There have been an amazing number of responses by folks regarding the TPM (Trusted Platform Module) that will be on the new Intel Macs computers.

Cory Doctorow blasted this announcement with his usual flair and the reaction by the Apple Community was truly amazing (1, 2, 3, 4, and so many other places on the web).

To the real point, which only a few seem to even get … hard to believe! Here’s a quote from an Anonymous Coward 😉 (and no the wink is not because I wrote it, just because the writer was called an Anonymous Coward by macslash because they didn’t give their name) in response to this at the MacSlash posting by Gruber:

In matters of freedom, acting on the first whiff of tyranny is the only intelligent route. Once the horse is out of the barn, the damage is already done. Gruber dismisses evidence offered about the Tyrannical Computing Module by merely dismissing the messengers as Evildoers ™, and then goes on to assert several times that there isn’t any evidence, as if his assertions magically wave it away.

The snide “tinfoil hat” comments provide a dead giveaway that Gruber has little to stand on. If Apple wants to merely protect OS X from running on cheap PCs (a doomed hope anyway) TyrannicalCM/Palladium gives them no better means than merely putting any other sort of distinctive hardware or firmware element to check for. If it’s there, something’s fishy. But more to the point, its presence is a danger we must not accept.

Gurber proves himself out of his depth on this issue, and acts like a mere pompom girl for Apple. He quotes, but apparantly does not understand…

“Trusted Computing in the kernel is like a rifle on the mantelpiece: if it’s present in act one, it’ll go off by act three.”

Don’t get complacent about your freedom or you’ll lose it.

“Trusted Computing in the kernel is like a rifle on the mantelpiece: if it’s present in act one, it’ll go off by act three.”

And this at the O’Reilly Radar posting listed above by Tim O’Reilly:

Wow. I’ve rarely seen such unanimity in comments.

What I found so interesting about Cory’s comments was:

1) I liked his depiction of the dialogue between the GNU/Linux zealot and the Mac OS X user — it’s very accurate in my experience — and sums up a significant divide in the F/OSS community.

2) While Cory may be over-reacting about the particular rumors on Apple and DRM, I don’t think he’s over-reacting about the threat that over-zealous copyright interests provide to the kind of computing environment that has made so much open source software possible. I don’t think he’s wrong that there are folks who would very much like to limit the ability of anyone to use technology in unintended ways.

But I do have to say that the response in these comments is a fairly strong “radar” signal in and of itself, that says to me that our core audience has more tolerance for DRM and related technologies than I would have expected. Thanks for the correction.

Posted by: Tim O’Reilly at August 1, 2005 03:17 PM

Yes, it’s sad, isn’t it Tim?

If people have been watching TCPA/TPM DRM play out, they already realized this: They pushed it, there was public outcry, they backed off, and then started speaking slowly, gently bringing thoughts (and services/devices) that would move toward this again — slowly bringing about the current steadily more positive response toward these things via music files, movie files, software, and now hardware.

And talk about giving even more power to the DMCA!

Have people forgotten their basic history!?

We have been played like a fiddle by the technology companies, media content providers and this embarrassingly enough is still the same old ploy they have always used!

A slow, but steadily increasing heat under the pot of water where the frog is happily floating along oblivious will still kill frog in the end. The frog will never see it coming because it came about so slowly until it is too late.

Do so few really see it?! Just because Steve Jobs at Apple introduces it and you will still be able to run a script to disable TCPA ‘features,” makes it OK? It won’t really be a Mac anymore will it? You can’t run iTunes, QuickTime, or even the OS X GUI from the sounds of things if you run the script.

Microsoft is also building this into Vista as well.

Does no one see where all this is headed?

Try this article on ZDNet by Jon Oltsik

This type of allowance would only further open the doors for potentially giving corporate interests and the government the impetus for allowing things like “The Broadcast Flag” preventing you from making fair use of hardware, selling used equipment, etc., and other TCPA/TPM DRM in other hardware/software that we purchase to control citizens in ways never possible before.

Not to mention that it would essentially close the door on innovation in a way that has never been possible before except for large corporations who have enough money to sustain them through law suits. A very scary thought.

Now Microsoft, Apple, the RIAA and MPAA in support of TCPA/TPM DRM and spouting FUD around what THEY want people to think about this — to gain some level of safety from the ‘evil’ hackers and at the same time protect companies’ patents and copyrights …

Does no one see what is going on here? That this will stifle innovation in ways no one is obviously even thinking about.

Has everyone forgotten that liberty and freedom will go out the window?

“They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety.” Benjamin Franklin, Historical Review of Pennsylvania, 1759

Why Trustworthy Computing is bad (Gearlive.com) – Must Read.

Of course Windows Vista will have TCPA/TPM DRM built in as well – it’s one of Microsoft’s big selling points. I’m not sure how they are spinning it as a benefit to consumers as this does nothing but hurt innocent users wishing to exercise fair use of their content – pirates will always find a method to getting around DRM solutions. TCPA is a technology that only hinders consumers, and benefits no-one but the MPAA, RIAA, and other large greedy organizations that don’t trust their paying customers. With both Apple and Microsoft playing into the media organizations wishes for TCPA to be widely adopted then the consumer loses choice, freedom, and the ability to exercise fair use of the media they both own and enjoy. Check out a possible solution and more information about TCPA after the jump.

EFF.org’s article “Trusted Computing: Promise and Risk” By Seth Schoen. A must read.

Misconceptions about trusted computing

Misconceptions about this design abound. The most common misconception denies that the trusted computing PCs would really be backwards-compatible or able to run existing software. While it is certainly possible for manufacturers to build non-backwards-compatible PCs, or PCs incapable of running particular code, nothing in the TCG specifications insists on this. More importantly, the trusted computing architecture security model does not require that insecure, harmful, or undesirable software be prevented from running. The security model instead concentrates on software isolation — preventing running programs from interfering with one another.

When programs are adequately protected against interference by other programs, there is no security requirement that any particular software should be prevented from running. Just as multi-user operating systems allow users to run the software of their choice while protecting other users from the effects of that software, NGSCB could allow users to run the software of their choice while protecting other software from its effects. Only a particularly crude security model would require prohibiting “bad” software from a computer entirely, and the NGSCB model is not so crude. In addition, that approach would require some means of determining which software is “bad”, which would truly be a daunting task. (Some proprietary systems assume that all software not signed by a recognized authority is “bad”, but users would properly reject this heavy-handed approach in the computer environment. They rightly insist on being able to write and use software without the prior approval of some authority.)

None of the hardware demanded by NGSCB appears to be specific to Microsoft Windows. The TCPA/TCG hardware design is clearly not specific to any particular operating system. IBM researchers have recently published software under the GNU GPL to make a TCPA TPM chip work with the Linux kernel. This software is usable today to improve the security of cryptographic key storage on Linux-based systems running on hardware that supports TCPA.

Neither TCG nor NGSCB would itself inherently prevent users from using any particular operating system, program, or data file. And neither inherently requires or includes a mechanism to spy on users.
Where’s the problem?

It is clear that trusted computing hardware provides security benefits, if software is prepared to take advantage of it. But trusted computing has been received skeptically and remains controversial. Some of the controversy is based on misconceptions, but much of it is appropriate, since trusted computing systems fundamentally alter trust relationships. Legitimate concerns about trusted computing are not limited to one area, such as consumer privacy or copyright issues.

We have at least two serious concerns about trusted computing. First, existing designs are fundamentally flawed because they expose the public to new risks of anti-competitive and anti-consumer behavior. Second, manufacturers of particular “trusted” computers and components may secretly implement them incorrectly. We will discuss the first of these problems in greater detail here.

If we don’t continue to do our own due diligence on the new twists on this old crap, we will be the ultimate losers — as we lose all control of what we buy and how we can make use of it.

Advertisements

Comments on: "TPM Onboard – Trustworthy Computing and Intel Macs" (2)

  1. Problem is: anyone who doesn’t understand this just doesn’t care and thinks that us who do are just paranoid.

    Bunch of frogs 😦

  2. Yes, very sad indeed.

Comments are closed.

Tag Cloud

%d bloggers like this: