Trusted Computing – The Apple Way

Posted on by hukl

Since Apple introduced its first Intel products the word got out that they would include a TPM chip. Nobody really new what for but the common assumption was that they would use it to make sure you’re running Mac OS X on a »true« Macintosh computer. The problem was that Apple didn’t really say anything about that chip and since they aren’t a member of the TCG they wouldn’t have to do so. Being part of TCG means, besides other things, that you give the user the chance to switch the TPM chip off. The user must be allowed to control the chip. Apple on the other side provided no way of interacting with the chip which was concerning a lot of people. On one side these concerns were right since Apple has a complete music / movie / hardware solution. The TPM chip would enable them to enforce DRM in its nastiest way. Again, without being in the TCG group they can do what they want.
Apple on the other side is known for not being a big fan of copy protections and digital rights management. A developer note actually says that developers should not be trying to build software that relies on unique identifiable properties of a computer, like a MAC address, the serial number or a TPM chip since it is not 100% reliable and it compromises the user experience. Their iTunes DRM policies could be easier but compared to all the other DRM policies of the different online media stores it really is »FairPlay«.

So in the end, nobody knew what Apple was up to. If it was good or evil. Since yesterday it seems that Apple is indeed not interested in a hardcore DRM world. I found an article (Trusted Computing for Mac OS X) which claims that Apple isn’t using the TPM chip for anything, not even key storage. The author is also providing an open source driver for OS X to interact with the TPM chip. Furthermore the article features a guide how to interact with it, like taking ownership. But best of all the article claims that the current Mac Book Pros and Mac Pros don’t even have a TPM chip anymore! This is like the best new in terms of TPM.

I’d like to thank Apple for this step. This is so the right way.

Leave a Reply

Your email address will not be published. Required fields are marked *