Re: Dell to Add Security Chip to PCs
On Sat, Feb 05, 2005 at 01:19:46AM +, Justin wrote: If I film off a HDTV screen with a HDTV camera (or just do single-frame with a good professional camera) will the flag be preserved? I don't think so, I think the flag is in the bitstream and doesn't affect visual output at all. You still run into significant quality I know; that was a rhetorical question. loss trying to get around it that way. I doubt the quality loss would be perceivable. What you'll get will be persistent artifacts which would allow source fingerprinting via digital forensics. The point is that HDTV is a popular consumer technology, and the MPAA and TV networks alone managed to hijack it. I have yet to see a single HDTV movie/broadcast, and I understand most TV sets can't display anything beyond 800x600. DVD started with a copy protection, too. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp4aWbLkVGr5.pgp Description: PGP signature
Re: Dell to Add Security Chip to PCs
On Sat, Feb 05, 2005 at 11:23:14AM +0100, Eugen Leitl wrote: The point is that HDTV is a popular consumer technology, and the MPAA and TV networks alone managed to hijack it. I have yet to see a single HDTV movie/broadcast, and I understand most TV sets can't display anything beyond 800x600. Not widespread in Europe yet, but all the big networks in the US now support it for most or nearly all their prime time schedule and most big events (sports and otherwise) are now in HDTV in the USA. Also more and more cable networks in HDTV and some movie channels. Bandwidth is the big limitation on satellite and cable, otherwise there would be even more. And HDTV sets are selling well now in the USA. Most do not yet have the full 1920 by 1080 resolution, but many are around 1280 by 720 native resolution which works well with the 720p progressive version used primarily for sports (looks better with fast motion). DVD started with a copy protection, too. However the really strange thing about the FCC broadcast flag is that the actual over the air ATSC transport stream on broadcast channels is mandated by law to be sent *IN THE CLEAR*, no encryption allowed - so the FCC decision basicly requires any receiver sold to the public *ENCRYPT* an ITC signal before providing it to the user.Naturally this bit of nonsense will go far to make the broadcast flag very effective indeed at preventing anyone with very modest sophistication from capturing the over the air in the clear transport stream and passing it around on P2P networks or whatever - there is already plenty of PCI hardware out there to receive ATSC transmissions (MyHD and many others) and supply the transport stream to software running on the PC. -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass 02493
Re: Dell to Add Security Chip to PCs
On Fri, Feb 04, 2005 at 08:21:47PM +, Justin wrote: They managed with the HTDV broadcast flag mandate. If I film off a HDTV screen with a HDTV camera (or just do single-frame with a good professional camera) will the flag be preserved? Watermarks will, but that's the next mass genocide by IP nazis. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgppAYQ2XiCC8.pgp Description: PGP signature
Re: Dell to Add Security Chip to PCs
On 2005-02-03T22:25:28+0100, Anonymous wrote: The only people endangered by this capability are those who want to be able to lie. They want to agree to contracts and user agreements that, for example, require them to observe DRM restrictions and copyright laws, but then they want the power to go back on their word, to dishonor their commitment, and to lie about their promises. An honest man is No, I want the right to fair use of material I buy. If someone sells DRM-only material, I won't buy it at anything approaching non-DRM prices. In some cases, I won't buy it at all. My fair use rights should not be held hostage by a stupid majority who support a DRM-only market. Maybe the market for music won't support DRM-only products, but I suspect the market for DVDs and low-sales books will. The result is that I won't be able to rip a season's worth of DVDs so I can watch them all without playing hot potato with the physical DVDs. I won't be able to avoid the 15-second copyright warnings, or the useless menu animations. Low-sales books may end up being DRM-only, and I _hate_ reading books on a screen. Since DRM-only rare books will satisfy some of the market, there will be even less pressure on physical book publishers to occasionally reprint them, thus forcing even more people to buy the DRM'd ebooks. I bought an ebook on amazon for $1.99 a couple months ago. The printed book was $20. It was very nearly the worst purchase of my life. I won't buy a similarly DRM'd ebook every again, for any amount. The hassle plus the restrictions aren't worth the $18 savings. -- War is the father and king of all, and some he shows as gods, others as men; some he makes slaves, others free. --Heraclitus (Kahn.83/D-K.53)
Re: Dell to Add Security Chip to PCs
On Fri, 2005-02-04 at 19:07 -0800, James A. Donald wrote: The ability to convincingly tell the truth is a very handy one between people who are roughly equal. It is a potentially disastrous one if one party can do violence with impunity to the one with the ability to convincingly tell the truth. In other words, NGSCB/Palladium/etc doesn't give you an advantage in the least when you step onto a playing field tilting heavily in Microsoft's direction. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Dell to Add Security Chip to PCs
On 2005-02-04T23:28:56+0100, Eugen Leitl wrote: On Fri, Feb 04, 2005 at 08:21:47PM +, Justin wrote: They managed with the HTDV broadcast flag mandate. If I film off a HDTV screen with a HDTV camera (or just do single-frame with a good professional camera) will the flag be preserved? I don't think so, I think the flag is in the bitstream and doesn't affect visual output at all. You still run into significant quality loss trying to get around it that way. The point is that HDTV is a popular consumer technology, and the MPAA and TV networks alone managed to hijack it. -- War is the father and king of all, and some he shows as gods, others as men; some he makes slaves, others free. --Heraclitus (Kahn.83/D-K.53)
Re: Dell to Add Security Chip to PCs
As far as the question of malware exploiting TC, it's difficult to evaulate without knowing more details about how the technology ends up being used. First there was TCPA, which is now called TCG. Microsoft spun off their own version called Palladium, then NGSCB. But then Microsoft withdrew NGSCB, and at this point I have no idea whether they will ever offer a new approach. Microsoft offered four concepts for its vision, but only two of them are in the current TCG: Sealed Storage and Remote Attestation. Microsoft's additional features are Trusted I/O and Process Isolation. It's possible that TCG may incorporate these eventually, because without them the security offered by TC is much more limited. Microsoft's vision for application development under NGSCB involved splitting programs into two parts, which they called the left hand side (LHS) and right hand side (RHS). The LHS was the legacy program, which had access to the entire Windows API. It would be responsible for user interface, I/O, and any non-secure features. The RHS was the new stuff; it would run in a special partitioned memory that could not be accessed even by the OS. However the RHS would not have access to the full Windows API, and instead would only get very limited OS support from a mini-kernel called the Nexus. The goal was to publish the source of the Nexus for review and to have it be simple and clean enough to be secure. Applications would do their security stuff in the RHS modules, which were called Nexus Computing Agents (NCAs). These could use the other TPM features. They could encrypt data such that only that NCA could decyrpt it; and they could attest to a remote server or peer about exactly what NCA was running. NCAs would also have some kind of secure I/O channel to input and display devices. An NCA would be immune to molestation by virus and malware unless the virus got into the NCA itself, which would be hard because they were supposed to be relatively small and simple. Infections elsewhere in the program, in the OS, or in other NCAs would not propagate to an NCA. Microsoft's design was sophisticated and (IMO) elegant, and goes far beyond anything the clumsy, design-by-committee TCG has come up with yet. Yet NGSCB failed even before it was released. Experience from early beta testers was uniformly negative, according to press reports, and the project was pulled for a redesign. Nothing has been heard of it for a year now. The problem was apparently that this LHS/RHS design was unacceptable to developers, introducing complexity and requiring a substantial rewrite of existing applications. The RHS Nexus API was so primitive that it was hard to do anything useful there, while LHS functionality was completely unprotected and received no benefits from the new technology. So that's where we stand. Given this uncertainty, it is hard to credit those who claim that TC will be a golden opportunity for malware. Nobody really knows what the architecture of TC will be by the time it is released. In this respect, Bruce Schneier's comments were the most accurate and prescient. Over two years ago he advised adopting a wait and see attitude, and predicted exactly the kind of revamping and redesign which is currently underway. But for the purposes of analysis, let's suppose that Microsoft's original vision were intact, and that NGSCB with the four features were actually being deployed. How might Dan Kaminsky's scenario of an infected Microsoft Word work out in detail? First we need to consider how the LHS/RHS split might work for a word processor. Most functions are not security related and will be in the LHS. Let's imagine a security function. Suppose a company wants to have certain documents to always be saved encrypted, and only to be exchanged (in encrypted form) with other employees also running the secure Word program. Nobody would be able to get access to the data except via this special program. This could be useful for company-confidental docs. So we will have an NCA on the RHS which can, under the guidance of some policy, save documents in encrypted form and locked to the NCA. No other software will be able to decrypt them because of the Sealed Storage function of the TPM. NCA's can exchange documents with matching NCAs on other computers, using Remote Attestation to verify that the remote system is running the right software, and to set up a secure comm channel between the NCAs. No other software, not even the LHS of Word, could decrypt the data being exchanged between the NCAs. And the NCAs run in secure memory, so that even in an infected computer there will be no way for the malware to get access to the sensitive data. So how does Kaminsky's attack work? He proposes to give some bogus data to the NCA and infect it. Now, here's the problem. The NCA is a relative small and simple program. It's not going to have the full capabilities of the rest of Word. It has a clean interface and a clean
Re: Dell to Add Security Chip to PCs
Eric Murray writes: The TCPA chip verifies the (signature on the) BIOS and the OS. So the software driver is the one that's trusted by the TCPA chip. I don't believe this is correct. The TPM does not verify any signatures. It is fundamentally a passive chip. Its only job is to store hashes of software components that the BIOS, boot loader and OS report to it. It can then report those hashes in attestations, or perform crypto sealing and unsealing operations in such a way that sealed data is locked to those hashes, and can't be unsealed if the hashes are different. and then asks: I have an application for exactly that behaviour. It's a secure appliance. Users don't run code on it. It needs to be able to verify that it's running the authorized OS and software and that new software is authorized. (it does it already, but a TCPA chip might do it better). So a question for the TCPA proponents (or opponents): how would I do that using TCPA? You might want to look at enforcer.sourceforge.net for some ideas. They created a Tripwire-like system which does a secure boot and compares the software that is loaded with approved versions. I don't remember if they used signatures or hashes for the comparison but presumably either one could be made to work. Marcel Popescu's message was mostly content free (I love the way he thinks its OK to lie as long as it's in English! - remind me never to trust this guy) but he did ask one non-rethorical question: Name other five (out of the most) laptop companies offering this chip in their laptops. (This is NOT rethorical, I'm really curious.) IBM T43 and Thinkpads (over 16 million TPMs shipped as of last year). HP/Compaq nc6000, nc8000, nw8000, nc4010 notebooks. Toshiba Dynabook SS LX, Tecra M3 and Portege M205-S810. Fujitsu Lifebook S7010 and LifeBook E8000 laptops; T4000 and ST5020 tablets. Samsung X-Series. NEC VersaPro/VersaProJ. and now Dell Latitude D410, D610 and D810.
Re: Dell to Add Security Chip to PCs
-- On 3 Feb 2005 at 22:25, Anonymous wrote: Now, my personal perspective on this is that this is no real threat. It allows people who choose to use the capability to issue reasonably credible and convincing statements about their software configuration. Basically it allows people to tell the truth about their software in a convincing way. Anyone who is threatened by the ability of other people to tell the truth should take a hard look at his own ethical standards. Honesty is no threat to the world! The only people endangered by this capability are those who want to be able to lie. They want to agree to contracts and user agreements that, for example, require them to observe DRM restrictions and copyright laws, but then they want the power to go back on their word, to dishonor their commitment, and to lie about their promises. An honest man is not affected by Trusted Computing; it would not change his behavior in any way, because he would be as bound by his word as by the TC software restrictions. The ability to convincingly tell the truth is a very handy one between people who are roughly equal. It is a potentially disastrous one if one party can do violence with impunity to the one with the ability to convincingly tell the truth. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 6B7i0tiB4vUHqQnAP6nXT2z+B+zLB8624+K6+ENU 47fFHg6cY0KInzxMe/l+L2c7LqmPZyrwOSZepYIR3
Re: Dell to Add Security Chip to PCs
On Fri, 2005-02-04 at 19:07 -0800, James A. Donald wrote: The ability to convincingly tell the truth is a very handy one between people who are roughly equal. It is a potentially disastrous one if one party can do violence with impunity to the one with the ability to convincingly tell the truth. In other words, NGSCB/Palladium/etc doesn't give you an advantage in the least when you step onto a playing field tilting heavily in Microsoft's direction. -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Dell to Add Security Chip to PCs
On Sat, Feb 05, 2005 at 01:19:46AM +, Justin wrote: If I film off a HDTV screen with a HDTV camera (or just do single-frame with a good professional camera) will the flag be preserved? I don't think so, I think the flag is in the bitstream and doesn't affect visual output at all. You still run into significant quality I know; that was a rhetorical question. loss trying to get around it that way. I doubt the quality loss would be perceivable. What you'll get will be persistent artifacts which would allow source fingerprinting via digital forensics. The point is that HDTV is a popular consumer technology, and the MPAA and TV networks alone managed to hijack it. I have yet to see a single HDTV movie/broadcast, and I understand most TV sets can't display anything beyond 800x600. DVD started with a copy protection, too. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpdFAC7QNbx4.pgp Description: PGP signature
Re: Dell to Add Security Chip to PCs
On 2005-02-03T22:25:28+0100, Anonymous wrote: The only people endangered by this capability are those who want to be able to lie. They want to agree to contracts and user agreements that, for example, require them to observe DRM restrictions and copyright laws, but then they want the power to go back on their word, to dishonor their commitment, and to lie about their promises. An honest man is No, I want the right to fair use of material I buy. If someone sells DRM-only material, I won't buy it at anything approaching non-DRM prices. In some cases, I won't buy it at all. My fair use rights should not be held hostage by a stupid majority who support a DRM-only market. Maybe the market for music won't support DRM-only products, but I suspect the market for DVDs and low-sales books will. The result is that I won't be able to rip a season's worth of DVDs so I can watch them all without playing hot potato with the physical DVDs. I won't be able to avoid the 15-second copyright warnings, or the useless menu animations. Low-sales books may end up being DRM-only, and I _hate_ reading books on a screen. Since DRM-only rare books will satisfy some of the market, there will be even less pressure on physical book publishers to occasionally reprint them, thus forcing even more people to buy the DRM'd ebooks. I bought an ebook on amazon for $1.99 a couple months ago. The printed book was $20. It was very nearly the worst purchase of my life. I won't buy a similarly DRM'd ebook every again, for any amount. The hassle plus the restrictions aren't worth the $18 savings. -- War is the father and king of all, and some he shows as gods, others as men; some he makes slaves, others free. --Heraclitus (Kahn.83/D-K.53)
Re: Dell to Add Security Chip to PCs
On Sat, Feb 05, 2005 at 11:23:14AM +0100, Eugen Leitl wrote: The point is that HDTV is a popular consumer technology, and the MPAA and TV networks alone managed to hijack it. I have yet to see a single HDTV movie/broadcast, and I understand most TV sets can't display anything beyond 800x600. Not widespread in Europe yet, but all the big networks in the US now support it for most or nearly all their prime time schedule and most big events (sports and otherwise) are now in HDTV in the USA. Also more and more cable networks in HDTV and some movie channels. Bandwidth is the big limitation on satellite and cable, otherwise there would be even more. And HDTV sets are selling well now in the USA. Most do not yet have the full 1920 by 1080 resolution, but many are around 1280 by 720 native resolution which works well with the 720p progressive version used primarily for sports (looks better with fast motion). DVD started with a copy protection, too. However the really strange thing about the FCC broadcast flag is that the actual over the air ATSC transport stream on broadcast channels is mandated by law to be sent *IN THE CLEAR*, no encryption allowed - so the FCC decision basicly requires any receiver sold to the public *ENCRYPT* an ITC signal before providing it to the user.Naturally this bit of nonsense will go far to make the broadcast flag very effective indeed at preventing anyone with very modest sophistication from capturing the over the air in the clear transport stream and passing it around on P2P networks or whatever - there is already plenty of PCI hardware out there to receive ATSC transmissions (MyHD and many others) and supply the transport stream to software running on the PC. -- Dave Emery N1PRE, [EMAIL PROTECTED] DIE Consulting, Weston, Mass 02493
Re: Dell to Add Security Chip to PCs
- Original Message - From: Shawn K. Quinn [EMAIL PROTECTED] Subject: Re: Dell to Add Security Chip to PCs Isn't it possible to emulate the TCPA chip in software, using one's own RSA key, and thus signing whatever you damn well please with it instead of whatever the chip wants to sign? So in reality, as far as remote attestation goes, it's only as secure as the software driver used to talk to the TCPA chip, right? That issue has been dealt with. They do this by initializing the chip at the production plant, and generating the certs there, thus the process of making your software TCPA work actually involves faking out the production facility for some chips. This prevents the re-init that I think I saw mentioned a few messages ago (unless there's some re-signing process within the chip to allow back-registering, entirely possible, but unlikely). It even gets worse from there because the TCPA chip actually verifies the operating system on load, and then the OS verifies the drivers, solid chain of verification. Honestly Kaminsky has the correct idea about how to get into the chip and break the security, one small unchecked buffer and all the security disappears forever. Joe Trust Laboratories Changing Software Development http://www.trustlaboratories.com
RE: Dell to Add Security Chip to PCs
Erwann ABALEA [EMAIL PROTECTED] writes: I've read your objections. Maybe I wasn't clear. What's wrong in installing a cryptographic device by default on PC motherboards? I work for a PKI 'vendor', and for me, software private keys is a nonsense. A simple crypto device controlled by the same software is only slightly less nonsensical. That is, the difference between software-controlled keys and a device controlling the keys that does anything the software tells it to is negligible. To get any real security you need to add a trusted display, I/O system, clock, and complete crypto message-processing capability (not just generate a signature like the current generation of smart cards do), and that's a long way removed from what TCPA gives you. You could obviously say that Mr Smith won't be able to move his certificates from machine A to machine B, but more than 98% of the time, Mr Smith doesn't need to do that. Yes he will. That is, he may not really need to do it, but he really, really wants to do it. Look at the almost-universal use of PKCS #12 to allow people to spread their keys around all over the place - any product aimed at a mass- market audience that prevents key moving is pretty much dead in the water. Installing a TCPA chip is not a bad idea. The only effective thing a TCPA chip gives you is a built-in dongle on every PC. Whether having a ready-made dongle hardwired into every PC is a good or bad thing depends on the user (that is, the software vendor using the TCPA device, not the PC user). Peter.
RE: Dell to Add Security Chip to PCs
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Anonymous The only people endangered by this capability are those who want to be able to lie. They want to agree to contracts and user agreements that, for example, require them to observe DRM restrictions and copyright laws, but then they want the power to go back on their word, to dishonor their commitment, and to lie about their promises. This assumes an US world, which is - to say the least - a little unreal. In my country, contracts are void unless signed in the official language. That means that, even if I want to agree to the license, I can't legally do so - because it's in English. Which means that I can click on I agree WITHOUT legally agreeing to anything - and everybody knows that. An honest man is not affected by Trusted Computing; it would not change his behavior in any way, because he would be as bound by his word as by the TC software restrictions. Only in the US and related countries :) We are not bound, legally or even morally, by a contract in a foreign language - there are people who bought Windows or some other software even though they don't speak an iota of English. (Furthermore, I wrote a little application which can change the caption of a button - so I can change it to I do not agree (or the equivalent in my language) before installing whatever I'm installing. Do you think that's good enough? g) And yet Cypherpunks are now arch collectivists, fighting the right of private individuals and companies to make their own choices about what technologies to use. How the worm has turned. BS, of course. As has already been explained here, we are paranoids - we try to defend against the worst that could happen, not against the best. A sad illustration of the paranoia and blinkered groupthink so prevalant on this mailing list today. Today? You're new here, right? Paranoia is the motto of the cypherpunks :) Imagine, Dell is providing this chip as part of a vast conspiracy to restrict the user's rights to his own files. It's not THAT vast. The mere idea that it is NOT a conspiracy, OTOH, is plainly ridiculous. They've been at it for several years, and everyone here should know that. The truth is, frankly, that Dell is providing this chip on their laptops simply because laptop owners like the idea of having a security chip, No really? Name five of these laptop owners. (No, that was rethorical. Your phrase was information-free.) most other laptop companies offer them, and the TCG is the main player in this space. Name other five (out of the most) laptop companies offering this chip in their laptops. (This is NOT rethorical, I'm really curious.) Dell is neither seeking to advance my liberatarian goals nor promoting the conspiracy-theorist vision of taking away people's control over their computers. The truth is far more mundane. Profit is a very good tool, for both good and evil. In this case, they see profit in doing something that can ultimately be used against consumers. We comment on that, nothing more. Then again, if the consumers catch on the trick, profit will dictate that they remove it. g Marcel -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.300 / Virus Database: 265.8.5 - Release Date: 2/3/2005
Re: Dell to Add Security Chip to PCs
On Thu, Feb 03, 2005 at 11:45:01PM -0600, Shawn K. Quinn wrote: Isn't it possible to emulate the TCPA chip in software, using one's own RSA key, and thus signing whatever you damn well please with it instead of whatever the chip wants to sign? So in reality, as far as remote attestation goes, it's only as secure as the software driver used to talk to the TCPA chip, right? The TCPA chip verifies the (signature on the) BIOS and the OS. So the software driver is the one that's trusted by the TCPA chip. Plus the private key is kept in the chip, so it can't be read by your emulator. If your emulator picks its own key pair then its attesations will be detected as invalid by a relying party that's using the real TCPA public keys. Eric
Re: Dell to Add Security Chip to PCs
I don't know how clear I can say this, your threat model is broken, and the bad guys can't stop laughing about it. Come on, now...who's going to be better at Security than Microsoft? Since bad guys won't be allowed inside the TCPA world then everything's going to be just fine. Seems like the evil packet idea will be useful here...bad packets should have their evil bit set to one, and they won't be alllowed inside. -TD
Re: Dell to Add Security Chip to PCs
On 2005-02-04T14:30:48-0500, Mark Allen Earnest wrote: The government was not able to get the Clipper chip passed and that was backed with the horror stories of rampant pedophilia, terrorism, and organized crime. Do you honestly believe they will be able to destroy open source, linux, independent software development, and the like with just the fear of movie piracy, mp3 sharing, and such? Do you really think they are willing to piss off large sections of the voting population, the tech segment of the economy, universities, small businesses, and the rest of the world just because the MPAA and RIAA don't like customers owning devices they do not control? They managed with the HTDV broadcast flag mandate. -- War is the father and king of all, and some he shows as gods, others as men; some he makes slaves, others free. --Heraclitus (Kahn.83/D-K.53)
Re: Dell to Add Security Chip to PCs
On Fri, Feb 04, 2005 at 08:21:47PM +, Justin wrote: They managed with the HTDV broadcast flag mandate. If I film off a HDTV screen with a HDTV camera (or just do single-frame with a good professional camera) will the flag be preserved? Watermarks will, but that's the next mass genocide by IP nazis. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpR57mPncuyo.pgp Description: PGP signature
Re: Dell to Add Security Chip to PCs
As far as the question of malware exploiting TC, it's difficult to evaulate without knowing more details about how the technology ends up being used. First there was TCPA, which is now called TCG. Microsoft spun off their own version called Palladium, then NGSCB. But then Microsoft withdrew NGSCB, and at this point I have no idea whether they will ever offer a new approach. Microsoft offered four concepts for its vision, but only two of them are in the current TCG: Sealed Storage and Remote Attestation. Microsoft's additional features are Trusted I/O and Process Isolation. It's possible that TCG may incorporate these eventually, because without them the security offered by TC is much more limited. Microsoft's vision for application development under NGSCB involved splitting programs into two parts, which they called the left hand side (LHS) and right hand side (RHS). The LHS was the legacy program, which had access to the entire Windows API. It would be responsible for user interface, I/O, and any non-secure features. The RHS was the new stuff; it would run in a special partitioned memory that could not be accessed even by the OS. However the RHS would not have access to the full Windows API, and instead would only get very limited OS support from a mini-kernel called the Nexus. The goal was to publish the source of the Nexus for review and to have it be simple and clean enough to be secure. Applications would do their security stuff in the RHS modules, which were called Nexus Computing Agents (NCAs). These could use the other TPM features. They could encrypt data such that only that NCA could decyrpt it; and they could attest to a remote server or peer about exactly what NCA was running. NCAs would also have some kind of secure I/O channel to input and display devices. An NCA would be immune to molestation by virus and malware unless the virus got into the NCA itself, which would be hard because they were supposed to be relatively small and simple. Infections elsewhere in the program, in the OS, or in other NCAs would not propagate to an NCA. Microsoft's design was sophisticated and (IMO) elegant, and goes far beyond anything the clumsy, design-by-committee TCG has come up with yet. Yet NGSCB failed even before it was released. Experience from early beta testers was uniformly negative, according to press reports, and the project was pulled for a redesign. Nothing has been heard of it for a year now. The problem was apparently that this LHS/RHS design was unacceptable to developers, introducing complexity and requiring a substantial rewrite of existing applications. The RHS Nexus API was so primitive that it was hard to do anything useful there, while LHS functionality was completely unprotected and received no benefits from the new technology. So that's where we stand. Given this uncertainty, it is hard to credit those who claim that TC will be a golden opportunity for malware. Nobody really knows what the architecture of TC will be by the time it is released. In this respect, Bruce Schneier's comments were the most accurate and prescient. Over two years ago he advised adopting a wait and see attitude, and predicted exactly the kind of revamping and redesign which is currently underway. But for the purposes of analysis, let's suppose that Microsoft's original vision were intact, and that NGSCB with the four features were actually being deployed. How might Dan Kaminsky's scenario of an infected Microsoft Word work out in detail? First we need to consider how the LHS/RHS split might work for a word processor. Most functions are not security related and will be in the LHS. Let's imagine a security function. Suppose a company wants to have certain documents to always be saved encrypted, and only to be exchanged (in encrypted form) with other employees also running the secure Word program. Nobody would be able to get access to the data except via this special program. This could be useful for company-confidental docs. So we will have an NCA on the RHS which can, under the guidance of some policy, save documents in encrypted form and locked to the NCA. No other software will be able to decrypt them because of the Sealed Storage function of the TPM. NCA's can exchange documents with matching NCAs on other computers, using Remote Attestation to verify that the remote system is running the right software, and to set up a secure comm channel between the NCAs. No other software, not even the LHS of Word, could decrypt the data being exchanged between the NCAs. And the NCAs run in secure memory, so that even in an infected computer there will be no way for the malware to get access to the sensitive data. So how does Kaminsky's attack work? He proposes to give some bogus data to the NCA and infect it. Now, here's the problem. The NCA is a relative small and simple program. It's not going to have the full capabilities of the rest of Word. It has a clean interface and a clean
Re: Dell to Add Security Chip to PCs
On 2005-02-04T23:28:56+0100, Eugen Leitl wrote: On Fri, Feb 04, 2005 at 08:21:47PM +, Justin wrote: They managed with the HTDV broadcast flag mandate. If I film off a HDTV screen with a HDTV camera (or just do single-frame with a good professional camera) will the flag be preserved? I don't think so, I think the flag is in the bitstream and doesn't affect visual output at all. You still run into significant quality loss trying to get around it that way. The point is that HDTV is a popular consumer technology, and the MPAA and TV networks alone managed to hijack it. -- War is the father and king of all, and some he shows as gods, others as men; some he makes slaves, others free. --Heraclitus (Kahn.83/D-K.53)
Re: Dell to Add Security Chip to PCs
-- On 3 Feb 2005 at 22:25, Anonymous wrote: Now, my personal perspective on this is that this is no real threat. It allows people who choose to use the capability to issue reasonably credible and convincing statements about their software configuration. Basically it allows people to tell the truth about their software in a convincing way. Anyone who is threatened by the ability of other people to tell the truth should take a hard look at his own ethical standards. Honesty is no threat to the world! The only people endangered by this capability are those who want to be able to lie. They want to agree to contracts and user agreements that, for example, require them to observe DRM restrictions and copyright laws, but then they want the power to go back on their word, to dishonor their commitment, and to lie about their promises. An honest man is not affected by Trusted Computing; it would not change his behavior in any way, because he would be as bound by his word as by the TC software restrictions. The ability to convincingly tell the truth is a very handy one between people who are roughly equal. It is a potentially disastrous one if one party can do violence with impunity to the one with the ability to convincingly tell the truth. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 6B7i0tiB4vUHqQnAP6nXT2z+B+zLB8624+K6+ENU 47fFHg6cY0KInzxMe/l+L2c7LqmPZyrwOSZepYIR3
Re: Dell to Add Security Chip to PCs
Eric Murray writes: The TCPA chip verifies the (signature on the) BIOS and the OS. So the software driver is the one that's trusted by the TCPA chip. I don't believe this is correct. The TPM does not verify any signatures. It is fundamentally a passive chip. Its only job is to store hashes of software components that the BIOS, boot loader and OS report to it. It can then report those hashes in attestations, or perform crypto sealing and unsealing operations in such a way that sealed data is locked to those hashes, and can't be unsealed if the hashes are different. and then asks: I have an application for exactly that behaviour. It's a secure appliance. Users don't run code on it. It needs to be able to verify that it's running the authorized OS and software and that new software is authorized. (it does it already, but a TCPA chip might do it better). So a question for the TCPA proponents (or opponents): how would I do that using TCPA? You might want to look at enforcer.sourceforge.net for some ideas. They created a Tripwire-like system which does a secure boot and compares the software that is loaded with approved versions. I don't remember if they used signatures or hashes for the comparison but presumably either one could be made to work. Marcel Popescu's message was mostly content free (I love the way he thinks its OK to lie as long as it's in English! - remind me never to trust this guy) but he did ask one non-rethorical question: Name other five (out of the most) laptop companies offering this chip in their laptops. (This is NOT rethorical, I'm really curious.) IBM T43 and Thinkpads (over 16 million TPMs shipped as of last year). HP/Compaq nc6000, nc8000, nw8000, nc4010 notebooks. Toshiba Dynabook SS LX, Tecra M3 and Portege M205-S810. Fujitsu Lifebook S7010 and LifeBook E8000 laptops; T4000 and ST5020 tablets. Samsung X-Series. NEC VersaPro/VersaProJ. and now Dell Latitude D410, D610 and D810.
Re: Dell to Add Security Chip to PCs
Peter Gutmann wrote: Neither. Currently they've typically been smart-card cores glued to the MB and accessed via I2C/SMB. and chips that typically have had eal4+ or eal5+ evaluations. hot topic in 2000, 2001 ... at the intel developer's forums and rsa conferences
Re: Dell to Add Security Chip to PCs
Erwann ABALEA wrote: I've read your objections. Maybe I wasn't clear. What's wrong in installing a cryptographic device by default on PC motherboards? I work for a PKI 'vendor', and for me, software private keys is a nonsense. How will you convice Mr Smith (or Mme Michu) to buy an expensive CC EAL4+ evaluated token, install the drivers, and solve the inevitable conflicts that will occur, simply to store his private key? You first have to be good to convice him to justify the extra depense. If a standard secure hardware cryptographic device is installed by default on PCs, it's OK! You could obviously say that Mr Smith won't be able to move his certificates from machine A to machine B, but more than 98% of the time, Mr Smith doesn't need to do that. Installing a TCPA chip is not a bad idea. It is as 'trustable' as any other cryptographic device, internal or external. What is bad is accepting to buy a software that you won't be able to use if you decide to claim your ownership... Palladium is bad, TCPA is not bad. Don't confuse the two. the cost of EAL evaluation typically has already been amortized across large number of chips in the smartcard market. the manufactoring costs of such a chip is pretty proportional to the chip size ... and the thing that drives chip size tends to be the amount of eeprom memory. in tcpa track at intel developer's forum a couple years ago ... i gave a talk and claimed that i had designed and significantly cost reduced such a chip by throwing out all features that weren't absolutely necessary for security. I also mentioned that two years after i had finished such a design ... that tcpa was starting to converge to something similar. the head of tcpa in the audience quiped that i didn't have a committee of 200 helping me with the design.
Re: Dell to Add Security Chip to PCs
The best that can happen with TCPA is pretty good - it could stop a lot of viruses and malware, for one thing. No, it can't. That's the point; it's not like the code running inside the sandbox becomes magically exploitproof...it just becomes totally opaque to any external auditor. A black hat takes an exploit, encrypts it to the public key exported by the TCPA-compliant environment (think about a worm that encrypts itself to each cached public key) and sends the newly unauditable structure out. Sure, the worm can only manipulate data inside the sandbox, but when the whole *idea* is to put everything valuable inside these safe sandboxes, that's not exactly comforting. --Dan
Re: Dell to Add Security Chip to PCs
In message [EMAIL PROTECTED], Dan Kaminsky writes: Uh, you *really* have no idea how much the black hat community is looking forward to TCPA. For example, Office is going to have core components running inside a protected environment totally immune to antivirus. How? TCPA is only a cryptographic device, and some BIOS code, nothing else. Does the coming of TCPA chips eliminate the bugs, buffer overflows, stack overflows, or any other way to execute arbitrary code? If yes, isn't that a wonderful thing? Obviously it doesn't (eliminate bugs and so on). TCPA eliminates external checks and balances, such as antivirus. As the user, I'm not trusted to audit operations within a TCPA-established sandbox. Antivirus is essentially a user system auditing tool, and TCPA-based systems have these big black boxes AV isn't allowed to analyze. Imagine a sandbox that parses input code signed to an API-derivable public key. Imagine an exploit encrypted to that. Can AV decrypt the payload and prevent execution? No, of course not. Only the TCPA sandbox can. But since AV can't get inside of the TCPA sandbox, whatever content is protected in there is quite conspicuously unprotected. It's a little like having a serial killer in San Quentin. You feel really safe until you realize...uh, he's your cellmate. I don't know how clear I can say this, your threat model is broken, and the bad guys can't stop laughing about it. I have no idea whether or not the bad guys are laughing about it, but if they are, I agree with them -- I'm very afriad that this chip will make matters worse, not better. With one exception -- preventing the theft of very sensitive user-owned private keys -- I don't think that the TCPA chip is solving the right problems. *Maybe* it will solve the problems of a future operating system architecture; on today's systems, it doesn't help, and probably makes matters worse. TCPA is a way to raise the walls between programs executing in different protection spaces. So far, so good. Now -- tell me the last time you saw an OS flaw that directly exploited flaws in conventional memory protection or process isolation? They're *very* rare. The problems we see are code bugs and architectural failures. A buffer overflow in a Web browser still compromises the browser; if the now-evil browser is capable of writing files, registry entries, etc., the user's machine is still capable of being turned into a spam engine, etc. Sure, in some new OS there might be restrictions on what such an application can do, but you can implement those restrictions with today's hardware. Again, the problem is in the OS architecture, not in the limitations of its hardware isolation. I can certainly imagine an operating system that does a much better job of isolating processes. (In fact, I've worked on such things; if you're interested, see my papers on sub-operating systems and separate IP addresses per process group.) But I don't see that TCPA chips add much over today's memory management architectures. Furthermore, as Dan points out, it may make things worse -- the safety of the OS depends on the userland/kernel interface, which in turn is heavily dependent on the complexity of the privileged kernel modules. If you put too much complex code in your kernel -- and from the talks I've heard this is exactly what Microsoft is planning -- it's not going to help the situation at all. Indeed, as Dan points out, it may make matters worse. Microsoft's current secure coding initiative is a good idea, and from what I've seen they're doing a good job of it. In 5 years, I wouldn't be at all surprised if the rate of simple bugs -- the buffer overflows, format string errors, race conditions, etc. -- was much lower in Windows and Office than in competing open source products. (I would add that this gain has come at a *very* high monetary cost -- training, code reviews, etc., aren't cheap.) The remaining danger -- and it's a big one -- is the architecture flaws, where ease of use and functionality often lead to danger. Getting this right -- getting it easy to use *and* secure -- is the real challenge. Nor are competing products immune; the drive to make KDE and Gnome (and for that matter MacOS X) as easy to use (well, easier to use) than Windows is likely to lead to the same downward security sprial. I'm ranting, and this is going off-topic. My bottom line: does this chip solve real problems that aren't solvable with today's technology? Other than protecting keys -- and, of course, DRM -- I'm very far from convinced of it. The fault, dear Brutus, is not in our stars but in ourselves. --Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Re: Dell to Add Security Chip to PCs
Trei, Peter wrote: It could easily be leveraged to make motherboards which will only run 'authorized' OSs, and OSs which will run only 'authorized' software. And you, the owner of the computer, will NOT neccesarily be the authority which gets to decide what OS and software the machine can run. If you 'take ownership' as you put it, the internal keys and certs change, and all of a sudden you might not have a bootable computer anymore. Goodbye Linux. Goodbye Freeware. Goodbye independent software development. It would be a very sad world if this comes to pass. Yes it would, many governments are turning to Linux and other freeware. Many huge companies make heavy use of Linux and and freeware, suddenly losing this would have a massive effect on their bottom line and possibly enough to impact the economy as a whole. Independent software developers are a significant part of the economy as well, and most politicians do not want to associate themselves with the concept of hurting small business. Universities and other educational institutions will fight anything that resembles what you have described tooth and nail. To think that this kind of technology would be mandated by a government is laughable. Nor do I believe there will be any conspiracy on the part of ISPs to require to in order to get on the Internet. As it stands now most people are running 5+ year old computer and windows 98/me, I doubt this is going to change much because for most people, this does what they want (minus all the security vulnerabilities, but with NAT appliances those are not even that big a deal). There is no customer demand for this technology to be mandated, there is no reason why an ISP or vendor would want to piss off significant percentages of their clients in this way. The software world is becoming MORE open. Firefox and Openoffice are becoming legitimate in the eyes of government and businesses, Linux is huge these days, and the open source development method is being talked about in business mags, board rooms, and universities everywhere. The government was not able to get the Clipper chip passed and that was backed with the horror stories of rampant pedophilia, terrorism, and organized crime. Do you honestly believe they will be able to destroy open source, linux, independent software development, and the like with just the fear of movie piracy, mp3 sharing, and such? Do you really think they are willing to piss off large sections of the voting population, the tech segment of the economy, universities, small businesses, and the rest of the world just because the MPAA and RIAA don't like customers owning devices they do not control? It is entirely possibly that a machine like you described will be built, I wish them luck because they will need it. It is attempted quite often and yet history shows us that there is really no widespread demand for iOpeners, WebTV, and their ilk. I don't see customers demanding this, therefor there will probably not be much of a supply. Either way, there is currently a HUGE market for general use PCs that the end user controls, so I imagine there will always be companies willing to supply them. My primary fear regarding TCPA is the remote attestation component. I can easily picture Microsoft deciding that they do not like Samba and decide to make it so that Windows boxes simply cannot communicate with it for domain, filesystem, or authentication purposes. All they need do is require that the piece on the other end be signed by Microsoft. Heck they could render http agent spoofing useless if they decide to make it so that only IE could connect to ISS. Again though, doing so would piss off a great many of their customers, some of who are slowly jumping ship to other solutions anyway. -- Mark Allen Earnest Lead Systems Programmer Emerging Technologies The Pennsylvania State University smime.p7s Description: S/MIME Cryptographic Signature
RE: Dell to Add Security Chip to PCs
On Thu, 3 Feb 2005, Erwann ABALEA wrote: And do you seriously think that you can't do that, it's technically not possible is a good answer? That's what you're saying. For me, a better answer is you don't have the right to deny my ownership. Yes, Senator McCarthy, I do in fact feel safer knowing that mathematics protects my data. Welcome to cypherpunks. -J
Re: Dell to Add Security Chip to PCs
Ed Reed wrote: I'm just curious on this point. I haven't seen much to indicate that Microsoft and others are ready for a nymous, tradeable software assets world. No, and neither are corporate customers, to a large extent. Right, so my point (I think) was that without some indication that those people are ready for a nymous, tradeable assets world, the notion of a trusted computing base is limited to working for the Microsofts off the world as the owners of the content, not to users as the owners of assets. Accountability is, in fact, a treasured property of business computing. Lack of accountability creates things like Enron, Anderson Consulting, Oil-for-Food scams, and the missing 9 billion dollars or so of reconstruction aid. It's the fuel that propells SPAM, graft, and identity theft. What I've not seen is much work providing accountability for anonymous transactions. I am having trouble with tying in accountability with the above examples. That doesn't sound like an accountability issue in the technical sense, that sounds like a theft problem. In this sense, I see two different uses of the word, and they don't have much of a linkage. Nymous systems are generally far more accountable in the technical sense, simply because they give you the tools to be absolutely sure about your statements. A nymous account has a an audit trail that can be traced as far as you have access to the information, and because the audit trail is cryptographically secured (by usage of hash and digsigs) a complete picture can be built up. This stands in contraposition to systems based on blinding formulas. That sort of issued money is intended to be untraceable and is thus less easily used to 'account' for everything. Having said that, there's no reason why a given transaction can't be set and stabilised in stone with a digital receipt, which then can form part of an accounting trail. But regardless of which system is used (nymous, blinded or POBA - plain old bank account) the money can be stolen, statements can be hidden and fudged, and purposes can be misrepresented, just like any others... If there was a reason why these big companies didn't get into such digital assets, I'd say it was because they hadn't succeeded in a form that was 'feel good' enough, as yet for them. In which case, I'd say that they would consider 'accountability' to mean 'my accountant won't think it strange.' iang -- News and views on what matters in finance+crypto: http://financialcryptography.com/
Re: Dell to Add Security Chip to PCs
- Original Message - From: Shawn K. Quinn [EMAIL PROTECTED] Subject: Re: Dell to Add Security Chip to PCs Isn't it possible to emulate the TCPA chip in software, using one's own RSA key, and thus signing whatever you damn well please with it instead of whatever the chip wants to sign? So in reality, as far as remote attestation goes, it's only as secure as the software driver used to talk to the TCPA chip, right? That issue has been dealt with. They do this by initializing the chip at the production plant, and generating the certs there, thus the process of making your software TCPA work actually involves faking out the production facility for some chips. This prevents the re-init that I think I saw mentioned a few messages ago (unless there's some re-signing process within the chip to allow back-registering, entirely possible, but unlikely). It even gets worse from there because the TCPA chip actually verifies the operating system on load, and then the OS verifies the drivers, solid chain of verification. Honestly Kaminsky has the correct idea about how to get into the chip and break the security, one small unchecked buffer and all the security disappears forever. Joe Trust Laboratories Changing Software Development http://www.trustlaboratories.com
Re: Dell to Add Security Chip to PCs
