Slashdot Mirror
Atari Founder Proclaims the End of Gaming Piracy
OMGZombies writes "Speaking on a conference held yesterday in New York, the Atari founder Nolan Bushnell said that a new stealth encryption chip called TPM will 'absolutely stop piracy of gameplay'. The chip is apparently being embedded on most of the new computer motherboards and is said to be 'uncrackable by people on the internet and by giving away passwords' though it won't stop movie or music piracy, since 'if you can watch it and you can hear it, you can copy it.'"
That's how Engadget is describing it, and I'm inclinded to agree. Firstly, it's not a "stealth chip", they tend to be prominently listed as a feature because they're so bloomin' rare and you really need one if you want to be able to use Vista's disk encryption without a dongle. Secondly, nobody has even proposed using them as a DRM measure, presumably because of the aforementioned rarity. Thirdly, this is spectacularly old news - those who follow hardware developments have been chatting about the TPM and its implications since Two Thousand and FIVE.
No kidding!!! What do you say at this point?
Trusted Platform Module - not mentioned in the article. You can probably google it yourself, or wikipedia has an entry.
It's pretty much Palladium all over again. Remember that?
TPM = Trusted Platform Module.
The system creates a hash key based upon an analysis of the encrypted software and hardware combined together. If this matches a third party checksum, then the third party releases the decryption key to the encrypted software.
This would make sense for networked console games or PC's with broadband connections.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
they are not. Infogrammes bought the remnants of the company so that they could use the name.
FGD 135
Simple...let's go back to the cartridges... DS cartridges are already widely pirated, as were GBA cartridges before them.
+1 insightful! This guy must have just woken up, that he has seized upon this with such fervor makes me wonder how long Atari is going to be around. These things are FAR from common save for laptops and certainly not something you're likely to find on a gamer's desktop. My machine has a slot for a TPM module but it didn't ship with one and I see NO reason to shell out a pile of cash to obtain one. People such as myself will simply vote with our feet and wallets. Think he will blame piracy for the low sales?
Build it, Drive it, Improve it! Hybridz.org
Not necessarily. The difference between music/video and games is that the latter is highly interactive - there's no analog hole there, you cannot just record it. You can, of course, hack the executable, but using TPM, they can encrypt the game resources, and you'll need to break the TPM itself to get to them - you can't work around that as you can with the analog hole.
The software my company writes is tied to the TPM chip. What it prevents you from doing is taking a copy of our software and running it on another machine. When you register it, you then download an encrypted image for that specific TPM chip. Without systems level access to that machine and some pretty expensive hardware tools, there's no reasonable way to hack it. Of course, our entire application/OS is encrypted whereas encrypting an entire game would become a hinderence to game play. Therefore, I doubt it will take off.
But heck, it's the securiest OS on the planet be running those games. TPM is irrelevant then.
Sure there will be some code that talks to the TPM - the so called Trusted Computing Base (TCB). This will be built into unchangeable ROM or into the CPU itself. You'll have to work at Intel or AMD to have the technology to get around this.
The game itself will be encrypted with a small wrapper doing the handshake with the manufacturer to load the decryption key into the TPM.
There are only a few options to get around this:
I'll go for (3), that's for sure.
More information can be found at wikipedia
Its only optional if you don't want to run the software you just bought. If you *have* to run some special app, it might just become required.
Or later, to run that HSD approved "connection monitor" ( which would be called something like "security protector" ) to be allowed to connect to your ISP.
---- Booth was a patriot ----
> Do they support TPM?
No, but they don't have to -- they just can't access anything that's locked by the TPM (or more accurately, encrypted such that the TPM is the ultimate custodian of the keys). Plenty of existing copy protection mechanisms already don't work in virtual machines.
Four months? I find your lack of faith disturbing! What was CSS broke in, three hours with three lines of recursive code?
Try two years. And AACS still isn't truly broken.
Done with slashdot, done with nerds, getting a life.
Did anyone bother to point out that TPM has been discussed to death and the mere existence of the Trusted Platform Module is no news at all?
Power corrupts the few, while weakness corrupts the many.
The TPM chip that comes in computers is totally different than the hardware chips, curtained memory, and super-root apps that were in Palladium. In the NGSCB, the hardware had an active role of maintaining I/O, and managing memory.
The current version of the TPM is not in the active path at all. Fundamentally, all a TPM 1.2 chip is, is a smart card that is attached to the motherboard. The only difference between it and an Aladdin eToken that is plugged into a USB port are two things. First, are the platform configuration registers, which you manually have to put data into, and second the TPM is resettable from the BIOS screen.
TPM chips, as per the TCG 1.2 spec ship disabled and deactivated, and the user of the machine has to go into BIOS to enable the chip and take physical ownership. Otherwise, it can't be accessed by the machine in any way.
Motherboards TPM chips are rare to find. For a server I built that is to be able to boot unattended, but have all its volumes encrypted using BitLocker, I had to chase down stats on Intel's website and compare them to currently selling motherboards, then cross-reference them to make sure there was an actual chip, and not just BIOS headers.
The Atari founder is quite wrong. Using the TPM won't give much protection from pirates. We've already hard hardware devices encrypting software for decades -- the good old fashioned dongles.
Second, no modern OS ships with a trusted, sealed OS path that is forever static and can be signed from the OS company and passed directly to the TPM like console operating systems are done. Windows Server 2008 has different drivers load for RAID and other low level devices which vary widely party. For example, If you install a new role like Hyper-V on Windows Server 2008, you have to disable and re-enable BitLocker, or the OS path won't be the same. Bitlocker doesn't use OS signatures from a central source, when its enabled, it does its own signing and sealing of the boot path and other user selectable data (BIOS settings, NTFS stats, MBR, partition table.)
The Atari founder assumes too much. PCs are not consoles where having a chip on a static OS and hardware can provide adequate protection. For the TPM chip on PCs to be used for piracy protection, every gaming machine would have to have one physically present, enabled, activated, and ownership taken in the OS the chip is running under, the OS would have to have a static low level kernel that never changes from machine to machine regardless of CPU or devices installed, which for a PC is virtually impossible.
TPM chips also have been emulated too. All it takes is one person to be able to bypass the protection, and the game is cracked.
All and all, in my personal experience, TPM chips are a good thing, especially with BitLocker. A server can boot unattended but still possess hard disk encryption so someone who gets physical access to the box can't just boot a CD and copy off the server's contents. I'd recommend this for co-loc boxes, especially in these times where thieves are learning that a data center heist can net far more cash in information to sell on the ID theft market (or just plain old extortion) than a bank robbery would haul in.
A laptop owned by a company bound by corporate regs can use BitLocker or PGP to ensure the laptop has hard disk encryption, but doesn't have any more passwords the user has to remember. Finally, someone can use BitLocker + a PIN, so if someone steals a laptop or machine, they only have 3-5 guesses before the TPM refused entries or starts adding substantial delays between password guesses.
Of course, there are hard disk encryption programs with pre-boot authentication (TrueCrypt, PGP, etc.), but BitLocker is the only one that offers the feature of booting a machine completely unattended, but yet remain secure. Of course, one can have an OS boot then manually mount encrypted volumes, but BitLocker removes the hassle of this, especially if the machine is in a remote location where no admins would be present, and a network connection is not feasible.
The TPM chip in its current form is a security asset (IMHO). It, in its current incarnation, would provide little help for new DRM or antipiracy schemes.
Oh, and the other (obvious) assumption that an attacker doesn't already have the key.
The confusion arises from assuming encryption can be applied to copy protection. It can't. That fails the second test above -- the "attacker" is the end-user, and if they didn't have a working key in some form, they couldn't play the game. Because they have the key, they can copy the game, full stop.
It might take awhile, but it's not the encryption that's flawed, it's the very concept of DRM. As the old saying goes, "Trying to make bits not copyable is like trying to make water not wet."
The only real result of most of these schemes is to piss off the end-user to where we'll actually buy the game, and then download a crack. I'm argue that DRM causes at least as much piracy as it solves.
Don't thank God, thank a doctor!
It has been around much longer. It started with the Trusted Computing Platform Alliance, which was founded somewhere between 2001 and 2002 (in the Wikipedia article, there's unfortunately not much information about its history. The organization is now called Trusted Computing Group (of course, with an SSL encrypted homepage! ;-) ).
The FSF and EFF have been upset about this for a long time, and for a good reason. The initial design of Windows Vista would have included a "trusted kernel" which would've allowed only trusted applications and documents. Luckily, they could not enforce the original design.
You guys still dont get it. The whole idea behind trusted computing is to prevent such duplication. The TPM checksums the hardware and every piece of code from the boot-loader up to the application. The other end uses these checksums to verify that only valid pieces of code are running at each level. This makes it very hard to actually circumvent it by duplicating or modifying any code or running any modified hardware which could steal the keys used to encrypt these checksums. The major problem with trusted computing is not the possibility of circumvention but attestation. For example each new OS patch will cause your OS checksum to be differ, and for remote attestation to work the entity validating your OS checksum should be aware of this new patch. How do we keep track of so many OS versions? or each new BIOS version? and so on and so forth. This means that Linux users with modified kernels will not be able to run their kernels if they are using an application which uses trusted computing. If you want to watch a movie, you have to watch it on a player which can be attested to. This prevents you from running it on a player which might record the movie while it is being streamed for example. The other problem as you mentioned is that these fritz chips need to be really fast. Is trusted computing evil? In many ways yes. It has immense potential to be exploited and kill customer choice. But it may do some good too if used right (for example to ensure that you are not running malicious hardware or infected software unknown to you). Given that basic premise behind trusted computing is to come up with a foolproof DRM mechanism, I would place my bets on it being abused to run a virtual dictatorship. That said, watch this: http://www.youtube.com/watch?v=XgFbqSYdNK4
One search at a torrent site would tell you that you're so wrong it's not even +4 funny, much less +4 interesting.
Assorted stuff I do sometimes: Lemuria.org
Regarding the title "PR department at Atari is having a heart attack"; not really!
:)
Nolan Bushnell may have founded the *original* Atari, but he left in 1979 (having sold it to Warner Communications in 1976), and I see no indication that he has anything to do with the present-day company.
Besides which, the modern "Atari" is effectively just a brand purchased and used by Infogrames which has no real relationship or business continuity with the original Atari (which split into Atari Corp. and Atari Games in 1984- both streams are now effectively defunct).
The PR department at Atari probably couldn't give a toss!
"Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).
"and that will spell out a death sentence for Windows Users having a motherboard that do not support it."
There, fixed it for ya.You can't steal it, but if you are able to make an exact replica of it while still leaving my car right where it is, please: be my guest!
Make me one while you're at it and then I'll have spare parts. Thanks.
There is no sanctuary. There is no sanctuary. SHUT UP! There is no shut up. There is no shut up.
If you're running Windows XP, try going into Device Manager and expanding 'System Devices', and see if you see anything. On my Thinkpad, it's listed as 'Atmel TPM'. I think the same should apply for Vista.
The TPMs are everywhere, but they do no harm by themselves: it's just a hardware encryption chip. If you have the keys you can created a region of protected storage that no process can access without the keys. While that's handy and all, and could be incredibly valuable in protecting a spare partition for use in removing rootkits from your real partition, it's no aid to DRM on any computer for which you have the keys.
Now, if we're talking about consoles, the manufacturer can keep the keys and copying console games could be made much harder - much like Bluray etc, just an industry-standard scheme. But, for a general purpose PC, you have the keys and the TPM chip is there for your use.
Of course, the Atari guy is being an idiot here for another reason: if you can play the game, you can copy the game. Just like you can copy anything you can see or hear, you can copy the stream of instructions and game data as it passes through the CPU, and re-create the game from it, using an in-circuit emulator (ICE). An ICE is quite expensive, but not to the point it would deter anyone professionally priating games on a large scale.
Socialism: a lie told by totalitarians and believed by fools.
Crackers always buy the games. They also encourage others to do the same! You should read the .nfo files for things other than the cd keys =P
Nolan Bushnell is on the board of Wave Systems, who makes these chips. (Or at least he used to be.)
(I used to work at Wave myself.)