I'd say you are in a very tiny niche for the SIM and stylus alone. Which vendors/brands does this leave you with?
Personally I previously searched for:
1. Super fast CPU (got the Ryzen)
2. With enough RAM (32GB, unofficially)
3. At a cheap non-Apple price ("gaming" laptop)
4. That looks somewhat professional (Lenovo won against the ASUS which screamed teenager)
5. That runs Linux well enough.
Your reply does not follow based on the original comment. An app that generated millions to Apple made multiple millions in revenue from users that found it useful.
There is nothing Apple needs to do to 'protect' you: people are buying the app, it's probably doing something well.
"Useful" is a huge stretch. I tried the game "egg, inc" this weekend and one of the mechanics forces you to view adds for other apps, and it's all addiction mechanics with an indecent 'skin' on them.
For example, there is one bejeweled-like game where there is a king who is being tortured, and you must make matches at speed or the spikes are driven into him, or he is forced to pee himself. There is another 'match two' like game where your reward is to take a female character and shave her head so she acts ashamed, and then dress her in streetwalker clothing.
So your argument is that Apple's review process is useless?
Ultimately, Apple (and Google) have incentivized developers to make terrible games full of ads. Perhaps that is a larger problem that requires a broader, more systemic solution.
It seems to me like the author focuses on the Taliban's seizure of such data as a way of bringing absolutely everyone onto the page of "data can be misused", maybe aimed at the field that was cautiously optimistic about the transition to more data in the hands of the farmers.
You are dismissing exactly the strategic move that's within reach.
Windows basically does not exist for home users except a few Western countries, and even there it's just due to inertia.
I've had great success with Ubuntu for non-technical users. For games you get a game console or play something in the browser. For everything else Ubuntu will do just fine.
Same with macOS... Regular folk have no reason to buy macOS. It's pure class signaling at this point.
Of course, there are business tools on each of these OSes, but if you make money with Adobe tools might as well buy the Pro OS.
Windows is particularly prevalent in developing countries actually, outside of tech circles which gravitate more towards MacOS (if it can be afforded) or Linux.
Well, smartphones must be updated to include better spyware.
And newer computers are also better locked down to allow better surveillance.
So, the older ones can't break down fast enough!
You don't want a repairable computer so creeps install, like, a Linux distro. You want disposable TPM machines with Windows 11 Home Edition and unstoppable "telemetry".
To be fair, TPM's are really cool from a hardware perspective. They're HSM's which can fundamentally change what threat models on your OS look like.
Unfortunately, the purpose here will be to use the fact that most users use a non-free OS to turn these TPMs against the user in order to make DRM harder to break.
> Unfortunately, the purpose here will be to use the fact that most users use a non-free OS to turn these TPMs against the user in order to make DRM harder to break.
Stallman[1] and others[2] have talked about just this issue for over a decade now.
Stallman has quite a particular view on security, e.g. [1]. I think it is important to understand where he’s coming from.
I think the last 30 years have shown that, in some sense, even competent computer users can’t really be trusted to keep their systems secure. I’m not saying that the only solution is to have a totally locked down system, but I’m also not saying that having an HSM is a bad thing.
I understand that the M1 Macs get improved security from the more iPhone-like architecture but that the system is still somewhat hackable (eg there is a possibility of running Linux). So it would appear that one can have one’s cake and eat it. I think hardware security modules are mostly orthogonal to having a hackable system and companies like apple must be persuaded somehow to leave systems openable through other means.
Really though, if we're talking about "completely secure" computers, or even something approaching that, no one can be trusted to keep any system secure. So why not at least let users have some freedom while taking care of the most obvious exploit routes?
I see the value in using a TPM to protect a disk encryption key; but also the downside of it being harder for me to recover data when the TPM fails before the disk (or if the motherboard fails and the TPM is tamper resistant and doesn't want to be moved to another board, etc). For me, data recovery is more important.
Boot time security sounds kind of useful, but I don't have time or desire to audit and sign everything I run, and Microsoft doesn't either; they have historically signed all sorts of garbage that undermines the system security, and I expect that will continue.
I think this is why you don't store the encryption key of the disk directly in the TPM but a "key to unlock the key" - that way you can enter a recovery code or something to access if the TPM or something in the boot path fails. I don't know how the encryption mechanics work in detail but it has to work like that somehow for Bitlocker recovery to function. I know under Linux LUKS you can have up to 8 keys and each will allow access to the disk.
