The Doomsday Chip
Note - I give anyone and everyone my express permission to mirror or otherwise repost this article, anywhere in the world and for all time.
Dedication - To two wonderful friends I have abroad, each of whom has helped me greatly in his and her own way. My best wishes to both of you -- and keep safe!
Introduction
Back in the 1950's, the Egyptian government decided to build the Aswan High Dam, with the aims of gaining complete control over the Nile inundations and harnessing the vast potential power of the river to generate electricity. In 1960 Egypt began building and in 1970 had completed the construction of this vast engineering project. At the cost of drowning many of Egypt's treasured antiquities, Nasser had achieved the dream of his predecessors and now had complete control over the River of the Two Lands.
And he had unwittingly made his country completely vulnerable to attack, as never before.
During the Interwar Era various Powers had developed and in World War II used the tactic of skip-bombing, which is to say repeatedly bouncing a bomb off the surface of the water and then letting it sink against its target before exploding -- the water itself serving to confine the blast and greatly magnify its effectiveness against that target. In Operation Chastise, conducted on May 16th-17th 1943, this technique was employed to break the Möhne and Edersee Dams, which destroyed two great hydroelectric power plants and drowned some 1600 people.
What Nasser had unwittingly done was to build the biggest Doomsday Device ever actually constructed (1). Should Egypt go to war against a country and win to the point of posing an existential threat to that nation, its foe -- if it possessed the military capability to penetrate Egyptian air defenses with a strike of force equivalent to at least what a World War II strategic bomber squadron might deliver -- could at will drop the Aswan Dam.
At this point over 100 cubic kilometers of water would suddenly empty from a height of up to 100 meters above river level and flow down the Nile River Valley, a valley which for much of its length is essentially a canyon between rock cliffs. This would act as a mighty hydraulic ram, scouring the valley clean of soil, buildings and people for dozens, perhaps hundreds of kilometers downstream. Opinion is divided on whether or not this death-wave would be high enough by the time it reached Cairo to physically destroy the city, but it would certainly kill hundreds of thousands of people, perhaps millions of people, and leave a country without power and rapidly running out of food in the weeks and months to follow, killing millions more. The Ancient Gods of Egypt would have finally had their revenge on the infidels who abandoned them for the newer god, Allah.
Given that there was one obvious strategic-air-capable and nuclear-armed Power to which the Egyptians had made themselves exceedingly obnoxious in the 1940's through 1970's, and to whom therefore it had just handed a button marked "Push To Destroy Egypt", it is perhaps not a coincidence that the Egyptians signed the Camp David Accords with Israel in 1978, nor that the dangerously-aggressive Mohamed Morsi was swiftly ousted by his own military in July 2013 when he showed signs of wishing to renew hostilities with Israel. Nasser and Sadat, probably very much against their desires, had deterred their successors from any such aggressions.
This is all to the good (provided that nobody ever actually drops the dam). What is less to the good is that America seems, no doubt inadvertently, to be in the process of building a bigger and far more powerful Doomsday Device which may give every hostile Power, terrorist organization, and criminal organization the ability to cause massive damage to the United States whenever they so wish. What is even worse, this Doomsday device is like the Aswan Dam in that it only threatens the nation which builds and operates it -- this engine has no power to enable our own retaliation against anyone aware of its existence. Still worse, it is of a nature that would enable the attacker to paralyze our own defense or retaliation against attack.
It is almost incidental and additional to these drawbacks that it would also enable our own government, or indeed sufficiently aware private corporations, to not only censor but blackmail or even frame any persons or organizations whom they deemed sufficiently odious. This is almost incidental because, soon after we adopt this technology as currently constituted, it is doubtful that there would be any such government or corporations -- since, in a gesture of incredible recklessness, the government and corporations are planning on adopting the Doomsday Device themselves.
I speak, of course of the Trusted Platform Module (TPM) system, first specified in 2011 and to which IBM, Microsoft and Apple (among others) are in the process of completely converting. Early versions of the system make TPM optional; later versions are and will make it mandatory with a TPM chip being made an inherent part of motherboards.
