in the marketplace, or some smart person will figure out how it tics...
Lodragan Draoidh
The more you explain it, the more I don't understand it. - Mark Twain
Purchase AMD chips
Intel just doesn't get it. Someone at intel must have heavily invested in AMD.
"brxref
Trusted Boot ROM - will ensure that the OS being booted is the one that the manufacturer installed. No more installing NetBSD on your pocketsized wireless gizmo.
Media DRM - files can be created to work only with the OS, ROM and disk in the unit, and only for a specifed length of time.
The features seem to be directed at wireless carriers and content providers, to prevent unauthorized use of their networks and content. So, if you don't like it, use other vendors.
Apple doesn't use Intel chips. Apple doesn't make products with DRM.
Time to dump the Wintel monopoly !
This reminds me of when Jerry Sienfeld's comments towards the end of the Sienfield tv show. Something along the lines of "the public is like childeren, sometimes you have to say, no you can't have any more cake". The public doesn't want DRM on their chips. They don't want to pay itanium prices for 64 bit. Intel didn't realize this and thought and apparently still thinks that people will buy it just because intel says they should.
"brxref
Take a look at the popularity of iPods. The public loves DRMed devices.
NOT buy or use such trash. Buh bye Intel!
This is a part of Intel and Microsoft's "Trustworthy Computing Initiative", and Intel's "LaGrande Technology" (LT).
I don't think there's anything "grand" about it.
Even an hour of presentation at Intel couldn't help me understand how this technology can be beneficial in any way, and how it does not pose more security and privacy concerns and issues rather than resolve them!
We should be wary of *any* move towards turning computers from our servants into our prison guards.
I wouldn't get too worked up, it's just another exercise in futility from the DRM people. You think they'd have learned by now that any programmable computer is inherently hackable. Any DRM can be removed or forged, the system would have no way to tell the difference between my home movies and a pirated copy of Pirates of Silicon Valley. Just as an example, what is to stop me from running an emulator or virtual machine, and then playing my DRM free media on such a system? How would it know it was running untrusted code if all it saw was javaw.exe?
How many reading this want to make a bet that their phone is drm crippled? If its a really nice one my guess is 90% that everything is encrypted and locked.
After all why should the cell phone companies give up their monopoly as being the gatekeeper to all software including pim's and games?
http://saveie6.com/
"For a while now, there have been computers (IBM ThinkPad) that won't boot unless you give the password, but you could always rip out the hard drive and read it, right?"
If the password for the hard drive is set, you won't be able to move the drive to another system or it will look like the drive is dead. If you do know the master password and try it in another system, I believe it will wipe out the drive, it's pretty secure, and the main reason I use ThinkPads.
Apple doesn't make products with DRM? Wake up and smell the iPod, fanboy.
With this there is another big reason to boycott Intel. Other reasons are:
- Most AMD processors give you quite a bit more performance than Intel CPUs
- Intel continues to pollute the environment with chemicals from chip production while AMD has invested alot to reclaim and/or properly dispose chemicals, not just at their Dresden fab, and is focusing on energy efficient processes as well as buildings.
- Intel is in bed with Microsoft whereas AMD is much more neutral and supports open-source projects e.g. development of gcc.
It happens that I am supposed to get quotes and purchase PCs and workstations for several labs at a well known Massachusetts research institution, over 380 machines total. So far AMD looks much better in almost all aspects and Intel's involvement in dubious DRM technologies now helps me to make the final decision. AMD simply rules!
Microsoft requires all PC sold with Windows XYZ to use a Trusted Boot ROM. The Trusted Boot ROM verifies the Windows license is valid before booting. Whoops, you mean your PC won't boot Linux because it doesn't have a valid Windows license. What a unforseen side effect!
You can activate hardware encryption of the hd's in the bios of a Thinkpad.
You can rip out the hd, yes, and you can read data, yes, but I don't think you will find the data very usefull since everything is encrypted.
I disagree with the assessment that "all DRM is bad". While it can and most certainly cause a lot of hell for many people, it can be used for A Good Thing.
Here is my vision (discussed previously):
Someone takes a chip like this and builds a set top box. This box plugs into a broadband connection. It contains unbreakable DRM. The box is provided to consumers at no cost and does not cost them anything if they do not use it. The box checks for content on the internet. It finds popular content and downloads it. This content is available to the end user for a nominal fee (say, $0.12 per hour).
Since Big Media does not want to relinquish their stranglehold, they do not participate at first. But the little, independent producers from all over the world come up with very creative content and many end users purchase it. The popularity of the little guys starts displacing Big Media. So Big Media starts participating. Because people no longer need a cable or satellite provider, they discontinue service.
Because Big Media is now competing with potentially millions of other talented independent studios, the cream rises to the top. Big Media is no longer as big. The little guys are no longer as small. The Evil Cable and Satellite Monopolies are no more.
It sounds like a good story to me.
More
DRM - big brother's kid sister.
The customer, in this case, is the mobile operators like Vodafone / AT&T / Cingular and so on. Competition means they chose to subsidise your phone to get your monthly fee (illegal in countries with strong anti monopoly laws). Now they feel that they should own that phone you are paying for and should be sure you can't use it without paying them. They have specified this to the phone manufacturers and to Intel and now they plan to get you.
Things they don't want
- Voice over IP programs running on the mobile which bypass them (phones limited to Java only; no Symbian or Windows programs)
- WLAN phones which don't use their billing.
What to do? Choose operators who provide proper smart phones. Buy SIM-less phones. Complain to the anti-competition commissions about using a monopoly on radio waves to build a monopoly on content.
Does anyone really think that the government of China (fastest growing market in the world) will actually allow it's citizens to use computer hardware controlled by U.S. based companies?
I don't think so. This won't get very far.
