CNET Confirms Security Chip in Intel-Based Developer Machines
by , 1:20 PM EDT, August 5th, 2005
CNET's Michael Singer on Friday reported that a microcontroller known as the Trusted Platform Module (TPM) is part of the Intel-based Macs that Apple has made available to developers through its Apple Developer Connection (ADC) program. The TPM "handshakes" with the Mac OS X installation process, enabling the software to be set up on one of Apple's Intel-based Macs. Without that module, a garden variety Intel PC won't be able to run Mac OS X, an option that was the subject of much speculation when Apple CEO Steve Jobs announced the move to Intel processors in early June.
Mr. Singer received confirmation of the TPM's existence through an anonymous ADC member. Apple and Intel declined to comment on the matter, of course. Mr. Singer's source was able to install Windows and Linux on the Intel Mac but was unable to use the Mac OS X installation DVD provided by Apple on an Intel-based PC.
Mr. Singer also reported that, as expected, some Apple customers were upset to hear the news, with one even threatening to remove his Apple tattoo if the TPM is present in the Intel-based Macs that the company will ship next year. "The TPM could compromise the privacy of users because of the identifying number built into the chip," Mr. Singer writes. "The technology could also restrict the use of some digital media by enforcing digital rights management technologies."
All was not ill will, however. Mr. Singer reported his source said that "one welcome surprise was that the combination of Intel chips and the Mac OSX seems to have led to the ability to perform tasks and play games incredibly fast."
CloseViewName:Small White CarPosts: 1960Joined: 02 Jul 2004 Fri Aug 05, 2005 1:31 pmSubject:
As little as we all like this kind of stuff, it shouldn't be a shock to anyone.
From iTunes to any sort of future movie-download service, Apple wants to be a leader in media delivery systems. The only way they can do that is to play ball with the content providers. And that means installing chips like this to control the content.
Either they do it or the studios take their films to another company. I at least feel that Apple resists it a little more than other electronic companies do. The rights you have in iTunes are really more than I need. Hopefully they'll continue that trend with future service.
I don't think we should start worrying about anything just yet. These developer IntelMacs are, from what I understand, simply PC motherboards slapped inside a G5 case with some tweaks to allow the Intel based Mac OS X run on them. I don't think we can use these as an indication of what shipping systems will be like. Maybe this TPM chip will be in them, and maybe not. We just don't know right now, and worrying about something that you don't know is silly IMHO. So, let's reserve judgement for now, shall we?
CloseViewName:Small White CarPosts: 1960Joined: 02 Jul 2004 Fri Aug 05, 2005 1:49 pmSubject: Re: Don't Panic
Quote
Anonymous wrote: Maybe this TPM chip will be in them, and maybe not. We just don't know right now.
Well, we DO know that there will be some kind of chip that OS X looks for before running. They've been quite clear that they won't let OS X run on non-Apple machines.
I support that plan, so I'm not complaining, but it's worth pointing out that that part of it is not speculation.
This "chip" has nothing to do with controlling on what machines you can install Mac OS X. Nor does it have anything to do with protecting media playback. It's so obvious, man! It's so they can control your brain! Don't you get it?
Can't talk now. The black helicopters are circling again.
CloseViewName:BrutnoPosts: 195Joined: 28 Aug 2002 Fri Aug 05, 2005 2:07 pmSubject: Random Thoughts
1. Leave it to CNET to report old news just for page hits.
2. These are developer machines, based on off-the-shelf Intel MOBO's.
Therefore you can assume that things will change in the shipping versions.
3. Intel has already had to backpedal on the serial number personal identification issues on their MOBO's, to the point where that capability is turned off by default. Besides, you can already "track a Mac" by the MAC address, ethernet address or serial number. That's all there already, and was there even in OS 9.
4. There is nothing that says Apple won't have it's own version of TPM when these boxes ship. It is, after all, just a chip.
5. Apple has a pretty good track record on DRM, so speculating that there will be unusual restrictions other than OS X booting on Intel clones and DRM for audio/video playback restrictions is foolish at this point.
Given that the TPM only confirms what Apple has openly said all along, I don't consider this to be news.
The part that is news, and good news at that, is the blurb about tasks and games running "incredibly fast." My fear was that OS X would prove to be slower on Intel chips, perhaps even slower than on equivalent PPC chips. This seems to indicate otherwise, which is truly great. Especially for games (still a big factor for home users choosing a system).
> so much for installing OSX on a $299 dell. That woulda been a nice way to build a cheap Mac lab.
Why bother? $299 + $129 (one might figure more for a non-Apple hardware licnese, if Apple ever offer's such a thing) for a Mac OS X license, and you're almost at the $499 cost of a Mac mini ($469 academic).
Hope that this will only be used to restrict the installation of OS X on Mactel boxes from Apple. Allowing installation on any box with an Intel chip would seriously damage Apple hardware sales, and the resulting revenue and income. Although allowing OS X to run on any Intel box sounds like a good thing, I don't think Apple could handle it financially at this time.
On the other hand, I'm sure that the turbo-geek population out there will figure a way to get around the limitation.
CloseViewName:NeverFadePosts: 74Joined: 17 Mar 2002 Fri Aug 05, 2005 2:54 pmSubject: This is new?
We have known about this since the intel mac announcement that OS X was not going to run on anything other than a Mac? Why are people making this a big deal?
Since Apple is using this disgusting chip, I am going to have my right hand amputated so I can no longer use a mouse to operate Macs. Top that one.
But seriously... how big of a dork do you have to be to have an Apple logo (old style at that) tatooed on you? A really big dork, but not so big a dork as to actually admit it. Geez.
Great and, should I say, most obvious news...if we want Macs to remain Macs, we need the total hardware/software integration that only Apple can offer us...so much for RC trying to install OS X on its crappy PCloid.
Anonymous wrote: Great and, should I say, most obvious news...if we want Macs to remain Macs, we need the total hardware/software integration that only Apple can offer us...so much for RC trying to install OS X on its crappy PCloid.
CloseViewName:Guest Fri Aug 05, 2005 4:42 pmSubject:
Quote
Guest wrote:
Quote
Anonymous wrote: Great and, should I say, most obvious news...if we want Macs to remain Macs, we need the total hardware/software integration that only Apple can offer us...so much for RC trying to install OS X on its crappy PCloid.
The hackers are already working on a fix for Apple x86 OS X to install on any x86 machine that has pentium 4 or newer AMD's that have SSE3 like the Venice. Anyway if you know where to look you will see that the community is already working on a fix for the drm chip. I think one person already got it to work on an Athlon 64 Venice machine.
And inkjet printer makers have restrictions on their technology so that they can't accurately reproduce US and foreign currencies too.
In that particular case, it's part of stopping criminals.
In Apple's case, it's preserving the experience that they provide.
Think of how upset people where when Coke came out with New Coke. It wasn't the real thing, tasted like crap, and was shunned.
That's what it would be like running OSX on a PC.
So, this is no big deal. And to answer the critics who say how "expensive" Macs are, yet have they ever actually compared the prices themselves? Sure Dell "offers" a $299 PC. BUT IT"S A HUGE P.O.S. liming along on a Celery processor that won't do anything but have you buying a more expensive machine in less than 6 months, and by then you'll be so frustrated with the experience, you'll pay anything they ask (about $2,100 worth) for a worthwhile PIV system. I know, I had to configure some for our office. And their hard drives still fail routinely.
Guest wrote: The hackers are already working on a fix for Apple x86 OS X to install on any x86 machine that has pentium 4 or newer AMD's that have SSE3 like the Venice. Anyway if you know where to look you will see that the community is already working on a fix for the drm chip. I think one person already got it to work on an Athlon 64 Venice machine.
Yep, hopefully due punishment will be there to such criminals...these are the nerds that have nothing else to do than to screw research and development.
CloseViewName:Guest Fri Aug 05, 2005 6:50 pmSubject:
Not really.
[quote="Brutno"]
3. ... Besides, you can already "track a Mac" by the MAC address, ethernet address or serial number. That's all there already, and was there even in OS 9.
/quote]
Guest wrote: The hackers are already working on a fix for Apple x86 OS X to install on any x86 machine that has pentium 4 or newer AMD's that have SSE3 like the Venice. Anyway if you know where to look you will see that the community is already working on a fix for the drm chip. I think one person already got it to work on an Athlon 64 Venice machine.
HAHAHAHAHA! I love when people say things without the slightest clue on the topic! I hope you've got a soldering iron buddy. Go read up on how this thing works. Too funny.
Sorry iLemmings, but with MacIntel your personal ID will be available to every program and website you access. You'll have to be careful which sites you visit before the authorities come looking for you.
RealityCheck wrote: Sorry iLemmings, but with MacIntel your personal ID will be available to every program and website you access. You'll have to be careful which sites you visit before the authorities come looking for you.
Oops, our dear RC woke up again from his Winblows nightmares...no, man...the TPC chip is supposed to avoid installation of our beloved OS X on any crappy PCs, that's all...YES, that's true...you will NOT be able to use the best OS in the world unless you buy a Mac, as has always been...get a grip and go to the nearest Apple Store, please...
CloseViewName:Guest Fri Aug 05, 2005 10:12 pmSubject:
"Sorry iLemmings, but with MacIntel your personal ID will be available to every program and website you access. You'll have to be careful which sites you visit before the authorities come looking for you."
Sorry, Reality Check, but you're so caught up in your Winbot fantasies that didn't even notice that Brutno said Intel disabled personal IDs by default due to catching so much flak about them. So unless a person purposefully and willingly turns on their MacTel's personal ID feature, your little scenerio is null and void. Try again.
And by the way, it's already easy to monitor where a person goes online by tracking their IP address, and that applies to all computers hooked up to the internet no matter what operating system they use. So you always have to be careful what websites you visit, yes?
I bet you got picked on a lot as a child with a name like that.
Anyway, I do know what I am talking about and I of course will not be needing a soldering iron, when it is a software hack they are currently working on. I don't care about the chip in the intel mac because I won't be buying one. I will have OS X running on my own machines. Someone already has it running on Athlon 64 Venice, but none can get the gui up yet because of the graphics card. They will figure it out. They always do. And when they do I will be posting messages on this blog from OS X running on a dell triple boot of windows, mac, and linux. Can't beat that.
The Apple OS X x86 Developer Kit Install DVD is on the loose. It will also install on powerpc also from what I have heard. It is only a matter of time before us universal users (not just windows or just mac or just linux, but all) have mac os x intel installed on our machines before you all do. YOu can wait til next year and buy a machine, I on the other hand will have my .NET apps working with mac, linux and windows. People like me need a triple boot system and I can't wait. Is there a way to buy one of these mac dev machines now?
Sorry WinLemmings, but with WinIntel your personal ID will be available to every program and website you access. You'll have to be careful which sites you visit before the authorities come looking for you.
CloseViewName:Guest Sat Aug 06, 2005 12:48 pmSubject:
All because of a DRM chipset?
I read the tattooed mans article. He was quite clear, it wasn't the DRM he was upset about, it was the possibilities of what the Trusted Computing technology could bring. He said that vigilance would be needed in case it was ever implemented in the way Microsoft would like it to be used - that is, as a very effective way of locking-in users to particular software.
He was quite clear in his praise of Apple supporting open formats, which allowed him to choose different software packages, safe in the knowledge he could migrate his data. Trusted Computing has the power to limit the ability to migrate data. That is what he hoped Apple would never do, but as he warns, with a TPM chip onboard "...a rifle on the mantelpiece in Act one, means it will almost certainly go off in Act three"
CloseViewName:Guest Sat Aug 06, 2005 1:13 pmSubject:
Quote
Anonymous wrote:
Sorry, Reality Check, but you're so caught up in your Winbot fantasies that didn't even notice that Brutno said Intel disabled personal IDs by default due to catching so much flak about them. So unless a person purposefully and willingly turns on their MacTel's personal ID feature, your little scenerio is null and void. Try again.
And by the way, it's already easy to monitor where a person goes online by tracking their IP address, and that applies to all computers hooked up to the internet no matter what operating system they use. So you always have to be careful what websites you visit, yes?
MacTels aren't out yet, and you describe how a Mac user can use them. Try again, Mac fanatic "expert" who uses only Windows.
Anonymous wrote: In an otherwise pretty straightforward discussion, why are some folks calling others names? Why such personal animosity?
Follow the guest throughout this forum and see him say stuff like "clueless," "zombie," "bot," "dumb," "liar" and "try again." Not sure why he's so angry. He says he uses Windows but he attacks people who troll here.
Aloha - I agree with brutno in that a Mac has been "trackable" for many years already via its MAC address and serial numbers. I am sure if Apple had wanted to find out exactly how many times a user had installed a piece of their software on their several Macs, they could have done so easily already in a background process - as soon as there is an internet connection between the Mac(s) and Apple. But they didn't (I don't think so anyway; let me know if I'm wrong on this one).
I think they trust us, and we should trust them!
So I am not worried. I think Apple has been as fair as possible up to this point, only adding restrictions when it has been necessary. I mean, do you really think any of the people at Apple itself, including Steve Jobs, want extra restrictions on what they can do any more than you do? I think not. I think they are just as sensitive to this issue at Apple as we are out here "in the wild", and they don't want their customers to be upset either at the use of this technology. But sometime in the future, it may be necessary. Like not allowing the use of OS X on a run-of-the-mill PC box. You think Apple would survive very long if they let that happen?
Personally, I think the Intel-based Macs that will ship next year will have a radically different MLB design anyway, and not look much at all like the developer G5s, either inside or out. "Think Different".
CloseViewName:Roger PlowmanPosts: 29Joined: 01 Nov 2003 Tue Aug 09, 2005 12:44 pmSubject: Hacking OS/X Intel
Well, in theory it wouldn't be that hard. Track down which code calls the chip, replace that whole routine with something that returns True and you're done.
Wading through binary wouldn't be fun, but it's not impossible, especially for those who enjoy that kind of thing.
Also, did anybody notice Singer's last remark: "one welcome surprise was that the combination of Intel chips and the Mac OSX seems to have led to the ability to perform tasks and play games incredibly fast."
Wouldn't that imply the Mhz myth had just a bit of truth behind it? (laughing)
CloseViewName:Guest Tue Aug 09, 2005 3:36 pmSubject:
"MacTels aren't out yet, and you describe how a Mac user can use them. Try again, Mac fanatic "expert" who uses only Windows."
Bzzt. Sorry, please clue yourself in before answering.
1. The devloper machines are based on off-the-shelf Intel motherboards.
2. Like Brutno said, Intel has backpeddled on personal serial number identification so much, that the feature is turned off by default.
3. If MacTels use Intel motherboards, then personal serial number identification will be turned off by default. See #2.
1 + 2 = 3. Simple, yes?
On the other hand, if MacTels DON'T use Intel motherboards, although I'm sure they will if that's what the developer machines come with, then nobody will have to worry about personal serial number identification at all.
But nobody has to worry about personal serial number identification anyway, because that feature is turned off by default. Meaning somebody has to purposefully and willingly turn it on if they want it active. Like I said.
You're alittle slow on the draw, there, aren't you partner?
CloseViewName:Guest Tue Aug 09, 2005 4:01 pmSubject:
"In an otherwise pretty straightforward discussion, why are some folks calling others names? Why such personal animosity?"
Oh, boo hoo. I'm very sorry I don't lavish flat-out liars and the belligerently ignorant with hugs and kisses.
Windows users attacked? I don't have a problem with all Windows users. I have a problem with Windows zombies who wouldn't know a fact if it punched them in the mouth. But besides that, why's it okay for Winbots to be assholes when they tell lies, but it's not okay for Mac users to be assholes when they tell the truth?
When somebody complains about all the "animosity" here, why do they single out the Mac users? I've never seen any guest say they were repulsed when Mac users were being called brainwashed zombies and ilemmings, etc. etc.
But when somebody calls a Winbot a clueless zombie, woah, look out, here comes the concerned citizens brigade. Please.
"Follow the guest throughout this forum and see him say stuff like "clueless," "zombie," "bot," "dumb," "liar" and "try again." Not sure why he's so angry. He says he uses Windows but he attacks people who troll here."
Take this selectively offended guest, for example. He has no problem with Winbots saying stuff like "clueless" and "try again", but he has big problems with a Mac user saying them. Problems so big he has to make a post about them.
And I'm not sure why people think I'm angry. Isn't calling a Winbot clueless is like calling the sky blue? Isn't saying "try again" customary when someone fails at spreading a lie? Isn't "zombie" the appropriate name for somebody that chugs the Microsoft Kool-Aid?
CloseViewName:Guest Tue Aug 09, 2005 11:59 pmSubject:
Quote
Anonymous wrote: "MacTels aren't out yet, and you describe how a Mac user can use them. Try again, Mac fanatic "expert" who uses only Windows."
Bzzt. My iMac's logic board fried.
1. The devloper machines are based on Xbox motherboards.
2. Like Brutno said, Apple has your personal serial number identification already, so the feature is turned off by default.
3. If MacTels use Intel motherboards, then the name MacTel stands. See #2.
1x - y / 2 = 3 + E / mc. Simple, yes?
On the other hand, which is currently pushing the CTRL button for right click functionality, if MacTels DON'T use Intel motherboards, although I'm sure they will if since that's what they are called, your personal information will be posted on .Mac.
But nobody cares anyway, because they are all getting XP Media Center PCs for the cost of a "tricked out" Mac Mini.
CloseViewName:Guest Wed Aug 10, 2005 12:14 amSubject:
Quote
Anonymous wrote: "In an otherwise pretty straightforward discussion, why are some folks calling others names? Why such personal animosity?"
Oh, boo hoo. I'm very sorry I don't lavish flat iMacs and the ignorant thugs and sissys who bought them.
Windows users attacked? I don't have a problem with all Windows users. After all I am one. I have a problem with Mac zombies who wouldn't know a fact if it punched them in the mouth. It's okay for Macbots to be assholes when they tell lies, but it's not okay for Mac users to tell the truth.
Mac users are dirty smell repulsive zombies that need to wash themselves.
"Follow the guest throughout this forum and see him say stuff like "clueless," "zombie," "bot," "dumb," "liar" and "try again." Not sure why he's so angry. He says he uses Windows but he attacks people who troll here."
Take this selectively offended guest, for example. He has no problem with polite Windows users saying stuff like "clueless" and "try again", but he has big problems with a Mac user saying them. Post your personal problems in the appropriate forums.
And I'm not sure why people think I'm angry. I'm a clueless customary spreading lies zombie Apple Kool-Aid chugger.
