Trusted Computing Rollout Hits the Desktop

Alsee writes "Previously appearing in a few rare laptops, ExtremeTech reports on the first major computer manufacturer making a full scale Trusted Computing rollout. Samsung will now install the Phoenix Core Managed Environment (cME) BIOS in every computer they make. Previous Slashdot reports on this BIOS include Phoenix Bios to Incorporate DRM and Microsoft Taking Over the BIOS."

The race is off

How long do you think before this hardware gets hacked?

I would bet on 3 months.

Re:The race is off

I'm betting no more than four weeks. Two months at the outside.

Still, this is one more reason I'm considering a Mac as my next computer.

Macs etc.

Please do buy only hardware which lets you choose your OS.

This situation sucks because the only way we can fight it is by being Good Consumers - but since non-MS users are in a minority, the value of our informed consumerism is limited.

GNU/Linux is proof that if freedom only requires hard work, people will work for freedom - now the proprietary world realises that freedom must be made either illegal or obsolete.

That's the ticket

Go with apple and full vendor lock in. I'm replying here since this is the top comment I could find saying this. How is apple the solution?

The penchant around here for apple is proof to me that more linux geeks are interested in being a part of an 'exclusive' minority than in being involved in things that are open and free (as in speach).

Re:That's the ticket

> How is apple the solution?

The problem with the new BIOS is that it controls your system software - actions must be validated. To make this work, unfree software will be required. This means that you mightn't be able to install GNU/Linux on DRM-PCs, or if you can, you'll have to run unfree software on your system to validate your actions.

The idea of Trusted Computing is that the content owners can trust your computer to do what they say. Code Is Law - except when the code is free. On Mac hardware, you can run a free code OS - so buying a Mac (and replacing the OS with GNU/Linux or *BSD) instead of a DRM-PC is a great idea.

Re:That's the ticket

Hmm. The PC hardware platform is more open? What was the name of that firmware Apple uses? Oh that's right. Open Firmware. It had been used by HP and Sun in the past. If you want to make a difference in the world instead of spreading fud about Apple not using open standards for hardware and software, petition PC makers to start using Open Firmware instead.

Re:That's the ticket

OpenBIOS [openbios.info] is a project to develop an open source implementation of the Open Firmware specification.

If you want to look at the OS X source code, you can get it from http://developer.apple.com/darwin/ [apple.com].

I'm not sure why the source to Apple's Open Firmware isn't available, but I imagine it's because they licensed it from one of the commercial Open Firmware vendors.

Re:That's the ticket

The only thing you need is a trusted 3rd party (GNU.org?) which have released the source for the Nexus, and have signed it.

The GNU project will never in any way directly or indirectly endorse the so-called "Digital Rights Management" (DRM) stuff which has no purpose besides making it more difficult to copy and distribute digital data.

The reason I would love DRM, is that I can go to a friends house, and use his computer, without having to worry if he has started a keylogger.

Preventing keyloggers isn't part of the job description of the implementors of DRM systems. Their job is just to (try to) kill the P2P filesharing revolution, nothing more, nothing less.

Don't be so sure...

The reason I would love DRM, is that I can go to a friends house, and use his computer, without having to worry if he has started a keylogger.

Don't be so sure of that...
There are hardware keyloggers [thinkgeek.com] out there you know.

Also, get some new friends, man...

By actions they have shown active avoidance.

But your PC will - and Apple, by actions they have taken, have shown they are interested in the user having control over the computer. Audio DRM that lets you burn as often as you like, and makes the files your own. Use of Open Firmware and other open technologies (like Darwin or BSD). Lack of product activation on any Apple software.

As we all know "trusted" computing is eaxctly about not trusting the users. Apple trusts the users, and therefore has no reason to deploy a "trusted" platform (which also adds cost, a double whammy).

Basically, Apple is your last large commercial hope. If you want to stop stuff like trusted computing, then head over and support the vendor who is at least trying to head the other way, instead of joining the crowd headed down the path you don't like.

