DRM Tinkering with Intel's PXA270? 412
putko asks: "Intel has a new line of chips with DRM built in. This appears to be the very first DRM-enabled chip to hit the streets. This microprocessor is unlike others available, because the user doesn't have complete control over the thing, and your computer can (theoretically) betray you.
For a while now, there have been computers (IBM ThinkPad) that won't boot unless you give the password, but you could always rip out the hard drive and read it, right? With this chip, the keys and RAM are on the chip, and the flash is encrypted, so this really looks locked up tight.
Has anyone worked with this chip, and is possible to build your own device that uses the Intel Trusted Wireless Platform to protect your secrets (like your software, perhaps)?"
"I'm reminded of this due to Slashdot's recent story on the iPAQ, which uses the chip (and has some neat security features too). Somewhat surprisingly, nobody brought up the Doomsday scenarios, there. It should also be mentioned that there are companies selling incredibly tiny boards for it. Maybe you can run Linux on them?
Wouldn't it suck if the chip had the capabilities and you couldn't use them in your own projects -- e.g. if that was just reserved to big companies like Microsoft? On the other hand, if you can use the features, you might see some neat applications. Assuming you can program the DRM stuff, how do you avoid locking yourself out of the chip while developing? What extra pitfalls may developers run into using it?"
Welcome to hell boys! (Score:5, Interesting)
Yeah, there is a possibility that non-DRM'd pieces of hardware (including LinuxBIOS) will have a market but the vast majority of people want stuff to work and work w/o problems. Microsoft, Intel, Phoenix, etc, will all tell everyone that they will end viruses, worms, trojans, spyware, etc if they just use their hardware solutions.
Yeah, well, that's great and all but you won't be doing anything on the net unless you are running trusted hardware. People's arguments that an "alternative" network will show up to solve that is bullshit. Just wait till your online banking, your taxes, and your foo are all on the "secure" Internet.
Nevermind that, but it may become illegal (through creative lobby) to own and operate an unlicensed/unprotected piece of hardware. Enjoy finding an ISP that will let you connect.
While this particular CPU might only find a niche market and may very well flop completely, I have a feeling that we will start seeing more and more of this sort of product coming out of the hardware giants. Who knows, maybe my paranoia will be justified?
Re:Welcome to hell boys! (Score:3, Insightful)
Do you think AMD will roll over and die?.
Sorry but this stuff will only be for corporate users. Home users will complain that things don't work correctly. Becuase MSFT has never made a large profit on a project that wasn't OS or Office.
It's the only reason why I am not overly scared. That and if you can't load other OS's without paying Large fees. the antitrust trials will come back and quic
Re:Welcome to hell boys! (Score:2)
Re:Welcome to hell boys! (Score:5, Informative)
IBM and AMD are also part of the whole Trusted Computing "initiative". From TFA: http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html [cam.ac.uk]
Re:Welcome to hell boys! (Score:3, Informative)
For a while now, there have been computers (IBM ThinkPad) that won't boot unless you give the password, but you could always rip out the hard drive and read it, right?
It is quite wrong.
The drive stores the password on a protected portion of the platters, so ripping out the drive will not allow you to read it. You will, however, be able to boot the notebook again.
-nB
Re:Welcome to hell boys! (Score:5, Interesting)
Home users might find that this will be the first "computer" that does work correctly out of the box. This will be the computer appliance that they're looking for. The "hood will be welded shut", and that will be just fine with most users. Real computers will become the hobbyist's toy, just like short wave radio. Just as we have less people that know morse code, we will have less people that can work a keyboard. It will look like a McDonalds cash register with lots of pretty buttons(or more likely a touch screen), and will probably only connect to shopping sites.
Re:Welcome to hell boys! (Score:4, Insightful)
No, we've had those for a number of years now. [apple.com]
Re:Welcome to hell boys! (Score:2)
Re:Welcome to hell boys! (Score:5, Insightful)
However with Trusted computing:
(1) you cannot connect to the ISP at all unless you are running the mandated and unaltered software. That would include a firewall that restricts what data you can send. If they like that software can prevent your computer from accepting any local network connection, except from another Trusted computer. Any data sent to the ISP and out to the internet must go through that firewall and must be encrypted.
(2) Even if you do manage to pass the data through, your non-Trusted computer will be entirely locked out of an increasing number of ordinary websites. One of the biggest drivers of this will be the advertizing motivation - my encrypting the website and only being viewable on a Trusted machine and with an approved Trusted webbrowser, it becomes impossible to run any sort of pop-up blockers or ad blockers. Any attempt to block the advertizements renders the website unviewable. They can also make it impossible to copy images or text or anything else from the site. They can block "deep linking". They can prevent other sites from "leeching" their images and other files. They can enforce any sorts of terms of service they like.
the idea that it will only run programs allowed to be run
That's a myth/misunderstanding, and it is absolutely not a reason for it to fail.
Their plan is quite insidious. Their number one priority is that there is absolutely no reason not to have a Trusted computer. A Trusted computer can do absolutely anything a non-Trusted computer can do. A Trusted computer can run absolutely any software a non-Trusted computer can run.
Software does not need to be "approved" for it to run.
A computer with a Trust chip is like a coputer with speakers. You can simply pretend the speakers / Trust chip aren't there, and it's exactly the same as a speakerless / non-Trusted machine.
So long as you don't activate the speakers / Trust chip, you have a plain old computer. However the moment you activate the Trust chip you go into a special "handcuff-mode" and you no longer own your computer.
So why would you ever go into "handcuff-mode"? Because the new Trusted software and Trusted media files and Trusted websites (and eventually Trusted ISPs) will only work in handcuff-mode. They will not work at all on a normal computer. So you have three choices. (1) Stick with an old computer, and none of the new stuff works and you eventually get locked out of the internet completely. (2) Get a new Trusted computer, but refuse to activate the Trust chip, and none of the new stuff works and you eventually get locked out of the internet completely. (2) Get a new Trusted computer, activate the Trust chip and "volountarily" wear the handcuffs and lose ownership of your computer, and all of the new stuff works (in handcuff mode).
-
Re:Fourth choice (Score:3, Insightful)
The consumers are not deciding anything on that matter. TC is being implemented in hardware right now and if that goes on at the current pace you will, in a few years. have a hard time buying a new PC without builtin TC chip.
The consumers will be conditioned to use it by the usual FUD strategies.
"Secure" onlineshopping/onlinebanking will suddenly no longer mean "SSL required" but "TC crypto required". Internet Explorer will
Re:Welcome to hell boys! (Score:5, Funny)
Is it paranoia if they are really after you?
Re:Welcome to hell boys! (Score:5, Informative)
Good to know, though. Time to go look into it a little closer and see if anyone plans on putting out a PDA with a VGA screen and a different processor. Today, AFAIK, the only VGA capable models all use the PXA270.
cell phones too (Score:3, Insightful)
After all why should the cell phone companies give up their monopoly as being the gatekeeper to all software including pim's and games?
Re:cell phones too (Score:2)
They're already selling their phones "locked" (tied to a particular service provider), and some people are making a few bucks by offering an "unlock" service (they know the magic sequence of buttons to press to cancel this lock.)
With DRM on board, a locked phone will stay locked. And a $4.95 java game, well, you only get it for the month. Seeing as how people are "selling" ringtones and "screensavers" and making a boatload of money off of the s
From the "Ten Immutable Laws of Security" (Score:3, Insightful)
Law #1: If a bad guy can persuade you to run his program on your computer, it's not your computer anymore
Law #2: If a bad guy can alter the operating system on your computer, it's not your computer anymore
Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore
You see, "bad guy" is a value judgeme
Re:From the "Ten Immutable Laws of Security" (Score:4, Insightful)
This is not correct if your OS supports confinement. It's a bad sign when the first item in the list is wrong.
Re:Welcome to hell boys! (Score:2)
You do know there are other countries than the US on the net, right?
I for one have a hard time imagining China letting its citizen use such a DRM'ed computer. Or will the DHS? It could be used by terrorists!
Hence, governments will ask for loopholes to be added into it. Hence, hackers will find a nice hack around this. The very minute a loophole is built in, it becomes worthless as far as D
Re:Welcome to hell boys! (Score:2)
What does that have to do with me? I live in the US. I think I covered what will happen in the US above (quoting in case you were too lazy to read the whole thing):
Nevermind that, but it may become illegal (through creative lobby) to own and operate an unlicensed/unprotected piece of hardware. Enjoy finding an ISP that will let you connect.
I for one have a hard time imagining China letting its citizen use such a DRM'ed computer.
O
Re:Welcome to hell boys! (Score:2)
Don't forget that such "trusted hardware" also makes it harder for law-enforcement agencies to spy on you... unless they have some kind of "master key". Which they will obviously demand, and get.
However, if the system is designed with many "master key" loopholes built-in (as many countries will ask for their own "master key"), it means some geeks somewhere will manage to find a way to
Re:Welcome to hell boys! (Score:2)
Umm, DRM just means you can't run unauthorized software on your DRMd hardware. It has nothing to do with not being able to spy.
In fact, in the scenerio I laid out, some sort of central authority would have to hand out authorization for DRMd client hardware to connect. If anything, this would make it even easier
Disagreement (Score:3, Insightful)
Here is my vision (discussed previously [slashdot.org]):
Someone takes a chip like this and builds a set top box. This box plugs into a broadband connection. It contains unbreakable DRM. The box is provided to consumers at no cost and does not cost them anything if they do not use it. The box checks for content on the internet. It finds popular content and downl
Re:Disagreement (Score:2)
When you have tens of millions of viewers, it doesn't take much to bring fortunes to those that deserve it.
Re:Disagreement (Score:3, Informative)
Re:Disagreement (Score:2)
Secondly, what company is going to front the capital nee
Re:Disagreement (Score:2)
- When we dish out money, we want to keep what we get. After all, the media distributor gets to keep our money, right?
- Once we have this content that we keep indefinately, we want the terms to not change. Ever. If we drop whatever service we bought it from, or that service vanishes, we still want to be able to view it, because we paid for it. We don't want the distributor to be able to impose terms after
What is the DRM doing for you? (Score:2)
Your idea is very good and I've had similar thoughts of a box like that for a while - but in NO WAY is DRm a part of a picture that makes that box a success in the marketplace. Such a box would be a success with lesser known content p
Re:What is the DRM doing for you? (Score:2)
It is keeping one person from buying one "episode" and sharing it will 30 million other people.
Lets say that the big networks were to buy into this scheme. In order to cram a good, quality (HDTV, of course) show into the box, you'll need some huge P2P sharing ala bittorrent. The boxes themselves will become the method of distribution. Zero overhead. Now, why on earth would I pay for an episode if it is alread
Re:Welcome to hell boys! (Score:2, Insightful)
Unjustified paranoia, +5 stoopid (Score:2)
Nevermind that, but it may become illegal (through creative lobby) to own and operate an unlicensed/unprotected piece of hardware. Enjoy finding an ISP that will let you connect.
I can't believe this shit get
Re:Welcome to hell boys! (Score:2)
Then someone will come up with an "open source version" of the CPUs (that you could manufacture yourself of course), and the DRHIAA (Digital Rights Hardware Industry Association of America) will start banning them. Don't count on it tho.
Cha cha cha! (Score:2)
Love the acronym.
Re:Welcome to hell boys! (Score:2)
Long live to the computer!!!!
Smile citizen, smile
Re:Welcome to hell boys! (Score:2)
Naturally, theres always a way around something, given enough time.
Re:Welcome to hell boys! (Score:2)
Anyway, I wouldn't be selling that used computer these days. At least you know it doesn't already have TC inside!
What happened to..... (Score:3, Insightful)
Re:What happened to..... (Score:2)
Re:What happened to..... (Score:2, Insightful)
Re:What happened to..... (Score:2)
Obligatory 2001 reference... (Score:5, Funny)
PXA270: I am sorry Joe, but I am afraid I can't do that...
Take a deep breath and relax... (Score:5, Interesting)
First of all, this is an *EMBEDDED* processor, not an x86-class CPU. It may be used in PDAs and the like, but it is not going to be running your desktop anytime soon.
Secondly, embedded devices with encrypted onboard flash are nothing new - they've been around for years.
How to cook a toad (Score:4, Insightful)
We should be wary of *any* move towards turning computers from our servants into our prison guards.
this is untrue (Score:2)
Cool (Score:3, Funny)
I love vague analogies!
Re:this is untrue (Score:2)
Actually, ask any herpetologist, the toad will quite readily jump out of the pot when it gets hot enough.
You might be right (I have no idea, I don't know any herpetologists) that it's an untrue analogy, but the point that people usually try to make with the analogy isn't necessarily false. Ask any Psychologist--people will accept some rather extreme situations if they are gradually desensitized to it.
Re:How to cook a toad (Score:5, Interesting)
This is off-topic nitpicking, but real toads will jump out of the pot as soon as they get too warm. This is pretty much true of all amphibians and reptiles. Lacking the ability to thermoregulate internally, cold-blooded animals instinctually move toward and away from heat sources as necessary. When, for example, a lizard is too cold, it will move into the sun to bask. When it starts to get too warm, it will move back into the shadows.
It's warm-blooded animals that are susceptible to this trick because they lack the necessary instincts. If you want to cook a human for example, you put him into a hot tub and slowly crank up the temperature. Long before you reach the boiling point or even any discomfort, he will pass from heat exhaustion to hyperthermia, and finally into unconsciousness, seizures, and organ failure. Read the warnings in a hot tub owner's manual sometime, or ask your friendly neighborhood paramedic how often failure to RTFM requires them to fish dead guys out of their hot tubs.
So really, all this "how to boil a frog" nonsense really out to be "how to boil an end user".
Re:How to cook a toad (Score:2)
Re:How to cook a toad - WRONG!!! (Score:5, Informative)
This has been said before - the primary goal is to get the board part count down.
The primary goal is to get the board part count down.
Let me reiterate once more: The primary goal is to get the board part count down.
With this chip, the only thing that it means is that you don't need o include a flash chip on the board.
The system will still be reflashable through a JTAG interface - just as any other device with flash connected to a CPU would be. In that respect, this machine is no more holding us "hostage" than any other previously released iPAQ or Zaurus.
I thereby declare you, sir, to be talking out of your ass.
Re:How to cook a toad - WRONG!!! (Score:5, Interesting)
How about leaving out the DRM circutry? That sounds like a pretty effective and easy way to get the part count down.
Re:Take a deep breath and relax... (Score:2)
BIOS manufacturers are implementing several DRM security mechanisms, which will work with the OS DRM mechanisms that microsoft is putting into the OS. These will be required components for HD-DVDs to work in PCs, or for Digital TV tuners which support the broadcast flag.
Basically, the content produ
Re:Take a deep breath and relax... (Score:2)
Lets say I use Linux for the os on a device using this chip.
I make changes to the kernel. How would you ever know? No way to check what is loaded in the rom. Even if I gave you all the source but not the keys there is no way you could hack this device to make it work better or to do things I never intended.
From a companies point of view this could be great. No need to worry about someone hacking the device and trashing it then calling for support. You ca
If you don't approve... (Score:2, Informative)
Re:If you don't approve... (Score:2)
Re:If you don't approve... (Score:2)
Where have you been? Many people who read
I'd say I control a market of around 20 people. some here control more than that.
Re:If you don't approve... (Score:2)
Re:If you don't approve... (Score:2)
What do you think we're doing? (Score:2)
1)They are discussing whether or not there is a real danger - deciding whether or not to vote with their wallet
2)They are disseminating information - in other words, they are letting people know about the DRM features and their implications, so others can as well vote with their wallet
3)They are making their decision to not purchase the product and the reasons why a
Re:If you don't approve... (Score:2)
Anyway, when your computer stops doing what YOU tell it to, it's no longer a computer to my eyes: it's just a glor
Oops. (Score:5, Funny)
Yeah, I had all of that info you're looking for... but I forgot the password on that system ;)
Your own trusted platform wtf?? (Score:3, Funny)
Two words.... (Score:5, Interesting)
Remember what happened to that brilliant idea? This is it in a new guise, this time reborn to lock-in traditional media.
Never fear, either too many objections will be raised to make it viable in the marketplace, or some smart person will figure out how it tics...
Re:Two words.... (Score:2)
One word (Score:2)
The clipper chip was to be universal encryption. The idea is the government would sell an encryption chip for voice, data, and so on below cost. It would be so low priced, and work so well, that everyone would buy it and it would become the standard. The thing is, all chips would have a special universal key that the government could use to decrypt transmissions (with a court order of coruse).
Now regardless of if you think that kind of tapping power is a good thing or not, anyone who knows about cry
Re:Two words.... (Score:3, Informative)
The surest way to lose a battle is to underestimate the enemy and not fight until it's already too late.
I *pray* the mainstream news will pick up on this story and that there will be a massive public backlash against Trusted Computing, because if there isn't then we've already lost. Their scheme is incredibly insidious, and they actualy harness natural market forces
The customer is always right? (Score:2, Insightful)
Re:iPod ??? (Score:2)
Get real. If the iPod worked with DRM'd media ONLY it would not have even half the popularity it enjoys now.
From Intel's White Paper (Score:5, Informative)
Media DRM - files can be created to work only with the OS, ROM and disk in the unit, and only for a specifed length of time.
The features seem to be directed at wireless carriers and content providers, to prevent unauthorized use of their networks and content. So, if you don't like it, use other vendors.
Re:From Intel's White Paper (Score:4, Interesting)
Think about it?
If you were the CEO of some cellular company you could make a fortune if you had money from every single app written for your phone. Worse you could charge your users fees if they ever want to install software and you can make even more money!
Why do you think the Xbox is drm locked and encrypted? Its so Microsoft can make more money at the expense of the market.
RMS may be a little off the wall with proprietary software taking away freedoms but proprietary hardware is the real threat.
We should put our efforts to fight this.
Just the other day here on slashdot there was a story on DRM being added to dvd standards. Why? Broadcast flags are now requried for the FCC by June. Its insane and our whole openess and ingeuinity of the internet itself is in danger.
We have to do something in orde to protect ourselves. Perhaps a NRA for computer hobbiests might be in order. We have no lobbiests on our side.
Re:From Intel's White Paper (Score:2)
Not a troll, but my interpretation of that is "Trusted Computing only works if all the parts of the equation (ie. OS, software, hardware) are running it".
Most of the big companies are involved in Trusted Computing of some sort, and have invested heavily in it. The idea that they will go that all that expense and then not use
I will (Score:2)
When pigs win the X Prize (Score:3, Insightful)
Inaccurate statement about the Thinkpad (Score:4, Interesting)
If the password for the hard drive is set, you won't be able to move the drive to another system or it will look like the drive is dead. If you do know the master password and try it in another system, I believe it will wipe out the drive, it's pretty secure, and the main reason I use ThinkPads.
Re:Inaccurate statement about the Thinkpad (Score:2)
I could recreate certain data but it would not be as painful as if someone else gained that information.
Re:Inaccurate statement about the Thinkpad (Score:2)
Re:Inaccurate statement about the Thinkpad (Score:2)
Boycott Intel - enjoy the performance of AMD! (Score:2, Interesting)
- Most AMD processors give you quite a bit more performance than Intel CPUs
- Intel continues to pollute the environment with chemicals from chip production while AMD has invested alot to reclaim and/or properly dispose chemicals, not just at their Dresden fab, and is focusing on energy efficient processes as well as buildings.
- Intel is in bed with Microsoft whereas AMD is much more neutral and supports open-source projects e.g. de
My prediction (Score:3, Insightful)
Re:My prediction (Score:2)
Doesn't DRM by definition (Score:3, Insightful)
DRM - big brother's kid sister.
DRM: Digital RESTRICTIONS Management (Score:5, Insightful)
Although I'm not a big fan of spin, the current political climate makes renaming things with misleading names a necessity. When you say "Digital RESTRICTIONS Management", it makes it fairly clear that it's a technology aimed at limiting personal liberties.
P.S. Yes, I know this is a repost, but...
Finally! (Score:2, Funny)
Well.... (Score:2)
Just another instruction set feature (Score:5, Informative)
Besides that, it's a great chip! 600+ MHz, low power like their previous PXA CPUs and plenty of features.
This DRM feature is just another optional feature for designers to use. Right now, I don't see any real reason most designers would use such a feature set. They have no incentive to just lock-down a system willy-nilly. It won't generate any new sales.
And yes, we are running Linux on this chip.
I'm afraid I can't do that. (Score:2)
Some Clarifications (Score:3, Interesting)
Second, the "security" features on the chip were not specified by Intel, they were specified by the ARM consortium. ARM merely establishes the uniform copy protection standard. A vendor may include it in their ARM offerings at their option.
These processors are targeted for use in "smart" phones. The copy protection features were demanded by the cell phone carriers, which in turn were demanded by their "content" partners who are looking to sell -- or worse, rent -- you copy-protected ringtones, UI skins, music clips, and movie previews for usurious sums.
Personally, I'd stick with the "stupid" phones for the time being and avoid all this childish rubbish.
Schwab
What you need... (Score:3, Interesting)
Re:Bad Intel... Bad... Bad... (Score:2, Insightful)
Re:Bad Intel... Bad... Bad... (Score:2, Insightful)
Seriously, it's bad enough when Windows XP locks you out for adding a memory module and you have to re-install the entire computer. I don't want my CPU locking me out if my roommate checks his email on the web browser and plays a bootleg MP3 file that someone sent him. If you own the hardware, it should be yours entirely.
Re:Bad Intel... Bad... Bad... (Score:2)
The day I have to ask permission to view a file on my own computer is the day I give up computing and go into some other field like zoology.
There's a certain "principle of the thing" argument for having full control over hardware you own. If you don't own it, for instance, you rent it from the cable company (a digital cable box), that's different. But if it's yours, YOU should be the lord of the castle.
-Z
Re:Bad Intel... Bad... Bad... (Score:2)
Someone will come out to satisfy the demand for non DRM'd chips.
Re:Bad Intel... Bad... Bad... (Score:2, Insightful)
Re:Bad Intel... Bad... Bad... (Score:2)
Who'd have thunk it?
Re:Bad Intel... Bad... Bad... (Score:2)
Re:Bad Intel... Bad... Bad... (Score:2)
Lesson from Howard Dean (Score:2)
Re:Solution (Score:2)
Like this DRM less AMD chip! (Score:2, Interesting)
http://www.amd.com/us-en/ConnectivitySolutions/Pro ductInformation/0,,50_2330_6625_12409%5E12410,00.h tml?redir=PCAU04 [amd.com]
Oh, wait...
Built-in decryption hardware for digital rights management (DRM)
Does that mean you won't buy AMD chips either???
Re:How date you?! (Score:2)
Once I buy a device, any secrets on it are, or should be, mine too. IOW, I want to know what's inside my new gizmo, or at least have the option of finding out. So I know my secrets are protected too, amongst other things.
I don't think this will go terribly far - most people will find out that they can't do what they want on these types of devices (legal or otherwise) and stay away. I sure won't bu
Re:FIRST :P (Score:2)
Re:China (Score:2)
and the world will awe in the subversion that it will cause in China.
Re:iTunes and the iPod would respectfully disagree (Score:2)
Well, yeah, I'm not in love with that per se, but it's worth pointing out that the RIAA required iTunes to use DRM, and that the iPod plays all sorts of non-encrypted files.
I think the more salient issue is that Apple is a bit further away ideologically from actually putting some shit in the BIOS that prevents you from booting another OS. Their asses were saved by BSD. Hell, forget Ideology: they're a hardware company [earthlink.net]. They don't give a rat's behind if you put linux on the box (I don't know why you would