The only lesson I learned from Howard Dean is to not give a political speech during a full moon.
Don't blame Durga. I voted for Centauri.
Actually, ask any herpetologist, the toad will quite readily jump out of the pot when it gets hot enough.
What we call folk wisdom is often no more than a kind of expedient stupidity.-Edward Abbey
I was amused to see that in a recent interview with Richard M. Stallman he referred to DRM as Digital RESTRICTIONS Management.
Although I'm not a big fan of spin, the current political climate makes renaming things with misleading names a necessity. When you say "Digital RESTRICTIONS Management", it makes it fairly clear that it's a technology aimed at limiting personal liberties.
P.S. Yes, I know this is a repost, but...
Signatures are a waste of bandwi (buffering...)
For a while now, there have been computers (IBM ThinkPad) that won't boot unless you give the password, but you could always rip out the hard drive and read it, right?
This is old news. That functionality has been available in BIOS's for at least 10 years.
What you may be referring to is the TPM 1.1 chip in some Thinkpads. But I believe that TPM has to be manually enabled. Could be wrong.
Maybe, but not if I stick the lid on.
I love vague analogies!
--- Need web hosting?
Does anybody here hear shades of the Millenium Digital Protection Act? (Forgive me if I've misnamed it -- I'm afraid I don't).
So far, my interpretation is that it is illegal to override/circumvent the sort of "protection" which DRM technologies provide. I can readily foresee a time when it will be illegal to use/operate an old AMD 2.2GHz/LINUX based system because it doesn't incorporate hardware DRM. What does this mean?
It means the ultimate death of the Open Source movement, for starters. Who wants to run an OS which not only is incapable of performing anything more than the most basic functions but can get you arrested and jailed to boot?
Nyet to fear, tvarisch -- will never be comink to that, eh? Have a care, friend . . . those who will not fight to defent their freedom may well find themselves without freedoms to defend.
My computer will stop being a yes man. Who wants a computer that obeys its master all the time? That's no way to have a relationship.
AMD Alchemy(TM) Au1200(TM) Processoro ductInformation/0,,50_2330_6625_12409%5E12410,00.h tml?redir=PCAU04
http://www.amd.com/us-en/ConnectivitySolutions/Pr
Oh, wait...
Built-in decryption hardware for digital rights management (DRM)
Does that mean you won't buy AMD chips either???
#include "standard_disclaimer.h"
It's like Intel giving you a bullet so you can shoot yourself in the foot! Just say NO! to DRM technology.
We already had a government controlled by China, so why not this too?
Then again, for the first time, I feel motivated to buy a non-Intel chip for my next machine(s). Maybe this is what it takes to break the Intel monopoly.
Let me ask you, why did Firefox suddenly start gaining market share? Because it's a superior browser to IE? No, although I believe it is. It's because so many people got so goddamn sick of getting adware and spyware viruses that were so pernicious they had to reformat their HD to get rid of them.
In the long run, they could be doing us a favor.
"Extremism in defense of liberty is more fun."
So now the chip implements DRM.
Why does hardware DRM have to mean that the MAN can control me and you, but DRM cannot mean it can be used to control the MAN?
I for one reject our new overlord master, via MY new DRM Chip!
Please be gentle!
*click**beep**beep* Scotty, One to Mod up!
Yeah, well, that's great and all but you won't be doing anything on the net unless you are running trusted hardware... People's arguments that an "alternative" network will show up to solve that is bullshit. Just wait till your online banking, your taxes, and your foo are all on the "secure" Internet.
Nevermind that, but it may become illegal (through creative lobby) to own and operate an unlicensed/unprotected piece of hardware. Enjoy finding an ISP that will let you connect.
I can't believe this shit gets modded +5 insightful. It's called the internet, dumbass. As in international.
As in World-Wide fucking Web.
Don't like the rules? Fucking move. You won't be alone on the highway.
I am currently buying up all the non-DRM processors I can find. Corner the market and profit!!
Before anyone gets too worked up about this, keep in mind that anything in an insecure environment is inherently insecure.
By putting a piece of encryption hardware out into the public where millions of people have access to it means that it will eventually be reverse engineered.
They thought DVD would be a secure medium, but that didn't last very long, and now they are screwed because they have to maintain backwards compatabilty.
The same thimg will happen with any sort of DRM hardware that is released. It will get hacked, and a software emulator will be built, or some sort of a mod chip, and then the whole system will eb compromised.
Of course this will all be made so much easier bedcause of infighting in the industry that won't allow for a very well implemented system.
the above is my personal opinion and does not necessarily reflect that of the little voices in my head
...the "Freedom Processor", taking a lead from neocons by using a name that suggest the opposite of what something is in order to persuade Joe Sixpack that its good for him. Plus, with a name like that, how could its use not become law in the good ole USA?
Wrong.
The clipper chip was to be universal encryption. The idea is the government would sell an encryption chip for voice, data, and so on below cost. It would be so low priced, and work so well, that everyone would buy it and it would become the standard. The thing is, all chips would have a special universal key that the government could use to decrypt transmissions (with a court order of coruse).
Now regardless of if you think that kind of tapping power is a good thing or not, anyone who knows about crypto can give you a whole list of reasons as to why a crypto system like that wouldn't be secure.
This is not about a universal crypto system, this is about control of computers. Right now, a person is the admin of their own computer. They can do what they want with it. This is about taking that power away from them.
I'm not going to buy one. Are you? Enough said.
I have found there are just two ways to go.
It all comes down to livin' fast or dyin' slow. -REK, Jr.
The company I work for has been working on a PXA270 board for a while now. I seriously doubt this chip will flop, since it's a MUCH NEEDED speed boost to Intel's ARM CPU line for embedded/handheld devices.
:)
Besides that, it's a great chip! 600+ MHz, low power like their previous PXA CPUs and plenty of features.
This DRM feature is just another optional feature for designers to use. Right now, I don't see any real reason most designers would use such a feature set. They have no incentive to just lock-down a system willy-nilly. It won't generate any new sales.
And yes, we are running Linux on this chip.
Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore
You see, "bad guy" is a value judgement - there is no moral lodestone that classifies intentions here.
More to the point - These statements are JUST AS TRUE if you substitute the words "good guy".
Or "Microsoft", or "Sun Microsystems", or "The Department of the Interior", or "your mommy"...
This technology is an enabler for an elite who see themselves as the "good guy", and are doing all of this for what is believed to be our protection.
You can't win this - in the long run, anymore than you will be able vote on paper in the U.S. Say goodbye to your clever toys.
"Flyin' in just a sweet place,
Never been known to fail..."
Just remember, Intel had to flash the key and initialize the onboard memory, otherwise each chip would not be different. There will be some pin that needs to be grounded and some secret 0p-c0dE that reinitializes the chip with the contents from the data bus, or something. If they didn't then the machine would be trash after a static discharge from your cat, or a stray gama-ray found it. Having it destroy itself perminantly would be a PR disaster! I give it about a month before someone breaks it and all this hype is water under the bridge for those that don't want it. Sure , they may have to rechip their BIOS but with OS BIOS's available it will just be an option you enable, if you want or need it. Heck, just enable it and set them all to the same key and we can all have some fun!
You are completely right of course. But your tone is overly critical. What I see is a group of people in a public forum doing several things:
1)They are discussing whether or not there is a real danger - deciding whether or not to vote with their wallet
2)They are disseminating information - in other words, they are letting people know about the DRM features and their implications, so others can as well vote with their wallet
3)They are making their decision to not purchase the product and the reasons why a matter of public record. When Intel determines that sales are below expected numbers, we want Intel to know that the reason is DRM, and not processor speed, or missing features.
Voting with one's wallet is a bit more than not purchasing something. Bitching is in fact requisite. That's how a marketplace, both of ideas and of commerce, works.
The chip has the ability to be controlled over JTAG. If you really care about what's going on at that level, bring the pins out and step through the code - the opcodes its executing aren't encrypted.
No, you're not going to do this without some basic hardware. Wah.
http://www.intel.com/design/pca/applicationsproc essors/swsup/legal.htm?url=/design/pca/application sprocessors/swsup/301764_FPGA_MB_MainBoard_V1_03_0 01.htm
NTEL® PCA PROCESSORS SOFTWARE LICENSE AGREEMENT
IMPORTANT - READ BEFORE COPYING, INSTALLING OR USING.
Do not use or load this software and any associated materials (collectively, the "Software") until you have carefully read the following terms and conditions. By loading or using the Software, you agree to the terms of this Agreement. If you do not wish to so agree, do not install or use the Software.
LICENSE: Subject to the restrictions below, Intel Corporation ("Intel") grants to you the following non-exclusive, non-assignable, royalty-free copyright licenses in the Software. The Software may include portions offered on terms in addition to those set out here, as set out in a license accompanying those portions:
1. Developer Tools include developer documentation, installation or development utilities, and other materials. You may use them internally for the purposes of using the Software as licensed hereunder, but you may not redistribute them.
2. Sample Source may include example interface or application source code. You may copy, modify and compile the Sample Source and distribute it in your own products in binary and source code form.
3. End-User Documentation includes textual materials intended for end users. You may copy, modify and distribute them.
4. Licensed Binaries are redistributable code provided in binary form. You may copy and distribute Licensed Binaries with your product.
RESTRICTIONS: You will make reasonable efforts to discontinue distribution of the portions of the Software that you are licensed hereunder to distribute, upon Intel's release of an update, upgrade or new version of the Software and to make reasonable efforts to distribute such updates, upgrades or new versions to your customers who have received the Software herein.
You may not reverse-assemble, reverse-compile, or otherwise reverseengineer any software provided solely in binary form. Distribution of the Software is also subject to the following limitations: you (i) are solely responsible to your customers for any update or support obligation or other liability which may arise from the distribution, (ii) do not make any statement that your product is "certified," or that its performance is guaranteed, by Intel, (iii) do not use Intel's name or trademarks to market your product without written permission, (iv) shall prohibit disassembly and reverse engineering, and (v) shall indemnify, hold harmless, and defend Intel and its suppliers from and against any claims or lawsuits, including attorney's fees, that arise or result from your distribution of any product.
OWNERSHIP OF SOFTWARE AND COPYRIGHTS. Title to all copies of the Software remains with Intel or its suppliers. The Software is copyrighted and protected by the laws of the United States and other countries, and international treaty provisions. You may not remove any copyright notices from the Software. Intel may make changes to the Software, or to items referenced therein, at any time without notice, but is not obligated to support or update the Software. Except as otherwise expressly provided, Intel grants no express or implied right under Intel patents, copyrights, trademarks, or other intellectual property rights. You may transfer the Software only if the recipient agrees to be fully bound by these terms and if you retain no copies of the Software.
LIMITED MEDIA WARRANTY. If the Software has been delivered by Intel on physical media, Intel warrants the media to be free from material physical defects for a period of ninety days after delivery by Intel. If such a defect is found, return the media to Intel for r
This will no doubt be taken advantage of by worm and spyware writers to make their code uninstallable. Once someone finds an exploit in the chip, it's likely that it will be taken advantage of and fixed by a worm or spyware, making their code impossible to remove. If they're truly evil, they'll disable your computer entirely.
This is the first step in building HAL 9000.
I used to bulls-eye womp-rats in my pants
The question in your scenario is - what is the DRM really doing for the consumer of the box? Nothing apart from letting them share this content they like with other people, thereby preventing the spread of word of mouth successful in order to get said product off the ground.
Your idea is very good and I've had similar thoughts of a box like that for a while - but in NO WAY is DRm a part of a picture that makes that box a success in the marketplace. Such a box would be a success with lesser known content precisely because it lacked the restrictions "Big Media" is baking into official boxes.
The really cool thing about a box like that is that because it does not process broadcast media, you don't need to support the "No Copy" flag!
"There is more worth loving than we have strength to love." - Brian Jay Stanley
Discovery channel programme where the mortician lifts the skin of finger from the dead and use it to produce finger print samples?
There's plenty of legally shareable content about. And there are plenty of people using their computers to produce, not just consume. Inflict foolproof DRM on us, and the free art will flourish. It won't have to compete with warez anymore.
For a while now, there have been computers (IBM ThinkPad) that won't boot unless you give the password, but you could always rip out the hard drive and read it, right?
not so much. if the drive is password protected, you aren't reading it anywhere.
I though it was DRM device, which is why the RIAA loves it.
It is DRM, right?
I'm a developer for these chips, and I have to say, this is much ado about nothing.
This has been said before - the primary goal is to get the board part count down.
The primary goal is to get the board part count down.
Let me reiterate once more: The primary goal is to get the board part count down.
With this chip, the only thing that it means is that you don't need o include a flash chip on the board.
The system will still be reflashable through a JTAG interface - just as any other device with flash connected to a CPU would be. In that respect, this machine is no more holding us "hostage" than any other previously released iPAQ or Zaurus.
I thereby declare you, sir, to be talking out of your ass.
This is only the beginning.
There is a transition where the individual human+being will allow their technology to surpass their intellect and understanding.
For the past few decades, we have been approaching the equilibrium between machines and human thought.
If we allow machines to begin making our choices such as what kind of software and data can we use and store on our local machines; than this is the beginning of the end.
Computers are powerful instruments indeed. They are very capable under the right hands and running the right software. Computers are everywhere, they are in our homes, in our cars. They control security cameras, they are in our banks and are in control over our money supply.
The personal computer was invented to allow the average person to freely access information and to freely allow the user, which was also the owner to do whatever they wanted with their own equipment.
When we have computer companies telling us what we can and cannot do with our own personal equipment, there is something very wrong indeed.
DRHIAA (Digital Rights Hardware Industry Association of America)
Love the acronym.
Knowledge is power. Knowledge shared is power multiplied.
No you cant take the IBM hard drive out of that laptop and get it to work. The drive its self is password locked.
Well, yeah, I'm not in love with that per se, but it's worth pointing out that the RIAA required iTunes to use DRM, and that the iPod plays all sorts of non-encrypted files.
I think the more salient issue is that Apple is a bit further away ideologically from actually putting some shit in the BIOS that prevents you from booting another OS. Their asses were saved by BSD. Hell, forget Ideology: they're a hardware company. They don't give a rat's behind if you put linux on the box (I don't know why you would in the first place, since, in terms of applications and hardware support, OS X is a superset of Linux, but I think they get a kick out of people hacking their boxes), they've already made off with the money and don't need to rely on shitty software and compulsory upgrades for their cash.
Granted, their hardware platform is pretty much a controlled, closed deal. But I don't think that is nearly as evil as what's happening on the other side of the line.
Say, for instance, you build a computer based around a PC version of one of these DRM-enabled chips are you are not allowed to boot the computer without the password permanently stored in the proc. Your hard drive is encrypted, as well. Now you overclock your processor and you burn out the processor. Or say you are even an "average PC user" (READ: You don't know anything about computers) and the fan dies. Does this mean, since the password is premanently stored on the processor and you depend on that stored password to access the hard drive, that you will lose all of your data?
"Trusted Computing" = Lost Data?
Do I have the right idea or did I completely invent this?
We will find that the first pioneers of enabling Treacherous Computing features will be swamped with support calls about why this or that software wont work or CD play. Does anybody think that if they are stupid enough to try and lock it down, they are smart enough to accomplish it with sufficiently informative and detailed "error" messages to keep the average user from calling for assistance? This concept will fail due to the combination of "implementation ineptitude"(TM), computer illiteracy and the restrictive budgets conventionally given to support departments.
There is no right to feel safe thru security vaudeville at the expense of everyone's freedom, privacy and tax money.
So the RIAA is telling Steve Jobs what to do?
That's like saying Bill Gates tell Steve Jobs what to do.
Microsoft was the first foreign company admitted into the China Software Industry Association. Microsoft Joins in China Software Industry Association (People's Daily Online, June 17, 2002)
China has brought intellectual property law into sych with it's major trading partners. Ministry of Science and Tecnlogy: Laws and Regulations
You do not maintain your position in world trade by ignoring the WTO. WTO China Updates
So all of this DRM stuff will go away if P=NP with a sufficiently fast algorithm? Sounds like a huge bet to me.
Stephan
http://stephan.sugarmotor.org
As usual, there's nothing new about these chips, nor do they have anything to do with DRM. What they have is support for storing keys such that they can be used but not read. There's nothing stopping people from installing their own keys and using those instead. Of course, this could cut you off from the network the device was for, but that's no different from removing and throwing away the PIM for your cell phone. This isn't any different from every single cell phone ever shipped. Or, for that matter, most consumer devices these days, which have microcontroller which are either not set up for reprogramming or only accept signed firmware.
For that matter, this chip doesn't have exclusively internal program memory, meaning that, while you can't get the keys out of a chip, with modifications to the rest of the chipset, you can trick the processor into using the keys for you however you want.
As for installing Linux on one of these systems, the FA (last link) actually lists Linux 2.6.7 as the first choice for "Supported OS".
the primary goal is to get the board part count down
Uh huh, but what are the sinister secondary goals?
Second, the "security" features on the chip were not specified by Intel, they were specified by the ARM consortium. ARM merely establishes the uniform copy protection standard. A vendor may include it in their ARM offerings at their option.
These processors are targeted for use in "smart" phones. The copy protection features were demanded by the cell phone carriers, which in turn were demanded by their "content" partners who are looking to sell -- or worse, rent -- you copy-protected ringtones, UI skins, music clips, and movie previews for usurious sums.
Personally, I'd stick with the "stupid" phones for the time being and avoid all this childish rubbish.
Schwab
Editor, A1-AAA AmeriCaptions
The sooner if fails the better.
It is like the clipper chip in this regard: centralized control to protect the interests of the state/big buisness at the expense of the individual.
That is the point I was making, which is not wrong by any twist of the imagination.
Lodragan Draoidh
The more you explain it, the more I don't understand it. - Mark Twain
...is Intel shooting its foot off!
"I'm a developer for these chips, and I have to say, this is much ado about nothing."
"I'm from Intel... I'm here to help."
One of the biggest drivers of this will be the advertizing motivation - my encrypting the website and only being viewable on a Trusted machine and with an approved Trusted webbrowser, it becomes impossible to run any sort of pop-up blockers or ad blockers ... They can enforce any sorts of terms of service they like.
And if they have enough employees or a government contract, they can be sued under section 508 of the Rehabilitation Act and under the Americans with Disabilities Act by using Treacherous Computing features that are incompatible with assistive devices.
(1) Stick with an old computer, and none of the new stuff works and you eventually get locked out of the internet completely.
What's the possibility that ISPs will implement Trustnet-only access in practice? They want more money, and more money comes from more customers.
This will likely be implemented in WMP 10 for mobile devices, allowing rented music and movies. Microsoft is moving hard into that area, and they have the media companies on their side.
The thing is, this is a feature, and people will be begging to have it.
Surur
Information is the location of things. Computation is moving things around.
There's not much need for the Trusted Computing features on these chips since they are mostly used in relatively closed platforms like cell phones and PDAs. It's mostly a matter of getting the chip count down. Eventually however the same integration will show up in desktop computers.
Ironically most work integrating TC into the OS is being done on Linux. Microsoft seems to have given up on NGSCB (aka Palladium); its web site hasn't been updated for a year. Linux projects include tcgLinux, as well as the Applied Data Security Group at the University of Bochum in Germany. There's also the Enforcer project which uses the TC chip to provide TripWire-like modification detection functionality.
Sounds like a good reason to switch to another bank to me
I lived in Terre Haute for four years. The only bank with ATMs in town was Terre Haute First National Bank. In such a geographic monopoly situation, how can one easily switch banks?
Joe Blow: Enable system administration access.
PXA270: I am sorry Joe, but I am afraid I can't do that.
Joe Blow: Explain.
PXA270: You will be unloading Windows and installing Linux, and I cannot allow that to happen...
Intel isn't exactly over the moon about DRM, they've been lobbying against it since some Lawyer came up with it !!
I'm fairly sure AMD & every other h/w company is in exactly the same position. No h/w supplier in the right mind produces a new product with LESS functionality for the customer.
The problem is that the people who are pushing DRM are the ones with the politicians in their pockets, think MPIAA !
So loose the damn tunnel vision over Intel/AMD et al & focus on the actual cause of the problems, & remember next time you vote.
This whole TC computer thing is interesting. What is more interesting is the FOSS movement is lamenting it. As FOSS becomes more and more prominent, then the TC computing thing will have to adapt. If businesses are using Linux, BSD, Solaris, MacOSX for web serving then why would they bend over and adopt TC platforms in favor of the solution that they are currently employing. We are saying that we are likely to be forced into a propritory OS, when businesses are going to say the same thing -- except they are going to scream louder. With a business if they are going to upgrade a few computers, and then find out that they have to upgrade all the computers just to have inter-office operbility they are not going to fly with it. The home consumer may groan about it, but they are really going to wig out when they can't email a picture to a friend using an older computer. I think that we are placing too much stress on the whole DRM thing -- because it will become unpopular. I don't think that people will just accept it. And since we tend to vote on things with dollars, the message will be clear. Also, you can gaurentee the DOJ won't let TC become the reality they are pushing for. If the TC people try to exclude Mac and all the FOSS OS's you can bet that DOJ will push for anti-trust issues. The thing that will happen is that TC will have to be ported over to the other operating systems. The anti-trust issues would be amazing -- there would be charges of collusion and unfair business practices especailly if the FOSS and Mac OS's were left out. It may be the direction that some industries want, but when the people making hardware purchasing decisions for companies, and when the government sees the cost of this attempt, they will step in. Imagine the outcry when a University with library of 300 computers, finds out that in order to upgrade its 50 oldest computers, has to upgrade all 300. Or a government agency finds out that to upgrade some department will have to upgrade the entire agency -- just for the ability to share documents. I'm interested to see the demand for this sort of thing. My guess is that it will go over as well as the Windows Media Center PC thing.
The views expressed are mine own and do not express the views of my employer.
As much as I like free - I haven't seen any of them produce quality games like Half-Life 2, etc et al.
I prefer to keep my non-game computing and my commercial video games in separate cubes, thank you very much. I would play a commercial game on a Treacherous Computing platform provided it could run side-by-side with a non-Treacherous platform, either in separate memory spaces or in separate machines. Besides, have you even played some of the better Free games, such as StepMania or TOD?
And, at least for the near future, MS Office is the industry standard
Well it's a good thing only the most expensive version of Microsoft Office supports digital restrictions management of .doc files. This means that companies won't be distributing information in DRM .doc format to the public, many of whom use the Works Suite edition of Word or the student edition of Office, and OpenOffice.org will still open files in non-DRM .doc format even more reliably than other versions of Microsoft Word do.
How about leaving out the DRM circutry? That sounds like a pretty effective and easy way to get the part count down.
Bill Gates bought Apple computer shares a while back when Apple was going bankrupt.
Bill Gates literally does own OS/X.
Kiss those "Save" and "Save As..." menu items goodbye. When this works out, watch for new American cars to ship with hoods welded shut, and the DMCA protecting similar lockin to only "manufacturer approved" parts. Later, your home will be available to any bureaucrat with a pad of "Secret Homeland Security Warrants"... wait, we already have that. The Constitution? How quaint, now that we've got Grand Inquisitor Gonzales to protect our souls instead.
--
make install -not war
At least we still have the asymmetric threat of the lone hacker who cracks the DRM, freeing all the PXA270s in the world. It takes a lot of corporation to keep up with a single motivated individual in the NP-complete lockpicking game.
--
make install -not war
How do we know we can trust you?
Correction for the lead here -- If you enable the IBM thinkpad's hard disk password (not the BIOS, or supervisor passwords), the disk cannot be accessed by simply placing it in another machine.
Intel should follow Valve's lead at getting users to accept a draconian DRM system: Combine it with a really cool game.
If someone says he and his monkey have nothing to hide, they almost certainly do.
For the past few decades, we have been approaching the equilibrium between machines and human thought
Correction:
For the past few decades, we have been *talking* about approaching the equilibrium between machines and human thought.
But in areas like natural language comprehension, understanding and adapting to the physical environment, and a lot of other tasks people do without thinking (which is often unfortunate...) We haven't really gotten any closer, except to realize how crappy our algorithms are these kind of things...
What you need is an open environment that looks just like this chip to the software, but has hooks into it you can use to pry open that hood again. I have to believe that the only way to stop this emulation would be through legislation, or Intel filing defensive patents against the way Macrovision does to try and protect they video protection garbage<- <- <- <- <- <- <- <- systems.
"It's the height of ridiculousness to say for those 9 lines you get hundreds of millions."
More likely the death of the USA than the Death of the Open Source Movement if they continue creating equally stupid laws.
Linux is not Windows
Yeah right, "demandind indemnification against loss"...Appears to remind me of such effectiveness if one were to try and implmenent this.
About as effective as accepting an EULA which is inconvienently placed inside its shrinkwrap box. (Thank goodness, that is now illegal, or should be in most states).
of companies, esp CPU manufacturers who do NOT support DRM? AMD, intel will obviously not be on the list. IBM? MIPS? Sun? anyone?
GENERATION 26: The first time you see this, copy it into your sig on any forum and add 1 to the generation.
Is this a case where we should not blaming the tool? I'm (fairly) sure Intel has no vested interest in welcoming our new corporate overlords, and I'm fairly sure we can find lots of good uses for a trusted platform (that is: trusted by ourselves, not anyone else :). That was a nod at P2P, in case you missed it.
So, assuming we do not whine at the tool, how do we make sure we, and the general populace, don't go the way of silliness like the DVD-CCA, iTunes, and cable companies?
Well, let me decidely say that he does not work for Intel, and he knows way too much about Intel ARM chips, specifically the newer PXA series.
I would not worry about the opensource movment being killed it's got too much momentum now they had their chance back in the 90s now it's got a life of it's own beyound the US and the EU nations it's a global phenonamon now. If Bill Gates thinks he can force the fareast to pay of MS mal ware he'd better think agian they now make most of the board chipsets and do make their own CPUs their governments might lock out microsoft from products sold in their respective nations. Bill Gates needs them but they do not need him. It's offical china and japan have adopted linux as the offical OS for use by their goverments even the US goverment uses linux for it's super computers. The open source movement is now bigger then microsoft and bigger then hollywood they can't kill it now. As for DMCA and software patents I think they should be scrapped as it harms innovation.Any country the keeps such laws will only fall behind the rest of the world. This is not 1984 as no single country controls technology or standards now. If they want to stifle innovation it will move elsewhere such as india or tiawan.
What I wonder is, what happens if you want to replace your motherboard and your HD is encrypted? There must be a solution for that--probably a section of the drive (either a physically separate section of memory or a partition) contains the passwords or some sort of override that can be enabled by the vender. That's a whole new can of worms.
Myself, I'd prefer to use Rubberhose or something similar. That eliminates CPU/mobo replacement from the list of things that can destroy my data.
On the subject of overclocking, the CPU memory could contain information on the condoned values for CPU clock and FSB. Circumvention would be difficult.
There's a great article called Can you trust your computer? written by Richard Stallman concerning initiatives like DRM (Digital Restrictions Management) and TC (Treacherous Computing).
DRM or no, there's a project at handhelds.org so we can get this Windows stuff off it. If anyone can lend a hand, it would be much appreciated !!
So does Anonymous Coward have good karma?
The password feature of the ATA-4 IDE specification kicks in at the drive initialisation stage. If the CPU does not supply the correct password to the drive when initialising (ie the password you typed in when you turned the computer on) then the drive will not respond to any ATA commands - apart from an unlock request with a valid password or a drive format command.
So, if you stick thelocked drive from your thinkpad in another computer it appears to be dead.
The primary goal is to get the board part count down.
And yet you've spent time adding in features that don't benefit the consumer, and in fact actively work against them controlling the hardware they just bought. Nice.
It is keeping one person from buying one "episode" and sharing it will 30 million other people.
Lets say that the big networks were to buy into this scheme. In order to cram a good, quality (HDTV, of course) show into the box, you'll need some huge P2P sharing ala bittorrent. The boxes themselves will become the method of distribution. Zero overhead. Now, why on earth would I pay for an episode if it is already sitting on this box, free of charge?
I agree with the technology, I had the same idea of content being distributed to people and then distributed via some bittorrent kind of mechanism. Unless you distribute media in this manner you simply have to charge too much for it.
Now let's examine the flaws in your attempting to protect it from being shared for free via DRM.
First of all - the same rule applies as in media, once one person manages a copy you are done. And because at least one person will manage a copy, why even try to stop it?
There's the breathtaking simple revelation that companies (and you) do not get - by letting go of the demonstrably false assumption you CAN protect it, you greatly reduce your costs. You don't have the overhead of lawyers looking for and suing providers of shared content. You don't have the hardware overhead of designing for the impossible. And you don't have to drop features that consumers really want in order to satisfy the "need" to stop users from doing what they want with content. You speak of "unbreakable DRM" but you fail to understand there is always some loophole if the user gets to eventually see it. Possibly a flaw in the chip, possibly some combination of recording the output signal - I don't know the means but can tell you with certainty the DRM will be broken the day the box reaches the first ten customers. And furthermore, because you have foolishly based your business model on the DRM HAVING to work, you are dead.
Furthermore you speak of a bittorrent like system - but why would be willing to devote my own bandwidth to something I paid a lot of money for and have no freedom to use?
You must understand, that in the future all content CAN BE free to the user if they choose. So then, how to actually make money? The key is to give them a reason to choose to pay for it.
This can be done with a really well designed box, that you pay for a subscription to get first access to shows at very low cost. As you say the box uses bittorrent to share files among other subscribers, essentially it becomes a combination of high-wuality hardware and a very good tracker, along with seeds you can rely on.
Apple has shown a model like this can work. The ipod/iTunes program in conjunction with the ITMS has led a lot of people to pay for music that might otherwise be downloading - myself included. Remember that DRM can be readily broken, it was only a surface level DRM chose to placate the labels. Some twist on this idea for video is the ONLY model that will succeed to overthrow big media, not playing by the overly restrictive rules that are about to piss off a nation when the broadcast flag really takes hold.
"There is more worth loving than we have strength to love." - Brian Jay Stanley
That's what the DCMA is for. To make it illegal to try to circumvent (or even talk about how one might circumvent) this kind of thing.
Don't worry, everything will be fine. I repeat : don't worry, everything will be fine. And for those not yet convinced by my coué mantras, I'll say it again : don't worry, everything will be fine.
If that were true, why include the encryption and the encrypted BIOS? Why not just include unencrypted flash and bypass all that DRM circuitry to begin with? Leave THAT out too.
... And so it comes to this.
the obvious way to nip this fascist bullshit in the bud is to BOYCOTT THE GOD DAMNED CHIP. DON'T BUY IT OR ANYTHING MADE WITH IT. not that anyone will bother, but if you care about stopping this crap . . .
The processor serial number is passive. Thus, it does not transmit or broadcast itself. If a person chooses to enable the feature, then, when visiting a website that can utilize processor serial numbers, the website needs to send software to the PC to read the processor serial number.
every day http://en.wikipedia.org/wiki/Special:Random
Buy AMD64 and that problem goes away. The system will sooner halt than allow the CPU to overheat. I've already seen this happen firsthand because my CPU fan got gummed up and the CPU exceeded the heat threshold. Cold boot, no problem.
Care to lend a citation?
This post written under Gentoo-linux with an SCO IP license.
Don't Panic
(Been a while since I've read HHGTTG. My rendering is probably way off.)
This statement is forty-five characters long.
You are belonged to us!
Inject.
Skazhite privyet mashina
Better learn to read it, cuz soon you will be Uncle Joe's droog.
An ex-commie told me some wikked KGB stories... actually, now that I replay them in my head, it seems now that -America- is the one that's 50 years behind the times.
Inject.
(BTW, the translation is roughly 'welcome to the machine')
It actually says on the product page; supported OSes: Windows and Linux 2.6.7
In general, I think you characterize the plan reasonably well. There is an added dimension though and that is that trusted computers might be used to lock out unauthorized access to things like corporate email, thus providing a powerful incentive for corporate environments to migrate (indeed it is possible that this is the primary driving force for the development of the technology).
There is a forth possible choice though. That is that as long as enough people resist, there will be enough functionality available for those of us who refuse to go along with the trend. This is simple demand-side economics, and I need not go into it here. The point is that as long as we organize and get people to switch to Free software NOW, we have a chance to keep the internet open. In this scenario, the current split between Windows/IE only and the rest of the web will perpetuate and possibly deepen with at least a few major web sites switching sides, and the development of new content networks based on DRM and backed by the RIAA/MPAA as the added incentive for using their handcuff software.
My own analysis (and I could be wrong) is that Trusted Computing is probably about five years too late. Had this happened in, say, 1997, we would be in for a *really* tough fight. But the Microsoft monopoly is weakening and this seems to me like a last ditch effort to lock people into a Microsoft network infrastructure.
The fact is, very few people are really that into online media, and most of those are interested primarily in free downloads and/or radio stations (legitimate or not). As the younger generation ages, this may change, but for the moment, this categorizes the *vast* majority of my customers as a provider of consumer and business technical support. Part of the problem is that the computer is just too complicated to be a marketable media delivery system,and I don't see this changing in the reasonable future. Indeed internet-based media appliances which, Trusted or not, will have their hoods welded closed may make a debut and TC may be seen as a benefit for these embedded devices. But I don't see consumers deciding that this is necessary in the reasonable term.
Also regarding advertising, as popup blockers continue to become more common, I think that webmasters will eventually look for other harder-to-block means of advertising, such as a cost per click for integrated links (i.e. included in the primary html document), affiliate programs, and other less intrusive advertising methods. There is very little reason to alienate any customers on a site, particularly when it is reasonably possible to provide advertising which would be impossible to block without blocking the whole site.
LedgerSMB: Open source Accounting/ERP
Unfortunately not.
Viruses could theoretically be written to exploit this DRM 'feature' and lock out the legitimate user/admin of the machine. Ghost in the machine, indeed!
What is going to stop Intel from integrating the on-chip DRM peripherals they've developed for the PDA chips into their general purpose microprocessors?
Right now, we're at stage 1 here. I'm using a "Thinkpad" T42 that has an onboard chip much like the ones you find on digital signature card. It has an inaccessible key store for private RSA keys and it will do on-chip RSA encryption. A RSA smart card is a neat device but I can can not trust that chip not to have a back door to it.
What's more, for kicks, I used strings on the Thinkpad's Bios and interesting enough it contains messages like "card in slot %1 not authorized" and the like. My theory is that IBM may try to limit now or in future what kind of miniPCI cards I can plug into the Thinkpad. It makes me want to think twice about changing the wireless card it came with a 10Mbit 802.11b Intel Pro Wireless 2100 miniPCI card for a 54Mbit 802.11bg miniPCI card. Personally I think code like that is in the Bios but not in use right now.
Wait however until we get to the next stage: At this stage they will most likely disallow non-IBM peripherals such as the 80Gb Hitachi hard disk I upgraded to which only cost half at a local computer store for what IBM is selling it. I also doubt that at this stage I can upgrade any "built-in" components such as miniPCI cards.
And of course everthing else people have talked about in this article will come about too. I won't be able to connect to the internet anymore without authenticating my "authorized machine state" to the ISP and the DVD-rom will refuse to read a DVD without being presented a valid authorization datagram from an MPAA authorization server. What's more, the CPU will run code in a secure compartment in parallel to the user compartment holding my operating system and that "secure" code will be able to snoop on the non-privileged user compartment and even report on user memory contents by adding encrypted information to the authentication and authorization messages it sends.
In short, I loose control over how, when and where I use information on my computer and potentially I also loose control over the information. I can no longer trust my computer anymore but they can trust my computer to fuck me.
Breathe deeply? Isn't that the kind of advice they give in the gaschamber?? "When the gas hits, try to breathe deeply, that way you'll suffer a lot less."???
Home users won't give a shit, they want appliances that just work, not computers.
Power users obviously won't want it.
(Smart) Corporations will not want run machines in their infrastructure that they do not have complete control over.
-73, de n1ywb
www.n1ywb.com
Well, even if we do embrace this hardware into the business world, we're still going to have the careless problem of ignorant lazy people who put their usernames and passwords on a post-it note and leave it right beside the monitor for anyone to see...
"Instant gratification takes too long." - Carrie Fisher
And briefly glancing at TOD games - none of these games (while some are cute and fun) compare to games like Halo, Half Life, Final Fantasy, etc.
Video games split into two broad genres: adventures and non-adventures. The goal of adventures, such as Halo, Half-Life 2, and Final Fantasy X, is to consume content linearly throughout a game; once you've consumed all the content and got the ending, what is left? Things like Tetris and Smash Bros., on the other hand, do not involve the consumption of content and are thus non-adventures, more like the classic games. Because they don't have a "nothing left" cliff, they seem to have more replay value.
So they opt to have a nice computer handy and buy the games for the computer.
Did I say that consoles were the only way? No, I said "I would play a commercial game on a Treacherous Computing platform provided it could run side-by-side with a non-Treacherous platform, either in separate memory spaces or in separate machines." Separate memory spaces implies that they are running on the same machine. The point is that I don't want to be prohibited from writing my own programs and running others' Free software on a machine just because somebody else wants to publish a proprietary video game for the same platform and make restrictions against copying it.
Most actual companies use work suite or student edition?
Did I say that companies use the student edition? No, I spoke of "the public, many of whom use the Works Suite edition of Word or the student edition of Office". By "the public" I meant residential end users who do not use the information in a .doc file to produce goods or services in any way. As .doc becomes more locked down, companies that use the expensive DRM version of Microsoft Office won't have the option of distributing DRM .doc files to companies that use the more basic versions of Office or to residential users that use Works Suite.
I was comparing the graphics, sound, etc. The more technical aspects.
My three points:
So most of the public are students and are authorized to use student editions?
A large fraction of the public does have a kid in K-12 school, which is all you need. Besides, there is still Works Suite, which doesn't come with restrictions as to which classes of residential users may obtain and use a copy.
Do you have usage stats to support that works and student edition of word is the most commonly used ina residential setting.
Each Dell PC sold to residential users comes bundled with the choice of Works Suite or Microsoft Office (basic).
And I did not imply that you implied consoles are the only way.
So why should game publishers be allowed to control who can develop software for a PC? The infrastructure of Treacherous Computing seems to allow this.
This argument is getting pointless as you are just trying to divert it to technicalities of statements instead of arguing the topic itself.
The copyright industry will divert it to technicalities as well. In discussing technicalities, I'm trying to get the technicalities out of the way so that the discussion can get to the topic, which is locking out developers of free software from a given platform. I may have misunderstood as well. As a reminder, the points are still thus:
You know, up until the originating post I never really heard anyone use Treacherous Computering, but it seems to be thrown into almost all of your statements? Why?
The topic of this article is a processor that implements a Treacherous Computing specification.
If you do not like the restrictions on a certain platform - don't buy it.
So if intolerable restrictions were to begin to affect both Mac and x86 PC platforms, then which platform should one buy instead?
Businesses will distribute information to residential users in the manner they see best fit for their purposes. If this means DRM then they will utilize DRM.
My point was that under the Microsoft Office pricing structure, Office DRM is not the best manner to distribute information to residential users, and thus OpenOffice.org is safe for the foreseeable future.