LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices



Reply
 
Search this Thread
Old 09-30-2013, 02:06 PM   #1
linuz4life
LQ Newbie
 
Registered: Sep 2013
Posts: 3

Rep: Reputation: Disabled
Can linux be remotely controlled by the NSA TPM chip like windows


I've seen online articles and youtube videos on window's NSA backdoor via the TMP chip aka trusted computing. In one article I read claims the chip was placed on computers since 2006.

I also read that google chromebooks has this chip as well. They claim it is to protect the chromebook against anything compromising the OS.

I'm no fan of windows but I am planning to buy a new laptop soon and will wipe windows off, but I am concern if this chip is present, can the NSA take controlled of my linux laptop as they could with the windows OS?

Last edited by linuz4life; 09-30-2013 at 02:10 PM.
 
Old 09-30-2013, 05:28 PM   #2
linuz4life
LQ Newbie
 
Registered: Sep 2013
Posts: 3

Original Poster
Rep: Reputation: Disabled
Since my question can't be answered. I will assume the answer is no because the articles only mentions windows to be controlled by this NSA backdoor TPM chip
 
Old 09-30-2013, 05:44 PM   #3
Firerat
Senior Member
 
Registered: Oct 2008
Distribution: Debian Jessie / sid
Posts: 1,471

Rep: Reputation: 444Reputation: 444Reputation: 444Reputation: 444Reputation: 444
why are you worried about the NSA?
 
Old 09-30-2013, 05:50 PM   #4
sag47
Senior Member
 
Registered: Sep 2009
Location: Philly, PA
Distribution: Kubuntu x64, RHEL, Fedora Core, FreeBSD, Windows x64
Posts: 1,508
Blog Entries: 35

Rep: Reputation: 384Reputation: 384Reputation: 384Reputation: 384
Quote:
Originally Posted by Firerat View Post
why are you worried about the NSA?
I'm surprised this is a question. It's a major privacy issue. Innocent until proven guilty. If the NSA wants to sift through my information and analyze my computer they can follow the U.S. Constitution (4th Amendment Specifically) and get a warrant like all other forms of law enforcement. National Security my ass. They want an unfettered back door to everything. Just because they can do it doesn't mean they should. There's such a thing as ethics and laws. The Patriot Act should have never been passed without harsh debate and critical review.

In my opinion it is they who should be charged with violating the constitution rather than claiming treason against Snowden whistle blowing. Treason is for giving information away to the enemy or attempting to overthrow the state. Neither of those scenarios happened unless the government considers American citizens the enemy. Which it likely does in this case.

*EDIT README*
I don't know much about TPM so the prior rant doesn't necessarily answer any part of the OP's question. Just wanted to clarify that. If anyone wants to actually debate this topic start a thread and point me to it rather than hijack the OP's thread.

Last edited by sag47; 09-30-2013 at 05:55 PM.
 
Old 09-30-2013, 06:26 PM   #5
linuz4life
LQ Newbie
 
Registered: Sep 2013
Posts: 3

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Firerat View Post
why are you worried about the NSA?
If you have read the articles or seen youtube videos on the TPM chip you wouldn't want NSA taking control of your linux box if it is possible. I know the NSA has the internet wire-tapped and we can't do nothing about that, but to put backdoors on people's computers is going to far. Thus far, it's mostly the windows operating system the chip is controlling as they say.

@ sag47

Totally agree with you. But since this is NSA we're talking about they have no morals or ethics just a paranoia on everybody

Last edited by linuz4life; 09-30-2013 at 06:34 PM.
 
Old 09-30-2013, 06:35 PM   #6
jpollard
Senior Member
 
Registered: Dec 2012
Location: Washington DC area
Distribution: Fedora, CentOS, Slackware
Posts: 2,344

Rep: Reputation: 595Reputation: 595Reputation: 595Reputation: 595Reputation: 595Reputation: 595
The problem with the TPM chip is that it is not a passive chip. Exactly how much access to the rest of the system it directly has is a bit hard to identify. It SHOULD only hold internal keys, and respond to queries for signature validation... Much like any simple peripheral controller does. Unfortunately, it isn't clear whether it has direct access to main memory or not (indications are that it doesn't).

