Difference between revisions of "TCPA/TCG - Trusted or Treacherous"

From ThinkWiki
Jump to: navigation, search
(Trusted or Treacherous???)
(restructured the whole article still a lot of work to do to make it more factual and understandable)
Line 1: Line 1:
== Trusted or Treacherous??? ==
+
{| width="100%"
 +
|style="vertical-align:top;padding-right:20px;white-space:nowrap;" | __TOC__
 +
|style="vertical-align:top" |
 +
<div style="margin: 0; margin-right:10px; border: 1px solid #dfdfdf; padding: 0em 1em 1em 1em; background-color:#F8F8FF; align:right;">The Members of the Trusted Computing Group (TCG), formerly the Trusted Computing Platform Allience (TCPA), are working on a paradigm shift in information technology, which could become the biggest change of the information landscape since decades.
  
You own a ThinkPad build after the year 2000? Or you want to buy a brandnew ThinkPad from Levono (IBM)? Do you want to know, what the Embedded Security Subsystem is doing (or can do) in your ThinkPad?
+
This article tries to gather information about the implications of the TCPA and TCG effords. To many users these implications seem rather treacherous than trustworthy. This article tries to give a short summarized overview over the facts from a rather netral point of view.
  
If you answer one or all of these questions with yes, read on :-) This is about Trusted Computing, TCPA, Palladium, the "Fritz"-Chip, Digital Rights Management and your freedom of choice. At the end of this article you find related hyperlinks to this important topic for computer users.
+
We will start with a quote:
  
{{NOTE|The following quote is a very short version of the promises and risks of Trusted Computing as the TCG wants it.  
+
''"It is clear that trusted computing hardware provides security benefits, if software is prepared to take advantage of it. But trusted computing has been received skeptically and remains controversial. Some of the controversy is based on misconceptions, but much of it is appropriate, since trusted computing systems fundamentally alter trust relationships. Legitimate concerns about trusted computing are not limited to one area, such as consumer privacy or copyright issues.'' <br />
 +
''We have at least two serious concerns about trusted computing. First, existing designs are fundamentally flawed because they expose the public to new risks of anti-competitive and anti-consumer behavior. Second, manufacturers of particular "trusted" computers and components may secretly implement them incorrectly."'' <br />
 +
''Source: [http://www.eff.org/Infrastructure/trusted_computing/20031001_tc.php Electronic Frontier Foundation]''</div>
 +
|}
  
After the quote, I will provide you with more informations, but reading only the following quote will give you at least a litle impresion...
+
==TC - Trusted Computing==
 +
Recently, the number of known security incidents has been dramatically increasing. Thus, security issues in computer industry have been pushed forward. So far, digital content on computers couldn't be efficiently protected since every security mechanism accessible by software could always be circumvent by software.
  
''"Where's the problem?''
+
The idea of Trusted Computing is to provide a hardware layer that cares for
 +
* storage of security related data like keys, certificates and checksums
 +
* encryption and decryption
 +
* validation of certificates
 +
* (Remote) Platform Attestation (''meaning that somebody can check the state of your personal computer over the internet'')
 +
* Sealing (''meaning binding data to a specific platform and application'')
  
''It is clear that trusted computing hardware provides security benefits, if software is prepared to take advantage of it. But trusted computing has been received skeptically and remains controversial. Some of the controversy is based on misconceptions, but much of it is appropriate, since trusted computing systems fundamentally alter trust relationships. Legitimate concerns about trusted computing are not limited to one area, such as consumer privacy or copyright issues.'' <br />
+
Since this way the hardware can handle security management without any software being able to access the security data (like a Black Box). Moreover, the whole software layer can be 'monitored' by the hardware through the use of checksums. Hence the TCPA layer can recognise changes to the software layer and block the whole system from starting, this way keeping malicious software from running at all.
''We have at least two serious concerns about trusted computing. First, existing designs are fundamentally flawed because they expose the public to new risks of anti-competitive and anti-consumer behavior. Second, manufacturers of particular "trusted" computers and components may secretly implement them incorrectly.'' <br />
 
''[...]'' <br />
 
''Conclusion''
 
  
''We recognize that hardware enhancements might be one way to improve computer security. But treating computer owners as adversaries is not progress in computer security. <br />'''The interoperability, competition, owner control, and similar problems inherent in the TCG and NCSCB approach are serious enough that we recommend against adoption of these trusted computing technologies until these problems have been addressed. Fortunately, we believe these problems are not insurmountable''', and we look forward to working with the industry to resolve them."''
+
==A short history of TCPA, TCG, Palladium and NSCB:==
 
+
* 1999: The Trusted Computing Platform Alliance (TCPA) is founded by Intel, Microsoft, HP, Compaq and IBM.
Quote in italic, bold emphasis by [[User:Pitsche|Pitsche]], Source: [http://www.eff.org/Infrastructure/trusted_computing/20031001_tc.php Electronic Frontier Foundation].}}
+
* February 2002: The TCPA Main Specification Version 1.1b is being published.
 
+
* early 2003: In the beginning of 2003 the name is changed to "next-generation secure computing base" (NGSCB).
=== Background: ===
+
* April 2003: The Trusted Computing Group (TCG) is founded by AMD, HP, IBM, Intel and Microsoft.
 +
* Summer 2004: The NGSCB effort seems to have stopped.
  
Recently, the number of known security incidents has been dramatically increasing. Thus, security issues in computer industry have been pushed forward.  
+
==The TCPA==
 +
Founded 1999 by Compaq, HP, IBM, Intel and Microsoft, the TCPA counts around 200 members by now, among them Adobe, AMD, Fujitsu-Siemens, Gateway, Motorola, Samsung, Toshiba and many others.
  
The Trustworthy Computing Initiative by Microsoft and other members of the Trusted Computing Group (TCG) are working on a paradigm
+
ToDo...
shift in information technology, which will be the biggest change of the information landscape since decades.
 
  
The new concept is to place an especially "trusted" observer (a.k.a. "Fritz"-Chip, a secure cryptographic coprocessor) into information handling devices, to prevent even the device owner from certain operations.  
+
==The TCG==
 +
As successor of the TCPA, the TCG was founded by AMD, HP, IBM, Intel and Microsoft in April 2004.
  
In this context, "trusted" thus means that the owner of the information can trust the device, and verify that the device's "trustworthiness", while on the other hand the device owner no longer has full control over her device.
+
ToDo...
  
According of a lot of technical analysis most researchers have fundamental critics on the main design considerations. The new infrastructure will offer '''only minor protection against worms and viruses'''.  
+
===TCG 1.1===
On the other hand Trusted Computing offers a lot of features which can be used to protect the personal computer against the users.
+
ToDo...
 
 
Compared to this, positive features like a more secure hardware storage for cryptographic keys seem to be a very small benefit.
 
  
Additionally, the market domination of Microsoft, obscurities regarding the needed trust infrastructure and a heap of patents have lead to critical evaluations from cryptographers, privacy organizations and European institutions. <br />
+
===TCG 1.2===
Because of this pressure the Trusted Computing Group has modifed its proposal. The recent specification is "TCG 1.2".
+
ToDo...
  
=== A short history of TCPA, TCG, Palladium and NSCB: ===
+
==TCG Hardware Architecture==
 
+
The Trusted Platform Module (TPM) (a.k.a. "Fritz"-Chip) is the central building block of the TCG architecture and the first implementation can be seen as just a hardwired smart card.
* 1999: The Trusted Computing Platform Alliance (TCPA) is founded by Intel, Microsoft, HP, Compaq and IBM.
 
* 2002: The TCPA Main Specification Version 1.1b has been published in February 2002.
 
* 2003: The Trusted Computing Group (TCG) is founded in April 2003 by AMD, HP, IBM, Intel and Microsoft.
 
 
 
:Compared with the TCPA the TCG is less democratic organized and the high membership fees obstruct the possibilities for small companies and non profit organizations to participate.
 
 
 
* Microsofts own concept for 'Trustworthy Computing', "Palladium", is expected to cost some hundreds of million cash.
 
* In the beginning of 2003 the name was changed to "next-generation secure computing base" (NGSCB).
 
* In summer 2004 the NGSCB effort seems to have stopped.
 
 
 
What is all the name changing about? <br />
 
Some say, that the change was a reaction to the negative publicity, because Palladium and TCPA was soon equated with a 'Nineteen Eighty-Four'-Scenario of an 'Orwellian society', the ever-present, all-seeing 'Big Brother' and other privacy issues.
 
 
 
=== TCG Hardware Architecture ===
 
 
 
The "Trusted Platform Module (TPM)" (a.k.a. "Fritz"-Chip) is the central building block of the TCG architecture and the first implementation can be seen as just a hardwired smart card.  
 
  
 
There are also discussions to integrate the whole functionality into the main processor, which would increase resistance against tampering attacks (see also Intel "LaGrande").
 
There are also discussions to integrate the whole functionality into the main processor, which would increase resistance against tampering attacks (see also Intel "LaGrande").
  
The most important services of the TCG specifications are:
+
There have also been two important critiques regarding the hardware security of the "Trusted Platform Modules (TPM)".
* Hardware storage for cryptographic keys
+
*The first one has been the insuficient security certification against hardware attacks. In TCG 1.2 this critique has been addressed by an improvement of the hardware requirements. It has to be seen how strong the resistance against sophisticated attacks at intensively daily usage will be.
* Secure booting
+
*The second one addreses the 'black box'-characterisitcs and risk 'hidden channels' in the TCG-Hardware, which can be easily implemented and used to send secret information to third parties.
* (Remote) Platform Attestation (''meaning that somebody can check the state of your personal computer over the internet'')
 
* Sealing (''meaning binding data to a specific platform and application'')
 
  
Generally: There are good arguments that these features can be used to improve the security of computer systems. <br />
+
==TC - Treacherous Computing==
But: Some of these features can already be established by todays smart card supported systems!
+
Generally, there are good arguments that these features can be used to improve the security of computer systems. Trusted Computing offers a lot of features which can be used to protect the personal computer against malicious software and users. 
  
Drawback 1:
+
But according to a lot of technical analysis most researchers have fundamental critics on the main design considerations. The new infrastructure will offer '''only minor protection against worms and viruses'''. And some of these features can already be established by todays smart card supported systems.
Remote Attestation is a good feature to remotely detect tampering of the computer, as long as this 'somebody' is the owner of the platform. <br />
 
But: If this Remote Attestation is used by third parties, serious privacy and market domination issues arise.
 
  
Drawback 2:
+
''We recognize that hardware enhancements might be one way to improve computer security. But treating computer owners as adversaries is not progress in computer security. '''The interoperability, competition, owner control, and similar problems inherent in the TCG and NCSCB approach are serious enough that we recommend against adoption of these trusted computing technologies until these problems have been addressed. Fortunately, we believe these problems are not insurmountable''', and we look forward to working with the industry to resolve them."'' <br />
There are certainly legitimate reasons for Sealing. <br />
+
Source: [http://www.eff.org/Infrastructure/trusted_computing/20031001_tc.php Electronic Frontier Foundation], bold emphasis by [[User:Pitsche|Pitsche]]
But: The main use case seems to be consumer-unfriendly new 'business cases' for content dealers which involve locking down content to a single platform, based on connecting content to a specific device without any migration options. '''This means e.g. if the user wants to use his music to a portable player he should be forced to buy another license. It seems to be doubtful, if customers will enjoy this limitations.'''
 
  
In any case the possible problems of giving away control of the personal hardware should be evaluated carefully.
+
There are a lot of drawbacks to this kind of security implementation...
 +
*The concept prevents even the device owner from certain operations.
 +
*Remote Attestation is a good feature to remotely detect tampering of the computer, as long as this 'somebody' is the owner of the platform. But if this Remote Attestation is used by third parties, serious privacy and market domination issues arise.
 +
*There are certainly legitimate reasons for Sealing. But the main use case seems to be consumer-unfriendly new 'business cases' for content dealers which involve locking down content to a single platform, based on connecting content to a specific device without any migration options.  
  
