I have seen many threads on many forums. However none of them seem to be doing much to stop this enemy of freedom, and open source software called "trusted computing".

I'm more of a right hand man than a leader but I think that this is something that we need to take more seriously, and unite our efforts (if any) against it. I'm not talking about discussing it's possibilities at infinitum on this forum. We need to honestly find ways of fighting against it.

If Trusted computing comes into existence Ubuntu's very existence is in Jeopardy. Your computer will install only "trusted" software. Open source software will not fall into that category. Joe Blough programmer will not be able to create a new program in his home office because his software will not be usable because it will not be "trusted". Ubuntu would not exist if it weren't for people like Joe Blough programmer.

Please see these sites for further information.
http://www.againsttcpa.com/what-is-tcpa.html
http://www.lafkon.net/tc/

I don't believe that I'm over reacting to this. I think that most people are stuck in the apathy that our world lulls us into. Most only recognize the danger once it has a firm chomp on their hind sections. For open source software this can't happen.

I would very much like to know what Canonical would advise about this, also if some of you have started initiatives I would like to know about them.

I aggree, it should be stopped.

I agree, it must be stopped. It sensible to warn users about installing unsupported software, but actually preventing it is insane. Any company supporting this technology can say goodbye to my money.

I think this has been discussed before. But nevertheless, everyone save your computers now.
It is rather scary:shock:

Wait can someone please sum this down for me ? :lolflag:

NVM I get it now.

Wait if this is really the end for NIX, what about servers? I believe the majority of non UNIX and Windows servers run Linux.

No need to panic. TC and TPMs are just another form of DRM-like technology that can be circumvented. Besides if you read the TC specs, the specs require manufacturers to let users turn off and not use TPM or other TC measures.

More than anything I think TPMs and other TC ideas can actually be useful. For instance, with TPMs an admin in a corporate environment can tell if part of an OS has been tampered with. Also it lets admins to better lockdown systems already compromised.

Yes TC can be used for malicious anti-competitve purposes, but it does not have to. TC definitely will not spell the end of Unix. How can I be so sure? Well IBM and Sun are two members in the TC group, both are great supporters of open source and Unixes. It would go against their interests to kill off Linux or Unix or force their customers into undesirable situations.

Personally I think TC is a kind of backward idea, of trying to patch the problems of security by saying that the user is the problem. In a corporate setting, which is where TPMs/TC are used for, it might make sense. [Note to self: TPMs might be able to detect hypervisor exploits.] The problem is developers not designing programs in a better manner.

HOLY... Jeez, I must have been sleeping, I never even knew about TC.

Just read some up on it from wikipedia, and man that sounds incredibly dumb. I can't believe the leaders of all our major companies think this is a good idea... soon, you won't even own your computer. You'll lease it from the government geez. I will be keeping my old P4 now I think, I know its so old and dumb it can't ever limit what I want to do :D.

No need to panic. TC and TPMs are just another form of DRM-like technology that can be circumvented. Besides if you read the TC specs, the specs require manufacturers to let users turn off and not use TPM or other TC measures.

More than anything I think TPMs and other TC ideas can actually be useful. For instance, with TPMs an admin in a corporate environment can tell if part of an OS has been tampered with. Also it lets admins to better lockdown systems already compromised.

Yes TC can be used for malicious anti-competitve purposes, but it does not have to. TC definitely will not spell the end of Unix. How can I be so sure? Well IBM and Sun are two members in the TC group, both are great supporters of open source and Unixes. It would go against their interests to kill off Linux or Unix or force their customers into undesirable situations.

Personally I think TC is a kind of backward idea, of trying to patch the problems of security by saying that the user is the problem. In a corporate setting, which is where TPMs/TC are used for, it might make sense. [Note to self: TPMs might be able to detect hypervisor exploits.] The problem is developers not designing programs in a better manner.

I understand what you're saying and I hope you're right. I'm not willing to let this rest on mere hope though. This is a very real threat, and since it's the US that is forwarding this legislation it needs to be taken even more seriously.
I want to find out what can be done, we're battling against more money and power than any of us could make or have in 10,000 lifetimes. AS far as IBM and Sun are concerned they could just close the source to their respective Linux breeds and make them trusted. However at that point how much better would be than Microsoft? I know their are Gnu Licenses to consider in their instances but Money and Crisis have a way circumventing things.
Again, I'm not willing to let the freedom of the computing world rest merely on hope.

I understand what you're saying and I hope you're right. I'm not willing to let this rest on mere hope though. This is a very real threat, and since it's the US that is forwarding this legislation it needs to be taken even more seriously.
I want to find out what can be done, we're battling against more money and power than any of us could make or have in 10,000 lifetimes. AS far as IBM and Sun are concerned they could just close the source to their respective Linux breeds and make them trusted. However at that point how much better would be than Microsoft? I know their are Gnu Licenses to consider in their instances but Money and Crisis have a way circumventing things.
Again, I'm not willing to let the freedom of the computing world rest merely on hope.

I am glad that you are taking action. As I said TC is a misguided technology that has some good ideas but a messed up philosophy.

As for IBM and Sun, it does not make sense for them to close their versions. The reason is why IBM gave up OS/2 and other proprietary OS attempts. IBM sees an OS as a commodity, and a overally expense one at that. The expense comes from maintaining the OS by themselves. The truth is that modern OSes are too complex and too costly for a single corporation to effectively own (Microsoft is the exception, but its also the a company that is an exception for the entire software industry). By closing the source, IBM would need to maintain the cost of an OS by themselves. That would mean going back to a money-loosing strategy as with OS/2. And Solaris is not popular enough to warrant close sourcing it. If Sun closed sourced Solaris they would run the risk of getting run over by the more successful and adaptable Linux and BSDs.

Even if TC is not stopped, a call to action will keep TC members honest and give them enough pressure to keep TPM or TC technology as optional.

I'm sorry, I don't understand how this is going to work... is it going to be illegal to produce hardware without these chips or something? If not... how are manufacturers actually going to sell this restrictive hardware unless people buy it over normal hardware?

I have seen many threads on many forums. However none of them seem to be doing much to stop this enemy of freedom, and open source software called "trusted computing".

I'm more of a right hand man than a leader but I think that this is something that we need to take more seriously, and unite our efforts (if any) against it. I not talking about discussing it's possibilities at infinitum on this forum. We need to honestly find ways of fighting against it.

If Trusted computing comes into existence Ubuntu's very existence is in Jeopardy. Your computer will install only "trusted" software. Open source software will not fall into that category. Joe Blough programmer will not be able to create a new program in his home office because his software will not usable because it will not be "trusted". Ubuntu would not exist if it weren't for people like Joe Blough programmer.

Please see these sites for further information.
http://www.againsttcpa.com/what-is-tcpa.html
http://www.lafkon.net/tc/

I don't believe that I'm over reacting to this. I think that most people are stuck in the apathy that our world lulls us into. Most only recognize the danger once it has a firm chomp on their hind sections. For open source software this can't happen.

I would very much like to know what Canonical would advise about this, also if some of you have started initiatives I would like to know about them.

Ah that takes me back, I remember reading about the TCPA and all that garbage. At first people I talked to said, no no companies would do that... Yet here we are.

Take a look at some of "features" Vista offers.
http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.html

I don't know if they'd ever disable a device, but they can. You'd need a new graphics card and monitor to watch protected HD content or it would be downgraded. In the case of unprotected digital out, it will just not play protected music.

In terms of hardware with proprietary firmware issues, google tivoization.

http://www.defectivebydesign.org/

Campaign to get rid of DRM

Anyway, I'm not as worried considering implementations seem to stink. Look at HDVD and Blu-ray cracks. I'm waiting patiently for these companies to realize people don't want this (worst case I'll just get a darn set top box, than turn a PC, an open platform, into a locked down box. That got more expensive, heavier, and more power consuming due to this attempt to gain more control over what a user can and can't do.)

Anyway, the good TCPA did for me (compounded with what I had read about Longhorn, err Vista...) Helped me move to Linux. In fact the day I wiped my dual boot was with the sony rootkit debacle... I don't purchase copy protected CDs, but I was still pissed off at crap like that.

QUOTE from boy of destiny
I don't know if they'd ever disable a device, but they can. You'd need a new graphics card and monitor to watch protected HD content or it would be downgraded. In the case of unprotected digital out, it will just not play protected music.
end quote


I experienced this last night while trying to watch a legally rented Mission impossible III on my compaq laptop. It's running XP home and Windows Media player would not play it for this exact reason. Sorry I didn't screen shot it though I still could as proof. I had to play it using Real Player.

I have no intentions of doing anything illegal yet if I had no other players I wouldn't have been able to view the movie. AAAHHHHH!!! Yes this is a reason that I'm using Ubuntu, I just want to make sure that Ubuntu will not fall victim to this evil TCPA scheme that seems to have only one agenda>>> wipe out open source.

The Rockbox team is having trouble getting my mp3 player (Zen Vision M) working, and some are suspecting it's TC because it freaks if they change the text in *strings*

I'm sorry, I don't understand how this is going to work... is it going to be illegal to produce hardware without these chips or something? If not... how are manufacturers actually going to sell this restrictive hardware unless people buy it over normal hardware?

Well if you're building the box yourself, you can pick what mobo is in it. If you're buying a pre-built HP or Gateway or Dell, how are you supposed to know the mobo is evil? They either won't tell you, or they'll sell it as a "security" feature.

Originally Posted by kragen
I'm sorry, I don't understand how this is going to work... is it going to be illegal to produce hardware without these chips or something? If not... how are manufacturers actually going to sell this restrictive hardware unless people buy it over normal hardware?

From what I understand the answer is yes. It should the legislation be passed it would be illegal to sell or import any hardware that doesn't have a TPM (trusted module) on it in that particular country. So if this happens in the US it wouldn't matter if you built it yourself or not, any new mainboard, soundcard, vid card, you name it will need to have these TPM chips. The software then holds the encryption key and to break the encryption is illegal, if not near impossible anyway. On of the sites I first linked to quotes an encryption strength of 2048 bits.
Unless that site is wrong, this kind of technology needs to be fought against. I'm not an American but the technology sounds nearly unconstitutional perhaps it even is.

Does anyone know how the Leadership of Ubuntu and Canonical feel about this technology? I can't imagine that it's being ignored like an ostrich with its head in the ground. I'm asking this question because I'm trying to figure out how to best direct my efforts. No sense re-inventing the wheel as they say.

