From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1MdmFI-0005oS-P9 for mharc-grub-devel@gnu.org; Wed, 19 Aug 2009 10:34:36 -0400 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1MdmFH-0005oC-TG for grub-devel@gnu.org; Wed, 19 Aug 2009 10:34:35 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1MdmFC-0005lE-9D for grub-devel@gnu.org; Wed, 19 Aug 2009 10:34:34 -0400 Received: from [199.232.76.173] (port=46870 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1MdmFC-0005lB-5M for grub-devel@gnu.org; Wed, 19 Aug 2009 10:34:30 -0400 Received: from mx20.gnu.org ([199.232.41.8]:51513) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1MdmFB-0002xu-IH for grub-devel@gnu.org; Wed, 19 Aug 2009 10:34:29 -0400 Received: from xvm-190-8.ghst.net ([217.70.190.8] helo=aybabtu.com) by mx20.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1MdmFA-00072d-L3 for grub-devel@gnu.org; Wed, 19 Aug 2009 10:34:28 -0400 Received: from [192.168.10.10] (helo=thorin) by aybabtu.com with esmtp (Exim 4.69) (envelope-from ) id 1MdmF2-0007Ji-Q8 for grub-devel@gnu.org; Wed, 19 Aug 2009 16:34:21 +0200 Received: from rmh by thorin with local (Exim 4.69) (envelope-from ) id 1MdmF2-0001xB-7T for grub-devel@gnu.org; Wed, 19 Aug 2009 16:34:20 +0200 Date: Wed, 19 Aug 2009 16:34:20 +0200 From: Robert Millan To: The development of GRUB 2 Message-ID: <20090819143420.GC4210@thorin> References: <4A8BDB5B.5000407@labri.fr> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4A8BDB5B.5000407@labri.fr> Organization: free as in freedom X-Message-Flag: Worried about Outlook viruses? Switch to Thunderbird! www.mozilla.com/thunderbird X-Debbugs-No-Ack: true User-Agent: Mutt/1.5.18 (2008-05-17) X-Detected-Operating-System: by mx20.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6, seldom 2.4 (older, 4) Subject: Re: TPM support status ? X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Aug 2009 14:34:36 -0000 On Wed, Aug 19, 2009 at 01:00:43PM +0200, Emmanuel Fleury wrote: > Dear all, > > I know this is a quite sensitive topic and I'm really not willing to > start a new flame-war about it. I just want to know the exact status of > it and what is the (official) position of the GRUB team on the TPM support. > > Last discussion about the TPM issue was in February (see: > http://lists.gnu.org/archive/html/grub-devel/2009-02/msg00217.html) and > it ended up with a kind of statu quo. > > I just propose to expose the consequences of TPM support for GRUB, first > in a technical point of view and then on an ethical one. Then, I hope > the GRUB team will write his official position on the TPM support. Hi, This is my official position on TPM support: GRUB is part of the GNU project. This means we follow the same ultimate goal, that is, enabling all computer users to enjoy the freedoms they should have when using computer programs in them. "TPM" is a device that is part of the "Trusted Computing" initiative. However, referring to this as "Trusted" is misleading. As owner of your computer, you are *already* able to trust your computer. The difference with "Trusted Computing" is not on whether it's trusted, but on *who* can trust it: Someone else can trust your computer, at the expense that it won't always obbey your orders anymore. Because of this, we avoid referring to it as "Trusted" and use "Treacherous" instead. As you can see, the purpose of TPMs is fundamentally incompatible with our goal. It would be foolish for us to support them. >From a technical perspective, a TPM is not so different from a similar device that we would consider legitimate: one that doesn't prevent the owner from obtaining the private key of his own chip, or at least from using it to sign arbitrary data. Unless a clearly distinct name was used, this would still have the inconvenient that we would be promoting the mallicious version if we supported it, but since this theoretical device doesn't exist anyway, it's pointless to argue about it. TPMs as they exist today are not acceptable. That said, remember that GRUB is free software, and you can modify it to implement any feature (including mallicious ones like virus, spyware or DRM), as long as you comply with the license requirements in the GPL. -- Robert Millan The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and how) you may access your data; but nobody's threatening your freedom: we still allow you to remove your data and not access it at all."