Backing up the entire OS

Fujitsu, however, chose to install the FirstWare Vault software designed by Phoenix, a trusted application designed by the company. FirstWare Vault also creates a hidden partition on the hard drive. However, Fujitsu used it to store a backup copy of the OS, in case the user needed to reinstall. Fujitsu's strategy will eliminate the need to ship the OS "reinstall" disks that have begun to ship in today's PCs. The disks don't contain a full version of the OS, but just the files needed to reinstall it in case of an error. By hiding that reinstall software on a protected partition, the company saved itself the costs of distributing the media, Fujitsu said. Wouldn't this take up quite a hefty chunk of hard drive space? I mean, it says 'doesn't contain a full version,' but wouldn't this still be quite a bit? I'm not sure I want other people making those kinds of decisions for me.

Re:Backing up the entire OS

Not only that, but isn't the whole point of a backup disk to be able to restore your OS and software if the hard drive fails? Sure, you can still use this to restore if the software just gets screwed up beyond the hope of fixing, but if the hardware fails, I'd rather have a CD than another partition on the hard drive.

And seriously, cost of the media? How much could this possibly cost (even if the partition is only the size of a CDROM; 700MB or less)?

Re:Backing up the entire OS

What a fucking joke that is!!

Your hard drive gets screwed (hardware failure, for exmaple), so you can't re-install on a new disk because you don't have the installation media?

And I suppose it also has the "feature" that it'll automatically "fix" any "corrupt" (Linux/BSD) partitions it discovers on bootup?

What a stupid, usless waste of hard drive space to save on the price of an install DVD. This just smacks of taking choices away from the user (other than the choice to boycott this kind of shit completely).

Re:Backing up the entire OS

Wouldn't this take up quite a hefty chunk of hard drive space?

No doubt it will be compressed so I'd expect it to be about 1.5GB for a typical consumer PC preinstalled with windows XP, DVD player, burner software etc. They will still describe it as having an 80GB disk,. not 75GB free space. Manufacturers are happy to save a few dollars by slowing down PC's with software modems and sound synthesis done in software so I doubt they will balk at this oportunity.

Re:Backing up the entire OS

HP has been shipping computers with complete restore info on the HD for about a 1 or 1 & 1/2 years now. If you want CDs, you have to request them on their site, by mail, or phone.

If the drive dies, they send you a new drive with all the OS info pre-loaded....the average user doesn't even realize that they are using space...

What next.

First I have to mod my XBOX, and now my laptop. When will it end?

Re:What next.

When you and everyone else stops patronizing organizations that produce such hardware in favor of open alternatives. Supporting OSS is fine, but something needs to be said for supporting the same ideals in the hardware domain.

Screencap...

Detecting USB controller...
Detecting peripheral: PC104 Keyboard...
Detecting untrusted user at Keyboard!
20000 volts sent to keyboard...

the problem with trusted computing.

The problem with most "trusted computing" proposals so far is that "trusted" is an accurate description of them. It's just an imcomplete description. They aren't about insuring that you, the owner of the computer, can trust the computer or the software on it. They're about insuring that third parties (such as Microsoft, HP, etc.) can trust your computer to do what they tell it to do. The proponents omit that part because they know all too well that if they did say all of what they meant that the average consumer would scream bloody murder and refuse to have anything to do with it.

Re:the problem with trusted computing.

I totally agree with you. Trusted computing does not benefit users as much as it benefits software manufacturers who wish to impose draconian restrictions over our use of software and media. Frankly, with stuff like DRM, the DMCA and now the FBI's attempt at forcing server software to include wiretapping capabilities, I fear for the future of free and unrestricted access to computing technology.

Trusting you to do the wrong thing

The problem is "trusting the user" MOST often means "trusting" someone to download any shit that pops in front of them in a pretty package, "trusting" them to NEVER update their system to clear up known security problems, and "trusting" them to leave their system online, no matter how badly corrupted it is, until it is so sick it no longer functions at all.

Remember "eXistenZ?" It's like that - half the world's computers are under the control of anyone willing to run regular nessus scans and a few backdoor control panels. So.. yeah, maybe some in the linux crowd resent this because the boon won't last more than a few more years. But honestly, something HAS to be done. If that means creating software and system that then set the precedent of forcing corporations to become responsibe administrators of the systems they market on wide scale, so much the better.