Here is the website for the TCPA
https://www.trustedcomputinggroup.org/specs/
Take a gander, they are for real and they mean to see it through.

Their members list
https://www.trustedcomputinggroup.org/about/members/

A very interesting list containing different companies and the different names they give for the same technology
http://en.wikipedia.org/wiki/Trusted_Computing_Group

Some of the newer Dell machines have TCM's embedded in them. You can slide over to the Dell Ideastorm site and register your opinion on DRM and TCM.

http://www.ideastorm.com/article/show/66260/No_TPM

Some of the newer Dell machines have TCM's embedded in them. You can slide over to the Dell Ideastorm site and register your opinion on DRM and TCM.

http://www.ideastorm.com/article/show/66260/No_TPM

Thanks Daveski,
I just registered at IdeaStorm and created an Idea that I believe is one step better.
http://www.ideastorm.com/article/show/67515/No_TPM_Chips_at_all

If anyone who reads this thread agrees that TPM chips need to disappear please vote for this and pass it around to everyone you know.

Will do.

I understand what you're saying and I hope you're right. I'm not willing to let this rest on mere hope though. This is a very real threat, and since it's the US that is forwarding this legislation it needs to be taken even more seriously.


The EU will crap all over this. No way will they allow this to happen. Ironic that America prides itself on freedom yet it is the most controlled countries in the "free" world. And now they want to introduce yet more lockdowns. Interesting use of the word free.

You know there is a TCP module in the linux kernel right? it's been there for a while. you don't have to use it, in fact most people don't so it remains dormant or not compiled. but the option is there.

The difference with linux though is that the hardware security prevision is in the hands of the user, not a business in redmond.

You know there is a TCP module in the linux kernel right? it's been there for a while. you don't have to use it, in fact most people don't so it remains dormant or not compiled. but the option is there.

The difference with linux though is that the hardware security prevision is in the hands of the user, not a business in redmond.

That is very interesting, no I didn't realize that. I'm not entirely suprised though. There is still much I need to learn about this. I do know one thing though; the first time I heard of trusted computing and what it intended to do it opened my eyes to where the large money making corporations were trying to take things. I still believe that trusted computing has less to do with security and more to do monopolies and limiting your choices.

This is from my dell ideastorm post.


It is more than possible that a computer that has the user over ride engaged to enable it to run software that is "not trusted" could be blocked from important web sites or from engaging in other critical activities. In this scenario it would be virtually useless to run software that is not trusted.


I can very easilly see this happening. It's kind of like they would say, OK you want to play by your rules? Fine then every time you try to access your online banking we won't let you because you aren't running trusted software. It would be so easy for them to do this.

I can very easilly see this happening. It's kind of like they would say, OK you want to play by your rules? Fine then every time you try to access your online banking we won't let you because you aren't running trusted software. It would be so easy for them to do this.

Hmm... Assuming that TPMs are used to do TC stuff, I understand that is this would be difficult (if not impossible) for banks to do to customers. TPM's "verification" method depends on what a combined signature of the platform (both hardware and software) and that of an EK (endorsement key, an RSA private/public key pair). In the case of a private company ordering TPMed laptops/desktops/servers, the IT department can easily keep track of what of hardward, software and public EKs, the machines do. For a bank to do the same for its customers, it would need to practically register their customers' machines. Can you see your bank, asking you to bring in your computer to register it just to use their website? Wonder what their competitors would do to attract the first bank's disgruntled customers?

Anyways, I recommend the following whitepaper about how TPMs work:
http://http://www.intel.com/design/mobile/platform/downloads/Trusted_Platform_Module_White_Paper.pdf (http://www.intel.com/design/mobile/platform/downloads/Trusted_Platform_Module_White_Paper.pdf)

I'll take a gander, but if your basing your beliefs on a kind of benefit of the doubt be very careful. Many liberties have been violated in name of security in other areas of life. Just look at 911 for a recent example. What is more precious to a bank than security? I dare say nothing except money. At any rate, if you don't like online banking as an example that's fine, it was just an example (though I'm not entirely sure you're right). If TPM's become full blown in all their glory I would love nothing more than to eat crow because I was wrong about it. The truth is no one really knows, I do know that if everyone just sits back and waits to see what will happen we will likely be worse off for it.

Once a technology like this is in place all that is needed to revoke our freedom is some sort of large scale crisis.

Hmm... Assuming that TPMs are used to do TC stuff, I understand that is this would be difficult (if not impossible) for banks to do to customers. TPM's "verification" method depends on what a combined signature of the platform (both hardware and software) and that of an EK (endorsement key, an RSA private/public key pair). In the case of a private company ordering TPMed laptops/desktops/servers, the IT department can easily keep track of what of hardward, software and public EKs, the machines do. For a bank to do the same for its customers, it would need to practically register their customers' machines. Can you see your bank, asking you to bring in your computer to register it just to use their website? Wonder what their competitors would do to attract the first bank's disgruntled customers?



Lets play with this idea for a bit.
Why would it be so hard for TPM's to be used like this.

You want to do online banking
You launch web browser on a non trusted computer
Banks server authenticates only with trusted software on properly trusted computer system
You are turned away

This quote comes from http://www.againsttcpa.com/what-is-tcpa.html

The bills:
In the USA there's a planed bill, the so called CBDPTA (Consumer Broadband and Digital Television Promotion Act). First it was callen SSSCA (Security Systems Standards and Certification Act). The new name reads much more harmless. Looks like the first name made it too easy to discover the purpose of this bill.
This bill plans to legally force secure (TCPA-conform) systems. So in the USA it would then not be allowed to buy or sell systems that are not TCPA-conform. Passing this law would be punished with up to 5 years of prision and up to $500.000 fine. The same would apply for development of "open" software. Open means that it would work on systems that're not TCPA-conform.
Even if this bill would only valid in the USA it would have catastrophically effects worldwide. Because US companies are not allowed to develop and sell "unsecure" software, others would have to jump onto the TCP-train, so they would give total control over themself to the TCPA (USA?), or they would have to live completely without software and harware from US-companies. No Windows, Solaris, MacOS, Photoshop, Winamp or to say it short: The largest part of all software that's used on this planet would not be usable.

I don't see why it would be very hard at all for banks to turn customers away if a bill like the one above would be passed. I think they would have to comply with the law and do it out of obligation.

Hmm... Assuming that TPMs are used to do TC stuff, I understand that is this would be difficult (if not impossible) for banks to do to customers. TPM's "verification" method depends on what a combined signature of the platform (both hardware and software) and that of an EK (endorsement key, an RSA private/public key pair). In the case of a private company ordering TPMed laptops/desktops/servers, the IT department can easily keep track of what of hardward, software and public EKs, the machines do. For a bank to do the same for its customers, it would need to practically register their customers' machines. Can you see your bank, asking you to bring in your computer to register it just to use their website? Wonder what their competitors would do to attract the first bank's disgruntled customers?

Anyways, I recommend the following whitepaper about how TPMs work:
http://http://www.intel.com/design/mobile/platform/downloads/Trusted_Platform_Module_White_Paper.pdf (http://www.intel.com/design/mobile/platform/downloads/Trusted_Platform_Module_White_Paper.pdf)

If you look at page 14 of the Document I think a banks server would only have to look for your conformance certificate, if your running trusted software on trusted hardware you will have one. If you're not properly trusted you won't have one. A web browser will likely have in it's encryption key information about your whether or not your system has this certificate.

I'm not a programmer but why couldn't it work like that?

Maybe this is a stupid question but from skimming through the (little biased?)docs about TC I understand it prevents you to use unauthorized hardware or software.

So what If your a programmer and make a little program to do some stuff for you? Wouldn't you be able to run your own program? That is just too ridiculous to be true, it can't be true. How are developers supposed to test their software if they have to authorize it with TC every time?

To get an idea on what Trusted Computing is all about take a look at game consoles. They are nothing more than a PC where "Trusted Computing" has been turned on to allow only software approved by the manufacturer to run, and where a developer has to license the right to have software run of the platform. This effectively eliminates the small players from the platform.

Trusted Computing becomes Treacherous Computing when the owner of the device is not trusted as in the game console example above and when it is used to enforce DRM, but it can be very useful as a security tool if the owner is trusted for example to prevent the installation of malware etc. Windows Vista when combined with Treacherous Computing is a huge threat.

The best defense against Treacherous Computing is the widespread use of free (as in speech software) especially if major parts of it becomes licensed under the proposed GPL v3.

Maybe this is a stupid question but from skimming through the (little biased?)docs about TC I understand it prevents you to use unauthorized hardware or software.

So what If your a programmer and make a little program to do some stuff for you? Wouldn't you be able to run your own program? That is just too ridiculous to be true, it can't be true. How are developers supposed to test their software if they have to authorize it with TC every time?

First keep in mind that although the site is clearly biased it may be 100% correct. The truth is always biased not political and it can sometimes be very inconvenient.

Second I read it the same way, Untrusted software wouldn't install on hardware with TPM chips. However I've seen some possibility that the TPM chips could have user control in the BIOS with an enable/disable switch. This would still cause a segregation of the software though. What makes this difficult to predict is that the rules for TPM will be made up as we go along. Will that developing bill ever be passed who knows? Will it be abused who knows.

I have learned this much in life though. Money and power corrupts, the threat of competition will cause the one in control to want to remove the competition. Competition means less money, less money= unhappy stock holders. It's a vicious cycle, capitalism has it's benefits but it's not perfect.

I found another site about this. It's a long read but has some interesting things to say. The author is Ross Anderson, and he seems to know what he's talking about.

http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

I'm assuming there is information available on this subject that does not originate from the "Anti-TC" camp? I strongly suspect if both sides are looked at, you'll find it's not nearly as dire as the sites referenced so far want to make it sound. Not that I'm a fan of the idea, but I am also not a fan of presenting only one side of an issue when attempting to have a real discussion.

I'm assuming there is information available on this subject that does not originate from the "Anti-TC" camp? I strongly suspect if both sides are looked at, you'll find it's not nearly as dire as the sites referenced so far want to make it sound. Not that I'm a fan of the idea, but I am also not a fan of presenting only one side of an issue when attempting to have a real discussion.

The trouble with presenting the Pro TC side of things is that their immediate plans are not entirely bad. Remember that it's the long term you need to look at with this technology. I would illustrate this with the frog in water experiment. I don't condone this or know if it's true but here goes;
I you place a frog in warm water and slowly heat the water to a boil the frog won't jump out when the water gets too hot. It's likely that we will be the frogs and the water may seem very pleasant at first. If you read Ross Andersons article it doesn't seem like we will have any freedom to choose eventually.

My second point would be this. You must realize that in the big world of corporate business hidden agendas rule the day. You won't find and article outlining all the plans that Microsoft, IBM, Intel and others have for TC. It would be like a thief telling you when he plans to rob your home.

edit;
A third point would be that Richard Stallman and Mr. Anderson would be considered experts in the world of software. Although they are clearly in the Anti TC camp you must ask the question "what if they are 100% correct?" If they are does it matter what you read from the pro TC camp? I understand your point about only presenting one side. I guess I would remind you though that 2 of the sites listed come from experts with credentials.

Richard Stallman's thoughts about TC
http://www.gnu.org/philosophy/can-you-trust.html

Excerpt from Richard Stallman's essay "can you trust your computer"


There are proposals already for US laws that would require all computers to support treacherous computing, and to prohibit connecting old computers to the Internet. The CBDTPA (we call it the Consume But Don't Try Programming Act) is one of them. But even if they don't legally force you to switch to treacherous computing, the pressure to accept it may be enormous. Today people often use Word format for communication, although this causes several sorts of problems (see “We Can Put an End to Word Attachments”). If only a treacherous computing machine can read the latest Word documents, many people will switch to it, if they view the situation only in terms of individual action (take it or leave it). To oppose treacherous computing, we must join together and confront the situation as a collective choice.

Good morning friends,

I searched our forum and found very few threads that really dealt with taking action against trusted computing. This subject should be near and dear to all our hearts. Even if years from now we all just look back and laugh, I'm taking the standpoint that I would rather take action than sit back and let it play out in the hands of others.

Where are the comments of Ubuntu staff, forum moderators, long time linux users? Rip me, praise me, but I don't see this as a subject to be ignored. If Richard Stallman and Ross Anderson are correct about this and we could have done something about it we will all be the lesser for our apathy.

This is going to be the last post I make on this subject until I feel that there are some interested and willing people work with.

To those who feel that TC can't be all that bad I have this to say,
You need to recognize that your freedom is under attack. Don't assume that the plans of corporate america have any of your best interests at heart. They want to make money and control you. Do I sound like an "alarmist" sure I do, should those who see potential danger keep quite? If you want to put a label on me go ahead, I'm doing what I feel needs to be done and I will tell anyone who will listen. Sitting back and putting your trust in the hands of money driven corporations is no way to respond. Although the situation isn't that serious yet it could get there. It's that potential for danger that needs to responded to.

Those who are planning the future of TC will not tell you the whole story, why would they? If you want proof of the future plans just look at the bills being planned in the US. That should tell you that their plans are not warm and fuzzy. They want to lock your computer down to be able to do only what they want it to do.

I'm very much surprised by sense of invincibility that seems to be here. The time is upon you to take action, Gnu/Linux will not be immune.

Thank you very much SonicSteve for taking the time to inform us and for trying to engage us on this important issue. I usually do not comment very much and do more reading in the Cafe forum, but I feel I just have to agree with you that we have to do something about TC. We can't just let it go on in the path it is taking without riling ourselves up a bit and determining to fight this. I also hope that this is not your last post in this thread because you are concerned that there is not enough interest; I want you to know that there is indeed a lot of interest on my part as well as others, so please continue to provide your valuable input.

I have been looking at this for a while and I also encountered some of the articles that SonicSteve pointed us to. I have been toying with the idea of having a website designed to assist people in spreading the word about freedom of choice with regard to the digital era.

Here is a short page about DRM, TPM and TC with links to the best places that I found.

http://freedomandchoice.info/DRM.html

I have been looking at this for a while and I also encountered some of the articles that SonicSteve pointed us to. I have been toying with the idea of having a website designed to assist people in spreading the word about freedom of choice with regard to the digital era.

Here is a short page about DRM, TPM and TC with links to the best places that I found.

http://freedomandchoice.info/DRM.html

I've been bouncing this idea around myself. I'm currently working on a top 10 list of ways to help. Why 10? People seem to like them.
1. support the Free software foundation
2. support the Electronic frontier foundation
3. use only "free" software, freedom sense not beer sense.
4. Don't use hardware with TPM on it.
5. Send a letter, to help stop any threatening bills (or whatever they may be in your country)
6. Make a signature on your forums like I did. It's simple and follows you everywhere, and costs nothing but a few minutes of time.
7. spread the word

8-10? need help

I found another site about this. It's a long read but has some interesting things to say. The author is Ross Anderson, and he seems to know what he's talking about.

http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

Seems to know. But then you might also be interested in the IBM rebuttal of that article, available here (http://domino.research.ibm.com/comm/research_projects.nsf/pages/gsal.TCG.html/$FILE/tcpa_rebuttal.pdf). More IBM material at:

http://domino.research.ibm.com/comm/research_projects.nsf/pages/gsal.TCG.html

Nope, I don't like Trusted Computing either. But it's just not that black and white.

The TrouSerS FAQ is an interesting read about "good" uses of the TPM: http://trousers.sourceforge.net/faq.html

The Trusted Platform Module does not, and can not, control execution. So if something runs without the TPM it will continue to run just fine with it too.

And that's actually the problem with it too. The "Trusted" computers can do everything non-trusted computers can. There's no reason whatsoever to buy a computer without the TPM chip.

The computers with the TPM can do everything old computers can do, but they also have the extra ability to go to a "handcuff" mode when needed. Say, when you want to watch the latest Hollywood blockbuster, or connect to a network that uses the "Trusted Network Connect".

Now, all new computers include the TPM. Most laptops have included them for a while now. In a few years some 95 % of computers have them. And that's when they start pushing "trusted" content.

First it'll probably be just used in corporate networks. But then, Hollywood will start pushing movies in a "Trusted" format. Then, the music industry. Then, everyone else.

That's still a few years away. It has to be stopped now.

I agree with you sonicsteve. I think TC is extremely retarded and there are alot more ways to actually block content that owners don't want to be exposed. But as you can see its Microsoft that you are talking about. Ever since Steve Jobs released his first Apple computer, Bill wanted it and thats what he did.. he worked for steve and robbed him. If you need proof please feel free to watch 'Pirates of Silicon Valley' on google video for free :).

Seems to know. But then you might also be interested in the IBM rebuttal of that article, available here (http://domino.research.ibm.com/comm/research_projects.nsf/pages/gsal.TCG.html/$FILE/tcpa_rebuttal.pdf). More IBM material at:

http://domino.research.ibm.com/comm/research_projects.nsf/pages/gsal.TCG.html

Nope, I don't like Trusted Computing either. But it's just not that black and white.

The TrouSerS FAQ is an interesting read about "good" uses of the TPM: http://trousers.sourceforge.net/faq.html

The Trusted Platform Module does not, and can not, control execution. So if something runs without the TPM it will continue to run just fine with it too.

And that's actually the problem with it too. The "Trusted" computers can do everything non-trusted computers can. There's no reason whatsoever to buy a computer without the TPM chip.

The computers with the TPM can do everything old computers can do, but they also have the extra ability to go to a "handcuff" mode when needed. Say, when you want to watch the latest Hollywood blockbuster, or connect to a network that uses the "Trusted Network Connect".

Now, all new computers include the TPM. Most laptops have included them for a while now. In a few years some 95 % of computers have them. And that's when they start pushing "trusted" content.

First it'll probably be just used in corporate networks. But then, Hollywood will start pushing movies in a "Trusted" format. Then, the music industry. Then, everyone else.

That's still a few years away. It has to be stopped now.

OK there's quite a bit to digest here, I'll read over the article from IBM tomorrow. You'll have to forgive me if I don't entirely "trust" them though. They like microsoft and sun, and others are founders of the technology.
I'll post when I've had a chance to really look this all over.

Seems to know. But then you might also be interested in the IBM rebuttal of that article, available here (http://domino.research.ibm.com/comm/research_projects.nsf/pages/gsal.TCG.html/$FILE/tcpa_rebuttal.pdf). More IBM material at:

http://domino.research.ibm.com/comm/research_projects.nsf/pages/gsal.TCG.html

Nope, I don't like Trusted Computing either. But it's just not that black and white.

The TrouSerS FAQ is an interesting read about "good" uses of the TPM: http://trousers.sourceforge.net/faq.html

The Trusted Platform Module does not, and can not, control execution. So if something runs without the TPM it will continue to run just fine with it too.

And that's actually the problem with it too. The "Trusted" computers can do everything non-trusted computers can. There's no reason whatsoever to buy a computer without the TPM chip.

The computers with the TPM can do everything old computers can do, but they also have the extra ability to go to a "handcuff" mode when needed. Say, when you want to watch the latest Hollywood blockbuster, or connect to a network that uses the "Trusted Network Connect".

Now, all new computers include the TPM. Most laptops have included them for a while now. In a few years some 95 % of computers have them. And that's when they start pushing "trusted" content.

First it'll probably be just used in corporate networks. But then, Hollywood will start pushing movies in a "Trusted" format. Then, the music industry. Then, everyone else.

That's still a few years away. It has to be stopped now.

Yes this murkifies things ( I like inventing words). Here is one problem I've been encountering while trying to get to the bottom of this.
1. The CBDTPA bill was defeated in 2002-2003, easy math about 5 years ago.
2. Ross's article was written in 2003, 4 years ago
3. Richard Stallman is one of the few who has updated his information

All this makes me ask the question where are things now?
There was definately a movement afoot to lock computers down in 2002 with the CBDTPA bill. I would stake my life that the movement is still alive somewhere.
From what I can see "trusted computing" offers a few possible benefits for encrypting data which the general public really doesn't need. It also could very much be used for proprietary lockdown though. It will depend on how prevalent "trusted" software becomes. Proprietary codecs and file types are the best examples of future trouble in this realm. TPM's may not be able to "control execution" but they don't need to. It would be very easy to make programs that will only play or view these file types on a trusted platform. If the computer isn't running as trusted the program will know it and likely refuse you. You know that Hollywood wants this, and is working tirelessly to do it.

I think where this gets really murky is that it seems that TPM can be used to enhance the lockdown of DRM. VISTA is full of it. I read an article last week about how there are very few Video cards that have proper drivers that will allow you to watch HD in full HD quality because of DRM. I forget why the other cards are locked out. They were capable but locked out.

What we really need is a full blown expert to help with this. Between getting half the information and much of it being 4-5 years old it gets very hard to speak with utter certainty.

I have to say that I haven't read all this nor digested what I have read but there is some good stuff here.

http://www.eff.org/IP/fairuse/

A very good article on Trusted Computing.

http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

Helen

This is SO serious... this is the beginning of a new world opression.. Nazi germany wasnt to long in the past, and it doesnt matter what countryś were talking about- this is a far reach from impossible.

Why dont people get pissed and stop being so complacent about issues like this? This, along with many other things threaten us all!

stop them!

stop them!

Its not even that simple. People saying stop them wont help. Its so overwhelming that I dont even know where to begin. If you dedicate your efforts to one movement, you sacrifice your involvement in another! So overwhelming- and the depressing part shows that mankind ALWAYS fails in stopping these things; it takes the system suceeding to eventually create its downfall...

I read about this some time ago, I agree that while it may have its uses, the possibility to abuse it in favour of market dominance and control is not something of conspiracy theories or unfounded.

There is no doubt that at some point 'premium' content and products will require authentication etc..

I don't feel comfortable with it, it's like a back door.

Also, how will it work with users who disable this technology or don't want it, will it void their warranty etc... ?

I read about this some time ago, I agree that while it may have its uses, the possibility to abuse it in favour of market dominance and control is not something of conspiracy theories or unfounded.

There is no doubt that at some point 'premium' content and products will require authentication etc..

I don't feel comfortable with it, it's like a back door.

Also, how will it work with users who disable this technology or don't want it, will it void their warranty etc... ?

Yeah, and the implications go across the board. Just think what this could do to Linux- I know that life isnt based off of Linux, but it definitely is nice having an OS that puts YOU at the forefront of concern, rather than there wallets. Linux as of now is far more secure than Windows will be even with all this TC crap, so the whole security buzz is largely a BS story. Linux already has a hard time keeping up with the constantly evolving formats that continue to be made, but going this far would effectively seperate Linux and Windows completely. This is not to be construed as being a good thing. Linux HAS to be compatible in a Windows dominant world, and with this TC crap they could effectively eliminate Samba, Mono, Ooo compatibility etc just with remote attestation.

Sure, owners could "turn it off," but the following problems exist there:

1) Most people would be to ignorant of the situation to do this
2) Even if they wanted to, what about this premium content? What about files that use remote attestation to block Linux or other OS users from reading the file? What about websites that will refuse service unless the software/hardware falls under the "Trusted Computing Group?" What about the dominant monopoly's that will be formed in the process, literally forcing users to use what software they deem worthy of being on the list (OSS)? Think of all the dirty under-table deals that will happen to ensure certain placements on the list.

This is a disastor of ungodly proportions! They could censor the websites you visit because 'they' (the wealthy business interest) dont like the content and how it affects there business, or the elections of politicians they prefer. Were talking the literal control of one of the biggest avenues of free speech and free information, leading to the most massive attempt to manipulate and control the human thought process.

sigh... im not trying to blow things out of proportion, but this could not only destroy any existence of Linux, but alot of other things. Whats being done to combat this?? Does anyone else see the urgency here?:confused:

They could censor the websites you visit because 'they' (the wealthy business interest) dont like the content and how it affects there business, or the elections of politicians they prefer. Were talking the literal control of one of the biggest avenues of free speech and free information, leading to the most massive attempt to manipulate and control the human thought process.

And this of course is already the case in the media/politics world. So TC would merely be yet another tool that can be used and abused to achieve censorship or dominance.

As was pointed out earlier, it is human nature, to abuse unchecked power, TC can become such unchecked power especially if certain hardware and software manufacturers agree to work together on TC.

I think it's going to be like the gaming consoles. You will have to mod your hardware to get rid of TC and if you do so you loose warranty.

I don't see why things could not develop in such a direction, anyone?

And this of course is already the case in the media/politics world. So TC would merely be yet another tool that can be used and abused to achieve censorship or dominance.

As was pointed out earlier, it is human nature, to abuse unchecked power, TC can become such unchecked power especially if certain hardware and software manufacturers agree to work together on TC.

I think it's going to be like the gaming consoles. You will have to mod your hardware to get rid of TC and if you do so you loose warranty.

I don't see why things should not develop in such a direction, anyone?

Do you mean that is SHOULD develop in this direction because its good, or it SHOULD because this is the natural progression of greed? The ladder I agree with. Its a shame that this will happen midswing in my lifetime- that will only make it worse for our children.

Well, this seems to cast a big cloud over Linux.. thats for sure. Once this TC crap gets going full swing, it will essentially be illegal to use our OS. And even if it isnt, it will censor the internet in the way that the government wants. What does this do to virtualization? I mean, seriously, this is depressing. :(

So much for getting a job in the Linux world. At best, Linux will become as controlled and advertising based as Windows, and at worst it wont be at all.

A common misconception regarding TPM-enabled computers is that it would require all software to have a license from the TCG or some other central body. In reality, the owner of a TPM-enabled system has complete control over what software does and doesn't run on their system. This does include the possibility that a system owner would choose to run a version of an operating system that refuses to load unsigned or unlicensed software, but those restrictions would have to be enforced by the operating system and not by the TCG technology.

Also i don't think Dell would be offering Linux and FreeDOS if they didn't want people to run software such as Linux

Do you mean that is SHOULD develop in this direction because its good, or it SHOULD because this is the natural progression of greed? The ladder I agree with. Its a shame that this will happen midswing in my lifetime- that will only make it worse for our children.

Well, this seems to cast a big cloud over Linux.. thats for sure. Once this TC crap gets going full swing, it will essentially be illegal to use our OS. And even if it isnt, it will censor the internet in the way that the government wants. What does this do to virtualization? I mean, seriously, this is depressing. :(

So much for getting a job in the Linux world. At best, Linux will become as controlled and advertising based as Windows, and at worst it wont be at all.

Sorry, I meant I don't see why things could not develop in such a direction :)

Also i don't think Dell would be offering Linux and FreeDOS if they didn't want people to run software such as Linux

For the start, yeah that would be the case (Linux would be legal and fine). This would of course still cut the pool of files/media we have to share by 90% almost immediately (because the MS house would be controlled by TC), but yes thats right to start off.

Until they change it (You see the headlines: "Linux is a plague- it allows theives and bad people to circumvent the rules law abiding computer users follow")! And you know, in mans never ending quest for greed, he will change it!

Dont forget the censoring of websites unless youre running trusted software (and even if you are on a 'trusted computer'). Well see how the linux world is with all the websites refusing it. Well see how the Linux world is when every document is in some format that only a 'trusted computer' can read. We will be in shambles, and thats exactly what MS wants...

Sorry, I meant I don't see why things could not develop in such a direction :)

I WISH you were wrong, but yeah, I agree with you. Thats what scares me so much.

The internet is the best place for a free exhange of information (hence this being the information age). Ideas, wrong or right, good or bad, can be analyzed and exchanged between all of us, regaurdless of who likes it or who doesnt. It connects the world, and allows someone in india to show the truth about a subject to someone in the US or Russia or a million other places. To put this body of free thought that has so effeciently allowed the world to WORK TOGETHER towards a COMMON GOAL in the control of a Trusted Computing Group is to DESTROY it.

Man, were talking about the reversal of human evolution!

I have read the FAQs from https://www.trustedcomputinggroup.org/faq/TPMFAQ/ and I really don't see the threat here.

Can anyone from Canonical make a comment on this? Has anyone tried asking them? Or is this nothing more than opinions?

I have read the FAQs from https://www.trustedcomputinggroup.org/faq/TPMFAQ/ and I really don't see the threat here.

Indeed. There are some excellent examples of how this technology can be used for good things - but also there are many reasons that people DO see threats.

Here is another good FAQ:
http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

i think all software is trusted and supported by someone/something

so this movement really needs to be stopped its not a companies/the govt/anyone elses, job to tell me what i can and cant have on my property

its not a companies/the govt/anyone elses, job to tell me what i can and cant have on my property

They're not telling what to do.

The TPM (Trusted Platform Module) is a device to aid data protection for the user. It supports Linux (TPM is non-discriminatory) and can be turned off in the BIOS.

Here is a quote from: http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

1. What is TC - this `trusted computing' business?

The Trusted Computing Group (TCG) is an alliance of Microsoft, Intel, IBM, HP and AMD which promotes a standard for a `more secure' PC. Their definition of `security' is controversial; machines built according to their specification will be more trustworthy from the point of view of software vendors and the content industry, but will be less trustworthy from the point of view of their owners. In effect, the TCG specification will transfer the ultimate control of your PC from you to whoever wrote the software it happens to be running. (Yes, even more so than at present.)

Controversial? For the suspicious mind perhaps. And this quote is not official, therefore is only an opinion.

Now I'm thinking more about it, this whole thread could be trolling.

They're not telling what to do.

The TPM (Trusted Platform Module) is a device to aid data protection for the user. It supports Linux (TPM is non-discriminatory) and can be turned off in the BIOS.

Here is a quote from: http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html


Controversial? For the suspicious mind perhaps. And this quote is not official, therefore is only an opinion.

Now I'm thinking more about it, this whole thread could be trolling.

its companies and corrupt people, they can be paid to stop certain things from being used, i dont think so, id disable this in a heart beat

its companies and corrupt people, they can be paid to stop certain things from being used, i dont think so, id disable this in a heart beat

Companies are VERY different from governments though. Companies have competitors - governments don't. That's a fundamental difference. Also companies are not necessarily on each other's side. Do you think that Microsoft wouldn't stop Dell supporting Linux the way it is if it could? What is in the interests of Dell is not always in the interest of Microsoft so they always have to compromise. It is in this conflict of interests BETWEEN companies that the interests of the customer are served by the market. This whole aspect is being left out of this thread. People seem to be viewing companies as if they are all powerful governments.

The most absurd example though is probably Sony which is both a record label and a manufacturer of hardware that can be used to bypass intellectual property in music, yet somehow it serves these two contradictory masters.

We have now even seen EMI and Universal Music Group no less offering DRM free music due to consumer demand. I know people who would be willing to pay for music but prefer to download it illegally instead because of DRM. Companies are not all powerful, their very existence depends on fulfilling demand.


From the quote,

"In effect, the TCG specification will transfer the ultimate control of your PC from you to whoever wrote the software it happens to be running. (Yes, even more so than at present.)"

In other words companies COULD use this technology to completely shoot themselves in the foot and lower their market share and profits. Note that "the software it happens to be running on" could be Linux or BSD. If Microsoft really wants to use this technology to cripple their operating systems by removing features currently enjoyed by their consumers that could be the best thing that ever happened to Linux. Nobody here seems to be seeing it in that way.

The problem only arises if the GOVERNMENT makes these technologies compulsory rather than a choice. The technology cannot even prevent pirated music and video because of the existence of the "analog hole".

Companies should be allowed to do whatever they wish provided there is competition. When you analyse problems that present real challenges to freedom you always end up with governments being responsible.

They MUST BE STOPPED!
And I think I will be keeping my computer. :)
EDIT: If it can be turned off I don't think it is a big problem, but if not...

Wouldn't this (Trusted Computing) be unconstitutional in the US?

From the second FAQ:


18. Ugh. What else?

TC will undermine the General Public License (GPL), under which many free and open source software products are distributed. The GPL is designed to prevent the fruits of communal voluntary labour being hijacked by private companies for profit. Anyone can use and modify software distributed under this licence, but if you distribute a modified copy, you must make it available to the world, together with the source code so that other people can make subsequent modifications of their own.

IBM and HP have apparently started work on a TC-enhanced version of GNU/linux. This will involve tidying up the code and removing a number of features. To get an evaluation certificate acceptable to TCG, the sponsor will then have to submit the pruned code to an evaluation lab, together with a mass of documentation showing why various known attacks on the code don't work. (The evaluation is at level EAL3 - expensive enough to keep out the free software community, yet lax enough for most commercial software vendors to have a chance to get their lousy code through.) Although the modified program will be covered by the GPL, and the source code will be free to everyone, it will not work in the TC ecosystem unless you have a certificate for it that is specific to the Fritz chip on your own machine. That is what will cost you money (if not at first, then eventually).

You will still be free to make modifications to the modified code, but you won't be able to get a certificate that gets you into the shiny new TC world. Something similar happens with the linux supplied by Sony for the Playstation 2; the console's copy protection mechanisms prevent you from running an altered binary, and from using a number of the hardware features. Even if a philanthropist does a not-for-profit secure GNU/linux, the resulting product would not really be a GPL version of a TC operating system, but a proprietary operating system that the philanthropist could give away free. (There is still the question of who would pay for the user certificates.)

People believed that the GPL made it impossible for a company to come along and steal code that was the result of community effort. This helped make people willing to give up their spare time to write free software for the communal benefit. But TC changes that. Once the majority of PCs on the market are TC-enabled, the GPL won't work as intended. The benefit for Microsoft is not that this will destroy free software directly. The point is this: once people realise that even GPL'led software can be hijacked for commercial purposes, idealistic young programmers will be much less motivated to write free software.

Ugh indeed.

If computers did this, then I would go back to using pencil and paper and other things.

If computers did this, then I would go back to using pencil and paper and other things.

I probably would too (until they release TC enabled paper).

That stuff about defeating the GPL is shocking. Presumably a new version of the GPL would be written to counter this, as has happened with v3 of it, but that of course relies on various free software projects changing their license.

I remain hopeful that the majority of computer users will simply not accept this technology. If they do, then I'm with smartboyathome.

-1 from me for Trusted Computing. :(

To those of you who talk about TC being used for good things, since when has any corporate entity given a crap about your personal well-being or personal experience? They do it for one reason and one reason alone: greed.

To think otherwise would be no different then an ostrich burying his head in sand when he feels threatened.

They will take the computer out of your hands and put it in theirs- thats how they make money.

Well, I hate this chip but software is just software....:(

TPM manager for Linux...

http://www.sirrix.com/content/pages/tpm%20manager.htm

http://www.emscb.com/content/messages/52851.htm

I also believe that work is done with AppArmor and TPM support.
http://www.linux-foundation.org/en/Linux_Weather_Forecast/security

People are dumb.
Excuse my cynicism but it's true.

The average person DOESN'T care and when you bring certain things to their attention they might even attack you, accuse you of being a propagandist etc.
And I'm not just atlking about technology, anything of relevance fits this pattern.

The screws have been steadily tightening on the PC platform, led by Microsoft and their interest in DRM.
Linux/*BSD can run on many things. I just hope there are alternatives when all hardware becomes unnaceptable to me.

Is is possible to control this damned chip ?

Specs
https://www.trustedcomputinggroup.org/groups/tpm/

This can also be an advantage for Linux if a user can
safely disable TPM functions.

In the hands of MS-Redmond and the industry, regimes with no scruples this chip for sure is 100% evil...

So I believe its important with more facts and knowledge from
open source developers !

Is is possible to control this damned chip ?



This can also be an advantage for Linux if a user can
safely disable TPM functions.


lsmod | grep tpm

to check if there "tpm" kernel module is running


sudo rmmod tpm to stop it (name may differ, and multiple modules may exist), and add the module(s) to /etc/modprobe.d/blacklist to permanently disable support.

lsmod | grep tpm

to check if there "tpm" kernel module is running


sudo rmmod tpm to stop it (name may differ, and multiple modules may exist), and add the module(s) to /etc/modprobe.d/blacklist to permanently disable support.

Well....:)

I knows that but within this chip you have "evil functions" and is it possible to manipulate for a "big brother" or industry which wants to protect content ?

The key issue must be a 100% user control except within corporate environments where a management controls it (must be so).

lsmod | grep tpm

to check if there "tpm" kernel module is running


sudo rmmod tpm to stop it (name may differ, and multiple modules may exist), and add the module(s) to /etc/modprobe.d/blacklist to permanently disable support.

Wow dude, thanks for that. I knew it was in the mobo, but I didnt think it was active. This is what was returned:

tpm_infineon 11836 0
tpm 19616 1 tpm_infineon
tpm_bios 9856 1 tpm


So, I rmmod'ed all of them, and returned no results.

I added the following to /etc/modprobe.d/blacklist:


#tpm crap
blacklist tpm_infineon
blacklist tpm
blacklist tpm_bios
This look right? I dont wont that crap running at all :mad:

Well....:)

I knows that but within this chip you have "evil functions" and is it possible to manipulate for a "big brother" or industry which wants to protect content ?



No possible "evil functions" can be accessed by a suspected Big Brother as long as your operating system kernel isn't utilizing the chip, making it available to "evil" userspace applications. And even if it is utilized (and it is in a default Ubuntu installation), as long as you don't run any such applications, the chip is just wasting space. It can't do anything malicious by itself.


The key issue must be a 100% user control except within corporate environments where a management controls it (must be so).

You do have 100% user control. The kernel itself, including the Infineon TPM module, and module init tools themselves (rmmod, lsmod, etc.), are all open source.


This look right? I dont wont that crap running at all

That's right. Reboot and run lsmod again; you'll see that the modules are no longer loaded.

I dont wont that crap running at all :mad:

That's rather an extreme action to take. What makes you think it's 'crap'? This is perfectly good technology that is only 'crap' if exploited by software companies. But why would anyone who writes software for Linux want to exploit this? That would go against everything Linux stands for. This TPM technology would only be a concern if you were running Windows.

TPM is a good thing as it can be used to safeguard your personal data on your computer. Isn't anyone interested in that? Or are you all too busy being paranoid and suspicious?

Does anyone realise that you can disable TPM in the BIOS? If it's something that's going to be 'forced' on you, then why have the option to disable it?

Once upon a time, Albert Einstein described how neuclear fission could be used to create a power station to provide electricity. When the government heard this, they asked whether it could also be used to make a bomb. The moral of this story is: there are genuine people creating technology to benefit mankind, but there will be others who want to exploit it. But that doesn't make the technology 'crap'.

but there will be others who want to exploit it.

and thats the bit that has everyone worried.

So who is exploiting it? If there are no names, then this is nothing more than paranoia.

TPM has been around for a few years now, and nothing has happened. Any computer less than 2 years old has most likely got one of these chips. My Dell Precision M90 has got one, but is disabled in the BIOS by default.

This technology is hardware based, which means that software cannot make it do anything it wasn't designed to do. Can anyone prove that the TPM chip is capable of what people suspect? Or to prove it can be exploited in any way? Can anyone list what its actual functions are and mark the "evil" ones?

and thats the bit that has everyone worried.

Even leaving aside the fact that you're using open source software in a non-malicious ecosystem, others can't possibly exploit it once you've disabled it in your BIOS, and/or told your kernel to ignore it. It's not technically possible.

sudo rmmod tpmCan someone please provide the code to do the same thing in Microsoft Windows Vista or on Mac OS 10.5 (Leopard) for that matter? It is possible to do the same thing in Vista or on Leopard? There lies the crucial difference between Trusted Computing and Treacherous Computing.

If the holder of the root (sudo) or administrative password can disable the TPM as GSF1200S has done you have Trusted Computing and there is nothing wrong with that but if he holder of the root (sudo) or administrative password cannot disable the TPM then you have Treacherous Computing and a very serious threat to privacy and liberty as has been already well pointed out in this thread.

Can someone please provide the code to do the same thing in Microsoft Windows Vista or on Mac OS 10.5 (Leopard) for that matter? It is possible to do the same thing in Vista or on Leopard? There lies the crucial difference between Trusted Computing and Treacherous Computing.

You should be able to do it somewhere in the control panel in Windows Vista (I don't know where exactly, since I've never used it), but once you've disabled it, TC-enabled applications will refuse to run. And given that the OS is proprietary and closed source, you'll never know what exactly you're doing by "disabling" it, and whether the software or the vendor can arbitrarily re-enable it.

TC is intended as a whole ecosystem that encompasses hardware, software and services. With a TC-enabled proprietary OS provided by a TC participant vendor, you're always under the risk of being locked out of certain services and being unable to use certain software.

sudo rmmod tpmCan someone please provide the code to do the same thing in Microsoft Windows Vista or on Mac OS 10.5 (Leopard) for that matter? It is possible to do the same thing in Vista or on Leopard? There lies the crucial difference between Trusted Computing and Treacherous Computing.

Just disable it in the BIOS as I have already mentioned.


If the holder of the root (sudo) or administrative password can disable the TPM as GSF1200S has done you have Trusted Computing and there is nothing wrong with that but if he holder of the root (sudo) or administrative password cannot disable the TPM then you have Treacherous Computing and a very serious threat to privacy and liberty as has been already well pointed out in this thread.

Actually, no one has proved there is a threat at all. We really need to see some facts here about what TPM is capable of or if it can be used maliciously and how.

... but once you've disabled it, TC-enabled applications will refuse to run.

How do you know all this? Where are you getting your information from?


And given that the OS is proprietary and closed source, you'll never know what exactly you're doing by "disabling" it...

Only one way to find out.


... and whether the software or the vendor can arbitrarily re-enable it.

If you disable it in the BIOS, the software cannot re-enable it.


TC is intended as a whole ecosystem that encompasses hardware, software and services; it's not just a nasty chip. With a TC-enabled proprietary OS provided by a TC participant vendor, you're always under the risk of being locked out of certain services and being unable to use certain software.

Again, where are you getting your information from? If this is fact, please tell us the source.

How do you know all this? Where are you getting your information from?

Follow all the links in the thread and Google "trusted computing" or something like that.

Follow all the links in the thread and Google "trusted computing" or something like that.

I've already done that and all I've ended up reading is some nobody's opinion. I want to see hard facts. The only facts I've seen are from the TrustedComputingGroup (http://https://www.trustedcomputinggroup.org/home).
Show me some proof.

TPM is a good thing as it can be used to safeguard your personal data on your computer. Isn't anyone interested in that? Or are you all too busy being paranoid and suspicious?

That is quite true. You will be able to tick a box to encrypt your personal files using your TPM harware. I just hope that software which allows users to do this warns them that if their machine were to go pop, they will not be able to get back their data even if the drive is fine and put into their replacement computer.

... I just hope that software which allows users to do this warns them that if their machine were to go pop, they will not be able to get back their data even if the drive is fine and put into their replacement computer.

Unfortunately, this is a big flaw in any encryption system it seems.

How do you know all this? Where are you getting your information from?

http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

The technical details can be verified in the TC specs provided by the TCG on their website.

To fine-tune my rushed claim, it should be "..can refuse to run". And given their track record of marking the user as an adversary, I don't trust TCG-member proprietary software and OS vendors not to lock people out of their ecosystem. Whether they'll actually go ahead and do it is hard to tell, and irrelevant.


Only one way to find out.

What's that?


If you disable it in the BIOS, the software cannot re-enable it.

The question was about disabling it in software, thus so was my answer. I wasn't talking about disabling it in the BIOS. There's no guarantee that BIOS manufacturers will continue to offer you the option to disable the TPM two years down the road (just like not all BIOS manufacturers offered the option to disable the Pentium 3 serial number feature before the chip lost relevance), especially given that most major ones are TCG participants, and are already manufacturing TC-enabled BIOS chips that can check for the authenticity of the (TC-enabled) OS that they boot.


Again, where are you getting your information from? If this is fact, please tell us the source.

I'm getting it from Wikipedia, Bruce Scheiner's blog, Ross Anderson's FAQ, and the EFF and TCG websites. But you'll only accept the TCG specs as "fact", apparently, so you can verify what I said in those.

That's rather an extreme action to take. What makes you think it's 'crap'? This is perfectly good technology that is only 'crap' if exploited by software companies. But why would anyone who writes software for Linux want to exploit this? That would go against everything Linux stands for. This TPM technology would only be a concern if you were running Windows.

TPM is a good thing as it can be used to safeguard your personal data on your computer. Isn't anyone interested in that? Or are you all too busy being paranoid and suspicious?

Does anyone realise that you can disable TPM in the BIOS? If it's something that's going to be 'forced' on you, then why have the option to disable it?

Once upon a time, Albert Einstein described how neuclear fission could be used to create a power station to provide electricity. When the government heard this, they asked whether it could also be used to make a bomb. The moral of this story is: there are genuine people creating technology to benefit mankind, but there will be others who want to exploit it. But that doesn't make the technology 'crap'.

My tpm modules were not disabled by default. No, not all bios' allow you to disable tpm- mine doesnt for sure. My Phoenix bios doesnt allow cpu frequency scaling, lm sensors, control of tpm- simply nothing.

Your right- it isnt harmful in good hands, but it CAN be if its in the wrong hands. My current OS runs just fine without the tpm modules, as I have no problems with security and 'trusting' the software I use- so why do I need them enabled, and why is it 'extreme' as you call it?

Its obvious youre missing the point. Ms and company have lead the charge on this, and if it isnt already obvious, they dont give 2 sh*** less what happens to you. As an entity, they just hope they get your money before you give it to someone else or you die. You arent a human or a fellow man that theyd like to spread technology to- youre a number, or an animal that they try and figure out how to slowly manipulate.

If you dont think theyre coming for youre freedom with this, just talk to CA legislators about their plans for guns. Talk to people about all the rights that have been violated with the Patriot Act. Your freedom means something to YOU, not THEM, and only if we stay AWARE of technologies like this and ENSURE that they dont become a necessity and that they stay in the right hands, will we be 'free.'

Right now its not that bad- just like nuclear energy wasnt bad at first. But eventually, a nuclear bomb killed millions, and eventually TC will control millions. To accept it and call concerned people "paranoid" and "suspicious" in such a way is insulting, and its exactly the acceptance they want. Even the people who design it should be "suspicious," as Einstein clearly was about nuclear energy.

Some people have good intentions (OSS), but many others have selfish and greedy intentions. Ignore this at your own peril....

http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html

I'm getting it from Wikipedia, Bruce Scheiner's blog, Ross Anderson's FAQ, and the EFF and TCG websites. But you'll only accept the TCG specs as "fact", apparently, so you can verify what I said in those.

The URL is a "museum"...Version 1.1 (August 2003)

We need updated open source developers point and facts about it.

The problem can be named with dsniff, cain and so on...:(
Bruce Schenier for sure knows a lot about this...:)

sans.org is also worth a visit....

We can also speculate if ISPs in future demands all users to use TPM chip identification....:(

Again, where are you getting your information from? If this is fact, please tell us the source.

Well, here you have one source including lots with URLs to study

http://www.microsoft.com/whdc/system/platform/hwsecurity/default.mspx

TPM is used for drive encryption called Bit Locker in Vista.

MS can easily "expand" other functionality....:twisted:

Your right- it isnt harmful in good hands, but it CAN be if its in the wrong hands. My current OS runs just fine without the tpm modules, as I have no problems with security and 'trusting' the software I use- so why do I need them enabled, and why is it 'extreme' as you call it?

Disabling the TPM in a free and open source OS, on which you're not running any potentially privacy breaching applications, and your OS and software vendors aren't going to force you to do so, with or without your awareness, can be called "extreme", because you're taking a precaution against a nonexistent threat. The potential threat only exists in the TC ecosystem, which is opt-in.

In the FOSS ecosystem, trust is implicit. We don't need a scheme as technically elaborate as TC to implement it.

So who is exploiting it? If there are no names, then this is nothing more than paranoia.

TPM has been around for a few years now, and nothing has happened. Any computer less than 2 years old has most likely got one of these chips. My Dell Precision M90 has got one, but is disabled in the BIOS by default.

This technology is hardware based, which means that software cannot make it do anything it wasn't designed to do. Can anyone prove that the TPM chip is capable of what people suspect? Or to prove it can be exploited in any way? Can anyone list what its actual functions are and mark the "evil" ones?


Disabling the TPM in a free and open source OS, on which you're not running any potentially privacy breaching applications, and your OS and software vendors aren't going to force you to do so, with or without your awareness, can be called "extreme", because you're taking a precaution against a nonexistent threat. The potential threat only exists in the TC ecosystem, which is opt-in.

In the FOSS ecosystem, trust is implicit. We don't need a scheme as technically elaborate as TC to implement it.

Point taken.

FOSS does change things in this instance.

While I agree with you here, I would go nuts ensuring it disabled on a proprietary OS, and FOSS aside, I stand by my statements pertaining to the danger of TPM in proprietary control.

Thanks though- its nice to feel like an entity such as all of FOSS is on my side :)

All I'm saying is: We all chose Linux for 2 reasons (mainly) which are 'Freedom' and 'Choice'. No-one in the Linux community can possibly gain (financial or otherwise) by acting 'Big Brother'. That's going to be for all those unfortunates running Windows (possibly Mac too?). So there is a lot of paranoia here for quite possibly no reason. And yes, I know I said 'possibly', because I'd hate for someone to exploit this, but I don't see why or how in the world of Linux. I just checked that last link to MS (http://www.microsoft.com/whdc/system/platform/hwsecurity/default.mspx) and, although I haven't read too deeply (it's getting late here), all I see is references to drive encryption and data protection. I will read this more deeply tomorrow.

http://www.schneier.com/blog/archives/2005/08/trusted_computi.html is also a good read. But again, I see no threat, only companies trying to protect themselves and their [closed source] products from 'pirates'. Isn't that a good thing?

I still say this technology is a good thing. And I still say that people are being paranoid about the TPM chip (even those using Windows or Macs).

Just disable it in the BIOS as I have already mentioned.

Actually, no one has proved there is a threat at all. We really need to see some facts here about what TPM is capable of or if it can be used maliciously and how.

It really comes down to the Operating System.

1) For GNU / Linux I do not see a threat at all due to the GPLv3, in particular the "installation information" for a "user product" (section 6) and the "anti DMCA" clause (section 3). By the way one can read between the lines the negotiations between IBM and the FSF. Enterprise trusted computing is left untouched (why IBM likes the license) and all the teeth are pulled out of consumer DRM at the same time. One can even say that IBM "sold out" consumer DRM to the FSF here, but IBM is not a consumer products company so why should they care. You can disable the TPM in the BIOS or control it from within GNU / Linux. Your choice

2) Microsoft Windows. Disabling the TPM in the BIOS should work here, even with Vista. There is the danger of triggering WPA / SPP and having to reactivate (if Windows thinks it is a different motherboard). The real question is where is Microsoft heading here? Until recently they seemed all gun ho for DRM but recently they are sending some mixed signals (killing reduced functionality mode in Vista SP1 and WGA for IE 7). still the potential for abuse especially with Vista is still there.

3) Mac OS X (Leopard) My understanding is that this OS requires a TPM to boot, so there no escape there at all. This is by far at this point the biggest threat.

If one is serious about fighting treacherous computing the simplest way is to promote GNU / Linux. Since this is an Ubuntu forum the simplest solution here is to promote Ubuntu. Get that GPL v3 code out there and there is nothing to fear from the TPM. Also my opinion is that between Microsoft and Apple, Microsoft (even Vista) is at this time the lesser threat.

3) Mac OS X (Leopard) My understanding is that this OS requires a TPM to boot, so there no escape there at all. This is by far at this point the biggest threat.
You are correct. When Leopard (and Tiger for that matter) boots, it scans the motherboard searching for the TPM and that it's valid. Assuming so, it boots, otherwise it complains and fails to continue loading. The purpose of this is simply to prevent OS X from being installed on a PC, which of course lacks the required TPM chip.

You know what? They failed ENTIRELY, which is why the OS x86 project has survived (and the reason why my dad now runs Leopard on his PC). Waste of programming effort to implement TPM when a bunch of armatures can crack it. :)

The purpose of this is simply to prevent OS X from being installed on a PC
As opposed to...what? A mainframe? A DEC PDP-11? A Cray? A TV? A toaster? The coffee table? Aside from the few servers Apple sells with OSX-preloaded, I've never heard of running OSX on anything but a PC.

As opposed to...what? A mainframe? A DEC PDP-11? A Cray? A TV? A toaster? The coffee table? Aside from the few servers Apple sells with OSX-preloaded, I've never heard of running OSX on anything but a PC.

Not just any PC, but a PC approved by Apple.

Disabling the TPM in a free and open source OS, on which you're not running any potentially privacy breaching applications, and your OS and software vendors aren't going to force you to do so, with or without your awareness, can be called "extreme", because you're taking a precaution against a nonexistent threat. The potential threat only exists in the TC ecosystem, which is opt-in.

In the FOSS ecosystem, trust is implicit. We don't need a scheme as technically elaborate as TC to implement it.

Can you please clarify this ?

I can see a clear threat from dsniff and Cain and some more of these so called sniffing tools and those threats cannot be hided, they must be openly discussed among normal users so everyone can see those threats.

We have a situation with skilled users and cracker/hacker forums which discuss this...

http://www.sans.org/resources/popular.php

"What is dsniff ? " and deeper to Cain.... just to study...:)

Can you please clarify this ?

I can see a clear threat from dsniff and Cain and some more of these so called sniffing tools and those threats cannot be hided, they must be openly discussed among normal users so everyone can see those threats.


What I mean is that just because you're leaving your TPM chip on doesn't mean you're immediately subject to a privacy breaching threat. As long as you're not deliberately using any software or services that utilize your TC chip, the chip will be just sitting idle. Only by using a TC-enabled closed source OS that can operate behind your back, and opting into services and software provided by TC allies do you put yourself into the "danger zone". Blacklisting your TPM module in a FOSS environment where you haven't opted into any TC services is like switching off the circuit breaker in a house where there's no electricity.

Can you clarify how the obvious "threat" of packet sniffing that has always existed is specifically relevant to TC in a FOSS environment? Do you mean that TC can be utilized against sniffing and similar threats, by authenticating packets, etc.? If so, that's exactly the kind of possible "good" application of TC that (I assume) people are talking about. As long as the codes are open, and veiled corporate interests are out of the table, it can be useful for many applications.

Can you clarify how the obvious "threat" of packet sniffing that has always existed is specifically relevant to TC in a FOSS environment? Do you mean that TC can be utilized against sniffing and similar threats, by authenticating packets, etc.? If so, that's exactly the kind of possible "good" application of TC that (I assume) people are talking about. As long as the codes are open, and veiled corporate interests are out of the table, it can be useful for many applications.

OK about TPM

You earlier mentioned Mr Schneier which indeed is one of the worlds real experts in this area. He for sure knows a lot about encryption.

All so called experts have a "consensus" about encryption and a lot of them also about the need for a security chip such as TPM.

I cannot "judge" myself about only software encryption and the need for a security chip.....:confused:

Intel worked with the so called LaGrande project and IBM also

http://www.intel.com/technology/security/

http://domino.research.ibm.com/comm/research_projects.nsf/pages/gsal.TCG.html

I can see a real threat from dsniff and Cain so its the challenge....:)

All so called experts have a "consensus" about encryption and a lot of them also about the need for a security chip such as TPM.

There IS a need for this chip if we are talking about data encryption/protection.


I cannot "judge" myself about only software encryption and the need for a security chip.....:confused:

The threat does not come from its ability to do encryption, but rather from the potential of a software vendor using the chips abilities to stop you from using certain software if they choose to. Even then, this does not imply a threat if it is implemented correctly. By that I mean, if the software vendor has detected you hacking his software, he can stop you from using it. With proprietary software that you pay for, I see no problem with that as you shouldn't be doing it. In the world of Linux where everything is free, no software vendor is going to bother with that as it is pointless and goes against the GPL.

But let us not forget that this chip provides security in other good ways, such as on-line transactions. Also, your ISP may require you to use it to secure the connection between you and them. These are positive aspects of the chip.

As far as unscrupulous software vendors go: I would look to big names if your using Windows or OSX and god knows what you do if one of those names is MS or Apple. Move to Linux I guess.

First off I've only skimmed the thread so excuse me if my post is be a repeat of someone else's.

But couldn't TPM be a good thing?

If my notebook is stolen I want it to be absolutely useless to anyone else. Isn't that a thing TPM can do?

First off I've only skimmed the thread so excuse me if my post is be a repeat of someone else's.

But couldn't TPM be a good thing?

If my notebook is stolen I want it to be absolutely useless to anyone else. Isn't that a thing TPM can do?

Yup and also protect you from password network sniffing.

The real problem is companys or regimes without scruples which will use this chip for big brother supervision and content protection.

Also "phenest" conlusion in message before is correct.....

Really difficult....

But let us not forget that this chip provides security in other good ways, such as on-line transactions. Also, your ISP may require you to use it to secure the connection between you and them. These are positive aspects of the chip.

A paranoid person might worry that commercial internet sites and services (lets not forget that internet services and software as a service are expanding) will not transact with a computer that has its chip disabled. One could imagine the free OSes (with TC disabled) being squeezed out of the 'commercial' internet.

A paranoid person might worry that commercial internet sites and services (lets not forget that internet services and software as a service are expanding) will not transact with a computer that has its chip disabled. One could imagine the free OSes (with TC disabled) being squeezed out of the 'commercial' internet.

Paranoia is why this thread started. But we can use this thread to explain what the benefits of TPM are and try to pinpoint any unscrupulous software.

I think the TCG is a company with honest intentions, but I would like to see them revise their description of the TPM's abilities and enforce a strict license agreement with software companies to prevent them from exploiting it and to protect the end user.

Also remember: The TCG is non-discriminatory. They provide support for Linux too. We are not being "squeezed out".

I just read the Trusted Computing FaQs and it looks frightening, then I saw the part that said you can switch it off. If you can switch it off what is the problem?

:popcorn:
we can all speculate what will happen, the real problem is.
no matter how good the intention of technology their will be someone out there to utilize it for personal gain.
and once again the only way to beat scams like this is with morals & money, and i only have one not both.
you choose lol

Rant:
If you disable it in the BIOS, the software cannot re-enable it.Bit like those bios flashing progs that 'cant touch your bios'?

Anyway i feel the point of 'trusted computing' is not the immediate prevetion of illegal multimedia viewing.

To me it looks like a fabian move to progressivley allow more and more of this stuff into your life.

as has been said already, this is a process that has been happening already.

and like a snow ball from atop a snowy mountain, watch out below!

Rant: Bit like those bios flashing progs that 'cant touch your bios'?

You mean the ones that you cannot do inside the OS?


Anyway i feel the point of 'trusted computing' is not the immediate prevetion of illegal multimedia viewing.

That is just speculation.


To me it looks like a fabian move to progressivley allow more and more of this stuff into your life.

I couldn't help noticing your signature
Fear is the mindkiller...


as has been said already, this is a process that has been happening already.

Where?

I'm glad to see some good discussion about this.

I think we should all keep in mind this point, for sure there is speculation about the direction technolgy like T.C. could take. I highlight speculation.

None of us know for sure much of anything. I do know this, I don't like a board or committee like the T.C. board having too much power.
One thing I do know for sure is this;

Man is greedy, power hungry and relentless. The point of this thread is not just to illuminate the potential threat called T.C. (like it or not the potential still exists) Look what apple has done with the IPOD. It's just a form of T.C. You can't download music to your IPOD unless you use their software. THE Point though is that we must be on our guard when it comes to technology. It has the power to give us freedom and just as easily it can take it away. The quest for more money, more power, dominance, or dare I say SECURITY are all reasons to keep your head up, eyes open and ears listening.

I really like Apple as a current example. They take away the freedom that people had with the IPOD to use other software. What do people do, they still flock to the thing. They're blinded by the cool factor and they don't care that some of their freedom has just been lost. Yes it's just a small bit of freedom but it shows companies that people are willing to part with freedom for cutting edge gadgets.

You mean the ones that you cannot do inside the OS?



That is just speculation.



I couldn't help noticing your signature



Where?


Rant: Bit like those bios flashing progs that 'cant touch your bios'?

Anyway i feel the point of 'trusted computing' is not the immediate prevetion of illegal multimedia viewing.

To me it looks like a fabian move to progressivley allow more and more of this stuff into your life.

as has been said already, this is a process that has been happening already.

and like a snow ball from atop a snowy mountain, watch out below!

Ok, I can't speak for the bios business.

Trusted computing, has failed miserably if it's goal is to prevent of multimedia viewing. There are no exceptions as of yet. Feel free to point out one.

You can see examples of trusted computing with Apple. There is a check in there to allow the machine to run OS X. Even though other machines can run it fine, it lacks permission, Other examples include Microsoft remotely disabling hardware (http://www.arnnet.com.au/index.php?id=1597960084) drivers (and thus the hardware). Essentially, trusted computing falls under securing control. Following airtonix, XP had a measly activation code, then came WGA (http://en.wikipedia.org/wiki/Windows_Genuine_Advantage) with it's regular checks, and Vista, which is frankly filled to the gills with anti-features (http://badvista.fsf.org/what-s-wrong-with-microsoft-windows-vista). Not to mention forced stealth updates (http://blog.washingtonpost.com/securityfix/2007/09/microsofts_stealth_update_come.html) too. And backdoors (http://www.schneier.com/blog/archives/2007/12/dual_ec_drbg_ad.html).


The sig is from the Litany against fear (http://en.wikipedia.org/wiki/Litany_against_fear). I love Dune and the whole series of books.

If anything I'd say airtonix is doing fine, speculation (oh heck, prime projection? ;) ), but trusted computing is not only ineffective, but a major turn off to some customers, at least those who value security (so that goes beyond the regular consumer too.) He or she will be here, when trusted computing is gone. Some just don't know, or some feel there isn't any choice but Windows, due to one app or another. If the box gets more and more closed, we'll be stuck with Windows only boxes (with subscription extras with all that power over your hardware), and unable to verify what it's doing. No thanks. :)

If you require more resources, I'd suggest google, but there are several more examples. including when it works improperly (http://arstechnica.com/news.ars/post/20070124-8690.html).

Anyway, a bunch of companies and corporations doing this pell-mell, should be a little scary on average. Say good bye to open hardware specs, and open drivers too. Say hello to forced obsolescence. I can see the motivation, but still, I do not and will not be a part of it. :KS

Great post!
Many people don't know how much the very control of their computer is at risk.
Those anti-features absolutely turned me off from windows. My processor will spend too much of its time executing code in microsoft's interest instead of mine.

I didn't have a big problem with closed source software before but now I see the inherent dangers. I have to admit that the original open source proponents were ahead of their time. I think the has come now, where some of the things they warned against are dangerously close to becoming reality.

The computers we need to use will be dictating unfavourable terms to us and it will be illegal or technically impossible to change it!

Come on guys! You're still speculating! All examples so far are software based and have been around long before the TPM chip. This is not going to kill Linux as the TCG are supporting ALL OS's.

Come on guys! You're still speculating! All examples so far are software based and have been around long before the TPM chip. This is not going to kill Linux as the TCG are supporting ALL OS's.

Software and Hardware have to play along for TPM to work.

HDCP (http://en.wikipedia.org/wiki/Hdcp)

Trusted Computing goes beyond a simple module within a CPU or what have you.

This article covers many of the hardware points.
A Cost Analysis of Windows Vista Content Protection (http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.html)

Start reading from this section specifically (http://www.cs.auckland.ac.nz/~pgut001/pubs/vista_cost.html#reliability), if you prefer.

Anyway, Linux certainly can handle TPM, but not all this garbage that Vista introduces/requires.

P.S.Methuselah, I'm glad you liked my post :)

I'm glad to see some good discussion about this.

I think we should all keep in mind this point, for sure there is speculation about the direction technolgy like T.C. could take. I highlight speculation.

None of us know for sure much of anything. I do know this, I don't like a board or committee like the T.C. board having too much power.
One thing I do know for sure is this;

Man is greedy, power hungry and relentless. The point of this thread is not just to illuminate the potential threat called T.C. (like it or not the potential still exists) Look what apple has done with the IPOD. It's just a form of T.C. You can't download music to your IPOD unless you use their software. THE Point though is that we must be on our guard when it comes to technology. It has the power to give us freedom and just as easily it can take it away. The quest for more money, more power, dominance, or dare I say SECURITY are all reasons to keep your head up, eyes open and ears listening.

I really like Apple as a current example. They take away the freedom that people had with the IPOD to use other software. What do people do, they still flock to the thing. They're blinded by the cool factor and they don't care that some of their freedom has just been lost. Yes it's just a small bit of freedom but it shows companies that people are willing to part with freedom for cutting edge gadgets.

I agree with you 100% here- you dont require the bad stuff to actually happen before you are concerned, and thats the reason we may be able to stop it- we need more people like this :)

Phenest- you are COMPLETELY right man.. it IS speculation, at least on some fronts. The eventual intent or extent of TC is speculation right now. But, just because it hasnt happened yet doesnt mean it isnt going to. If we all just forget about this, then they WILL take it to the extremes weve been discussing.. Nuclear energy was originally pursued to create an effecient form of energy, and then it eventually created an A-bomb that killed millions! Sure, nuclear energy can be very good in the right hands, but it can be very bad in the wrong ones, too..

Ok, I can't speak for the bios business.

Trusted computing, has failed miserably if it's goal is to prevent of multimedia viewing. There are no exceptions as of yet. Feel free to point out one.

You can see examples of trusted computing with Apple. There is a check in there to allow the machine to run OS X. Even though other machines can run it fine, it lacks permission, Other examples include Microsoft remotely disabling hardware (http://www.arnnet.com.au/index.php?id=1597960084) drivers (and thus the hardware). Essentially, trusted computing falls under securing control. Following airtonix, XP had a measly activation code, then came WGA (http://en.wikipedia.org/wiki/Windows_Genuine_Advantage) with it's regular checks, and Vista, which is frankly filled to the gills with anti-features (http://badvista.fsf.org/what-s-wrong-with-microsoft-windows-vista). Not to mention forced stealth updates (http://blog.washingtonpost.com/securityfix/2007/09/microsofts_stealth_update_come.html) too. And backdoors (http://www.schneier.com/blog/archives/2007/12/dual_ec_drbg_ad.html).


The sig is from the Litany against fear (http://en.wikipedia.org/wiki/Litany_against_fear). I love Dune and the whole series of books.

If anything I'd say airtonix is doing fine, speculation (oh heck, prime projection? ;) ), but trusted computing is not only ineffective, but a major turn off to some customers, at least those who value security (so that goes beyond the regular consumer too.) He or she will be here, when trusted computing is gone. Some just don't know, or some feel there isn't any choice but Windows, due to one app or another. If the box gets more and more closed, we'll be stuck with Windows only boxes (with subscription extras with all that power over your hardware), and unable to verify what it's doing. No thanks. :)

If you require more resources, I'd suggest google, but there are several more examples. including when it works improperly (http://arstechnica.com/news.ars/post/20070124-8690.html).

Anyway, a bunch of companies and corporations doing this pell-mell, should be a little scary on average. Say good bye to open hardware specs, and open drivers too. Say hello to forced obsolescence. I can see the motivation, but still, I do not and will not be a part of it. :KS

Thanks for the links...

When I say I want to see proof, I mean I want to see proof of its potential. I agree that waiting for evidence that the TPM chip has already been exploited is fruitless. But we DO need evidence that are suspicions are correct. Can anyone prove that it is actually possible for it to be exploited? All links to date are either nothing to with TPM, or are solely surrounding the likes of MS and Apple.

It is the nature of some to destroy what they do not understand. It would be sad to destroy a new technology only to discover we are wrong.

To start the facts rolling, can anyone list the TPM chips capabilities, and does anyone know what the TPM modules in Linux actually do?

It is the nature of some to destroy what they do not understand. It would be sad to destroy a new technology only to discover we are wrong.

To start the facts rolling, can anyone list the TPM chips capabilities, and does anyone know what the TPM modules in Linux actually do?

Exactly my point.... first all facts and then opinions

TPM specs page
https://www.trustedcomputinggroup.org/groups/tpm/

Open source solution
http://www.sirrix.com/content/pages/tpm%20manager.htm

Also URLs to trusted Grub and Knoppix

Knoppix info
http://unit.aist.go.jp/itri/knoppix/TCGeeks-CD20071105.pdf

http://unit.aist.go.jp/itri/knoppix/index-en.html

When I say I want to see proof, I mean I want to see proof of its potential. I agree that waiting for evidence that the TPM chip has already been exploited is fruitless. But we DO need evidence that are suspicions are correct. Can anyone prove that it is actually possible for it to be exploited? All links to date are either nothing to with TPM, or are solely surrounding the likes of MS and Apple.

It is the nature of some to destroy what they do not understand. It would be sad to destroy a new technology only to discover we are wrong.

To start the facts rolling, can anyone list the TPM chips capabilities, and does anyone know what the TPM modules in Linux actually do?

I can't make heads or tails out of the specifications in those documents. However.

Proof that it can be done is seen with the IPOD. If it can be done here it can be done on a pc also.

I know the thread is called TC must be stopped. What really needs to be be done though is to find a way to keep TC in check.

It's all about security, many abuses come in the name of security. If security is seen as a problem what is the solution. Tighten security, how is this done, restrictions. The question is what kind of restrictions? No we don't know but a chip on the mainboard that checks the compliance of the software and the hardware is something to pay close attention to.

I
I know the thread is called TC must be stopped. What really needs to be be done though is to find a way to keep TC in check.




Yup and this is probably a challenge... RIAA and MPAA are probably
cheerleaders for this fan club...:twisted:

Everyone removes DRM just now....:)

EU encouraging DRM

http://ubuntuforums.org/showthread.php?t=661687&highlight=DRM

I am 100% sure that EU looked at the TPM chip and not software DRM.

A challenge...

I know the thread is called TC must be stopped. What really needs to be be done though is to find a way to keep TC in check.

This is something I mentioned in a previous post. If TC are genuine, they need a strict licence agreement for 3rd parties to ensure it is not exploited. If they are not genuine, then it needs to be taken to an authority who would restrict its use, thus prevent exploitation. The latter is probably the best option whatever the intentions of TC.

Something tells me the EU will have a field day with this.

Something tells me the EU will have a field day with this.

I hope so- ill be moving to Europe if this becomes established in the US, and im not kidding.

If TC are genuine, they need a strict licence agreement for 3rd parties to ensure it is not exploited.

Whom do you refer to as "3rd parties"?

Whom do you refer to as "3rd parties"?

I'm wondering if that matters. I mean, is there an example in the history of humanity... Where any person, group, etc. with a system without checks and balances can be 100% trustworthy?

Without someone being accountable, it seems abuse of power is inevitable. You can see examples with current events, and throughout history.

This experiment (http://en.wikipedia.org/wiki/Zimbardo#The_prison_experiment), shows that with people, sadly it doesn't take very long to kick in. Sheds light on certain behavior frankly...

Now for something minor (very minor in comparison), deleting files, deactivating or crippling hardware, monitoring usage, gathering data, etc...
If you want trust, you've got be open and transparent. Not cloak and dagger, black boxes. If you want security use encryption, not some license agreement and mystrerious hardware to lock down an entire Personal Computer. Trust data from that source?
Don't want people to download willy nilly, make sure it's available, and that people actually want to buy it. Doing it from the other end hasn't been effective.

My 2 cents.

Why bother with TPM on a PC, why not just make a small set top box. Works for tivo, right? Unless Linux goes GPLv3, it's perfectly feasible with less hassle and annoyance.

I hope so- ill be moving to Europe if this becomes established in the US, and im not kidding.

If this seriously happens, I will be wanting to moving to Europe when I go to college. I will probably try to buy a non-tc computer before they all get sold out too.