On Feb 16, 2010, Ted Smith <[email protected]> wrote: > The TPM by itself would do nothing to prevent free software from being > installed.
Right. It's other software that can use TPM to do that, and if you can't replace that software, then you're screwed. > What would happen is that the non-free BIOS or pre-kernel code would > check for a certain signature, and might refuse to boot if it can't > find it. Yup. We call (some cases of) this Tivoization. > And of course, free software could be written in a malicious way such > that it could demand any sort of "trusted" operations. I heard or read somewhere that Tivo's modified version of Linux and GNU libc do this to prevent you from modifying any of the components of the system. Since their (non-Free) boot loader will refuse to boot up the kernel if the boot partition isn't signed, Tivo prevents any unauthorized changes to the system, without requiring a fully-frozen root filesystem. > But the point of free software is that users can modify it; such > software would probably not exist for long. Tivo has been around for several years, unfortunately. And most cell phones that use GNU/Linux, Android, and even Darwin, are tivoized in similar ways, rendering the software effectively non-Free, even if you actually got the source code under a Free Software license (not the case of phones with Darwin, like the iPhone) So we can't count on its going away on its own. We have to take a stand against it. But it's not disabling TPM in the kernel that will make any difference. When the system reaches the kernel, it's too late for the TPM modules, or their absence, to save us. We ought to somehow intercept the *sale* of these devices, or even their very development. -- Alexandre Oliva, freedom fighter http://FSFLA.org/~lxoliva/ You must be the change you wish to see in the world. -- Gandhi Be Free! -- http://FSFLA.org/ FSF Latin America board member Free Software Evangelist Red Hat Brazil Compiler Engineer _______________________________________________ linux-libre mailing list [email protected] http://www.fsfla.org/cgi-bin/mailman/listinfo/linux-libre
