Re: Trusted computing [WAS new user question: debian on a Thinkpad T61]
Jimmy Wu wrote:
> I just got the ThinkPad T61 laptop today. I went in to system
> properties to take a look at the hardware device manager and I noticed
> it included "Trusted Platform Module 1.2". Now, this raised a red
> flag for me, as my first impressions of "trusted computing" were
> framed by this article:
> http://badvista.fsf.org/what-s-wrong-with-microsoft-windows-vista
Well, that article doesn't mention the TPM. Vista does not use TPMs
for DRM. The only thing Vista uses the TPM for is the DiskLocker whole
disk encryption system, which uses the TPM to protect its keys, a use
entirely in the interests of the owner/operator of the computer.
Contrary to much of the publicity about the chip, TPMs are not (yet)
useful for DRM, and it's questionable whether they ever will be. That
will require substantially more research in operating systems, as well
as a net-wide TPM certificate infrastructure that does not yet exist.
Ask yourself this: if the real goal of the TPM is for DRM and taking
away control from end users, why would most TPM projects be on Linux
and other open-source platforms? In addition to TPM device drivers,
Linux has the Trousers TPM library and the Integrity Measurement
Architecture kernel patches, among others. Xen has TPM extensions, and
a couple of versions of TPM-aware Trusted Grub exist as well.
I suggest that the dangers of TPMs and Trusted Computing have been
exaggerated and are entirely hypothetical at this time. In contrast,
software exists today that can use the TPM to provide real benefits to
users on both Linux and Windows platforms. I am actively involved with
some open-source TPM projects and see this technology as having
tremendous potential. It pains me to see so much uninformed FUD being
cast about whenever the topic comes up.
Hal
Reply to: