Trusted Computing, Linux and the Internet
 

It's a long post but the final question is: What are we going to do about Trusted Computing?

Trusted Computing, for those who have not heard of it yet, is a technology that is intended to prevent people from using their computers in certain ways. It is being developed by a group of companies that include Compaq, IBM, HP and Microsoft.

When you start a trusted computer, a chip inside checksums the BIOS before it is booted. The BIOS then uses that chip to validate the OS. As each program is run, it is also validated against it's signature. The process is complicated and I have simplified it greatly here..

Trusted Computing will prevent a computer owner from running 'untrusted' software. On the positive side untrusted software would probably include virues and spyware. On the other hand untruested software is software that has not been signed by whatever signing agency is to be setup. One of the goals of Trusted Computing is to make a user's machine "safe" for digital content, that is it will prevent a user from running any software that could copy digital content.

In order to protect copyrighted digital content Trusted Computing must:

1) A user must not be able to run software that has not been examined and verified as "Trusted" at the same time that protected digital content is available. If the user is able to run arbitrary code, they could write code to copy the content as it passes through the system.

2) Any time the machine is running software that is not "Trusted", and the user attempts to make use of the Internet, (either specific sites or the Internet as a whole) or to play content with "media players" may be dis-allowed.


If Trusted Computing is to protect digital content, to enforce copyrights, it must take away a portion of the user's freedom. The user will no longer be able to write and compile programs, because those programs might be able to read and copy the copyrighted digital content.

No more writing C programs because the Trusted Computing elements will not allow an unsigned program to run. No more even re-compiling the kernel, the newly compiled kernel will be untrusted, unsigned.


If Trusted Computing is implemented in the hardware of the computer it may not even load an unsigned kernel.

What we must consider is: If Trusted Computing comes about what will become of Linux? Will anyone use an OS that is barred from the Internet? And for those of us who write programs, what of that? Surly Trusted Computing will prevent them from running.

hmm , somehow stallman's prediction is true , he did call that "treacherous computing" instead of Trusted Computing ...
the forces of proprietary formats , standards and maybe "proprietary" computing hardwares really help in enforcing this kind of treacherous computing , and there might be laws stopping people from using older computers ...

hmm ... weird , i guess there might be another wave of frustrations and attempts in work-around clonning or something like that , do hope that i'm still around and kicking to witness that ...

Re: Trusted Computing, Linux and the Internet
 

I have been told, although I'm not sure if its accurate that the computer would be able to run in "untrusted" mode but im not sure what restrictions there would be on that.

Also non of the articles ive read metion being able to check if another computer is trusted but if this is possible it would probably only be a matter of hacking/cracking (delete as appropriate) a protocol.

There is also a chance that some companies might want Linux or Unix to be signed as trusted eg. google runs several linux servers, just a thought.

It's worth remembering that much of the internet runs on linux and such, so if that is to continue to work, then there will be a way to make it work. Also will all hardware follow the trusted computing guidelines? What about hardware companies not in the group pushing this idea? Are people going to be happy with these restrictions? Should be interesting to see, as for MS this is looked at as an extension to 'activation' which people already dislike. It may not really take off. A great many people steal software and media. Why would they buy a PC that stopped them from doing that?

There's already Linux distros that take advantage of the functionality of Trusted Computing: Such as Trusted Gentoo

The difference being that "trusted" means by the user, not by corporations. So it's more about making sure some script kiddy can't replace your kernel with a cracked one & the like.

There's a lot of talk about TC that's more hype than fact. I advise anybody worried about it to do some serious research rather than relying on word-of-mouth.

As amosf says, Linux is too widespread for any measure that wipes it out to gain much ground. And let's not forget that the huge majority of webservers run BSD & apache.

And it's also worth remembing the clobbering MS is already getting in Europe for it's anti-competitive behaviour: Do you really think that a measure that would wipe out the competition will be allowed?

to branch on what oneandoneis2 said, trusted computing is a specification on hardware to allow a OS to further secure itself, the technology could be used by a OS to provide, say, hardware-accelerated hard-drive encryption. Its the OS that uses the chip/tech that determines how it works, in 2.6.12 of Linux, as i hear, some trusted computing code was put in to support this new tech, in Linux it will be so the system admins can further trust the computer and whats running on it, in m$ windoze, it will be so m$/EVIL INC. (a child company of RIAA, and partner to MPAA) can trust you on your (i mean *their*) computer, after all, they don't want you to have access to content on *your* terms, or by using software *they* don't like, fair is fair after all, if you don't like it, use a different OS (and if your to lazy to relearn how to use computers, then don't use a computer)

what if the OS is asking for that kind of so-called trusted and secure technology in-order to continue the installation or continue running of an app. or service ? i mean asking for "compatible" hardwares in-order to acheive a "compatible relationship" between the OS and the PC ...

is it possible to do that ?

and i guess that it's impossible to sell softwares or OS forever , need to branch out into other fields in-order to stay competitive ...

just wondering ...


...

Yes, a TPM driver (Trusted Platform Module) was included with the 2.6.12 kernel.