Atari Founder Proclaims the End of Gaming Piracy 831
OMGZombies writes "Speaking on a conference held yesterday in New York, the Atari founder Nolan Bushnell said that a new stealth encryption chip called TPM will 'absolutely stop piracy of gameplay'. The chip is apparently being embedded on most of the new computer motherboards and is said to be 'uncrackable by people on the internet and by giving away passwords' though it won't stop movie or music piracy, since 'if you can watch it and you can hear it, you can copy it.'"
Atari founder cries wolf about piracy-ending chip (Score:5, Informative)
TPM wtf? (Score:5, Informative)
It's pretty much Palladium all over again. Remember that?
Re:Yes. (Score:5, Informative)
The system creates a hash key based upon an analysis of the encrypted software and hardware combined together. If this matches a third party checksum, then the third party releases the decryption key to the encrypted software.
This would make sense for networked console games or PC's with broadband connections.
Re:Who needs an atari machine to play games (Score:3, Informative)
Re:How to stop game piracy.... (Score:5, Informative)
Simple...let's go back to the cartridges...
Re:OMG Trustable Computing! (Score:4, Informative)
Re:Play it (Score:5, Informative)
It'd be pretty hard to do (Score:4, Informative)
But heck, it's the securiest OS on the planet be running those games. TPM is irrelevant then.
Re:With apologies to the original author... (Score:5, Informative)
Re:Fire up the soldering irons... (Score:5, Informative)
Sure there will be some code that talks to the TPM - the so called Trusted Computing Base (TCB). This will be built into unchangeable ROM or into the CPU itself. You'll have to work at Intel or AMD to have the technology to get around this.
The game itself will be encrypted with a small wrapper doing the handshake with the manufacturer to load the decryption key into the TPM.
There are only a few options to get around this:
I'll go for (3), that's for sure.
TPM == Trusted Platform Module (Score:2, Informative)
Re:TPM is Optional (Score:3, Informative)
Or later, to run that HSD approved "connection monitor" ( which would be called something like "security protector" ) to be allowed to connect to your ISP.
Re:Virtual Machines (Score:1, Informative)
No, but they don't have to -- they just can't access anything that's locked by the TPM (or more accurately, encrypted such that the TPM is the ultimate custodian of the keys). Plenty of existing copy protection mechanisms already don't work in virtual machines.
Re:Fire up the soldering irons... (Score:5, Informative)
Try two years. And AACS still isn't truly broken.
Re:It'd be pretty hard to do (Score:2, Informative)
We had this (Score:2, Informative)
Re:Fire up the soldering irons... (Score:2, Informative)
TPM != NGTCB (Score:5, Informative)
The current version of the TPM is not in the active path at all. Fundamentally, all a TPM 1.2 chip is, is a smart card that is attached to the motherboard. The only difference between it and an Aladdin eToken that is plugged into a USB port are two things. First, are the platform configuration registers, which you manually have to put data into, and second the TPM is resettable from the BIOS screen.
TPM chips, as per the TCG 1.2 spec ship disabled and deactivated, and the user of the machine has to go into BIOS to enable the chip and take physical ownership. Otherwise, it can't be accessed by the machine in any way.
Motherboards TPM chips are rare to find. For a server I built that is to be able to boot unattended, but have all its volumes encrypted using BitLocker, I had to chase down stats on Intel's website and compare them to currently selling motherboards, then cross-reference them to make sure there was an actual chip, and not just BIOS headers.
The Atari founder is quite wrong. Using the TPM won't give much protection from pirates. We've already hard hardware devices encrypting software for decades -- the good old fashioned dongles.
Second, no modern OS ships with a trusted, sealed OS path that is forever static and can be signed from the OS company and passed directly to the TPM like console operating systems are done. Windows Server 2008 has different drivers load for RAID and other low level devices which vary widely party. For example, If you install a new role like Hyper-V on Windows Server 2008, you have to disable and re-enable BitLocker, or the OS path won't be the same. Bitlocker doesn't use OS signatures from a central source, when its enabled, it does its own signing and sealing of the boot path and other user selectable data (BIOS settings, NTFS stats, MBR, partition table.)
The Atari founder assumes too much. PCs are not consoles where having a chip on a static OS and hardware can provide adequate protection. For the TPM chip on PCs to be used for piracy protection, every gaming machine would have to have one physically present, enabled, activated, and ownership taken in the OS the chip is running under, the OS would have to have a static low level kernel that never changes from machine to machine regardless of CPU or devices installed, which for a PC is virtually impossible.
TPM chips also have been emulated too. All it takes is one person to be able to bypass the protection, and the game is cracked.
All and all, in my personal experience, TPM chips are a good thing, especially with BitLocker. A server can boot unattended but still possess hard disk encryption so someone who gets physical access to the box can't just boot a CD and copy off the server's contents. I'd recommend this for co-loc boxes, especially in these times where thieves are learning that a data center heist can net far more cash in information to sell on the ID theft market (or just plain old extortion) than a bank robbery would haul in.
A laptop owned by a company bound by corporate regs can use BitLocker or PGP to ensure the laptop has hard disk encryption, but doesn't have any more passwords the user has to remember. Finally, someone can use BitLocker + a PIN, so if someone steals a laptop or machine, they only have 3-5 guesses before the TPM refused entries or starts adding substantial delays between password guesses.
Of course, there are hard disk encryption programs with pre-boot authentication (TrueCrypt, PGP, etc.), but BitLocker is the only one that offers the feature of booting a machine completely unattended, but yet remain secure. Of course, one can have an OS boot then manually mount encrypted volumes, but BitLocker removes the hassle of this, especially if the machine is in a remote location where no admins would be present, and a network connection is not feasible.
The TPM chip in its current form is a security asset (IMHO). It, in its current incarnation, would provide little help for new DRM or antipiracy schemes.
Re:Fire up the soldering irons... (Score:3, Informative)
Oh, and the other (obvious) assumption that an attacker doesn't already have the key.
The confusion arises from assuming encryption can be applied to copy protection. It can't. That fails the second test above -- the "attacker" is the end-user, and if they didn't have a working key in some form, they couldn't play the game. Because they have the key, they can copy the game, full stop.
It might take awhile, but it's not the encryption that's flawed, it's the very concept of DRM. As the old saying goes, "Trying to make bits not copyable is like trying to make water not wet."
The only real result of most of these schemes is to piss off the end-user to where we'll actually buy the game, and then download a crack. I'm argue that DRM causes at least as much piracy as it solves.
Re:Atari founder cries wolf about piracy-ending ch (Score:3, Informative)
The FSF and EFF have been upset about this for a long time, and for a good reason. The initial design of Windows Vista would have included a "trusted kernel" which would've allowed only trusted applications and documents. Luckily, they could not enforce the original design.
Re:TPM != NGTCB (Score:3, Informative)
Horseshit. Apart from being mostly specious crap based on the idea that TPMs aren't abused YET... you are dodging the real issue. TPMs allow "remote attestation" - a software maker can ask your machine whether everything is in an approved state - are you running "cracked" software (does the digital signature of the code match), and if not... refuse to deal with you. Hence NB's comment about it not stopping music/video piracy... it's SOFTWARE that the TPM will control: your use of it, your ownership of it, and what you can know about how it works, what it is recording, what it is doing etc etc. This is why the technology companies have such hard-ons for it, and why they constantly lie and dodge when asked about their functions (it doesn't help that the basic problem with them is somewhat abstract as understanding it requires some CS knowledge).
Many of the basic concepts of the TPM could be an asset, but they were designed for DRM from the start, they were born out of a long-term project to allow Microsoft etc to enforce their EULAs. They were designed from the basic principle that the owner of the machine is a thief who cannot be trusted and must therefore be policed.
The short version is: you do not own a machine with a TPM. The software maker does.
Re:Fire up the soldering irons... (Score:5, Informative)
Re:Fire up the soldering irons... (Score:5, Informative)
Re:Try running GTA IV on your PC (Score:5, Informative)
PR dept at Atari is having coffee and biscuits (Score:3, Informative)
Nolan Bushnell may have founded the *original* Atari, but he left in 1979 (having sold it to Warner Communications in 1976), and I see no indication that he has anything to do with the present-day company.
Besides which, the modern "Atari" is effectively just a brand purchased and used by Infogrames which has no real relationship or business continuity with the original Atari (which split into Atari Corp. and Atari Games in 1984- both streams are now effectively defunct).
The PR department at Atari probably couldn't give a toss!
Re:Fire up the soldering irons... (Score:3, Informative)
"and that will spell out a death sentence for Windows Users having a motherboard that do not support it."
There, fixed it for ya.Re:Fire up the soldering irons... (Score:5, Informative)
Re:Fire up the soldering irons... (Score:5, Informative)
Make me one while you're at it and then I'll have spare parts. Thanks.
Re:Fire up the soldering irons... (Score:3, Informative)
Re:OMG Trustable Computing! (Score:3, Informative)
Re:Fire up the soldering irons... (Score:3, Informative)
Now, if we're talking about consoles, the manufacturer can keep the keys and copying console games could be made much harder - much like Bluray etc, just an industry-standard scheme. But, for a general purpose PC, you have the keys and the TPM chip is there for your use.
Of course, the Atari guy is being an idiot here for another reason: if you can play the game, you can copy the game. Just like you can copy anything you can see or hear, you can copy the stream of instructions and game data as it passes through the CPU, and re-create the game from it, using an in-circuit emulator (ICE). An ICE is quite expensive, but not to the point it would deter anyone professionally priating games on a large scale.
Re:Yes. (Score:1, Informative)
He's on the board (Score:3, Informative)
(I used to work at Wave myself.)