Slashdot Mirror
Army to Require Trusted Platform Module in PCs
Overtone writes "Federal Computer Week is reporting that the U.S. Army will require hardware-based security via the Trusted Platform Module standard in all new PCs. They are a large enough volume buyer that this might kick start an adoption loop."
Army requires TMP so that it can circumvent single-vendor prohibition and be Intel(R) only.
The question still remains whether the user himself can trust the trusted computing platform.
If your government or seller or whatever doesn't trust you, doesn't even try in the least, how the hell are you supposed to trust him? The most logical path would be to fully distrust him. And therefore to distrust and refuse trusted computing platform.
"The way we can tell it's C# instead of Haskell is because it's nine lines instead of two." -- wadler
This is one of the benefits of military research and mass purchase, the public sector. When the manufacturers produce for the military for awhile they will make available a civilian brand. The public will also benefit from the r and d.
Is TCG creating specifications for just one operating system or type of platform?
No. Specifications are operating system agnostic. Several members have Linux-based software stacks available. In addition to our work on the PC platform, we have a specification for Trusted Servers and are working to finalize specifications for other computing devices, including peripherals, mobile devices, storage and infrastructure.
We don't see the world as it is, we see it as we are.
-- Anais Nin
...I think of one of those dirty con guys that wants you to play three card monty or something. "Come on, it's not rigged....trust me." Yeah, sure buddy.
sup
Is TPM actually shipping in any product other than the Intel Macs?
The bad - It's trusted computing giving complete control of what software will or will not run on your computer to the vendors.
The good - When everybody starts to see their TCO of software go through the roof, open source solutions look a whole lot more attractive. It also will call attention to how unreasonable software vendors are with there pricing models.
Of course, Microsoft has gotten away with WGA (for now), but I do sense that rank and file are restless.
The hardware TPM almost made me not buy a macbook. . .
If I am hanging from a rope over a cliff, I Trust the rope. I "Entrust it with my security" whether or not I find it worthy of that trust.
I cried real tears when Li Mu Bai died.
I work for the army and although i'm highly motivated, i sort of like this idea. Its a fun feature that i'm sure the good folks at intel could implement and force down our fun throats. The idea is all new computers should be able to read the CAC ( http://www.defenselink.mil/news/Oct2000/n10102000_ 200010107.html ). If you note the date on the previously mentioned article, they have been issuing CAC cards since Moses went through boot camp.
Just recently the US Army website announced they will require CAC cards to login to their AKO ( http://www.us.army.mil ) webportal. after everyone finnished apeshitting, they ( well at least me and most of my collegues ) realized all you need this new-fangled card to do was to create a new 'sponsor'.
I work in MI and see lots of people use their card to log someone else in or use the built-in bypass feature. I don't know any of the tech details like i should, but i am sure of two things:
* Whatever the army does will be poorly implemented
* Trolling slashdot with a clearance makes me feel big
Is the Army worried about getting sued over downloaded songs or something?
Sheesh, evil *and* a jerk. -- Jade
Am thinkink that someone with a lot of pull is ownink shares in TPM vendors.
"Hi. This is my friend, Jack Shit, and you don't know him." - Lord Kano
If your government or seller or whatever doesn't trust you, doesn't even try in the least, how the hell are you supposed to trust him? The most logical path would be to fully distrust him.
Given how often and severely government suppliers and contractors like Halliburton, Bechtels-Parsons, etc engage in all manner of willful, obvious fraud- anyone in the government that trusts their supplier is most likely benefitting in some way from the fraud. I think the challenge wouldn't be to name all the suppliers/contrators that are accused/guilty of fraud, but rather to find those who AREN'T.
Hell, even companies like Boeing are in on the act, though I think the public has generally forgotten about the whole Boeing billing scandal, but investors haven't (though probably only because the settlement cost Boeing a good chunk of change.)
Used to be "war profiteer" would result in you being unable to show your face in public ever again; the shame of taking advantage of the nation's defenses, et al. Now, investors don't care as long as you don't hurt the bottom line getting caught, and the public soon forgets. Same thing with the WTC scene thefts (firefighters, police, FBI, and government officials all the way up to Rumsfeld helped themselves to "mementos" or had people do it for them. Then there were the emergency services companies that shipped tons of relief supplies out of NYC and sold them for hundreds of thousands of dollars in profit.)
Please help metamoderate.
that the military had/has any intelligence?
But seriously, I think the fact that they're going to entrust a hardware mechanism to 'protect' data is flawed beyond compare. It's just one more doodad for the crackers to take on. Just one more challange to get under their belts... I hope you get the picture. Enjoy the 'fun' US Army... ^_^
-- Bridget
I personally abhor the notion of Trusted Computing on my personal computer, but if you're using a computer provided to you by the government or a corporation for the express purpose of working, it's their right to control what goes on on that computer. It's possible that this will help to stem the tide of malware (at least in corporate environments) by rejecting execution privledges, and allow IT staff to better enforce policies about what can and cannot be run on their computer. It would also help stop things like the Free USB Key Attack (formerly discussed on slashdot).
Of course, this could also make users feel like they are not trusted, and could even lead to overconfidence in the security of the system. Still I see it as a major plus, at least unless I get saddled with it at home.
another option is to NOT USED WINDOWS OR COMMON OPERATING SYSTEMS. Make it so that the device does what it is supposed to do and nothing more- it will be far more secure. the usb thing is another issue- the thing is that people without the wherewithal to keep things that should be secure... secure is to not let them handle it!
Does this mean that they are gearing their hardware toward taking full advantage of all day-zero vulenerabilities in Vista? I mean, I don't know of any as yet but I would be surprised if we didn't hit a few.
