What is aegis [MSSF] and how does it affect Free Software development? - Page 3 - maemo.org

Active Topics

[HOWTO] Comprehensive Firmware Flashing Guide for N9 (1,580)
to Nokia N9 / N950 by aspergerguy - 12 hrs, 51 mins ago
Nokia N9-00 Prototype Build S1.12 (RM-680 codename "Dali") (250)
to Nokia N9 / N950 by en0s - 3 days, 9 hrs ago
[Announce] Maebble - Pebble support for Maemo (118)
to Applications by glo-worm - 3 days, 21 hrs ago
Possible to flash Leste to eMMC? (6)
to Maemo 7 / Leste by Eri - 4 days, 11 hrs ago
more...

Page 3 of 7

< Prev

Next >

Last »

Thread Tools

buchanmilne	2011-09-14 , 14:19
Posts: 196 \| Thanked: 224 times \| Joined on Sep 2010 @ Africa	#21

Originally Posted by danramos

TC is controversial because it is technically possible not just to secure the hardware for its owner, but also to secure against its owner. Such controversy has led opponents of trusted computing, such as Richard Stallman, to refer to it instead as treacherous computing, and some academic opponents have begun to place quotation marks around "trusted computing" in scholarly texts.[2][3]

Referring to Stallman here is a bit irrelevant, since I believe he doesn't use any mobile communications device out of paranoia.

The trusted computing platform need not be used to secure the system against the owner. It is possible to leave to the owner rights of authorization and have no centralized authority. It is also possible to build open source stack of trusted modules, leaving for the security chip only the task to guard against unauthorized modifications. Open source Linux drivers exist [4] to access and use the trusted computing chip. However, uncooperative operating systems can misuse security features to prevent legitimate data exchange.

Source: http://en.wikipedia.org/wiki/Trusted_Computing

As long as the security features can be disabled (along with losing access to the data that was intended to be secured by the system). IOW, if subscription to some media is only licensed with DRM intact, disabling the system should result in no access to the DRM content. While some may consider this "preventing legitimate data exchange", if the user is aware of the licensing terms and impact, they have agreed that it is not legitimate.

IMHO, Maemo was too open. I wouldn't want to see what would have happened if Maemo 5 became as popular as Android, with 100 000 apps and 5000 trojans ...

If you want to achieve mass market adoption, you need to protect users from themselves ...

Quote & Reply |

buchanmilne	2011-09-14 , 14:27
Posts: 196 \| Thanked: 224 times \| Joined on Sep 2010 @ Africa	#22

Originally Posted by momcilo

3.1 Disallow braking of the SIM/Subsidy Lock

I see nothing wrong with this technically. If you don't like subsidy locks/network locks, you should address this via non-technical means (e.g. consumer protection agency or similar) or live in a Free country :-p

3.2 Limit what can be installed on the device
• AT&T variant needs to stay AT&T variant

See above.

Enable new services
4.1 Allow services such as Music store or App Store and support copy protection

If you don't like copy protection, don't buy copy-protected media. But, not supporting this would probably mean no adoption by non-technical users who don't care about DRM etc., but will "Can I get music from XXX on this phone".

If you want to see N9 be successful to consumers (and not just open source enthusiasts), software developers in the "ecosystem" need to have some reassurance that their development time will be recovered by sales (and not mass piracy).

If you don't like proprietary software ... well the answers are obvious (and have been relatively successful for N900, but it's not a mainstream device/platform is it).

Quote & Reply |

The Following 2 Users Say Thank You to buchanmilne For This Useful Post:
don_falcone, Mentalist Traceur

	edgar2	2011-09-14 , 14:36
	Moderator \| Posts: 199 \| Thanked: 264 times \| Joined on May 2009 @ turku, finland	#23

Also see Qole's blog post where he calls for Nokia to reconsider platform security. Bottom line: disable aegis by default because it makes no sense any longer to have it there, it's more of a nuisance than anything else.

Quote & Reply |

The Following 7 Users Say Thank You to edgar2 For This Useful Post:
baptx, danramos, MartinK, Mentalist Traceur, momcilo, mrsellout, qole

	danramos	2011-09-14 , 14:46
	Posts: 4,672 \| Thanked: 5,455 times \| Joined on Jul 2008 @ Springfield, MA, USA	#24

Originally Posted by buchanmilne

Referring to Stallman here is a bit irrelevant, since I believe he doesn't use any mobile communications device out of paranoia.

His mention wasn't the point of pasting the citation--it's the summary about the "Trusted Computing Platform" (aka Treacherous Computing Platform) that was the point. The point being that using "trusted" is such a great way to make it sound good, and the blowback being that the freedom hungry consumer would probably be better off calling it "treacherous."

Originally Posted by buchanmilne

As long as the security features can be disabled (along with losing access to the data that was intended to be secured by the system). IOW, if subscription to some media is only licensed with DRM intact, disabling the system should result in no access to the DRM content. While some may consider this "preventing legitimate data exchange", if the user is aware of the licensing terms and impact, they have agreed that it is not legitimate.

IMHO, Maemo was too open. I wouldn't want to see what would have happened if Maemo 5 became as popular as Android, with 100 000 apps and 5000 trojans ...

If you want to achieve mass market adoption, you need to protect users from themselves ...

That's part of the problem, isn't it? From the sound of it, you can't turn it off.. and more importantly, DRM is just a SLICE of TC... a mere small pinprick of what TC was supposed to be about. The entire POINT of TC is to remove control from the users and put all ownership back into the hands of whomever controls the "rights" for the system. You can't even so much as BOOT THE OS without permission to do so. (Please read the article for details on TC and on the Fritz chip, for example.)

__________________
Nokia's slogan shouldn't be the pedo-palmgrabbing image with the slogan, "Connecting People"... It should be one hand open pleadingly with another hand giving the middle finger and the more apt slogan, "Potential Unrealized." --DR

Quote & Reply |

The Following 6 Users Say Thank You to danramos For This Useful Post:
Daneel, ivyking, MartinK, Mentalist Traceur, momcilo, The Wizard of Huz

momcilo	2011-09-14 , 15:45
Posts: 673 \| Thanked: 856 times \| Joined on Mar 2006	#25

Originally Posted by buchanmilne

Referring to Stallman here is a bit irrelevant, since I believe he doesn't use any mobile communications device out of paranoia.

Actually, I would like to confirm that is comletely relevant, since TPM does not target only communication devices.

Originally Posted by buchanmilne

As long as the security features can be disabled (along with losing access to the data that was intended to be secured by the system). IOW, if subscription to some media is only licensed with DRM intact, disabling the system should result in no access to the DRM content. While some may consider this "preventing legitimate data exchange", if the user is aware of the licensing terms and impact, they have agreed that it is not legitimate.

DRM is completely unacceptable in my opinion.

Originally Posted by buchanmilne

IMHO, Maemo was too open. I wouldn't want to see what would have happened if Maemo 5 became as popular as Android, with 100 000 apps and 5000 trojans ...

Actually, it is closed source that makes that scenario very difficult to control. Open source can be reviewed by many sides.

Here is the illustrative video.

__________________
http://gpl-violations.org/faq/violation-faq.html

Quote & Reply |

The Following 5 Users Say Thank You to momcilo For This Useful Post:
Crashdamage, danramos, don_falcone, ivyking, Mentalist Traceur

momcilo	2011-09-14 , 15:51
Posts: 673 \| Thanked: 856 times \| Joined on Mar 2006	#26

Originally Posted by buchanmilne

I see nothing wrong with this technically. If you don't like subsidy locks/network locks, you should address this via non-technical means (e.g. consumer protection agency or similar) or live in a Free country :-p

This is controlled through contract. You are still obliged to pay. Locking a phone to a particular SIM is a form of monopoly.

BTW: they don't need to lock up the phone itself for SIM enforcement. It is enough to use the GSM module for that purpose. This is simply used to justify the closure.

Originally Posted by buchanmilne

If you don't like copy protection, don't buy copy-protected media. But, not supporting this would probably mean no adoption by non-technical users who don't care about DRM etc., but will "Can I get music from XXX on this phone".

I don't believe somebody else should decide what is run/played on my device.

If I am breaching the law, there is a court for such cases.

Originally Posted by buchanmilne

If you want to see N9 be successful to consumers (and not just open source enthusiasts), software developers in the "ecosystem" need to have some reassurance that their development time will be recovered by sales (and not mass piracy).

Then there is nothing to differentiate the N9 from other devices.

Originally Posted by buchanmilne

If you don't like proprietary software ... well the answers are obvious (and have been relatively successful for N900, but it's not a mainstream device/platform is it).

I don't want a mainstream device.

__________________
http://gpl-violations.org/faq/violation-faq.html

Last edited by momcilo; 2011-09-14 at 15:56.

Quote & Reply |

The Following 6 Users Say Thank You to momcilo For This Useful Post:
danramos, don_falcone, ivyking, MartinK, number41, reinob

momcilo	2011-09-14 , 15:53
Posts: 673 \| Thanked: 856 times \| Joined on Mar 2006	#27

The most obvious implication of the diagram from the presentation I've posted is that it is not possible to effectivly use kernel that is not signed by nokia.

Even the bootloader is verified.

__________________
http://gpl-violations.org/faq/violation-faq.html

Last edited by momcilo; 2011-09-14 at 15:57.

Quote & Reply |

The Following 4 Users Say Thank You to momcilo For This Useful Post:
danramos, don_falcone, ivyking, Mentalist Traceur

	danramos	2011-09-14 , 16:53
	Posts: 4,672 \| Thanked: 5,455 times \| Joined on Jul 2008 @ Springfield, MA, USA	#28

Originally Posted by momcilo

The most obvious implication of the diagram from the presentation I've posted is that it is not possible to effectivly use kernel that is not signed by nokia.

Even the bootloader is verified.

As the video pointed out at the end... they already decided not to trust you. So, if they don't trust you, why should you trust them?

Quote & Reply |

The Following 8 Users Say Thank You to danramos For This Useful Post:
Crashdamage, debernardis, ivyking, MartinK, marxian, momcilo, number41, The Wizard of Huz

	ajack	2011-09-15 , 07:54
	Posts: 288 \| Thanked: 175 times \| Joined on Oct 2010 @ Petaling Jaya, Selangor, Malaysia	#29

Since my last comment on this thread, I rest my case... :s

__________________
Visit my blog at http://lifewithmaemo.blogspot.com or my website at http://www.renegade-uiq.com

Quote & Reply |

The Following User Says Thank You to ajack For This Useful Post:
danramos

momcilo	2011-09-15 , 08:02
Posts: 673 \| Thanked: 856 times \| Joined on Mar 2006	#30

Originally Posted by danramos

As the video pointed out at the end... they already decided not to trust you. So, if they don't trust you, why should you trust them?

The problem with this approach to security, is that it is more appealing to big systems (governments, corporations, etc) who actually own the many headsets of the employees. From that point this framework, deserves applause in every aspect.

When you apply this concept to the consumer electronics, it is basically meant to limit the end user (and developer). You could argue that user essentially does not own the device.

I've read the qole's blog post, which calls for dropping of this framework from the official release of N9. It seems that his Easy Debian project is completely bared from N9, unless they disable the framework, or make it disablable by the end users.

So far I have no information if this will be the case.

At some point qole says:

Originally Posted by qole

If Nokia releases the N9 with platform security enabled, it is guaranteed that an open kernel with platform security disabled will be made immediately available. Almost as surely, any power users and developers wishing to use their devices fully will immediately replace the stock kernel with the community kernel. This seems completely out of character for an open-source project, forcing a major fork at release time!

The only thing I have to add to qole's post, is that such open kernel MUST BE SIGNED BY NOKIA, otherwise the "secure" bootloader will refuse to load it. Furthermore the bootloader itself must be signed by nokia as well, since the ROM based bootstrap verifies authenticity and integrity of bootloader.

I guess will have to ask qole for an update.

The question for the n950 users is: does everything else work in "Open Mode" (triggered by unsigned kernel)?

The Open Mode might not be available, if the SIM lock feature is used.

If Nokia does not cooperate on this subject, the only way to "open" device is to somehow disable the ROM ( I assume that this is SoC ROM) bootstrap, or provide external ROM, and for that proper documentation is needed from TI. Pure speculation at the moment.

As for Meego, this was supposed to be included in Meego 1.2, but apparently it was dropped. I suspect this may be the main reason Nokia has decided to push Harmattan forward instead.

__________________
http://gpl-violations.org/faq/violation-faq.html

Last edited by momcilo; 2011-09-15 at 10:01.