There have also been two important critiques regarding the hardware security of the "Trusted Platform Modules (TPM)".
+
Additionally, the market domination of Microsoft, obscurities regarding the needed trust infrastructure and a heap of patents have lead to critical evaluations from cryptographers, privacy organizations and European institutions. <br />
 +
Because of this pressure the Trusted Computing Group has modifed its proposal. The recent specification is "TCG 1.2".
  
The first one has been the insuficient security certification against hardware attacks. In TCG 1.2 this critique has been addressed by an improvement of the hardware requirements and it has to be seen how strong the resistance against sophisticated attacks at intensively daily usage will be.
+
=== DRM - Digital Rights Management ===
 
+
The philosophy behind Remote Platform Attestation and Sealing seems to be a protection of the computer system or electronic device ''against'' its user and owner.
The second one addreses the 'black box'-characterisitcs and therefore 'hidden channels' in the TCG-Hardware. Hidden channels smuggle secret information to third parties and it has been a well known fact for many years, that hidden channels are easy to implement in black box hardware.
 
 
 
=== TCG and Digital 'Restrictions' Management ===
 
 
 
As stated above, the philosophy behind Remote Platform Attestation and Sealing seems to be a protection of the computer system or electronic device ''against'' its user and owner.  
 
  
 
What will do this to the use of digital media content on electronic devices? The answer of the IT- and the Entertainment-Industry is "Digital Rights Management" or just shortly "DRM".  
 
What will do this to the use of digital media content on electronic devices? The answer of the IT- and the Entertainment-Industry is "Digital Rights Management" or just shortly "DRM".  
  
''The DRM component takes control over the rest of the user's device which they rightfully own (e.g. MP3-Player'' '''or a ThinkPad)''' ''and restricts how it may act, regardless of the user's wishes (e.g. preventing the user from copying a song). All forms of DRM depend on the device imposing restrictions that cannot be legally disabled or modified by the user. In other words, the user has no choice.''
+
''The DRM component takes control over the rest of the user's device which they rightfully own (e.g. MP3-Player'' '''or a ThinkPad)''' ''and restricts how it may act, regardless of the user's wishes (e.g. preventing the user from copying a song). All forms of DRM depend on the device imposing restrictions that cannot be legally disabled or modified by the user. In other words, the user has no choice.'' Bold emphasised by [[User:Pitsche]].
  
So a new 'name' for DRM came up: '''Digital Restrictions Management''' instead of Digital Rights Management.  
+
So a new 'name' for DRM came up: '''Digital Restrictions Management''' instead of Digital Rights Management.
  
I cannot go too much into the details here, so please have a look at the [http://en.wikipedia.org/wiki/Digital_rights_management#DRM_opponents article in the Wikipedia Encyclopedia], where I took the quote from. The bold emphasised addition is mine.
+
Read more at [[Wikipedia:Digital rights management]].
  
 
=== Censorship and Avoiding Whistle Blowers ===
 
=== Censorship and Avoiding Whistle Blowers ===
 
+
The Siamese twin of Digital Restriction Management is censorship. '''The same techniques which avoid copying music songs can be used to limit the access to all kinds of documents'''. The combination of DRM and observation hardware like TCG leads to very dangerous implications.
The Siamese twin of Digital Restriction Management is censorship. '''The same techniques which avoid copying music songs can be used to limit the access to all kinds of documents'''. The combination from DRM and observation hardware (TCG is in your mind?) leads to very dangerous implications.
 
  
 
Giving a real world example, the Chinese government could easily block the use of all documents containing the words "Dalai Lama" on 'trusted' computer systems.
 
Giving a real world example, the Chinese government could easily block the use of all documents containing the words "Dalai Lama" on 'trusted' computer systems.
  
Another application is the fight against whistle blowers. E.g. government documents about the deportation of own citizens to countries with a doubtful law system or about supporting illegal wars could made only readable for government computers and combined with a expiration date. This might make it very dificult for the society or following generations to disclose these breaches of humanity.
+
Another application is the fight against whistle blowers. E.g. government documents about the deportation of own citizens to countries with a doubtful law system or about supporting illegal wars could be made readable for government computers only and combined with a expiration date. This might make it very dificult for the society or following generations to disclose these breaches of humanity.
 
 
=== Open Source Software and TCG ===
 
 
 
Since Microsoft controls a overwhelming part of the OS market, it seems to be rather dificult to evaluate the TCG proposal separated from the Palladium project.
 
 
 
TCG versus GPL: At least two companies are researching on "TCG-enhanced" versions of GNU/Linux. According most security researchers it seems to be necessary to evaluate programs which have access to the 'trusted part'.
 
 
 
This has huge implication for the development of free software. Following a possibly expensive evaluation there will be a signature for one program version.
 
 
 
Even if the program stays under GPL every change of the code will make the signature invalid. This seems to be a strong violation of the main philosophy of Open Source software.
 
  
 +
==TCPA/TCG in ThinkPads==
 
=== Embedded Security System (1.0) ===
 
=== Embedded Security System (1.0) ===
  
Line 126: Line 103:
  
 
''(Features etc. will soon be added here - your help, support or cooperation is very much appreciated)''
 
''(Features etc. will soon be added here - your help, support or cooperation is very much appreciated)''
 +
 +
===ThinkPads with TCPA Technology===
 +
====IBM Embedded Security Subsystem====
 +
*ThinkPad {{R31}}
 +
*ThinkPad {{T23}}, {{T30}}
 +
*ThinkPad {{X23}}, {{X24}}
 +
====IBM Embedded Security Subsystem 2.0====
 +
*ThinkPad {{R32}}, {{R40}}, {{R50}}, {{R50p}}, {{R51}}, {{R52}}
 +
*ThinkPad {{T40}}, {{T40p}}, {{T41}}, {{T41p}}, {{T42}}, {{T42p}}, {{T43}}, {{T43p}}
 +
*ThinkPad {{X30}}, {{X31}}, {{X32}}, {{X40}}, {{X41}}, {{X41T}}
 +
 +
===TCPA/TCG clean models===
 +
*all models produced before 2000
 +
*all i Series models
 +
*ThinkPad [[:Category:240X|240X]]
 +
*ThinkPad [[:Category:A20m|A20m]], [[:Category:A20p|A20p]], [[:Category:A21e|A21e]], [[:Category:A21m|A21m]], [[:Category:A21p|A21p]], [[:Category:A22e|A22e]], [[:Category:A22m|A22m]], [[:Category:A22p|A22p]], [[:Category:A30|A30]]
 +
*ThinkPad [[:Category:T20|T20]], [[:Category:T21|T21]]
 +
*ThinkPad [[:Category:X20|X20]], [[:Category:X21|X21]], [[:Category:X22|X22]]
 +
*ThinkPad [[:Category:TransNote|TransNote]]
 +
 +
== OpenSource Software and TCG ==
 +
TCG has huge implication for the development of free software. Following a possibly expensive evaluation there will be a signature for one program version. Even if the program is licensed under the GPL every change to the code will make the signature invalid. This seems to be a strong violation of the main philosophy of OpenSource software.
 +
 +
Since Microsoft controls an overwhelming part of the OS market, it seems to be rather difficult to evaluate the TCG proposal separated from the Palladium project.
 +
 +
TCG versus GPL: At least two companies are researching on "TCG-enhanced" versions of GNU/Linux. According most security researchers it seems to be necessary to evaluate programs which have access to the 'trusted part'.
  
 
=== Summary ===  
 
=== Summary ===  
 
 
There are still a lot of critical questions, even though TCG 1.2 contains many steps into the right direction.
 
There are still a lot of critical questions, even though TCG 1.2 contains many steps into the right direction.
  
 
== Related Links ==
 
== Related Links ==
 
 
*[http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html 'Trusted Computing' Frequently Asked Questions] - Anti-TC FAQ by Cambridge University security director and professor [[Ross Anderson]].
 
*[http://www.cl.cam.ac.uk/~rja14/tcpa-faq.html 'Trusted Computing' Frequently Asked Questions] - Anti-TC FAQ by Cambridge University security director and professor [[Ross Anderson]].
 
*[http://www.againsttcpa.com/ Against-TCPA]
 
*[http://www.againsttcpa.com/ Against-TCPA]
Line 138: Line 139:
 
*[http://www.gnu.org/philosophy/can-you-trust.html Can you trust your computer?] essay by the FSF
 
*[http://www.gnu.org/philosophy/can-you-trust.html Can you trust your computer?] essay by the FSF
 
*[http://www.protectprivacy.org/topic--lang-en.html The civil rights organisation Protect Privacy]
 
*[http://www.protectprivacy.org/topic--lang-en.html The civil rights organisation Protect Privacy]
 
  
 
== Read more at Wikipedia, the free encyclopedia: ==
 
== Read more at Wikipedia, the free encyclopedia: ==
 
 
*[http://en.wikipedia.org/wiki/Trusted_computing Trusted Computing]
 
*[http://en.wikipedia.org/wiki/Trusted_computing Trusted Computing]
 
*[http://en.wikipedia.org/wiki/Trusted_Computing_Platform_Alliance Trusted Computing Group (formerly known as TCPA)]
 
*[http://en.wikipedia.org/wiki/Trusted_Computing_Platform_Alliance Trusted Computing Group (formerly known as TCPA)]
Line 151: Line 150:
  
  
== ThinkPads with TCPA Technology ==
+
<!--Notes from the original artical that didn't fit so far
===IBM Embedded Security Subsystem===
+
You own a ThinkPad build after the year 2000? Or you want to buy a brandnew ThinkPad from Levono (IBM)? Do you want to know, what the Embedded Security Subsystem is doing (or can do) in your ThinkPad?
*ThinkPad {{R31}}
+
 
*ThinkPad {{T23}}, {{T30}}
+
If you answer one or all of these questions with yes, read on :-) This is about Trusted Computing, TCPA, Palladium, the "Fritz"-Chip, Digital Rights Management and your freedom of choice. At the end of this article you find related hyperlinks to this important topic for computer users.
*ThinkPad {{X23}}, {{X24}}
+
 
===IBM Embedded Security Subsystem 2.0===
+
Compared to this, positive features like a more secure hardware storage for cryptographic keys seem to be a very small benefit.
*ThinkPad {{R32}}, {{R40}}, {{R50}}, {{R50p}}, {{R51}}, {{R52}}
+
 
*ThinkPad {{T40}}, {{T40p}}, {{T41}}, {{T41p}}, {{T42}}, {{T42p}}, {{T43}}, {{T43p}}
+
:Compared with the TCPA the TCG is less democratic organized and the high membership fees obstruct the possibilities for small companies and non profit organizations to participate.
*ThinkPad {{X30}}, {{X31}}, {{X32}}, {{X40}}, {{X41}}, {{X41T}}
+
 
 +
* Microsofts own concept for 'Trustworthy Computing', "Palladium", is expected to cost some hundreds of million cash.
 +
 
 +
What is all the name changing about? <br />
 +
Some say, that the change was a reaction to the negative publicity, because Palladium and TCPA was soon equated with a 'Nineteen Eighty-Four'-Scenario of an 'Orwellian society', the ever-present, all-seeing 'Big Brother' and other privacy issues.
 +
 
 +
'''This means e.g. if the user wants to use his music to a portable player he should be forced to buy another license. It seems to be doubtful, if customers will enjoy this limitations.'''
 +
 
 +
In any case the possible problems of giving away control of the personal hardware should be evaluated carefully.
  
==TCPA/TCG clean models==
+
-->
*all models produced before 2000
 
*all i Series models
 
*ThinkPad [[:Category:240X|240X]]
 
*ThinkPad [[:Category:A20m|A20m]], [[:Category:A20p|A20p]], [[:Category:A21e|A21e]], [[:Category:A21m|A21m]], [[:Category:A21p|A21p]], [[:Category:A22e|A22e]], [[:Category:A22m|A22m]], [[:Category:A22p|A22p]], [[:Category:A30|A30]]
 
*ThinkPad [[:Category:T20|T20]], [[:Category:T21|T21]]
 
*ThinkPad [[:Category:X20|X20]], [[:Category:X21|X21]], [[:Category:X22|X22]]
 
*ThinkPad [[:Category:TransNote|TransNote]]
 

Revision as of 19:20, 4 July 2005

The Members of the Trusted Computing Group (TCG), formerly the Trusted Computing Platform Allience (TCPA), are working on a paradigm shift in information technology, which could become the biggest change of the information landscape since decades.

This article tries to gather information about the implications of the TCPA and TCG effords. To many users these implications seem rather treacherous than trustworthy. This article tries to give a short summarized overview over the facts from a rather netral point of view.

We will start with a quote:

"It is clear that trusted computing hardware provides security benefits, if software is prepared to take advantage of it. But trusted computing has been received skeptically and remains controversial. Some of the controversy is based on misconceptions, but much of it is appropriate, since trusted computing systems fundamentally alter trust relationships. Legitimate concerns about trusted computing are not limited to one area, such as consumer privacy or copyright issues.
We have at least two serious concerns about trusted computing. First, existing designs are fundamentally flawed because they expose the public to new risks of anti-competitive and anti-consumer behavior. Second, manufacturers of particular "trusted" computers and components may secretly implement them incorrectly."

Source: Electronic Frontier Foundation

TC - Trusted Computing

Recently, the number of known security incidents has been dramatically increasing. Thus, security issues in computer industry have been pushed forward. So far, digital content on computers couldn't be efficiently protected since every security mechanism accessible by software could always be circumvent by software.

The idea of Trusted Computing is to provide a hardware layer that cares for

  • storage of security related data like keys, certificates and checksums
  • encryption and decryption
  • validation of certificates
  • (Remote) Platform Attestation (meaning that somebody can check the state of your personal computer over the internet)
  • Sealing (meaning binding data to a specific platform and application)

Since this way the hardware can handle security management without any software being able to access the security data (like a Black Box). Moreover, the whole software layer can be 'monitored' by the hardware through the use of checksums. Hence the TCPA layer can recognise changes to the software layer and block the whole system from starting, this way keeping malicious software from running at all.

A short history of TCPA, TCG, Palladium and NSCB:

  • 1999: The Trusted Computing Platform Alliance (TCPA) is founded by Intel, Microsoft, HP, Compaq and IBM.
  • February 2002: The TCPA Main Specification Version 1.1b is being published.
  • early 2003: In the beginning of 2003 the name is changed to "next-generation secure computing base" (NGSCB).
  • April 2003: The Trusted Computing Group (TCG) is founded by AMD, HP, IBM, Intel and Microsoft.
  • Summer 2004: The NGSCB effort seems to have stopped.

The TCPA

Founded 1999 by Compaq, HP, IBM, Intel and Microsoft, the TCPA counts around 200 members by now, among them Adobe, AMD, Fujitsu-Siemens, Gateway, Motorola, Samsung, Toshiba and many others.

ToDo...

The TCG

As successor of the TCPA, the TCG was founded by AMD, HP, IBM, Intel and Microsoft in April 2004.

ToDo...

TCG 1.1

ToDo...

TCG 1.2

ToDo...

TCG Hardware Architecture

The Trusted Platform Module (TPM) (a.k.a. "Fritz"-Chip) is the central building block of the TCG architecture and the first implementation can be seen as just a hardwired smart card.

There are also discussions to integrate the whole functionality into the main processor, which would increase resistance against tampering attacks (see also Intel "LaGrande").

There have also been two important critiques regarding the hardware security of the "Trusted Platform Modules (TPM)".

  • The first one has been the insuficient security certification against hardware attacks. In TCG 1.2 this critique has been addressed by an improvement of the hardware requirements. It has to be seen how strong the resistance against sophisticated attacks at intensively daily usage will be.
  • The second one addreses the 'black box'-characterisitcs and risk 'hidden channels' in the TCG-Hardware, which can be easily implemented and used to send secret information to third parties.

TC - Treacherous Computing

Generally, there are good arguments that these features can be used to improve the security of computer systems. Trusted Computing offers a lot of features which can be used to protect the personal computer against malicious software and users.

But according to a lot of technical analysis most researchers have fundamental critics on the main design considerations. The new infrastructure will offer only minor protection against worms and viruses. And some of these features can already be established by todays smart card supported systems.