IANA*
Given the way DRM is implemented it amounts to a serial chain of single points of failure, but that's what TCM is supposed to be the basis of. As errors in military procurement are standard, not an exception, this strikes me as, um, just a tad stupid (I think this may later emerge as the understatement of the century).
:-)
In addition, for a sovereign nation it is, of course, a perfectly sensible idea to hand the on/off switch of your entire infrastructure to another nation, potentially giving rise to a whole new class of collateral damage and/or fratricide.
Oh, and on top of that Windows (although not in the US).
But hey, let's look at the bright side. At least we now know for sure that the next big war will be fought with sticks and stones, just not for the reasons that prompted Albert Einstein to make that statement - he forgot 'dead equipment'
Groan
Insert
If you buy a business-oriented motherboard from Intel, there is generally an option for a board with TPM. My 915GEVLK has the integrated video and audio and gigabit LAN I wanted, along with TPM which I can disable in BIOS. So long as it's not drastically raising the price of the board, there's nothing wrong with letting the end user have an extra chip or two that he can choose to use or not.
I'll be your candy shop of infinite deliciousity if you'll be my discotheque of endless rump-shaking.
All of Apple's Intel-based Macs have a TPM module, in order to restrict Mac OS X to running on genuine Apple hardware.
Does this decision pave the way for Apple to become a preferred supplier as shortly their entire model lineup will feature TPM modules with a relatively secure operating system?
Specialist Mac support for creative pros, Melbourne
Can someone explain to me what's bad about this Trusted Platform thing? Is it a windows thing only or would it be in linux too? Does it relate to Microsoft's trustworthy computing? Thanks.
This is a worrying scenario. Apart from the minor issue that external users will not want to pay for the dongles and that the internal customer is seeing his IT bill spiral, Trusted Computing seems to be heading to a Mexican standoff situation as follows:
Device 1: Permit me to inspect your system by downloading and running this program.
Device 2: Only after YOU have allowed me to verify your credentials by uploading and running this program.
Device 1: No, it is I who am deciding whether you are to be trusted!
Device 2: No, it is I who am deciding that!
Device 1: Anyway, my content is digitally signed by Microsoft, and you must trust it.
Device 2: Microsoft? Not a hope in Hell. I require all downloads to be digitally signed by Steve Jobs in person with a DNA signature.
And so on. Quis custodiet ipsos custodes? And how long before an army unit gets wiped out because of a defective dongle?
Pining for the fjords
The module holds keys, but the Army will not be able to control the installation of keys into the module. How does this make the system trustworthy?
This is a typical (IMO treasonous) Pentagon purchasing scam, rather like buying Boeing planes to get your relatives jobs. There is no excuse for the military to use any Microsoft-provided software, other than the expectations of the purchasing agents to "retire" into fat civilian jobs. The long-documented history of dropping handling for older versions of documents alone is sufficient reason to stay away from Microsoft's products in general "office" use. The complete inability of Microsoft to provide any useful security (despite their "rating") on any system that is not locked in a vault and disconnected from all other computers is sufficient reason to avoid the Operating Systems. If the applications are unusable for reasons of built-in obsolescence and the operating systems are not securable in real-world use, then it must be a scam to specify it.
My '85 Buick Elektra (I still miss him) was a Trusted Transportation Platform. It was what I had. I Trusted it to get me from home to college and around town and back. At 280,000 miles, some would think it unworthy of such trust. I Trusted it.
Now, the real fun begins: The pointing-out of the flaws in the analogy. Bring it on!
(Actually, I love car analogies for 2 reasons: they are fun to make up, and fun to shoot down(even when mine is getting shot down)
I cried real tears when Li Mu Bai died.
You are being manoevered into a war with Iran by the hardliners in USA and Israel.
4 372301249
Consider what's happened:
June 9th Israel shells gaza beach to cause Hamas to end the ceasefire.
http://video.google.com/videoplay?docid=166114123
(1 minute 10 seconds into the report)
Hamas and Hezbollah end their ceasefire and restart their attacks. In response Israel invades Lebanon. America publicly supports Israel. President backs them strongly, even refuses to back a ceasefire.
Why stop at Lebanon? why not Syria, there's a big US force in Iraq, next door now, so nothing to stop them. So Israel invades Syria. If they lose, America will stop Syria invading Israel and already has an army nearby. So Israel can't lose either way.
Bush can't strongly supports them, and so can't then back down, and they have a strong lobby in US Congress and Senate to help them.
So now they're close enough to launch missile attacks against Iran, or fake missile attacks from Iran. But Iran can't get to them except through Iraq or Turkey, both of which cause USA to join in the war.
You see for the USA to GO TO WAR with Iran, you need the backing of Congress, Senate and people, but if the war SHOULD COME TO YOU instead, if Iran should attack USA forces in Iraq while trying to defend against Israeli missiles, then suddenly Bush & co get their war.
So now it becomes clear why they wanted the Palestinian ceasefire to end and why Bush & Co didn't condemn their attack.
"Federal Computer Week is reporting that the US Army will require hardware-based security via the Trusted Platform Module standard in all new PCs. They are a large-enough volume buyer that this might kickstart an adoption loop."
Let's say the US Army buys a million night-vision goggles. Would that mean bird-watchers would throw away their good old binoculars and go in for this one?
The TPM is actually a very sound functional and business requirement in the Army... it provides for centralised surveillance and cryptography. Businesses and civilians would indeed NOT TRUST such a technolgy in THEIR PERSONAL AND PRIVATE computers.
Doesn't mean this wouldn't get stuffed on them though, much like DRM.
If you keep throwing chairs, one day you'll break windows....
Reminds me of the last episode of Dr Who for this season:
....
...
Dalek: Identify yourself
Cyberman: You identify yourself first
Dalek: No you identify yourself first
Ahhh, what we've been waiting to see for a long time
Several members have Linux-based software stacks available.
Much like the NVidia drivers though, these stacks might involve a GPL shim and a non-GPL binary that's checked and verified by the TPM. Probably why GPL3 is getting ready real quick.
You try customising the kernel and alter the stack, and your hardware (the TPM) refuses to run it. End of Linux as we know it.
If you keep throwing chairs, one day you'll break windows....
In principle then, FOSS operating systems should be able to use TPM to enhance the trust that their owners have in them, in contrast to the way in which MS systems will use it to enhance the trust that content providers have in the platform. It all comes down to the way it's used.
"The question of whether machines can think is no more interesting than [] whether submarines can swim" - Dijkstra
So now the question is, will it be legal to transfer (or as they say, "convey") GPLv3 software to a Trusted Computer? It violates the principle that users must be able to alter their software in such a way that remote servers can't tell. Will that make it illegal to run GPLv3 software on a TC?
It makes sense for the Army to require TCP. Stolen/lost laptops wouldn't immediately result in a security leak. But this can be achived cheaper, quicker and (and here comes the key point) with more control on the Army's side. Linux can encrypt documents just the same way TCP wants to offer, the difference lies in the open source concept: This inherently gives you the ability to check the security (provided you can read code, but I guess the Army can afford hiring someone who does) of your system.
TCP requires you to trust the person/group that made the security for you. You put yourself completely into the hands of the corporation(s) that create your TCP platform, and you are fully dependent on their ability to come up with a good protection scheme. Not to mention that you have to trust them, implicitly, that they do not want to spy on you and that they are better than their adversaries.
With TCP you hand over the responsibility for security. But you also hand over control. And it has the potential to lure you in a false sense of security which invariably leads to slacking. More than once I've seen a behaviour of neglect in a high security area (I've had my share of time in that field), with people relying so heavily on the technical implementations that they forgo the most basic security measures called for by common sense, because "Hell, what DO we have that security concept for, if I can't trust it fully?"
We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
A country's armed forces ought to have the power to demand the full source code of every application running on their computers, and the resources to write all their own software wherever necessary. There is no shortage of Open Source applications they could use for starting points .....
Je fume. Tu fumes. Nous fûmes!
Nothing you mention requires trusted computing.
With the right privileges for a corporate setting, nothing is really gained with trusted computing. Malware? Shouldn't be a problem with proper limited accounts and proper webbrowser. USB attacks? Fix the drivers, even use C# or Java, check those boundaries for once..
Heck, having encrypted memory is a good idea, but why should the owner of the system be locked out of their own system?
Trusted computing is there to prevent you from owning your own machine, prevent breaking encryption of the big corporations, arbitrary enforcement of "computing laws" from the vendor, surveillance, etc.. Your machine will not longer be yours. Do not be fooled.
The idea of having external programs running in higher privilege is just astoundingly stupid and dangerous. Ok, maybe the military will go for it, but then _they_ will own their own security (or become the laughingstock of the industry). Not so with customer-hardware.
This is my #1 reason not to buy Macs. Screw and fuck them all to hell!!!!!
Film
Advocacy
Swedish plasma phys. PhD student; MSc EE; knows maths, programming, electronics; finance interest; seeks opportunities
unless iran is trying to force DRM on us too.
If I gather correctly, the TPM takes care of providing decryption keys to the operating system once it can confirm the system is in a known state. What I still don't understand is how this "known state" together with the necessary decription keys are communicated to the TPM in the first place. Is there a central authority that takes care of this? If so, how would this affect Open Source operating systems?
"In prison you just have to shut your eyes and take it. Here you have to shut your eyes and give it."
"unless iran is trying to force DRM on us too."
You mean *Israel*, it's Israel hardliners that are engineering the USA into a war.
They're still desperately trying to find a purpose for that useless piece of junk called Trusted Computing?
Reminds me of the decision made to run modern US warships on Windoze.
Military procurement and ripoff were probably synonymous as of when Sargon the Great's people were buying spears and grain to feed troops. The tradition has continued.
The only question I've got here is how many members of the US Armed Forces are going to get killed by this set of mistakes.
Tech Public Policy stuff
How can the Army trust the module?
Yes, I have wondered about that to. The last batch of 'Jihad XLT1000' TPM enabled PC's that was delivered to our base from the new factory in Saudi Arabia had an AK-47 logo with the words 'Osama Corp.' stamped on it and a little sticker right next to the power button that reads 'Semtex Inside'.
Calling people liars are not helping anyone getting informed.
How do you think other computers can "prove" what your computer is running- and not? If I can do whatever I like with my computer and its applications, it can no longer be trusted, right? Even a hole in the BIOS can unlock, or put VMWare in the right spot. Everything on _you_ computer has to be locked tight.
This is for _their_ security, not yours.
So trusted networking is just one aspect of Palladium / TCPA / Trusted Computing / whatever it is called this week, but totally dependent on _external_ control of _my_ machine for it to have any meaning at all..
Nobody knows everything about what it will contain, but having embedded chips on the motherboard and higher-order processes which can be remotely controlled, is on the agenda and some of it already put out in motherboards in the market now.
This is why any rational argumentation about THIS, is impossible. Because it is an always moving target, and we all know how much we can _trust_ the corporations and governments..
Remember the PIII-id chip? Still there.. It can be activated in any Windows-machine, read and then deactivated _in software_! (Every other OS prohibits this, but the real crook is Intel)
This is how they introduce more and more of this crap, playing on the ignorance and indifference of people.
...you're interested I read a rather interesting article about trusted computing the other day ( http://www.gnu.org/philosophy/can-you-trust.html ). He makes some good points.
*''I can't believe it's not a hyperlink.''
The follow conversation heard during my college might help to answer(or not):
"Sir, what is a trusted system?"
"A system where we can't trust each other."
A brief silence...
"Then what would it be like in an untrusted system?"
"That we can trsut each other."
A long death silence...
Ah how terminology can be so imprecise... What you're talking about is the greedy corporation form of "trusted computing". What the parent is talking about is the Common Criteria/Orange Book form of "trusted computing". You both have correct interpretations for your respective types of "trusted computing", but they're two seperate beasts.
You missed the part where Israels army accuses Palestinians of blowing themselves up to give the Israeli army bad publicity. Asymetric warfare I guess.
Hi all,
TCG/TCPM stuff, though not completely finished (the DAA mechanism that was introduced in v1.2 is a good example of how the TCG adapted to outside criticisms, and they're starting to work on v1.3) and surely not understood (the word "trust" is a huge factor in that), is having the same effect as PKI a few years back. Except that nowadays times of ignorance and fear (in particular of the big companies behing the TCG) multiply this effect by thousands. "Trust" is more and more acting like the point of concentration of the security problems, its complexity being coupled with new emerging (and very innovative) threats.
First think of the TPM as a chip that provides standard cryptographic functions (RAS SHA-1, HMAC, AES), so instead of doing it in software anyone will be able to use hardware implementations. Furthermore there are facilities for key creation and management. With the special focus on this "security chip" (such chips already existed in various forms), the designers hope to improve drastically the level of security of modern computer science (95% of emails are spam, botnets of millions of computers, hackers make huge money out of their job, ransomware, etc. etc.).
Obviously this TECHNOLOGY (and please always keep this in mind: it's a tool, it is to be used by other applications, most importantly OSs, to improve security; apart from secure boot, that is not compulsory at the moment, there's no obligation to use the TPM even if it's here) is not perfect, it will evolve. It will have to CONVINCE, to get TRUST. As I'm saying to most of my Trusted Computing colleagues, I think that challenges set by the opponents of TCG are actually a means to improve the security of this technology (but beware of popularity-seeking criticisms, not all the criticisms are well-founded).
Read tha FAQ:
https://www.trustedcomputinggroup.org/faq/TPMFAQ/
Please correct me if I'm wrong.
AFAIK in revision 1.2 it is possible to replace the master-key in the TPM module. This was a major point of criticism of previous revisions. Of course you then lose the "benefits" of the trust-web.
Meme of the day: I browse "Disable Sigs: Checked". So should you.
They also created a language called Ada that was a replacement for Cobol. Everyone thought that the DoD requiring new programming in Ada would cause the replacement of COBOL programming Everywhere.
Where is Ada now?
eric
I just noticed your first Slashdot comment when the woman was sacked from the CIA for saying torture is bad, and in one comment you mention you're a PR person:
7 88966
7 57809
Here's your 'from a PR's mans point of view' comment:
http://slashdot.org/comments.pl?sid=192315&cid=15
And your first comment:
http://slashdot.org/comments.pl?sid=191823&cid=15
Are you a CIA PR man? Is slashdot important enough to warrant official turfing now with fake mod points and everything?
Its called a M.A.C. (Built by Apple Computer Corp.)
Nuff said.
Roger
"If the world were a logical place, wouldn't men be the ones who ride sidesaddle?"
http://youtube.com/watch?v=K1H7omJW4TI&search=trus ted%20computing
Who will decide for them what is trustworthy and what is not? Are they going to have a backdoor? I suppose the BSA http://www.bsa.org/ just got a new enforcer!
You're quite right of course. If the "resistance" in Iraq confined its attacks to America soldiers, they would be freedom fighters. In reality, attacks on American troops are rare. They mostly target other Iraqis who simply aren't the "right" type of Muslim. That barely even qualifies as terrorism; it's more along the lines of a slow, decentralized holocaust.
Imagine if the French resistance in WW2 had schismed into seperate Catholic and Protestant factions, and they'd spent all their time killing each other instead of collecting useful intelligence for the Allies. The people of Yugoslavia put aside enormous cultural difference, ceased all internal violence, and totally unified to form the largest and strongest resistance army that there has even been -- and ousted the Nazis themselves. Tito and company -- probably the best example of freedom fighters since the American war of independence. By way of contrast, consider China during WW2. If the Chinese had cooperated, Japan would have never been able to successfully invade let alone retain control once they were in. Chinese resistance failed because imperialists and Maoists were never able to put their own civil war on hold (although the Maoists apparently tried several times, which part of the reason that the people supported them after the war). It is just mind boggling how far the Iraqi extremists are from being anything other than a plague upon their homeland.
I remained silent;
I was not a soldier.
When they locked up the government,
I remained silent;
I was not a bureaucrat.
When they came for the telcos,
I did not speak out;
I was not an isp.
When they came for the net,
I did not speak out;
I was not a blogger.
When they came for my PC,
there was no where left to speak out.
Domestic spying is now "Benign Information Gathering"
This would be a really worrying thing, but the fact is TPM has already won. It won the instant that Apple adopted TPM and the communities who were publicly worrying and complaining about Palladium and Trusted Computing for all those years went suddenly silent and shrugged the instant that nebulous notions like "freedom" came into conflict with solid, purdy white plastic.
Here is the thing: TPM's adoption was waiting not on an adoption cycle exactly, but an apathy cycle. TPM was never something that the consumer was supposed to approve of, want, or even really know was there. The adoption of TPM was mostly counting on the consumer not having any idea what they were buying, counting on the blinking 12:00 effect, counting on the idea that most consumers would not even know TPM was in their computer until the first time that they try to do something and the computer says "no".
TPM isn't there for the consumer. It's there to protect the computer from the consumers. It's there to allow software and content vendors to trust your computer, to trust your computer to ensure it will act in their interests and not yours. These vendors are the ones that TPM is being done for the benefit of, not the consumer. This means that in order for TPM to win, it isn't necessary for the consumer to "adopt" it. All that has to happen is for the consumer to fail to actively reject it when it is quietly dropped into the hardware they were going to buy anyway.
And that's already happening. So although the military would legitmately represent an adoption cycle-- the military, of course, has a legitimate and logical need to create networks within which the machinery is trusted and the user is absolutely not-- it doesn't really matter. The military isn't the kind of adoption TPM needs to reach enough critical mass that vendors can begin requiring it in new applications, I don't think-- it's not like military hardware is going to be used to run lots of games and DRMed consumer media, as far as I know. The worrying thing is TPM's level adoption in the consumer segment, since that's where it has potential to do actual harm. And that's already begun, and so far nothing is happening to stop it...
Irritable, left-wing and possibly humorous bumper stickers and t-shirts
You're in the Army. You're in the field under fire. You have a hardened Army laptop. You are sending and receiving
vital messages back and forth with another unit directing fire around your position. Your laptop doesn't have any
software or files on it that are personal to you. Not your music. Not your games, etc. What is has is a trusted and
fool-proof means of getting and receiving messages that you can trust with your life and the lives of your unit.
Therefore, you trust the info on your Army issued laptop. You know that no foreign agent or enemy
can break in and send info to you or anyone else in the system, pretending to be someone you trust.
If your unit is overrun and you lose your laptop, anyone trying to use it without authentication or by hacking,
will cause the laptop to self-destruct.
It is the Army who owns the computer. They own the software. They own the system. They own the TMP.
What everyone has been trying to do here is to apply TMP to their onw personal consumer/business computer.
These are two separate and definitive worlds of computing operation. The only thing similar in our
world is trusting who the person is you are communicating with, as being who they say they are, and not
someone else pretending to be that person, in Chat or Email. But that is completely different (and minor)
level of trust than what the Army is looking for, isn't it?
"You already have zero privacy. Get over it."
Step 1. Don't run windows ...
Step 2.
Step N. In short know what you are doing.
I'm sorry, but they bulk order their computers from Dell and run windows in the field. I can't take their needs seriously until they grow the fuck up.
Tom
Someday, I'll have a real sig.
As we all should now by now, the interesting thing when you start to add features to a system.
Anybody care to consider what happens when we get the following:
(1) "Trusted" Computing
(2) "Trusted" Network Connections
(3) A non "net neutral" Internet?
You could well end up with a choice of only two sources of information: the media conglomerate that owns your cable company, local news paper and local network affiliate television station, or the other conglomerate that owns your DSL service, most of the radio stations in your area, and the other network affiliate.
Post may contain irony: discontinue use if experiencing mood swings, nausea or elevated blood pressure.
Can't run windows anymore? Such a shame, we'll have to find an alternative..
Can't run any games and apps? Even more of a shame, I'll do my own games and apps..
I am, after all, a computer wizz kid..
So what about you lot.. I mean it's time to raise the finger on this corporate IT world crap because it's populated with nitwits and zealots that are afraid of the one thing inherent to everything that is digitally switched: CHANGE!
With great power comes great electricity bills.
The TPM was designed to allow corporations to control peoples access to computing resources and information (including software). The hardware crypto accelerators already on the market would not be used to usurp control of our computers at a future point and this first hurdle is where the TPM falls. There is nothing the TCG could add to a TPM that would make the underlying premise for its existance palatable to this AC. Do you understand? NOTHING!
"I personally abhor the notion of Trusted Computing on my personal computer"
Maybe the implimentation, but not the idea. TC has some pluses, amoung the least malware, spyware, viruses, and trojans will be harder to write. People will finally have end-to-end encryption that protects their privacy.
The government loves to buy special versions of things. Manufacturers will be happy to supply the Army with $500 motherboards, and the rest of us will get the $79 version.
I want to delete my account but Slashdot doesn't allow it.
The way Treacherous Computing works is by only allowing privilaged operations to be run by "Trusted" (i.e., crpytographically signed) binaries. Even though you could get a binary of the Linux kernel signed by the certificate authority, it destoys the point because if you exercise your rights under the GPL by modifying and rebuilding the software, it's no longer "Trusted" because it's not signed.
"[Regarding the 'cloud,'] ownership was what made America different than Russia." -- Woz
USB attacks? Fix the drivers, even use C# or Java, check those boundaries for once..
FWIW, the USB attacks were "Drop a USB memory stick pre-loaded with an app which phones home in the car park outside a company".
This stops social engineering attacks like that quite nicely.
Oh, and come back to reality. "Fix the drivers"? How many companies you know have that as an option for their desktop PCs?
The Army states this many months ago. Not only that but TPMs have been shipping in new PCs for 2 years. The Army initiative is great but it's hardly what is necessary to "kick start" the industry. TPMs are already out there all we need is for software to catch up and for organizations to complete machine refreshes over the next year or two.
Wwill make it bad is who decides what you can run. And which external entities (ISPs, banks etc) start checking for what information.
The idea of having a hardware device in the computer that can control what software can run, what software can access what data etc is NOT a bad thing.
If the owner of the PC (e.g. a home user or an IT department at a corporation) controls the keys, its perfectly fine. Its only when Microsoft/RIAA/MPAA/IDSA/Government agency/etc control the keys that trusted computing is bad.
