Schneier on Security
A blog covering security and security technology.
« Car Thieves Adapt |
| Weird Computer-Worm Social Engineering Story »
December 23, 2005
Idiotic Article on TPM
This is just an awful news story.
"TPM" stands for "Trusted Platform Module." It's a chip that may soon be in your computer that will try to enforce security: both your security, and the security of software and media companies against you. It's complicated, and it will prevent some attacks. But there are dangers. And lots of ways to hack it. (I've written about TPM here, and here when Microsoft called it Palladium. Ross Anderson has some good stuff here.)
In fact, with TPM, your bank wouldn’t even need to ask for your username and password -- it would know you simply by the identification on your machine.
Since when is "your computer" the same as "you"? And since when is identifying a computer the same as authenticating the user? And until we can eliminate bot networks and "owned" machines, there's no way to know who is controlling your computer.
Of course you could always "fool" the system by starting your computer with your unique PIN or fingerprint and then letting another person use it, but that’s a choice similar to giving someone else your credit card.
Right, letting someone use your computer is the same as letting someone use your credit card. Does he have any idea that there are shared computers that you can rent and use? Does he know any families that share computers? Does he ever have friends who visit him at home? There are lots of ways a PIN can be guessed or stolen.
Oh, I can't go on.
My guess is the reporter was fed the story by some PR hack, and never bothered to check out if it were true.
Posted on December 23, 2005 at 11:13 AM
• 42 Comments
To receive these entries once a month by e-mail, sign up for the Crypto-Gram Newsletter.
in trusted computing, everything is trusted except for the user.
Also, you would never get ripped off by family, roommates, or anyone visiting your family or roommates, or someone working on your house, or a co-worker.
The fact that family members tend to know the personal info used to verify identity is one of the biggest weaknesses of the current system. This would simply compound it.
When does the "trusted journalist module" get released?
Well, this might be appropriate for some cases. Or at least not that bad. Obviously, you wouldn't ask your bank to allow all access from a computer, if you're not the only one who can access it.
The idea is silly though, since there is already a much more reasonable scope for authentication - the user. I'm on a Mac and my home folder is encrypted, screen lock is on. If somebody steals this computer there is no way they're getting at the certificates that I have in my keychain.
I don't get why my bank doesn't offer authentication through an ordinary public key certificate. It'd be much safer than the calculator-like physical device I have now to authenticate. The PIN is only four digits.
Oh, I do by the way. Those certificates would trickle out of those compromised Windows machines in no time.
The bank does NOT trust the machines of the customers. Maybe TPM could help alleviate that situation?
TC proponents (that support DRM) live on the ilusion that their product is usefull for something (for the customer). In fact, it isn't quite so.
There is no use on identifying a computer, and that is an incredibly hard think to separate users with strong passwords on a family environment that almost nobody does that.
On a company's intranet, otherwise, we have plenty of easier ways of indentifying people, making it also useless here.
That is a good thing. It means that we won't have this kint of TC around us if it depends on the customers. But it may still not depend on them (us).
Right, your computer files are encrypted and require your computer's TPM to decrypt, then your TPM module gets fried. Good planning.
Oh, I don't think any TC proponents have any 'illusions'; they are just enjoying the extra power they'll get.
As the article states, there will still have to be a way of accessing your bank account from another computer, which is what a criminal would like to do anyways. So, this is no protection against what can already happen.
If I'm so bloody worried about somebody tampering with my OS, I might just boot from a Knoppix CD and do my online banking.
"My guess is the reporter was fed the story by some PR hack, and never bothered to check out if it were true."
This is becoming more and more common these days where reporters are afraid to lose their access, and so ask fairly weak questions, if any at all, and often largely regurgitate the press conference speech contents in slightly smaller form, spoonfeeding it to an audience that is automatically presumed too dumb to understand what's happening. It happens all across the spectrum of sources, from tech to politics, from crime to economy, whether the parent is viewed as left, right, center, or weird.
On the other hand, many of those who do still ask questions can't figure out where being a reporter stops and being a columnist begins.
There are so few good reporters and hosts left.
Since when is "trust" an enforced concept? The very name "Trusted Platform Module" is a misnomer: there isn't an ounce of trust involved at all; only compliance.
I've wondered this myself. Motherboards do fail, people upgrade their computers, people even sell their computers to finance a newer, better one. How does my computer being 'trusted' help me if I don't own it any more? It could lead to computers being stolen, ala the previous article about car thieves adapting. I also imagine the process to get your new TPM'ed computer registered will be at least as difficult as getting off of the No-Fly list....
A trusted system, is from a security point of view, a system which would be able to break the security model if it misbehaved. In this case, the system is "trusted" by the Microsoft/the RIAA/the Burmese, Chinese or other oppressive government to rat on the person that paid for it (formerly known as the "owner"). If the "trusted system" did what it's "owner" told it to, then it would indeed break these people's trust. The term is correctly used (by them). FSF people say "trecherous" but you might prefer "threatening".
This is a perfect example of Trusted Journalism(TM). Just as a trusted component is one which does what a big corporate (e.g. Microsoft) wants it to a trusted journalist is one who says what a big corporate (e.g. Microsoft on MSnbc) wishes to have said. What's your problem?
While it may seem the ubiquitous "they" are using the word "trust" correctly, in as much as they trust it, their desire for enforcement of a reciprocal trust by end users is where the fallacy is. While they may trust the security measures, they are advertising that you too as an end user can also trust them. By going further and enforcing that concept upon the end user, they negate the very concept of trust.
It would be entirely different if the use of a TPM were optional, but to call it a trusted system (not just by themselves, but also by end users -- which is what they are advertising) is completely bogus.
"A trusted system, is from a security point of view, a system which would be able to break the security model if it misbehaved. In this case, the system is "trusted" by the Microsoft/the RIAA/the Burmese, Chinese or other oppressive government to rat on the person that paid for it (formerly known as the "owner"). If the "trusted system" did what it's "owner" told it to, then it would indeed break these people's trust. The term is correctly used (by them). FSF people say "trecherous" but you might prefer "threatening"."
No, the point of the TPM is to be able to provide a "chain of trust" that goes all the way from the BIOS to the application. The idea is to be abe to tell whether any of the software has been tampered with. This has some very valid and useful applications when designing secure systems/secure communications. It aso has the possibility to be abused by enforcers of DRM.
Of course, encryption has the possibility to be abused as well, by people hiding their criminal activities. But I'm guessing that you support people's rights to encrypt their data (as I do). Just like encryption, the TPM technology itself is not inherantly good or bad. It's how it is used that matters.
DRM puts a lot of power in the hands of entities that have not always proven themselves deserving of our trust.
DRM/TPM turns a general-use PC into a glorified mediaplayer.
That's not a trade I'm willing to make.
As I remember, MS tried to introduce this crap once before in an earlier version of Windows, but backed off fearing a backlash affecting sales.
I think this shows that the pocketbook is the only way to control this kind of shenanigan. So don't buy PCs with TPMs on them.
That being said, this may not be so easy to accomplish on a large scale. Especially in the face of media propaganda like this article.
But the issue is important. Who owns the PC that your hard-earned money went to pay for? If MS et al wants to give me a PC, I might consider living with a TPM. But if I have to pay for it, it should be totally under my control.
Palladium and TPM. I've only heard about one way it helps the owner of the machine, but everything else is about not being able to, as an example, run a store bought copy of Windows in a Bochs emulator or use Wine to run Windows executables. The only thing it seems to help the end users to prevent running any unauthorized programs like viruses, but seems to me unauthorized program could mean anything. It would be too easy for the owner of a program to suddenly make their old program unauthorized and make you buy it again, making it a rental. It looks like I'll be back to making my own processors from discreet components yet again.
p.s. How many friggin' names are they going to go through until they come up with a pleasant sounding one?
focus on the big picture...
individuals versus corporations
individuals versus government
these are the big issues
as you sleep, motion is undergoing on these issues
which direction do you think the motion is going, and which direction do you think trusted computing is aiding and abetting?
when you wake up, post your reply here!
Two words: "secondhand computers".
Does this mean that people will no longer be able to sell/donate their out-dated computers?
More likely, it means that people will cluelessly resell their computers, same as today most people don't bother erasing their hard-disks before selling/dumping.
Mmmmm - I can hardly wait!
Gee, isn't it funny that we get MS/RIAA compliant propaganda from MSNBC. Who would have guessed that they carry out M$ and the TV industries agendas. And we can trust this information because Microsoft is a technology leader which writes quality secure software which can't easily be compromised.
I didn't think TPM gave a damn about YOUR security. As a matter of fact, my understanding was that you, the owner of the computer, are the one person that Trusted Computing explicitly does NOT trust.
It seems there's a lack of critical thought behind the idea of TCM - like the idea that if you ever sold your computers, the new owner of your computer owns your identity and financial assets until you register your new TCM. Allowing people to instantly de-register would make TCM less reliable as well. How is it that something so obvious completely slips people's minds? Are we actually de-evolving into idiots?
DRM and TPM I can hardly wait
Funny trivia, TPM in brazil means "tensão pré menstrual" witch stands for that time of the month that the ladies want to behead anyone who get to near. :-P
I strongly doubt this TPM crap will make it anywhere. Every IT department I have ever worked for is against it at the very highest levels -- it just adds to much to support costs to do what's essentially key management (except more annoying) on hardware.
It's already hard enough to make sure that PCs that get given to a new person are properly wiped and reimaged before transfer, and that shared computers (like the on-call notebook) don't end up with data that shouldn't be shared. Having to manage the whole TPM framework on top of that is just too costly, and management resists what it sees as needless cost.
So, at the very least, there will always be corporate PCs that are TPM-free; or, failing that, well-known techniques to safely disable or work around the tech.
"Right, your computer files are encrypted and require your computer's TPM to decrypt, then your TPM module gets fried. Good planning."
That's the idea of using strong encryption - you want to make sure that the files absolutely can not be recovered by someone who has the encrypted file but not the key, and you accept that this rule applies to you if you become the person who does not have the key.
If your secrets are too important to wipe out by losing the key, you don't store them (solely) with encryption. You create a backup system that is secured in some more mundane fashion (given to a trusted third party, locked up in a safe, etc, etc)
Coming back to an earlier point `if i'm paying for my computer, i want complete control of it`, there is something to be said about DRMed music.
When someone buys a DRMed piece of music, the content copyright holder could withdraw their right to listen to that music at any time, so in effect they'd be paying for something they had no guarantee of keeping. Now what if microsoft didn't like something you blogged against them? Bye bye vista install? Lock your TPM up so you can't install a new OS? Destroy your online identity? Who can say. Have you seen the hassle people are having with DRMed music right now? What about when it's a DRMed computer and a DRMed OS? How is the consumer supposed to get any peace or be able to use their computer like they wanted to. A key part of security is being able to enjoy your rights, which is where private encryption comes in. TPM is not there to enforce your rights, it has far more potential for abuse.
As a security enthusiast, you have to realise it's not there for your benefit, it's there for theirs. and it's not even truly secure. They're using obscurity to hide the details, it could be cracked with the right equipment.
Fine system that will be :|
When they develop the computer of my dreams, I hope they remember to license me to use it.
I don't use MS software, I don't download videos, music or other data unless I am entitled to, so, what does DRM/TPM do for me?
Further to this, my sensative data is already encrypted to the point that if I lose the key, I am stuffed (so to speak), so, what does DRM/TPM do for me?
Also, I am firewalled, iptabled, secured on every level, like an onion, a VERY BIG onion, so, what does DRM/TPM do for me?
What DRM/TPM does for me is what all of the above is designed to stop, it makes my computer "owned" by somebody else!
Can they DRM an ABACUS?? Might be all that is left for those of us who desire to have complete control of their own machine.
Strong cryptography isn't defeated by having a backup copy of the key. A printout of the key on paper in a safe for example would be ample security for most people.
It's hardly practical to tie your key to a single motherboard, causing data loss with hardware failures that don't cause damage to the data itself.
Then what IS the solution to protecting intellectual property on general computing equipment?
I think you're confusing the TPM chip with the software that uses it. The chip mostly provides crypto services and secure (well, more secure than not having it) key storage, both of which are good things for some tasks. The software can add all sorts of features, many of which might not be desirable. (The chips don't sit between anything in a PC, they're off to one side and "inserted" into software protocols. Similar to a Smart card in a reader.)
I have the choice to use encryption or not. Will I have a choice with TPM or will other parties that I don't trust make the choice for me?
People usually fear what they don't understand.
So basically all computers in the world will soon be controlled by microsoft?
Gee, luckily theres no chance of them beeing/becoming corrupted
I'm only mindful of the basics of computing but have a few comments. 1) the threats to both anon and privacy today are overwhelming. If TPM, DRM and VM-type processors present even the potential for a worsening of this situation, I say shitcan them. I am a simple sort, in process of building a nice general-purpose computer for home use. I want stability, security and full control over the utility of any software changes. I subscribe to Mr. Schneier's watchful attitude [my interpretation]: if some one or some thing is moving in on your secure state, hit it hard and hit it fast.
I have TPM. I've especially chosen a TPM-enabled motherboard. (Intel D945GNTLKR) TPM is under my control. I'm a programmer, I know how it works and It's a pleasure for me to own and control it. I want to correct the misunderstandings I've found here.
First of all, TPM keys is not persistent. If you are to sell your company to somebody else you can (no, must!) clear the TPM. Just move CONFIG jumper on your MB to MAINTANCE position, enter the BIOS, choose "Reset TPM", apply, turn off, move jumper to its normal position and your computer will have not-owned TPM.
Non-migratable keys and other features should just be used carefully. If you have skills you can make great use of TPM.
What about agent-checker?
It can help lamebrains to keep their computers healthy. It's a measure agains viruses. In our network such PCs are being manually disconnected from network in case of virus abusements. Everybody can be more happier with TPM agent.
I don't need such checks and I just can tell my admin not to enforce my PC to be checked. If admin ever knows about TPM.
What about DRM? I don't know how TPM can prevent people from creating non-protected music. Sound output can be captured. If not, DSP plugins won't work.
Even if licensed DSPs only are permitted to access DRM content, sound can be captured externally, or looping back in & out. But TPM is not about DRM.
It's Microsoft's plans to use it that way.
Microsoft is bad, not TCG.
Just think about it.
I have a computer. I don't know if it has PMT. I'm not a progammer. I have looked at my Bios by pushing Delete button when it starts. It says do nothing if you don't know what you are doing. I do nothing. I use the escape key and have to type a Y or a N....mmm luckily I've read Chaucer in the original so I have a clue about working out oddly worded stuff. I have skills. I carve and print. Microsoft isn't bad they just have nutzoid ideas... like Palladium, TCG and PMT.
I just see many people are lost in panick without trying to understand the matter.
As OCTAGRAM nicely wrote, TPM is just a non-persistent storage of your encryption keys, and can be utilized by software. As something may go wrong with physical chip itself, it's preffered you to have backups of your data, not just passwords/keys. TPM chip may be found on many business laptops todays, including my own one, and is disabled by default (via BIOS). In order to use it, you'll need a special software (mostly supplied by computer's manufacturer).
The chip is a great way to keep your data secure, I use this feature for my private data. For example, it can be used to store Windows/EFS keys, making it hard to read your encrypted data if computer or hard drive alone have been stolen.
Don't be afraid of it, just learn the matter.
@Murad, just curios, which software are you using for protecting EFS keys with TPM? Me too have a laptop with TPM and XP. What should be done?
Schneier.com is a personal website. Opinions expressed are not necessarily those of Co3 Systems, Inc.