Trusted Platform Module, or TPM, is a unique hardware-based security solution that installs a cryptographic chip on the computer's motherboard, also known as a cryptoprocessor.
This chip protects sensitive data and wards off hacking attempts generated through a computer's hardware. Each TPM holds computer-generated keys for encryption, and most PC's nowadays come with TPM chips pre-soldered onto the motherboards.
I've been using laptops with TPM for a decade now. Never enabled the damn thing because if it failed, I'd be completely locked out of my computer. I'm not a CIA agent, I'm not a threat to any state, I don't even work for some big corp, why do I need that level of security?
TPM does not necessarily lock you out in case of problems. It depends on the software. In Purism laptops, it just warns you if something unexpectedly changes. (see the link in my other comment)
I don't trust storing keys in the hardware. The hardware can fail and you loose everything, or the hardware can have backdoor. It's not difficult to make and memorize a strong password in the end to use it for disk encryption.
I feel like there's a large subset of people who don't understand what TPM does, so just assume the worst and hand wave about how it [somehow] causes [random bad thing].
Stallman[1] and others[2] wrote about TPMs nearly 15 years ago, and the former revisited the topic in 2015.
Trusted Platform Modules can be used enforce app DRM, ensuring that only "approved" apps are able to run on a system.
That's already the reality for iPhones and iPads. We see desktops converging on this reality with systems like Apple's M1 which won't run unsigned binaries at all, and makes it difficult to nearly impossible to run apps that weren't first approved by Apple through their notarization process.
Thanks for the link, I wasn't aware of Purism's work in this space.
Is an open and flashable TPM something rights holders would be comfortable with? Or would they treat it like SafetyNet treats an Android phone with an unlocked bootloader?
The main point (and only differential) of a TPM is protecting secrets against the person with physical possession of the device.
About every time something like this is placed on a consumers product, it is to exploit the consumer some way, so, no it's just bad.
There is the very rare exception of it being a product intended for the owner to lend it to other people, and the very common exception of it being disabled by default, but being cheaper to include on every product than just the business ones. But well, Windows 11 Home edition computers are neither of those.
A TPM is a chip on some motherboards that serves two purposes:
1. Using something not too dissimilar from blockchain/git repo hashes to attest to the the execution stack (BIOS, bootloader, kernel, userspace).
2. Providing cryptographic primitives that are only unlocked when the stack exactly matches a particular value.
It's a handy tool for avoiding spyware, as any change in the attestation chain gets immediately flagged. It is also, in principle, useful for tying DRM keys to a particular execution stack that's known to be trusted... although it's very worth noting that the TPM's threat model does not include an attacker having physical access to the hardware.
Right, for configurations where the tpm automatically releases keys, they can be sniffed. It can be configured to only release it's secret once a correct password is given. It also rate limits I believe.
It's been a while since I looked at the technology, but the basic premise is very simple. The TPM basically keeps around a stack of hashes. The BIOS pushes a hash of the bootloader onto the stack. The bootloader pushes a hash of the kernel onto the stack. Then there's a handful of ring 0 cpu instructions for pushing and popping all but the bottom-most entries of the stack that allow the kernel to do whatever it wants, including pushing hashes of application code, hashes of passwords (as in your example), or opening up a similar ability to push/pop upper levels of the stack to the application.
The only check the TPM does when deciding whether to allow the key in one of its registers to be used is whether the stack is in a particular configuration. The TPM doesn't (and in fact can't) directly require passwords (since it has no direct line of communication to the user). However, the BIOS, bootloader, kernel, etc... can all be configured to mix user-provided information like a password into the hash they push into the TPM.
TPM keys are protected by policies. A policy can be based on the system state (hashes), a password, or both. There are also complex policies using the Extended Authorization feature. If you don't care about platform state or configuration, then you can just set a key policy with just a password. The TPM will lock you out if you make too many incorrect guesses.
With a physical bus reset attack you can also set PCR values without any authentication, which essentially breaks attestation. Also only some TPMs have anti tamper features and security certification (best ignore the ones that don't).
TPM used for secure boot, (hypothetically) used to block installing non-windows OS, means the owner is forced to using an OS that has telemetry.
That is the argument I suppose OP was making. The secure boot locking is hypothetical, but it is often feared. I get why, because it seems like something Microsoft would love to do.
I figured the TPM was part of secure-boot validation. But given some extra thought, it is clear that verifying a signature does not require any secrets.
A TPM is just a bit of memory that is "hacker proof" so you can store a private key with a guarantee that it can't leak out. You can then sign, encrypt, or decrypt using the key.
They were controversial because it was originally thought they would be used to lock parts of your computer away from you, being used to do DRM and the like. At the end of the day the chips were hard to use, slow, and flaky enough that it didn't really pan out. A lot of the braindamage came from a secondary feature where you could theoretically create "secure enclaves" where the entire execution chain down to the bare metal was signed to prevent viruses and rootkits from executing. In theory this is neat, but in practice it's basically impossible on PC hardware and caused a lot of problems. This functionality is the reason BitLocker had the reputation for randomly locking you out of your machine, even though it doesn't use the feature directly. The configuration registers were maybe a mistake.
I know it's super easy for anyone to Google, but I feel like at least one reader will find this useful since I didn't see it mentioned anywhere in the discussion thread: TPM stands for Trusted Platform Module.
("TPM is an international standard for a secure cryptoprocessor, a dedicated microcontroller designed to secure hardware through integrated cryptographic keys." - https://en.wikipedia.org/wiki/Trusted_Platform_Module)
A TPM is much more than "just a bit of memory". It is a cryptographic coprocessor, with its own microcode and its own security domain.
And I don't think a fully-secured future for PC's is as impossible as you think. The primary reason this is impossible right now is because TPM's aren't ubiquitous (none of my machines came with one installed). That problem will be solved by Windows 11.
Secured for the benefit of Microsoft or DRM providers, not necessarily for the benefit of the end user.
Unless they're willing to allow the end user to override the wishes of the vendor (and without any diminished functionality), TPM is just another way to turn computers into appliances.
The fundamental problem with the secure enclave on PC is that to make it work you have to basically lock out all of the untrusted hardware on the box, which is pretty much all of it. So while you are doing your secure computation nobody is servicing the PCIe bus. The graphics card drivers aren't getting any CPU cycles. Ring buffers on your network cards aren't emptied. From the perspective of everything else on the machine the whole thing just crashed.
If your computation is quick you might be able to get away with this sometimes, but the potential for problems is almost unlimited. The fact that the TPM itself is pretty slow throws another monkeywrench into the plan.
In order for it to work the whole system needs to be designed from the bottom up to support it, which means you need to touch every layer of the PC stack. It's a lot of work. It is a lot easier on something like a cellphone where you can control the hardware from top to bottom and don't have to consider the case where someone installs additional hardware to suit their needs.
It's what Apple calls a "secure element", essentially a mini-HSM or multi-feature smartcard. "Put keys on it and it lets you use it with a PIN and rate limit" seems to be the main use case (they can implement FIDO2 with that too for instance).
These things are very useful for authentication and have been on business laptops for this very reason forever.
> In support of the Windows 11 system requirements, we’ve set the bar for previewing in our Windows Insider Program to match the minimum system requirements for Windows 11, with the exception for TPM 2.0 and CPU family/model.
So I can install Windows 11 previews, then when the definitive version comes out I would need to downgrade if I don't have a TPM hardware (or if I don't want to enable it for not loosing the possibility to dual boot Linux)? It's nonsense.
I want the old Windows back, couldn't Microsoft just stop making OS and support Windows 7 forever? The last Windows version that just worked, buy a license and use it, no updates every 6 months, no requirement for secure boot, TPM and stupid stuff, no apps, or whatever other stupid thin they invented.
Imagine McDonald's applying such dark UI patterns: maybe forget part of your order, put your change on the table under a napkin so you don't notice it, only offer you the free ice cream the 3rd time you ask, etc. People would be up in arms!
But Microsoft?! Well, they are the darling of the tech world now so it must only be a prank no?
"But Microsoft?! Well, they are the darling of the tech world now so it must only be a prank no?"
Google and Apple do it too and no one has complained. Why suddenly the up and arms when Microsoft does it? That doesn't sound like a darling of the tech world to me.
These have in common that much of their initial growth occurred by regulatory capture or ignoring existing regulations. Its ok if you are a host...Terrible if
your building has been taken over by Airbnb guests.
But of course they are just a platform....Not an enabler.
Personally I previously searched for:
1. Super fast CPU (got the Ryzen) 2. With enough RAM (32GB, unofficially) 3. At a cheap non-Apple price ("gaming" laptop) 4. That looks somewhat professional (Lenovo won against the ASUS which screamed teenager) 5. That runs Linux well enough.