We recognize that hardware enhancements might be one way to improve computer security. But treating computer owners as adversaries is not progress in computer security. The interoperability, competition, owner control, and similar problems inherent in the TCG and NCSCB approach are serious enough that we recommend against adoption of these trusted computing technologies until these problems have been addressed. Fortunately, we believe these problems are not insurmountable, and we look forward to working with the industry to resolve them."
Source: Electronic Frontier Foundation, bold emphasis by Pitsche

There are a lot of drawbacks to this kind of security implementation...

  • The concept prevents even the device owner from certain operations.
  • Remote Attestation is a good feature to remotely detect tampering of the computer, as long as this 'somebody' is the owner of the platform. But if this Remote Attestation is used by third parties, serious privacy and market domination issues arise.
  • There are certainly legitimate reasons for Sealing. But the main use case seems to be consumer-unfriendly new 'business cases' for content dealers which involve locking down content to a single platform, based on connecting content to a specific device without any migration options.

Additionally, the market domination of Microsoft, obscurities regarding the needed trust infrastructure and a heap of patents have lead to critical evaluations from cryptographers, privacy organizations and European institutions.
Because of this pressure the Trusted Computing Group has modifed its proposal. The recent specification is "TCG 1.2".

DRM - Digital Rights Management

The philosophy behind Remote Platform Attestation and Sealing seems to be a protection of the computer system or electronic device against its user and owner.

What will do this to the use of digital media content on electronic devices? The answer of the IT- and the Entertainment-Industry is "Digital Rights Management" or just shortly "DRM".

The DRM component takes control over the rest of the user's device which they rightfully own (e.g. MP3-Player or a ThinkPad) and restricts how it may act, regardless of the user's wishes (e.g. preventing the user from copying a song). All forms of DRM depend on the device imposing restrictions that cannot be legally disabled or modified by the user. In other words, the user has no choice. Bold emphasised by User:Pitsche.

So a new 'name' for DRM came up: Digital Restrictions Management instead of Digital Rights Management.

Read more at Wikipedia:Digital rights management.

Censorship and Avoiding Whistle Blowers

The Siamese twin of Digital Restriction Management is censorship. The same techniques which avoid copying music songs can be used to limit the access to all kinds of documents. The combination of DRM and observation hardware like TCG leads to very dangerous implications.

Giving a real world example, the Chinese government could easily block the use of all documents containing the words "Dalai Lama" on 'trusted' computer systems.

Another application is the fight against whistle blowers. E.g. government documents about the deportation of own citizens to countries with a doubtful law system or about supporting illegal wars could be made readable for government computers only and combined with a expiration date. This might make it very dificult for the society or following generations to disclose these breaches of humanity.

TCPA/TCG in ThinkPads

Embedded Security System (1.0)

Embedded Security System (in IBM documents there is no use of the additive version-nummer 1.0) is using the heayvily disputed "TCG 1.1"-specification.

(Features etc. will soon be added here - your help, support or cooperation is very much appreciated)

Embedded Security System 2.0

The recent TCG-specification is "TCG 1.2" and Embedded Security System 2.0 is supposed to use this newer specification.

(Features etc. will soon be added here - your help, support or cooperation is very much appreciated)

ThinkPads with TCPA Technology

IBM Embedded Security Subsystem

IBM Embedded Security Subsystem 2.0

TCPA/TCG clean models

OpenSource Software and TCG

TCG has huge implication for the development of free software. Following a possibly expensive evaluation there will be a signature for one program version. Even if the program is licensed under the GPL every change to the code will make the signature invalid. This seems to be a strong violation of the main philosophy of OpenSource software.

Since Microsoft controls an overwhelming part of the OS market, it seems to be rather difficult to evaluate the TCG proposal separated from the Palladium project.

TCG versus GPL: At least two companies are researching on "TCG-enhanced" versions of GNU/Linux. According most security researchers it seems to be necessary to evaluate programs which have access to the 'trusted part'.

Summary

There are still a lot of critical questions, even though TCG 1.2 contains many steps into the right direction.

Related Links

Read more at Wikipedia, the free encyclopedia: