by building voice-chat software into the game so players can speak with one another using a microphone plugged into their computer
I've had DMs kill an entire party for making too much noise (arguing) and attracting wandering beasties with the noise... and then penalize us with - die roll modifiers with the surprise attack... Remember, it's not really 'Role' playing if you're not playing your role.
I'm glad to see that you had the courage to respond Mr. Ballmer, it's unfortunate that you didn't have the balls to sign in with a handle that identifies you. This commentary is not atypical coming from you. Thankfully you can't throw a chair at me, and if we met in person, I'd invite you to.
Vista sales will be diluted so much by an open source Intel platform kernel as to make Vista a non sequitur. Microsoft has no small interest in seeing this stopped.
Apple has traditionally been a hardware company, and this change of approach is indicative of pressure from Bill to keep OS X off of every box in production.
What amazes me is that people are having a hard time connecting the dots between the anti-competitive Darth Vader of IE and Office fame, and Apple's (the hardware company)fear to have their OS run on everything
It's only a matter of time before the OS will be hacked, and customers chose to run something else. The success of GNU/Linux is a shining example of just how tired customers (Enterprise and Consumer alike) are of having to swallow FUD and bad code.
Bill Gates' fortune be damned, the people are demanding choice, and are being prevented by the huge market force that Mr. Gates wields. I guess that makes Bill and Ballmer red light sabre kind of guys after all... Use the force Steve! The people want your OS, and we're tired of the M$ corrupt crap.
I have the pleasure of administering a K-12 private school. The kids are very computer literate, and as such, you really need to make a good sandbox for them to play in. Thankfully, Apple and BSD provide great facilities that enable me to ensure that the kids are kept safe with content filtering, have roaming profiles and each client is locked down with respect to software installation.
Surprisingly, the teachers have much less comfort with technology, and they mess things up more often than the kids do. If the kids didn't drop the laptops occasionally, it would be an almost ideal setup. Hacking gravity is still proving a little difficult. Damn Newtonian physics!
Apple has ZERO hurdles to sell their OS to generic Intel punters and here's why...
1. It's very easy for corporate lawyers to set hardware specifications for their OS, in fact, it's already on the box.
2. It's very easy to have a support policy for OS X, in fact, you can refer to rule 1. for this.
Just because I got a copy of OS X running on my LG fridge, does that mean I've broken the DMCA twice? American's will need to change the DMCA Quickly or we'll be stuck in a no innovation possible zone.
Let's get to the REAL reason that OS X isn't allowed everywhere...
Because VISTA sales will be so diluted and Bill (Filthy Lucre) Gates will lose a ton on his investment into actually trying to make an OS
um... at the hardware level I'd disagree with you... the tpm starts first, and can be used for an interactive attestation based POST (the documentation suggests this boot order, I've read it a few times now) and subsequently interactive hardware initialization. from my understanding of boot orders, this is BEFORE the OS loads, so where's the driver? the real truth is that there are best practices which state that the customer (buyer) should have opt in/out and trust verification tools to ensure the tpm is set up in keeping with the security context of where the machine is being used. in an enterprise, tpm can be a great one stop audit exposure killing tool, in a home users machine it could be a scary privacy mess.
the glaring lack of disclosure of the tpm implementation, and worse, that it's shipping enabled. ALL other vendors follow the fair and open best practices as recommended by the trusted computing group.
this proves that it's possible to boot other os, yes, and indeed that's a good thing. it does not mean that there has been full disclosure of apple's tpm implementation, nor does it mitigate the potential privacy exposure of a tpm that's shipping enabled.
tin hats are not required to see that this needs rectification.
Don't they all come with thousands of preconfigured remote access vulnerabilities already?
I think the UK Government just wants to have one for their very own so they can be l33t too.
still no response from apple privacy? it's been 3 weeks.
wowsers...
I have iMac Core Duo #4, says so on my box...
I've been trying to gain media exposure to this issue since it's discovery in my machine...
No one seems to understand TPM well enough to give educated feedback...
The trusted computing group is a group of the big and heavy hitters in the industry, they have collaborated on this technology, and have made it quite robust in functionality.
A primary function of the tpm is the setup of a transitive trust mechanism, whereby in an enterprise a central policy mechanism can be setup and enforced, signing all computer operations and file system objects. This functionality also provides for remote auditing and administration.
After a complete review of the literature, it is my understanding that many excellent uses are proposed for the technology. As a network integrator and consulting system administrator I'm particularly excited about the
remote management capabilities that the specification calls for, and the ability to lock the hardware, software and ensure that documents created in a business stay in the business without the appropriate trust level. The transitive trust nature of the TPM will allow me to set up group policies and enforce them in ways I've never experienced. Truly industrial grade tech.
As a slashdot reader, concerned with my privacy, I was pleased to note that the specification repeatedly called for privacy protection settings, including allowing the owner full control of the module. This is particularly good for home users who may not need these features enabled, particularly the remote auditing and administration functionality. In truth, the specification is quite balanced.
My question to slashdot readers is in light of this very balanced specification, which protects all stakeholders. Is it okay that Apple is currently implementing TPM in their new iMacs and Macbooks, and not documenting it in their system specifications ? Furthermore, is it also okay that they've failed to provide home users with the appropriate tools to monitor the trust mechanism and disable the module if it's not necessary?
Okay, that's two questions, but 'the third time's the charm' Is it okay that the specification describes remote auditing and administration capabilities, and I can't even see if that's enabled?
or understand transitive trusts even less. this might be flamebait, but it's also a rebuttal to a clearly ignorant comment. It's not my usual form to be so conflicting, so I'm hoping I don't get modded into the flame/troll hole for speaking up here.
That there's a TPM chip installed shipping enabled, with no end-user controls to verify the trust settings match the security context in which it's installed. Like my maxed out iMac Core Duo... Privacy Commissioner in T-10 days...
still no response from Apple Privacy...
Check the documentation http://www.trustedcomputinggroup.org/specs/bestpra ctices/
You'll see what I mean...
Caveat Emptor.
With a tape drive! My father taught computer science and electronics at the high school level...
which brought home every flavour of computing device that was institutionalized...
yummy QNX terminals with the amber monitors! I still miss that stability.
My father and I worked on rudimentary networks with C64s and a whopping 120 MB fileserver!
Networked C64s! Muppet controller fun! Back then you couldn't hotplug a dongle...
Naturally, my first love was art as a result. I have since been fully assimilated and have worked
professionally in IT for 12 years, using anything x86, PPC, Motorolla 68K... I am Locutus (with more hair).
I would have an RFID chip inserted if I didn't need to carry any ID in the future, but then again... with the
recent Verichip fiasco, I think I'll hold off until we can get something a bit more robust...
Pablo Picasso said it best: 'Computers are useless, they only give you answers.'
While it's true that the Trusted Computing Group (TCG) have completely documented their standard, you will also find that they recommend for the TPM to be an owner controllable device, which the current implementation does not provide. While I can agree that there are many useful benefits available through the proposed architecture, and in completely transparent implementations there can be huge wins in safety, security and the protections of all stakeholders rights.
Furthermore, Apple is not listed in membership of the Trusted Computing Group at the moment https://www.trustedcomputinggroup.org/about/member s/ what does this mean? Is there some subdivision of Apple that is a member so it's okay? As they aren't members, are they obliged to follow the standards?
It is also interesting to note that while the source for 10.4.4 for PPC is available, the source for Intel iMacs is not.
As you are coming to see, there are a few gaps in the docs here. This is precedent setting for a major vendor who by now should all know to have their work well documented before release day. Apple isn't new. If their implementation isn't any different from the standards proposed and maintained by the TCG perhaps they should become members and/or properly document their TPM module and provide customer access as recommended in the spec. This is even more important in light of the contentious nature of this product.
I look forward to your continued thoughts on the matter, but hope that you might refrain from derogatory comment in future.
Please don't get me wrong, this is not a crusade to burn Apple, it's about understanding technology, rtfm, and why isn't this documented?
The BIOS or Basic Input Output System is a series of low level instructions to help set up the basic functionality of hardware and initialize the bootstrap process. As this device is typically created in hardware in a CMOS (Complimentary Metal Oxide Semiconductor) based firmware usually called EEPROM (Electrically Eraseable Programmable Read Only Memory) you need a low level EEPROM programming utility to access and write to this firmware. As BIOS is after POST (Power On Self Test) the first device initialized during the boot process and is used to identify local and external devices and provide for their initialization and map their resource entries for later use by the operating system. Motherboard manufacturers have been aware of this vulnerability for years, and have taken appropriate steps including but not limited to jumpers (can't flash BIOS unless jumped) and other protections. This is why you'll not find a software writable BIOS implementation receive C2 certification.
EFI is equally 'hackable' and potentially even more so. By increasing complexity, you increase the exposure to compromise. It is not true that security by obscurity works for all cases, so in truth you're not going to be secure any way you slice it. IBM proved in the 1960s and early 1970s that physical access to the equipment and the appropriate knowledge can render any security system including the attempts at secure kernels useless ( a project starting with 'M' comes to mind here.)
It very true that there are inherent dangers in the use of computers, esp. with respect to sensitive data. It is equally true that any lock created is already insecure by the nature of the fact that a key must exist. The FUD is getting spread a little thick here, that's why it's important to understand that TPM is just a Dongle you can't see, touch, or remove.
This posting is clearly spreading it. This is part of a calculated attempt to fear computer users into accepting Trusted Platform Modules which currently exist as UFOs on the new Intel iMacs. When I say UFOs I mean Undocumented Functioning Object. It's installed on my motherboard. It's true that the TCG has made much of the documentation about their modus operandi and even Apple has some OLD documentation about this, the real agenda here is spreading Fear, Uncertainty, and Doubt about their platforms in their current implementations and ease our transition into the TPM future.
It's not difficult to see that these mechanisms could potentially be part of an much larger agenda. You see it happening all around you, RFID, Ubiquitous Surveillance, Presidentially Endorsed Wiretapping, etc. The controls on your movements are getting tighter and tighter. It's not paranoia, it's paying attention. Connect the dots is an easy game, even children can do it.
The most damning aspect of this technology is the lack of transparency required by the implementor, in that they can (at their discretion) use closed source to track users, enforce DRM restrictions where previous 'fair use' and other uses were traditionally allowed. The real question is, even for shareholders, how much is too much? Is the quest for maximizing profit hobbling our society?
Don't look to the skies for UFOs, look on your motherboard, and demand answers for undocumented ICs
Slashdot Mirror
I've had DMs kill an entire party for making too much noise (arguing) and attracting wandering beasties with the noise... and then penalize us with - die roll modifiers with the surprise attack... Remember, it's not really 'Role' playing if you're not playing your role.
I'm glad to see that you had the courage to respond Mr. Ballmer, it's unfortunate that you didn't have the balls to sign in with a handle that identifies you. This commentary is not atypical coming from you. Thankfully you can't throw a chair at me, and if we met in person, I'd invite you to.
ringing in the new TPM (read thought police monitor) future! all hail our new leaders! steve heil! bill heil!
emmanuel goldstein (2600) is already the enemy of the party.
time for my two minute hate
Jobs sucks a better male chicken.
Vista sales will be diluted so much by an open source Intel platform kernel as to make Vista a non sequitur. Microsoft has no small interest in seeing this stopped.
Apple has traditionally been a hardware company, and this change of approach is indicative of pressure from Bill to keep OS X off of every box in production.
What amazes me is that people are having a hard time connecting the dots between the anti-competitive Darth Vader of IE and Office fame, and Apple's (the hardware company)fear to have their OS run on everything
It's only a matter of time before the OS will be hacked, and customers chose to run something else. The success of GNU/Linux is a shining example of just how tired customers (Enterprise and Consumer alike) are of having to swallow FUD and bad code.
Bill Gates' fortune be damned, the people are demanding choice, and are being prevented by the huge market force that Mr. Gates wields. I guess that makes Bill and Ballmer red light sabre kind of guys after all... Use the force Steve! The people want your OS, and we're tired of the M$ corrupt crap.
I have the pleasure of administering a K-12 private school. The kids are very computer literate, and as such, you really need to make a good sandbox for them to play in. Thankfully, Apple and BSD provide great facilities that enable me to ensure that the kids are kept safe with content filtering, have roaming profiles and each client is locked down with respect to software installation. Surprisingly, the teachers have much less comfort with technology, and they mess things up more often than the kids do. If the kids didn't drop the laptops occasionally, it would be an almost ideal setup. Hacking gravity is still proving a little difficult. Damn Newtonian physics!
you forgot to 'throw a chair' in there somewhere...
Apple has ZERO hurdles to sell their OS to generic Intel punters and here's why...
1. It's very easy for corporate lawyers to set hardware specifications for their OS, in fact, it's already on the box.
2. It's very easy to have a support policy for OS X, in fact, you can refer to rule 1. for this.
Just because I got a copy of OS X running on my LG fridge, does that mean I've broken the DMCA twice? American's will need to change the DMCA Quickly or we'll be stuck in a no innovation possible zone.
Let's get to the REAL reason that OS X isn't allowed everywhere...
Because VISTA sales will be so diluted and Bill (Filthy Lucre) Gates will lose a ton on his investment into actually trying to make an OS
The dashing young CEO Steve,
Has a TPM stashed up his sleeve,
He used it to track,
All the people that hack,
Or that's what he'll have you believe.
They should just change the meaning of the acronym now... it will save plenty of confusion in the near future.
Double Plus Ungood!
um... at the hardware level I'd disagree with you... the tpm starts first, and can be used for an interactive attestation based POST (the documentation suggests this boot order, I've read it a few times now) and subsequently interactive hardware initialization. from my understanding of boot orders, this is BEFORE the OS loads, so where's the driver? the real truth is that there are best practices which state that the customer (buyer) should have opt in/out and trust verification tools to ensure the tpm is set up in keeping with the security context of where the machine is being used. in an enterprise, tpm can be a great one stop audit exposure killing tool, in a home users machine it could be a scary privacy mess.
the glaring lack of disclosure of the tpm implementation, and worse, that it's shipping enabled. ALL other vendors follow the fair and open best practices as recommended by the trusted computing group.
this proves that it's possible to boot other os, yes, and indeed that's a good thing. it does not mean that there has been full disclosure of apple's tpm implementation, nor does it mitigate the potential privacy exposure of a tpm that's shipping enabled.
tin hats are not required to see that this needs rectification.
Don't they all come with thousands of preconfigured remote access vulnerabilities already? I think the UK Government just wants to have one for their very own so they can be l33t too.
troubling to be sure!
still no response from apple privacy? it's been 3 weeks.
wowsers...
I have iMac Core Duo #4, says so on my box... I've been trying to gain media exposure to this issue since it's discovery in my machine... No one seems to understand TPM well enough to give educated feedback...
The trusted computing group is a group of the big and heavy hitters in the industry, they have collaborated on this technology, and have made it quite robust in functionality.
A primary function of the tpm is the setup of a transitive trust mechanism, whereby in an enterprise a central policy mechanism can be setup and enforced, signing all computer operations and file system objects. This functionality also provides for remote auditing and administration.
Please see my unaccepted post
It's true that the era of trusted platforms is quickly coming upon us. After much controversy the Trusted Computing Group has posted its specifications for the whole world to review. Many of our industry's analysts, artists, and commentators have both supported and denounced the technology in equal measure.
After a complete review of the literature, it is my understanding that many excellent uses are proposed for the technology. As a network integrator and consulting system administrator I'm particularly excited about the remote management capabilities that the specification calls for, and the ability to lock the hardware, software and ensure that documents created in a business stay in the business without the appropriate trust level. The transitive trust nature of the TPM will allow me to set up group policies and enforce them in ways I've never experienced. Truly industrial grade tech.
As a slashdot reader, concerned with my privacy, I was pleased to note that the specification repeatedly called for privacy protection settings, including allowing the owner full control of the module. This is particularly good for home users who may not need these features enabled, particularly the remote auditing and administration functionality. In truth, the specification is quite balanced.
My question to slashdot readers is in light of this very balanced specification, which protects all stakeholders. Is it okay that Apple is currently implementing TPM in their new iMacs and Macbooks, and not documenting it in their system specifications ? Furthermore, is it also okay that they've failed to provide home users with the appropriate tools to monitor the trust mechanism and disable the module if it's not necessary?
Okay, that's two questions, but 'the third time's the charm' Is it okay that the specification describes remote auditing and administration capabilities, and I can't even see if that's enabled?
or understand transitive trusts even less. this might be flamebait, but it's also a rebuttal to a clearly ignorant comment. It's not my usual form to be so conflicting, so I'm hoping I don't get modded into the flame/troll hole for speaking up here.
That there's a TPM chip installed shipping enabled, with no end-user controls to verify the trust settings match the security context in which it's installed. Like my maxed out iMac Core Duo... Privacy Commissioner in T-10 days... still no response from Apple Privacy... Check the documentation http://www.trustedcomputinggroup.org/specs/bestpra ctices/
You'll see what I mean...
Caveat Emptor.
With a tape drive! My father taught computer science and electronics at the high school level... which brought home every flavour of computing device that was institutionalized...
yummy QNX terminals with the amber monitors! I still miss that stability.
My father and I worked on rudimentary networks with C64s and a whopping 120 MB fileserver! Networked C64s! Muppet controller fun! Back then you couldn't hotplug a dongle...
Naturally, my first love was art as a result. I have since been fully assimilated and have worked professionally in IT for 12 years, using anything x86, PPC, Motorolla 68K... I am Locutus (with more hair).
I would have an RFID chip inserted if I didn't need to carry any ID in the future, but then again... with the recent Verichip fiasco, I think I'll hold off until we can get something a bit more robust...
Pablo Picasso said it best: 'Computers are useless, they only give you answers.''We're all going on a 'soma' holiday'
project management software. fight the internet? and I'm wearing a tinfoil hat? the future is NOT televised.
While it's true that the Trusted Computing Group (TCG) have completely documented their standard, you will also find that they recommend for the TPM to be an owner controllable device, which the current implementation does not provide. While I can agree that there are many useful benefits available through the proposed architecture, and in completely transparent implementations there can be huge wins in safety, security and the protections of all stakeholders rights.
Furthermore, Apple is not listed in membership of the Trusted Computing Group at the moment https://www.trustedcomputinggroup.org/about/member s/ what does this mean? Is there some subdivision of Apple that is a member so it's okay? As they aren't members, are they obliged to follow the standards?
It is also interesting to note that while the source for 10.4.4 for PPC is available, the source for Intel iMacs is not.
As you are coming to see, there are a few gaps in the docs here. This is precedent setting for a major vendor who by now should all know to have their work well documented before release day. Apple isn't new. If their implementation isn't any different from the standards proposed and maintained by the TCG perhaps they should become members and/or properly document their TPM module and provide customer access as recommended in the spec. This is even more important in light of the contentious nature of this product.
I look forward to your continued thoughts on the matter, but hope that you might refrain from derogatory comment in future.
Please don't get me wrong, this is not a crusade to burn Apple, it's about understanding technology, rtfm, and why isn't this documented?
The BIOS or Basic Input Output System is a series of low level instructions to help set up the basic functionality of hardware and initialize the bootstrap process. As this device is typically created in hardware in a CMOS (Complimentary Metal Oxide Semiconductor) based firmware usually called EEPROM (Electrically Eraseable Programmable Read Only Memory) you need a low level EEPROM programming utility to access and write to this firmware. As BIOS is after POST (Power On Self Test) the first device initialized during the boot process and is used to identify local and external devices and provide for their initialization and map their resource entries for later use by the operating system. Motherboard manufacturers have been aware of this vulnerability for years, and have taken appropriate steps including but not limited to jumpers (can't flash BIOS unless jumped) and other protections. This is why you'll not find a software writable BIOS implementation receive C2 certification.
EFI is equally 'hackable' and potentially even more so. By increasing complexity, you increase the exposure to compromise. It is not true that security by obscurity works for all cases, so in truth you're not going to be secure any way you slice it. IBM proved in the 1960s and early 1970s that physical access to the equipment and the appropriate knowledge can render any security system including the attempts at secure kernels useless ( a project starting with 'M' comes to mind here.)
It very true that there are inherent dangers in the use of computers, esp. with respect to sensitive data. It is equally true that any lock created is already insecure by the nature of the fact that a key must exist. The FUD is getting spread a little thick here, that's why it's important to understand that TPM is just a Dongle you can't see, touch, or remove.
This posting is clearly spreading it. This is part of a calculated attempt to fear computer users into accepting Trusted Platform Modules which currently exist as UFOs on the new Intel iMacs. When I say UFOs I mean Undocumented Functioning Object. It's installed on my motherboard. It's true that the TCG has made much of the documentation about their modus operandi and even Apple has some OLD documentation about this, the real agenda here is spreading Fear, Uncertainty, and Doubt about their platforms in their current implementations and ease our transition into the TPM future.
It's not difficult to see that these mechanisms could potentially be part of an much larger agenda. You see it happening all around you, RFID, Ubiquitous Surveillance, Presidentially Endorsed Wiretapping, etc. The controls on your movements are getting tighter and tighter. It's not paranoia, it's paying attention. Connect the dots is an easy game, even children can do it.
The most damning aspect of this technology is the lack of transparency required by the implementor, in that they can (at their discretion) use closed source to track users, enforce DRM restrictions where previous 'fair use' and other uses were traditionally allowed. The real question is, even for shareholders, how much is too much? Is the quest for maximizing profit hobbling our society?
Don't look to the skies for UFOs, look on your motherboard, and demand answers for undocumented ICs
so can we expect a gooPod on the horizon?
Pixar isn't randomly greenlighting movie screenplays based on explosion/boob ratio.
That's what Touchstone is for!