Slashdot Mirror
Should We Be Afraid of TPM Chips?
AcidArrow asks: "I was looking to buy a new laptop and since I wanted to be on the bleeding edge, I thought one with the new core duo chips would be just what I need. Among the features on the laptops I was looking was 'Trusted Platform Module chip for the safety of your data'. Now, I don't know of any real uses for a TPM chip yet, but is this something that should worry me, or keep me from buying a laptop with said 'feature'? I don't intend to use it and I would like to disable it, if possible, but I don't want to make it easier for anyone to track down what I'm doing on my laptop."
Firstly you can disable the chip from BIOS or driver software
Secondly there are some good uses for it: I use it to store web site passwords, keys and certificates. On my laptop (Thinkpad T43) it is connected to the fingerprint scanner so I can enforce two-factor auth. (finger swipe AND passphrase). I also store the keys for encrypted disk volumes in the TPM (also part of the software IBM/Lenovo offers for the TPM).
No software can access the TPM without my consent, because it requires finger and password.
...seems to have a TPM chip. Thinkpads, MacBook Pros, some Gateway machines, just about every major new laptop manufacturer that I know of has already installed TPM chips in their laptops.
The important thing to remember, though, is that a TPM chip means nothing if you don't use an OS or software that utilizes the chip for nefarious purposes. If you stick to Windows XP, current versions of OS X (they only use the TPM chip to see if it is a genuine Macintosh), or a free OS (like Linux or BSD), then they won't utilize the TPM chip to restrict your moves. However, you might want to check out any upgrades to the proprietary OSes or proprietary software before you upgrade. You might also want to avoid DRM'd media as well and find alternatives before it is too late.
Now, if you really don't want a TPM chip in your machine, just buy the last model of the machine that you want that doesn't have a TPM chip. Apple, for example, still sells their G4 line of PowerBooks and iBooks. You'll have to weigh the advantages/disadvantages; do you want to sacrifice performance over a trusted computing chip that has little control depending on your software choices?
Notably, a TPM has a great many advantages (provided you trust the vendor anyway)--but only when implemented on a trustable OS and application. For instance, you can use it to trusted bootstrap (using a previously signed Linux kernel (basically saying you or someone you trust created the kernel)) to avoid boot-time rootkits, and then once you've loaded a trusted kernel, it will help the kernel to check for trusted (signed) modules. It can also check that the ps you're running isn't trojaned (i.e. installed by someone who didn't have the key).
In short, go TPM, but boot Linux (or BSD, or whatever you can trust). The critical difference between Big Brother and Best Friend is whether you or someone else is doing (or able to do) the signing.
--
Given enough personal experience, all stereotypes are shallow.
The chip does nothing of this. The chip itself only encrypts and decrypts. The rest of the nightmare scenario requires a Treacherous Computing operating system and/or application software to do this.
Oh bullshit. The Werner Von Braun defence. "I only make the rockets go up. Others decide where they land." As things stand at the moment, Trusted Computing hardware has only one use: to remove the control of the computer from its owner. The EFF has a proposal to mitigate the risks and keep the benefits... and yet the TCG will not even consider it. The reason why not should be obvious. As it stands, the TPM is not about security it is about control and there is not one single reason to trust any of the companies behind this.