Hacker News new | comments | show | ask | jobs | submit login

This leads to a German article. Sorry I did not find any English article on this topic yet. So here the short summary (actually my translations of selected passages):

[German] government experts warn, Windows 8 is an unacceptable security risk for governmental offices and companies. The so-called Trusted Computing might be a backdoor for NSA.


According to their [expert's] opinion the operating system contains a backdoor which cannot be closed. This backdoor is called Trusted Computing and might have the consequence that Microsoft could control every computer remotely. And therefore NSA could do it as well.


Three points are decisive: First the [new] TPM, in contrary to the existing standard, is active from the time when you switch on the computer. As soon as you start the computer you cannot decide anymore if you want Trusted-Computing (Opt-in). Secondly it is not possible to deactivate in future the TPM (Opt-out). Third the OS takes over the control over the TPM, in the case of Windows OS it means that the computer is controlled by Microsoft.


In the light of the current situation on spying, I have to say that I am happy that it goes in this direction.

If what Snowden showed us is true, the same thing for the (recent) versions of MacOsX. I'd say things are looking up for Linux on the desktop.

Can you elaborate on the OS X issue (I think I've missed that disclosure)? Everything I can find, which admittedly is not anything authoritative (nothing from Apple directly), says that Apple hasn't shipped TPMs for a few years now.

I have no knowledge about OS X and TPMs specifically, but I do know some people have concerns about what OS X stores in the SMC: http://www.nosuchcon.org/talks/D1_02_Alex_Ninjas_and_Harry_P...

I'm not remotely qualified to comment on the contents of that talk, but it's a very concerning read–they claim that the SMC stores your FileVault key (though they don't seem to prove this?) and that the SMC has a backdoor. I'm all ears if anyone else has any additional info/knowledge about this...

Sorry, I should have provided more details. I ment to say Prism program also taps in to user data of Apple. PRISM showed us the NSA has direct access to Apple servers. The Guardian: http://www.theguardian.com/world/2013/jun/06/us-tech-giants-...

Ah, I see. (I thought you were talking about something found in OS X, not Apple's PRISM involvement.) I'm not sure if I personally consider this a reason not to use OS X, but it is definitely a reason to not use iCloud.

Same for me too, I don't use iCloud or iOS, I don't even have an AppleID. But my MBA/OSX a very nice unix client.

Same for me. I don't use iCloud, but I still use OSX

Being unable to read German I can't comment fully on the original article, but based on this summary this warning seems pretty silly.

The operating system kernel always has full control over the system, how are they suggesting the TPM adds control here? The TPM is a small chip that handles certain crypto operations more securely (especially key management), how does this provide any additional backdoor scenarios?

If Microsoft wanted a backdoor it could easily be added to the OS without a TPM.

>If Microsoft wanted a backdoor it could easily be added to the OS without a TPM.

Without a TPM, it is possible to detect and remove (or more likely mitigate) a backdoor. With the TPM, even if you know about a backdoor and have a patch you can not apply it without Microsofts blessing. At least, thats my understanding.

If I remember my German correctly the articles argues around many different points.

One is spying (NSA), another is restrictions on what to install (Microsoft) and some parts discuss the threat from China, manufactures of the TPM chips.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact