News Gigabyte TPM Explained

http://www.bit-tech.net/news/2008/06/06/gigabyte-tpm-explained/1

COMPUTEX 08: TPM: It has everything to do with data security and not infringement on liberties.

 

<grammar nerd>
device not devise.
gigabyte is singular, so "gigabyte includes..." not "gigabyte include..."
</grammar nerd>
<tpm>
actually seems like a good bit of tech - any advantages of this over vista ultimate's bitlocker, or pgp whole disk encryption?
</tpm>

 

Is it basically an actual random number generator?

 

it stores the keys basically

 

Lots of words about how good it will be for me.

Absolutely no information whatever on what it will actually do for me.

Trusted by who?

P

 

people who need to protect data can do so. Everyone else doesn't need this. I don't need this. I don't want this.
Fud or not, I don't like it's implications. Yes, I am a paranoid person, so what. Why do people need so badly to control MY information. I can handle it just fine on my own.

 

Q: What kind of data security framework needs a globally unique id embedded into every system.

A: One that needs to uniquely identify each system and selectively apply policies on a per system basis.

The problem with TPM's is that the owner isn't given control over them. This is all done with the goal of transforming our "Personal Computers" into "Subscriber Units" (think game consoles). TPM's in their current incarnation are essentially someone else's hardware in your computer. They have tremendous privacy implications revolving around a unique Endorsement Key that is issued by a "certification authority" and stored in the TPM by the manufacturer. As far as I am aware every other feature present in TPM's are ambiguous meaning that they can be used to enhance the user's wishes or to go against them. Even Remote Attestation can be useful if the owner is in control.

But don't take my word for it (as a faceless person on the intarweb) or someone else's who stands to profit form this. Get it from the source:
https://www.trustedcomputinggroup.org/specs/TPM/
https://www.trustedcomputinggroup.org/groups/TCG_1_4_Architecture_Overview.pdf
This next one is a VERY easy and quick read:
https://www.trustedcomputinggroup.org/groups/tpm/TPM_1_2_Changes_final.pdf

 

This sounds like what I read about in a book called Net Spies (non-fiction about internet privacy), the governments of the USA, Canada, UK, Australia and New Zealand (members of Echelon) all want free access to all of our personal information and are against encryption but know they will never stop us using encryption.

So they have devised a way around it, their plan is they 'let us' use encryption but it has to have a key that is held by a 'trusted third party' who will 'only make it available to law enforcement under court order' and that it is all with the intention of 'protecting us from terrorism and other crimes' and not about 'invading our privacy'.

The US government listed 128 bit encryption on ITAR (International Trade in Arms Regulation) as a munition and made it illegal to export it from the USA.

Somebody had an encryption program (128 bit) written in Python or C+ that was about 3 lines long tattooed on their arm along with a message about it being illegal to export it (and thereby themselves) from the US as a protest and got into a bit of trouble over it.

This is in contrast to the European Union countries where the governments there advocate personal privacy as utterly important and enact laws to ensure peoples privacy is not invaded and also encourage the use of encryption, preferably 128 bit or better.


Ah yes, western countries, the only countries in the world that are 'truly free' of oppression.

 

Greetings!

Short and to the point.

 

problem with TPM is its easy to break and get the key.

simple Firewire DMA trick will do it.

 

TPM will lock down your pc and turn it into an internet apliance for consumption of media like a grazing cow simply because it gives the ability for that to be implimented. TPM is govenment key escrow by proxy and I cannot state strongly enough that it's useless to anyone but the DRM industry and oppresive govenments (sadley by the backing of the majority of the populous almost all).

 

With a free computer and free internet connection (free as in, your control), anyone with half a brain can gain access to any media they can think of. And I really think this technology is a stepping stone to other more devious intentions of media control. Virtually any created media is costing something to someone. From the various ad's on this very site to the multi million dollar movies. And what the people, that are making it or advocating 'pay-per-view', are trying to do is stop the distribution of there 'hard works'. People want restitution for what they do.

The internet and computing the only way we have known it is going to change. And it isnt looking like the basic costs anymore of doing it. So be sure to keep your old hardware, only way to stay off the 'list'.

 

Thanks, but since I didn't come up with that name, I'll give credit where it is due.

Unfortunately no. The TPM will ONLY release data that is encrypted or the public halves of asymmetric keys. This is in one of the docs I linked to. Even if you use the Firewire DMA trick, you'll still have to break the encryption. Keep in mind that the people designing these are the people who build our hardware. They have implemented PVP-UAB (encrypting data across the PCI-Express bus) as well as the NX bit and memory partitioning (virtualization.) The next upgrade is secure I/O.

While I will be the first to agree that hardware assisted virtualization is a useful tool, I wonder if we would've ever seen it (and if so, how much longer would it have taken) if it wasn't for Trusted Computing

 

Greetings!

Check video:
http://www.lafkon.net/tc/