Ed Reed wrote: I'm just curious on this point. I haven't seen much to indicate that Microsoft and others are ready for a nymous, tradeable software assets world. No, and neither are corporate customers, to a large extent. Right, so my point (I think) was that without some indication that those people are ready for a nymous, tradeable assets world, the notion of a trusted computing base is limited to working for the Microsofts off the world as the owners of the content, not to users as the owners of assets. Accountability is, in fact, a treasured property of business computing. Lack of accountability creates things like Enron, Anderson Consulting, Oil-for-Food scams, and the missing 9 billion dollars or so of reconstruction aid. It's the fuel that propells SPAM, graft, and identity theft. What I've not seen is much work providing accountability for anonymous transactions. I am having trouble with tying in accountability with the above examples. That doesn't sound like an accountability issue in the technical sense, that sounds like a theft problem. In this sense, I see two different uses of the word, and they don't have much of a linkage. Nymous systems are generally far more accountable in the technical sense, simply because they give you the tools to be absolutely sure about your statements. A nymous account has a an audit trail that can be traced as far as you have access to the information, and because the audit trail is cryptographically secured (by usage of hash and digsigs) a complete picture can be built up. This stands in contraposition to systems based on blinding formulas. That sort of issued money is intended to be untraceable and is thus less easily used to 'account' for everything. Having said that, there's no reason why a given transaction can't be set and stabilised in stone with a digital receipt, which then can form part of an accounting trail. But regardless of which system is used (nymous, blinded or POBA - plain old bank account) the money can be stolen, statements can be hidden and fudged, and purposes can be misrepresented, just like any others... If there was a reason why these big companies didn't get into such digital assets, I'd say it was because they hadn't succeeded in a form that was 'feel good' enough, as yet for them. In which case, I'd say that they would consider 'accountability' to mean 'my accountant won't think it strange.' iang -- News and views on what matters in finance+crypto: http://financialcryptography.com/
Re: Dell to Add Security Chip to PCs
On 2005-02-04T14:30:48-0500, Mark Allen Earnest wrote: The government was not able to get the Clipper chip passed and that was backed with the horror stories of rampant pedophilia, terrorism, and organized crime. Do you honestly believe they will be able to destroy open source, linux, independent software development, and the like with just the fear of movie piracy, mp3 sharing, and such? Do you really think they are willing to piss off large sections of the voting population, the tech segment of the economy, universities, small businesses, and the rest of the world just because the MPAA and RIAA don't like customers owning devices they do not control? They managed with the HTDV broadcast flag mandate. -- War is the father and king of all, and some he shows as gods, others as men; some he makes slaves, others free. --Heraclitus (Kahn.83/D-K.53)
Re: Dell to Add Security Chip to PCs
Peter Gutmann wrote: Neither. Currently they've typically been smart-card cores glued to the MB and accessed via I2C/SMB. and chips that typically have had eal4+ or eal5+ evaluations. hot topic in 2000, 2001 ... at the intel developer's forums and rsa conferences
Re: Dell to Add Security Chip to PCs
Erwann ABALEA wrote: I've read your objections. Maybe I wasn't clear. What's wrong in installing a cryptographic device by default on PC motherboards? I work for a PKI 'vendor', and for me, software private keys is a nonsense. How will you convice Mr Smith (or Mme Michu) to buy an expensive CC EAL4+ evaluated token, install the drivers, and solve the inevitable conflicts that will occur, simply to store his private key? You first have to be good to convice him to justify the extra depense. If a standard secure hardware cryptographic device is installed by default on PCs, it's OK! You could obviously say that Mr Smith won't be able to move his certificates from machine A to machine B, but more than 98% of the time, Mr Smith doesn't need to do that. Installing a TCPA chip is not a bad idea. It is as 'trustable' as any other cryptographic device, internal or external. What is bad is accepting to buy a software that you won't be able to use if you decide to claim your ownership... Palladium is bad, TCPA is not bad. Don't confuse the two. the cost of EAL evaluation typically has already been amortized across large number of chips in the smartcard market. the manufactoring costs of such a chip is pretty proportional to the chip size ... and the thing that drives chip size tends to be the amount of eeprom memory. in tcpa track at intel developer's forum a couple years ago ... i gave a talk and claimed that i had designed and significantly cost reduced such a chip by throwing out all features that weren't absolutely necessary for security. I also mentioned that two years after i had finished such a design ... that tcpa was starting to converge to something similar. the head of tcpa in the audience quiped that i didn't have a committee of 200 helping me with the design.
Re: Dell to Add Security Chip to PCs
The best that can happen with TCPA is pretty good - it could stop a lot of viruses and malware, for one thing. No, it can't. That's the point; it's not like the code running inside the sandbox becomes magically exploitproof...it just becomes totally opaque to any external auditor. A black hat takes an exploit, encrypts it to the public key exported by the TCPA-compliant environment (think about a worm that encrypts itself to each cached public key) and sends the newly unauditable structure out. Sure, the worm can only manipulate data inside the sandbox, but when the whole *idea* is to put everything valuable inside these safe sandboxes, that's not exactly comforting. --Dan
Re: Dell to Add Security Chip to PCs
In message [EMAIL PROTECTED], Dan Kaminsky writes: Uh, you *really* have no idea how much the black hat community is looking forward to TCPA. For example, Office is going to have core components running inside a protected environment totally immune to antivirus. How? TCPA is only a cryptographic device, and some BIOS code, nothing else. Does the coming of TCPA chips eliminate the bugs, buffer overflows, stack overflows, or any other way to execute arbitrary code? If yes, isn't that a wonderful thing? Obviously it doesn't (eliminate bugs and so on). TCPA eliminates external checks and balances, such as antivirus. As the user, I'm not trusted to audit operations within a TCPA-established sandbox. Antivirus is essentially a user system auditing tool, and TCPA-based systems have these big black boxes AV isn't allowed to analyze. Imagine a sandbox that parses input code signed to an API-derivable public key. Imagine an exploit encrypted to that. Can AV decrypt the payload and prevent execution? No, of course not. Only the TCPA sandbox can. But since AV can't get inside of the TCPA sandbox, whatever content is protected in there is quite conspicuously unprotected. It's a little like having a serial killer in San Quentin. You feel really safe until you realize...uh, he's your cellmate. I don't know how clear I can say this, your threat model is broken, and the bad guys can't stop laughing about it. I have no idea whether or not the bad guys are laughing about it, but if they are, I agree with them -- I'm very afriad that this chip will make matters worse, not better. With one exception -- preventing the theft of very sensitive user-owned private keys -- I don't think that the TCPA chip is solving the right problems. *Maybe* it will solve the problems of a future operating system architecture; on today's systems, it doesn't help, and probably makes matters worse. TCPA is a way to raise the walls between programs executing in different protection spaces. So far, so good. Now -- tell me the last time you saw an OS flaw that directly exploited flaws in conventional memory protection or process isolation? They're *very* rare. The problems we see are code bugs and architectural failures. A buffer overflow in a Web browser still compromises the browser; if the now-evil browser is capable of writing files, registry entries, etc., the user's machine is still capable of being turned into a spam engine, etc. Sure, in some new OS there might be restrictions on what such an application can do, but you can implement those restrictions with today's hardware. Again, the problem is in the OS architecture, not in the limitations of its hardware isolation. I can certainly imagine an operating system that does a much better job of isolating processes. (In fact, I've worked on such things; if you're interested, see my papers on sub-operating systems and separate IP addresses per process group.) But I don't see that TCPA chips add much over today's memory management architectures. Furthermore, as Dan points out, it may make things worse -- the safety of the OS depends on the userland/kernel interface, which in turn is heavily dependent on the complexity of the privileged kernel modules. If you put too much complex code in your kernel -- and from the talks I've heard this is exactly what Microsoft is planning -- it's not going to help the situation at all. Indeed, as Dan points out, it may make matters worse. Microsoft's current secure coding initiative is a good idea, and from what I've seen they're doing a good job of it. In 5 years, I wouldn't be at all surprised if the rate of simple bugs -- the buffer overflows, format string errors, race conditions, etc. -- was much lower in Windows and Office than in competing open source products. (I would add that this gain has come at a *very* high monetary cost -- training, code reviews, etc., aren't cheap.) The remaining danger -- and it's a big one -- is the architecture flaws, where ease of use and functionality often lead to danger. Getting this right -- getting it easy to use *and* secure -- is the real challenge. Nor are competing products immune; the drive to make KDE and Gnome (and for that matter MacOS X) as easy to use (well, easier to use) than Windows is likely to lead to the same downward security sprial. I'm ranting, and this is going off-topic. My bottom line: does this chip solve real problems that aren't solvable with today's technology? Other than protecting keys -- and, of course, DRM -- I'm very far from convinced of it. The fault, dear Brutus, is not in our stars but in ourselves. --Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Re: Dell to Add Security Chip to PCs
On Wed, Feb 02, 2005 at 05:30:33PM +0100, Erwann ABALEA wrote: Please stop relaying FUD. You have full control over your PC, even if this Please stop relaying pro-DRM pabulum. The only reason for Nagscab is restricting the user's rights to his own files. Of course there are other reasons for having crypto compartments in your machine, but the reason Dell/IBM is rolling them out is not that. one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. Really? How interesting. Please tell us more. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpmlgmPDiOIo.pgp Description: PGP signature
Re: Dell to Add Security Chip to PCs
Ian G [EMAIL PROTECTED] 2/2/2005 6:38:46 PM I'm just curious on this point. I haven't seen much to indicate that Microsoft and others are ready for a nymous, tradeable software assets world. No, and neither are corporate customers, to a large extent. Accountability is, in fact, a treasured property of business computing. Lack of accountability creates things like Enron, Anderson Consulting, Oil-for-Food scams, and the missing 9 billion dollars or so of reconstruction aid. It's the fuel that propells SPAM, graft, and identity theft. What I've not seen is much work providing accountability for anonymous transactions. It's a shame people persist in thinking a single solution will satify everyone, as though computing was somehow different from everything else in life. Ed
RE: Dell to Add Security Chip to PCs
Bonjour, On Wed, 2 Feb 2005, Erwann ABALEA wrote: On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. I've read your objections. Maybe I wasn't clear. What's wrong in installing a cryptographic device by default on PC motherboards? I work for a PKI 'vendor', and for me, software private keys is a nonsense. How will you convice Mr Smith (or Mme Michu) to buy an expensive CC EAL4+ evaluated token, install the drivers, and solve the inevitable conflicts that will occur, simply to store his private key? You first have to be good to convice him to justify the extra depense. If a standard secure hardware cryptographic device is installed by default on PCs, it's OK! You could obviously say that Mr Smith won't be able to move his certificates from machine A to machine B, but more than 98% of the time, Mr Smith doesn't need to do that. Installing a TCPA chip is not a bad idea. It is as 'trustable' as any other cryptographic device, internal or external. What is bad is accepting to buy a software that you won't be able to use if you decide to claim your ownership... Palladium is bad, TCPA is not bad. Don't confuse the two. -- Erwann ABALEA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5
RE: Dell to Add Security Chip to PCs
Ah. That's a good sanity check. Like I said I'm by no means an expert but I considered it highly unlikely they'd use a dedicated crypto ASIC in this context. -TD From: [EMAIL PROTECTED] (Peter Gutmann) To: [EMAIL PROTECTED], cryptography@metzdowd.com,[EMAIL PROTECTED], [EMAIL PROTECTED] Subject: RE: Dell to Add Security Chip to PCs Date: Thu, 03 Feb 2005 17:53:22 +1300 Tyler Durden [EMAIL PROTECTED] writes: That chip...is it likely to be an ASIC or is there already such a thing as a security network processor? (ie, a cheaper network processor that only handles security apps, etc...) Or could it be an FPGA? Neither. Currently they've typically been smart-card cores glued to the MB and accessed via I2C/SMB. Peter.
