Apple Files Patent for "Tamper-Resistant Code"

freaktheclown writes "The US Patent and Trademark Office has revealed that Apple has filed patent no. 20050246554 for a "system and method for creating tamper-resistant code." The system is presumably for use in Apple's Intel version of its Tiger operating system."

Sounds impossible

[slashname3]

Sounds kind of like having an acid that can eat through anything. How do you can you keep it in a container if it can eat through anything?

Wonder if it will take more than 48 hours for someone to figure out a way to crack this one?

Translating code blocks

[Trevin]

My first reaction to this subject was "there is no code which cannot be cracked, given enough time and determination."

After looking over the article, the method reminds me of Synapse Software's SynCalc (and related) programs for the 8-bit Atari computers. They had some real good code obfuscation, and they managed to do it in less that 48K of RAM! I never did get as far as figuring out whether they were using more than one level of a virtual machine, code obfuscation, or what have you.

Don't they mean...

[Chickenofbristol55]

...that they just want people not to tamper with their code? I see no need for a patent. I recall a time when a patent was for something important: a novel idea or mechanism of some kind. Making a patent doesn't really do much, other than making it impossible for other people/companies to hack into osX 86. But then again, it was illegal anyway, so no one could (legally) hack osX x86 before this patent. Seems kind of redundant.

The most interesting thing about this

[spirit_fingers]

For me as an administrator in a Mac-centric company, the most interesting part of this is Apple's accomodation of Linux, Windows and the Mac OS on their intel platform while simultaneously attempting to prevent their OS from being installed on a generic intel PC. If Apple can pull it off, it will give a significant value-add to their intel boxes. That's something that Micheal Dell would give his right arm to be able to do.

Emulators

[Anonymous Coward]

Nevermind the DRM stuff, this is the interesting part. OS X/Wine, anyone?

20. A method comprising: receiving a system call, wherein the system call is formatted for requesting a service from a first operating system, wherein the system call is included in a first object code block, wherein the first object code block is a run-time translation of a second object code block; determining which system call services of a second operating system are needed for providing the service; determining whether system call services for servicing the system call have been disabled, wherein the determining is based on a tamper-resistance policy; servicing the system call, if the system call services for servicing the system call have not been disabled.

21. The method of claim 20, wherein the tamper-resistance policy disables system call services that access system resources.

22. The method of claim 20, wherein the first operating system is selected from the set consisting of Mac OS X, Linux, and Microsoft Windows.

23. The method of claim 20, wherein the second operating system is selected from the set consisting of Mac OS X, Linux, and Microsoft Windows.

Old Idea-Prior Art

[TFGeditor]

Back in the day when memory was at a premium (64k-bytes max), self-replicating code was the bane of both "hackers" and sys admins.

(yawn)

There's another, more interesting aspect of this:

[phillymjs]

An excerpt from an article on Architosh: [architosh.com]

However, the patent describes a process whereby users would be able to load one of three operating systems as their primary OS and then load a secondary operating system as their secondary OS. In the patent application, titled, System and method for creating tamper-resistant code, they describe the process as thus:

22. The method of claim 20, wherein the first operating system is selected from the set consisting of Mac OS X, Linux, and Microsoft Windows.

23. The method of claim 20, wherein the second operating system is selected from the set consisting of Mac OS X, Linux, and Microsoft Windows.

From the sound of this, Apple is indeed going to do what I had simultaneously hoped for and feared: They're going to enable people to boot into OS X and run Windows at the same time (and vice versa)-- probably very similar to the way Classic runs now.

I had hoped for this because it makes switching infinitely easier-- people can just load up Windows and their apps on their Intel-based Mac, and make a gradual transition to OS X. Those who use Windows-only vertical-market apps will have the world of the Mac opened up to them.

I had feared this because there are bound to be some cheap/lazy asshole developers who will take one look at the Windows compatibility environment, cancel the Mac versions of their products, and tell Mac users to just use the Windows versions in said compatibility environment. I'd hate to see this reverse the Mac application availability renaissance that has been going on for the last few years.

~Philly

Tamper-resistant != tamper-proof

[Anonymous Coward]

Tamper-resistant perhaps, but not tamper-proof! Cracks to this (along with everything else developed for the mac) are readily available [macserialjunkie.com]. As the popularity of the platform grows, so will the number of people cracking, hacking and providing patches.

Does it have to work to be patentable?

[erroneus]

Essentially, I cannot imagine how it could happen effectively. I program is a series of isntructions. We can talk about multiprocessor systems and all that all day long, but the fact is, it's code that is watching code to ensure it is authentic.

That said, someone could try to create a processor that does not but audit the code being run and that it be outside of the main system's functions. I can imagine a lot of things that could be done with a scenario like that... but again, just like a thousand other things, it'll be hackable.

Apple should just face the facts: Build on a system that is already populated with crackers and coders who are intimately familiar with hacking software systems, and you are giving them a new toy to play with. They had a good thing going when they were vending relatively unique hardware. Now they have decided to switch, ever increasingly, to less propietary hardware in order to save costs. They did it when they adopted PCI, PC style memory and IDE mass storage devices. Before long, people were upgrading their own systems with non-Apple stuff. Now the very core of the computer itself is being moved over to something more readily available on the market... they don't expect people to want to play?

They are going to spend a LOT of money to avoid the unavoidable... they are going to waste a LOT of money. At some point they are going to have to choose either to abandon the OSX86 project and go back to PowerPC or just live with the fact that some people will run their OS on PCs not made by them.

Prior art?

[Mr Z]

I think Arxan has significant prior art here. [arxan.com] They specifically mention obfuscation [arxan.com]. I unfortunately can't say much more other than that I've seen some demos of what they offer under NDA. I wish their web site had more meat (e.g. a white paper). I will say they have some bright guys, some of whom come from the NSA, working with them. [arxan.com] Heck, even Gene Spafford [wikipedia.org]'s on their technical advisory board.

And for the paranoid, I've mentioned nothing above I couldn't find on Arxan's or someone else's public website.

Re:Looks like some of the IOCCC code is being rele

[vought]

From reading it, I think it has more to do with TPM....

In one embodiment the system comprises a processor and a memory unit coupled with the processor. In the system, the memory unit includes a translator unit to translate at runtime blocks of a first object code program into a blocks of a second object code program, wherein the blocks of the second object code program are to be obfuscated as a result of the translation, and wherein the blocks of the second object code program include system calls.

TPM contains flash. and can obfuscate code at runtime. I'm not in the know, except that I have worked on some publicly available TPM spec stuff.

Re:There's another, more interesting aspect of thi

[Daniel Dvorkin]

Using Classic (or for that matter, X) apps on OS X is certainly possible, and even fairly easy -- but it's just enough of a PITA to remind you that you're not using the OS's native environment. I suspect that any Apple-built Windows compatibility layer will be the same way. People will put up with it if they have to, but their preference will be for native OS X versions.

I mean, there's probably an entire team at Apple devoted to making it just right: easy enough to claim compatibility, hard enough to act as a spur for native development. And they probably have tastefully decorated offices, too. ;)

This smells of MS style TCPA...

[plasmacutter]

microsoft's aim in supporting TCPA was to make their code "tamper resistant" by encrypting parts of the OS with pgp style encryption.. and using tpm modules to store the private pgp code. thereby making only the cpu and "trusted" applications capable of running the code through disassemblers.

To see apple jumping at something like this first is scary. When i found out apple boards had TPM's i suspected, though objectively. To me.. apple is pretty much signalling their intent to join ranks with gates and his hollywood buddies and cooperate with their plans to push lock down computing. Knowing how jobs has reacted to drm in the past.. it's just shameful.

What's sad is it' was never necessary. From what i remember of my hardware courses last semester, the newest x86 cpus are basically a cisc interpreter attached to a risc chip. All apple would have to do is have intel make the chips: A. without the interpreter at all.. thus making it a different platform with added benefit of greater efficiency and cost savings to boot.. or B. work with intel to make a different microcode interpreter.

I'm glad i bought the last of the PPC generation powermacs because it looks as if apple will lose a customer. Over the past 2.5 years i've poured over 10 grand into apple because it was objectively the best by a slim margin.. guess not anymore. linux will be king now, and a lot lighter on my wallet.

Re:That's fair.

[martalli]

Because the draw to their hardware is the software and easy user environment. Everyone is going to prefer using the software on their low-cost dell and homebrew boxen over snazzy looking, overpriced hardware.

If they could get past the issue of drivers, maybe they ought to be selling this like windows, though. After all, their OS is leaps ahead of Win XP in usability...they could charge for the software. They could require system vendors to demonstrate conpatibility before getting an "Apple Compatible" logo (costing ~$30/system on top of the software). They may not overwhelm Windows, but I would bet they could get up to 10+% of the market

Re:Looks like some of the IOCCC code is being rele

[ZhuLien]

hmmm, method means a piece of code in a particular memory location executes, then in the same memory location a new piece of code executes. sounds not a lot different that something normally done by any application that wants to reuse a bit of memory to me.

Re:Tamper resistent?

[zsau]

Have you seen this [cpan.org]? It's just scary!

re: unhackable DRM, etc.

[King_TJ]

Well - we *do* already seem to have virtually "unhackable" DRM out there right now. Anyone see a working hack for DirecTV receivers using the "P4" series cards?

Small - Medium Businesses as well

[alexhmit01]

Well, if I was doing IT for a larger company (my small company has 15 people, adding 5 every 6 months or so, so we buy that many new Macs), and I could buy a Dell and pop in an Apple DVD, that would be my Mac stations... Basically, for anyone that wanted OS X, it would be easier and cheaper normally to buy the lowest end Dell and stick OS X in there... Sure the equivalent Dell to an Apple is about that same price as the Apple (+/- 10%), but Apple has limited selection... Sure the equivalent Dell to the Mini (including XP Pro) is about $550, but I can buy a $300 Dell... and possibly do dual-monitor for $300-$600, compared to $2000 with Apple...

Basically, Apple doesn't want people buying design workstations (dual monitor, decent RAM, etc.) buying a $1200 Dell instead of a $2000 "PowerMac," and spending $200 to get the Mac OS X, they want to sell the $2000 hardware and make their $400 in margins...

Sure, there WILL be a way to buy an off the shelf machine, or alternatively, assemble off-the-shelf parts to match what the Mac has, flash firmware or whatever to match Apple's trickiness, and run OS X... guess what, college kids will do it... but there is no way for my company I would do that...

Because if I roll out a patch (say, 10.5.3) and it breaks my machines, I'm SOL until a new "hack" comes out... or a security patch does it, etc., etc... Sure, for a hobbyist they'll do it... and I doubt Apple cares that a few Alpha geeks run hacked Macs... they get some mindshare and possibly sell some software (maybe not the OS, but maybe Pages or Quicktime Pro, or anything), and maybe when that kid makes purchase decisions he'll buy Macs...

What they DO NOT want is my small company buying 5 Dells + 5 Dell monitors + OS X DVDs, instead of 5 Mac Minis + 5 Apple monitors (the combo looks SO slick) and then buying OS X upgrades annually...

It's not about normal unsupported... it's about some OS upgrade breaking the system and leaving me fucked with an insecure machine until the upgrade happens. ALL they need to do is have the stock kernel check something in the hardware and it will accomplish 80% of their objectives. Anything ELSE they do it just gravy... my guess is something in the kernel, and something in the closed source layers... basically force you to apply a new hack every security patch/OS upgrade, and that will keep all but hobbyists from going that route... and that is ALL Apple needs.

Alex

Re:I've SEEN this!

[MouseR]

Perhaps the difference lies with plausible links with the Intel DRM built into their next CPUs.

Thus, a vendor-ID-ed CPU family, locked to Apple, would be the only one capable of accessing crucial DRM-ed parts of the OS (the one wich loads AQUA and friends--not the open source Open Darwin layer).

Anyone will still be able to boot OpenDarwin on pretty much any Intel hardware.

But, running the sugar on the cake will be very hard without Apple ID-ed CPUs (and hence, motherboard) without actually using an Apple-issued motherboard.

Re:Link to patent publication

[VC]

There's an iso standard for how water resistant watches have to be to get the 30/50/100/200/1000 metre resistant mark.

A 30 metre resistant watch will probably survive washing up, or wearing in the shower. a 50 should survive surface swimming. a 100 should survive diving to 10 metres, a 200, should survive diving to 30 metres and a 1000 to as deep as humans have ever been and survived.

The standards are ISO 2281 and ISO 6425 if anyone cares.

Re:And even if I could...would I?

[Haeleth]

I'm sure there are a lot of people who might do it though. People who want OS X's lack of spyware but want to be able to run some Windows software for work or play.

This is really beginning to get to me. Here I am, having used Windows almost daily for 15 years, and I still haven't been infected with any of this spyware that's supposedly so rampant.

What on earth can I be doing wrong?