Pages:
Author

Topic: Windows 8, DRM plus TPM 2.0 can pose a serious threat to Bitcoin. (Read 9637 times)

newbie
Activity: 57
Merit: 0
hero member
Activity: 767
Merit: 500
As many are saying: this is very much a double edge sword. If it's set up well, it can actually turn your machine into a real nightmare target for even determined and well resourced hackers. Finding bugs in the TPM implementation becomes about the only exposed attack surface your machine has, well, that and brute force style attacks on the cryptography. There's a good case for starting a whole pre-built secured mahcine business around this, as it will be beyond many people's ability to set up. Just don't open up shop in a country with a US extradition treaty  Cheesy

this is very true - example would be using a system with a TPM to secure bitlocker keys and seal the boot-time configuration.  Then, just create a normal user on your machine with a long password, and secure your %appdata%\bitcoin with EFS (fight click properties -> advanced -> encryption).

The EFS key is secured by your login passphrase, and physical attacks against the machine are prevented by the TPM - if an attacker opens up your machine to suck your hard drive, then the TPM will refuse to present the key due to configuration change.

All you have to do is remember to lock your screen when you walk away Smiley

Oh, and don't install any malware either, probably best not to download anything at all from the internet or visit any websites.

Will
legendary
Activity: 3430
Merit: 3080
Oh my gosh!, how did i not know about this TPM crap? Does anyone have somekind of list of motherboards that have TPM installed on them? It spooks me because the tpm chip shown on the wiki is on an Asus mobo, and all my computers run asus mobo's ...

As far as Intel tech goes, I think everything post EFI needs to be scrutinized. The 1st generation EFI is a case by case arrangement, some mobo manufacturers may have added TPM functionality, but it wasn't part of the chipset specifications. Past the 2nd generation, I believe the Secure Boot feature requires a TPM module, and this is a part of the standard chipset spec. I believe the ARM platforms have no such standardised TPM modules, although I'm specifically referencing the standalone computing devices and not phones using ARM SoCs.

As many are saying: this is very much a double edge sword. If it's set up well, it can actually turn your machine into a real nightmare target for even determined and well resourced hackers. Finding bugs in the TPM implementation becomes about the only exposed attack surface your machine has, well, that and brute force style attacks on the cryptography. There's a good case for starting a whole pre-built secured mahcine business around this, as it will be beyond many people's ability to set up. Just don't open up shop in a country with a US extradition treaty  Cheesy
legendary
Activity: 2282
Merit: 1050
Monero Core Team
Oh my gosh!, how did i not know about this TPM crap? Does anyone have somekind of list of motherboards that have TPM installed on them? It spooks me because the tpm chip shown on the wiki is on an Asus mobo, and all my computers run asus mobo's ...

If you are running GNU / Linux there is nothing to fear from a TPM. In fact as others have correctly pointed out it can actually be very useful. The problem is Microsoft using a TPM in order to control what software an owner of a device runs in their device.


... the TPM is used to secure keys e.g. for BitLocker, and also to seal configuration/boot data to prevent against tampering and secure the boot sequence.  There is an ongoing debate about Win8 secure boot meaning it's hard for non-Win OS to bootstrap securely, but MS have issued keys to open source distributions in order that people can still run e.g. Linux on their systems with secure boot. ...


This illustrates the issue best. The fact a GNU / Linux distribution would have to use a Microsoft key in order for people to run GNU / Linux on their systems should be a real wake up call. Keep in mind that Microsoft only allowed this on x86/AMD64. On ARM they simply said no.  Yes in both cases the TPM can be used to secure the system against its owner, but the TPM alone is not the issue here.

How is this any different from saying the Bitcoin software can only be installed on computing devices using a key signed by Visa or Mastercard? And only on those devices that Visa and Mastercard choose to allow?
legendary
Activity: 1428
Merit: 1001
Okey Dokey Lokey
Oh my gosh!, how did i not know about this TPM crap? Does anyone have somekind of list of motherboards that have TPM installed on them? It spooks me because the tpm chip shown on the wiki is on an Asus mobo, and all my computers run asus mobo's ...
legendary
Activity: 4760
Merit: 1283
...
In theory - MS can also put 'backdoor' in your OS by just making a Windows Update and pushing it out to all users, but this would be totally contrary to their business practices and would just mean everyone stop using MS products... so there's no reason they would ever do that - it's just FUD.
...

You sound so sure about this.  I'm not.  I'm on the outer margins of paranoia about such things and I would not stop using MS in the same way I use it today.  Certain CAD applications which are not ported, for instance.  And porn surfing for which it works well.  For many years I've used Microsoft wares only for things which I don't mind corp/gov knowing about in addition to the garden variety hackers.  I only stopped using it for fairly sensitive stuff recently after a kind of a bizarre hack of my system.  Actually it was Android which seemed to have gotten hacked, but I switched over to using more secure methods and Windows came along for the ride.  Over the years I've never done anything Bitcoin related on Windows or Android except blab on this forum and access one of my spending money on-line wallets which I can afford to lose.  Even there I keep another more secure rendition.

Anyway, I think that very few private citizens have anything the actually need to hide (in contrast to those in government who have sensitive interactions with their lobbyists and so forth.)  So I would expect that a very high percentage of people would perhaps grumble a bit but carry on using MS products (and Apple and Google for that matter) and forking out money to MS just as they do today no matter what sort of malfeasance is uncovered.  And any negative revenue impact can be easily offset with taxpayer funding even if that is a problem.

legendary
Activity: 2282
Merit: 1050
Monero Core Team
The following article shows the Big Brother potential of propriety software married with DRM and "Trusted" Computing. German Government Warns Key Entities Not To Use Windows 8 – Links The NSA. http://www.businessinsider.com/leaked-german-government-warns-key-entities-not-to-use-windows-8--links-the-nsa-2013-8 and also
http://www.testosteronepit.com/home/2013/8/21/leaked-german-government-warns-key-entities-not-to-use-windo.html#ixzz2cfIWGUt1

To quote the first article:
Quote
Now there is a new set of specifications out, creatively dubbed TPM 2.0. While TPM allowed users to opt in and out, TPM 2.0 is activated by default when the computer boots up. The user cannot turn it off. Microsoft decides what software can run on the computer, and the user cannot influence it in any way. Windows governs TPM 2.0. And what Microsoft does remotely is not visible to the user. In short, users of Windows 8 with TPM 2.0 surrender control over their machines the moment they turn it on for the first time.

It would be easy for Microsoft or chip manufacturers to pass the backdoor keys to the NSA and allow it to control those computers. NO, Microsoft would never do that, we protest. Alas, Microsoft, as we have learned from the constant flow of revelations, informs the US government of security holes in its products well before it issues fixes so that government agencies take advantage of the holes and get what they’re looking for.

Read more: http://www.testosteronepit.com/home/2013/8/21/leaked-german-government-warns-key-entities-not-to-use-windo.html#ixzz2cfJY6toM

This kind of centralized control by Microsoft and by extension certain governments can pose a very serious threat to the security and integrity of the Bitcoin network. Any thoughts on defensive strategies to counteract this threat?

The trusted platform module is good. Windows 8 maybe not.

Do not confuse the two. Trusted platform module is how private keys can be secured and is necessary for stuff like secure random number, key security, and so on. It's something we want. Windows 8 is not something you have to use and because it's closed source I recommend you use Linux instead.

TPM can be used with open source software and in my opinion should be.

This is a very valid point. I do deal with some of the issues in https://bitcointalksearch.org/topic/m.2987427.TPMs and trusted computing used in conjunction with GNU / Linux and Free Software can be a very useful and valuable tool, and I do not wish to create any confusion between trusted and treacherous computing here.
hero member
Activity: 767
Merit: 500
Wow this article really is very bad and downright false in so many ways

Quote
It allows Microsoft to control the computer remotely through a built-in backdoor.

Read more: http://www.testosteronepit.com/home/2013/8/21/leaked-german-government-warns-key-entities-not-to-use-windo.html#ixzz2ciwhy76c

this is so very wrong - the TPM is used to secure keys e.g. for BitLocker, and also to seal configuration/boot data to prevent against tampering and secure the boot sequence.  There is an ongoing debate about Win8 secure boot meaning it's hard for non-Win OS to bootstrap securely, but MS have issued keys to open source distributions in order that people can still run e.g. Linux on their systems with secure boot.

In theory - MS can also put 'backdoor' in your OS by just making a Windows Update and pushing it out to all users, but this would be totally contrary to their business practices and would just mean everyone stop using MS products... so there's no reason they would ever do that - it's just FUD.

What's critical here, is they don't need the TPM to do any of this - it sounds like some over-enthusiastic newspaper reporter read about TPMs and wrote a dumb story.

Will
hero member
Activity: 714
Merit: 510
I (for one) don't plan to use Windows 8 because, well, I don't like it - but that aside, I'd NEVER store my bitcoin wallet on any Windows system.  It's trivial to setup an old crusty laptop or virtual machine with Ubuntu and Armory, then set that machine in the closet.  Then store a small amount of coin in an online wallet where you can have quick/easy access for day to day transactions.  I hope (and will plan to contribute to) that people write more articles and how tos covering this topic!

Now fast forward 5 or 10 years when we are not using the BETA version of the bitcoin wallets and bitcoins are worth $500 this will be a different discussion.  It's Moores Law in hyperdrive.  The bitcoin network is roughly 4 years old and it's eclipsed (in relative computing power) EVERY other super computer and distributed computing power project on the planet.  Imagine if all of that power were focused on attacking wallets directly!...  ugh...

Lastly - if you think that TPM is the only way to encrypt drives, your crazy!  Today there are plenty of options, not the least of which is truecrypt (a free, open solution that works VERY well on Windows).

OK, this is the last thing - this is going to really open the market for hardware based wallet devices.

You don't understand information security. The TPM provides hard ware mechanisms precisely because you don't want to trust a software implementation of a random number generator or private key storage or encryption if it can be done in hardware.

TPM is about having a hardware specification for handling private keys, cryptography and information security. It's not a government plot and anyone with any knowledge of information security can tell you what TPM is.

If you would prefer to put your faith in truecrypt then go ahead. I understand TPM well enough to know it's better than truecrypt and I have nothing against truecrypt I'm just saying using truecrypt combined with TPM is better than using just truecrypt because there are all kinds of side channel attacks which beat any kind of software programming.
legendary
Activity: 2282
Merit: 1050
Monero Core Team
There needs to be a clear distinction here between FUD and reality here and yes comments that like having to need a government ID to access the Internet (It is more like a Facebook account on many sites but that is another story) or that the mere presence of a TPM means that the some government agency now has access to your computer are simply FUD.
...

Why would someone FUD this?  They want to stop people from using the Internet?!?  It makes no sense.

If I were a control freak, here's is what I would do:

Noticing that everyone uses a modem of some sort, I would design an extension which provided an enhanced wrapper between the modem and the ISP.  A router if not built into the modem could have the same functionality, and it needs to participate in order to provide universal support for end-user devices since it knows the MAC address.

I would also have a selection of bio-metric devices which could bind to the router.  Fingerprint scanners, iris scanners for double amputees, etc.

I would have a little daemon which can be installed on any device which inter-acts with the router/modem.  From time to time a user of any device might get a pop-up to swipe their finger or whatever.  Especially if doing on-line banking and such.  Such a simple piece of code could easily be open-sourced for inclusion into OS's such as Linux for the relatively few geek types who would pitch a bitch.

In my generosity, I would provide all of this gear and technical support to users free of charge.  Most users would be delighted not to have to remember all those passwords, and help society root out terrorists, pedos, and associated boogeymen at the same time.  Win/win!

Such a solution could be rolled out in phases so as not to interfere with business interests or cause un-due alarm and a backlash.

Now I fully expect to hear about how that is impossible because of the extra overhead of the protocol enhancement.  Further, I expect to hear it from the same dopes who state "Moore's Law" as the two word answer to any concern about Bitcoin scalability.



