Atari founder, Nolan K. Bushnell, has said that PC game piracy is set to be eradicated with "a stealth encryption chip called a TPM that is going on the motherboards of most of the computers that are coming out now." Bushnell believes that once the install base of the chip is large enough, companies will start to see revenues coming from Asia and India.

quote:

"What that says is that in the games business we will be able to encrypt with an absolutely verifiable private key in the encryption world - which is uncrackable by people on the internet and by giving away passwords - which will allow for a huge market to develop in some of the areas where piracy has been a real problem."

Bushnell thinks that piracy of movies and music, however, is probably unstoppable because "if you can watch it and you can hear it, you can copy it."

"Games are a different thing, because games are so integrated with the code. The TPM will, in fact, absolutely stop piracy of gameplay.

http://www.masternewmedia.org/images/infineon_chip.jpg
http://www.masternewmedia.org/images/tpm2.jpg
http://www.masternewmedia.org/images/tpm.jpg

If this actually comes to pass, one can only wonder if existing or newly created motherboard manufacturers will be brazen enough to manufacture boards that don't include this chip.

I wonder what "TPM" might stand for?

http://en.wikipedia.org/wiki/Trusted_Platform_Module

FYI - game related discussions, including game backups, are beyond the scope of this forum. Doom9 forum is for DVD/video related content. This news might be better suited for a gaming forum.

someone says this every year
and every time the idea gets laughed at

its suicide to try and close an open platform
unless you pull a sony and buy off all other parties...

FYI - game related discussions, including game backups, are beyond the scope of this forum. Doom9 forum is for DVD/video related content. This news might be better suited for a gaming forum.

Well,same thing however is said to prevent any copying of movies and audio.Vista is at least half way there and includes support for TPM.

FYI - game related discussions, including game backups, are beyond the scope of this forum. Doom9 forum is for DVD/video related content. This news might be better suited for a gaming forum.
I posted the story because of the very interesting sentence:

Bushnell thinks that piracy of movies and music, however, is probably unstoppable because "if you can watch it and you can hear it, you can copy it."


I was really happy to read, that someone that high up have understood how DRM works. I guess that the first time that have happened.

I posted the story because... I was really happy to read, that someone that high up have understood how DRM works.Yeah thanks for posting. Maybe eventually EVERYONE will understand this (hasn't Jobs, or maybe it was Gates, said this too?) and all the "DRM games" (no pun intended) will stop.

Yeah thanks for posting. Maybe eventually EVERYONE will understand this (hasn't Jobs, or maybe it was Gates, said this too?) and all the "DRM games" (no pun intended) will stop.

The missing parties are Sony and Fox. Only two remaining Satanic spawn to subdue!

someone says this every year
and every time the idea gets laughed at

As difficult it is to believe, TPM would actually enable MAFIAA to lock up our music and movies in a way that completely prevents fair use. TPM modules are essentially their own computer systems, so they're able to protect keys to an extent that current software-based DRM can't (just attach a kernel debugger and watch the CPU registers and any DRM game is up, but with TPM there's no such luck). With TPM, short of breaking a module open and using scanning electron microscopy on its memory, there's no way to get at data protected by such a module. I should point out that TPM isn't all bad, it does allow for much more secure implementations of things like full disk encryption (and encryption in general). Hopefully it'll see more use in this field than in the content encumbrance one.

Yes it is possible to do - its exactly the same as Microsoft do for their Xbox consoles:

No one has yet broken the encryption for Xbox 1 or Xbox 360 games - the private key that Microsoft sign each game with is still secret...

This is exactly how the new TPM chips will work - except that there will be a unique private key for every piece of hardware...

So you receive software (media) signed specifically used for that chip, and that chip alone.

(the chip will send it's ID to the software company, not it's key. then the software company will encrypt using the key corresponding to that individual ID, then you download and decrypt it)

Simple and effective.

The main reason for TPM is to stop "piracy." Why is it news for Bushnell to point this out?

Bushnell is half wrong about video. With solid encryption from the disk through the display, any "pirated" copy is going to be of significantly lower quality. You'd have to film the screen (which usually produces almost unwatchable video). Don't mistake blu-ray's none-use of encrypted output as a failure of encryption to defeat pirates. And, don't mistake the temporary exploit of blu-ray to be a lasting thing.

Wow rootkits hardware deep I would love to see en get this across... I just wont buy any games...

Half my city have stopped driving because of outragious gas prices...
If they cripple the ability to backup owned games by use of static chips on PC Hardware it will be a cold day in hell before i will ever buy one...

So you receive software (media) signed specifically used for that chip, and that chip alone.

(the chip will send it's ID to the software company, not it's key. then the software company will encrypt using the key corresponding to that individual ID, then you download and decrypt it)

Simple and effective.

This just won't work. The above quote pretty much means internet connection would be required - and thats bs. There are still dozens of people without connection. And there are also loads who like to buy boxes :)

This just won't work. The above quote pretty much means internet connection would be required - and thats bs. There are still dozens of people without connection. And there are also loads who like to buy boxes :)

There are a number of ways to deal with this:

1) Sell boxed software on flash memory (USB drive) - i.e. not an installer like current CDs, but the actually software already signed as execute only from the flash drive itself! So it can be run from there, but no-where else (cannot be copied onto any PC at all - the flash drive will not be readable because the TPM chip on the flash drive wont allow it). This is for the people who don't have internet connections.

2) Sell the internet version at a third the price (still making just as much profit). Two-thirds of the total cost is in manufacturing, transport, and retail shelving / sales staff costs. So internet versions at one third the price will sell in preference to the boxed versions as they will save consumers ship loads of money.

Wow rootkits hardware deep I would love to see en get this across... I just wont buy any games...

Half my city have stopped driving because of outragious gas prices...
If they cripple the ability to backup owned games by use of static chips on PC Hardware it will be a cold day in hell before i will ever buy one...

Chances are if your PC was made in the last year you already have a TPM module inside. TPM itself is not a harmful technology, hardware-based protected storage has any number of uses for improving client security. Its main purpose is to enable secure storage of data (mostly encryption keys and authentication material), but it does unfortunately have the side effect of allowing MAFIAA to lace content with much more consumer-hostile DRM.

Ok well this shows absolute Customer Service BS... If they have the technology to encrypt/decrypt games in real time via hardware encryption keys they should make this type of technology ready for encryption of ram to protect from cold attacks...

Otherwize this is absolute corporate BS and should be illegal because this is worse then tapping my phone...

There are a number of ways to deal with this:

1) Sell boxed software on flash memory (USB drive) - i.e. not an installer like current CDs, but the actually software already signed as execute only from the flash drive itself! So it can be run from there, but no-where else (cannot be copied onto any PC at all - the flash drive will not be readable because the TPM chip on the flash drive wont allow it). This is for the people who don't have internet connections.

2) Sell the internet version at a third the price (still making just as much profit). Two-thirds of the total cost is in manufacturing, transport, and retail shelving / sales staff costs. So internet versions at one third the price will sell in preference to the boxed versions as they will save consumers ship loads of money.

1) No way. That's even worse, lol. I doubt there's a single person who wouldn't mind if for software he bough for his hard-earned money he would have to put a damn flash drive in the pc everytime he wants to use it.

2) That still doesn't deal with people who do not have internet at all.

2) That still doesn't deal with people who do not have internet at all.Why not?

There are a number of ways to deal with this:

1) Sell boxed software on flash memory (USB drive) - i.e. not an installer like current CDs, but the actually software already signed as execute only from the flash drive itself! So it can be run from there, but no-where else (cannot be copied onto any PC at all - the flash drive will not be readable because the TPM chip on the flash drive wont allow it). This is for the people who don't have internet connections.

Unless you put the equivalent of a modern desktop computer inside the flash drive, this won't work. The software will still need to be executed by the main system's processor, which needs unencrypted machine code. The key will have to be exposed somewhere and attackers will find it.

Why not?

Because the pirates will use the internet version, not the flash drive version.

Ok well this shows absolute Customer Service BS... If they have the technology to encrypt/decrypt games in real time via hardware encryption keys they should make this type of technology ready for encryption of ram to protect from cold attacks...

Otherwize this is absolute corporate BS and should be illegal because this is worse then tapping my phone...

It is used to protect against full-drive encryption RAM attacks. Windows Server 2008's implementation of BitLocker (cheap imitation of TrueCrypt) does store keys in a TPM module (if one is present) and is therefore not vulnerable to these attacks. Because the keys are stored in the TPM module the server can still reboot without user intervention, and if the hard drive is cloned or stolen it is useless without the original TPM module. The only option attackers are left with is to steal the server itself, but even then only way to get at the data is to deal with the (pretty crappy but better than nothing) Windows authentication. Being a proprietary scheme, BitLocker is probably riddled with security holes that can subvert all this security, but that's no fault of the TPM module.

Unless you put the equivalent of a modern desktop computer inside the flash drive, this won't work. The software will still need to be executed by the main system's processor, which needs unencrypted machine code. The key will have to be exposed somewhere and attackers will find it.

It would cost almost nothing to put in a simple execution unit in a USB dongle. It could do some simple duty with something critical. E.g. it could unencrypt code without ever exposing the key. A more expensive unit, but still affordable, could hold and execute game-critical code, turning over only the results to the host machine.

Ending piracy with a USB dongle is almost trivial. The same is true for an internet connection, working in place of the dongle. Actually, the same is true of the Trusted Platform Moduel.

PC game piracy is making the PC much less attractive to developers.

It would cost almost nothing to put in a simple execution unit in a USB dongle. It could do some simple duty with something critical. E.g. it could unencrypt code without ever exposing the key. A more expensive unit, but still affordable, could hold and execute game-critical code, turning over only the results to the host machine.

Ending piracy with a USB dongle is almost trivial. The same is true for an internet connection, working in place of the dongle. Actually, the same is true of the Trusted Platform Moduel.

PC game piracy is making the PC much less attractive to developers.

and PC game prices are making PC gaming look less attractive to gamers
theres only a handfull of games I'd consider paying for
and 60$+ is not something I'm willing pay

Because the pirates will use the internet version, not the flash drive version.

As already pointed out, the internet version uses the motherboard's TPM chip and internet connection.

As already pointed out, the internet version uses the motherboard's TPM chip and internet connection.

the flash version will be dissassembled and decompiled within the year and be complete with a sandbox/emulator

you will never stop the dedicated pirates
its like trying to getting [political party] to do [political promises]

The hardware based encryption wont work simply because the keys must be in memory to perform decryption (TPM is not a crypto accelerator).

so, any virtualization technology (ie, XEN and BluePill) would allow you to make memory debugging/dumps from Outside the DRMShit, sniffing the comunication between the TPM.

Dedicated hardware is not practical. An usb port might work for example, for a NES emulator into it, allowing only video output and controller input but, modern game engines require insane speeds (Expensive hardware) and a huge data rate (Expensive unexistant port).

Would it be feasible a game on a dedicated PCIe with all the needed CPU/GPU/Memory?

IMHO Is largely unfeasible for industry to make such scheme


I think the only succesfull DRM on games is the Steam content delivery system from Valve.
The instalation process is a pain in the ass for the user and requires internet connection at least once but doesnt require hardware enforced DRM.
As far as I know it allows the installation on any number of machines (although loguin is allowed only for one computer per ID)

and PC game prices are making PC gaming look less attractive to gamers
theres only a handfull of games I'd consider paying for
and 60$+ is not something I'm willing pay

The PC version of a game usually costs less and is better than the console version.

PC gaming has become anemic because of the industry's response to piracy. All the advertising is console side. And, PC versions of games are often delayed or not released.

Gamers themselves are sheep.

Dedicated hardware is not practical. An usb port might work for example, for a NES emulator into it, allowing only video output and controller input but, modern game engines require insane speeds (Expensive hardware) and a huge data rate (Expensive unexistant port).

As I indicated in my earlier reply, the USB dongle need not run the whole game. It need only provide a critical service. That's very doable. The reason it hasn't happened yet is because the industry is either retarded, fear consumers would not accept it, or think piracy will soon be controlled without it (TPM). (Retarded: They'll do it in a couple of years. It'll work great. Everyone will be saying "Why didn't I think of that sooner?" It's so simple.")

I think the only succesfull DRM on games is the Steam content delivery system from Valve.
The instalation process is a pain in the ass for the user and requires internet connection at least once but doesnt require hardware enforced DRM.

Steam works well and isn't too much of a hassle. But, I fear that there will come a time when people won't be able to use the games they paid for. And, of course, it's more than a hassle if you want to install and play your game but you don't have handy access to steam.

As I indicated in my earlier reply, the USB dongle need not run the whole game. It need only provide a critical service. That's very doable. The reason it hasn't happened yet is because the industry is either retarded, fear consumers would not accept it, or think piracy will soon be controlled without it (TPM). (Retarded: They'll do it in a couple of years. It'll work great. Everyone will be saying "Why didn't I think of that sooner?" It's so simple.")


they used to do that on high end software like early CAD
but they stopped doing it when they received nothing but complaints about it

the dongles break
are costly to replace in both downtime and expense

The hardware based encryption wont work simply because the keys must be in memory to perform decryption (TPM is not a crypto accelerator).


That's why you put the key/decryption code in the memory of the USB device, as previously mentioned.

the flash version will be dissassembled and decompiled within the year and be complete with a sandbox/emulator

you will never stop the dedicated pirates
its like trying to getting [political party] to do [political promises]

A year later the software is out of date, the new version will be issued with different encryption, and the TPM on the motherboard will not allow the old version to run as the signature/certificate is out of date :-P

Most companies would be more than happy if it prevented piracy for 12 months per version!

A year later the software is out of date, the new version will be issued with different encryption, and the TPM on the motherboard will not allow the old version to run as the signature/certificate is out of date :-P

Most companies would be more than happy if it prevented piracy for 12 months per version!

and then they still fail to realize that they're spending more money on getting the TPM to work and paying for the flash cart than they're making
:rolleyes:

when they could make way more money by simply lowering their prices to something reasonable

The Dolby Digital Plus encoder we have here at work uses USB dongles. It's actually (I believe) issued on a per-core basis. So, we have 4 dongles for a quad-core MacPro. It's hideously expensive, and you have to maintain a subscription :rolleyes:

~MiSfit

So, we have 4 dongles for a quad-core MacPro.
For some reason I find that hilarious. Do they all piggy back into each other, or do you actually need four free usb ports to plug each one in?

I should point out that TPM isn't all bad, it does allow for much more secure implementations of things like full disk encryption (and encryption in general). Hopefully it'll see more use in this field than in the content encumbrance one.
The problem with black boxes like these, the user have no idea if it have a back door, just like WIndows have a NSA backdoor.

I use LUKS under Linux for harddisk encryption, as everything is open source, so no back doors for sure.

Yes it is possible to do - its exactly the same as Microsoft do for their Xbox consoles:

No one has yet broken the encryption for Xbox 1 or Xbox 360 games - the private key that Microsoft sign each game with is still secret...

I think you have signing and encryption keys mixed up. The signing key is not known, but the unique CPU private key that each x360 have can be found in two different ways. See xboxhacker.net

This is exactly how the new TPM chips will work - except that there will be a unique private key for every piece of hardware...

Very likely only if it is an IBM chip. IBM holds the patent for eFuses.

The way I understand it, is that they want to stop well organized piracy in countries like Asia and India.

That being said, I think the DRM chip will just check if it is a signed, encrypted and original media.

Defeating it would probably be a cheap hardware mod, like done on the all the consoles.

For some reason I find that hilarious. Do they all piggy back into each other, or do you actually need four free usb ports to plug each one in?

the better question is can they be attached to a hub or do they need root ports ;)

I think you have signing and encryption keys mixed up. The signing key is not known, but the unique CPU private key that each x360 have can be found in two different ways. See xboxhacker.net
I was only referring to the signing private key?

just attach a kernel debugger and watch the CPU registers and any DRM game is up


I would be grateful if someone could post simple step-by-step instructions on how to do this and how to make use of the information obtained.:thanks:

someone says this every year

its suicide to try and close an open platform
unless you pull a sony and buy off all other parties...

Gee - you noticed what they did too, eh? Nice shady backroom deals ... thank god my BD-ROM drive for my HTPC only cost me $150 and AnyDVDHD only cost me less than $100 - total less than a PS3 for a player - $250 to rip all the BluRay goodness that I want.

Interesting update to the TPM situation:

http://news.cnet.com/8301-10784_3-9976658-7.html?tag=bl