Can linux be remotely controlled by the NSA TPM chip like windows
 

I've seen online articles and youtube videos on window's NSA backdoor via the TMP chip aka trusted computing. In one article I read claims the chip was placed on computers since 2006.

I also read that google chromebooks has this chip as well. They claim it is to protect the chromebook against anything compromising the OS.

I'm no fan of windows but I am planning to buy a new laptop soon and will wipe windows off, but I am concern if this chip is present, can the NSA take controlled of my linux laptop as they could with the windows OS?

Since my question can't be answered. I will assume the answer is no because the articles only mentions windows to be controlled by this NSA backdoor TPM chip

why are you worried about the NSA?

I'm surprised this is a question. It's a major privacy issue. Innocent until proven guilty. If the NSA wants to sift through my information and analyze my computer they can follow the U.S. Constitution (4th Amendment Specifically) and get a warrant like all other forms of law enforcement. National Security my ass. They want an unfettered back door to everything. Just because they can do it doesn't mean they should. There's such a thing as ethics and laws. The Patriot Act should have never been passed without harsh debate and critical review.

In my opinion it is they who should be charged with violating the constitution rather than claiming treason against Snowden whistle blowing. Treason is for giving information away to the enemy or attempting to overthrow the state. Neither of those scenarios happened unless the government considers American citizens the enemy. Which it likely does in this case.

*EDIT README*
I don't know much about TPM so the prior rant doesn't necessarily answer any part of the OP's question. Just wanted to clarify that. If anyone wants to actually debate this topic start a thread and point me to it rather than hijack the OP's thread.

If you have read the articles or seen youtube videos on the TPM chip you wouldn't want NSA taking control of your linux box if it is possible. I know the NSA has the internet wire-tapped and we can't do nothing about that, but to put backdoors on people's computers is going to far. Thus far, it's mostly the windows operating system the chip is controlling as they say.

@ sag47

Totally agree with you. But since this is NSA we're talking about they have no morals or ethics just a paranoia on everybody

The problem with the TPM chip is that it is not a passive chip. Exactly how much access to the rest of the system it directly has is a bit hard to identify. It SHOULD only hold internal keys, and respond to queries for signature validation... Much like any simple peripheral controller does. Unfortunately, it isn't clear whether it has direct access to main memory or not (indications are that it doesn't).

If it has no direct memory access, then Linux can easily ignore the presence of the chip and not be affected by it - just as Linux can't be affected by a serial line with the driver unloaded. But if it has more capability (like DMA) then it can be hacked just as it can be through some USB controllers that don't have IOMMU restrictions on them.

@sag47 @linuz4life @jpollard

I guess I don't think I'm one of the special people the NSA are interested in

if you guys are 'high profile' I understand your concerns

I'm not high profile. The point I was making doesn't apply to high profile persons. It applies to any joe schmoe or grandma (i.e. everybody). Having a "well I don't have anything to hide" demeanor is not going to cut it in my opinion. The real risks of surveillance come once everything is in place to be utilized for unintended purposes.

I'll give you an example. There have been several cases where Facebook is being used by companies to both monitor and fire employees based on behavior. It's even used to screen new employees by demanding user credentials so they can look through it (or friended with full access). While I won't comment either way on those practices it's not like Facebook was originally intended to be an end all resume into ones personal life for fitness in a professional workplace. That's where something social and fun has been turned into a tool to be used in an unintended manner.

I'm not sure if you're an American citizen but there's a lot of disturbing things going on with our Constitution. The 2nd Amendment has been under attack for years; I won't debate about it just mentioning it. The 4th Amendment has been violated by NSA surveillance. In the past it would be more obvious to break into everyone's homes and search through all of their stuff on a regular basis. In the digital age it's easier to do that more discretely. Our constitution should still apply in this case. And finally, the 5th Amendment is now being considered *optional* [1] [2] by the Supreme Court (i.e. Miranda rights no longer need to be read before self incriminating). It appears that there's becoming a trend where a citizen has to invoke the Constitutional Amendments before they will apply. In the case of surveillance how can one invoke it if one does not know about it? I'll let you google to read more about it but I hope you try to further inform yourself about the risks involved.

This country is well on its way to self destruction and there's a reason why the Soviet Union collapsed. I'll end on a quote from the Holocaust: First they came...

[1]: http://www.lexology.com/library/deta...7-98574bb319c3
[2]: http://www.huffingtonpost.com/2013/0...n_3453968.html

*edit* ah I keep going off topic I'll email responses from now on if it's not on topic.

A TPM is nothing more than a cryptoprocessor with attached secure storage. As long as you simply don't use it it will have no impact on the security of your system at all. Linux does not use TPM chips automatically, though it might be possible that you will have to disable "Secure Boot" (which is at least in part some kind of TPM) on newer machines, so that this feature isn't used.

@Firerat & sag47: There are enough threads regarding the NSA in non-*NIX/General, please keep this thread on topic.

exactly!

The OP seems to be focusing on NSA, but Microsoft is utilizing this technology as well to control your windows environment and can disable the system, disable applications and who knows what else. This is all done transparent to the user.

And since the OS is proprietary who knows what other mischievous code has yet to be discovered.

http://www.youtube.com/watch?v=bHoOP6aHXv4

There is no security when connected to the internet so start there and worry about the bigger dangers out there than the NSA.

http://en.wikipedia.org/wiki/Trusted_Platform_Module

Very little hardware can run without the support of an operating system, and I would think it would be almost impossible for hardware to use operating system features without being part of the operating system.

Hardware needs drivers, and if they are open, there is not really the risk that such hardware features will have made its way into GNU/Linux. The biggest risk is ofcourse closed drivers, closed software etc.

All encryption drivers in Linux Kernel are open, and so are the drivers from Intel. The hardware manufacturers implement TPM, not NSA. And they all require drivers actually active in the kernel to be able to use such features.

So if you really worry, you could always deactivate such features in the Kernel and inspect the code.

Circumventing a hardware feature is futile. The level of programming is so low that your toolset would involve a drill and a soldering iron. Good luck and please post your results.