Reading (For Dummies)

Battle Lines are Drawn

AMI today announced something extremely disturbing, their first computer with a bios that ensures your bootloader is "trustworthy". I guess lots of the nerds who read me aren't nerds of computers (yeah, I've been talking not your jive lately). But don't buy one of things, please. I see one of two things possible happening, but before I go into that, I should give the non-techies a little background on the TCPA.

The TCPA was created to, well, create a Trusted Computed Platform. It has a bunch of projects, but the one on everyone's mind is this BIOS thing, called the Trusted Platform Module. The BIOS of your computer is what tells it how to boot, among other things. It says, "Okay, I see this stuff in the computer: A hard disk, a CDROM drive, a network card, a video card. What do I boot off of? Okay, my settings say to boot from the hard disk. Here goes..." It then loads what is called a boot loader from the front of the hard disk. This is a little program that makes magic happen: it loads your operating system into memory and gets it to a point where the operating system can do the rest of the work.

The BIOS in a TPM-equipped computer will instead look at your computer and see all the hardware, but will not boot off the hard disk yet. It will check out this boot loader and see if it can be trusted, by doing a little cryptographic checksum on it. Basically fancy math on the data that makes it impossible to trick the TPM BIOS*.

The rest of the story isn't really related to the BIOS, but I'll tell it anyway, because it's important. The boot loader should, it is assumed, only load an OS that is TCPA-certified, and in turn that OS will only run software that is TCPA-certified. It's kind of a good idea, at the heart: Your computer makes sure that no nasty software is running on it, for you. But there's a pretty big problem that a lot of people, and that's Microsoft.

Microsoft, of course, is looking for money. All the companies on board are. But Microsoft is the only one in the alliance whose primary product is software. I smell monopoly. And yes, Microsoft is on the board, have a look

I see one of two things happening:
1) Microsoft tries to bully the Alliance into making a Windows bootloader the only trusted bootloader.
2) The hardware companies (who all pretty much like Linux), calling Windows an untrustworthy platform and excluding its bootloaders from the list of trusted ones.

Of course, this problably means that the third option will happen:
3) Both of the above. The alliance will dissolve, and bye-bye to our worries.

Okay, so confession. I'm a linux-lover, and a Microsoft-hater. But if either 1 or 2 happens, that's Really Bad. Competition is good. No competition is like creating a wonderfully stagnant pool for the mosquitoes.

The whole TCPA thing would be kind of useful, actually, but not for a consumer market. I envision it being used in large networked data centers, and other places where security is a big deal, and you want to be sure nobody's tinkered with your operating system while you weren't looking.

But, I must reiterate, don't buy these for home use. If you do, you may end up being stuck in (in fact, sticking us _all_ in) situation 1 or 2 above.

* Well, fancy math that nobody's proven yet, but nobody's disproven either. Funny that we rely on it so much.

Posted by reid at January 9, 2003 10:16 PM | TrackBack