Apple Files Patent for "Tamper-Resistant Code" 401
freaktheclown writes "The US Patent and Trademark Office has revealed that Apple has filed patent no. 20050246554 for a "system and method for creating tamper-resistant code." The system is presumably for use in Apple's Intel version of its Tiger operating system."
Sounds impossible (Score:2, Interesting)
Wonder if it will take more than 48 hours for someone to figure out a way to crack this one?
Translating code blocks (Score:5, Interesting)
After looking over the article, the method reminds me of Synapse Software's SynCalc (and related) programs for the 8-bit Atari computers. They had some real good code obfuscation, and they managed to do it in less that 48K of RAM! I never did get as far as figuring out whether they were using more than one level of a virtual machine, code obfuscation, or what have you.
Don't they mean... (Score:3, Interesting)
The most interesting thing about this (Score:5, Interesting)
Emulators (Score:4, Interesting)
20. A method comprising: receiving a system call, wherein the system call is formatted for requesting a service from a first operating system, wherein the system call is included in a first object code block, wherein the first object code block is a run-time translation of a second object code block; determining which system call services of a second operating system are needed for providing the service; determining whether system call services for servicing the system call have been disabled, wherein the determining is based on a tamper-resistance policy; servicing the system call, if the system call services for servicing the system call have not been disabled.
21. The method of claim 20, wherein the tamper-resistance policy disables system call services that access system resources.
22. The method of claim 20, wherein the first operating system is selected from the set consisting of Mac OS X, Linux, and Microsoft Windows.
23. The method of claim 20, wherein the second operating system is selected from the set consisting of Mac OS X, Linux, and Microsoft Windows.
Old Idea-Prior Art (Score:3, Interesting)
(yawn)
There's another, more interesting aspect of this: (Score:5, Interesting)
However, the patent describes a process whereby users would be able to load one of three operating systems as their primary OS and then load a secondary operating system as their secondary OS. In the patent application, titled, System and method for creating tamper-resistant code, they describe the process as thus:
From the sound of this, Apple is indeed going to do what I had simultaneously hoped for and feared: They're going to enable people to boot into OS X and run Windows at the same time (and vice versa)-- probably very similar to the way Classic runs now.
I had hoped for this because it makes switching infinitely easier-- people can just load up Windows and their apps on their Intel-based Mac, and make a gradual transition to OS X. Those who use Windows-only vertical-market apps will have the world of the Mac opened up to them.
I had feared this because there are bound to be some cheap/lazy asshole developers who will take one look at the Windows compatibility environment, cancel the Mac versions of their products, and tell Mac users to just use the Windows versions in said compatibility environment. I'd hate to see this reverse the Mac application availability renaissance that has been going on for the last few years.
~Philly
Tamper-resistant != tamper-proof (Score:2, Interesting)
Does it have to work to be patentable? (Score:5, Interesting)
That said, someone could try to create a processor that does not but audit the code being run and that it be outside of the main system's functions. I can imagine a lot of things that could be done with a scenario like that... but again, just like a thousand other things, it'll be hackable.
Apple should just face the facts: Build on a system that is already populated with crackers and coders who are intimately familiar with hacking software systems, and you are giving them a new toy to play with. They had a good thing going when they were vending relatively unique hardware. Now they have decided to switch, ever increasingly, to less propietary hardware in order to save costs. They did it when they adopted PCI, PC style memory and IDE mass storage devices. Before long, people were upgrading their own systems with non-Apple stuff. Now the very core of the computer itself is being moved over to something more readily available on the market... they don't expect people to want to play?
They are going to spend a LOT of money to avoid the unavoidable... they are going to waste a LOT of money. At some point they are going to have to choose either to abandon the OSX86 project and go back to PowerPC or just live with the fact that some people will run their OS on PCs not made by them.
Prior art? (Score:4, Interesting)
And for the paranoid, I've mentioned nothing above I couldn't find on Arxan's or someone else's public website.
Re:Looks like some of the IOCCC code is being rele (Score:3, Interesting)
In one embodiment the system comprises a processor and a memory unit coupled with the processor. In the system, the memory unit includes a translator unit to translate at runtime blocks of a first object code program into a blocks of a second object code program, wherein the blocks of the second object code program are to be obfuscated as a result of the translation, and wherein the blocks of the second object code program include system calls.
TPM contains flash. and can obfuscate code at runtime. I'm not in the know, except that I have worked on some publicly available TPM spec stuff.
Re:There's another, more interesting aspect of thi (Score:3, Interesting)
I mean, there's probably an entire team at Apple devoted to making it just right: easy enough to claim compatibility, hard enough to act as a spur for native development. And they probably have tastefully decorated offices, too.
This smells of MS style TCPA... (Score:2, Interesting)
To see apple jumping at something like this first is scary. When i found out apple boards had TPM's i suspected, though objectively. To me.. apple is pretty much signalling their intent to join ranks with gates and his hollywood buddies and cooperate with their plans to push lock down computing. Knowing how jobs has reacted to drm in the past.. it's just shameful.
What's sad is it' was never necessary. From what i remember of my hardware courses last semester, the newest x86 cpus are basically a cisc interpreter attached to a risc chip. All apple would have to do is have intel make the chips: A. without the interpreter at all.. thus making it a different platform with added benefit of greater efficiency and cost savings to boot.. or B. work with intel to make a different microcode interpreter.
I'm glad i bought the last of the PPC generation powermacs because it looks as if apple will lose a customer. Over the past 2.5 years i've poured over 10 grand into apple because it was objectively the best by a slim margin.. guess not anymore. linux will be king now, and a lot lighter on my wallet.
Re:That's fair. (Score:2, Interesting)
If they could get past the issue of drivers, maybe they ought to be selling this like windows, though. After all, their OS is leaps ahead of Win XP in usability...they could charge for the software. They could require system vendors to demonstrate conpatibility before getting an "Apple Compatible" logo (costing ~$30/system on top of the software). They may not overwhelm Windows, but I would bet they could get up to 10+% of the market
Re:Looks like some of the IOCCC code is being rele (Score:2, Interesting)
Re:Tamper resistent? (Score:4, Interesting)
re: unhackable DRM, etc. (Score:3, Interesting)
Small - Medium Businesses as well (Score:3, Interesting)
Basically, Apple doesn't want people buying design workstations (dual monitor, decent RAM, etc.) buying a $1200 Dell instead of a $2000 "PowerMac," and spending $200 to get the Mac OS X, they want to sell the $2000 hardware and make their $400 in margins...
Sure, there WILL be a way to buy an off the shelf machine, or alternatively, assemble off-the-shelf parts to match what the Mac has, flash firmware or whatever to match Apple's trickiness, and run OS X... guess what, college kids will do it... but there is no way for my company I would do that...
Because if I roll out a patch (say, 10.5.3) and it breaks my machines, I'm SOL until a new "hack" comes out... or a security patch does it, etc., etc... Sure, for a hobbyist they'll do it... and I doubt Apple cares that a few Alpha geeks run hacked Macs... they get some mindshare and possibly sell some software (maybe not the OS, but maybe Pages or Quicktime Pro, or anything), and maybe when that kid makes purchase decisions he'll buy Macs...
What they DO NOT want is my small company buying 5 Dells + 5 Dell monitors + OS X DVDs, instead of 5 Mac Minis + 5 Apple monitors (the combo looks SO slick) and then buying OS X upgrades annually...
It's not about normal unsupported... it's about some OS upgrade breaking the system and leaving me fucked with an insecure machine until the upgrade happens. ALL they need to do is have the stock kernel check something in the hardware and it will accomplish 80% of their objectives. Anything ELSE they do it just gravy... my guess is something in the kernel, and something in the closed source layers... basically force you to apply a new hack every security patch/OS upgrade, and that will keep all but hobbyists from going that route... and that is ALL Apple needs.
Alex
Re:I've SEEN this! (Score:3, Interesting)
Thus, a vendor-ID-ed CPU family, locked to Apple, would be the only one capable of accessing crucial DRM-ed parts of the OS (the one wich loads AQUA and friends--not the open source Open Darwin layer).
Anyone will still be able to boot OpenDarwin on pretty much any Intel hardware.
But, running the sugar on the cake will be very hard without Apple ID-ed CPUs (and hence, motherboard) without actually using an Apple-issued motherboard.
Re:Link to patent publication (Score:3, Interesting)
A 30 metre resistant watch will probably survive washing up, or wearing in the shower. a 50 should survive surface swimming. a 100 should survive diving to 10 metres, a 200, should survive diving to 30 metres and a 1000 to as deep as humans have ever been and survived.
The standards are ISO 2281 and ISO 6425 if anyone cares.
Re:And even if I could...would I? (Score:3, Interesting)
This is really beginning to get to me. Here I am, having used Windows almost daily for 15 years, and I still haven't been infected with any of this spyware that's supposedly so rampant.
What on earth can I be doing wrong?