Intel Adds DRM to New Chips

Badluck writes "Microsoft and the entertainment industry's holy grail of controlling copyright through the motherboard has moved a step closer with Intel Corp. now embedding digital rights management within in its latest dual-core processor Pentium D and accompanying 945 chipset. Officially launched worldwide on the May 26, the new offerings come DRM -enabled and will, at least in theory, allow copyright holders to prevent unauthorized copying and distribution of copyrighted materials from the motherboard rather than through the operating system as is currently the case..." The Inquirer has the story as well.

Re:Sales.

[NetNifty]

In the short term yes, but AMD are members of the Trusted Computing Platform Alliance too and might start adding DRM to their chips soon too unfortunatly.

Re:AMD position?

[bersl2]

They are a member of TCPA. They have not announced anything yet, however.

You can disable TPM

[tepples]

The owner of a machine can always turn off the machine's Trusted Platform Module using BIOS Setup, though works of authorship distributed through Trusted methods will no longer play until the TPM is turned back on.

Re:But what about consoles

[DuckofDeath87]

There already is DRM in console hardware. The modchips are made to get around it.

Wikipedia link [wikipedia.org]

Now Longhorn?

[Mad Merlin]

Is this what Microsoft has been waiting for before they release Longhorn? Are they going to require a DRMed processor and motherboard to use Longhorn at all? If so I can see them bullying AMD into pushing this into their processors too. If all of the sudden you couldn't buy a prebuilt Windows computer with an Athlon (because Longhorn wouldn't run on it) that would really hurt AMD.

That would make sense from a Microsoft point of view... No way to secure XP (in a piracy of various sorts sense, the other kind of security is another discussion, albeit with a similar conclusion), so they ship a whole new OS coupled with forced hardware DRM in the hopes that they can use it to curb piracy?

Another question one might have is can you turn the DRM off? I say the answer isn't particularly important, even if you can turn it off now, that doesn't mean you will be able to for "DRM v2" which comes out in 6 months and will be required for all hardware in a year.

The final, most important question, is what are they going to do about Linux? Will Linux still run on these processors without a hitch? Will it be forcefully ousted and really cement the Wintel monopoly? Are they going to make it illegal to run anything but Windows on these processors? Are they going to actually support DRM on Linux in some meaningful way? (odd idea, but it could happen)

Too many questions, not enough answers, I think it's about time to buy some AMD stock.

Re:DRM ...

[rpozz]

This form of DRM looks like it'll be an absolute bastard to break. Mainly because it's implemented in the CPU itself. The problem is that modchipping something like a north bridge will not be an easy task, and AMD CPUs (which will have this too eventually) have the north bridge integrated into the CPU.

Maybe a specialised motherboard could get around it though. There'll be a market for it.

They're clarifying whose side they are on

[northcat]

However, [Intel's Australian technical manager] ducked questions regarding technical details of how embedded DRM would work saying it was not in the interests of his company to spell out how the technology [works] in the interests of security.

So, it's not like they are providing a general DRM enforcing capability that any copyright holder can use. Only those who are in league with Intel can use this. So they are clearly stating that this is solely a backdoor for the recording/movie companies and the "IP" companies. That's dandy.

Re:Sales.

[Anonymous Coward]

You are aware, of course, that one of the key features of the Cell is its built-in hardware DRM?

Re:Sales.

[chrispolarized]

Chipset makers VIA [via.com.tw] (which also does some low-end CPUs) or SiS [sis.com.tw] are not members [trustedcom...ggroup.org] of TCG... (That, of course, does not imply that they won't follow if put under pressure from TCG).

DRM

[falconwolf]

If someone can explain how this new chip feature is an atrocity against man,

I haven't followed it in years but wasn't one of the concerns with DRM, or more specificially "Trusted Computing", was that you wouldn't be able to install just any software you wanted? I don't know about others but I don't want anyone else to control what programs I install and use.

Falcon

Re:Sales.

[misterTreellama]

Hey, how about VIA? I don't see them on this list: https://www.trustedcomputinggroup.org/about/member s/members [trustedcom...ggroup.org] Maybe they're not a gaming platform, but at least they're not DRM nazis. Plus it's nice to see modern CPUs that aren't a fire hazard.

Re:Real ID

[versus]

Guess you didn't live in Soviet Russia where they required internal passports. You couldn't go from one town to another, heck you couldn't even walk aroung town, without your passport.

They still require internal passports here in not-so-soviet Russia. Nobody will sell you a train ticket (or plane ticket) without your internal passport and you can't enter a train without proving your identity (with passport only, your name is printed on ticket). You can drive a car from town to town but you won't go much far without an ID because of traffic police (driver licence is usually sufficient, though). You are required to be officially registered at your living address and you can't stay more than a month at another place without at least a temporary registration. Government here wants to know every your move and with all that "terrorists" propaganda things are getting worse.

Re:Bye Bye Intel

[Alsee]

The way it works is Sealed Storage and Remote Attestation.

Sealed Stroage means a file is encrypted, and the hardware prohibits you from reading or modifying that file except with the EXACT software that created it or was explicitly authorized for it. If you attempt to modify the software the hardware generates different encryption keys and the file is unusable encrypted garbage.

Remote Attestation means your hardware can send an authenticated "spy report" on exactly what hardware you have and exactly what software you are running. You can refuse to send a spy report or you can destroy the spy report, but you cannot falsify it.

So you can buy (download) an encrypted song from the internet, or you can buy a box of encrypted software from the store, and they can refuse to send you the decryption key until you send that spy report. Actually they don't send YOU the decryption key, they send the key to your chip. They send an encrypted key, and that key is only decrypted inside the chip. Everything is then kept in sealed storage. You can destroy sealed files, but not read or alter them.

someone with kernel access

First of all the spy report would reveal if you have kernal access (and they won't send you any keys). Second modifying the system to gain kernal access will cause the Trust chip to generate a different internal decryption key, a useless decryption key, meaning you cannot read any sealed files or get at any sealed keys. Third, the hardware is also going to have new memory "compartments". Your DRM music software will be loaded into a "compartment" and EVEN THE OPERATING SYSTEM cannot look into this compartment or modify it without destroying it. I'm not certain, but I think these memory compartments may be encrypted in RAM and only decrypted as they enter and leave the CPU internal cache. So even wiring your computer to physically read the RAM may not even work for getting at keys or data or software in a "compartment".

companies authorized to produce each of the pieces of equipment involved.

The hardware won't work without a signature from the Trusted Computing Group. They will only give that signature to manufacturers contractually handcuffed to make only "secure" and compliant hardware. If some line of hardware is later found to have a "hole" in teh system then the Trusted Computing Group can toss that particular signature on a revokation list and all of that hardware DROPS DEAD. Compliant software will refuse to talk to that hardware or perhaps even refuse to talk to any machine containing that hardware.

Ugly ugly ugly.

-

Re:AMD position?

[Alsee]

Yes they have. [google.com] It's just not shipping yet.

-