This sounds a lot like Windows 8. Get the user to log in using their Microsoft account and then like that account their credit card information. Then monitor everything they do online and also find out if they install certain application such as Bitcoin-QT or Tor. On a related note the following Windows specific attack on Tor is very interesting: http://www.infoworld.com/t/data-security/tor-browser-bundle-windows-users-susceptible-info-stealing-attack-224157
hero member
Activity: 714
Merit: 510
The following article shows the Big Brother potential of propriety software married with DRM and "Trusted" Computing. German Government Warns Key Entities Not To Use Windows 8 – Links The NSA. http://www.businessinsider.com/leaked-german-government-warns-key-entities-not-to-use-windows-8--links-the-nsa-2013-8 and also
http://www.testosteronepit.com/home/2013/8/21/leaked-german-government-warns-key-entities-not-to-use-windo.html#ixzz2cfIWGUt1

To quote the first article:
Quote
Now there is a new set of specifications out, creatively dubbed TPM 2.0. While TPM allowed users to opt in and out, TPM 2.0 is activated by default when the computer boots up. The user cannot turn it off. Microsoft decides what software can run on the computer, and the user cannot influence it in any way. Windows governs TPM 2.0. And what Microsoft does remotely is not visible to the user. In short, users of Windows 8 with TPM 2.0 surrender control over their machines the moment they turn it on for the first time.

It would be easy for Microsoft or chip manufacturers to pass the backdoor keys to the NSA and allow it to control those computers. NO, Microsoft would never do that, we protest. Alas, Microsoft, as we have learned from the constant flow of revelations, informs the US government of security holes in its products well before it issues fixes so that government agencies take advantage of the holes and get what they’re looking for.

Read more: http://www.testosteronepit.com/home/2013/8/21/leaked-german-government-warns-key-entities-not-to-use-windo.html#ixzz2cfJY6toM

This kind of centralized control by Microsoft and by extension certain governments can pose a very serious threat to the security and integrity of the Bitcoin network. Any thoughts on defensive strategies to counteract this threat?

The trusted platform module is good. Windows 8 maybe not.

Do not confuse the two. Trusted platform module is how private keys can be secured and is necessary for stuff like secure random number, key security, and so on. It's something we want. Windows 8 is not something you have to use and because it's closed source I recommend you use Linux instead.

TPM can be used with open source software and in my opinion should be.
legendary
Activity: 4760
Merit: 1283
There needs to be a clear distinction here between FUD and reality here and yes comments that like having to need a government ID to access the Internet (It is more like a Facebook account on many sites but that is another story) or that the mere presence of a TPM means that the some government agency now has access to your computer are simply FUD.
...

Why would someone FUD this?  They want to stop people from using the Internet?!?  It makes no sense.

If I were a control freak, here's is what I would do:

Noticing that everyone uses a modem of some sort, I would design an extension which provided an enhanced wrapper between the modem and the ISP.  A router if not built into the modem could have the same functionality, and it needs to participate in order to provide universal support for end-user devices since it knows the MAC address.

I would also have a selection of bio-metric devices which could bind to the router.  Fingerprint scanners, iris scanners for double amputees, etc.

I would have a little daemon which can be installed on any device which inter-acts with the router/modem.  From time to time a user of any device might get a pop-up to swipe their finger or whatever.  Especially if doing on-line banking and such.  Such a simple piece of code could easily be open-sourced for inclusion into OS's such as Linux for the relatively few geek types who would pitch a bitch.

In my generosity, I would provide all of this gear and technical support to users free of charge.  Most users would be delighted not to have to remember all those passwords, and help society root out terrorists, pedos, and associated boogeymen at the same time.  Win/win!

Such a solution could be rolled out in phases so as not to interfere with business interests or cause un-due alarm and a backlash.

Now I fully expect to hear about how that is impossible because of the extra overhead of the protocol enhancement.  Further, I expect to hear it from the same dopes who state "Moore's Law" as the two word answer to any concern about Bitcoin scalability.

full member
Activity: 126
Merit: 100
I (for one) don't plan to use Windows 8 because, well, I don't like it - but that aside, I'd NEVER store my bitcoin wallet on any Windows system.  It's trivial to setup an old crusty laptop or virtual machine with Ubuntu and Armory, then set that machine in the closet.  Then store a small amount of coin in an online wallet where you can have quick/easy access for day to day transactions.  I hope (and will plan to contribute to) that people write more articles and how tos covering this topic!

Now fast forward 5 or 10 years when we are not using the BETA version of the bitcoin wallets and bitcoins are worth $500 this will be a different discussion.  It's Moores Law in hyperdrive.  The bitcoin network is roughly 4 years old and it's eclipsed (in relative computing power) EVERY other super computer and distributed computing power project on the planet.  Imagine if all of that power were focused on attacking wallets directly!...  ugh...

Lastly - if you think that TPM is the only way to encrypt drives, your crazy!  Today there are plenty of options, not the least of which is truecrypt (a free, open solution that works VERY well on Windows).

OK, this is the last thing - this is going to really open the market for hardware based wallet devices.
legendary
Activity: 4760
Merit: 1283
They must be kidding. TPM is the key storage for BitLocker and similar applications to encrypt drive. It is kind of strange to keep bitcoin wallet and other valuable information on a laptop with non-encrypted drive.

One does not need to use the TPM key to encrypt a HDD, and generally speaking, if one has something on a persistent media worth encrypting at all, it kind of makes sense to do it right.  IIRC, even Microsoft deferred on this for at least one implementation of their disk encryption.  I'm not sure what disk encryption options exist for Windows since I don't use that OS for anything at all valuable, but I have to think that some of them exist.  Whether they are susceptible to side-channel attacks is a question worth exploring.  That goes for FOSS OS's also for that matter.

Anyway, a TPM has a lot of very interesting and useful features, and certain of them could be integrated into the design of a robust P2P framework.  There are a lot of chip-makers doing TPM work.  I hope that one of them will do an implementation which is verifiable open with mechanisms to facilitate high trust levels for certain operations.  Having a group such as the EFF oversee private key emplacement would be one example.

legendary
Activity: 2282
Merit: 1050
Monero Core Team
There needs to be a clear distinction here between FUD and reality here and yes comments that like having to need a government ID to access the Internet (It is more like a Facebook account on many sites but that is another story) or that the mere presence of a TPM means that the some government agency now has access to your computer are simply FUD.

A TPM by itself is not the issue. It is a place to securely store decryption keys and even if the state has a back door to the TPM there are many situations where the state is not the adversary or may not be able to obtain physical access to the computer for legal reasons for example. Furthermore in order to obtain remote access an OS with a back door is necessary the TPM by itself is not enough. Where the TPM can be very dangerous is that it can and is used to ensure that only an Operating System and / or software trusted by a third party who is not the owner of the device runs on the device. Now GNU / Linux supports the TPM and trusted as opposed to treacherous computing. The crucial difference here is that in the GNU / Linux scenario because of the presence of GPL v3 code in the OS the TPM can only be used to ensure that an OS and / or software trusted by the owner the device runs on the device and cannot be use to prevent the end user from running an OS or software that the owner of the device trusts. This is the crucial difference between trusted and treacherous computing and between using a TPM with GNU / Linux vs a TPM with Microsoft Windows.

The following article by Richard Stallman written over a decade ago in 2002 describes treacherous computing. http://www.gnu.org/philosophy/can-you-trust.html. At the time many dismissed it as FUD and the term Palladium was dropped by Microsoft yet almost a decade to the date Microsoft released Windows 8 RT and the surface tablet which does precisely what RMS was warning about a decade earlier. This follows Apple with IOS devices, almost all game consoles on the market, ebook readers such as the Kindle, and many smart phones and tablets including many Android devices that have to be "rooted' in order for the end user to take back control of the device they own and lock out the manufacturer and other not trusted 'big brothers".  The primary motivation for this lockdown of devices was and still is DRM and it comes down to the very simple realization that the only way to prevent the copying of digital information is to take a way control of computing devices from the end owners of the devices. The use by the state for surveillance, censorship or other big brother activities comes later once the centralized infrastructure has been put in place by big copyright in order to prevent of "piracy" of intellectual property. What we have seen over the last decade is the shift of a fair amount of computing activity away from an open device say a computer running Windows 98 SE to a locked down device say an iPad. This by itself is a very troubling development quite independent of Bitcoin.

The implication here for Bitcoin is clear. The entire security model of Bitcoin relies on a distributed network where no one person of entity can get control and only works with a computing model such as Microsoft Windows in the days of Windows 98 SE,  Windows 2000 or earlier or that of GNU / Linux then and today. What is crucial for the security of the Bitcoin network is that the owner of a computing device has complete control over that computing device and no centralized "authority" can take this control away. So where does this place Microsoft Windows as a platform for Bitcoin. What we have seen in an evolution of gradual small steps starting with the the very open Windows 3.xx  of the early 1990's (lets say 20 C in the boiling frog scenario) to the complete lockdown of Windows 8 RT (100 C in the boiling frog scenario).  Where does one draw the line to not trust Microsoft Windows? I drew the line back in 2006 with the move to Windows Vista, others may choose a different point in this gradual evolution towards big brother. The German articles drew the line at Windows 8.

One simple rule of thumb to keep in mind is here that if a device and / or operating system is trusted by the MPAA and other big copyright players for consumption of the their DRM protected content it should be trusted for use with Bitcoin. Trust after all is a two way street.  
hero member
Activity: 727
Merit: 500
Minimum Effort/Maximum effect

Unfortunately I fear that an 'active, intelligent, informed, educated, highly interconnected community' is not very likely in the volumes needed to be effective and defensible.  If it does develop, and I think it is a goal worth working towards, then they will be called by a different name.  Probably something like 'techno-terrorists' or whatever the scariest name that the marketing folks can come up with happens to be.  I do hope I am wrong about this.  Such a thing might develop, but probably only as a backlash resulting from a protracted episode of blatant abuse under a tyrannical totalitarian form of government.



Not if it is done right, we are a network of humans interacting with computers to access the internet. The core group of any community will have common goals with other societies that will interpret the information in a different way and develop it differently, but they will advance the concept forward. This simply has to be accelerated by attracting the direct attention of the groups that will propagate the ideas most easily.

It is simply logical that all things interact, it's just a matter of putting the dots together where they meet.
legendary
Activity: 3430
Merit: 3080
Seriously, I project that in a matter of time, and possibly not that much time, one will need to positively identify themselves before accessing the global internet at all.  Possibly via a mass produced bio-metric sensing device.  

Don't get me wrong, I'm as suspicious of Microsoft gaining any extra control as the next person, but that's impractical without all encompassing surveillance in ANY and ALL places that an internet access device is used. Scenario: someone in the middle of nowhere logs into their internet access with their biometrics, then a hostile actor commandeers their device and uses it to commit a criminal act. It could be leveraged as an excellent form of protest actually, doing something incredibly minor, then saying "prove it". Linux user here incidentally, Microsoft went out the window (no pun) a while ago for me.
legendary
Activity: 4760
Merit: 1283
...
The idea that you have to remotely attest to get onto the internet was a doomsday scenario back then that never came true and we've had over a decade to get there. Remote attestation doesn't even work on most computers.
...

I sure am glad to hear that predictions made about the internet expire if they go 10 years without realization.  I'll surely sleep much better at night now that I know that.

full member
Activity: 177
Merit: 101
They must be kidding. TPM is the key storage for BitLocker and similar applications to encrypt drive. It is kind of strange to keep bitcoin wallet and other valuable information on a laptop with non-encrypted drive.
legendary
Activity: 4760
Merit: 1283
Yup they have had this stuff for years, peripherals like printers have back doors programmed into them by law.

But the movement is already beginning with the opensource/openhardware movement. We'll be securing our own chip designs pretty soon. and fortunately the smartest members of the population which this community is composed of probably know how to protect themselves if cautioned about this.

an active, intelligent, informed, educated, highly interconnected community can counter any threat as long as it is identified.

I figure we better continue with the FPGA chips, build custom rigs secure from outside interference with custom opensource operating systems and the foundries can churn out backdoor free chips, couple that with advances in secure meshnetworks and we are homefree.

If it is in our collective best interest, we will solve it sooner or later, every thing is discovered sooner or later; we can learn from History and adapt to new conditions as long as we clearly communicate our ideas to each other sharing what we know to be true.

+1

Let me make another bold 'tinfoil hat' prediction here.  I bet that we will find that TEMPEST and related side-channel attacks are more possible and more widely used than currently recognized.  Also that in some cases certain chips are even more noisy then they actually need to be and that intelligence agencies possess 'descriptions' of the emanation which make them more useful.

Unfortunately I fear that an 'active, intelligent, informed, educated, highly interconnected community' is not very likely in the volumes needed to be effective and defensible.  If it does develop, and I think it is a goal worth working towards, then they will be called by a different name.  Probably something like 'techno-terrorists' or whatever the scariest name that the marketing folks can come up with happens to be.  I do hope I am wrong about this.  Such a thing might develop, but probably only as a backlash resulting from a protracted episode of blatant abuse under a tyrannical totalitarian form of government.

Pages:
Jump to: