02.18.10

Microsoft’s General Manager of ‘Trustworthy’ Computing Quits as TPM Gets Cracked

Posted in DRM, GNU/Linux, Hardware, Kernel, Mail, Microsoft, Standard at 8:53 pm by Dr. Roy Schestowitz

Summary: More cornerstones of Microsoft’s lock-in break apart and Outlook too is suffering from serious issues

DEPARTURES from Microsoft carry on as the company is failing [1, 2, 3, 4]. The latest Microsoft manager to jump ship will add to Amazon poison (many former Microsoft executives are moving there, e.g. [1, 2]), but the most interesting detail was his professional focus at Microsoft:

Microsoft has lost another key employee to Amazon.com. George Stathakopoulos, a computer security expert who’d been with Microsoft for nearly two decades, took a job at Amazon, Microsoft spokesman Lou Gellos confirmed. Stathakopoulos was general manager of the Trustworthy Computing Group at Microsoft and was front and center in Microsoft’s efforts to combat the Conficker worm last year.

“Trustworthy Computing Group,” eh? What an Orwellian title/name for the group.

For those who have not heard yet, Microsoft’s Xbox DRM is going down the loo. Here is one report about the subject (published yesterday):

Hardware hacker Christopher Tarnovsky just wanted to break Microsoft’s grip on peripherals for its Xbox 360 game console. In the process, he cracked one of the most heavily fortified chips ever put into a consumer device.

[...]

Its genesis came when Tarnovsky learned that manufacturers of video game controllers had to obtain a license from Microsoft for the peripherals to work on the Xbox 360. The requirement offended his sense of fair play, so he put his reverse engineering muscle to breaking it.

“I was very surprised they would put a security chip in a wired controller, as well as a wireless controller,” he said. “It’s very monopolistic what they’ve done. They have a right to do it, but I have a right to break it too.”

[...]

Using the tungsten as microscopic bridges, Tarnovsky said, he can digitally clone chips used to prevent piracy of satellite TV service, to disable unauthorized cartridges in printers – or to make Xbox game controllers.

“You could counterfeit this chip,” he said, although he stressed he had no plans to use the hack for illegal purposes.

One of our readers “thought that the boot sequence in WinTEL hardware was restricted such that unauthorised software couldn’t get on to it,” according to mail he sent us last night regarding TPM getting cracked. He adds: “Remember how dual-boot couldn’t work anymore if Bitlocker was active? It’s called Trusted Platform Module (TPM) and utilised a ‘trusted boot pathway’. Why isn’t the big story that TPM is broken?”

Well, actually, is it being reported and circulated more widely while we write this. Attempts to put TPM in Linux will hopefully fail too; it’s a case of security as lock-in, to use the words of Bill Gates. Our Linux DRM warnings go a while back as it's a curse, not a feature or a blessing. There is a similarity here.

For those who think that Microsoft DRM/TPM is the only thing breaking today, here is another one to have a field day with:

Outlook bug creates monster e-mail files

Microsoft is trying to fix a bug in the e-mail program Outlook 2010 Beta that creates unusually large e-mail files that take up too much space.

They just cannot implement things properly, can they? They also ignore mail storage standards, which helps not at all. █

Share this post: These icons link to social bookmarking sites where readers can share and discover new web pages.

Permalink Mail Send this to a friend

If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Pages that cross-reference this one

Microsoft Resorts to Blame Games (Against Exploiters of Microsoft’s Own Flaws and Against Google)

8 Comments

Yuhong Bao said,

February 18, 2010 at 9:31 pm

““Trustworthy Computing Group,” eh? What an Orwellian title/name for the group.”
Don’t confuse Trustworthy Computing with Trusted Computing, only the latter is Orwellian.

Roy Schestowitz Reply:
February 18th, 2010 at 9:50 pm
There is nothing “Trustworthy” about Windows.

And by the way, there is no confusion. I didn’t blend TPM with DRM (which also can relate to Tivoization) and the “Trustworthy Computing Group”.

your_friend Reply:
February 18th, 2010 at 11:59 pm
There is nothing trustworthy about any non free software.

Have you seen this developing scandal, where a US school system used school issued laptop cameras to spy on grade school students? Remember the , in Lenovo/TPM roll out NSW and other school systems [2]? Look at the same bogus excuses and language that inverts the trust relationship and makes the child the untrustworthy criminal to be monitored. If ever there was a good case against non free software and TPM, this is it.

This is the future non free software companies want for us and why they killed the OLPC program. Instead of a roll out of millions of cheap, free software devices that encourage sharing and real learning, we see expensive deployments of user hostile software that’s not even well suited for corporate cube. Sharing eliminates the power of incumbent publishers and telco companies, so they hate your freedom.

Roy Schestowitz Reply:
February 19th, 2010 at 5:08 am
I didn’t know about Blake J. Robbins v. Lower Merion School District. Thanks for that.
Yuhong Bao said,

February 18, 2010 at 10:00 pm

“he sent us last night regarding TPM getting cracked. ”
Last words point to an article unrelated to TPM.

Roy Schestowitz Reply:
February 18th, 2010 at 10:03 pm
Here are some better links from the news (our reader sent a rootkit case):

http://www.h-online.com/security/news/item/Hacker-extracts-crypto-key-from-TPM-chip-927077.html
http://www.bit-tech.net/news/bits/2010/02/10/tpm-security-cracked-wide-open/1
http://www.theinquirer.net/inquirer/news/1591069/ex-army-bloke-us-ready-cyber-war
http://www.google.com/hostednews/ap/article/ALeqM5j-OodvoFRhEcpfvnK5C7YL6JWJBQD9DO79A81

Yuhong Bao Reply:
February 18th, 2010 at 10:05 pm
Thank you, one of these is what the link should have been pointing to.

Roy Schestowitz Reply:
February 18th, 2010 at 10:06 pm
Well, thanks a lot for spotting this.

What Else is New

Links 10/1/2017: Synfig 1.2, Kodachi Linux 3.7

Links for the day
With Help From the US Supreme Court (Key Cases), Patent Trolls Are Going Away

The demise of patent trolls in the United States, a trend partly attributable to Alice and other Supreme Court decisions, will likely accelerate soon (later this year) as the future of the Eastern District of Texas courts is at stake
Patent Maximalism on Display: Patent Aggressor IBM Celebrated in the Media

The patent lust at IBM, which is suing if not just shaking down companies using software patents, earns plenty of puff pieces from the corporate media
FFPE-EPO, the EPO Management's Pet/Yellow Union, Helps Union-Busting (Against SUEPO) in Letter to Notorious Vice-President

In a letter to Elodie Bergot (as CC) and Željko Topić, who faces many criminal investigations, FFPE-EPO ringleaders reveal their allegiance not to EPO staff but to those who perpetually attack the staff
Links 9/1/2017: Civilization VI Coming to GNU/Linux, digiKam 5.4.0 Released

Links for the day
Links 9/1/2017: Dell’s Latest XPS 13, GPD Pocket With GNU/Linux

Links for the day
Update on Patent Trolls and Their Enablers: IAM, Fortress, Inventergy, Nokia, MOSAID/Conversant, Microsoft, Intellectual Ventures, Faraday Future, A*STAR, GPNE, AlphaCap Ventures, and TC Heartland

A potpourri of reports about some of the world’s worst patent trolls and their highly damaging enablers/facilitators, including Microsoft which claims that it “loves Linux” whilst attacking it with patents by proxy
Mark Summerfield: “US Supreme Court Decision in Alice Looks to Have Eliminated About 75% of New Business Method Patents.”

Some of the patent microcosm, or those who profit from the bureaucracy associated with patents, responds to claims made by Techrights (that software patents are a dying breed in the US)
Eight Wireless Patents Have Just Been Invalidated Under Section 101 (Alice), But Don't Expect the Patent Microcosm to Cover This News

Firms that are profiting from patents (without actually producing or inventing anything) want us to obsess over and think about the rare and few cases (some very old) where judges deny Alice and honour patents on software
2017: Latest Year That the Unitary Patent (UPC) is Still Stuck in a Limbo

The issues associated with the UPC, especially in light of ongoing negotiations of Britain's exit from the EU, remain too big a barrier to any implementation this year (and probably future years too)
Links 7/1/2017: Linux 4.9.1, Wine 2.0 RC4

Links for the day
India Keeps Rejecting Software Patents in Spite of Pressure From Large Foreign Multinationals