If it has no direct memory access, then Linux can easily ignore the presence of the chip and not be affected by it - just as Linux can't be affected by a serial line with the driver unloaded. But if it has more capability (like DMA) then it can be hacked just as it can be through some USB controllers that don't have IOMMU restrictions on them.
 
Old 09-30-2013, 06:47 PM   #7
Firerat
Senior Member
 
Registered: Oct 2008
Distribution: Debian Jessie / sid
Posts: 1,471

Rep: Reputation: 444Reputation: 444Reputation: 444Reputation: 444Reputation: 444
@sag47 @linuz4life @jpollard

I guess I don't think I'm one of the special people the NSA are interested in

if you guys are 'high profile' I understand your concerns
 
Old 09-30-2013, 07:11 PM   #8
sag47
Senior Member
 
Registered: Sep 2009
Location: Philly, PA
Distribution: Kubuntu x64, RHEL, Fedora Core, FreeBSD, Windows x64
Posts: 1,508
Blog Entries: 35

Rep: Reputation: 384Reputation: 384Reputation: 384Reputation: 384
Quote:
Originally Posted by Firerat View Post
@sag47 @linuz4life @jpollard

I guess I don't think I'm one of the special people the NSA are interested in

if you guys are 'high profile' I understand your concerns
I'm not high profile. The point I was making doesn't apply to high profile persons. It applies to any joe schmoe or grandma (i.e. everybody). Having a "well I don't have anything to hide" demeanor is not going to cut it in my opinion. The real risks of surveillance come once everything is in place to be utilized for unintended purposes.

I'll give you an example. There have been several cases where Facebook is being used by companies to both monitor and fire employees based on behavior. It's even used to screen new employees by demanding user credentials so they can look through it (or friended with full access). While I won't comment either way on those practices it's not like Facebook was originally intended to be an end all resume into ones personal life for fitness in a professional workplace. That's where something social and fun has been turned into a tool to be used in an unintended manner.

I'm not sure if you're an American citizen but there's a lot of disturbing things going on with our Constitution. The 2nd Amendment has been under attack for years; I won't debate about it just mentioning it. The 4th Amendment has been violated by NSA surveillance. In the past it would be more obvious to break into everyone's homes and search through all of their stuff on a regular basis. In the digital age it's easier to do that more discretely. Our constitution should still apply in this case. And finally, the 5th Amendment is now being considered *optional* [1] [2] by the Supreme Court (i.e. Miranda rights no longer need to be read before self incriminating). It appears that there's becoming a trend where a citizen has to invoke the Constitutional Amendments before they will apply. In the case of surveillance how can one invoke it if one does not know about it? I'll let you google to read more about it but I hope you try to further inform yourself about the risks involved.

This country is well on its way to self destruction and there's a reason why the Soviet Union collapsed. I'll end on a quote from the Holocaust: First they came...

[1]: http://www.lexology.com/library/deta...7-98574bb319c3
[2]: http://www.huffingtonpost.com/2013/0...n_3453968.html

*edit* ah I keep going off topic I'll email responses from now on if it's not on topic.

Last edited by sag47; 09-30-2013 at 07:18 PM.
 
Old 09-30-2013, 07:22 PM   #9
TobiSGD
Moderator
 
Registered: Dec 2009
Location: Hanover, Germany
Distribution: Main: Gentoo Others: What fits the task
Posts: 15,653
Blog Entries: 2

Rep: Reputation: 4095Reputation: 4095Reputation: 4095Reputation: 4095Reputation: 4095Reputation: 4095Reputation: 4095Reputation: 4095Reputation: 4095Reputation: 4095Reputation: 4095
Quote:
Originally Posted by linuz4life View Post
I've seen online articles and youtube videos on window's NSA backdoor via the TMP chip aka trusted computing. In one article I read claims the chip was placed on computers since 2006.

I also read that google chromebooks has this chip as well. They claim it is to protect the chromebook against anything compromising the OS.

I'm no fan of windows but I am planning to buy a new laptop soon and will wipe windows off, but I am concern if this chip is present, can the NSA take controlled of my linux laptop as they could with the windows OS?
A TPM is nothing more than a cryptoprocessor with attached secure storage. As long as you simply don't use it it will have no impact on the security of your system at all. Linux does not use TPM chips automatically, though it might be possible that you will have to disable "Secure Boot" (which is at least in part some kind of TPM) on newer machines, so that this feature isn't used.

@Firerat & sag47: There are enough threads regarding the NSA in non-*NIX/General, please keep this thread on topic.
 
Old 09-30-2013, 07:59 PM   #10
Habitual
Senior Member
 
Registered: Jan 2011
Distribution: Undecided
Posts: 3,624
Blog Entries: 1

Rep: Reputation: Disabled
Quote:
Originally Posted by Firerat View Post
why are you worried about the NSA?
exactly!
Attached Images
File Type: jpg What-me-worry+Mad+image.jpg (20.9 KB, 9 views)
 
Old 10-01-2013, 01:54 PM   #11
Stealth Bot
LQ Newbie
 
Registered: Sep 2013
Distribution: Slackware 14 | NetBSD 5.1
Posts: 11

Rep: Reputation: Disabled
The OP seems to be focusing on NSA, but Microsoft is utilizing this technology as well to control your windows environment and can disable the system, disable applications and who knows what else. This is all done transparent to the user.

And since the OS is proprietary who knows what other mischievous code has yet to be discovered.

http://www.youtube.com/watch?v=bHoOP6aHXv4

Last edited by Stealth Bot; 10-01-2013 at 01:58 PM.
 
Old 10-01-2013, 04:15 PM   #12
jefro
Guru
 
Registered: Mar 2008
Posts: 12,087

Rep: Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521Reputation: 1521
There is no security when connected to the internet so start there and worry about the bigger dangers out there than the NSA.
 
Old 10-01-2013, 11:44 PM   #13
zeebra
Member
 
Registered: Dec 2011
Distribution: Mageia 3, Debian Wheezy, Maemo, Linux Mint 14.
Posts: 171

Rep: Reputation: Disabled
Quote:
Originally Posted by linuz4life View Post
I've seen online articles and youtube videos on window's NSA backdoor via the TMP chip aka trusted computing. In one article I read claims the chip was placed on computers since 2006.

I also read that google chromebooks has this chip as well. They claim it is to protect the chromebook against anything compromising the OS.

I'm no fan of windows but I am planning to buy a new laptop soon and will wipe windows off, but I am concern if this chip is present, can the NSA take controlled of my linux laptop as they could with the windows OS?
http://en.wikipedia.org/wiki/Trusted_Platform_Module

Very little hardware can run without the support of an operating system, and I would think it would be almost impossible for hardware to use operating system features without being part of the operating system.

Hardware needs drivers, and if they are open, there is not really the risk that such hardware features will have made its way into GNU/Linux. The biggest risk is ofcourse closed drivers, closed software etc.

All encryption drivers in Linux Kernel are open, and so are the drivers from Intel. The hardware manufacturers implement TPM, not NSA. And they all require drivers actually active in the kernel to be able to use such features.

So if you really worry, you could always deactivate such features in the Kernel and inspect the code.

Last edited by zeebra; 10-01-2013 at 11:47 PM.
 
Old 10-03-2013, 01:43 AM   #14
graeyhat
Member
 
Registered: Oct 2013
Location: USA, a place where an open-source document (The Constitution) is the law of the land.
Distribution: Debian (because of their underlying philosophies) running AwesomeWM (because of its functionality).
Posts: 34

Rep: Reputation: Disabled
Circumventing a hardware feature is futile. The level of programming is so low that your toolset would involve a drill and a soldering iron. Good luck and please post your results.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
How to fix TPM Error in Redhat Linux? samsad Linux - Enterprise 2 09-09-2013 01:37 AM
LXer: Linux and the Trusted Platform Module (TPM) LXer Syndicated Linux News 1 09-28-2009 04:00 PM
Running Windows XP appications remotely and opening their windows on Linux? mike11 Linux - Newbie 4 09-17-2009 06:08 AM
NSA has backdoors into Windows? kebabbert Solaris / OpenSolaris 2 12-21-2007 09:02 AM


All times are GMT -5. The time now is 10:46 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration