Take your book. Introduce couple dozen subtle but significant, erm, corrections. Upload the PDF to pirate sites. For bonus points, create several different versions, one with its own set of errors.
I have no idea how well it will work, but hey, what are you going to lose?
They will just photograph the audience (in infrared, so that no one notices). Then they'll use face recognition to identify you when you come to buy your next ticket, and trace you down by the CC number.
and it's not a developer's issue. It's an IT department's issue. Why a computer with sensitive information on it was connected to the Internet? If it had to be connected, why wasn't it firewalled properly? Why the user was able to install unapproved stuff? Most importantly, why nobody seems to be asking these questions?
Please don't assume I'm stupid. I once read and understood the entire specification of TPM. I forgot most of it since I don't need it in my everyday life, but I can recall bits, or read it again, if needed.
TPM cannot protect against hardcore physical attacks, so let's agree not to discuss them. Physical attacks are not always feasible and it makes sense to restrict the discussion to less hardcore threat models.
I understand that the technology can be used to do, among other things, some pretty evil stuff. You don't need to describe just how evil this stuff is. I can judge for myself, thank you very much.
Now let's discuss the PrivEK. I gather you want to know it. Do I understand you correctly? If so, what meaning do you ascribe to the manufacturer's signature on the PubEK? Normally it means "I have made a TPM chip, and I guarantee that the private part of this key will never leave that chip". (Again, restricting ourselves to attack models other than harcore physical). If you know your PrivEK, the signature cannot possibly mean that. What does it mean, then? Here's one possible meaning: "I have made a TPM chip, and there's a copy of the private portion of that key on that chip; another copy of the private portion of that key was given to a person who first purchased the chip, and then probably lost, revealed to any number of third parties, or otherwise mismanaged". Do you think this guarantee is worth any non-negative number of dollars? Note that the "I have made a TPM chip" part is useless: the signature might just as well mean "I gave the private portion of this key to someone", as any conversation that involves this keypair can be assumed not to touch any actual TPM hardware.
The vendor's signature on PubEK means that the corresponding PrivEK will never leave the chip. That's the main thing the vendor guarantees (not absolutely, mind you, just reasonably). If lots of people know their PrivEK, then obviously no vendor can guarantee such a thing.
What some people want the vendors to guarantee is the assertion that "the corresponding PrivEK will never leave the chip, and the only other copy of it is given to the owner of the chip to securely manage". Of course in practice this means that "the corresponding PrivEK will never leave the chip, and there was once a single copy given to the first owner of the chip, but now due to carelessness, malice, software bugs, accidents, drugs and other valid reasons, there's unknown number of second-generation copies of it in circulation, possessed by unknown people with unknown intentions".
Now we can simply ignore that there (probably) is a physical chip somewhere, with the corresponding PrivEK on it. It might never have existed, or might have been destroyed on delivery, or never plugged in, for all we know. Everything signed by that PrivEK can be assumed to never see actual TPM hardware. So what's guaranteed? We can be sure that there's a public key signed by someone well-known and trustworthy, and that the corresponding private key was given to someone to (mis)manage, and that's pretty much all. Surprisingly, there's a system in place to manage just such a kind of key pairs. If you want one, buy an SSL certificate.
Oh, and for the record, I think that this technology attestation can be used for both good things (asset management, secure remote access, even anti-cheating measures in online games) and bad things (DRM). It's pretty useless to protest the technology. If the technology is killed, but the concept of DRM itself remains attractive, content producers will find another vehicle to bring DRM upon people. What needs to be fought is DRMd content, not any technology it's wrapped in.
If you cannot permanently wipe, or temporarily disable, the manufacturer's keys and replace them with your own, then that's a bug and I'm the first to admit that.
It's just not a critical bug for most people that want to put TPMs to a practical use. For example, people might want to use these things to control who can connect to their network. And they probably don't want to replace keys, because they will have to manage replaced keys then, and it's apparently just one more thing to manage for no good reason at all.
It might be a critical bug for people that don't want any TPMs at all, neither on their computers nor on everyone else's. But why manufacturers would listen to them?
Now, if you want to discover manufacturer's keys, that's a different matter. I have no idea, and don't care, whether you have legal rights to do that or not. This may vary from jurisdiction to jurisdiction, and there are no engineering consequences of it anyway. The feature/bug is that you don't have a practical, economically viable way to do that. And people will build (both good and bad things) upon it, because they can.