I am all for fighting the use of trusted computing to control what we can run on our PCs or what we can talk to (e.g. trusted internet, banks blocking non trusted PCs etc) but lets not ignore the usefull uses of trusted computing here.
Some good uses of trusted computing:
Users using it to block viruses, worms, spyware, malware etc from running
Corporations/IT departments/etc using it to control the installation of unapproved software on employee PCs
Companies using trusted computing to protect sensitive data (for example, even if a hacker could get into the server holding all the credit card numbers, they wouldnt be able to use the hacker tools to get all the numbers out because trusted computing would prevent the hacker tools from running. Wont stop the hacker but would make it harder. Also prevents hacker from installing rootkits or other tools since they wont run or will cause the signature on the OS binaries to no longer be vaild)
Are you are saying that if I connect to a web server running some sort of trusted computing, I will be able to trust it to not serve me malware?
I don't think I've ever seen any of the TCPA people claim anything like that (caveat: I've not read anywhere near all the stuff published on the topic of trusted computing). They do claim that if the malware is served to the client machine that you should be able to set things so it will not run.
Might you me so kind as to provide some nice pointers to papers or web pages that both make this claim and give some techincal info on how it will be accomplished?
In the meantime, I think it is only proper to remain more than a bit dubious.
The army is stupid. It should mandate it's own standard for this using NSA approved hardware.
Sheesh
I'd go on a Vegan diet but the delivery time from Vega is too long. --brownkitty
... for the Army's applications!
The whole point of TPM is to be able to restrict what the computer's owner can do with the machine or the information thereon. Keep in mind that also, a computer's owner (as far as software is concerned) is essentially whoever has physical possesion of the machine.
The Army could use TPM to ensure that even if a machine is stolen physically or owned by malware, its software and information can be kept safe.
Yes it's true. After you make changes to the sourcecode of software and re-compile it, it's no longer 'Trusted'. BECAUSE THAT'S THE WHOLE POINT! ... but I didn't change anything. Perhaps I have a virus." It's again a way to verify that changes you didn't make, arn't being run. In that respect it grants the user more control over their computer, because it provides them with more information.
Back off of piracy and conspiricy issues. If I write 'FSM-wordprocessor' and get it signed, you and everyone else gets to trust that I & the signing agency have verified that the software is exactly as I intended it to be. Currently if Bob decides to create a virus, he can create one that rewrites one of my modules to do what it was originally intended to do, as well as whatever malicious thing he want's it to do. Currently there is no way for me to verify that when I run 'FSM-wordprocessor', I am running the original code, or the one with the virus. Trusted computing does that. That's why the military wants it. It fulfills a vital security role for them.
For the average user, it also fulfills a vital role. "Hey my OO2.0 pops up as not trusted
The only time trusted computing doesn't make sense, is when you are working in a development environment. In any live production environment, knowing that what you think you are running is what is actually running is a good thing. When you are doing development, obviously you can't get things certified each time you recompile it - hell on a bad day, that would be 30-40 recerts for a subroutine. What you need is degrees of trust.
If you want to tweek & recompile the kernel, go ahead & then hit it with a 'personal trust' cert. But don't hand it to me & say this is the greatest mod to the kernel ever & expect me to trust it. The problem is not with 'Trusted Computing' the problem is with implimentation. If there is only Trusted/UnTrusted, then there's an issue. If I can define who I trust and what I trust, then things are good. If I can only trust what somebody else tells me is trustworthy, then it's bad.
The problem is going to be when you take your personal signed kernel and try to run trusted software that is going to go looking for a 'High Order' cert. Let's face it, if my concern is securing data - state secrets or 'Boy Band of the Week vol 1' - I can't verify that the data is secure if you have changed the kernel, since you could be ghosting every buffer to a non-secure memory space. Now is that a problem? only if you are trying to use software that explicitly requires the OS to be certed. Most FOSS isn't going to care. The stuff that does is going to be related to securing other people's Data. IE. you won't be able to run 3rd Party Secure Data Relay Proxie v4 on an unCerted Kernel because the 1st & 2nd p
argumentum ad fallacium: Fallacy of defining a fallacy which allows one to dismiss the argument in question.
Not really a stretch so much as it is closing a hole. All the methods you mention while providing greater protection than nothing at all. Still leave the end points as the weakest link (read the FF extension story).
Well, the whole idea is that the person using the device should not have to trust anyone else, least of all the supplier; and the supplier of the device should not have to trust the user. The source code, and any binaries compiled from it, are "safe to lose". The encryption algorithm tells you nothing without the private key {which was put there by the user}.
Je fume. Tu fumes. Nous fûmes!
Secondly, in the case of a user of a DoD machine, the DoD is not a "third party". The user is acting as an agent of the DoD. And not in the civil court sense. In military legal reasoning, when acting on behalf of DoD, you are DoD. Thus, TPM restrictions aren't "a means of enforcing the legal rights of third parties against the work's users."
The issues are thick and deep here, but the real point is that the (civil) legal constructs in GPLv3 simply don't apply to the scenario of DoD using GPLv3 code to develop apps for DoD use.
argumentum ad fallacium: Fallacy of defining a fallacy which allows one to dismiss the argument in question.
Did the US government or some related body ban the use of Lenovo laptops because of suspicions that they might contain hardware/software used to spy on the user?
Censorship can seem like a good thing in theory. Keeping the "bad" things away from the people who do not want or need them. The problem comes from when someone(s) gets to arbitrarily decide what other people do and do not want or need.
Who gets to decide? Who can influence the decisions? Can/Do people get to decide for themselves what is trusted?
The last point is where we are now and it apparently does not work. People in general do not know what they can trust and not trust. So they have to rely on "experts". But what about the people who are "experts" in their own right and do not trust the other "experts".
Another person on slashdot put it quite well by saying:
"Censorship is like saying a grown man can not have steak because a baby can not chew it."
I only look human.
My mother is a halfling and my dad is an ogre, so that makes me an Ogreling
I never realized how close Iraq and Israel are, look at the map, he makes a lot of sense:
1 8359&spn=27.360892,34.49707&om=1
http://maps.google.com/?ie=UTF8&ll=33.979809,46.3
As I understand it, you'll probably be told that similar technologies like the "broadcast flag" are mandatory. In other words, that it'll be illegal to build hardware that is not slaved to whatever government/industry commands are in place. Even with Linux and FOSS applications, will you be permitted to own a computer that you can trust not to be somehow subverted?
The FCC's rule is in 47 CFR 73.9002(b) and the following sections, stating in part: "No party shall sell or distribute in interstate commerce a Covered Demodulator Product that does not comply... - http://en.wikipedia.org/wiki/Broadcast_flag
And remember that everything is interstate commerce.
Revive the Constitution.
Actually, TPM is a perfect solution for the military. For several years the military has been having issues that there's no standard hardware encryption, so in some cases they use hardware that goes on the SCSI bus and hard drive and encrypts everything that goes onto the hard drive (obviously not useful for a laptop). In other cases, they use software for encrypting specific files, but have no way of guaranteeing that the user encrypts everything that's sensitive. In other words, the military is still relying on physical security, and that's not good enough anymore as laptops are way to easy to steal or "lose"
I'll bet that the military is a big enough customer that they could get their own public key put on the TPM chips. This would allow them to encrypt every one of their hard drives so it doesn't work on non-military hardware (remember the USB drives showing up at bazaars? Imagine if they were only readable on military-issued laptops or in conjunction with RSA fobs) They could also make it so that people can only install software on their computers which is certified for the classification level of that computer, as another problem that they have is people installing programs that could contain spyware on their secret and top-secret laptops.
The reason that we dislike TPM is because it gives the administrator complete control over the platform. That's exactly what the military needs.
I can see it now - "Firing solution discarded: potential damage to Microsoft-owned assets. Fire mission against enemy aborted (OKAY) (CANCEL)"
Anybody remember the first tests of the Aegis-class cruiser? The first US Navy vessel controlled exclusively by a Microsoft product (Windows NT)? That's the ship which identified Catalina Island as a "fast moving target" and proceeded to lock her guns on the vessel assigned to monitor operations (the USS Forrestal, if memory serves). They had to shut down the entire ship and have her towed back to port. Yeesh! Daystrom's M5 duotronic unit, all over again (at least this one had an "off" switch)!
And what will TCM do if a unit suffers battlefield damage and a solution improvised to bring it back up? For battlefield conditions, a ruggedized, highly-available system is required. How do we reconcile that with TCM, a single point-of-failure if ever I saw one!
In the next 5+ years 100% guaranteed.
How do I know this?
As someone that has seen sell-through market data for PC's of all kinds in the recent past, I have an seen the data to back my conclusions.
Panasonic made (makes?) a ruggedized laptop specifically for public agency markets.
1. It's too expensive for regular consumers
2. Doesn't have any feature a regular consumer -wants- to warrant paying more.
3. Volume isn't there for Panasonic to use the product as some kind of magical lever into mass-market.
TPM is similar in nature, only add to this the MOBO manufacturers are running on razor thin margins. You expect them to just add $6-15 per mobo + R&D implementing the thing to satisfy a narrow customer range? Nope.
An OEM will make a MOBO for some brand with a TPM and probably a couple of other gov't features, but there's no volume, so it will be *really* expensive. But a couple of brands that do lots of Army business will buy it. Will the mass market rush out and buy this mobo? No. Too expensive. Will the OEM market it on their own? Not likely.
Microsoft has spent years trying to force MOBO OEM's into doing things their way and most give them a polite "No thank you. But can you fix problems XY and Z in your OS so our MOBO's work better?"
http://www.maxineudall.com/2010/02/should-economists-be-sued-for-malpractice.html
if you exercise your rights under the GPL by modifying and rebuilding the software, it's no longer "Trusted" because it's not signed.
You've been posting a lot on this, and it's not right.
First of all, there's no such thing as a distinction between "Trusted" and "Untrusted" software in absolute terms. Second, software does not have to be signed.
What actually happens is that TC systems can be designed to keep track of the hashes of all the software that runs, and load those hashes into the TPM chip. THe chip can basically do two things with them. It can encrypt data and lock it to the hashes, such that the data can't be decrypted unless the machine is in exactly the same software state. Or it can report the current hash values, signed by the on-chip, unspoofable crypto key.
That's the true functionality. Now, from this, you can get features that work similarly to what you say, but not exactly.
If you change software, especially your OS software, and reboot, the TPM chip will get a different set of hashes loaded into it during the boot process. If you had previously locked (encrypted) data to the old system configuration, you won't be able to decrypt it now. You'd have to reboot back into the old configuration. If your old OS was high-security, say a SELinux configuration, and the new OS is a live CD you inserted to bypass the security, you won't be able to do so.
But it's not like the old OS was "Trusted" and the new OS is "Untrusted". It's just that they have different hashes and produce different software configurations. Data locked to the new configuration can't be decrypted in the old one, and vice versa.
The other thing the chip can do is to optionally report out to remote systems what your software configuration is. Maybe someone will only talk to you if you are running a certain configuration. Then, FROM HIS POINT OF VIEW, that configuration is "Trusted", and he won't trust any other. But it's not true in absolute terms that your computer is in a "Trusted" state or not. It's just that party's opinion about which software configurations he chooses to trust. And you could even imagine a system in which party A only "Trusts" one configuration while party B only "Trusts" an incompatible configuration. I'm sure this kind of conflict is likely to happen in the early days of TC, if it ever gets to this point.
And keep in mind that you can turn this around, too. You could connect to remote systems, say e-commerce sites or other servers, and they could use TC to report their software configuration to you. Then you might choose to trust only certain software versions, maybe systems with the most recent patches for example. Or you could have a P2P network and each computer could check that the others are running good versions of the software, to prevent people patching their systems to allow leeching or flooding attacks. There are a lot of other uses for this technology beyond DRM.
Note though that a P2P network like this would apparently be illegal under GPLv3. It would not be allowed to have software that queries the state of the peers and only connects to them if they are the same software, because this would prevent people from patching their software and continuing to participate in the P2P net (they'd have to start a new subnet of their own). So this potentially useful security tool is being shut off from the world of GPLv3. Luckily, people can continue to use GPLv2, which I expect to happen.
If the BIOS hashes the boot loader and stores it, assuming the BIOS is operating properly then that does not necessarily provide security. If the TPM chip is as passive as you say then all it can do is answer the following question: "What is the last hash you were fed?" It can answer this using a signed key to show that it isn't lying. However that alone isn't security. Some measure must be made to compare the hashes to a "gold standard" in order to verify that they are correct.
Given a BIOS B, B can be coded to hash the boot loader before using it. However, unless B "knows" what the correct hash is, it is only handing over control to "some program". If the chip operates as you say, and the chip has no knowledge of what the hash "should be" then control is surrendered at that point. B hands off to a boot loader and the boot loader does whatever it wants. If the only measure of correctness is "the last hash read" then B cannot be certain that what it is about to run is correct. This also holds true for boot loaders handing off to OS's etc.
Either B would have to be hard-coded with knowledge of what the "correct" boot loader hash would be, or the chip would. In either case the hash would have to be non-writable and, itself hashed or the system breaks down. If I can access in any way the storage point for the "verified" hashes then they can be replaced with falsified ones. However if the hashes are hard-coded then I can never upgrade or alter the software (without obtaining a new chip) because the hashes would change.
The only way that the system could work is if a) there exists a mutable storage system for "gold standard" hashes, b) the chip is capable of comparing a signed hash to a gold standard hash in a secure way, c) the algorithm used to do so is always secure and cannot be broken, and c) all of the software run on the system is "completely secure" and no bugs or deliberate attacks allow for the hash system to be fooled. If at any point any of these are violated then an attack is possible. False hashes can be planted for the future and the system is violated.
Keep in mind that hashes are many to one functions. MD5 has been cracked. Others can be as well.
"remember the USB drives showing up at bazaars?"
Here's a clue, the Army/Air force/Marines/Navy may be dumb at times, but sometimes - just sometimes, they get it right.
Disinformation is alive and well.
Trusted hiring? Well thought out, opportunities for information theft?
Priceless.
To say that "the army" is requiring all pcs to do anything is questionable at best. What this appears to apply to is the enterprise systems. That's maybe a couple hundred servers that fall into the command of Netcom. I see no mention of netcom having responsibility for things like desktops, agency by agency servers, etc. Never can tell though.
People who think they know everything really piss off those of us that actually do.
You (or I in this usage) have no warrent about the remote machine _unless_ You are the keeper of the keys of that remote machine. So on average, _I_ cannot trust my computer, nor can any other normal user. The all powerful and all mysterious _they_, in turn _can_ trust my computer to run (ominous hum) _THEIR_ software on my computer.
So in the current formulation, If my computer is talking to your computer, my trust of you is irrevelent. Our conversation is only as trustworthy as our collective trust in "them".
For instance:
Under "TCP" you and I are running MS Net Meeting. I can make no assertion about Net Meeting, you can make no assertion about Net Meeting, and Microsoft asserts that it will do whatever it is that Net Meeting does. Is this any warrent of safety? No. (much like all their products are unassailably safe, to be sarcastic,) If Net Meeting has an exploitable flaw I now have a garantee that I can exploit your computer. That is, I "trust" what I see as Net Meeting *is* net meeting, so I can operate against your flawed computer with the certianty of my "trust" in microsoft's flaw. I know FOR SURE that you are vulnerable.
Contrapositively, in the absence of TCP, that thing that _says_ it's Net Meeting, might in fact be a custom application (say a comercial anti-intrustion package) wrapping or replacing Net Meeting.
So in the world of trusted computing, I, exploit in hand, can operate with utter confidance that you cannot intercept or prevent my evil-doing; but without "Trusted Computing" I have to watch my step.
Further, with "Trusted Computing" we cannot control what our computers are doing, only the keyholder can. So Microsoft can trust that they can, for instance, hold all your Word Doccuments hostage to a monthy rent on Word, and you can trust that you will have to pay that rent to access your Corporate Legacy, or that Novel you are Writing, or your Master's Thesis.
Trusted computing does NOTHING for you, the user, but promise that you, the computer user, are powerless. Everybody else gets a free ride. Just like all Digital Restrictions Mandate technology, it isn't good for _YOU_, it is only good for some un-defined and un-accountable "THEM" somewhere.
And, no, this isn't just paranoia. Try playing your iTunes "Purchase" (yea, right) on a Creative(tm) Nomad(tm) some time.
Innocent people shouldn't be forced to pay for inferior software development.
--"Code Complete" Microsoft Press
If only I were so lucky; my dealings with the public are a lot more limited. I'm more of a logistics type of person, but then I deal with strictly domestic issues in the midwest, particularly in the medical field.
Translation: I dispatch ambulances in Ohio and deal with nursing homes on the phone.
Obfuscation is fun!