halik Posted July 26, 2005 Share Posted July 26, 2005 From what I've been able to read up, the chip checks for current hardware state and then decides whether to give out a private key, right? Now what do you do with those private keys? Are the instructions in TCPA apps actually ecrypted with whatever algorithm the keys are for? If so, whats stops someone from writing an app on the real dev mac to grab all the keys? Link to comment Share on other sites More sharing options...
Swad Posted July 26, 2005 Share Posted July 26, 2005 Welcome to the forums, halik! To be honest, there is still a lot we don't know about the TPM. It could be that actually encrypts some things - it might just check for the presence of the chip, although it looks like the encrytion method is probably the case. Either way, it's doubtful that we'll know its exact function until we have more information to go on. Link to comment Share on other sites More sharing options...
halik Posted July 26, 2005 Author Share Posted July 26, 2005 Welcome to the forums, halik! To be honest, there is still a lot we don't know about the TPM. It could be that actually encrypts some things - it might just check for the presence of the chip, although it looks like the encrytion method is probably the case. Either way, it's doubtful that we'll know its exact function until we have more information to go on. I won't have access to a p4 box for another two weeks, so I'm open to any and all info. How did you find out that the rosetta app checks for the TCPA hardware? That should be the starting point for everything - if there are certain kernel calls for the harware (rather than getting private keys from it), then circumventing those will not be a problem Link to comment Share on other sites More sharing options...
lanny Posted July 28, 2005 Share Posted July 28, 2005 I wonder why they dont provide any details about this... If this is the key to everything why they dont make their infos public so we could help? Link to comment Share on other sites More sharing options...
zhLilDoggi Posted July 28, 2005 Share Posted July 28, 2005 If you were talking about the creators a TPCA, are you serious? Even if it is some type of bullsh*t Apple put in there, they wouldn't say {censored} about it. 'Enuff said. Link to comment Share on other sites More sharing options...
Swad Posted July 29, 2005 Share Posted July 29, 2005 Lanny- I think the problem is that right now we really don't know that much about TPM. We don't know it's exact function, and we don't know how it operates within OS X - we still need to do a lot of testing. As soon as we find anything out, though, we'll post it here. Link to comment Share on other sites More sharing options...
halik Posted July 29, 2005 Author Share Posted July 29, 2005 Lanny-I think the problem is that right now we really don't know that much about TPM. We don't know it's exact function, and we don't know how it operates within OS X - we still need to do a lot of testing. As soon as we find anything out, though, we'll post it here. that's basically the idea. Per out converstation last nigh, as soon as i get back home to my P4 box, ill ktrace the stuff in and out. http://www.research.ibm.com/secure_systems...jects/tcglinux/ ^ Thats what i was talking about (the ibm research) Link to comment Share on other sites More sharing options...
lanny Posted August 3, 2005 Share Posted August 3, 2005 I don't think there can be a software hack. I read everywhere that this technlogy is aimed to check for sw/hw integrity. Pure speculation: the most hard case would be that if the protected software used encrypted code. In this case there have to be a piece of unencrypted code that instructs the chip to do the job. If the chip finds everthing OK, it does. A much more unsecure way (and I think this is the case) when the chip just gives out the keys, so the protected sw could decrypt itself. (If you got the keys you can make an emulator pci card, that contains your keys and uses same ports, protocol as the chip.) In any case, you can easily log the chips output, so you get the keys or the decrypted pieces of the software. Or is this completely {censored}? Link to comment Share on other sites More sharing options...
bofors Posted August 3, 2005 Share Posted August 3, 2005 "Hacking" the TCPA/TPM might constitute a very serious criminal violation of the DCMA. So, it can not be discussed in this forum nor attempted without permission from Apple. However, we are entitled to "study" how the TCPA/TPM system operates and talk about it in context of free speech. On strictly theoretical grounds, we should consider two different scenerios: 1) TCPA/TPM software on TCPA/TPM hardware. 2) TCPA/TPM software on normal hardware. Clearly, in the second scenerio the software is vulnerable to modification as the hardware is not in place to test it's integrity. Link to comment Share on other sites More sharing options...
cajuncoon Posted August 3, 2005 Share Posted August 3, 2005 yeah uhm thats what we are trying to erm do just study yes study for research purposes apple we admire your work and just wont to study *edit* had someone set up a virtual pc in japan and is remote accessing the mac and studying the tpm Link to comment Share on other sites More sharing options...
JE Posted August 3, 2005 Share Posted August 3, 2005 "Hacking" the TCPA/TPM might constitute a very serious criminal violation of the DCMA. So, it can not be discussed in this forum nor attempted without permission from Apple. However, we are entitled to "study" how the TCPA/TPM system operates and talk about it in context of free speech. On strictly theoretical grounds, we should consider two different scenerios: 1) TCPA/TPM software on TCPA/TPM hardware. 2) TCPA/TPM software on normal hardware. Clearly, in the second scenerio the software is vulnerable to modification as the hardware is not in place to test it's integrity. DCMA does not apply outside of the United States. Link to comment Share on other sites More sharing options...
bofors Posted August 3, 2005 Share Posted August 3, 2005 DCMA does not apply outside of the United States. That's right, the DCMA only applies to people under US jurisdiction. Unfortunately, this site appears to be hosted in the USA. That may have to change, but until it does we need to exercise a little caution. I would assume that Apple is watching this "research" develop very closely. We certainly do not want anyone here going to jail or even facing a civil lawsuit. Link to comment Share on other sites More sharing options...
lanny Posted August 4, 2005 Share Posted August 4, 2005 I'm just talking about protection in general. With the current architecture i don't think an effective protection can be used in sw or hw. Really safe methods (ie encrypted communication between hw modules) would be a death of the performance. And as long as the whole industry is based on artificially dictated growth noone would do that. (Offtopic conspiracy theory: we all know Moore's law, but do we need it? Does Photosop CS2 as much more that PS6 did? Is OSX's performance good because of it uses as much computing power, or just because a good design?) Link to comment Share on other sites More sharing options...
bofors Posted August 4, 2005 Share Posted August 4, 2005 I think that it is theorectical possible to make hardware that refuses to run software it does not "like." This means to me that this scenerio TCPA/TPM software on TCPA/TPM hardware could be secure per se. But of course, the software would be hackable to run on normal hardware and the TCPA/TPM would be modifiable (like with a mod chip) to provide another route of circumvention. The problem as I see it, is that the TCPA/TPM hardware would have to be very sophisticated. It would have to know what all the allowed software is and all that software would have to be TCPA/TPM. I do not think this is realistic for PCs. Link to comment Share on other sites More sharing options...
Recommended Posts