Apple, Intel and 'Trusted Computing'

[Object-X]

Bondage of the Will

If I buy a machine I want to be able to do what I want with it. Free will. Whether we will for good or for bad should be up to us entirely. If you produce a machine that takes away that free will, don't expect me to buy it. I think everyone should feel this way. If you don't you must be one of THOSE people.

Of course the problem with your logic is that it might not be in your or anyone else's best interest for you to follow your will's desire. People often want things that hurt them in the end. How many times have you seen a guy see a hot girl, want her, get her, and then regretted it in the end? Freedom to do anything you want isn't really freedom when what you want has consequences that ultimately limits your freedom.

Apple has to keep control over their intellectual property, otherwise, it will be damaged or compromised and everyone will suffer for it. They want to keep control of their OS until it's in their (and your) best interest to license it to others. That's what this technology will be used for. Letting folks put OS X on any Intel box would cause numorous compatibility issues and would hurt Apple's reputation, which in turn would hurt their bottom line, which would eventually hurt you because the quality of their products would be diminished. Keep in mind, Apple has to convince people to switch to their products based on superiority (ie. to choose), whereas Microsoft counts on their monopoly (ie. there's no alternative) to sell their products. So, you're freewill unchecked could adversely affect other's freewill to choose Apple. Think about it.

I marvel at those who want OS X to be like Linux. But look at Linux. Who, other than a hard core geek or a poor person, would prefer Linux to OS X? So Linux is free and you can do with it what you want, but it isn't and never will be OS X. It has it's purpose, but it's target crowd is vastly different than Apple's. What upsets me about Microsoft's control freek attitude, is that they want to protect the monopolistic high cost of inferior products.

 

[SeaFox]

Note: There is already a thread running about this from the last few days.

However, it has degraded into a Fair Use arguement, although I would be happy to see it return to the original topic.

 

[obeygiant]

i dont want apple or any other regime telling me what i can and cannot do with MY computer. If the computer was owned by the govenment then its a different story..

isnt that what this is about?

 

[puuukeey]

Bad news... just bad news... I'm sorry but I'm not buying 7 updates of OSX for my family. it's just wrong call me a theif but I think it should come with the territory. anyone who claims that piracy drives software prices up should check the digidesign website for their 800 dollar eqs which are protected by the ilok. maybe if a moral group of people were implementing it would be ok. but apple while good is not held to moral standards

 

[Fabio_gsilva]

Man, this thing of Trusted is kinda creepy... I've been reading something here and there about it and it seems like something very intrusive in everyone's machines...

Let's wait and see

 

[Demon Hunter]

your options will in any case be limited, and small companys will likely to vanish...

And the petit bourgeoisie will disappear and be replaced by carnivorous robot lepers, who will subjugate the Earth, ushering in a new dark age of Communism!

 

[AlmostThere]

Hey, the DRM on the machine won't stop you from doing what you want to do with it. Hack it up, strip it, resell it, whatever.

Not at all. The DMCA / EUCD makes it quite clear that you cannot "hack it up" and you will be prosecuted if you try and make the machine bypass any mechanism used to implement copy protection.

The hardware is very much NOT yours to do with as you choose.

If countries like China got hold of this they could further oppress their citizens and control what they say, or do.

This is one of the key worries and something that is ALREADY happening. Microsoft is helping China censor web sites and blogs that try and discuss democracy, freedom, Tibet, demonstrations, Tiananmen and other such unsuitable subjects. But hey, small price to pay for reducing piracy, no?

 

[shawnce]

Interesting post on slashdot...

http://apple.slashdot.org/comments.pl?sid=158052&cid=13242842

Looking at posts on the web that I have seen it basically looks like Apple is exposing the crypto aspects of the Infineon chip and not much of any things else (if anything else).

Also look back in this thread for a post showing someone running Mac OS X 10.2 x86 version in VMWare, in other words in a virtual environment that doesn't have the Infineon chip, or at least a real one containing any embedded key from Apple (not says Apple is even doing that). Based on that is looks like Mac OS X (x86) isn't tied to Apple hardware. Also you can install and run Windows, Linux on the developer kit.

 

[andiwm2003]

how can it be bad when it says trusted computing technology?

but seriously, the lawmakers will at some point have to define what fair use is and most of the industry will go with this standard. i don't see it going to be so bad. if it was the legislators will have to do something about it.

drm, hardware protection and all that stuff is around for many years. the only succesful drm yet is itunes. and that only because it's as customer friendly as possible. every other solution is limited to a special need (e.g. hardware locks for special software) or it's not competitive on the market and consumers buy something else.

as long as apples market share is below 10% they can't afford to annoy their customers with too many restrictions.

 

[siliconjones]

Not at all. The DMCA / EUCD makes it quite clear that you cannot "hack it up" and you will be prosecuted if you try and make the machine bypass any mechanism used to implement copy protection.

The hardware is very much NOT yours to do with as you choose.



This is one of the key worries and something that is ALREADY happening. Microsoft is helping China censor web sites and blogs that try and discuss democracy, freedom, Tibet, demonstrations, Tiananmen and other such unsuitable subjects. But hey, small price to pay for reducing piracy, no?

Awesome response. If you don't find this stuff scary your not paying enough attention or go about life with a PollyAnna attitude. No Corporation, No Government can be trusted with this power. Not Apple. Definitely not the US.

 

[shawnce]

Awesome response. If you don't find this stuff scary your not paying enough attention or go about life with a PollyAnna attitude. No Corporation, No Government can be trusted with this power. Not Apple. Definitely not the US.

ELUA, laws, etc. like this have been around for decades... So why hasn't the world ended yet?

If you don't like it, don't buy it... make your own, etc.

 

[jouster]

In a word, no, but not for the reason you may think.

The only thing the constitution protects you from is federal and state government. As a private individual acting in his/her own capacity or on behalf of a corporation, a person simply can't violate your "constitutional rights."

Kinda sorta. Couldn't one also argue that the government has a duty - a constitutional one - to protect you from such intrusion by enforcing existing laws against this sort of thing? Failure to do so could be interpreted as a violation of constitutional rights?

 

[7on]

Come on people!

Here's an idea, try this...
Click the Apple in the upper left hand screen corner...
About this Mac...
More Info...
Now in your Hardware Overview take a look at the last entry...

OMG A HARDWARE SERIAL NUMBER!!! APPLE'S PROBABLY TRACKING ME RIGHT NOWWWWW!!!!

Come on people, Apple's been doing this stuff forever. The original Macintosh had a boot ROM that wouldn't let the OS boot on a non Macintosh (infact, they say that trying to boot the System OS on a non Mac would give you a guy behind bars and flash "STOLEN" on the screen).

This DRM thing is nothing more than Apple trying to be more secure than they already are. The hardware serial may keep PPC OSX off general PPC hardware... but Apple obviously wanted to be more cautious with x86. Or it could be the same reason they're going with EFI/BIOS instead of OpenFirmware.

 

[Fabio_gsilva]

If Apple uses it to prevent OS X from being stolen, then so be it.

If it will be used for punitive DRM on media, then I won't buy that media. So far, that has not been Apple's trend. DRM was a necessary evil forced on iTunes by the RIAA, but Apple has kept the terms painless for honest users.

I'd rather there were no DRM or annoying copy protection in the world. Give a big "thanks" to the pirates who steal software and music, for bringing these issues into our lives.

But, you know, I can't precise who came first: copyright protection measures or the piracy.

As far as I remember, and I'm not too old (24), all kinds of software had some measure to stop ilegal copies. Games, like Prince or others, have a extensive list of codes you must hit before using it, or after the first level (word 2, colum 3, pag 8, for example).

So, maybe this protection estimulated the natural humam desire to break the rule and do it by his own means...

Well, just my toughts...

 

[Rod Rod]

but seriously, the lawmakers will at some point have to define what fair use is and most of the industry will go with this standard. i don't see it going to be so bad. if it was the legislators will have to do something about it.

Those legislators will most likely be on the take from industry lobbyists in the form of campaign contributions. Vested corporate interests have more influence than you might think. It appears that you trust legislators to represent their constituency of people, when most of the time they only represent their constituency of money.

 

[Loke]

Im a registered Mac developer, just to lend the same credibility as the quoted article, and Ive got a few comments which might set things in perspective:

1. Claiming that the developer Macs are only developer Macs, and that they do not reflect what the released Intel Macs would be like, is a completely absurd claim. Apple does not spend thousands of dollars deploying developer boxes which does not at least have some relation to the final product. It is in fact a more than likely chance DRM will be integrated on the shipped Intel Macs *because* they are present on the developer boxes. There is a reason developers always get a "glimpse" into the future of Apples product line - they get to prepare for whats to come.

2. You have to realize that the Macintosh plattform essentially is a closed source plattform. Finding out what a closed source plattform with integrated TCPA support is capable of, is likely very difficult unless experiencing the lock-out yourself - in which case it is too late (obviously).

3. The TPM chip in question is protected with a RSA encryption key pair, and is virtually unhackable unless someone somewhere made a flaw in the actual design around the TPM chip. You could essentially spend thousands of years trying to brute force the RSA key pair with all the computing power in the world, and still not succeed. This is serious ****.

4. The worst aspect of this turn of events, by far IMO, is the possibility for 3rd party developers using the TPM module. It doesnt matter if Apple plays nicely - others can still utilize it for extended control.

5. Expect Dell, Gateway, IBM and others to follow this move shortly, most likely with the introduction of MS Windows Vista. In fact, several vendors have already been shipping TPM chips in their systems for some time, especially laptops. The next version of MS Windows Vista will support the TCPA plattform to full extent. So it is reasonable to assume that most big players in the market are in this together, which they ultimately will have to in order to succeed.

6. IMHO, the article claiming that Apple does not use TPM is questionable at best. Id rather trust the hackers at OSx86, than some anonymous registered Apple developer. Consider yourself warned...

Finally, for you who wonder how a TCPA plattform is able to control your environment, this post was published on www.slashdot.org earlier this week by (apparantly) someone experienced with the plattform. Note, this is worst case scenario from a users POV - but entirely possible today and not sci-fi:

To begin with, the first application that boots up, typically the BIOS (probably UEFI but any other choice really), if written to do so can refuse to allow any application to start which isn't signed by one of the keys securely stored in the TPM. The BIOS will check the TPM for a matching key for the OS, and if it matches, will allow it to start. Conversely, if the key doesn't match (for example, a bootleg OS), the BIOS can just stop right there. Keep in mind, this is the BIOS handling this, not the TPM, but there is no way to tamper with the TPM to change the keys.

Now, once a trusted OS is able to start, it can decide pretty much autocratically what other applications can start, once again using the keys locked down by the TPM to check if they are legit or not. So, programmatically, the TPM doesn't make the decision to lock you out of using non-vendor applications, but it's just as well as if it did, because the OS writer can easily use the TPM's secure, untamperable storage to enforce it. (Note that the motherboard supplier can cooperate with the OS writer to initialize the TPM with the appropriate keys right out of the factory (if they wanted to).

Other applications, if they are also signed by the TPM, may be granted the privilege (by the OS) to start and, specifically, to lock down data, such as video, in order to provide DRM functionality. If that decision is made, there is no way you will see that video through any other application unless the application governing the data allows otherwise. That data can basically be owned entirely by the application vendor, not you (as different from what the TCG claims, because no one's going to enjoy watching encrypted video gibberish. You can technically "own" the gibberish, but you still can't watch the video...). You may have a choice to delete a video, for example, but not to view it unless that vendor allows it. It is a backdoor way of implementing the media (DVD, CD, etc.) equivalent of the broadcast flag, if the app writer and OS vendor cooperate to that effect.

Unsigned applications may be allowed to start too, and the TCG spec says that this is in the "user's" control, but let's face it, it's really in the OS vendor's control because they control the machine all the way from bootup. There isn't a little switch on the TPM chip to allow you to override your OS' choice in the matter. Still, it's possible that Apple will waive this by default to allow older non-TPM aware apps to function. At any time in the future, though, an OS update can wipe out the previous policy with a new one. It doesn't seem like you'll be smelling like a flower by putting Vista on your system, either.

So, what this means is that you are entirely at the mercy of the OS vendor to allow you access to the data on your system, and in general, to the full capabilities of your system, including what you can plug into it.

You'll have to hope that they'll never bring it to full spec and use even half of the loopholes in it. As a consumer, you normally have right of refusal of damaged goods, but it looks like the TCG consortium wants to wait until we are all switched over to TPM boards and past warranty before shoving the vendor keys down our throats. From there, we're basically as locked in as they, and their vendor friends, want us to be.

I consider it already damaged, because the concept of entrusting complete control of my computing environment to vendors is an unacceptable lack of choice and a recipe for abuse, and that's where I draw the line and stop paying. I'm not going to wait for them to actually abuse it and turn me into a pay-per-click popup watching sucker for trusting them.

 

[Mechcozmo]

PKI = Public Key Infustructure. To use a simple analogy, imagine you have a lock, and a key broken in 1/2. You can lock the lock with one half of the key, but you need both halves to unlock it. You can send 1/2 the key to a friend, and they can lock (encrypt) information with it. Even if someone intercepts the 1/2 of the key you sent them and the locked box coming back, they can't figure out what the other 1/2 of the key should be.

Any questions?

Yeah... if I am monitoring packets and I capture both halves of the key that have been sent from person A to person B and from person B to person A, doesn't that mean I can decrypt their data? Because I'd have both halves of the key?

 

[shamino]

*sigh*

It's incredible how paranoid people get over something they know nothing about.

The chip in question does not do a thing without software support. It has specialized hardware that can run encryption/authentication algorithms very fast, but that's about it.

If you want to use it to restrict what kind of system software you install, then the ROM code must be designed to use the chip in that capacity. If an OS wants to use it to restrict what computers it installs onto, the OS must be designed to use the chip in that capacity.

You should realize that everything this chip does can also be done in software. A ROM can restrict what boots without this chip - it will simply take longer to run whatever encryption/decryption is necessary.

As for restricting what software you can run, again this requires the operating system to do the work. The chip can make the DRM algorithms run faster, but that's all it will do. An OS can do all the same things without the chip. The chip can not impose any restrictions on software without support from the OS.

If Apple wants to implement some kind of system-wide DRM (and all indications are that they are not going to do this) they can do so with or without this chip. The chip may make it easier or faster, but that's it.

Assuming that this chip ends up in production Macs (which it may not) and assuming Mac OS uses it for anything (which it may not), here is what I think it will be used for:

• Make sure Mac OS doesn't run on non-Apple computers.
• Provide a DRM-API for applications to use for their own documents. This would make programs like iTunes (which already use DRM) run a bit faster, and it would allow third-party apps to apply DRM to their own documents with a minimum of software development.
• Provide a facility where software publishers can get most of the benefits of a security-dongle without having to actually ship dongles to customers.
• Provide a facility where a system administrator (the owner or an IT department) to restrict what applications are installed. For home users, parents can keep their kids from installing unwanted programs. For corporate users, an IT department can restrict computers to only using the corporate-standard software suite.
• Provide a unique serial number for software registration, to prevent piracy.

These are what I think Apple may want to use the chip for. Not necessarily what it will be used for. Note also that every single one of these things can be implemented right now, without any special chips. This chip just makes the code run faster.

I am certain that Apple will NOT use it to:

• Apply DRM to all your documents whether you want it or not
• Force application developers to apply DRM to their documents
• Alert law enforcement/Microsoft/the boogieman whenever DRM-authorization fails
• Prevent the computer's administrator (owner or IT group) from installing any software he wants to install.
• Prevent you from installing Linux/Windows/whatever. Apple has explicitly stated that they will not take steps to prevent this.

If Apple wanted to do any of this nonsense, it could do it right now, without any special chips. The fact that they have done nothing even close to these speaks volumes.

 

[Rod Rod]

anyone who claims that piracy drives software prices up should check the digidesign website for their 800 dollar eqs which are protected by the ilok.

Weak! The example you're citing is very very specialized software with a super tiny target market. The per unit development cost is going to be significantly higher with such products. If you're going to steal, either have a conscience about it or don't, but do yourself a favor and stop justifying yourself with specious claims. Cognitive dissonance is unhealthy for you.

 

[siliconjones]

Im a registered Mac developer, just to lend the same credibility as the quoted article, and Ive got a few comments which might set things in perspective:

1. Claiming that the developer Macs are only developer Macs, and that they do not reflect what the released Intel Macs would be like, is a completely absurd claim. Apple does not spend thousands of dollars employing developer boxes which does not at least have some relation to the final product. It is in fact a more than likely chance DRM will be integrated on the shipped Intel Macs *because* they are present on the developer boxes. There is a reason developers always get a "glimpse" into the future of Apples product line - they get to prepare for whats to come.

2. You have to realize that the Macintosh plattform essentially is a closed source plattform. Finding out what a closed source plattform with integrated TCPA support is capable of, is likely very difficult unless experiencing the lock-out yourself - in which case it is too late (obviously).

3. The TPM chip in question is protected with a RSA encryption key pair, and is virtually unhackable unless someone somewhere made a flaw in the actual design around the TPM chip. You could essentially spend thousands of years trying to brute force the RSA key pair with all the computing power in the world, and still not succeed. This is serious ****.

4. The worst aspect of this turn of events, by far IMO, is the possibility for 3rd party developers using the TPM module. It doesnt matter if Apple plays nicely - others can still utilize it for extended control.

5. Expect Dell, Gateway, IBM and others to follow this move shortly, most likely with the introduction of MS Windows Vista. In fact, several vendors have already been shipping TPM chips in their systems for some time, especially laptops. The next version of MS Windows Vista will support the TCPA plattform to full extent. So it is reasonable to assume that most big players in the market are in this together, which they ultimately will have to in order to succeed.

6. IMHO, the article claiming that Apple does not use TPM is questionable at best. Id rather trust the hackers at OSx86, than some anonymous registered Apple developer. Consider yourself warned...

Finally, for you who wonder how a TCPA plattform is able to control your environment, this post was published on www.slashdot.org earlier this week by (apparantly) someone experienced with the plattform. Note, this is worst case scenario from a users POV - but entirely possible today and not sci-fi:

Is there an instruction set for interfacing with the TCPA chip? I'm not a developer but is that what they call an API?

 

[shawnce]

Claiming that the developer Macs are only developer Macs, and that they do not reflect what the released Intel Macs would be like, is a completely absurd claim. Apple does not spend thousands of dollars employing developer boxes which does not at least have some relation to the final product.

Just look at the darn developer kit system. It is a simple Intel mother board, it is basically an Intel's designed and built mother board thrown into a existing PM G5 case (nothing fits well, etc.). Apple spent little to no money on getting this thing out to developers. It simply exists to get software level developers going on an x86 system.

Sorry you are way off in your statement...

 

[siliconjones]

Yeah... if I am monitoring packets and I capture both halves of the key that have been sent from person A to person B and from person B to person A, doesn't that mean I can decrypt their data? Because I'd have both halves of the key?

No you would only have both public keys. No loss of security. Would you like my public key. I'll give it to you if you ask nicely. No packet sniffing necessary.

 

[shamino]

Come on people, Apple's been doing this stuff forever. The original Macintosh had a boot ROM that wouldn't let the OS boot on a non Macintosh (infact, they say that trying to boot the System OS on a non Mac would give you a guy behind bars and flash "STOLEN" on the screen).

Not quite. See this story for the truth.

The original ROMs would produce a "stolen from Apple" icon if a particular code was typed into the system debugger. The code to produce the icon was obfuscated to make it difficult to detect.

The idea was that if some competitor would copy the ROMs (as Franklin did with the Apple II ROM), Apple people could type in the code, see the icon and prove that the ROM was copied and not reverse-engineered. This proof could later be used in court.

This DRM thing is nothing more than Apple trying to be more secure than they already are. The hardware serial may keep PPC OSX off general PPC hardware... but Apple obviously wanted to be more cautious with x86. Or it could be the same reason they're going with EFI/BIOS instead of OpenFirmware.

Or it could be red herring.

Please note that Apple has explicitly told developers to not assume anything about the system ROM. The fact that the developer machines have a generic PC BIOS does not mean the production models will. It may be BIOS, EFI, OpenFirmware, or something completely new.

Similarly, this chip may simply be present because Apple was using generic Intel motherboards for their prototype. If the OS isn't using the chip, then it is likely that the production Macs (which will almost certainly use motherboards built to Apple's specifications) won't have it. Why spend money integrating a chip you're not using?

 

[shawnce]

Yeah... if I am monitoring packets and I capture both halves of the key that have been sent from person A to person B and from person B to person A, doesn't that mean I can decrypt their data? Because I'd have both halves of the key?

His post had a few inaccuracies.

In general you keep "one half" of the key private, you never send it to anyone. That is the private key. Related to your private key is the other "half" of the key, the public key. You share this with others and they share their own public keys with you. Often public keys (one or more) are distributed in hash variable certificates that contain things like name, etc.

You use your private to sign data that you send to others and use it to decrypt data sent to you. Others use your public key to verify data that you sign and to encrypt data that they want to send to you. etc.

For strong data encryption you use PKI to exchange a shared key in a secure and trusted fashion and then use this shared key with a symmetric cypher (like AES).

 

[siliconjones]

Similarly, this chip may simply be present because Apple was using generic Intel motherboards for their prototype. If the OS isn't using the chip, then it is likely that the production Macs (which will almost certainly use motherboards built to Apple's specifications) won't have it. Why spend money integrating a chip you're not using?

No the chip is there because the OS is going to look for it to make sure the box is Apples. It will most definitely be there. As it needs to be to keep OS X x86 off of ROTM PCs. But there is nothing stopping Apple or third parties from using it for evil.