Slashdot Mirror
Atari Founder Proclaims the End of Gaming Piracy
OMGZombies writes "Speaking on a conference held yesterday in New York, the Atari founder Nolan Bushnell said that a new stealth encryption chip called TPM will 'absolutely stop piracy of gameplay'. The chip is apparently being embedded on most of the new computer motherboards and is said to be 'uncrackable by people on the internet and by giving away passwords' though it won't stop movie or music piracy, since 'if you can watch it and you can hear it, you can copy it.'"
That's how Engadget is describing it, and I'm inclinded to agree. Firstly, it's not a "stealth chip", they tend to be prominently listed as a feature because they're so bloomin' rare and you really need one if you want to be able to use Vista's disk encryption without a dongle. Secondly, nobody has even proposed using them as a DRM measure, presumably because of the aforementioned rarity. Thirdly, this is spectacularly old news - those who follow hardware developments have been chatting about the TPM and its implications since Two Thousand and FIVE.
No kidding!!! What do you say at this point?
Trusted Platform Module - not mentioned in the article. You can probably google it yourself, or wikipedia has an entry.
It's pretty much Palladium all over again. Remember that?
TPM = Trusted Platform Module.
The system creates a hash key based upon an analysis of the encrypted software and hardware combined together. If this matches a third party checksum, then the third party releases the decryption key to the encrypted software.
This would make sense for networked console games or PC's with broadband connections.
Vintage computer adverts: http://www.vintageadbrowser.com/computers-and-software-ads
Simple...let's go back to the cartridges... DS cartridges are already widely pirated, as were GBA cartridges before them.
Not necessarily. The difference between music/video and games is that the latter is highly interactive - there's no analog hole there, you cannot just record it. You can, of course, hack the executable, but using TPM, they can encrypt the game resources, and you'll need to break the TPM itself to get to them - you can't work around that as you can with the analog hole.
The software my company writes is tied to the TPM chip. What it prevents you from doing is taking a copy of our software and running it on another machine. When you register it, you then download an encrypted image for that specific TPM chip. Without systems level access to that machine and some pretty expensive hardware tools, there's no reasonable way to hack it. Of course, our entire application/OS is encrypted whereas encrypting an entire game would become a hinderence to game play. Therefore, I doubt it will take off.
But heck, it's the securiest OS on the planet be running those games. TPM is irrelevant then.
Sure there will be some code that talks to the TPM - the so called Trusted Computing Base (TCB). This will be built into unchangeable ROM or into the CPU itself. You'll have to work at Intel or AMD to have the technology to get around this.
The game itself will be encrypted with a small wrapper doing the handshake with the manufacturer to load the decryption key into the TPM.
There are only a few options to get around this:
I'll go for (3), that's for sure.
Four months? I find your lack of faith disturbing! What was CSS broke in, three hours with three lines of recursive code?
Try two years. And AACS still isn't truly broken.
Done with slashdot, done with nerds, getting a life.
The TPM chip that comes in computers is totally different than the hardware chips, curtained memory, and super-root apps that were in Palladium. In the NGSCB, the hardware had an active role of maintaining I/O, and managing memory.
The current version of the TPM is not in the active path at all. Fundamentally, all a TPM 1.2 chip is, is a smart card that is attached to the motherboard. The only difference between it and an Aladdin eToken that is plugged into a USB port are two things. First, are the platform configuration registers, which you manually have to put data into, and second the TPM is resettable from the BIOS screen.
TPM chips, as per the TCG 1.2 spec ship disabled and deactivated, and the user of the machine has to go into BIOS to enable the chip and take physical ownership. Otherwise, it can't be accessed by the machine in any way.
Motherboards TPM chips are rare to find. For a server I built that is to be able to boot unattended, but have all its volumes encrypted using BitLocker, I had to chase down stats on Intel's website and compare them to currently selling motherboards, then cross-reference them to make sure there was an actual chip, and not just BIOS headers.
The Atari founder is quite wrong. Using the TPM won't give much protection from pirates. We've already hard hardware devices encrypting software for decades -- the good old fashioned dongles.
Second, no modern OS ships with a trusted, sealed OS path that is forever static and can be signed from the OS company and passed directly to the TPM like console operating systems are done. Windows Server 2008 has different drivers load for RAID and other low level devices which vary widely party. For example, If you install a new role like Hyper-V on Windows Server 2008, you have to disable and re-enable BitLocker, or the OS path won't be the same. Bitlocker doesn't use OS signatures from a central source, when its enabled, it does its own signing and sealing of the boot path and other user selectable data (BIOS settings, NTFS stats, MBR, partition table.)
The Atari founder assumes too much. PCs are not consoles where having a chip on a static OS and hardware can provide adequate protection. For the TPM chip on PCs to be used for piracy protection, every gaming machine would have to have one physically present, enabled, activated, and ownership taken in the OS the chip is running under, the OS would have to have a static low level kernel that never changes from machine to machine regardless of CPU or devices installed, which for a PC is virtually impossible.
TPM chips also have been emulated too. All it takes is one person to be able to bypass the protection, and the game is cracked.
All and all, in my personal experience, TPM chips are a good thing, especially with BitLocker. A server can boot unattended but still possess hard disk encryption so someone who gets physical access to the box can't just boot a CD and copy off the server's contents. I'd recommend this for co-loc boxes, especially in these times where thieves are learning that a data center heist can net far more cash in information to sell on the ID theft market (or just plain old extortion) than a bank robbery would haul in.
A laptop owned by a company bound by corporate regs can use BitLocker or PGP to ensure the laptop has hard disk encryption, but doesn't have any more passwords the user has to remember. Finally, someone can use BitLocker + a PIN, so if someone steals a laptop or machine, they only have 3-5 guesses before the TPM refused entries or starts adding substantial delays between password guesses.
Of course, there are hard disk encryption programs with pre-boot authentication (TrueCrypt, PGP, etc.), but BitLocker is the only one that offers the feature of booting a machine completely unattended, but yet remain secure. Of course, one can have an OS boot then manually mount encrypted volumes, but BitLocker removes the hassle of this, especially if the machine is in a remote location where no admins would be present, and a network connection is not feasible.
The TPM chip in its current form is a security asset (IMHO). It, in its current incarnation, would provide little help for new DRM or antipiracy schemes.
You guys still dont get it. The whole idea behind trusted computing is to prevent such duplication. The TPM checksums the hardware and every piece of code from the boot-loader up to the application. The other end uses these checksums to verify that only valid pieces of code are running at each level. This makes it very hard to actually circumvent it by duplicating or modifying any code or running any modified hardware which could steal the keys used to encrypt these checksums. The major problem with trusted computing is not the possibility of circumvention but attestation. For example each new OS patch will cause your OS checksum to be differ, and for remote attestation to work the entity validating your OS checksum should be aware of this new patch. How do we keep track of so many OS versions? or each new BIOS version? and so on and so forth. This means that Linux users with modified kernels will not be able to run their kernels if they are using an application which uses trusted computing. If you want to watch a movie, you have to watch it on a player which can be attested to. This prevents you from running it on a player which might record the movie while it is being streamed for example. The other problem as you mentioned is that these fritz chips need to be really fast. Is trusted computing evil? In many ways yes. It has immense potential to be exploited and kill customer choice. But it may do some good too if used right (for example to ensure that you are not running malicious hardware or infected software unknown to you). Given that basic premise behind trusted computing is to come up with a foolproof DRM mechanism, I would place my bets on it being abused to run a virtual dictatorship. That said, watch this: http://www.youtube.com/watch?v=XgFbqSYdNK4
One search at a torrent site would tell you that you're so wrong it's not even +4 funny, much less +4 interesting.
Assorted stuff I do sometimes: Lemuria.org
You can't steal it, but if you are able to make an exact replica of it while still leaving my car right where it is, please: be my guest!
Make me one while you're at it and then I'll have spare parts. Thanks.