Slashdot Mirror
DRM Based on Trusted Computing Chips
An anonymous reader writes "We've always know that Trusted Computing is really about DRM, but computer makers always denied it. Now that their Trusted Computing chips are standard on most new PCs, they've decided to come clean. According to Information Week, Lenovo has demonstrated a Thinkpad with built-in Microsoft and Adobe DRM that uses a Trusted Computing chip with a fingerprint sensor. Even worse: 'The system is also aimed at tracking who reads a document and when, because the chip can report back every access attempt. If you access the file, your fingerprint is recorded.'"
You can find a list of known Trusted Platform Module (TPM) manufacturers and implementations from the TPM Matrix
Its not biased, its true. When trusted computing was announced it was to 'foil malware'. Now it has been switched to 'foil owner's use of own property'. Realistically, every company is going to demand this feature to lock down their software on user PCs and to try and make piracy stop completely. For a while, this will seem reasonable, but then it will inevitably be abused. Forced upgrades and time outs that can't be undone or reset come to mind. And once software demands it, people (like myself) that use older equipment will be forced to upgrade to the new hardware in order to use the new software, even if the old hardware is 'powerful' enough to run said software adequately. Its really just a cash out for the assorted industries at the user's expense.
So, while the current incarnation may seem ok, things are only a few steps from being really bad and invasive. Couple this with the DMCA, and half the things we take for granted with computers now could be taken away, and it will be illegal to 'break' things to get those abilities back.
Now comes interesting Tidbit Number two...
The article mentions "My fingerprint results in Access Denied, but the person who wrote it gets into the [document]." Right... So what if they want ME to be able to get in, but not my coworker? How do they acquire MY credentials to allow me in? How secure is this acquisition? Already things like PK Encryption require chains of custody and KNOWN Public Keys to have the proper security. When you get into the extremely-high levels of security, it gets somewhat complex. But now there is a certificate associated with my fingerprint?
Overall, while they claim "Makes it easier", from a security standpoint, I actually see a lot of room for complication, error, and massive breaches of security. And as the article points out: Do you REALLY trust Microsoft to not have security holes? One "Oops" and suddenly the document that you need -ME- to be able to read is not at all accessible by me, but who knows who instead.
And what kind of "Oops" does it take? Gee... Spoofed email of a Public Key maybe? Social Engineering of a phone call to claim to be me, and give them a false cert fingerprint? And of course if I use Linux, I'm {censored} out of luck. If Linux will even RUN on the systems anymore, since Microsoft doesn't sign it to be trusted.
@Whee
Is it just me, or is anyone else thinking, "The way the industry is going towards Orwellian dystopian dreams, I might just want to get out of computing"?
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
He warned us long ago. Of course, even now the masses will fail to be alarmed. "It's only a demo." Etc. "Boil 'em slow, they'll never know." Oh well.
That only applies to OEM copies of Windows, not boxed. Still sucks, I know.
"If he were a plant, people would roll him up and smoke him."
How long until you can buy a fake thumb with Elvis Presley's print on it? :)
Steve
A work that expires before its copyright never enters the public domain and thus enjoys eternal copyright protection.
the hardware manufacturers are responding to a perceived customer requirement.
I don't believe that for a second. They are responding to arm-twisting by Microsoft and Adobe (,etc.) and working *against* customer interests. Consumers have no interest in DRM at all. The question on manufactures' minds is how much DRM they can shove down consumers' throats before they balk and stop buying. They are counting on consumers being either too ignorant or too passive or too apathetic -- until it's too late.
Software Wars
Bingo!
The customers and the consumers are not the same. The customer is the corporation who wants to lock up its data. The consumer is the person to whom the corporation wishes to grant access to that data.
Yes, lots of consumers are also customers of the hardware manufacturers but the corporations are larger customers and their voice is louder. If you dont want this stuff in a computer that you are buying then you need to let those manufacturers know about it. Buy something else and send them a copy of the receipt with a note explaining why you didnt buy their hardware.
I really hate the way DRM and hardware DRM now gets fully integrated into our own lawfully purchased computers.
I have the right to use my computer to whatever I feel like and it is of no concern to anyone but me. If the companies disagrees with this they can take a hike for all that I care.
All this will contribute to - is to further alienate Linux and users of alternate operating systems and demean our hard efforts to get legal DVD-playback software etc. for our chosen platforms. I am so put down by this Ill probably never run anything with DRM on it again just for the opposition of it. I will not purchase DRM enabled mp3-players, I will NOT purchase DRM harddisks or any hardware with DRM on it.
If I am forced to do it because of the fact that every hardware producer is forced by Microsoft to do so... I will do anything I can in my power to make sure that my system will be rid of such hardware, modding, jacking, compiling - I really dont care. Its my hardware and NO one shall take that right away from me! No one shall control my software or my computers or what I will be doing with them.
I fully and completely agree with the companies about piracy, I dont support piracy in any way. That said - I also support my own freedom to chose, and past experience shows us that businesses will always do whats best for them FIRST before the customers, the customers are just milking-cows to them - which is fair enough if you give us what we pay for. When you decide to mess with our hardware and deprecate our already paid for services and hardware - then I am putting my foot down and say - Enough already!
All this will probably further feed a grassroot "linux-like" organization that will form an alternate OS that will NOT conform to DRM - even if by law (god forbid it goes that far). DRM and control of customers hardware is a CRIME against the public!
What this world is coming to - is for you and me to decide.
IBM, Dell etc. are not the evil ones here, neither is MS. Its the *AAs who don't care about destroying the universal computer.
Oh god, you are so fucking wrong it actually hurts to read this.
DRM is all about controlling applications -- music and video are just the high-profile stuff. Applications spread/use data, if you are going to control data, you must control applications. TCPA hardware decides which code gets to run, and what it can access... and it does it behind walls of encryption to ensure that *you* can't see what is executing. IBM, Dell etc etc all have massive hard-ons for this hardware because *THEY WILL CONTROL WHAT YOU DO WITH YOUR PC*. They will broker the CPU, memory, hard disc, sound/gfx card on your machine to the RIAA/MPAA members, or just anyone they feel like. You will have no say in the matter. They can install software on your computer without you ever knowing about it, and you will not be able to remove it or disable any undesirable features because your computer will not be "trusted" anymore.
In addition, it will allow them to take GPLed software like the Linux kernel and make it de facto proprietary... simply because the hardware will not "trust" the binary unless it is signed by Dell/Intel/IBM etc etc. So your GPL source is worthless in that world -- you can't modify it... hell, you can't even recompile it yourself without modification, because the result won't work as it did.
I konw, I'm a bad citizen, and I certainly don't smile now.
It's nice to know that the content industry now trusts my computer and lets it play its crappy movies. The problem is, I don't trust it anymore. I won't trust it with my data, I won't trust it with my files, I won't trust it with my time.
At least until I find a way to make MY computer MINE again.
Until now, I was a good citizen. I bought my music. I bought my movies. I bought my games. My reward was a rootkit, DVDs that don't play on my equipment and software that crippled my system.
Sorry, but I don't trust your computers. And I will do whatever it takes to make my computers mine again!
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
Bullshit they wouldn't. The software companies realise they have a product that never gets old, never wears out and will perform the task it was purchased to do until hell freezes over unless they find a way of breaking it. Software companies have been trying to find ways of making software wear out for decades so they can rake a continuous income from their customers the way other manufacturers do. They use product activation to tie the non-wearing software to the fragile hardware for example, but their customers hate them for it.
The customer wants to buy a tool and use it forever, or until they no longer have a use for it, whichever comes first. We know damn well when they're being scammed, and want nothing to do with this license once and pay forever crap. We've tolerated buying the same product over and over again because we accepted we were paying for new features and improvements.
The cost of production of each copy of a program is nil, so the only controllable cost variable for a producer of software is the cost of development, the development of those features and improvements we've been paying for. If they can get away with using this DRM garbage to artificially obsolete programs, they won't need to keep improving the software, they'll have their continuous income without the cost of development. Say goodbye to software innovation.
"I've got more toys than Teruhisa Kitahara."
"In addition, it will allow them to take GPLed software like the Linux kernel and make it de facto proprietary... simply because the hardware will not "trust" the binary unless it is signed by Dell/Intel/IBM etc etc. So your GPL source is worthless in that world -- you can't modify it... hell, you can't even recompile it yourself without modification, because the result won't work as it did."
And now we see why v3 of the GPL has provisions to prevent this.
More and more the computing industry is coming off as a racket. Every time I buy something digital I'm forced to pay for crap that I don't want. 6-in-1 card reader? Who gives a shit? Fingerprint sensor. I don't give a fuck. It's like buying a toaster with a built in Pez dispenser. Only, nowadays, you can't find a fucking toaster without the Pez dispenser.
WTF?
You're missing a lot of details about this software. It's closed source, and a violation of the DMCA to reverse engineer it. That means writing an open source version of the encryption/decryption tools is going to be a nightmare.
Second, running it at the OS level instead of the hardware level of the built-in features of the Intel CPU's is going to really slow it down: that will probably hurt performance a lot of open source versions of the Trusted Computing tools, even if they're legally created.
Third, the next logical stage of Trusted Computing is hardware locking: motherboards that won't load unsigned boot loaders, or won't access DVD drives or hard drives without being authenticated with Trusted Computing licenses to be held by OS distributions or DVD drive and software vendors. This can be used to block open source operating systems from even booting, or to prevent Trusted Computing managed DVD drives from being able to read DVD's that have Trusted Computing signed DVD's in them without a Trusted Computing signed media player.
It's very nasty, and it's at the core of why Microsoft and Hollywood are collaborating so well in this project.
The one thats signed by the creator , that cant be removed, deleted or changed without the fingerprint of the creator. All its going to take is a a hundred or so companies having to buy 50 or so new thinkpads because they cant remove the trusted virus to cause a real big stink and forever doom trusted computing
I trust Microsoft as far as I could comfortably spit a dead rat