By which Torrentfreak means "a video decoding IP block that is aware of TrustZone, which is fundamental security functionality for the whole ARM platform".
Actually, no, that's not what Torrentfreak means, because Torrentfreak has no idea what the hell any of those terms mean.
As tptacek points out, there's not much of a story here, this is just platform security. It does puzzle me why there is so much marketing and fuss around it though, as if a common source of leaks was "mobile video". As if somehow everyone in the world would turn into a source because they have Netflix on a Samsung phone. It's bizarre.
An effective anti-piracy system is a watermark detection routine embedded into the video decoder, so that you can't use hardware acceleration if the device detects the video isn't licensed.
Ain't it great how "trusted computing" is never about trusting you? And how the applications of trusted computing are never about, say, preventing your medical records from being spread around to people you don't know about?
But it can be about you trusting your device. And the applications of trusted computing are absolutely about preventing medical records from being compromised, but that's not a sexy headline in the same way that DRM is.
It is interesting to consider how content protection and platform security can be two sides of the same coin; how systems that keep code you write from snatching video frames from The Avengers can (often are) the same as the ones that keep malicious code on your device from stealing your credit card.
Except that when you allow a third party to put code in a trusted element, it's Big Brother Inside. It's like installing someone else's security camera in your house. Odious.
Is there some reason to think that a rootkit could not use this technology? Do you have details about this system (which, to my knowledge, are proprietary) that leads you to be believe it is something other than a way to reduce user control of their own devices (which could be a good thing for a rootkit)?
I have not been able to find anything other than marketing material; maybe I am just looking in the wrong places. Can you provide a link to some technical details?
Absolutely. And I completely get the fear of losing control of one's own device, but given the downvotes I've had today on this topic - an open question:
What's the preferred approach amongst this audience to defend against malware on their platforms?
For the record, I've already achieved this. It is not difficult.
1. Reduce the attack surface, i.e. total LOC. My base system is super small. More complex things can be run on top of it (e.g. via chroot), but the system I boot into is only about 16MB. With some effort, it could be shrunk to about 1/4 of that size.
2. Use only open source software; and refine your methods for searching through code for suspicious things. There's no shortage of open source solutions and folks right here on HN (e.g. Russ Cox) have been kind enough to share some decent methods for efficiently searching through code.
3. Boot from read-only external media, use a memory disk for the root filesystem and use tmpfs for all writable directories/partitions. This way boot times are fast and consistent, more so than with harddisk drives. And with the rootfs in memory, you can remove the external media after booting, freeing up the USB or SD card port for other things. It's very easy to replicate (clone, image, whatever you choose to call it) this system and transfer it to more external media. It takes only a short time to compile from scratch, even on underpowered computers. There is no "software installation". You insert the media and boot. That's it. You get the same pristine system every time you boot.
To anyone who injects doubt and insinuates that such an approach to evading malware as betterunix suggests is infeasible or unachievable: I'm happy to prove you wrong.
This system of yours sounds very interesting. Did you strip down an existing GNU/Linux distro, or build a base system from scratch? A pointer to an ISO image and/or repo with build scripts would be great.
They are just design principles; I did not claim to have a well-planned design ready to go to market. Some operating systems make it harder to hide software than others; GNU/Linux makes hiding software more difficult than Windows or Mac OS X. Some computers are easier to reimage than others (e.g. special key sequences during the boot process will cause a "factory reset").
In the case where you have no control over the decoder while using the system. Is it clearer now? If you have control - then it's a non issue. Same as TPM can be used for something useful, but can be used for reducing user's control.
If you have control (and can disable applying this to video decoding), what is the point for the DRM lobby to push for this thing? Their usual idea is to take control away.
This is a video decoder IP block that is simply compatible with the security architecture of the rest of the system. The only reason you think "the DRM lobby" is pushing for it is because Torrentfreak wrote that. Torrentfreak is a laughable source of technical content.
"Yes: the Intel TPM / Secure Boot system's design goal is to stop rootkits"
Why would you need any cryptography to do this? I have a computer that uses a much simpler, equally effective, and easier-to-use approach: the boot sector cannot be overwritten unless the system is rebooted in a special mode (and the OS cannot be booted in that mode). At least for personal computing, that is far better than a system that forces people to rely on a trusted third party to decide what software they can run.
The post above referred to patient control over medical records using trusted elements.
Is there a real-world case where any bureaucracy has yielded control of individuals' documents to those individuals through the use of trusted computing? Anywhere? In any subject matter? Is there any case where I can submit a documents and then be assured that i can revoke access? Anyone? Bueller?
Yes, there is, since "trusted computing" mostly refers to the idea of locking your running OS down so that attackers can't persist code that alters it. Which makes your clumsy "Bueller" thing all the funnier: it's like you literally can't imagine that hardware should be any more secure than an 80386.
What exactly do you think this piece of technology does? I'm having trouble articulating how optional it is. I think you might think this is something that infects your operating system and watches your keystrokes.
Actually, no, that's not what Torrentfreak means, because Torrentfreak has no idea what the hell any of those terms mean.