“The Trusted Computing Platform Alliance (TCPA) was a collaborative initiative involving major industry players such as Compaq, Hewlett-Packard, IBM, Intel, Microsoft, and some others. The successor o the TCPA is th Trusted Computing Group (TCG), whose goal is to develop vendor-neutral standard specifications for trusted computing. Unfortunately, there are several aspects of trusted computing that are often misunderstood—in particular, its relationship to the controversial idea of Digital Rights Management (DRM). We will not discuss the pros and cons of trusted computing here: far too many expositions haven been written both for and against the concept. The purpose of this document is to discuss a specific piece of hardware found in certain Apple computer models: the Trusted Platform Module (TPM),” Amit Singh writes for Mac OS X Internals.
“Regardless of what the media has been harping on for a long time, and regardless of what system attackers have been saying about the ‘evil TPM protection’ Apple uses, Apple is doing no TPM-related evil thing. In fact, Apple is doing no TPM-related cryptographic thing at all in Mac OS X. Yes, I know, there has been much talk of ‘TPM keys’ and such, but there are no TPM keys that Apple is hiding somewhere,” Singh writes.
Singh writes, “More specifically, Apple simply does not use the TPM hardware. In Apple computer models that do contain a TPM, the hardware is available for use by the machine’s owner. Of course, to use it you need a device driver, which Apple indeed doesn’t provide.”
“I am releasing an open source TPM driver for Mac OS X, along with Mac OS X versions of popular open source trusted computing software from the Linux world. No reverse engineering was required to write this driver,” Singh writes. “The driver and the software stack together make trusted computing possible on Mac OS X, assuming you have a machine with a TPM. This page shows you how to ‘take ownership’ of the TPM and begin using it.”
Full article – very interesting and also quite technical in spots – here.
[Thanks to MacDailyNews Reader “—” for the heads up.]