This doesn't mean I have to buy one, or that there won't always exist other mechanisms for connecting to the public internet. But most people don't know a fucking thing about free specch - hell, many of them believe "free software" is illegal in any form. All they want is a terminal in their home that feeds them the latest buzz from aol and msn and ebay - and the internet is a fucking mess today because of these users and their five year old Windows 98 and ME security siphons.

The internet exists well outside the US, and many countries are making a giant leap in the direction of OSS. Combine that with a giant push toward obsoleting those fucked up "legacy" systems and we all move closer to a more secure AND more usable internet for everyone.

Sorry... I'll go put my chicken little costume back on now and join you all back at the shack...

this just in!

IBM has had thinkpads containing TCPA chips for years! On top of that, they provide a Linux driver for it on their website [ibm.com]!

Re:this just in!

Just wanted to point out that the 2nd of the listed papers on this IBM link, "TCPA Misinformation Rebuttal" is an excellent explanation of the differences between TCPA, Palladium, and DRM. It also helps explain fact vs. fiction in much of the misinformation circulating about what TCPA can and cannot do. An excellent read!

http://www.research.ibm.com/gsal/tcpa/

DON'T BUY IT!

No, that paper is a basically a bunch of mis-leading propaganda designed to obfuscate the truth that TCPA exists solely for the purpose enabling Palladium and Palladium type DRM and user controlling mechanisms.

Read the EFF report [eff.org] to see why if TCPA were not designed with user control in mind, they could have implemented some very simple changes (user override) to make sure that the user had access and control over all aspects of his own machine. They didn't: instead they opted for to create a system whereby the TCPA chips can be used exactly for the things they claim they have nothing to do with (shipping them with so called "Endorsement keys" which are vendor signed, user inaccessible keys that can verify to third parties that you are using an Operating System that they like).

The logic of the rebutle is backwards all over the place. For instance they claim that TCPA is not for DRM since the chips are not tamper resistant to hardware attacks: This rather shows, unlike what some people have argued, that the chips are not designed to help against things like hardware theft and corporate espionage. For DRM you don't need tamper resistance since laws like the DMCA will keep the means of tampering out of the hands of most of the population.

Also, the argument against the endorsement keys being used for DRM is something like "nobody has a system to running for signing and verifying them today" which is supposed to convince us that such a system will not exist when they are widely deployed (note that as a feature they are 100% useless without such a system.)

BIOS DRM Labeling

If I remember correctly doesnt the Record Industry have to label "protected" CDs?

Would be a good idea if these PC manufacturers labeled their PCs as using BIOS DRM.

That way an informed consumer can make a choice whether or not they want DRM on their system.

Just a thought.

Re:BIOS DRM Labeling

That way an informed consumer can make a choice whether or not they want DRM on their system.

It won't matter much, because most people don't care either way. Worse yet, the salesman simply tells the customer that the feature will "enable access to new media formats" and the sucker takes the bait.

Re:BIOS DRM Labeling

It won't matter much, because most people don't care either way.

But people will start to care once stories start coming out of people not being able to run their software that they "brought home from work".

You'll then start to see people actively looking for PC's that don't have DRM enabled.

The proles are our only hope.

The general population isn't as stupid, ignorant or sheeplike as us slashdot elitists like to think. If this actually pinches people, they'll kill it off quick enough.

Case in point : DIVX.

It wouldn't hurt for slashdotters to educate people when the chance comes up. To be effective, try to be informed, not shrill.

Re:The proles are our only hope.

Trusted computing will hit people right in their wallet. For this reason alone, consumers will revolt. Think of all of the bruhaha that TurboTax caused with their strict licensing management last year.

The "PC revolution" was built on casual piracy. When media moguls try to eliminate that sort of network marketing, they do so at their own peril.

I'm sure they will

...and consumers will buy it because it's a "feature". This wonderful new "trusted computing" will give you access to all sorts of places, simply because we're not going to offer access to anyone else. See?

Kjella

Next thing you know

We're all going to be surfing the net with a government approved "conduct officer" standing behind us.

Whoops there goes another rubber tree plant...

Well it's time to add Samsung to the anticorporate do not buy shitlist.

Good thing I build all my computers from components recycled from the dumpster bay at Texas Instruments in Austin.

Not a PC

So this is the dawn of the Unpersonal Computer? One that hides things from it's users and gives control to other people.

Screw that idea!

Trusted?

I just refuse to believe that the Trusted Computer Initiative will deliver more secure computing.

The XBOX was an attempt at some kind of DRM and it got hacked to pieces because DRM is just impossible. Plus the fact that Microsoft write overly complicated software with bad tools and bad programmers.

But Microsoft bashing aside, they aint alone. I don't think there is any company or organisation capable of deliverying decent computer security at the moment.

The tools do not yet exist to manage projects containing millions of lines of code in a way that won't introduce security flaws.

Si.

Re:Trusted?

The problems with digital information management have never come from the tools and software involved. Design flaws in the software can certainly make it easier to do stupid or ignorant things, but the real issue is that the vast majority of computer users view their computer as an appliance like a dishwasher or a laundry machine rather than the complicated, time-consuming device that it really is. As such, they will never take the time to proper train themselves on security and rights management.

In the corporate environment, this is not that large of an issue since the IT department normally takes care of training, containing, and issuing permissions. In the SOHO market though, this is a real issue, and this is one reason why these Microsoft worms have been spreading as fast as they could. I would love it if computer use was regulated the way a car was here in the U.S. You're allowed to do whatever you want with it when you're on the roads, but you have to be trained to use it before you can drive, and you have to be periodically inspected to make sure that you're not a danger to everyone else on the roads. It sounds like a big hassle, I know, but I really think that it's the only way to rid us of the ignorance clause, even if it involves nothing more than studying a pamphlet and answering 20 out of 25 multiple choice questions correctly.

It will never work

It will never work until program encapsulation is implemented in the ISA. These silly software switches will be easily circumvented.

Honest question

Besides anti-MS statements and rhetoric about DRM, can someone actually tell me how this will affect what I can do with my computer?

Re:Honest question

Another way to look at it is that there are two kinds of computer users: Those for whom the computer is a big mystery and are constantly plagued by spyware, popups, et cetera; and those who know how the computer works, solve their own problems, and could generally be known as computer enthusiasts.

With DRM infected appliances, the latter is locked out of their own machines to a certain extent. You'll no longer have the ability to solve your own problems but have to rely on the magical mystery software that comes with the computer.

The distinction will probably be slight at first, but I think it's hardly appropriate to call a DRM infected machine a "computer", since there will be technology in place to prevent the owner from doing certain general purpose computations. DRM infected machines will be entertainment/office appliances and horribly undesirable to people interested in their computers.

Re:Honest question

As the other posters mentioned from the "basic consumer rights" standpoint you will no longer be in charge of your own computer but the signatories to the "trusted computing" will.

One additional note: It is very likely that anyone wishing to make software that would install on your PC will need to obtain a license from whomever is the encryption key issuing "authority" in the "trusted" computing world. This will put an end to making your own sofware and also it probably will financially impact small software companies. Not to mention that it will give total control of what software will be granted a "license" to the few signatories of the "trusted" computing. In essence Microsoft will get to decide who will be allowed to make software for the PC platform.

Re:Honest question

First, I think it's partly the fear of being poised at the top of a slippery slope. (Granted, the "slippery slope" argument is a logical fallacy--but debates are not won on logic alone.)

So it's completely peachy and great that there's a backup copy of your OS partitioned off on your drive, and tech support can just walk you through a reinstall unless you somehow managed to hose the partition.

Then, they start shipping computers that do an automatic OS reinstall when certain conditions are met. Maybe annoying for power users, but it will serve most people well.

Then a third-party vendor asks, "Hey, can we get in on this? Have our software phone home telling how the owner uses it. Then we can improve future versions." Annoying, but for a good cause, right?

Then the data this third-party is getting shows that people are jumping ship on their application for one that costs less, and they cripple cross-functionality...and keep sending updates to your computer even if you patch it back the way you want it to be. But you don't get to say anything, because you clicked Yes on the EULA.

Then, seeing the success, a bunch of other vendors jump on the "trusted" bandwagon, and suddenly your computer is about as much yours as if it were part of a bot net. Incremental steps toward a worst-case DRM-everything, your-PC-is-controlled-by-vendors future is what the worry is about.

Is it a justified worry? Given the tendency of, well, humanity to take a mile when given an inch, and the disturbingly long and broad reach of corporations, I'd say yes.

Second, I think the furor over trusted computing is a matter of principle. Allowing control of one's computer to be placed in the hands of one or many corporations, or the government, is something many people, me included, find abhorrent. It's a thread of libertarianism (little "l," moderators, not the political party) that, as far as I can tell, runs through a great many of the more common Slashdot opinions. ...which is not precisely an answer to the question you asked, but does explain why the question you asked is not precisely the right one. ;)

-Carolyn

Re:Honest question

For a slightly doom-spelling (unforunately Ross tends to be right far too often) check Cambridge University professor Ross Anderson [cam.ac.uk]'s Trusted Computing FAQ [cam.ac.uk]. There is also his Cryptography and Competition Policy - Issues with `Trusted Computing' [cam.ac.uk] paper as well.

You can also look at documents at Trusted Computing Platform Alliance [trustedcomputing.org], and I recommend reading The TCPA; What's wrong; What's right and what to do about [umd.edu] by William A. Arbaugh [umd.edu]

Re:Honest question

I submitted the article.

I've a programmer and I've been reading the techincal specifications on the system. I'm pretty much an expert on it. I will keep this post as non-technical as I can.

Trusted Computing pertty much does two things. Number one, it keeps some keys hidden inside a special chip. These keys are sort of a cross between a unique seirial number to identify your computer and a password to lock files. The nasty part is that it secures the computer AGAINST the owner. It locks your data such that YOU can't get at it, except in the approved manner. Number two, it allows other people to "look" inside your computer to see EXACTLY what programs are running - it snitches on the owner.

If you don't like something about how your computer works and you try to change anything, your files go dead and unusable. If you try to change anything then whenever you connect to a website or any other machine, and that machine asks to "look" inside, then your computer will report that the owner has made an "unauthorized modification" and the other computer will refuse your connection.

To put it in more concrete terms, say you go to a website. Say the website has ADs. As soon as you try to connect the website will ask to peek inside your machine. If is sees that you have pop-ups blocked it will refuse to you see the webpage. It will be impossible to see the website unless you "voluntarily" view their ADs, and do so in exactly the manner they want.

If you go to another website it can refuse to show the webpage unless you install their spyware. If you refuse the spyware it is impossible to see the webpage.

Microsoft is advertizing new DRM e-mail. If you you don't have a Trusted machine, or if your machine is non-compliant then it is impossible to see the e-mail. If your machine is compliant then you can see the e-mail, but your computer will be physically incapable of printing out that e-mail or saving it or forwarding it, and your computer will enforce it's deletion after a certain date. Some companies (like Microsoft) will love this feature because it means that old incriminating e-mails vanish and can't embarassingly pop-up in court later.

Cisco has announced a new router. It is supposedly an "anti-virus" system, and even the Slashdot story on it reported "Cisco to block viruses at the router". Actually it does not block viruses. What is actually does is look inside your computer to verify that you are running specific approved software. The *advertized* purpose is to check that you are running approved and up-to-date anti-virus software and firewall. It then locks out any potentialy "vulnerable machines" becuase they are a "threat" becuase they "might get infected". If your ISP isntalls one of these machines then you will be denied any internet access at all unless your machine is "compliant". It you aren't running Trusted Computing then they can't verify compliance and you are denied acces. If you aren't running EXACTLY the software they require, or of you alter it in any way, then you are denied internet access. And they can require you to run anything they like, not just security software. Tehy can require you to run software that forces your computer to throttle your own internet connection speed. They can force you to run software that displays ADs. They can force you to run software that tracks everything you do to collect marketing data.

The President's Cybersecurity advisor spoke at a computer conference where he called on ALL broadband providers to install such routers and to REFUSE access to anyone not running a Trusted Computing compliant system.

Pretty much all software will require "Product Activation". It will be impossible to even install the software without submitting to any activation procedure they dream up. If you try to alter the installed program in any way then your data will be locked and unusable, and the software won't run at all.

It will be impossible for people to make interoperable software. And "secure" data saved by on

What really worries me

What really worries me is the unannounced DRM / Trusted Computing BIOS boards that will be coming out. Since this is an anti-consumer feature, and the BIOS companies know it, they don't want to impede their rollout with a consumer backlash.

I recall something about one of the Phoenix guys saying that the consumer was not their customer, the media companies were. DRM put directly into the BIOS, with no option to get a motherboard without it is going to be a real issue. Reminds me of when all the local banks in my area added thumbprint for check cashing on the same day. You couldn't bring your business elsewhere because they all did it.

So wants to start up a BIOS company?

Re:What really worries me

I recall something about one of the Phoenix guys saying that the consumer was not their customer, the media companies were.

Uh, no.

He said that the motherboard manufacturers are their customers. Which is true. Have you ever called pheonix and ordered a BIOS?

He said nothing about your imagined conspiracy theory about the "media companies".

Oh, BTW, the FDIC mandated those thumbprints.

Re:What really worries me

You might want to take a look at the LinuxBIOS [linuxbios.org] project if you're interested in an unrestricted alternative.

Alternative BIos

And how do you propose to load it onto one of these restricted beasts... It will need to be keysigned, and duplicating that is a crime.

Oh, and what about all that esoteric proprietary hardware? ( especially in laptops, but this point holds true for future appliance based PC's ) Who is going to write bios routines for those, with out any documentation?

Its a grand idea, but i dont think it will work out in practice, when it counts and we really need alternatives...

Consumer Aspect?

In general, I think that most /.ers would agree that invasive DRM practices are not a Good Thing(tm), but I wonder how the general public will see these initiatives, if at all. I think that either of two things will happen: People inexperienced with computers will see the nice friendly keywords like 'safe' and 'trusted', and favor these products out of fear, which is obviously what the manufacturers want. Alternatively, Joe User, who neither knows nor cares about security will simply ignore such concerns as fine print, since any kind of technical explanation is of no interest. Unfortunately, I think the principal outcome may be that, like it or not, these Trusted Computing initiatives may propagate, either from adoption by fearful masses, or simply by sliding under the average consumer's radar.

.. and in other news

Samsung will now install the Phoenix Core Managed Environment (cME) BIOS in every computer they make.

... and in other news, geeks (who make the majority of the purchasing decisions worldwide) have decided that they will boycott every computer that Samsung makes.

Don't worry , its only the BIOS

Why this is going in the BIOS beats me since most modern OSs (certainly linux) and even windows use the bios as something to boorstrap their boot
loader whether it be LILO or NT loader. After that the bios is bumped out of memory and ignored. Windows may well use portions of this BIOS if it suits MS but linux and other
OSs can just happily ignore it and nothing will change. Or have I missed something?

Making "trusted" computing go away

I would like to see whether this is, indeed, trusted computing. The article was somewhat vague in some ways. If it is the full-fledged hardware portion of the Pallidium initiative, as part of the article implies, it's very, very bad. If, instead, it's a way to save money on a system restore disk by having the hardware hide a portion of the hard drive from normal software, it's annoying, but probably fine, depending on how it is done (if there's a PKI, that's bad, but if it's just read-only, that's fine).

If trusted computers do appear in your area, I would suggest the following strategy for making them go away:

1. Order a trusted computer from one of the trusted computer makers
2. Return it
3. Go back to step 1

This assumes the companies have a 30-day no-questions-ask return policy (which is usually the case). You can even say that the "trusted" computing was the reason you returned it. Once they start losing tons of money, it'll go the way of DiVX (not the codec -- the old DVD standard which needed to call home to get authorization). It was pushed by Circuit City, which had a ton of people do this to them, so they introduced restocking fees, and lost a lot of customers who knew nothing about DiVX. Eventually, Circuit City backed off the DiVX thing.

If you want to be illegal (which I don't recommend), some people have a modified scheme:

1. Order a trusted computer from one of the trusted computer makers
2. Take out the batteries (which are potentially explosive), and connect the battery plugs or some port in back to 120VAC, thereby frying the motherboard
3. Return it as defective
4. Go back to step 1

This costs them a heck of a lot more, and gets around the place of returns without restocking fee. If you need to buy a DRMed product, you can also use this to make sure the company pays the manufacturing costs for 2 of 'em instead of one, and loses money on the sale. It is, however, illegal, and probably unethical.

The question is though,

who the hell would buy a Samsung computer anyway?

I'm building a computer...

I was gonna buy a Samsung monitor, DVD drive and floppy drive. Now i'll be getting a Phillips, Lite-On and oem brand. Let them know with your wallets people.

Speaking with your wallet...

is great and all but without a massive movement that information doesn't always flow upstream very quickly. In other words speak with your wallet and with your voice. Email is still free (mostly) so everytime your specifically purchase a non-DRM product over theirs write and tell them! [samsung.com] Let them know how much $$$ they're losing on a sale-to-sale basis. Companies live and die by numbers and having another level of data tells them even more forcefully that, yes a boycott is in progress, and they're actively losing our money.

I wonder....

I wonder what Sony would do if Microsoft wanted to put out this BIOS that would only run Microsoft operating systems. Would they put such a BIOS in their computer? Come out with VAIO Linux? (Or maybe more realistically, a proprietary VAIO-OS based on BSD?)

I think Microsoft and Sony are locked in a struggle right now (hence the XBOX, Microsoft's shot accross Sony's bow), so I can't see Sony going along with this.

Trusted vendors being obnoxious

So what makes an application "trusted" is that it has been blessed by Microsoft, ie. any software publisher with the funds to pony up the fee to Microsoft to get the trusted seal of apporval I suppose. So that's supposed to make computing more secure... and what is a "secure" computing environment anyway? Most of us define a secure computing environment as a desktop we can work at where our data is secure, private, stable, and uninterupted by rogue applications that pop up in your face unexpectedly refuse to be ignored... this is where "trusted" vendors are trying our patience. It has become more common for every Windoze desktop application sold today to hag nag screens popping up for any number of reasons: "Do you want to check for updates?" ... "Do you want to register now or be reminded to register in the next 15 minutes?" ... "Would you like to see some exciting new offers? I'll just go ahead and add them to your bookmarks menu anyway..." ... and all this happening when the offending application is not even running! Desktop software is becoming increasingly intrusive and interupting the workflow process.

So I ask you, what's worse: having a malicous virus annoy you and interupt your workday or having an application you paid for essentially behave even worse? At least virus authors don't nag you to register.

So my point is "secure" and "trusted" computing is obviously a joke when the companies driving this initiative are more intrusive and disruptive to the average work day than most virus authors.

I think businesses DO want this...

Hey all,

While it's easy for us geeks to be upset by this, do you think that it's just the media companies that want this sort of thing?

For instance, Lotus Notes (used by corporations "serviced" by IBM the world around) has a nifty feature whereby should a sender wish, they can block access to many client features like, oh, printing or forwarding. Making an unpopular/possibly illegal move with your company? Do it by e-mail! No whistleblowers (save the truly geekiest that can get around this sort of thing) will bother you. Being subpoenaed by the FBI (like Microsoft has been over and over and over again via e-mails)? Have your trusty computer eat it! Simple!

The geeks, for our part, must take a stand and make sure people who buy this equipment are appropriately punished for it. This includes our friends and family -- if they buy something containing this sort of embedded DRM, refuse to help them with anything and everything regarding the cursed device. Assuming you'll be able to get around the DRM and help them to begin with...

Bah. Paranoia sucks.
C

Hmmmm...I wonder...

...could it now be the time for an open source BIOS project?

These things are all now flashable anyway, right?

I was thinking about ridding myself of extra MBs

but I think I'll just hang on to them. Not like I'll get any $$$ for them - right now...

Really, I think the first customer of these Samsungs is going to be some giant corporation that will pick up a pile of these and deploy them all over. Perhaps the Attorney General's office in California will grab some. :P

Companies like Verisign, Network Solutions, and Microsoft have shown that those who are supposed to be trusted, can't and shouldn't.

How is 'Trustworthy Computing' supposed to work when you can't trust the providers of the technology?

Think of the software lock-in and stranglehold that licenses are going to have on these machines - or the uselessness of a boat anchor when it gets hacked by a virus that will be allowed to run on it during its rollout period, or when it gets hacked.

Ugh. Keep your old machines, geeks! (Sorry, wives and girlfriends...)

A shame...

Now I am compelled to take measures to ensure that no potentially illegal activities (corporate) are able to be hidden by this DRM nonsense. I will have to bring a digital camera into my workplace as soon as I start running into unprintable emails, documents, etc. As soon as I get any document with an expiration/self-destruct date. I will start taking steps to ensure that all such items are "documented" via digital photography, if need be, so that I can safely be a whistleblower as required. I will not, under any circumstances, EVER be party to illegal activities by any corporation for the sake of money. I will not be party to unethical activity of any kind. If I come across such, I am compelled to blow the whistle and if M$ and other corporations feel the need to try to cover their unacceptable, illegal, unethical behavior via DRM crap, then I WILL sidestep it one way or another. I am honor-bound to do no less.

On a personal note, it is automatic that I will never ever again purchase any system that contains a phoenix bios chip in it. Old or DRM-enabled new, phoenix has ceased to exist as far as my money is concerned.

Easily hacked?

People are saying that these computers are likely to be hacked very quickly.

I agree.

I also predict the reaction of the companies will be to
(1) make it even *more* draconian.
(2) Whine that the entire computer industry as we know it will be destroyed (and the terrorists will win!) unless Congress enacts laws that will make it illegal to break into "Trusted" computers which given the way Congress usually drafts laws will probably be so vague and broad that merely open the case of any computer (w/o a government sanctioned license) will count as infringement worthy of 5 years jail. (Maybe we should call this the Patriot Computing Act?) And if they are really good, enact laws force everyone to upgrade to Trusted computing within say 5 years or else via legislating that within 5 years every new computer sold in the US has to be a "Trusted" computer.

Remember, in the field of "intellectual property" and anything associated with "computers" or "digital" or "internet", if something fails, it's not because it's a technological impossibility, your business model is failing or your customers plain don't want it or even hate it. It's because you just haven't made it draconian enough, your customers are your enemies who need to be punished and made to toe the line and you need draconian broad-based legislation otherwise the economy will collapse, WWIII will happen and of course, the terrorists will win.

Just sent my tinfoil email off to Samsung..

Someone suggested that we speak [samsung.com] up. I'm game:

I am writing you to share my disappointment over the announcement of your planned use of the DRM enable Phoenix bios. I believe that any product that contains 'features' able to limit users in their freedom to use their computer (and included data) is an anti-consumer feature. I can not in good conscience support a company who willingly chooses to support such a technology. As a the chief technology representative for my company and a trusted knowledge base for many family and friends I am afraid I will have to recommend against any purchases of Samsung hardware or equipment.

I understand that these time are hard between the push from big businesses and media conglomerates and the promise of additional features, DRM can sound like a very appealing solution. Unfortunately at this time I do not believe DRM to be beneficial to the consumer and must make my recommendations based on the very real possibility that this technology will be used to the disadvantage of the consumer.

Thank you,
My Name (ha ha I have more then just a NICK!)

China

As we've seen recently [theregister.co.uk] in Intel vs. China regarding China's own wireless standard (labelled GB15629.11-2003 for those interested), we can probably at least count on China to get hissy about this.

Simply put, whether the threat they perceive is real or not, there is no way they are going to allow American proprietary rubbish (with evil spyware code to boot) to penetrate the Peoples' Republic. So if we have to start importing all our parts from the commies, then so be it, but even if dumbass consumers in the West buy this kinda rubbish (and, as others have said, they undoubtedly will), it simply will not fly politically elsewhere.

The push for Linux in Asia is clear - HP are going to ship Linux boxen [slashdot.org], China has variously shown its keenness towards the open OS, NTT DoCoMo [nttdocomo.co.jp] are putting Linux in phones [infoworld.com] and so on - this kind of stuff really does matter. At the very least, American hardware manufacturers are going to consider the bigger picture before alienating large numbers of potential consumers.

Microsoft is not invincible. It has failed in the mobile phone market, failed to crush Java (now, of course, flourishing on mobiles) and has a long time to examine consumers' reactions before Longhorn comes out. I really don't think it will try to push this too hard...

iqu :?