TCPA/TPM in MacOS X/Intel Dev 'kernel'... relax.
Over at Slashdot there's currently an incredibly ill informed flamefest going on over the discovery that the Developer release of MacOS X on Intel contains code that checks for a proper Palladium key in the motherboard before running certain bits.
Here's why this isn't that big a deal, despite the current screaming:
1) This is a Developer Release. It's not a shipping product. Developers don't even buy these boxes, they lease them and have to send them back afterwards. This is a stopgap system so devs have something to work on, not anything that might be considered a shipping product.
2) This isn't what MS was threatening to do: MS wanted to use TPM to make sure that only Windows would run on machines sold by Dell, HP, etc. This is the opposite. This ensures that MacOS X/Intel (Dev) will only run on the Developer boxes from Apple. You can actually run Windows and Linux on these boxes also. (Although, again, these aren't shipping boxes.)
3) Apple has already said that the new Intel Macs won't be BIOS based. Possibly the new standard being proposed (EFI), but not BIOS. The Dev kits are BIOS based. ie, these aren't the motherboards you're looking for. Expect to see a mobo that is different enough from most other machines out there that, I suspect, OS X simply won't run on other motherboards. They'll target it for *this* architecture and that's it. (Darwin will still run on other mobos, but not anything upper-level.)
All the above tell me that when the Intel Macs hit, they won't be much like the millions of Wintel boxes out there.
Assume for a minute that they will be though, and that the TPM driver is indeed going to be in the final shipping version:
1) How else did you expect them to make sure that MacOS X only runs on Apple hardware? This assumes that the shipping Intel Macs are close enough to other Intel boxes to make a copy-and-install workable. We don't know yet. I suspect they'll simply make a different enough box that it won't be in any way easy, and this will be moot.
2) The portions of the OS that are restricted are confined to Rosetta. Rosetta is a technology licensed from another company, Transitive (thanks kks!) that translates PPC code to Intel code on the fly. This allows you to run old PPC Mac applications on an Intel Mac. The point: *Apple does not own this technology*, they just license it. Transitive may not have wanted their technology distributed far and wide across the net any more than Apple does OS X. This may have been a requirement of the owner of the technology during the Dev kit program. Afterwards, having it running on Apple hardware that may be quite different may be all that's needed to keep OS X (and therefore Rosetta) off of any old random script kiddie's box. I'd be disappointed if this were the case, after Apple getting raked over the coals for *years* over the supposed 'closed nature' of QuickTime... when all it was was one codec licensed from Sorenson that was not theirs to distribute.
3) I hate to point out to the OSS crowd screaming the loudest about this, but... Linux also has a driver to support this, and has for quite a while. Pointing at the driver as 'proof' that Apple is going to do evil things in the future doesn't hold much water now, does it?
I'm as much against DRM as anyone else, but I think it's way too early to start jumping up and down and screaming that this is Evil(tm). Dev Kit != shipping product for sale.
Here's why this isn't that big a deal, despite the current screaming:
1) This is a Developer Release. It's not a shipping product. Developers don't even buy these boxes, they lease them and have to send them back afterwards. This is a stopgap system so devs have something to work on, not anything that might be considered a shipping product.
2) This isn't what MS was threatening to do: MS wanted to use TPM to make sure that only Windows would run on machines sold by Dell, HP, etc. This is the opposite. This ensures that MacOS X/Intel (Dev) will only run on the Developer boxes from Apple. You can actually run Windows and Linux on these boxes also. (Although, again, these aren't shipping boxes.)
3) Apple has already said that the new Intel Macs won't be BIOS based. Possibly the new standard being proposed (EFI), but not BIOS. The Dev kits are BIOS based. ie, these aren't the motherboards you're looking for. Expect to see a mobo that is different enough from most other machines out there that, I suspect, OS X simply won't run on other motherboards. They'll target it for *this* architecture and that's it. (Darwin will still run on other mobos, but not anything upper-level.)
All the above tell me that when the Intel Macs hit, they won't be much like the millions of Wintel boxes out there.
Assume for a minute that they will be though, and that the TPM driver is indeed going to be in the final shipping version:
1) How else did you expect them to make sure that MacOS X only runs on Apple hardware? This assumes that the shipping Intel Macs are close enough to other Intel boxes to make a copy-and-install workable. We don't know yet. I suspect they'll simply make a different enough box that it won't be in any way easy, and this will be moot.
2) The portions of the OS that are restricted are confined to Rosetta. Rosetta is a technology licensed from another company, Transitive (thanks kks!) that translates PPC code to Intel code on the fly. This allows you to run old PPC Mac applications on an Intel Mac. The point: *Apple does not own this technology*, they just license it. Transitive may not have wanted their technology distributed far and wide across the net any more than Apple does OS X. This may have been a requirement of the owner of the technology during the Dev kit program. Afterwards, having it running on Apple hardware that may be quite different may be all that's needed to keep OS X (and therefore Rosetta) off of any old random script kiddie's box. I'd be disappointed if this were the case, after Apple getting raked over the coals for *years* over the supposed 'closed nature' of QuickTime... when all it was was one codec licensed from Sorenson that was not theirs to distribute.
3) I hate to point out to the OSS crowd screaming the loudest about this, but... Linux also has a driver to support this, and has for quite a while. Pointing at the driver as 'proof' that Apple is going to do evil things in the future doesn't hold much water now, does it?
I'm as much against DRM as anyone else, but I think it's way too early to start jumping up and down and screaming that this is Evil(tm). Dev Kit != shipping product for sale.
Comments
Originally posted by kim kap sol
Transitive.
Danke. Edited.
But we don't know Apple's plan here, so I agree that it's a waste of time to speculate about the TPM.
I will be incredibly disappointed if Apple goes the TPM road just to stop users from pirating their OS. It is like using nukes to get rid of some annoying fly.
Platform loyality is one thing, but closing my eyes and pretending TPM from Apple is any better than from MS is just not my cup of tea. As much as I hate Windows and Linux, I might go that road - after all, with Linux, *I* can install or remove the TPM drivers.
Originally posted by PBG4 Dude
Someone on a different forum said they do Apple development & testing and Apple will use some sort of protection to keep Windows from running on thier production model Intel boxen. Can anyone confirm this?
Since Apple several times have stated that they won't do anything to prevent someone from running Windows on the coming Intel Macs, I think he's wrong about that.
The will try to prevent the opposite - running Mac OS X on non-Apple Intel boxes.
Originally posted by JLL
Since Apple several times have stated that they won't do anything to prevent someone from running Windows on the coming Intel Macs, I think he's wrong about that.
The will try to prevent the opposite - running Mac OS X on non-Apple Intel boxes.
I understand the OS X won't run on non-Apple computers, but this guy says as a dev they were told by Apple that Windows would be actively prevented from running on Apple computers. I brought up the Phil Schiller quote from the day of the Intel announcement but he seemed to think that wasn't the case anymore. This is why I was hoping for some updated information.
Apple will ditch many of the current standard mobo bits from Wintel boxen, such as BIOS. Just like the move to USB, they're going to forge ahead a bit. This will result in Windows not running because MS won't have written the correct drivers for it.
This doesn't mean Apple is *preventing* Windows from running, just that they're not *supporting* Windows. It will be up to MS to ensure that Windows runs. Apple will just ignore Windows altogether. If MS wants to get/keep Windows running on Macs, that's their business.
There's a huge gap between not supporting someone else's product because it's not capable, and *preventing* that other product from working, even though it is.
Further prognostication: Apple will use replacement technologies that are coming to the fore, such as EFI. MS will have to support these very soon. Macs may end up being the first commercial EFI machines that run Windows.
Or how about having to reboot twice after adding RAM? The first boot you get some 'memory mismatch detected' warning. At this point BIOS is updated, but you still have to reboot to use the computer. Talk about user unfriendly. BIOS is the antithesis of Mac.
This is not the Apple we once knew (if there ever was such a thing - maybe it was just our own fantasy). This is an Apple which has been completely subsumed by the Dark Side. Why, the two-button mouse is even more proof of it.
If you want to wear rose-colored glasses and believe things that are completely at odds with known facts, go ahead. But at least recognize that you are doing so, and flag your posts "Personal unfounded speculation".
I hope they dump BIOS. BIOS is teh suckatash. "OK, I put in a new hard drive, now I have to go into BIOS and tell it to detect it." Why can't it just frickin detect it and move on? Sure, we don't have to input track/sector info anymore (thank god) but still, if the BIOS can autodetect a new drive has been installed and can autodetect the drive information then why does the user have to boot into BIOS to tell it to run the detection routine???
Or how about having to reboot twice after adding RAM? The first boot you get some 'memory mismatch detected' warning. At this point BIOS is updated, but you still have to reboot to use the computer. Talk about user unfriendly. BIOS is the antithesis of Mac.
You should upgrade your 486 machine, dude!
On the PCs in the past 4 years, you never have touch the BIOS unless you're doing something funky such as custom tuning memory timings.
Even then, most of the mobo companies now have in-Windows BIOS tuning programs.
Get out of the old and get into the cold!
Originally posted by skatman
You should upgrade your 486 machine, dude!
On the PCs in the past 4 years, you never have touch the BIOS unless you're doing something funky such as custom tuning memory timings.
Even then, most of the mobo companies now have in-Windows BIOS tuning programs.
Get out of the old and get into the cold!
Actually my last PC was an ABit BP6-based dual Celeron beast I homebuilt in '99. That thing got retired when I got my 20" iMac G5 last September. Thankfully I no longer have to even think about BIOS and all the other wonderful trappings of Windows PCs.
Originally posted by cubist
You guys are dreamers! Even tho the development Mac is a standard mobo and uses DRM, you guys speculate, completely without any foundation, with no evidence whatsoever, that the production Intel Macs will be different.
Wrong. Apple has stated:
1) No BIOS.
2) Windows will not be supported, but they won't prevent it from running.
From 1, we can assume that the mobo *will* be quite different than anything out there. Point me to a current Intel machine with a non-BIOS mobo. EFI is the current contender for a replacement, and it would only make sense to use it, if Apple uses anything they didn't come up with. Windows does not, AFAIK, support any non-BIOS mobos. Therefore, it will not run on Apple machines, as it currently stands. Maybe Longh..Vista will change that, dunno, but for right now, 2 fits with the facts.
As for the dev boards... if they have it running on a current mobo, why not just ship the bloody thing? Because *that's not the mobo they want to ship*. Seems rather obvious. Why are the developers being required to *lease* the kits? Because *Apple retains ownership*. No legal resale possible. Why? Because *that's not what it's going to end up as*. Again, in the realm of obvious.
They'd ship a replacement if they wanted to, obviously the technology works... so the dev kits aren't what they have in mind. Pretty forehead-slappingly obvious IMO. Add to that a stated lack of BIOS, and voila: new mobo. If the new mobo is sufficiently different that it's not even close to the hordes of Intel boxes out there, then MacOS X, top to bottom, won't be targeted at the scads of Intel boxes in the market. They *could*, but my guess is that they *won't*. Why? Bad user experience, plain and simple. They'll wait for the Wintel market to catch up on mobo design (which makes me think EFI), and then produce an OS product that can run on them. Maybe. Years from now.
And what does that sufficiently-different mobo mean? DRM isn't necessary. Voila.
I still assert that Transitive is probably the originator of the DRM, since they have a *HUGE* interest in making sure that their tech doesn't get handed out to every slobbering pimply faced geek who thinks that they should get all the cool toys for free. Once MacOS X ships, on new Intel mobos, it may be moot, but for *now*, the dev kits essentially are vanilla Intel boxes, and Transitive has a good right to be nervous. Rosetta is the *ONLY* place the DRM exists... you'd think that if Apple really wanted to lock it down, it's be ubiquitous. It's not, it's precisely targeted at a technology they don't own, and have only licensed.
In any case, *NOBODY KNOWS* until the final products ship, plain and simple. Screaming that the sky is falling is just ludicrous. It's something to keep an eye on, and make sure that Apple knows what we think of it, but the key point here is to *THINK* first.
Originally posted by Kickaha
Macs may end up being the first commercial EFI machines that run Windows.
No, Gateway beat them to it nearly 2 years ago with the Gateway 610 Media Center desktop. Cnet linky
Originally posted by Kickaha
We won't know for sure until the new Macs ship. Here's my guess:
Apple will ditch many of the current standard mobo bits from Wintel boxen, such as BIOS. Just like the move to USB, they're going to forge ahead a bit. This will result in Windows not running because MS won't have written the correct drivers for it.
This doesn't mean Apple is *preventing* Windows from running, just that they're not *supporting* Windows. It will be up to MS to ensure that Windows runs. Apple will just ignore Windows altogether. If MS wants to get/keep Windows running on Macs, that's their business.
There's a huge gap between not supporting someone else's product because it's not capable, and *preventing* that other product from working, even though it is.
<snip>
I like your guess, Kickaha. As for the gap you mention, what if it looks something like this:
Apple goes custom with their hardware, as you predict, and ships a box only capable of booting into OS X. Apple then provides an OS X app which taps Intels' Vanderpool to expose an "x86 PC environment" which, I imagine, would support Windoze.
Would this be in line with official company statements? It runs OS X. It runs Windows. But it only runs Windows if it's already running OS X.
It's a Mac!
Originally posted by FotNS
No, Gateway beat them to it nearly 2 years ago with the Gateway 610 Media Center desktop. Cnet linky
Glad I put that 'may' in there.
So, what other manufacturers have followed suit? I'm curious what the ratio of BIOS/EFI/other is.
http://www.ofb.biz/modules.php?name=...rder=0&thold=0
Originally posted by Gene Clean
Maybe it's not even true?
http://www.ofb.biz/modules.php?name=...rder=0&thold=0
Uhm, this is most certainly wrong. If you care to find out more, visit this site if you are capable of understanding German.
If not, try googling for oah750d - the rosetta G3 emulator which is protected by TPM or AppleTPMACPI.kext - the TPM kernel extension. I'd rather not be more specific because otherwise I might get a slap by the mods.
In addition to ATSServer, iTunes.app (and iTunes Helper) are also PPC-only and thus forced to run under Rosetta.
That would mean that some boards might have the Infineon chip, and others wouldn't.
Just a thought.
You'd be shocked at the equipment that gets sent out as dev kits, prototypes, and technology assessment programs. When I was in industry, we'd send custom boxes (with custom boards and custom ROMs) to customers around the world to see how they liked the changes. The boxes were then sent back to us, and feedback went into the next product round. Some of those boxes were literally held together with twist wire, and no two were exactly alike. I don't see how these dev kits are really any different.