Could TPM Be Good for Tux?

By Timothy R. Butler | Posted at 6:55 PM

Trusted Computing is generally associated with Microsoft, and, as of a short time ago, now Apple as well. On the other hand, little time is spent on the idea of integrating Trusted Platform Module support deep into GNU/Linux and other Free Software desktops. Maybe it is time for that to change.

Last week, I discussed how the topic of TPM being potentially included in Macintosh Developer Platform Kits was not clearly good or bad, just yet. Certainly, it could be used for ill, but if it is used essentially to keep Mac OS X from running on generic hardware (something you cannot do legally, anyway) and to perhaps protect media bought through the iTunes Music Store (and, someday, the Apple Video Store), that really would not be an entirely unlikable arrangement.

If DRM protected music and other media is secured on the hardware level, that simply means it will be harder (though not impossible) to break the DRM encryption. For those who like using services like Apple's music store and willingly consent to the service agreements for it, making reasonable DRM harder to break is a good thing, since the media providers are less likely to throw in the towel if users play within the boundaries of the service. Most will admit Apple's FairPlay has come a long way toward making DRM fairly transparent and agreeable to most users, and therefore many are rightly apprehensive when projects such as Hymn threaten the DRM they are reasonably content with.

Certainly, if Apple's methods and similar, fairly balanced plans prove too leaky, more draconian methods will arise. So long as no one has to use the iTunes music store to enjoy music on their computer or iPod, it seems in everyone's interests to keep the DRM secure. Those who want to use it would no longer have to live with the need for an “arms race” between Apple (or another provider) and the rouge developers, and those who dislike DRM can just ignore “protected” services altogether. If, in the future, “trusted” modules provide only assistance with such goals, maybe TPM, or its eventual successors, is not so bad. So what about GNU/Linux?


Notice that right now you cannot legally use DRM encrypted materials of almost any sort on Linux or FreeBSD. There is the gray area of things like DeCSS, but obviously the situation is questionable enough that no commercial entity wants to touch libraries such as that one with a ten-foot pole. Worse, an FOSS software-based DRM arrangement seems almost impossible. If I want to break the DRM, and I am a programmer, I simply grab one valid content license and then hardwire that into the program so that it doesn't realize it is being moved from computer to computer. No sweat.

Therefore, in the dawn of the electronic distribution of media, desktop Linux has a big hurdle. No one associated with the MPAA and RIAA will ever agree to let their content go without DRM in a fully digital, high quality fashion; for that matter, many other content providers would probably be apprehensive too. Presuming the content you want comes from such wary providers, you have a problem. So, with the quandary mentioned above about FOSS-based DRM support, it would appear the only solution would be a closed source, proprietary DRM library, something no FOSS supporter wants to see our desktops — be it KDE, GNOME or something else — depend on.

But wait a second! Imagine if the DRM processing was done in the hardware. Then, the DRM software could be entirely FOSS licensed without making it quite as easy to crack. Obviously there are pros and cons to this, but I would assert that the pros seem likely to outweigh any cons.

The key here is not to make everything DRM encrypted, but to insure that GNU/Linux is on the forefront of what seems to be an unstoppable force: legal online media distribution. If support for this could be done in a manner that was least intrusive into the FOSS ethic, then that is something that may very well be worth supporting from here on out. So long as no one is required to work with DRM related materials, it makes sense to provide a sensible facility for doing so if one wants to.

Support for DRM in an optional way would send out a signal that GNU/Linux is not pro-piracy, as many outside of the sector falsely assume, but is in fact pro-user, giving the user the choice to work with whatever material the user is desirous to use without being hindered by the operating system.






Timothy R. Butler is Editor-in-Chief of Open for Business. You can reach him at tbutler@ofb.biz.