India's resilience in the face of incredible pressure to allow software patents is essential for the success of India's growing software industry and more effort is needed to thwart corporate colonisation through patents in India itself
Links 6/1/2017: Irssi 1.0.0, KaOS 2017.01 Released

Links for the day
Watchtroll a Fake News Site in Lobbying Mode and Attack Mode Against Those Who Don't Agree (Even PTAB and Judges)

A look at some of the latest spin and the latest shaming courtesy of the patent microcosm, which behaves so poorly that one has to wonder if its objective is to alienate everyone
The Productivity Commission Warns Against Patent Maximalism, Which is Where China (SIPO) is Heading Along With EPO

In defiance of common sense and everything that public officials or academics keep saying (European, Australian, American), China's SIPO and Europe's EPO want us to believe that when it comes to patents it's "the more, the merrier"
Technical Failure of the European Patent Office (EPO) a Growing Cause for Concern

The problem associated with Battistelli's strategy of increasing so-called 'production' by granting in haste everything on the shelf is quickly being grasped by patent professionals (outside EPO), not just patent examiners (inside EPO)
Links 5/1/2017: Inkscape 0.92, GNU Sed 4.3

Links for the day
Links 4/1/2017: Cutelyst 1.2.0 and Lumina 1.2 Desktop Released

Links for the day
Financial Giants Will Attempt to Dominate or Control Bitcoin, Blockchain and Other Disruptive Free Software Using Software Patents

Free/Open Source software in the currency and trading world promised to emancipate us from the yoke of banking conglomerates, but a gold rush for software patents threatens to jeopardise any meaningful change or progress
New Article From Heise Explains Erosion of Patent Quality at the European Patent Office (EPO)

To nobody's surprise, the past half a decade saw accelerating demise in quality of European Patents (EPs) and it is the fault of Battistelli's notorious policies
Insensitivity at the EPO’s Management – Part V: Suspension of Salary and Unfair Trials

One of the lesser-publicised cases of EPO witch-hunting, wherein a member of staff is denied a salary "without any notification"
Links 3/1/2017: Microsoft Imposing TPM2 on Linux, ASUS Bringing Out Android Phones

Links for the day
Links 2/1/2017: Neptune 4.5.3 Release, Netrunner Desktop 17.01 Released

Links for the day
Teaser: Corruption Indictments Brought Against Vice-President of the European Patent Office (EPO)

New trouble for Željko Topić in Strasbourg, making it yet another EPO Vice-President who is on shaky grounds and paving the way to managerial collapse/avalanche at the EPO
365 Days Later, German Justice Minister Heiko Maas Remains Silent and Thus Complicit in EPO Abuses on German Soil

The utter lack of participation, involvement or even intervention by German authorities serve to confirm that the government of Germany is very much complicit in the EPO's abuses, by refusing to do anything to stop them
Battistelli's Idea of 'Independent' 'External' 'Social' 'Study' is Something to BUY From Notorious Firm PwC

The sham which is the so-called 'social' 'study' as explained by the Central Staff Committee last year, well before the results came out
Europe Should Listen to SMEs Regarding the UPC, as Battistelli, Team UPC and the Select Committee Lie About It

Another example of UPC promotion from within the EPO (a committee dedicated to UPC promotion), in spite of everything we know about opposition to the UPC from small businesses (not the imaginary ones which Team UPC claims to speak 'on behalf' of)
Video: French State Secretary for Digital Economy Speaks Out Against Benoît Battistelli at Battistelli's PR Event

Uploaded by SUEPO earlier today was the above video, which shows how last year's party (actually 2015) was spoiled for Battistelli by the French State Secretary for Digital Economy, Axelle Lemaire, echoing the French government's concern about union busting etc. at the EPO (only to be rudely censored by Battistelli's 'media partner')
When EPO Vice-President, Who Will Resign Soon, Made a Mockery of the EPO

Leaked letter from Willy Minnoye/management to the people who are supposed to oversee EPO management
No Separation of Powers or Justice at the EPO: Reign of Terror by Battistelli Explained in Letter to the Administrative Council

In violation of international labour laws, Team Battistelli marches on and engages in a union-busting race against the clock, relying on immunity to keep this gravy train rolling before an inevitable crash