[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Trusted computing [WAS new user question: debian on a Thinkpad T61]

Hal Finney wrote:

Jimmy Wu wrote:

I just got the ThinkPad T61 laptop today. I went in to system
properties to take a look at the hardware device manager and I noticed
it included "Trusted Platform Module 1.2". Now, this raised a red
flag for me, as my first impressions of "trusted computing" were
framed by this article:
http://badvista.fsf.org/what-s-wrong-with-microsoft-windows-vista


Well, that article doesn't mention the TPM. Vista does not use TPMs
for DRM.
Besides the fact that DRM isn't the sole core issue here, when it's seen that WMP is no more than a music playing trojan, I have no belief whatsoever, that anything that MS chooses to implant at a deeper level on my system is going to operate according to a higher standard of ethics.
I'm not just looking at MS here, but also Intel's CPU registration programme, Belkin's sweet concept of trojans on their routers a little time ago and gremlins placed in the BIOS dating from the Phoenix/Award amalgamation, etc., etc., etc.
The rider placed on ethical standards here is the one I have already stated. That of corporate desire for market control, as near to complete as possible, and corporate entities never sleep.
It takes things like a continuous, international, labour overhead free, development programme to, at least, keep up, and hopefully gradually pull ahead. 

 The only thing Vista uses the TPM for is the DiskLocker whole

disk encryption system, which uses the TPM to protect its keys, a use
entirely in the interests of the owner/operator of the computer.


Right.
So you've read the code?
Who holds the master key?
Whose servers cater to the information flow?


Contrary to much of the publicity about the chip, TPMs are not (yet)
useful for DRM, and it's questionable whether they ever will be. That
will require substantially more research in operating systems, as well
as a net-wide TPM certificate infrastructure that does not yet exist.


Really?
Seems a fairly simple adaptation to me.

 http://www.wipo.int/pctdb/en/wo.jsp?wo=1999015947



Ask yourself this: if the real goal of the TPM is for DRM and taking
away control from end users, why would most TPM projects be on Linux
and other open-source platforms?


Because there are more of them.
FOSS development has always been conducted along a multithread format.
There is no critique of open source formats here (I've been meaning to check back on the Open Bios project for a while), but I do endorse full control being in the hands of the enduser, especially in regard to the internet. Once control is translated to the network, the controllers of the network dictate access and content and the most innovative environment in the history of the species degenerates to the state of being no more than cable tv, on speed, replete with ads.
It is of the utmost importance that the control factor is kept at the 'edge' of the 'net, in the hands of the enduser and that the network itself, is kept in as simple a state as possible. 

 In addition to TPM device drivers,

Linux has the Trousers TPM library and the Integrity Measurement
Architecture kernel patches, among others. Xen has TPM extensions, and
a couple of versions of TPM-aware Trusted Grub exist as well.

I suggest that the dangers of TPMs and Trusted Computing have been
exaggerated and are entirely hypothetical at this time. In contrast,
software exists today that can use the TPM to provide real benefits to
users on both Linux and Windows platforms. I am actively involved with
some open-source TPM projects and see this technology as having
tremendous potential. It pains me to see so much uninformed FUD being
cast about whenever the topic comes up.
When security aspects are in the control of others, so is the entity those security aspects are 'protecting'. From other conversations I have had, this appears to be a reasonably accurate statement of the scenario. 

 http://en.wikipedia.org/wiki/Trusted_Platform_Module

I reiterate, we all have a right to a private, personal level of existence.
This doesn't mean that those of us that espouse this are therefore guilty of all the negative aspects that an open environment also caters to.
There is a tremendous noise concerning paedophilia and the ilk on the net, and the requirement of governments, with concerned corporate citizens in the background, stentoriously proclaiming the need for control of the network, despite the fact that programmes such as 'Netnanny' and similar are downloadable, even directly from your own friendly, local ISP in many cases. 

There is an agenda and it needs to be countered, not catered to.
Regards,
--
David Palmer
Linux User - #352034
Reply to: