Difference between revisions of "Talk:TCPA/TCG - Trusted or Treacherous"

From ThinkWiki
Jump to: navigation, search
(pitsche's answer to Mr. "67.87.7.65")
 
(10 intermediate revisions by 6 users not shown)
Line 83: Line 83:
  
 
Wyrfel.
 
Wyrfel.
 +
----
 +
me too mabe another page with more tecnial data that shows what you can do and what you can't is goof
 
----
 
----
 
One more thing...
 
One more thing...
Line 148: Line 150:
  
 
--[[User:Pitsche|Pitsche]] 12:16, 6 Jul 2005 (CEST)
 
--[[User:Pitsche|Pitsche]] 12:16, 6 Jul 2005 (CEST)
 +
 +
----
 +
Yepp, we could do that - leave the list of ESS featured ThinkPads on the ESS page. I think we don't even need the 'clean'-list, since it is just every ThinkPad that doesn't have it. ;-)
 +
 +
However, i agree to "67.87.7.65" ;-) in his impression. He's right about that even of the ESS featured models, some don't have the chip. He's also right about that with the current implementation in ThinkPads you are pretty free to choose using it or not using it. Hence it's a feature. As i see it trouble arises from different sides... the software and the law. These both could eventually force you using it. However, i think there's no need to by a A30 or whatever, just because it doesn't feature that chip. You can buy any other ThinkPad, never enable the chip and be happy. What this article is good for, however, is to make people concious about both, what it really can do, and what privacy and security risks are involved with it.
 +
 +
And BTW, i think that your assumtion of IBM using the ESS name instead of TCG/TCPA to confuse people is a little paranoid. ;-) Look at any IBM page about the ESS and you'll find the words "TCG compliant" within the first sentences, linking to the TCG page. Being suspicious is good, but don't give in to speculations too much.
 +
 +
Wyrfel.
 +
 +
----
 +
Hello Wyrfel,
 +
 +
no, no, don't get me worng please. The new name by IBM is not to confuse people, but to have it copyrighted and stuff like that.
 +
 +
Gues why IBM is calling it UltraBay, Dell is calling it MediaBay and FixBay and the third Company I forgot the name of is calling it SelectBay?
 +
 +
Because they want to keep the rights of their names / marketing phrases and don't want to pay license fees to the competitors.
 +
 +
For example even the Nike Logo (called "swoosh") is protected due to heavy brand pirating in developing countires and china.
 +
 +
Sniff, I am *not* paranoid.
 +
 +
(-:
 +
 +
--[[User:Pitsche|Pitsche]] 21:26, 6 Jul 2005 (CEST)
 +
 +
----
 +
 +
Hi, ok, ok. That's just what i think, but when you originally posted it it sounded like a reference to the TCPA/TCG releated name changes. I'm glad that you're not paranoid. ;-) Wyrfel.
 +
----
 +
 +
== Not sure where to begin... ==
 +
 +
Hi, I started to edit the Open-Source Software section, but then realized that I'd basically end up deleting it, and didn't want that w/o discussion.
 +
 +
There's no certification process for trusted computing applications at all, anywhere. Right now, you can write an app using trousers, the Trusted Computing Software Stack for Linux, and distribute it as widely as you'd like. Everyone with a TPM would be able to use it on Linux w/o restrictions, just like any other app.
 +
 +
In other sections of the doc, there is discussion on how difficult it is to separate Palladium and TC. This should not be difficult at all...  Palladium is a massive set of technologies built on top of a TSS Stack for windows.  Right now, very few apps have been written for Linux and its TSS.
 +
 +
ALso, how can I get my thinkwiki username to appear after my posts?
 +
Thanks, shpedoikal
 +
----
 +
Hi, if you are logged in, you can use <nowiki>~~~~</nowiki> at the end of your posts. It will be replaced by your user name and a date stamp. Or you just write it manually.
 +
 +
Concerning the OpenSource-Section...i think this section being here offers us two things to fill it with: statements about OpenSource projects dealing with TC like TrouSerS and notes about the threat that technics like remote attestation would incline.
 +
 +
Wyrfel
 +
----
 +
 +
Ok, I'll make some changes...
 +
 +
[[User:Shpedoikal|shpedoikal]] 18:15, 14 Jul 2005 (CEST)
 +
 +
== EFF has it right: Remote Attestation is the primary concern ==
 +
 +
I believe the EFF has it right when they say that Remote Attestation is the primary concern with TCPA/TCG.  The other features only pose a threat to the owner of the system if said owner cannot trust the software running on the system, because they could allow that software to conceal things from the owner, and detect attempts to run the software in a manner not desired by the software author (such as with audio/video drivers that save copies, or with remote-access software).  Thus, the other features pose no threat to anyone running Free Software on a system with TCPA/TCG, and could in fact be used to the owner's benefit.
 +
 +
Remote Attestation is the only feature which can affect you even if you don't use it.  Service providers could use remote attestation to avoid providing their services to those not running a desired configuration.  Refusal to attest your system would be treated the same as a failed attestation: no access.  This could mean no media download, or no network access, or no online shop purchase, etc.  It would no longer be possible to run "compatible" clients, which the Free Software community has been astoundingly good at creating even for many obscure protocols and services.
 +
 +
Essentially, Remote Attestation would take away your ability to have your computer say things like "Uh, yeah, I'm running IE7 on Windows Vista, sure!", "Yeah, this is iTunes 42.9 requesting purchase of music file blah.m4p", and "Yes, of *course* I'm just going to stream this file and delete it after viewing, I certainly wouldn't want to download it to watch over something faster than my slow Internet connection".
 +
-- [[User:71.111.48.191|71.111.48.191]] 07:44, 25 Jul 2005 (CEST)
 +
 +
 +
== TCPA USES AND IMPLEMENTATION==
 +
there is many different uses possibles from free-software such as NFS or networking or others evil uses from microsoft
 +
 +
so it could be good to detail the implementation of tcpa in order to show how this can be used...
 +
for example how is it related to the bios and to what extend that can be used or misused
 +
 +
or what about the key that is stored in the chip...is this key retriviable
 +
that is very important because you could render reverse-engeenering useless with such technology by crypting data and so render impossible reverse-engeenering formats

Latest revision as of 16:28, 26 January 2006

Discussion about the article "Trusted or Treacherous"

Please add you comments here.

You can use the "Plus"(+)-Button next to the "edit"-button at the top of this page to add you comments at the right spot ;-)

--Pitsche 11:38, 4 Jul 2005 (CEST)

Plagiarism?

Large parts of this article apparently consist of unattributed, near-verbatim excerpts from a SANE2004 paper by Weis, Lucks, and Bogk, TCG 1.2 - fair play with the 'Fritz' chip?. Regardless of whether one believes that general political/ethical concerns about Trusted Computing belong on a Thinkpad-specific site, wholesale copying of unidentified, and presumably copyrighted, material is not cool, and could get the whole project in trouble.

I would suggest that the non-original parts of this article be removed and replaced by an external link to the above-mentioned paper; any particularly crucial short excerpts (as permitted by "fair use") should be clearly identified as such. The specific information about how the TCG specifications are implemented on various Thinkpad models can stay, of course.

The Source is under Creative Commons, isn't it?

Hello Andrzej,

yes, you are right, another version of this text on a website of the presentation of the annual chaos computer club is one of my sources, but I think, that one is under creative commons license by-nc-sa 2.0 de. And are the presentations of the chaos computer congress not also free unless the speakers don't want it??????

This license allows to copy, distribute, display, perform or modify the text as long as it is published under exactly the same creative commons license and licensees may not use the work for commercial purposes - unless they get the licensor's permission.

My problem was, I had a lot more sources in a different language than english and my first drafts were way to long!

It didn't worked to keep it that short but detailed, as Ruediger and Adreas wrote it.

But if you think, after my explanation the actual version is still problematic, I will delete it of course!

--Pitsche 21:12, 4 Jul 2005 (CEST)


If the original authors have explicitly published the text under a suitably permissive CC license, there should be no legal problem in using it in a ThinkWiki article. Even in that case, however, the source needs to be clearly identified, and there should be a link to the complete original article.

-- Andrzej


Okay Andrzej, I will work on that and tell all of you about it in the coming days, if I have enough time for it.

Unless that, feel free to take out the critical passages of the article or modify it, if you have the time and if you want to do it.

But there is a problem: I slightly changed the text, put two sentence together to one etc. How can I now cite the source?

--Pitsche 21:38, 4 Jul 2005 (CEST)


No problem; just say that your ThinkWiki article is based on the Weis et al. paper, and give a reference. The parts of their text that you include don't have to be verbatim copies; indeed, the whole point is that you are creating a derived work (e.g., by bringing in material from other sources), which they supposedly explicitly allow in the CC license. To be on the safe side, you should probably also include a link to a web page documenting that the original text is indeed freely licensed, or say that you have personally obtained permission from the authors.

-- Andrzej


Agreed. There should be a general statement in the article about the source the article is derived from, or rather sources - i seem to have used different sources of information for some of my edits. ;-) I'll add mine on next edit.

Wyrfel.

Thanks for your work, i like it

Hello Wyrfel,

thank you very much for editing and restructering of that article.

I think, I know know what you and Andrzej want and I will try in he next days, to change the article in that way, okay?

P.S.: I don't know, why I loose my logged-in status from time to time, perhaps my connection. I am sorry, that there are IP-Adresses instead of my unsername "pitsche", I hope, no one gets confused, which edit is by me and which one by someone else :-o

Sorry.

--Pitsche 21:15, 4 Jul 2005 (CEST)


About your login status: ThinkWiki doesn't cache logins. This means everytime your connection breaks or your browser closes you will have to login again. But don't worry, we can figure out what's from you and if not - it's a Wiki. ;-) I'm doing a lot of edits without being logged in as well.

Wyrfel.


No exact TCG specifications needed

Hello again!

I am against writing about the specific specifications, because it will make the article longer and everybody, who is really interested in the specifications has several possibilities to get it for free in the WWW or from Cryptolabs.org or from the CCC.

--Pitsche 21:22, 4 Jul 2005 (CEST)


I think the TCG specifications should appear there somewhere. At least at current state of my knowledge about the subject i'd think that having them there is helpful for the user to understand what ESS 1 and 2 are capable of. Of course we shouldn't post the whole specs, but some really compressed summary, similar to the 'feature-list' in "TC - Trusted Computing". Pitsche, if you could point me to them i could do it. Also, a link to the original TCPA specs would be good. The links themselves should be added to the Links section.

That's it so far...i like the way we work on this.

Wyrfel.


me too mabe another page with more tecnial data that shows what you can do and what you can't is goof


One more thing...

I think the TCPA implementation in current ThinkPads is pretty harmless. At least at it's current software state. You just don't use it (respectively don't install the supporting software layer) and it never gets active. One interesting aspect of finding out what the chip is capable of is if it could be forced to be used by later software upgrades or not.

Wyrfel.


Hello Wyrfel!

I also like the way we work on this article. I think, their will be a improvement in the end, that makes everybody happy and is interesting for the users of the ThinkWiki.

Now to your comments:

  1. I deleted the 'exact' TCG-Specifications, because there is a paragraph about ESS 1.0 and ESS 2.0, where I think the informations should be placed about how much TCG is in ESS, "what ESS 1 and 2 are capable of" and "if it could be forced to be used by later software upgrades or not" (qutoes from you). Correct me if I am wrong, but otherwiese it would be included two times in the article. Or am I making a mistake here?
  2. I agree with you: At least one hyperlink to the TCG-Specifications should be included in the "Related Links" (right now it is No. 9 in the Table Of Contents). Perhaps on wednesday or thursday I will do this...
  3. I don't know, if the TCPA implementation in current ThinkPads is pretty harmless. I understood Ruediger and Andreas in their presentation at the 21. Chaos Communication Congress very different to that, because the were referring almost only to IBM and Microsoft.
It might be a rhetorical technique to fascinate their audience and to keep them awake and following. But my impression of them both was, that they are very concerned scientist (or at least CCC-Activists), who really see the current TCG-Implementations that problematic. And I also felt that they don't need to panic the people just for getting more attention and that they would'nt be disappointed, if they could turn their attention to something else and did'nt have to fight against TCPA/TCG/Palladium :-)

P.S.: Effeff, well, how do I say this, hmmm, does anybody know, where I can find a list of 'common market prices' in USD or Euro for used ThinkPads?

Perhaps something like this www.macnews.de/index.php?_mcnpage=6760 ???? "Jehova, Jehova, Jeh- outch!" ;-)

Background: I was offered a not so much used ThinkPad A30 with a SXGA+ - TFT-Display without any pixelerrors, but some problems at the drive slot at the right side. Specs of it are: CPU 1.0 Ghz, RAM 512 MB, HDD original IBM 60 GB with 5400 rpm and CD-RW/DVD-ROM-Combo drive...

I have much difficulty for naming a price, because I am not familiar with the cost of repairing that drive slot. At eBay I found some A30p around 600,- Euro and a A22p for 529,- Euro -- is the A30 between? :-o

Thanks!

--Pitsche 01:37, 5 Jul 2005 (CEST)

a bit paranoid?

1) The Embedded Security Subsystem page already contains a list of ThinkPad's that might have the security chip, no need to start listing older machines that predate it.

2) And noticed how I said might, because some of the ThinkPads listed had the security chip as a feature that was not available on every model in the range. You can see this on the individual ThinkPad product pages, as it will say that it was available on select models. So for example it is perfectly possible to get a second-hand R40, T40 or X31 without the chip. If you want to know the exact type-model of machines with or without the securitychip, look at tawbook.pdf or trwbook.pdf

3) To my knowledge, the chip is disabled by default on every machine that has it, you need to manually enable it in the BIOS first. I have three ThinkPads currently, two have the security chip, and neither Windows or Linux is able to detect it in the disabled state.

4) Ironically Linux actually has better support for it then windows out-of-the-box. The latest Linux kernels have a driver for it, while MS is not shipping anything that supports it, and will not for some time.


Hello Mr. "67.87.7.65",

thanks for your comments, much appreciated.

TC can be a good thing, but what TCG (formerly TCPA) wants, can't be a good thing at all and that has nothing to do with paranoia. At least I hope I am not paranoid, just critical about every marketing phrase :-)

I am sorry, if you got the impression, that the ThinkPad models with E.S.S. 1.0 or 2.0 are treacherous. To be honest, I don't have a ThinkPad (not yet) and therefore I can't see for myself, how and what TCG-specs are implemented.

As stated before, Ruediger and Andreas were mostly talking about IBM and MS in their presentation at the 21. Chaos Communication Congress in December 2004 and they seem to talk about this topic for some years now, not only at the congress.

Other sources together with their presentation at 21C3 let me come to the conclusion, that you can't belive the statements of the TCG and their members concerning your (cyber) civil rights and your right of freedom of choice as user and owner of degitial devices such as laptops equipped with a 'Fritz'-chip.

I thought, the article about E.S.S. was a little bit too superficial and the dispute and the critics were not mentionend at all. The EMbedded Security Subsystem sounded like a fantastic thing, that every laptop building and selling company should implement. But why was IBM using that new name and not 'Fritz'-chip or TCG or TCPA? Guess why... :-)

On the other side, my article was / is very much about the dispute and the critics. Okay. Perhaps I can shorten this a litte bit more, add some stuff from the TCG in it (like Wyrfel asked for) etc.

And I have a suggestion to make:

How about putting the list of "TCPA/TCG clean models" into the E.S.S.-article and leaving "Trusted or Treacherous" to talk only about Trusted Computing, the TCG-sepcs and the dispute about that specs and giving the readers the hyperlinks so that they can make a judgement by their own???

ThinkWiki would be free of that 'conflict', the copied text paragraphs would be gone, the discussion could end, etc.

--Pitsche 12:16, 6 Jul 2005 (CEST)


Yepp, we could do that - leave the list of ESS featured ThinkPads on the ESS page. I think we don't even need the 'clean'-list, since it is just every ThinkPad that doesn't have it. ;-)

However, i agree to "67.87.7.65" ;-) in his impression. He's right about that even of the ESS featured models, some don't have the chip. He's also right about that with the current implementation in ThinkPads you are pretty free to choose using it or not using it. Hence it's a feature. As i see it trouble arises from different sides... the software and the law. These both could eventually force you using it. However, i think there's no need to by a A30 or whatever, just because it doesn't feature that chip. You can buy any other ThinkPad, never enable the chip and be happy. What this article is good for, however, is to make people concious about both, what it really can do, and what privacy and security risks are involved with it.

And BTW, i think that your assumtion of IBM using the ESS name instead of TCG/TCPA to confuse people is a little paranoid. ;-) Look at any IBM page about the ESS and you'll find the words "TCG compliant" within the first sentences, linking to the TCG page. Being suspicious is good, but don't give in to speculations too much.

Wyrfel.


Hello Wyrfel,

no, no, don't get me worng please. The new name by IBM is not to confuse people, but to have it copyrighted and stuff like that.

Gues why IBM is calling it UltraBay, Dell is calling it MediaBay and FixBay and the third Company I forgot the name of is calling it SelectBay?

Because they want to keep the rights of their names / marketing phrases and don't want to pay license fees to the competitors.

For example even the Nike Logo (called "swoosh") is protected due to heavy brand pirating in developing countires and china.

Sniff, I am *not* paranoid.

(-:

--Pitsche 21:26, 6 Jul 2005 (CEST)


Hi, ok, ok. That's just what i think, but when you originally posted it it sounded like a reference to the TCPA/TCG releated name changes. I'm glad that you're not paranoid. ;-) Wyrfel.


Not sure where to begin...

Hi, I started to edit the Open-Source Software section, but then realized that I'd basically end up deleting it, and didn't want that w/o discussion.

There's no certification process for trusted computing applications at all, anywhere. Right now, you can write an app using trousers, the Trusted Computing Software Stack for Linux, and distribute it as widely as you'd like. Everyone with a TPM would be able to use it on Linux w/o restrictions, just like any other app.

In other sections of the doc, there is discussion on how difficult it is to separate Palladium and TC. This should not be difficult at all... Palladium is a massive set of technologies built on top of a TSS Stack for windows. Right now, very few apps have been written for Linux and its TSS.

ALso, how can I get my thinkwiki username to appear after my posts? Thanks, shpedoikal


Hi, if you are logged in, you can use ~~~~ at the end of your posts. It will be replaced by your user name and a date stamp. Or you just write it manually.

Concerning the OpenSource-Section...i think this section being here offers us two things to fill it with: statements about OpenSource projects dealing with TC like TrouSerS and notes about the threat that technics like remote attestation would incline.

Wyrfel


Ok, I'll make some changes...

shpedoikal 18:15, 14 Jul 2005 (CEST)

EFF has it right: Remote Attestation is the primary concern

I believe the EFF has it right when they say that Remote Attestation is the primary concern with TCPA/TCG. The other features only pose a threat to the owner of the system if said owner cannot trust the software running on the system, because they could allow that software to conceal things from the owner, and detect attempts to run the software in a manner not desired by the software author (such as with audio/video drivers that save copies, or with remote-access software). Thus, the other features pose no threat to anyone running Free Software on a system with TCPA/TCG, and could in fact be used to the owner's benefit.

Remote Attestation is the only feature which can affect you even if you don't use it. Service providers could use remote attestation to avoid providing their services to those not running a desired configuration. Refusal to attest your system would be treated the same as a failed attestation: no access. This could mean no media download, or no network access, or no online shop purchase, etc. It would no longer be possible to run "compatible" clients, which the Free Software community has been astoundingly good at creating even for many obscure protocols and services.

Essentially, Remote Attestation would take away your ability to have your computer say things like "Uh, yeah, I'm running IE7 on Windows Vista, sure!", "Yeah, this is iTunes 42.9 requesting purchase of music file blah.m4p", and "Yes, of *course* I'm just going to stream this file and delete it after viewing, I certainly wouldn't want to download it to watch over something faster than my slow Internet connection". -- 71.111.48.191 07:44, 25 Jul 2005 (CEST)


TCPA USES AND IMPLEMENTATION

there is many different uses possibles from free-software such as NFS or networking or others evil uses from microsoft

so it could be good to detail the implementation of tcpa in order to show how this can be used... for example how is it related to the bios and to what extend that can be used or misused

or what about the key that is stored in the chip...is this key retriviable that is very important because you could render reverse-engeenering useless with such technology by crypting data and so render impossible reverse-engeenering formats