Of course the assumption that the owner will under no circumstances have the key is, strictly speaking, invalid. So is the assumption that the owner isn't typing his ultra-secure 64 characters small-and-capital-letters-and-digits-and-special-characters, plus one-time key off his RSA dongle, under gunpoint. So what? Does it make passwords and dongles invalid security measures? No.
A TPM is a piece of hardware that signs bits in the name of hardware manufacturer. It says "I am Dell (or HP or Asus) and I certify that this computer runs unmodified Windows 7 (or Red Hat Linux or Joe Schmoe's Little Distro)".
If you're not Dell (or HP or Asus), why would you ever want to utter such a statement? Do you derive pleasure from lying to people? Seriously, if you could do that, this fact would destroy the genuine usefulness of TPM for people that do want to use it for whatever purpose.
If all you want to say is "I'm Joe Schmoe and I certify that this computer runs unmodified Joe Schmoe's Little Distro", you can certainly do that, no TPM required. No one would trust such a statement but I gather it's OK.
I, like you, have no idea what a foot or an inch or American football is. I just went to Wikipedia and snatched some numbers, then asked google for '360 ft in inches'. Try it, it's free.
Lessee. The football field is 360 by 160 feet. You need a resolution of at least 1 inch This is very coarse, really, but let's say it's 1 inch. This means your field is a giant 4320 by 1920 color screen right here. Which is, like, quad HDTV or something like that. You know what? Fuck the game, let's see some movies.
I've done that too. And the damn thing didn't even work! I had to downgrade to an older version (another 100M, thank you very much HP, would you be so kind to rot in hell please).
There's that cool new invention
on
The Walking House
·
· Score: 5, Funny
called "wheel". Very handy for moving things around. Check it out!
Re:Boost epitomizes everything that is wrong with
on
Boost 1.36 Released
·
· Score: 1
Yes, a programming language with a clean, purpose-built metaprogramming facility would be extremely useful. But I think that doing it imperative style, as you seem to prefer, is a sure way to lose one's sanity.
Slashdot Mirror
On Widows XP, Chrome makes an extensive use of the standard Windows XP GUI toolkit and its associated HIG. Yeah, right.
Take your book. Introduce couple dozen subtle but significant, erm, corrections. Upload the PDF to pirate sites. For bonus points, create several different versions, one with its own set of errors.
I have no idea how well it will work, but hey, what are you going to lose?
Bloody armchair astronomers. Go outside and try to count them!
They will just photograph the audience (in infrared, so that no one notices). Then they'll use face recognition to identify you when you come to buy your next ticket, and trace you down by the CC number.
crap, looks like a troll has got me. mod me down to pblivion.
Wrong. Next!
and it's not a developer's issue. It's an IT department's issue. Why a computer with sensitive information on it was connected to the Internet? If it had to be connected, why wasn't it firewalled properly? Why the user was able to install unapproved stuff? Most importantly, why nobody seems to be asking these questions?
There's a linux thingy called 'lisa' that sorta can do file sharing. Not that it matters.
Er... please mod down, make fun of, and otherwise disregard the parent comment. And this one, too.
http://en.wikipedia.org/wiki/SecurID
No reader is needed.
Guess what distro it runs ;)
Please don't assume I'm stupid. I once read and understood the entire specification of TPM. I forgot most of it since I don't need it in my everyday life, but I can recall bits, or read it again, if needed.
TPM cannot protect against hardcore physical attacks, so let's agree not to discuss them. Physical attacks are not always feasible and it makes sense to restrict the discussion to less hardcore threat models.
I understand that the technology can be used to do, among other things, some pretty evil stuff. You don't need to describe just how evil this stuff is. I can judge for myself, thank you very much.
Now let's discuss the PrivEK. I gather you want to know it. Do I understand you correctly? If so, what meaning do you ascribe to the manufacturer's signature on the PubEK? Normally it means "I have made a TPM chip, and I guarantee that the private part of this key will never leave that chip". (Again, restricting ourselves to attack models other than harcore physical). If you know your PrivEK, the signature cannot possibly mean that. What does it mean, then? Here's one possible meaning: "I have made a TPM chip, and there's a copy of the private portion of that key on that chip; another copy of the private portion of that key was given to a person who first purchased the chip, and then probably lost, revealed to any number of third parties, or otherwise mismanaged". Do you think this guarantee is worth any non-negative number of dollars? Note that the "I have made a TPM chip" part is useless: the signature might just as well mean "I gave the private portion of this key to someone", as any conversation that involves this keypair can be assumed not to touch any actual TPM hardware.
The vendor's signature on PubEK means that the corresponding PrivEK will never leave the chip. That's the main thing the vendor guarantees (not absolutely, mind you, just reasonably). If lots of people know their PrivEK, then obviously no vendor can guarantee such a thing.
What some people want the vendors to guarantee is the assertion that "the corresponding PrivEK will never leave the chip, and the only other copy of it is given to the owner of the chip to securely manage". Of course in practice this means that "the corresponding PrivEK will never leave the chip, and there was once a single copy given to the first owner of the chip, but now due to carelessness, malice, software bugs, accidents, drugs and other valid reasons, there's unknown number of second-generation copies of it in circulation, possessed by unknown people with unknown intentions".
Now we can simply ignore that there (probably) is a physical chip somewhere, with the corresponding PrivEK on it. It might never have existed, or might have been destroyed on delivery, or never plugged in, for all we know. Everything signed by that PrivEK can be assumed to never see actual TPM hardware. So what's guaranteed? We can be sure that there's a public key signed by someone well-known and trustworthy, and that the corresponding private key was given to someone to (mis)manage, and that's pretty much all. Surprisingly, there's a system in place to manage just such a kind of key pairs. If you want one, buy an SSL certificate.
Oh, and for the record, I think that this technology attestation can be used for both good things (asset management, secure remote access, even anti-cheating measures in online games) and bad things (DRM). It's pretty useless to protest the technology. If the technology is killed, but the concept of DRM itself remains attractive, content producers will find another vehicle to bring DRM upon people. What needs to be fought is DRMd content, not any technology it's wrapped in.
If you cannot permanently wipe, or temporarily disable, the manufacturer's keys and replace them with your own, then that's a bug and I'm the first to admit that.
It's just not a critical bug for most people that want to put TPMs to a practical use. For example, people might want to use these things to control who can connect to their network. And they probably don't want to replace keys, because they will have to manage replaced keys then, and it's apparently just one more thing to manage for no good reason at all.
It might be a critical bug for people that don't want any TPMs at all, neither on their computers nor on everyone else's. But why manufacturers would listen to them?
Now, if you want to discover manufacturer's keys, that's a different matter. I have no idea, and don't care, whether you have legal rights to do that or not. This may vary from jurisdiction to jurisdiction, and there are no engineering consequences of it anyway. The feature/bug is that you don't have a practical, economically viable way to do that. And people will build (both good and bad things) upon it, because they can.
Of course the assumption that the owner will under no circumstances have the key is, strictly speaking, invalid. So is the assumption that the owner isn't typing his ultra-secure 64 characters small-and-capital-letters-and-digits-and-special-characters, plus one-time key off his RSA dongle, under gunpoint. So what? Does it make passwords and dongles invalid security measures? No.
A TPM is a piece of hardware that signs bits in the name of hardware manufacturer. It says "I am Dell (or HP or Asus) and I certify that this computer runs unmodified Windows 7 (or Red Hat Linux or Joe Schmoe's Little Distro)".
If you're not Dell (or HP or Asus), why would you ever want to utter such a statement? Do you derive pleasure from lying to people? Seriously, if you could do that, this fact would destroy the genuine usefulness of TPM for people that do want to use it for whatever purpose.
If all you want to say is "I'm Joe Schmoe and I certify that this computer runs unmodified Joe Schmoe's Little Distro", you can certainly do that, no TPM required. No one would trust such a statement but I gather it's OK.
I, like you, have no idea what a foot or an inch or American football is. I just went to Wikipedia and snatched some numbers, then asked google for '360 ft in inches'. Try it, it's free.
Lessee. The football field is 360 by 160 feet. You need a resolution of at least 1 inch This is very coarse, really, but let's say it's 1 inch. This means your field is a giant 4320 by 1920 color screen right here. Which is, like, quad HDTV or something like that. You know what? Fuck the game, let's see some movies.
(* ) ( *)
Filter error: Your comment looks too much like ascii art.
I've done that too. And the damn thing didn't even work! I had to downgrade to an older version (another 100M, thank you very much HP, would you be so kind to rot in hell please).
called "wheel". Very handy for moving things around. Check it out!
Yes, a programming language with a clean, purpose-built metaprogramming facility would be extremely useful. But I think that doing it imperative style, as you seem to prefer, is a sure way to lose one's sanity.
http://chdk.wikia.com/
Yeah, I'd expect something close to 40 mega too.
It's not a "consumer grade camera". It's a toy.
Ha! I've got my golden ears, I don't need your fancy-schmancy science!