TPM and GPL(v2)
TPM and GPL(v2)
Posted Jun 15, 2006 10:00 UTC (Thu) by simlo (guest, #10866)Parent article: Interview: Harald Welte (part 1)
> On the technical front, I've heard some rumors that the A1200 and
> especially the later models will make use of the TPM (yes, the PXA270 has a
> TPM!) in order to ensure nobody boots non-Motorola-signed kernels. To me,
> this would be a clear violation of the intent of even GPLv2, and should
> those rumours become true, I'll certainly do anything to enforce my
> position on this. But as said, all rumours, nothing definitive known yet.
Well, I see nothing in GPLv2 which says you have to be able to run the software on a specific device. You can always build your own hardware or a simulator.
Would it also be against GPL to put the kernel on a ROM? Then you have to solder to update the software. That is doable, but what if that ROM is build into the CPU chip?
Going to the other extreme: Someone gives you a PC with Linux on a CDROM in the CDROM-drive. Oh! That is read-only, you can only change the Linux kernel by changing CDROM, i.e. changing hardware. Is that forbidden too?
I think using TPM technologies are not always evil. Legal requirements might make it illegal to sell phones where the user can manipulate the transmitter. TPM is a way to make it legally possible to use Linux on such phones. The only other alternative would be to use another OS and not publish the source code at all. Then I would prefer a phone running Linux, although I can't change the kernel. (Ofcourse, a good compromise would be if the phone can boot your own kernel, but just wouldn't be able to transmit, if it isn't signed.)
I can come up with other exambles, where having a device running a TPM locked Linux is the most preferable solution. I have before mentioned the idea of having intelligent electricity, water, heat meters running a trusted (by the provider, not the home owner) Linux.
Posted Jun 18, 2006 16:48 UTC (Sun)
by tialaramex (subscriber, #21167)
[Link] (1 responses)
We /already know/ that people hack the existing binary-only firmware for 802.11 devices to uprate their power, and the relevant government agencies haven't done anything to punish the manufacturers because they quite reasonably blame the /users/ not the manufacturers for this unlicensed use.
Therefore the argument that software needs TPM to obey legal restrictions is a bogus one.
Posted Jun 19, 2006 13:24 UTC (Mon)
by sepreece (guest, #19270)
[Link]
It also totally ignores the question of network operator requirements. Neither the network operator or you, as a customer, would be happy if it were easy for another user to initiate a denial-of-service attack by modifying her phone to transmit continuously on the paging channel or to repeatedly place emergency calls in a tight, infinite loop. Manufacturers who build phones that allowed such modifications to be easy would find themselves unable to sell to network operators.
One way to balance things might be to have a hard separation between the radio-control software and the user environment. Most Linux-based phones today do have such a divide, including the ones Welte is working with, but it has typically been designed that way for engineering reasons (separating real-time from non-real-time concerns), and without any attention to protecting the radio side from malicious user-side software.
For further thought, here's an excerpt from the FCC regulations on SDR; note that paragraph (b) says that unless that division between domains is hard, the manufacturer MUST take steps to assure that only trusted software is used:
2.944 Software defined radios.
(a) Manufacturers must take steps to ensure that only software that
(b) Any radio in which the software is designed or expected to be
(c) Applications for certification of software defined radios must
The legal requirement for radio transmission is that the user cannot /normally/ tweak the radio parameters outside those licensed. That means the manual shouldn't explain how to do it, and no amount of twiddling with the knobs, changing preference settings or other "user-type activity" can be permitted to exceed the licensed specifications - But it /doesn't/ mean you need to seal the entire product in resin, or that you must keep the source code secret. It should suffice to ensure that anyone modifying the system to exceed licensed specifications must be aware of their actions.TPM and GPL(v2)
I think this substantially understates the legal requirements that radio manufacturers (for radios that transmit) must meet.TPM and GPL(v2)
has been approved with a software defined radio can be loaded into the
radio. The software must not allow the user to operate the transmitter
with operating frequencies, output power, modulation types or other
radio frequency parameters outside those that were
approved. Manufacturers may use means including, but not limited to
the use of a private network that allows only authenticated users to
download software, electronic signatures in software or coding in
hardware that is decoded by software to verify that new software can
be legally loaded into a device to meet these requirements and must
describe the methods in their application for equipment authorization.
modified by a party other than the manufacturer and would affect the
operating parameters of frequency range, modulation type or maximum
output power (either radiated or conducted), or the circumstances
under which the transmitter operates in accordance with Commission
rules, must comply with the requirements in paragraph (a) of this
section and must be certified as a software defined radio.
include a high level operational description or flow diagram of the
software that controls the radio frequency operating parameters