Apple Files Patent for "Tamper-Resistant Code" 401
freaktheclown writes "The US Patent and Trademark Office has revealed that Apple has filed patent no. 20050246554 for a "system and method for creating tamper-resistant code." The system is presumably for use in Apple's Intel version of its Tiger operating system."
Link to patent publication (Score:5, Informative)
Yes it really is (Re:Aptly named). (Score:4, Informative)
The Titanic was really sink-resitant...
Missed the point (Score:4, Informative)
So not only is Apple not preventing users from installing Windows or Linux along side OS X, they are going out of their way to enable them to do so.
Michael Dell is feeling a tightening of the rectum right about now.
And yet...slashdotters are still preoccupied with how Apple might someday try to prevent the OS from being installed on non-Apple hardware.
Re:Link to patent publication (Score:3, Informative)
Re:Sounds impossible (Score:5, Informative)
By separating it into 2 or more inert components and storing them seperately. How is that at all like tamper-resistant code?
It's not impossible to create code that is very difficult to alter in a desirable manner, unless that desire is to have it cease functioning. The current StarForce copy protection achieves this by encrypting the executable and libraries of the program in question, and then running them on its own virtual machine which runs at the driver level. It sounds like Apple is planning to do exactly the same thing, unless I'm misinterpreting their patent. Each of their points says: But that's just how I'm reading it.. I could be wrong. At any rate, StarForce has yet to be cracked directly, but since its main purpose is to prevent copying, other weaknesses have been exploited; mainly in the area of virtual drives. Evidently it tries to identify the drives on a system, and if it successfully IDs one, it will require the disc to be placed in that drive. To ensure forward compatibility, if it cannot identify any of the drives, it will accept any drive that the disc appears to be in. It still attempts to blacklist virtual devices though, so the virtual drive software must be obfuscated. As I said, the only successful means of defeating the protection thus far have been to alter the data external to the program; the executables and DLLs themselves have not been successfully cracked, except when the publisher opted not to use encryption.
Has anyone actually read TFPA? (Score:5, Informative)
So, having tried to wade through all of this, here's my potted summary.
A "tamper-resistant" code block can be created *automatically* (i.e. not by hand) by translating an ordinary code block into a tamper-proof code block. The tamper proof code-block may be composed of checksummed code with extra inserted code that performs arbitrary operations (using, for example, information stored on a ROM, or taken from the computer's clock, or from the user's settings) and then is expected to produce a specific result.
E.g. multiply the current time by the user's name converted into a number and subtract the checksum of the code block and produce the number it did when the code was initially "tamper-proofed".
To verify the code has not been tampered with it can be executed in an environment (a virtual machine, say) which behaves like the real environment but where system calls have no effect so that only the ancillory results are produced. If these results aren't right, the code block is rejected.
I'm probably missing a lot, but the proposed system is AT LEAST this sophisticated, which is a heck of lot more convoluted than, say, checksumming code blocks. I think figuring this out is well beyond the script kiddies that produce the majority of malware.
Re:reminds me and makes sense of ms droping office (Score:3, Informative)
remember when microsoft dropped office for the mac.
Sure don't. You must be thinking of Internet Explorer, abandoned years ago at version 5. Office is still supported on the Mac.
Just published a paper on this (Score:2, Informative)
Re: unhackable DRM, etc. (Score:4, Informative)
Actually, no one ever really cracked the P3 DRM either, what was known was due to internal leaks, rumored to have been possibly deliberate, as NDC (Rupert Murdoch) owns their competitor, Dish Network! Anyway, the P3 hacks were all workarounds that still needed the real hardware DRM decryption engine to do the work. There was rumors of a soft decryptor, but I never saw one and personally I think that was vaporware.
Such a confused debate this (Score:3, Informative)
Apple should not sell the OS seperately because I don't want to buy it. I want the integrated experience. Its a non-sequitur, if that's what you want, buy it. Why should it not sell to others who don't want it?
Apple is a hardware manufacturer and if it allows people to run the OS on other hardware, it will go out of business. People who argue this, then turn around and claim that Apple hardware is better cheaper and faster than anyone else's. So why will unbundling not lead to a boom in hardware sales?
Apple shouldn't lock its OS at all. Why not? Of course, its entitled to protect its investment by product activation or DRM or whatever. Everyone else does.
Finally, we have the argument, if its unbundled, people will try to run it on hardware which will not run it, and this will put off buyers and damage the reputation of the company. This is crazy. It will be shipped with a list of what is supported. And manufacturers of cards, mainboards etc will tell you what the OS requirements are. They do it now, after all. Why would they stop?
Finally we have the argument, people who buy X and run it on their Toshibas (as ZD-net seems to have done) will not be having the Apple Experience. Well, maybe not. Why do you care? If you want to have the Apple Experience, which seems to consist in looking at a particular case while using X, go ahead. But this is not a reason for selling other people the unbundled X experience, if this is what they want.
The more I hear people arguing about this, the less sense it makes. Surely the point is, sell the customer what he wants to buy. He probably really does know what he wants. Let the customer worry about value for money and the sort of experience he is having. Don't try to dictate what he is supposed to want or how he is supposed to feel.
This is pure EVIL!! (Score:1, Informative)