Slashdot Mirror
TCPA Support in Linux
kempokaraterulz writes "Linux Journal is reporting that "The Trusted Computing Platform Alliance has published open specifications for a security chip and related software interfaces.". In the latest Gentoo Newsletter they talk about a possible 'Trusted Gentoo', and possible uses for hardware level security."
I mean - there are a lot of hardware security modules that can be used for building trusted systems right now.
Isn't the only purpose of pushing things like TCPA locking the platform down ?
-- echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768
to hang myself.
Instruction: How to restrict your Linux box from yourself.
Life is not for the lazy.
Linus himself said DRM is ok, as long as it's used in the interests of the user. This is a good thing, think about it; EvilCorp(tm) wants to use DRM to cripple computers, but the PR guy will say "it's for the user". Of course their intent is nothing of the sort, but the Linux folks are the only ones who will actually implement something that *is* in the interest of the user. Then EvilCorp won't be able to lobby making Linux illegal, since Linux also uses DRM which does what EvilCorp claims it's doing "for the users". Well, hopefully.
"Backups are for wimps. Real men upload their data to an FTP site and have everyone else mirror it." -- Linus Torvalds
Well, it could be useful for a seriously locked down server.
Imagine that you're an admin at some big company, with a hundred Linux boxes. You have this stuff on every of those boxes, and a computer for administration somewhere safe. When you install software you first check it, then sign it, then push updates to your servers.
If somebody gets in, they'll have things quite difficult. Anything unsigned simply won't run at all. Rootkit modules, exploits, etc, will all simply not be able to run at all. This would take out a quite big part of the exploits an attacker could use. Remote ones would hopefully avoided by NX.
This wouldn't protect against things like races, but it certainly could help quite a lot.
The situation above is something I wouldn't have any problems with. If an admin wants to have an uber-locked down system where anything not signed by his key that's only present in a computer with no network connection in a secure room with an armored door doesn't run at all, then sure, why not. I'm fairly sure this can mostly be accomplished without hardware support at all, though.
Now, it's when software publishers want to make it impossible for me to control my computer when I have problems with it. But if the user has full control of it, I think it could come quite handy in some cases.
When you install software you first check it, then sign it, then push updates to your servers.
In the end, it depends on who gets to sign the software, and how this software is distributed once signed. In our corner of the court, we have the admin signing software for 100 boxes (does he have to sign each separately? Can you sign software for every box out there at once? If its not a specific-to-that-machine signature, how do you keep the attacker for signing software too?) for the purpose of protecting the servers from software you don't want to run.
In the other corner of the court, it appears that we have big business interests who want to have all software signed, who would charge hundreds to sign software for other authors (verisign, et al will certainly be in the business), MPAA and RIAA will be wanting to make sure signed software obeys their rules (and will probably charge for this too), all to make sure your computers are protected from software they don't want you to run.
Things like this IBM article help make the first scenario a reality, and I'm grateful for it. Now, who wants to be the first to be sued by Microsoft for some TCPA submarine patent that nobody knows about?
If I have been able to see further than others, it is because I bought a pair of binoculars.
From a practical standpoint, TCPA is incompatible with the Linux philosophy of open-source modifications
IMO this is not exactly correct - is it against Linux philosophy of open-source modifications to secure my Linux box so nobody except me can make modifications to it?
TCPA used in such way (i.e. in interest of user, not supplier, not government, ...) is quite in line with Linux philosophy of "you're in control" :) .
But, as with all weapons, it has two edges. So, beware! :)
hany
Hmmm. And yet I don't seem to need any form of TCPA/TCG or DRM. In all the years I've run linux full-time, I have never ever had naughty code or naughty hackers get in. I can't say that about any of the windoze users I know. Beyond that, I certainly don't need any system that can be used as a DRM system.
Nope. Uh-uh. Not on my box. I'll copy my files and CDs as I feel the need and will not have anyone but me control when and how I go on to use such copies. This all looks like what it is, an attempt by corporations to gain control of the most important and useful aspects of your PERSONAL and private property computer. Screw TCPA/TCG (and DRM). Paint it all up with lipstick and rouge all you want but in the end it is about restricting what people are allowed to do with their own computers. Any benefits that come to the individual computer owner are accidental and peripheral to the actual designed and intended purpose.
In Bushworld, they struggle to keep church and state separate in Iraq as they increasingly merge the two in America.
In general...sure...TCPA could have some positive effects on the computing community. However, it also has great potential to be slipped in...and eventually, by law, it must be used to lock things down. Only a few things at first...but, eventually could mandate a great deal of limitations as to what you can legally do with a computer. As much as the corporate entities are beginning to use the govt. to legislate things...and they really don't like the fair use we do have...it is easily possible to forsee this as a means to that end.
Taken long enough...it could happen, which is why you need to take things like this slowly and with a great deal of skepticism early on.
I heard it said before that "What one generations tolerates....the next generation embraces"
Think of it this way...the article the other day on /. about how many US kids don't understand what the 1st amendment really means...they haven't been taught about it...and we're tolerating loss of freedoms. When they are grown and we're not around...they won't even know they existed in the old form...
Light travels faster than sound. This is why some people appear bright until you hear them speak.........
Completely wrong. The owners of machines don't get the keys needed to sign things for their own hardware. Only the builders of the hardware have those keys, and they are contractually obligated by agreements to the MPAA and RIAA not to divulge those keys to anyone (except employees in the course of their work).
Wow, you just don't have a single clue about any of this do you? You can pop whatever keys you want into the hardware. If you want to create a system where only binaries signed by you can run, go for it. If you only want to run binaries signed by debian, redhat, or joe blow down the street, you can do that too. You can also turn off this checking and allow anything to run.
The scary part of this is the remote attestation piece. THIS is what the riaa and mpaa want. It basically allows streaming media servers and media files to only be opened by programs signed (and verified by the hardware) by those they trust, like microsoft. A scary vision of this is that windows file sharing could disallow samba clients to connect to it even if the open the protocol, because samba was not signed by Microsoft.
If the owners of the hardware were going to be the ones having the keys needed to run on that hardware, then I wouldn't have any problem with it.
You are not going to get Microsoft's signing key and be able to sign your binaries as them, but you will certainly get their public key to verify their binaries and put that in your hardware. You can also generate your own key to sign with and put that public key in the hardware too.
Do you honestly believe that anyone, anywhere would ever go for a system where all software running on Windows has to be signed by microsoft? They couldn't even do that with signing device drivers and such (although they tried, all it does is warn you). You think microsoft is going to stop selling visual studio and all their programming tools because nobody but them can create and sign binaries? Now take this a step further, do you think overseas PC makers are going to sell PCs that can only run windows? Even US companies would never do that.
Good God man, actually take some time and learn about this stuff before you spout uninformed drivel everywhere. There are some real legit complaints about TCPA, but you seem to not understand the most basic aspects of it.
Finkployd