Can linux be remotely controlled by the NSA TPM chip like windows
Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Can linux be remotely controlled by the NSA TPM chip like windows
I've seen online articles and youtube videos on window's NSA backdoor via the TMP chip aka trusted computing. In one article I read claims the chip was placed on computers since 2006.
I also read that google chromebooks has this chip as well. They claim it is to protect the chromebook against anything compromising the OS.
I'm no fan of windows but I am planning to buy a new laptop soon and will wipe windows off, but I am concern if this chip is present, can the NSA take controlled of my linux laptop as they could with the windows OS?
Last edited by linuz4life; 09-30-2013 at 01:10 PM.
Since my question can't be answered. I will assume the answer is no because the articles only mentions windows to be controlled by this NSA backdoor TPM chip
I'm surprised this is a question. It's a major privacy issue. Innocent until proven guilty. If the NSA wants to sift through my information and analyze my computer they can follow the U.S. Constitution (4th Amendment Specifically) and get a warrant like all other forms of law enforcement. National Security my ass. They want an unfettered back door to everything. Just because they can do it doesn't mean they should. There's such a thing as ethics and laws. The Patriot Act should have never been passed without harsh debate and critical review.
In my opinion it is they who should be charged with violating the constitution rather than claiming treason against Snowden whistle blowing. Treason is for giving information away to the enemy or attempting to overthrow the state. Neither of those scenarios happened unless the government considers American citizens the enemy. Which it likely does in this case.
*EDIT README*
I don't know much about TPM so the prior rant doesn't necessarily answer any part of the OP's question. Just wanted to clarify that. If anyone wants to actually debate this topic start a thread and point me to it rather than hijack the OP's thread.
If you have read the articles or seen youtube videos on the TPM chip you wouldn't want NSA taking control of your linux box if it is possible. I know the NSA has the internet wire-tapped and we can't do nothing about that, but to put backdoors on people's computers is going to far. Thus far, it's mostly the windows operating system the chip is controlling as they say.
@ sag47
Totally agree with you. But since this is NSA we're talking about they have no morals or ethics just a paranoia on everybody
Last edited by linuz4life; 09-30-2013 at 05:34 PM.
The problem with the TPM chip is that it is not a passive chip. Exactly how much access to the rest of the system it directly has is a bit hard to identify. It SHOULD only hold internal keys, and respond to queries for signature validation... Much like any simple peripheral controller does. Unfortunately, it isn't clear whether it has direct access to main memory or not (indications are that it doesn't).
If it has no direct memory access, then Linux can easily ignore the presence of the chip and not be affected by it - just as Linux can't be affected by a serial line with the driver unloaded. But if it has more capability (like DMA) then it can be hacked just as it can be through some USB controllers that don't have IOMMU restrictions on them.
I guess I don't think I'm one of the special people the NSA are interested in
if you guys are 'high profile' I understand your concerns
I'm not high profile. The point I was making doesn't apply to high profile persons. It applies to any joe schmoe or grandma (i.e. everybody). Having a "well I don't have anything to hide" demeanor is not going to cut it in my opinion. The real risks of surveillance come once everything is in place to be utilized for unintended purposes.
I'll give you an example. There have been several cases where Facebook is being used by companies to both monitor and fire employees based on behavior. It's even used to screen new employees by demanding user credentials so they can look through it (or friended with full access). While I won't comment either way on those practices it's not like Facebook was originally intended to be an end all resume into ones personal life for fitness in a professional workplace. That's where something social and fun has been turned into a tool to be used in an unintended manner.
I'm not sure if you're an American citizen but there's a lot of disturbing things going on with our Constitution. The 2nd Amendment has been under attack for years; I won't debate about it just mentioning it. The 4th Amendment has been violated by NSA surveillance. In the past it would be more obvious to break into everyone's homes and search through all of their stuff on a regular basis. In the digital age it's easier to do that more discretely. Our constitution should still apply in this case. And finally, the 5th Amendment is now being considered *optional* [1] [2] by the Supreme Court (i.e. Miranda rights no longer need to be read before self incriminating). It appears that there's becoming a trend where a citizen has to invoke the Constitutional Amendments before they will apply. In the case of surveillance how can one invoke it if one does not know about it? I'll let you google to read more about it but I hope you try to further inform yourself about the risks involved.
This country is well on its way to self destruction and there's a reason why the Soviet Union collapsed. I'll end on a quote from the Holocaust: First they came...
I've seen online articles and youtube videos on window's NSA backdoor via the TMP chip aka trusted computing. In one article I read claims the chip was placed on computers since 2006.
I also read that google chromebooks has this chip as well. They claim it is to protect the chromebook against anything compromising the OS.
I'm no fan of windows but I am planning to buy a new laptop soon and will wipe windows off, but I am concern if this chip is present, can the NSA take controlled of my linux laptop as they could with the windows OS?
A TPM is nothing more than a cryptoprocessor with attached secure storage. As long as you simply don't use it it will have no impact on the security of your system at all. Linux does not use TPM chips automatically, though it might be possible that you will have to disable "Secure Boot" (which is at least in part some kind of TPM) on newer machines, so that this feature isn't used.
@Firerat & sag47: There are enough threads regarding the NSA in non-*NIX/General, please keep this thread on topic.
The OP seems to be focusing on NSA, but Microsoft is utilizing this technology as well to control your windows environment and can disable the system, disable applications and who knows what else. This is all done transparent to the user.
And since the OS is proprietary who knows what other mischievous code has yet to be discovered.
I've seen online articles and youtube videos on window's NSA backdoor via the TMP chip aka trusted computing. In one article I read claims the chip was placed on computers since 2006.
I also read that google chromebooks has this chip as well. They claim it is to protect the chromebook against anything compromising the OS.
I'm no fan of windows but I am planning to buy a new laptop soon and will wipe windows off, but I am concern if this chip is present, can the NSA take controlled of my linux laptop as they could with the windows OS?
Very little hardware can run without the support of an operating system, and I would think it would be almost impossible for hardware to use operating system features without being part of the operating system.
Hardware needs drivers, and if they are open, there is not really the risk that such hardware features will have made its way into GNU/Linux. The biggest risk is ofcourse closed drivers, closed software etc.
All encryption drivers in Linux Kernel are open, and so are the drivers from Intel. The hardware manufacturers implement TPM, not NSA. And they all require drivers actually active in the kernel to be able to use such features.
So if you really worry, you could always deactivate such features in the Kernel and inspect the code.
Location: USA, a place where an open-source document (The Constitution) is the law of the land.
Distribution: Debian (because of their underlying philosophies) running AwesomeWM (because of its functionality).
Posts: 34
Rep:
Circumventing a hardware feature is futile. The level of programming is so low that your toolset would involve a drill and a soldering iron. Good luck and please post your results.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.