Skip to main content

View Diary: Update - Windows 8 + TPM 2 = Backdoor (52 comments)

Comment Preferences

  •  I believe you've confused (2+ / 0-)
    Recommended by:
    AaronInSanDiego, Hey338Too

    TPM, which is a hardware authentication and encryption standard, and Secure Boot, a technology to limit the computer to authorized boot loaders only.

    There was chatter originally about Secure Boot disallowing all Linux distributions but that hasn't really happened.  In most cases Secure Boot can be disabled.  There have been a few specific platforms where that hasn't been the case but that's left up to the hardware manufacturer.  For example I've read reports about a couple models of Servers having it locked in but HP for example allows it to be disabled in their pc's and even provides instructions on their website to do it.  A bunch of the major distros have already implemented it, Debian's next.  There are also 3rd part implementations that offer support.

    Really the hub bub is more ideological than practical.  There are people who argue against anything but 110% control of the computer from the boot process to complete and total access to the source of every single application.  Those serve a very important service acting as watchmen and pushing the issue of openness thus letting it filter down into even more closed systems.  Practically though the dangers tend not to ever materialize.  

    Tech like TPM or Secure boot is targeted at and implemented by people who want the security that those techs provide.  A company wants a complete lock down on it's fleet of computers to protect it's business.  It wants hardware encryption of it's data and it specifically implements it.  For home, it's a non issue.

    •  TPM underlies and enables Secure Boot (2+ / 0-)
      Recommended by:
      Just Bob, nchristine

      This isn't just a theoretical problem for the Stallman types - the restrictions affect consumers and linux distro maintainers. I have an objection and a concern. My objection is that yes, I want to own my stuff 100%, and to be able to use it and modify it however I want. That seems like a pretty reasonable demand - don't you agree with that? The technologies we're talking about are not there for the good of consumers at all, and in fact to the contrary: they are there to allow vendors, "rights holders", governments, and Microsoft to restrict and control your device. To prevent device owners from running certain software, listening to unapproved music or video, or installing an unapproved OS on their device.

      My concern is that although now hardware mfgs and Microsoft are being accomodating, they may not always be. Once the technology is established, TPM, and Secure Boot will allow arbitrary future restrictions. For example Microsoft may decide that Ubuntu is a threat to profits (as Android is on the RT platform) and revoke the Secure Boot keys that allow it to run. Personally, I can't do my job without a dual-boot system, so there's no way I'll buy a PC that could possibly prevent that.

      History repeats itself, first as tragedy, second as farce - Karl Marx

      by quill on Fri Aug 23, 2013 at 09:37:14 AM PDT

      [ Parent ]

Subscribe or Donate to support Daily Kos.

Click here for the mobile view of the site