Some of the most pirated games in history have also been some of the most profitable. Consider it a badge of honor that your game is desired by 'pirates'. Pirates talk to less tech savvy people which leads to more game sales.
The TPM doesn't live "on the motherboard"; it lives in the Intel chipset. It's not something you just elect not to mount on your board.
Even if it was elective --- and again it isn't --- it helps most consumers more than it hurts. Modders are perhaps 1% of the market. Considerably more than 1% of the market wants full disk encryption and two-factor auth to their bank accounts, both things that the TPM offers.
Economies win arms races. The Cold War ended because we outspent the Soviets. The DRM arms race will work the same way; it's over when one side makes it prohibitively expensive for the other to keep up.
If you look at the amount of effort it took to break the last X360 iteration, or the fact that there's still no public break of Apple FairPlay, you can see where this is going. If it costs $500,000 to break BD+ v1, and Macrovision has v2, v3, v4, and v5 sitting on the shelf, DRM starts to look a little less silly.
I think you're massively overrating the latent pool of reversing and software protection talent, and I backed my argument up with examples. There aren't 1,000 DVD Jon's out there.
[late] Let me reword that: if you can break BD+, you do have something better to do, and you can charge 250-350/hr to do it.
There are no details on how this is going to work, and I don't think it will. The TPM is not a magic crypto-chip that only the game manufacturers know about. It's designed to help the user protect his own data. Regardless of any encryption, eventually the CPU will have to execute instructions that aren't encrypted. (Hint: memory, cache, busses, etc. aren't encrypted. The PC was not designed to be a secure architecture, and it isn't.)
I assume they are planning on some sort of online distribution. You give the game publisher your TPM's public key, they encrypt it, and then the game can only be played when your TPM decrypts the game with its built-in private key. But there are tons of trivial attacks on this. For example, write a driver that looks like a TPM, but has a known secret key. One person does this, and the game is pirated.
All in all, this will fail. The TPM was not designed for this purpose.
This is all decisively untrue. The TPM (or rather, Intel TXT) was specifically designed for this purpose.
What's tripping you up is that the vocabulary they use to describe it is rootkits and OS integrity. But it's the same thing for DRM and copy protection. The idea is a chain of trust that runs from the application code all the way to the chipset, or, more simply, that the system can assure itself that it knows what code is running.
If you take away the ability to inject or modify running code, and provide a secure key store, lots of DRM systems become quite difficult to break. By and large, they work by keeping sensitive code encrypted except while it's executing.
Well of course it will end piracy. I mean, obviously. Look at how well the TPM chip stopped the OSX86 project from installing Mac OS X on non-Apple hardware!
I don't really have much specific knowledge on encryption, but I've heard over and over that this or that DRM method was "the one", and time after time they've fallen. It's enough to make me skeptical.
I do DRM for a day job, including cracking systems to find their vulnerabilities (and then patch those vulnerabilities, before the pirtes exploit them - fun!). TPM is not the same as the other solutions, it really is a bitch to crack. You're pretty much reduced to reverse enginering the entire CPU, removing the TPM module, and then fabbing your own unprotected copy of the CPU. As you can probably imagine, this is not within the reach of a couple of bored uni students.
17 comments
[ 3.3 ms ] story [ 57.5 ms ] threadI predict a large market in non TPM motherboards.
Even if it was elective --- and again it isn't --- it helps most consumers more than it hurts. Modders are perhaps 1% of the market. Considerably more than 1% of the market wants full disk encryption and two-factor auth to their bank accounts, both things that the TPM offers.
If you look at the amount of effort it took to break the last X360 iteration, or the fact that there's still no public break of Apple FairPlay, you can see where this is going. If it costs $500,000 to break BD+ v1, and Macrovision has v2, v3, v4, and v5 sitting on the shelf, DRM starts to look a little less silly.
[late] Let me reword that: if you can break BD+, you do have something better to do, and you can charge 250-350/hr to do it.
I assume they are planning on some sort of online distribution. You give the game publisher your TPM's public key, they encrypt it, and then the game can only be played when your TPM decrypts the game with its built-in private key. But there are tons of trivial attacks on this. For example, write a driver that looks like a TPM, but has a known secret key. One person does this, and the game is pirated.
All in all, this will fail. The TPM was not designed for this purpose.
What's tripping you up is that the vocabulary they use to describe it is rootkits and OS integrity. But it's the same thing for DRM and copy protection. The idea is a chain of trust that runs from the application code all the way to the chipset, or, more simply, that the system can assure itself that it knows what code is running.
If you take away the ability to inject or modify running code, and provide a secure key store, lots of DRM systems become quite difficult to break. By and large, they work by keeping sensitive code encrypted except while it's executing.