04.23.09

Gemini version available ♊︎

The Bill Gates “Security as a Lock-in”: Thy Name is TPM?

Posted in Bill Gates, GNU/Linux, IBM, Kernel, Microsoft, Security, Windows at 3:15 am by Dr. Roy Schestowitz

Ogg Theora
Introduction to “Trusted Computing”:

Summary: Microsoft uses the Windows zombies disaster to promote computing whose operation can be controlled by remote authorities

BASED ON A MEMO that we shall publish one day in the future, Bill Gates intended to use “security” as a lock-in mechanism. It is very common — not just when it comes to Microsoft for that matter — to use “security” as an excuse for seizing greater control. We saw it when comes to OOXML very recently.

It’s no exaggeration to say that Microsoft totally dropped the ball when it comes to security. According to the following new report which stems from Microsoft friend and pusher for software patents in Europe (namely Finjan [1, 2, 3, 4, 5, 6]), even governments are severely impacted by this.

Botnet ‘ensnares government PCs’

[...]

The Cabinet Office would not give details of what the compromised machines had been instructed to do, nor the names of the different government departments that had been infiltrated.

This one particular report mentions Windows, but many similar reports so characteristically do not; they must be too shy. And here we have another new report from a security conference where Microsoft proposes ineffective cure for a disease it created. Microsoft uses this catastrophe to promote TPM, which would have many devastating effects.

Regarding this article, says one person:

The most successful security model would be to deny all Windows computers connection to the Internet. There, all done. No more viruses, no more spam, no more bot nets.

Another says that “this stuff is scary” and the last message explains what Microsoft could be up to.

I don’t mind TPM as long as *I* get to control it. I’ll even be willing to *permit* it to participate in Microsoft’s chain of trust, as long as I can also use it to boot my own OS that *I* trust.

Prediction… As soon as new PCs come with TPM that trusts only Microsoft, we’ll see just how trustworthy that whole business/software model is. It’ll either get cracked, or the market will head in the other direction. It isn’t just Freedom-Heads here, it’s also companies that want to control their own images. Customer-controlled TPM is good for them as well as me. Microsoft-controlled TPM is good only for Microsoft.

As we showed before, IBM may be trying to do the same thing to Linux, so we are appending some information below.
_______
[1] IBM Brings Trusted Computing to Linux

The architecture involves the “Trusted Platform Module” (TPM) chip that provides hardware storage of private keys, making it impossible for hackers to spoof computer systems. Any attempts to hack into the system would change the system code, which could be easily detected. By adding a new feature to Linux, the research team has successfully performed security checks that go above and beyond checking the first few steps in powering on the system, the feature designed by TCG. The new solution validates the operating system kernel and all application software running on the system.      

[2] Cisco, Microsoft, Others Get Together On Security

Microsoft, Cisco Systems and the open-standards Trusted Computing Group each developed their own NAC approaches, which use a variety of software and hardware to boost network security.

[3] Why the world needs openness, not interoperability.

This NAC/NAP lovefest would be laughable if it weren’t such a kick-in-the-teeth to the rest of the industry, enterprise IT, and all Internet users. A Cisco/Microsoft oligopoly stalls implementation, stifles innovation, and makes the network less secure. In this way, Cisco and Microsoft are standing in the way of progress.

[4] Trusted Or Treacherous Computing?

Microsoft describes how to revoke rights to render based on ‘who the user is, where the user is located, what type of computing device or other playback device the user is using, what rendering application is calling the copy protection system, the date, the time, etc.’ Someuch for Microsoft’s you-should-have-control assurances.

[5] The Future of Trusted Linux Computing

TC With User Freedom At Helm. The idea of TC in the Linux world is actually a fairly reasonable one. Providing a root-locked, buttoned down environment that system administrators will be able to control the security of the controlled network and those workstations within it.

With the absence of proprietary code in the mix, users will indeed, find themselves more inclined to trust their own administrators to make the best choices under such a controlled environment.

[6] Root-locked Linux for the masses

Eddie Bleasdale, open source evangelist and the man behind NetProject, has a new plan. Secure, managed desktop computing: Linux for the non-techies.

At the heart of the Trusted Computing Project is a £200 black box, about the size of those funny little Mac boxes, running a root-locked Ubuntu distribution. The user pays an annual fee of £50 for secure support from a proper Linux geek.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. [Teaser] Rape is Not a Joke

    Having just uploaded a police report, we’re starting to move the ongoing series to the next phase, which will still be — for the most part — weekly installments on Mondays (for months to come)



  2. [Teaser] Meet Microsoft’s Chief Architect of GitHub Copilot, Balabhadra (Alex) Graveley

    Alex Graveley, a serial abuser, has been protected by Microsoft; what does that say about Microsoft and about Nat Friedman, GitHub’s CEO whom Alex considers his "best friend"? Stay tuned as we have plenty more to show



  3. IRC Proceedings: Tuesday, December 07, 2021

    IRC logs for Tuesday, December 07, 2021



  4. Links 8/12/2021: FreeBSD 12.3, EasyOS 3.1.13, and WordPress 5.9 Beta 2

    Links for the day



  5. [Meme] EU Assurances

    The EPO‘s staff cannot be blamed for losing patience as elected public representatives completely fail to do their job (with few exceptions)



  6. Clare Daly (GUE/NGL) Does What Every Public Official in Europe Should Have Done About EPO Shenanigans

    There’s another (new) push to hold the EPO accountable, seeing that the overseers clearly do not do their job and instead cover up the abuses



  7. Links 7/12/2021: Firefox 96 Beta and Fedora 37 Abandons ARMv7

    Links for the day



  8. Links 7/12/2021: Plasma Mobile Gear 21.12 and Tails 4.25

    Links for the day



  9. All IRC Logs Now Available as GemText Over Gemini Protocol

    Today we've completed the transition from plain text over gemini:// to GemText over gemini:// for IRC logs



  10. IRC Proceedings: Monday, December 06, 2021

    IRC logs for Monday, December 06, 2021



  11. [Meme] Rowing to the Bottom of the Ocean

    The EPO‘s Steve Rowan (VP1) is failing EPO staff and sort of “firing” workers during times of crisis (not at all a crisis to the EPO’s coffers)



  12. EPO Gradually Reduced to 'Fee Collection Agency' Which Eliminates Its Very Own Staff

    Mr. Redundancies and Mr. Cloud are outsourcing EPO jobs to Microsoft and Serco as if the EPO is an American corporation, providing no comfort to long-serving EPO staff



  13. Linux Foundation 2021 Annual Report Made on an Apple Mac Using Proprietary Software

    Yes, you’re reading this correctly. They still reject both “Linux” and “Open Source” (no dogfooding). This annual report is badly compressed; each page of the PDF is, on average, almost a megabyte in size (58.8 MB for a report of this scale is unreasonable and discriminates against people in countries with slow Internet connections); notice how they’re milking the brand in the first page (straight after the cover page, the 1991 ‘creation myth’, ignoring GNU); remember that this foundation is named after a trademark which is not even its own!



  14. Links 7/12/2021: OpenIndiana Hipster 2021.10 and AppStream 0.15

    Links for the day



  15. Microsoft “Defender” Pretender Attacks Random Software That Uses NSIS for installation; “Super Duper Secure Mode” for Edge is a Laugh

    Guest post by Ryan, reprinted with permission



  16. Links 6/12/2021: LibreOffice Maintenance Releases, Firefox 95 Finalised

    Links for the day



  17. “Wintel” “Secure” uEFI Firmware Used to Store Persistent Malware, and Security Theater Boot is Worthless

    Guest post by Ryan, reprinted with permission



  18. No Linux Foundation IRS Disclosures Since 2018

    The publicly-available records or IRS information about the Linux Foundation is suspiciously behind; compared to other organisations with a "tax-exempt" status the Linux Foundation is one year behind already



  19. Jim Zemlin Has Deleted All of His Tweets

    The Linux Foundation‘s Jim Zemlin seems to have become rather publicity-shy (screenshots above are self-explanatory; latest snapshot), but years ago he could not contain his excitement about Microsoft, which he said was "loved" by what it was attacking. Days ago it became apparent that Microsoft’s patent troll is still attacking Linux with patents and Zemlin’s decision to appoint Microsoft as the At-Large Director (in effect bossing Linus Torvalds) at the ‘Linux’ Foundation’s Board of Directors is already backfiring. She not only gets her whole salary from Microsoft but also allegedly protects sexual predators who assault women… by hiring them despite repeated warnings; if the leadership of the ‘Linux’ Foundation protects sexual predators who strangle women (even paying them a salary and giving them management positions), how can the ‘Linux’ Foundation ever claim to represent inclusion and diversity?



  20. Microsoft GitHub Exposé — Part IX — Microsoft's Chief Architect of GitHub Copilot Sought to be Arrested One Day After Techrights Article About Him

    Balabhadra (Alex) Graveley has warrant for his arrest, albeit only after a lot of harm and damage had already been done (to multiple people) and Microsoft started paying him



  21. The Committee on Patent Law (PLC) Informed About Overlooked Issues “Which Might Have a Bearing on the Validity of EPO Patents.”

    In a publication circulated or prepared last week the Central Staff Committee (CSC) of the EPO explains a situation never explored in so-called 'media' (the very little that's left of it)



  22. Links 6/12/2021: HowTos and Patents

    Links for the day



  23. IRC Proceedings: Sunday, December 05, 2021

    IRC logs for Sunday, December 05, 2021



  24. Gemini Space/Protocol: Taking IRC Logs to the Next Level

    Tonight we begin the migration to GemText for our daily IRC logs, having already made them available over gemini://



  25. Links 6/12/2021: Gnuastro 0.16 and Linux 5.16 RC4

    Links for the day



  26. Links 5/12/2021: Touchpad Gestures in XWayland

    Links for the day



  27. Society Needs to Take Back Computing, Data, and Networks

    Why GemText needs to become 'the new HTML' (but remain very simple) in order for cyberspace to be taken away from state-connected and military-funded corporations that spy on people and abuse society at large



  28. [Meme] Meanwhile in Austria...

    With lobbyists-led leadership one might be led to believe that a treaty strictly requiring ratification by the UK is somehow feasible (even if technically and legally it's moot already)



  29. The EPO's Web Site is a Parade of Endless Lies and Celebration of Gross Violations of the Law

    The EPO's noise site (formerly it had a "news" section, but it has not been honest for about a decade) is a torrent of lies, cover-up, and promotion of crimes; maybe the lies are obvious for everybody to see (at least EPO insiders), but nevertheless a rebuttal seems necessary



  30. The Letter EPO Management Does Not Want Applicants to See (or Respond to)

    A letter from the Munich Staff Committee at the EPO highlights the worrying extent of neglect of patent quality under Benoît Battistelli and António Campinos; the management of the EPO did not even bother replying to that letter (instead it was busy outsourcing the EPO to Microsoft)


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts