I still assert that you're absolutely incorrect. Hardware and software cannot be left perpetually immutable, and the changes necessarily inherent must be able to be validated in order to be trusted. Allowing authorized changes also necessarily invites unauthorized modifications.
They don't have to be left immutable, there just has to be
real controls on the mutability: proper filesystem permissions and permissions enforcement for software, and
real write-protection for firmware. There's always going to be the need for an administrator role in which these things can be taken care of, but Microsoft apparently intends UEFI to be an administrator of the administrator.
This is stupid.In any real-world system you're going to have to trust someone, and it makes a hell of a lot more sense to have that be someone you
know and whom you can directly interact with (and, if you're a business, someone who's on your payroll) rather than a faceless megacorporation that has no real incentive to pay attention to
your needs when there's millions of other people who don't care as long as their vanilla setup boots.
I work in IT, I've seen how much hell my boss has to go through just to even
get ahold of the vendors for our equipment, let alone get them to actually
fix it. If any of
us was allowed to touch the rig, though, we could probably take care of at least the basic issues.
Why, in God's name, would you
ever want
more of these relationships at even lower levels in your computing setup?
I believe that the TPC addresses this well, in which you can have completely separate entities, in hardware and software, readily identify each other for the purpose of trust.
Again, my complaint isn't that it doesn't
work. It's that there are simpler ways to achieve the same goal that
don't involve the creation of licensing authorities who could very easily find themselves having a stake in which software gets to run on what hardware.
There is no "sane" OS in which you can perfectly achieve separation between user and system which cannot be breached. I remember when BSD jails were the end-all be-all, and then they were broken.
You're right.
That means they need to get fixed, not introduce another layer of the checks with an option to lock out whatever the vendor doesn't want you running.
None of this withstanding, on the whole, anti-TPM arguments reek of the disciples of Stallman, who has a rampant distrust for the Evil Corporations. The reaction to the Trusted Platform is wholly over-blown, just as much as every new security measure which has been decried as Yet Another DRM.
You know what, though?
We need paranoiacs like Stallman. The whole direction of industry thought in the past fifteen years has been this idea that control needs to be taken away from end-users, not just in specific environments like business networks where it can pose a problem, but
in general, on principle. DRM, "trusted computing," the talk of "cloud computing" as The Future of Everything Computer, they're all instances of the same general trend, to bring as much as possible in the computer under the control of authorities as far from the person in front of the keyboard as possible.
This is not what the personal computer was supposed to be about.Yes, Stallman is weird, paranoid, didactic, and most probably overstating the case, and certainly many of his followers are. But as they say, "just because you're paranoid doesn't mean they're not after you." Maybe you're right and this whole business is just Microsoft abandoning every sinister megalomaniacal tendency they've ever shown and working for the good of the public without regard to OS turf wars -
but what if it's not?We need crazy, paranoid streetcorner ravers in this industry because
the whole God-damn rest of it is so content to go along with whatever stupid thing is handed down on high from the almighty Conferences. If the general computing public isn't going to question anything, at least we have the crazies to question it loudly and viciously enough that J. Random User might sometimes overhear.