Re: Dell to Add Security Chip to PCs
On Wed, 2 Feb 2005, Dan Kaminsky wrote: Uh, you *really* have no idea how much the black hat community is looking forward to TCPA. For example, Office is going to have core components running inside a protected environment totally immune to antivirus. How? TCPA is only a cryptographic device, and some BIOS code, nothing else. Does the coming of TCPA chips eliminate the bugs, buffer overflows, stack overflows, or any other way to execute arbitrary code? If yes, isn't that a wonderful thing? Obviously it doesn't (eliminate bugs and so on). Since these components are going to be managing cryptographic operations, the well defined API exposed from within the sandbox will have arbitrary content going in, and opaque content coming out. Malware goes in (there's not a executable environment created that can't be exploited), sets up shop, has no need to be stealthy due to the complete blockage of AV monitors and cleaners, and does what it wants to the plaintext and ciphertext (alters content, changes keys) before emitting it back out the opaque outbound interface. I use cryptographic devices everyday, and TCPA is not different than the present situation. No better, no worse. -- Erwann ABALEA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5
RE: Dell to Add Security Chip to PCs
On Thu, 3 Feb 2005, Jay Sulzberger wrote: On Wed, 2 Feb 2005, Erwann ABALEA wrote: On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. After TCPA systems are the only systems for sale at CompUSA, how long before this off switch is removed? All agree we live in a time of crisis; at any moment MICROSOFT/RIAA/MPAA/HOMSECPOL/CONGREGATIONOFMARTYRS may require of all of us an attestation of faith and obedience greater and more secure than present hardware can convincingly convey. And do you seriously think that you can't do that, it's technically not possible is a good answer? That's what you're saying. For me, a better answer is you don't have the right to deny my ownership. -- Erwann ABALEA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5
RE: Dell to Add Security Chip to PCs
Erwann ABALEA On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. Congratulations on your new baby. Working in the security business, paranoia is pretty much a job requirement. What's the worst that could happen? is taken seriously. The best that can happen with TCPA is pretty good - it could stop a lot of viruses and malware, for one thing. But the worst that can happen with TCPA is pretty awful. It could easily be leveraged to make motherboards which will only run 'authorized' OSs, and OSs which will run only 'authorized' software. And you, the owner of the computer, will NOT neccesarily be the authority which gets to decide what OS and software the machine can run. If you 'take ownership' as you put it, the internal keys and certs change, and all of a sudden you might not have a bootable computer anymore. Goodbye Linux. Goodbye Freeware. Goodbye independent software development. It would be a very sad world if this comes to pass. Peter Trei
Re: Dell to Add Security Chip to PCs
I spent considerable time a couple years ago on these lists arguing that people should have the right to use this technology if they want. I also believe that it has potential good uses. But let's be accurate. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. It is not true that the TPM_TakeOwnership command erases and regenerates the internal keys. It does generate a new Storage Root Key, which is used for encrypting local data. But the main controversy around TC is the Remote Attestation feature. That uses a key called the Endorsement Key, EK. It is an RSA public key generated on chip at manufacture time, before it comes into the user's hands. The manufacturer issues a certificate on the public part of the EK, called the PUBEK. This key is then used (in a somewhat roundabout manner) to issue signed statements which attest to the software state of the machine. These attestations are what allow a remote server to know if you are running a client software configuration which the server finds acceptable, allowing the server to refuse service to you if it doesn't like what you're running. And this is the foundation for DRM. The point is that the user can't change the PUBEK. Only one is generated per chip, and that is the only one which gets a certificate from the manufacturer. The private part of this key never leaves the chip and no one, not the user and not the manufacturer, ever learns the private key. Now, my personal perspective on this is that this is no real threat. It allows people who choose to use the capability to issue reasonably credible and convincing statements about their software configuration. Basically it allows people to tell the truth about their software in a convincing way. Anyone who is threatened by the ability of other people to tell the truth should take a hard look at his own ethical standards. Honesty is no threat to the world! The only people endangered by this capability are those who want to be able to lie. They want to agree to contracts and user agreements that, for example, require them to observe DRM restrictions and copyright laws, but then they want the power to go back on their word, to dishonor their commitment, and to lie about their promises. An honest man is not affected by Trusted Computing; it would not change his behavior in any way, because he would be as bound by his word as by the TC software restrictions. But I guess Cypherpunks are rogues, theives and liars, if my earlier interactions with them are any guide. It's an ironic and unfortunate turn for an organization originally devoted to empowering end users to use new cryptographic technologies in favor of what was once called crypto anarchy. TC is the ultimate manifestation of anarchic behavior, a technology which is purely voluntary and threatens no one, which allows people to make new kinds of contracts and commitments that no one else should have the right to oppose. And yet Cypherpunks are now arch collectivists, fighting the right of private individuals and companies to make their own choices about what technologies to use. How the worm has turned. Another poster writes: Please stop relaying pro-DRM pabulum. The only reason for Nagscab is restricting the user's rights to his own files. Of course there are other reasons for having crypto compartments in your machine, but the reason Dell/IBM is rolling them out is not that. A sad illustration of the paranoia and blinkered groupthink so prevalant on this mailing list today. Imagine, Dell is providing this chip as part of a vast conspiracy to restrict the user's rights to his own files. Anyone whose grasp on reality is so poor as to believe this deserves what he gets. The truth is, frankly, that Dell is providing this chip on their laptops simply because laptop owners like the idea of having a security chip, most other laptop companies offer them, and the TCG is the main player in this space. Dell is neither seeking to advance my liberatarian goals nor promoting the conspiracy-theorist vision of taking away people's control over their computers. The truth is far more mundane.
Re: Dell to Add Security Chip to PCs
Uh, you *really* have no idea how much the black hat community is looking forward to TCPA. For example, Office is going to have core components running inside a protected environment totally immune to antivirus. How? TCPA is only a cryptographic device, and some BIOS code, nothing else. Does the coming of TCPA chips eliminate the bugs, buffer overflows, stack overflows, or any other way to execute arbitrary code? If yes, isn't that a wonderful thing? Obviously it doesn't (eliminate bugs and so on). TCPA eliminates external checks and balances, such as antivirus. As the user, I'm not trusted to audit operations within a TCPA-established sandbox. Antivirus is essentially a user system auditing tool, and TCPA-based systems have these big black boxes AV isn't allowed to analyze. Imagine a sandbox that parses input code signed to an API-derivable public key. Imagine an exploit encrypted to that. Can AV decrypt the payload and prevent execution? No, of course not. Only the TCPA sandbox can. But since AV can't get inside of the TCPA sandbox, whatever content is protected in there is quite conspicuously unprotected. It's a little like having a serial killer in San Quentin. You feel really safe until you realize...uh, he's your cellmate. I don't know how clear I can say this, your threat model is broken, and the bad guys can't stop laughing about it. I use cryptographic devices everyday, and TCPA is not different than the present situation. No better, no worse. I do a fair number of conferences with exploit authors every few months, and I can tell you, much worse. Licking chops is an accurate assessment. Honestly, it's a little like HID's radio barcode number concept of RFID. Everyone expects it to get everywhere, then get exploited mercilessly, then get ripped off the market quite painfully. --Dan
Re: Dell to Add Security Chip to PCs
On Thu, 2005-02-03 at 22:25 +0100, Anonymous wrote: The manufacturer issues a certificate on the public part of the EK, called the PUBEK. This key is then used (in a somewhat roundabout manner) to issue signed statements which attest to the software state of the machine. These attestations are what allow a remote server to know if you are running a client software configuration which the server finds acceptable, allowing the server to refuse service to you if it doesn't like what you're running. And this is the foundation for DRM. Isn't it possible to emulate the TCPA chip in software, using one's own RSA key, and thus signing whatever you damn well please with it instead of whatever the chip wants to sign? So in reality, as far as remote attestation goes, it's only as secure as the software driver used to talk to the TCPA chip, right? -- Shawn K. Quinn [EMAIL PROTECTED]
Re: Dell to Add Security Chip to PCs
Erwann ABALEA wrote: On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. So .. the way this works is that Dell Microsoft ship you a computer with lots of nice multimedia stuff on it. You take control of your chip by erasing it and regenerating keys, and then the multimedia software that you paid for no longer works? I'm just curious on this point. I haven't seen much to indicate that Microsoft and others are ready for a nymous, tradeable software assets world. iang -- News and views on what matters in finance+crypto: http://financialcryptography.com/
Re: Dell to Add Security Chip to PCs
On Wed, Feb 02, 2005 at 05:30:33PM +0100, Erwann ABALEA wrote: Please stop relaying FUD. You have full control over your PC, even if this Please stop relaying pro-DRM pabulum. The only reason for Nagscab is restricting the user's rights to his own files. Of course there are other reasons for having crypto compartments in your machine, but the reason Dell/IBM is rolling them out is not that. one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. Really? How interesting. Please tell us more. -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpNWd5zynCg5.pgp Description: PGP signature
RE: Dell to Add Security Chip to PCs
Erwann ABALEA On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. Congratulations on your new baby. Working in the security business, paranoia is pretty much a job requirement. What's the worst that could happen? is taken seriously. The best that can happen with TCPA is pretty good - it could stop a lot of viruses and malware, for one thing. But the worst that can happen with TCPA is pretty awful. It could easily be leveraged to make motherboards which will only run 'authorized' OSs, and OSs which will run only 'authorized' software. And you, the owner of the computer, will NOT neccesarily be the authority which gets to decide what OS and software the machine can run. If you 'take ownership' as you put it, the internal keys and certs change, and all of a sudden you might not have a bootable computer anymore. Goodbye Linux. Goodbye Freeware. Goodbye independent software development. It would be a very sad world if this comes to pass. Peter Trei
Re: Dell to Add Security Chip to PCs
Uh, you *really* have no idea how much the black hat community is looking forward to TCPA. For example, Office is going to have core components running inside a protected environment totally immune to antivirus. Since these components are going to be managing cryptographic operations, the well defined API exposed from within the sandbox will have arbitrary content going in, and opaque content coming out. Malware goes in (there's not a executable environment created that can't be exploited), sets up shop, has no need to be stealthy due to the complete blockage of AV monitors and cleaners, and does what it wants to the plaintext and ciphertext (alters content, changes keys) before emitting it back out the opaque outbound interface. So, no FUD, you lose :) --Dan Erwann ABALEA wrote: On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys.
RE: Dell to Add Security Chip to PCs
Tyler Durden [EMAIL PROTECTED] writes: That chip...is it likely to be an ASIC or is there already such a thing as a security network processor? (ie, a cheaper network processor that only handles security apps, etc...) Or could it be an FPGA? Neither. Currently they've typically been smart-card cores glued to the MB and accessed via I2C/SMB. Peter.
RE: Dell to Add Security Chip to PCs
On Wed, 2 Feb 2005, Erwann ABALEA wrote: On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. -- Erwann ABALEA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 After TCPA systems are the only systems for sale at CompUSA, how long before this off switch is removed? All agree we live in a time of crisis; at any moment MICROSOFT/RIAA/MPAA/HOMSECPOL/CONGREGATIONOFMARTYRS may require of all of us an attestation of faith and obedience greater and more secure than present hardware can convincingly convey. oo--JS.
Re: Dell to Add Security Chip to PCs
On Wed, 2 Feb 2005, Dan Kaminsky wrote: Uh, you *really* have no idea how much the black hat community is looking forward to TCPA. For example, Office is going to have core components running inside a protected environment totally immune to antivirus. How? TCPA is only a cryptographic device, and some BIOS code, nothing else. Does the coming of TCPA chips eliminate the bugs, buffer overflows, stack overflows, or any other way to execute arbitrary code? If yes, isn't that a wonderful thing? Obviously it doesn't (eliminate bugs and so on). Since these components are going to be managing cryptographic operations, the well defined API exposed from within the sandbox will have arbitrary content going in, and opaque content coming out. Malware goes in (there's not a executable environment created that can't be exploited), sets up shop, has no need to be stealthy due to the complete blockage of AV monitors and cleaners, and does what it wants to the plaintext and ciphertext (alters content, changes keys) before emitting it back out the opaque outbound interface. I use cryptographic devices everyday, and TCPA is not different than the present situation. No better, no worse. -- Erwann ABALEA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5
RE: Dell to Add Security Chip to PCs
On Thu, 3 Feb 2005, Jay Sulzberger wrote: On Wed, 2 Feb 2005, Erwann ABALEA wrote: On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. After TCPA systems are the only systems for sale at CompUSA, how long before this off switch is removed? All agree we live in a time of crisis; at any moment MICROSOFT/RIAA/MPAA/HOMSECPOL/CONGREGATIONOFMARTYRS may require of all of us an attestation of faith and obedience greater and more secure than present hardware can convincingly convey. And do you seriously think that you can't do that, it's technically not possible is a good answer? That's what you're saying. For me, a better answer is you don't have the right to deny my ownership. -- Erwann ABALEA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5
RE: Dell to Add Security Chip to PCs
--- Trei, Peter [EMAIL PROTECTED] wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Well we all know that having complete control over one's own computer is far too dangerous. Obviously, it would be best if computers, operating systems, and application software had proprietary back-doors that would enable the secret police to arbitrarily monitor the all goes on in the suspicious and dark recesses of memory and the CPU. Hell, I trust the secret police to use such capabilities for moral and legitimate purposes only, and as we all know the people who become secret police are of the best and brightest stock of humanity and will allways act in the best interests of mankind. Corruption and fraud among such elites will be impossible, particularly if current standards of law and morality continue to be applied with the consistency we are now accustomed to. Personally, I have no fear that you, the members of this group, who I am barely qualified to address online, and who represent some of the best people the Internet has to offer, would not be the ones best suited to control the computing infrastructure of the Earth's people. And in that vein, I offer the following job tip as a token of my confidence. In today's Globe and Mail newspaper there is an advertisment from the CSE (Communications Security Establishment, for those who are not familiar with the lesser known TLA's) in which they relate that they are soliciting new team members: We are the Communications Security Establishment, a member agency of Canada's security and intelligence team. CSE acquires and provides forign signals intelligence and provides advice, guidance and services to help insure the protection of Government of Canada electronic information. CSE also provides assistance to federal law enforcement and security agencies. We offer a stimulating work environment, state-of-the- art technology, competative salaries, and an opportunity to make a difference. ENGINEERS - hardware design - wireless - computers and network security - test and verification - project management ANALYSTS - intelligence - linguistic (Asian, Middle Eastern and European languages) - systems - financial - human resources - policy - network COMPUTER SCIENCE SPECIALISTS - LAN/WAN administration (UNIX/WINDOWS) - programmer analysts (C/C++, Java) - computer and network security - project management MATHEMATICIANS - cryptography and cryptanalysis - diverse theoretical and applied areas of mathematics - optimization, numerical and computational methods Requirements: - Postions in our organisation will be of interest to those with a post-secondary education and/or experience in: engineering, mathematics, computer science, language studies, political science, business, economics or accounting. You must be a Canadian citizen and eligable for a top secret security clearance. positions are located in Ottawa. CSE is an equal opportunity employer. We welcome applications from all qualified individuals, including women, mempers of visible minorities, Aboriginal peoples and persons with disabilities. It sounds so good that I would certainly consider applying myself if it were not for the fact that I love my current occupation as slave and chew-toy for the privilaged and beautifle so very much. For those of you who are not canadian citizens, I can let you in on a little secret. CSIS doesn't check all that closely when they do their security clearance background investigations, and so you can just tell them you forgot your ID in your other suit when they ask for it. By all accounts, the pay is great as are the fringe benefits. Loot confiscated as a part of legitimate intelligence excercises and operations are generally made available on a first-come, first- serve basis to employees in good standing. Other benefits include super-human abilities and powers unavailable to normal human beings. All in all, it sounds like a great place to work. Good luck to any of you who apply. Regards, Steve __ Post your free ad now! http://personals.yahoo.ca
Re: Dell to Add Security Chip to PCs
On Wed, Feb 02, 2005 at 12:45:58PM -0500, Steve Thompson wrote: Well we all know that having complete control over one's own computer is far too dangerous. Obviously, it would be best if computers, operating systems, and application software had proprietary back-doors that would enable the secret police to arbitrarily monitor the all goes on in the suspicious and dark recesses of memory and the CPU. If there's nasty Nagscab living on your motherboard, you might as well use it for something constructive: http://www.linuxjournal.com/article/6633 (Of course the stuff might contain undocumented features, so only a fool would rely it to conform to specs, all the time). -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgp3Zq2a6AMwS.pgp Description: PGP signature
RE: Dell to Add Security Chip to PCs
Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Peter Trei Tyler Durden ANyone familiar with computer architectures and chips able to answer this question: That chip...is it likely to be an ASIC or is there already such a thing as a security network processor? (ie, a cheaper network processor that only handles security apps, etc...) -TD From: R.A. Hettinga [EMAIL PROTECTED] HOUSTON -- Dell Inc. today is expected to add its support to an industry effort to beef up desktop and notebook PC security by installing a dedicated chip that adds security and privacy-specific features, according to people familiar with its plans. Dell will disclose plans to add the security features known as the Trusted Computing Module on all its personal computers. Its support comes in the wake of similar endorsements by PC industry giants Advanced Micro Devices Inc., Hewlett-Packard Co., Intel Corp. and International Business Machines Corp. The technology has been promoted by an industry organization called the Trusted Computing Group.
RE: Dell to Add Security Chip to PCs
On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. -- Erwann ABALEA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5
Re: Dell to Add Security Chip to PCs
Erwann ABALEA wrote: On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. So .. the way this works is that Dell Microsoft ship you a computer with lots of nice multimedia stuff on it. You take control of your chip by erasing it and regenerating keys, and then the multimedia software that you paid for no longer works? I'm just curious on this point. I haven't seen much to indicate that Microsoft and others are ready for a nymous, tradeable software assets world. iang -- News and views on what matters in finance+crypto: http://financialcryptography.com/
Re: Dell to Add Security Chip to PCs
Uh, you *really* have no idea how much the black hat community is looking forward to TCPA. For example, Office is going to have core components running inside a protected environment totally immune to antivirus. Since these components are going to be managing cryptographic operations, the well defined API exposed from within the sandbox will have arbitrary content going in, and opaque content coming out. Malware goes in (there's not a executable environment created that can't be exploited), sets up shop, has no need to be stealthy due to the complete blockage of AV monitors and cleaners, and does what it wants to the plaintext and ciphertext (alters content, changes keys) before emitting it back out the opaque outbound interface. So, no FUD, you lose :) --Dan Erwann ABALEA wrote: On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys.
RE: Dell to Add Security Chip to PCs
Tyler Durden [EMAIL PROTECTED] writes: That chip...is it likely to be an ASIC or is there already such a thing as a security network processor? (ie, a cheaper network processor that only handles security apps, etc...) Or could it be an FPGA? Neither. Currently they've typically been smart-card cores glued to the MB and accessed via I2C/SMB. Peter.
RE: Dell to Add Security Chip to PCs
On Wed, 2 Feb 2005, Erwann ABALEA wrote: On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. -- Erwann ABALEA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5 After TCPA systems are the only systems for sale at CompUSA, how long before this off switch is removed? All agree we live in a time of crisis; at any moment MICROSOFT/RIAA/MPAA/HOMSECPOL/CONGREGATIONOFMARTYRS may require of all of us an attestation of faith and obedience greater and more secure than present hardware can convincingly convey. oo--JS.
RE: Dell to Add Security Chip to PCs
--- Trei, Peter [EMAIL PROTECTED] wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Well we all know that having complete control over one's own computer is far too dangerous. Obviously, it would be best if computers, operating systems, and application software had proprietary back-doors that would enable the secret police to arbitrarily monitor the all goes on in the suspicious and dark recesses of memory and the CPU. Hell, I trust the secret police to use such capabilities for moral and legitimate purposes only, and as we all know the people who become secret police are of the best and brightest stock of humanity and will allways act in the best interests of mankind. Corruption and fraud among such elites will be impossible, particularly if current standards of law and morality continue to be applied with the consistency we are now accustomed to. Personally, I have no fear that you, the members of this group, who I am barely qualified to address online, and who represent some of the best people the Internet has to offer, would not be the ones best suited to control the computing infrastructure of the Earth's people. And in that vein, I offer the following job tip as a token of my confidence. In today's Globe and Mail newspaper there is an advertisment from the CSE (Communications Security Establishment, for those who are not familiar with the lesser known TLA's) in which they relate that they are soliciting new team members: We are the Communications Security Establishment, a member agency of Canada's security and intelligence team. CSE acquires and provides forign signals intelligence and provides advice, guidance and services to help insure the protection of Government of Canada electronic information. CSE also provides assistance to federal law enforcement and security agencies. We offer a stimulating work environment, state-of-the- art technology, competative salaries, and an opportunity to make a difference. ENGINEERS - hardware design - wireless - computers and network security - test and verification - project management ANALYSTS - intelligence - linguistic (Asian, Middle Eastern and European languages) - systems - financial - human resources - policy - network COMPUTER SCIENCE SPECIALISTS - LAN/WAN administration (UNIX/WINDOWS) - programmer analysts (C/C++, Java) - computer and network security - project management MATHEMATICIANS - cryptography and cryptanalysis - diverse theoretical and applied areas of mathematics - optimization, numerical and computational methods Requirements: - Postions in our organisation will be of interest to those with a post-secondary education and/or experience in: engineering, mathematics, computer science, language studies, political science, business, economics or accounting. You must be a Canadian citizen and eligable for a top secret security clearance. positions are located in Ottawa. CSE is an equal opportunity employer. We welcome applications from all qualified individuals, including women, mempers of visible minorities, Aboriginal peoples and persons with disabilities. It sounds so good that I would certainly consider applying myself if it were not for the fact that I love my current occupation as slave and chew-toy for the privilaged and beautifle so very much. For those of you who are not canadian citizens, I can let you in on a little secret. CSIS doesn't check all that closely when they do their security clearance background investigations, and so you can just tell them you forgot your ID in your other suit when they ask for it. By all accounts, the pay is great as are the fringe benefits. Loot confiscated as a part of legitimate intelligence excercises and operations are generally made available on a first-come, first- serve basis to employees in good standing. Other benefits include super-human abilities and powers unavailable to normal human beings. All in all, it sounds like a great place to work. Good luck to any of you who apply. Regards, Steve __ Post your free ad now! http://personals.yahoo.ca
Re: Dell to Add Security Chip to PCs
On Wed, Feb 02, 2005 at 12:45:58PM -0500, Steve Thompson wrote: Well we all know that having complete control over one's own computer is far too dangerous. Obviously, it would be best if computers, operating systems, and application software had proprietary back-doors that would enable the secret police to arbitrarily monitor the all goes on in the suspicious and dark recesses of memory and the CPU. If there's nasty Nagscab living on your motherboard, you might as well use it for something constructive: http://www.linuxjournal.com/article/6633 (Of course the stuff might contain undocumented features, so only a fool would rely it to conform to specs, all the time). -- Eugen* Leitl a href=http://leitl.org;leitl/a __ ICBM: 48.07078, 11.61144http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net pgpGWG1YRbs5v.pgp Description: PGP signature
RE: Dell to Add Security Chip to PCs
Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Peter Trei Tyler Durden ANyone familiar with computer architectures and chips able to answer this question: That chip...is it likely to be an ASIC or is there already such a thing as a security network processor? (ie, a cheaper network processor that only handles security apps, etc...) -TD From: R.A. Hettinga [EMAIL PROTECTED] HOUSTON -- Dell Inc. today is expected to add its support to an industry effort to beef up desktop and notebook PC security by installing a dedicated chip that adds security and privacy-specific features, according to people familiar with its plans. Dell will disclose plans to add the security features known as the Trusted Computing Module on all its personal computers. Its support comes in the wake of similar endorsements by PC industry giants Advanced Micro Devices Inc., Hewlett-Packard Co., Intel Corp. and International Business Machines Corp. The technology has been promoted by an industry organization called the Trusted Computing Group.
RE: Dell to Add Security Chip to PCs
On Wed, 2 Feb 2005, Trei, Peter wrote: Seeing as it comes out of the TCG, this is almost certainly the enabling hardware for Palladium/NGSCB. Its a part of your computer which you may not have full control over. Please stop relaying FUD. You have full control over your PC, even if this one is equiped with a TCPA chip. See the TCPA chip as a hardware security module integrated into your PC. An API exists to use it, and one if the functions of this API is 'take ownership', which has the effect of erasing it and regenerating new internal keys. -- Erwann ABALEA [EMAIL PROTECTED] - RSA PGP Key ID: 0x2D0EABD5
Dell to Add Security Chip to PCs
http://online.wsj.com/article_print/0,,SB110727370814142368,00.html The Wall Street Journal February 1, 2005 11:04 a.m. EST Dell to Add Security Chip to PCs By GARY MCWILLIAMS Staff Reporter of THE WALL STREET JOURNAL February 1, 2005 11:04 a.m. HOUSTON -- Dell Inc. today is expected to add its support to an industry effort to beef up desktop and notebook PC security by installing a dedicated chip that adds security and privacy-specific features, according to people familiar with its plans. Dell will disclose plans to add the security features known as the Trusted Computing Module on all its personal computers. Its support comes in the wake of similar endorsements by PC industry giants Advanced Micro Devices Inc., Hewlett-Packard Co., Intel Corp. and International Business Machines Corp. The technology has been promoted by an industry organization called the Trusted Computing Group. The company is also expected to unveil new network PCs. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
RE: Dell to Add Security Chip to PCs
ANyone familiar with computer architectures and chips able to answer this question: That chip...is it likely to be an ASIC or is there already such a thing as a security network processor? (ie, a cheaper network processor that only handles security apps, etc...) Or could it be an FPGA? -TD From: R.A. Hettinga [EMAIL PROTECTED] To: cryptography@metzdowd.com, [EMAIL PROTECTED] Subject: Dell to Add Security Chip to PCs Date: Tue, 1 Feb 2005 15:59:59 -0500 http://online.wsj.com/article_print/0,,SB110727370814142368,00.html The Wall Street Journal February 1, 2005 11:04 a.m. EST Dell to Add Security Chip to PCs By GARY MCWILLIAMS Staff Reporter of THE WALL STREET JOURNAL February 1, 2005 11:04 a.m. HOUSTON -- Dell Inc. today is expected to add its support to an industry effort to beef up desktop and notebook PC security by installing a dedicated chip that adds security and privacy-specific features, according to people familiar with its plans. Dell will disclose plans to add the security features known as the Trusted Computing Module on all its personal computers. Its support comes in the wake of similar endorsements by PC industry giants Advanced Micro Devices Inc., Hewlett-Packard Co., Intel Corp. and International Business Machines Corp. The technology has been promoted by an industry organization called the Trusted Computing Group. The company is also expected to unveil new network PCs. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
Dell to Add Security Chip to PCs
http://online.wsj.com/article_print/0,,SB110727370814142368,00.html The Wall Street Journal February 1, 2005 11:04 a.m. EST Dell to Add Security Chip to PCs By GARY MCWILLIAMS Staff Reporter of THE WALL STREET JOURNAL February 1, 2005 11:04 a.m. HOUSTON -- Dell Inc. today is expected to add its support to an industry effort to beef up desktop and notebook PC security by installing a dedicated chip that adds security and privacy-specific features, according to people familiar with its plans. Dell will disclose plans to add the security features known as the Trusted Computing Module on all its personal computers. Its support comes in the wake of similar endorsements by PC industry giants Advanced Micro Devices Inc., Hewlett-Packard Co., Intel Corp. and International Business Machines Corp. The technology has been promoted by an industry organization called the Trusted Computing Group. The company is also expected to unveil new network PCs. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
RE: Dell to Add Security Chip to PCs
ANyone familiar with computer architectures and chips able to answer this question: That chip...is it likely to be an ASIC or is there already such a thing as a security network processor? (ie, a cheaper network processor that only handles security apps, etc...) Or could it be an FPGA? -TD From: R.A. Hettinga [EMAIL PROTECTED] To: cryptography@metzdowd.com, [EMAIL PROTECTED] Subject: Dell to Add Security Chip to PCs Date: Tue, 1 Feb 2005 15:59:59 -0500 http://online.wsj.com/article_print/0,,SB110727370814142368,00.html The Wall Street Journal February 1, 2005 11:04 a.m. EST Dell to Add Security Chip to PCs By GARY MCWILLIAMS Staff Reporter of THE WALL STREET JOURNAL February 1, 2005 11:04 a.m. HOUSTON -- Dell Inc. today is expected to add its support to an industry effort to beef up desktop and notebook PC security by installing a dedicated chip that adds security and privacy-specific features, according to people familiar with its plans. Dell will disclose plans to add the security features known as the Trusted Computing Module on all its personal computers. Its support comes in the wake of similar endorsements by PC industry giants Advanced Micro Devices Inc., Hewlett-Packard Co., Intel Corp. and International Business Machines Corp. The technology has been promoted by an industry organization called the Trusted Computing Group. The company is also expected to unveil new network PCs. -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