I. TPM
The Concept
The original idea behind TPM was to enable the secure generation of cryptographic keys for computers and to allow cross-checking with other computers to ensure that the software running on the systems was uncorrupted. This would provide warning to operators of corruption or malfunction of their own systems, and (in the ultimate concept of such a system) allow remote repairs to corrupted software. In addition, pirated versions of software or other files could be at least detected, and possibly deleted, cracking down on multi-billion dollar pirate software and other media operations.
This was actually not a bad idea. Computers should be able to check their own operating states against the ideals. And pirate copying of software and other media is a problem for intellectual property rights -- upon the maintenance of which a lot of the most creative activities of our civilization depends for the continuance of our current artistic, literary and scientific Golden Age.
However, those who proposed TPM had forgotten several crucial human factors (2).
A. Quo Vadis Vadis VADIS?
The first problem is inherent to the mode by which TPM functions, coupled with the fact that humans must administer its operations
TPM is basically an electronic watchman. It watches over its host system, and is in turn watched over by the TPM's in the other systems to which it is connected by remote access. It watches to detect and block system corruption.
But how does it know what constitutes system "corruption?"
It has to be told, of course -- fed models of "proper" systems and the software resident therein, against which it can compare the system in which it actually resides. The ultimate source of these models -- the ultimate "watchmen" in the "chain of trust," are human beings in hardware and software companies, or in government agencies, compiling lists of trusted software and hardware and of the malware against which TPM wards.
The problem is, how do we know that these human beings are trustworthy? Most probably will be -- barring extreme malevolence or incompetence on our part, major corporations such as Microsoft and intelligence organizations such as the NSA are not going to be staffed by criminals, saboteurs and traitors. Most will be trustworthy.
However, TPM is a complex system with complex code, and it is well known that competent software engineers can hide all sorts of things in sufficiently-complex code, hide them so well that they are usually only detected when they result in unexpected bad effects in operation (the same effect, caused by innocent error, is called a "bug," because the first "bugs" were actual insects which in the 1940's infiltrated massive vacuum-tube computers). All it takes is for one programmer to sneak in an undetected (logic) bomb or (access) backdoor to cause massive problems and vulnerabilities, for reasons I explain below.
B. The Combined Crypto Key
TPM by its nature requires that one system be able to access other systems remotely at request. This means, of course, that TPM has to be able to do something which right now one user has to give another user explicit permission to do -- namely take remote control of at least part of the first user's system. This means that TPM requires an at least limited "backdoor."
Backdoors are the bane of system security (3). The designers of TPM were not idiots, of course, so they created a protocol by which one TPM chip could gain access to another TPM chip without providing this access to just anyone who felt like playing around with someone else's system.
The way it works is fundamentally simple. When a TPM chip is manufactured, a crypto key is burned into it. This key or its descendants are then required to remotely access the hardware into which the chip is installed. The TPM chip includes a dictionary and programming to block automated random guessing techniques.
Of course the user wants to be able to access his own files, or provide such access to other parties with his own consent. So the user can generate private passwords, which are then combined with the hardwired key to validate access. Since no malware can infiltrate a TPM based system (or at least survive on it for very long), a user accessing from a TPM based system with the correct password must be legitimate, and hence TPM systems are secure.
An admirable plan.
But fatally flawed.
C. Human Elements
All it takes is one corrupt engineer in the wrong place at the wrong time, and the details of the hardwired keys become known to enemies, terrorists or criminals. Such a secret would be immensely valuable -- worth literally many billions of dollars on the black market -- and hence worth spending very large sums of money and very great efforts to maintain.
Engineers can become disaffected. (Think of the multiple recent leakages of classified information). Engineers can be moles. Engineers can be bribed. Engineers can be blackmailed. Engineers can be framed. Engineers (or their loved ones) can be threatened. Engineers can fall in love. Engineers are human beings, and simply because they have signed security agreements promising not to reveal secrets is no guarantee that they won't reveal them. No, not even if you dispatch thriller-fiction assassins after them, because (1) such assassins are not as infallible as in fiction and (2) by the time you do this, it is usually too late -- your secret has been spilled.
By the nature of the process of making and employing TPM chips, the secrets have to be known to the chip manufacturers, probably at least in part to the other hardware companies, to the software companies, and to at least some persons in intelligence and law enforcement agencies. At a conservative estimate, say a hundred people nationwide -- and this will be a rotating group of people as some move into and some out of this field. Do you want to gamble that not one of these people can be in any way compromised? Because this is precisely the gamble we're making when we propose to make all our systems TPM compliant.
We might make a heroic effort to guard the secret, similar to that which we made to guard the secret of the Manhattan Project. And it would probably be just as successful an effort. The Manhattan Project was penetrated by a foreign agent -- Klaus Fuchs -- right from its inception, and the atomic secrets were in Soviet hands by the very same year that we detonated the first atomic bomb. Just four years later, the Soviet Union had its own atom bombs.
We should learn the lessons of history.
D. Reverse Engineering
Ordinary engineering is to have a concept of what one wants to do and design a machine capable of doing it. Reverse engineering is when starts with a machine which one does not know how to build, and studies it to learn how to build it and understand the concepts embodied in its design. This frequently happens when, for instance, an advanced machine is captured or otherwise obtained from an unfriendly foreign Power.
Now, no matter what computational witchery is embodied in the design of the TPM, the very nature of the concept requires that billions be built and released onto the market. Any Power or organization can easily and openly buy TPM-chip-based devices by the container-ship-load. This creates an easy environment for reverse-engineering, because -- even if TPM chips are booby-trapped to fatally surge (4) or otherwise fail forever upon tampering -- big deal, just open the next package and try again!
Can TPM be reverse-engineered? I don't see why not. TPM's aren't Platonic devices sitting in the back of caves viewable only as shadows cast by the light of combining hardwired and private crypto-keys, they are real physical objects existing in the real world. Even if they are so sensitive and squirrely that they suicide in shame when raped by existing probes, their chastity is so valuable that they would be worth inventing whole new TYPES of techniques to seduce.
And Science Marches On. I can show you advertisements in old magazines for "secure" and "unbreakable" locks which any modern locksmith worth his salt could open in under fifteen minutes given today's toolkits. And I am old enough and sufficiently fascinated by technological history to remember whole families of cryptographic systems which were deemed "unbreakable" in their time, only to be broken within months to years -- starting with Grand-Pappy Enigma and going down to the recent invention of quantum cryptanalysis. It is absurd to imagine that TPM will be any more "unbrekable" than were its predecessors, given time and enough incentive.
Is a secret being worth tens of billions of dollars "enough incentive"? I for one think so.
And it's even worse than that ...
E. Horses Reported Missing, Close The Barn Door!
I was, of course, making the assumption that TPM is currently secure.
In fact, it isn't.
Mike Szczys, in "TPM cryptography cracked" (Hack A Day, Feb 9th 2010), describes one way it can be done: Christopher Tarnovsky figured out how to defeat the hardware by spying on its communications. It's not easy -- according to the article
The method is wicked-hard, involving removal of the chip’s case and top layer, then tapping into a data bus to get at unencrypted data. The chip still has some tricks up its sleeve and includes firmware traps that keep a look out for this type of attack, shutting down if it’s detected. Infineon commented that they knew this was possible but regard it as a low threat due to the high skill level necessary for success.
and another more detailed article, "Engineer shows how to crack a 'secure' TPM chip" by William Jackson in GCN, Feb 2nd 2010, describes a technique including electron microscopy
Using an electron microscope to operate at the nanometer scale and Adobe Photoshop to plan his attack, Christopher Tarnovsky was able to sit on the chip’s data bus and “listen” to unencrypted code.
but then, a "high skill level" is exactly what would be available to (say) any Great or even Regional Power attempting such a feat. For that matter, I wouldn't put it past terrorist or criminal organizations -- many of the members of such organizations are mindless fanatics or brainless brutes, but we should keep in mind that the current leader of Al Qaeda is a trained surgeon (with many engineers on staff) and crime cartels have lots of money to throw at problems.
Tarnovsky said (from Jackson):
"Nothing inside that device is secure. I can access all the keys and secrets on the chips.These chips are not as secure as the vendors tell you they are"
Now, Tarnovsky did this in early 2010, three and a half years ago. One can hope that the TPM engineers have improved their designs to make them less vulnerable to Tarnovsky's SPECIFIC METHOD. But we should keep in mind that Tarnovsky did this merely as a proof of concept, and whatever improvements have been made since 2010 are still theoretically circumventable. The real Bad Guys out there are not going to publish their results in journals of information science or even on hackers' websites: they are going to sit on their discovery until the moment comes to strike.
F. The Most Fundamental Flaw
The real problem is that the TPM system is designed -- as far as I can tell (and I would love for any tech-savvy readers to comment on this and thus further my education) with only one sort of compartmentation -- and the compartments don't go all the way up to the main deck because they would interfere with the NSA's first class staterooms. As a result, all it takes is one hit from the right sort of iceberg to send the whole information system -- and I mean the whole information system of the modern West -- down to the bottom of the North Atlantic, glug glug glug.
The main compartmentation feature is the private crypto keys, which mesh with the firmware keys to protect private files. This, and this ALONE, prevents someone able to hack into his own TPM from easily using that TPM to hack into someone else's TPM based system. Thus an "iceberg" composed of a hacker who is not also a good cryptographer with excellent equipment will merely hole his own compartment, damage which is simply stopped by closing the next watertight door.
The minor problem is that if that hacker has the other person's private crypto key, he can generate what the target's TPM will imagine to be a perfectly-legitimate check on that target system's contents. This will not be interceptable by any firewalls or other security systems possessed by the target, because this is all happening at the most fundamental machine level of the target's system. The hacker can then freely copy, delete or otherwise edit (note emphasis) the contents of the target system. What's more, he can do so using a program he's fed into his own TPM, so it can happen automatically and with both high speed and high precision.
Why do I call this the "minor" problem? Because the situation is far worse if the hacker has obtained the master system for generating and interpreting firmware crypto keys. If he has this system, he can freely, rapidly, and un-interceptably copy, delete or edit the contents of ALL TPM systems to which he can obtain connection (and TPM systems are supposed to and eventually will require net access to operate). What's more, he could theoretically code a worm which would propagate over the net, possessing the same power to un-interceptably infiltrate other systems and reproduce, etc. etc. etc.
Hack, Reproduce, Rinse, Repeat.
And what could it do to the infected systems?
ANYTHING THE HACKER WANTED THAT WAS WITHIN THE PHYSICAL POWER OF THE HOST MACHINES AND ITS PERIPHERALS.
At this point the iceberg has ripped open every single watertight compartment on the liner, and she sinks to the bottom, the band still playing.
Do you start to see why I'm calling this a "Doomsday" Chip?
It gets still worse.
II. Threats
Introduction
The threat upon which most of the people who warn of the perils of TPM is focused is in my mind one of the most trivial. Though it's still a terrible threat, and if it came to pass could mean the immediate end of the American Republic. The fact that I consider this threat "trivial" is only by comparison with the (far worse) other possibilities. And the even darker lining of this already-dark cloud is that these threats are not in any way mutually-exclusive -- we'd be facing all of them SIMULTANEOUSLY.
So let's start with the trivial threat, the one that might merely turn us into abject (though still living and probably fairly well-off) slaves of the Commander of the United States of America, ending our status as free citizens of a Constitutional Republic for the forseeable future.
Our own government.
A. The U.S. Government
The reason, of course, why the TPM system possesses this vulnerability to external manipulation from any TPM platform, is that the US government wants to be able to use TPM as a way for intelligence and law enforcement agencies to peek into private and corporate computers, the better to catch criminals, terrorists and spies. The organization presumably tasked with such counter-ingelligence operations -- as it is right now -- is the National Security Agency.
Now, catching criminals, terrorists and spies is a laudable purpose. The problem, of course, is that there is no way to ensure that the NSA remains within the boundaries of its mission in the use of TPM-based surveillance. There are at least two obvious reasons to worry about this.
(1) Personal Corruption
The first is that NSA employees are currently misusing their monitoring equipment for purely-personal motives.
According to Chris Strohm, "Lawmakers Probe Willful Abuses of Power by NSA Analysts," Bloomberg, Aug 23rd 2013:
The incidents, chronicled by the NSA’s inspector general, provide additional evidence that U.S. intelligence agencies sometimes have violated the legal and administrative restrictions on domestic spying, and may add to the pressure to bolster laws that govern intelligence activities.
Republican Representative Mike Rogers of Michigan, chairman of the House intelligence committee, is reviewing the cases of intentional misconduct in detail, his spokeswoman, Susan Phalen, said in a statement.
There were “approximately a dozen” cases in the past 10 years that “involved improper behavior on the part of individual employees,” Phalen said.
A dozen cases over a decade doesn't sound so bad, but keep in mind that this is the list that the NSA's inspector general made available to the US Congress, and (1) malfeasant employees are not eager to report their malfeaseance to an Inspector General, and (2) malfeasant agencies are not eager to report their malfeasance to the US Congress. This could be merely a small number of the abuses actually committed.
While the abuses reported to Rogers were rare mostly committed against foreigners, later revelations showed a much more widespread and often personal pattern of abuse. Siobhan Gorman, of The Wall Street Journal, Aug 23rd, 2013, relates in "NSA Officers Spy on Love Interests" that
National Security Agency officers on several occasions have channeled their agency’s enormous eavesdropping power to spy on love interests, U.S. officials said. The practice isn’t frequent - one official estimated a handful of cases in the last decade - but it’s common enough to garner its own spycraft label: LOVEINT
Again, keep in mind that this is only the subset of the subset of people who got caught to which the US officials were willing to admit. I'd recommend expanding the likely scope of the actual abuses by at least one or two orders of magnitude.
The LOVEINT violations involved overseas communications, officials said, such as spying on a partner or spouse. In each instance, the employee was punished either with an administrative action or termination.
Most of the incidents, officials said, were self-reported. Such admissions can arise, for example, when an employee takes a polygraph tests as part of a renewal of a security clearance.
This is not very reassuring. What about persons who were not tested on the specific issue? And "either with an administrative action or termination" implies that there may be violators still possessing access to NSA resources.
(2) - Political Corruption
There is, of course, something worse to worry about than real NSA analysts pretending to be Harry Tasker from True Lies. That is the strong possibility that the NSA, or other government agencies or even political allies of the President in power might abuse the TPM capability to watch or persecute their political opponents.
You will remember that the TPM masterkey would allow one to hack into any computer connected to the Internet. One could obtain complete copies of the files of political dissidents. Does the dissident say, do, or have an interest in anything illegal, immoral or simply embarassing? If he keeps any record of this activity on his computer, the surveillance would provide the government with fuel for prosecution, or simply blackmail.
Remember that -- due to multifarious and vague laws, and the erosion of the requirement of "bad intent," the average American may commit something like three felonies a day. Now imagine what happens if a government out to get you because you've engaged in some sort of political action not to their liking gets access to your records and can choose to prosecute you for some of these "crimes." Few are so moral that there is nothing they've ever done that some people about whose opinion they care would not disapprove. As for "embarassing," consider that tastes change, and there are plenty of legal, moral activities which somone might engage in but not want to have publicly known.
It gets worse. Remember what I said about a TPM hacker being able to edit the target's files? What if a government agency plants evidence of something illegal (child pornography would be one obvious idea, but there are many, many others) on the dissident's computer and then "discovers" its presence? One could blackmail or even frame someone all the way into prison using such manufactured evidence, if the frame was done at all competently. What's more, if the chosen "crime" was something people detest (such as raping children or torturing animals) the frame could easily be used to discredit the dissident's ideas.
And it gets still worse. Instead of openly prosecuting or even privately blackmailing the dissident, the government could simply mess with his personal files. Articles -- even his life's work -- could be deleted or subtly sabotaged to render them non-credible. His sites might be deleted. Links to his articles might be msyteriously unavailable to most browsers or search engines. (The last-named abuse has already been done, by private companies such as Google, specifically at the behest of influential Powers such as Red China).
History could be edited. References to facts inconvenient to the party in power might become difficult or impossible to find online. Existing articles could be edited to conform to current standards of Political Correctness. The potential for severe damage to our common civilizational store of information is extreme.
And yet this, horrible as it sounds, is but one of the more trivial of the potential threats posed to our freedom and survival by TPM.
B. Criminal Organizations
I'll pass swiftly over the threat which any criminal organization in possession of the TPM master key could pose to any country unfortunate enough to rely on TPM-compliant systems. The most obvious possibility would be straight-out electronic thefts and other forms of fraud, limited only by the greed of the cartels balanced by their common sense (if one gets too greedy, one's victims will notice and switch systems). Other possibilites include blackmail, corruption, and extortion. A very nasty possibility would be that crime cartels could get lists of law enforcement agents, informants and witnesses, complete with addresses and analyses of vulnerabilities, and begin a murder campaign to terrorize the justice system into submission.
Criminal organizations wouldn't want to crash the civilizations upon which they are parasites, but there would be a very serious Tragedy of the Commons at work here. Any one criminal organization couldn't prolong the survival of an infested country very long by restraining itself, and it would be limiting its own income during the brief period it would have between infestation and death by trying to do so. Thus, the tendency would be for each gang to loot as much as it could before the country crashed. This could lead to whole national financial systems being stripped bare in a matter of days to weeks, once the looting began.
C. Foreign Powers
This would in some ways be the most severe danger, but in some ways also the most managable, because a foreign Power possessing our master keys would be restrained by the ancient rule governing a cracked code -- keep the users of the code from knowing their code has been compromised as long as one can, lest they change it. What's more, save in an actual hot war situation, they would have little to gain and potentially much to lose by carrying out destructive cyber-strikes against America or other Wesetern Powers. Such strikes could trigger hot war, and they would logically have to assume that our strategic launch systems might be hardened against cyber-strikes, even against ones using TPM master keys (5).
What hostile foreign Powers such as Russia or China would probably do, possessed of the TPM master keys (and China may already possess them) is exactly what the Allies did in World War II with the captured Enigma machine and the Bombe and the Magic intercepts. That is to say, read our files (the more so because they wouldn't be restricted to reading our radio messages), make the raw intelligence available to a very small and select group, and disseminate the information to their own intelligence and military community on a strict need-to-know basis with the type of source either unrevealed or actively disinformed. Should a hot war break out, US aircraft and warships might find enemies not appearing on their radar, anti-missile systems might mysteriously crash, and strategic facilities like dams and nuclear reactors might spontaneously suffer operational accidents. But not until a hot war broke out.
Of course, even before a hot war broke out, the hostile Power would have access to information such as our own intelligence on them and all its sources. This means that a lot of our spies in their country might wind up dead (or worse) turned (they would become double agents reporting to us only what the enemy wanted us to know). Our own plans, diplomatic and military, would become transparent to them, while we would be blind to their own secrets. Worse, if they were clever about it, they might be able to convince us that the reverse was true!
The reason why this might be a very severe danger is that it could both lead to a hot war (because the hostile Power became overconfident due to its excellent intelligence capabilities) and to our losing the hot war (because they got within our decision loop). It might also lead to the general nuclear destruction of both combatants, as they counted on their arsenal to deter only to find out that we assumed we could launch and survive due to our ABM capabilities, we counted on our offensive arsenal and ABM capabilities to launch and survive, to discover only too late that our ABM capabilities had been sabotaged by their cyber-strikes.
But at least we can reasonably assume that foreign Powers wouldn't attack us for no reason.
Which is where it gets worse.
D. Terrorists
Terrorists (both Organizations and States are batshit crazy. They view attacking and hurting us as a good thing in itself, and in many cases their own deaths as inconveniences to be suffered in the name of The Cause
With some (such as Al Qaeda) we are actively at war. With others (such as Iran or North Korea) we are in state of armed truce. Even on the occasions that we have allied with Terrorist States or Organizations, we can't really trust them: both Saddam Hussein and Osama bin Laden were at points American allies, and both turned on us for reasons which were by rational standards quite insufficient.
What would a Terrorist Organization or State do with a TPM masterkey? After an initial period of data mining, they would probably begin launching physical attacks against us?
How could they do this?
Here's a very short (and deliberately not very well-researched, because I really don't want to give someone a manual for this sort of thing) list.
Our power infrastructure is computer-controlled and extremely vulnerable to disruption at key chokepoints. Power plants could be turned off, or turned up to run at levels which would swiftly burn them out. Hydroelectric dams could be set to either pool water until they overflowed, or their spillways opened wide to flood the valleys below. Nuclear reactors could be programmed to suffer Loss Of Coolant Accidents (LOCA): with Western reactors this wouldn't cause damage outside the containment domes, but could easily put reactors permanently out of service.
Our transportation infrastructure is vulnerable. Much train switching is computer-controlled or at least the communications between dispatchers, train crews and linemen is computer-moderated. Freight trains carrying explosive or toxic cargoes could be tracked into collisions in heavily-populated or heavily-industrialized areas. Passenger trains could be derailed into residential neighborhoods. Air Traffic Control systems could be overridden or taken offline during peak hours. If onboard avionics systems were TPM-compliant, they could be rigged to give false altitude readings, causing airplanes to crash into cities. Most large ships use computerized navigation systems, and their GPS data could be falsified to cause oil tankers to run aground in fisheries, or LNG (Liquefied Natural Gas) tankers crashed into busy ports (if one of those could be torched, it might explode with the force of a small atomic bomb).
Industries, particularly chemical industries, are vulnerable. It would not be too hard, if one controlled the computers, to set an oil refinery to catch fire or a chemical processing plant to spill sulfuric acid all over itself. If the enemy chose to be subtle, he might be able to interfere with production industries, sabotaging whole production runs to be just a little out of tolerance in ways that might not be noticable until the products were actually in wide usage.
And so on, and so on, and so on.
III. Solutions
Well, you've heard the doom and gloom. Where in this Pandora's Box is the Hope? Are we to give up on the whole concept of distributed verification systems?
Not necessarily.
A. Diversify
Do not put all our eggs in baskets of the same design. There is absolutely no sane reason why there has to be a single and completely standard TPM. What if there were dozens of separate TPM-like families, each checking other motherboards within the same family but not required to offer access to masterkeys from other families. That way, the maximum damage done by any particular theft or reverse-engineering of a masterkey is limited to that one family. Instead of one big ocean liner worrying about hitting an iceberg, you have many different ocean liners, competing to find the safest and most efficient sealanes to bring their passengers safely to their destinations.
B. Compartmentalize
Within each family, compartmentalize access to subfamilies. There could still be a very large number of actual machines cross-checking one another without including all the machines in one family at a time. This way, each of the many ocean liners is in turn well-compartmented and probably can't be sunk by a single iceberg.
C. Maneuver
Instead of relying on single firmware keys, rotate keys over time. (This may already be incorporated in the existing system, given the use of random number tables and descendant keys). This way, your course is less likely to be blocked if the weather changes.
IV. The Folly of the Ultimate Masterkey
I know that some of the attraction of the concept to intelligence agencies and corporations is the masterkey itself, but the idea of one masterkey or group of masterkeys which provide access to all machines is Just Plain Dumb and should be jettisoned. It's Just Plain Dumb because:
A. Foreign Powers will get wise to it and avoid using TPM-compliant systems. In fact, some have already gotten wise to it, and this knowledge is bound to spread. What's more, as the knowledge spreads it will create an extreme unwillingness among other Powers to adopt TPM-compliant systems, which means we won't be extending our intelligence capabilities, but merely limiting our own ability to export computers and software.
B. Terrorists and other criminals will get wise to it and avoid using TPM-compliant systems. There is absolutely no physical reason why one couldn't build a "translator" between files generated on TPM and non-TPM compliant systems: this is actually easier than cracking the TPM chips themselves for any given application. The terrorists and criminals will simply use non-TPM compliant systems. This may be made illegal, but ... um ... terrorists and other criminals are lawbreakers by definition. It won't stop them.
C. Dissidents might find it harder to evade TPM surveillance, but do we really want to give our government the power to unconstitutionally-suppress dissent? Lest some Democrats reading this think I'm in good with Obama and his policies, I wouldn't have any problems, reflect that the next Administration might be less sympathetic to one's own causes. Furthermore, if TPM ability was used to prevent voting the current party out of power, then this would simply shift political tactics over to assassinations, coups and revolutions, which would make political life in America signficantly worse for all parties.
D. As a result of all this, TPM will only hurt America. It will rob US computer compannies of foreign markets, as these foreign markets decline to help us spy upon them. It will make our own intelligence, law enforcement and military agencies much more vulnerable to enemy cyber-penetration, while doing little to enable us to penetrate enemy, terrorist or crimanal organizations. And in the end it may destablize our political cutlure to the point of inducing a Time of Troubles, such as that which caused the fall of the Roman Republic in the 1st century BC.
Conclusion
TPM, as currently conceived, is a bad idea. It's a terrible idea, possibly a civilization-wrecking idea.
It is essentially a Doomsday Chip, a Sword of Damocles danging over our own country.
Let's go back to the drawing board and come out with a better-conceived system.
It wouldn't be hard. Simply doing nothing and not implementing TPM would be a better idea than what we're doing right now.
======
NOTES
======
(1) - Technically, a "Doomsday Device" is supposed to be able to destroy all life on a planet. The Aswan Dam is far from this powerful, being only able to destroy all life in part of a single river valley. But then, people tend not to really build Doomsday Devices (for the obvious reasons) and hence the Aswan Dam is probably the biggest one ever actually built -- until now.
(2) - Assuming, of course, that precisely the potential abuses of TPM I'm about to detail are bugs rather than features. But I believe that one should never attribute to malice what can be adequately and probably explained by error, incompetence or mischance. Nasser did not mean to give Israel the "Destroy Egypt any time you like" shiny red button.
(3) - In a perfect world, anyway. In the real world, perhaps the biggest bane of system security is idiotic users who use their own names, their birthdays, or the word "password" as passwords. But at least in the real world of today one can avoid this by making up passwords which are either random or at least based on some logic difficult to discern by potential hackers!
(4) - "Fatal" to the delicate microcircuitry, I mean, not to the would-be reverse engineers. These are real-world electronic devices, not Star Trek plasma conduits running right through the bridge. Though, actually, given the potential payoff, I wouldn't put it past our foes to expend engineers, let alone motherboards, trying to reverse-engineer them.
(5) - The obvious way would be to physically separate the net running the strategic launch system from the general one. Another way would be to design a whole different software and hardware operating system for our strategic weapons and their launch platforms. In either scenario, the Bad Guys wouldn't know the precise case until they either did or did not detect missile launch tracks heading for their cities, which is not a reassuring position in which to be from their own point of view.