Week in Review for the Week of 10/25/21 – DTH

DTH-6-150x150Facebook’s corporate entity is now called Meta, Amazon is building a live audio app codenamed “Project Mic”, and Hertz buys 100,000 Teslas.

MP3

Please SUBSCRIBE HERE.

You can get an ad-free feed of Daily Tech Headlines for $3 a month here.

A special thanks to all our supporters–without you, none of this would be possible.

Big thanks to Dan Lueders for the theme music.

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods, Kylde, Jack_Shid, KAPT_Kipper, and scottierowland on the subreddit

Send us email to feedback@dailytechnewsshow.com

Show Notes
To read the show notes in a separate page click here.

Into the Metaverse – DTNS 4142

We examine all the press analysis on Facebook’s name change to Meta. We get some interesting insights from WSJ’s Joanna Stern interviews with Apple executives on design choices for the new MacBook Pro. And we speculate why Microsoft has acquired a content moderation company called Two Hat.

Starring Tom Merritt, Chris Ashley, Len Peralta, Roger Chang, Amos, Joe

MP3 Download


Using a Screen Reader? Click here

Multiple versions (ogg, video etc.) from Archive.org

Follow us on Twitter Instgram YouTube and Twitch

Please SUBSCRIBE HERE.

Subscribe through Apple Podcasts.

A special thanks to all our supporters–without you, none of this would be possible.

If you are willing to support the show or to give as little as 10 cents a day on Patreon, Thank you!

Become a Patron!

Big thanks to Dan Lueders for the headlines music and Martin Bell for the opening theme!

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods Jack_Shid and KAPT_Kipper on the subreddit

Send to email to feedback@dailytechnewsshow.com

Show Notes
To read the show notes in a separate page click here!


Facebook ahora se llama Meta – NTX

Facebook anuncia su nuevo nombre, Blizzard cancela la BlizzCon virtual y Hertz compró 100,000 vehículos eléctricos a Tesla.

MP3

Puedes  SUSCRIBIRTE AQUÍ.

Gracias a todos los que nos apoyan. Sin ustedes, nada de esto sería posible.

Muchas gracias a Dan Lueders por la música.

Contáctanos escribiendo a feedback@dailytechnewsshow.com

Show Notes
Para leer las notas del episodio en una ventana aparte, ¡haz click aquí!

Facebook Is Now Meta – DTH

DTH-6-150x150Facebook’s corporate entity is now called Meta, Google and JioPlatforms announce the low-cost JioPhone Next, and Twitter adds a Labs section to give Blue subscribers early access to features.

MP3

Please SUBSCRIBE HERE.

You can get an ad-free feed of Daily Tech Headlines for $3 a month here.

A special thanks to all our supporters–without you, none of this would be possible.

Big thanks to Dan Lueders for the theme music.

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods, Kylde, Jack_Shid, KAPT_Kipper, and scottierowland on the subreddit

Send us email to feedback@dailytechnewsshow.com

Show Notes
To read the show notes in a separate page click here.

Facebook Is So Meta – DTNS 4141

We examine why big tech companies are growing slowly while smaller more recent startups are doing the opposite, how Apple’s ad tracking policy is hitting some companies bottom line and the ongoing effects that chip shortages are having on industry.

Starring Tom Merritt, Justin Robert Young, Roger Chang, Amos, Joe

MP3 Download


Using a Screen Reader? Click here

Multiple versions (ogg, video etc.) from Archive.org

Follow us on Twitter Instgram YouTube and Twitch

Please SUBSCRIBE HERE.

Subscribe through Apple Podcasts.

A special thanks to all our supporters–without you, none of this would be possible.

If you are willing to support the show or to give as little as 10 cents a day on Patreon, Thank you!

Become a Patron!

Big thanks to Dan Lueders for the headlines music and Martin Bell for the opening theme!

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods Jack_Shid and KAPT_Kipper on the subreddit

Send to email to feedback@dailytechnewsshow.com

Show Notes
To read the show notes in a separate page click here!


Ford Delays the Rollout of BlueCruise – DTH

DTH-6-150x150Ford delays the rollout of its BlueCruise hands-free driver assistance system until 2022, Nikon releases the Z9 mirrorless camera with no mechanical shutter, and Intel announces its 12th Gen Alder Lake chips.

MP3

Please SUBSCRIBE HERE.

You can get an ad-free feed of Daily Tech Headlines for $3 a month here.

A special thanks to all our supporters–without you, none of this would be possible.

Big thanks to Dan Lueders for the theme music.

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods, Kylde, Jack_Shid, KAPT_Kipper, and scottierowland on the subreddit

Send us email to feedback@dailytechnewsshow.com

Show Notes
To read the show notes in a separate page click here.

About Trusted Platform Modules

KALM-150x150"

Tom explains the purpose and structure of trusted protection modules.

Featuring Tom Merritt.

MP3

Please SUBSCRIBE HERE.

A special thanks to all our supporters–without you, none of this would be possible.

Thanks to Kevin MacLeod of Incompetech.com for the theme music.

Thanks to Garrett Weinzierl for the logo!

Thanks to our mods, Kylde, Jack_Shid, KAPT_Kipper, and scottierowland on the subreddit

Send us email to feedback@dailytechnewsshow.com

Episode transcript:

I heard I can’t get Windows unless I have a TPM?
What the heck is a TPM…?
Is it spying on me? Cause I paid for this machine!
Are you confused?
Don’t be.
Let’s help you Know a Little more about Trusted Platform Modules.

There has been a lot of talk about the Trusted Platform Module over the years, from accusations that it is a hardware lock on the computer you own, to confusion over how it relates to Windows 11 installations to vulnerabilities discovered that could weaken its protections.
But what is it?
The Trusted Platform Module, or TPM is kind of a hardware vault for passwords and encryption keys. It is a chip that is designed to store information for authentication and attestation. And we’ll explain why you need both.
Authentication means it stores things like passwords, certificates or encryption keys. Most of you probably get that part.
Attestation means it can store platform measurements
That can be used to detect if your platform has been compromised or breached. In other words it won’t give up the passwords and keys, unless it’s sure it’s in the machine it’s supposed to be in. That prevents people from stealing a TPM, putting it in another machine and getting all your keys.
The TPM can check at boot for unauthorized changes and protect passwords and keys from being improperly accessed or altered.
Next let’s talk about who’s behind it. Pretty much everybody.
The TPM’s specs are administered by the Trusted Computing Group or TCG. The TCG was founded in 2003 by AMD, Hewlett-Packard, IBM, Intel, and Microsoft and now is made up of 120 companies. The TCG manages TPM’s specs, infrastructure requirements and APIs and protocols needed for software to take advantage of TPM. Basically each revision of TPM includes design principles, structures and commands.
The first machines with TPMs inside were sold in 2006. The International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC), standardized TPM in 2009. So it’s an official standard. Not just a proprietary thing.
So what can a TPM actually do?
Well it has a hardware random number generator. Essential for any solid crypto offering.
It can generate secure limited use cryptographic keys, handy for securing software.
And as we mentioned it also can handle something called Remote attestation. This creates an almost unforgeable hash based on the hardware and software configuration of the machine. If you, the authorized user swap out a part, or install something new, that hash is updated. But if a TPM is just pried out and put in another machine, it won’t match and the TPM won’t release any of its keys or let the machine boot.
That’s often considered to be TPM’s main job. Making sure that your machine was not tampered with, without your knowledge. The firmware and operating system manage authorizing changes. So the firmware in your machine, like UEFI, can create a root of trust to check if a configuration has changed and how to proceed. An example of this is the Linux Unified Key Setup or LUKS. There’s also Trusted Execution Technology or TXT which can remotely attest if a platform is using the specified hardware and software. This has been one of the fears of TPM, is that it could be abused by a manufacturer who wanted to control machines and decide what software it can or cannot run and possibly use it to record some user actions without their knowledge. That has not turned out to be a problem but it theoretically still could be. And not all TPMs use TXT.
OK so that’s attestation. And that leads to TPM being safe enough to store your high-level passwords and crypto keys. Thats’ the authentication side.
One main use of TPM’s authentication feature is for full disk encryption. Utilities like BitLocker and dm-crypt use the TPM to protect the key that is used to encrypt storage.
So for Bitlocker on a Windows machine, you unlock your drive by typing in your Windows password, but that password is combined with a longer encryption key stored in the TPM. You need the login password, the proper TPM AND the drive to be in the machine the TPM thinks it should be in. Stealing the password isn’t enough to decrypt the drive. Moving the drive into a new machine won’t work. And because of attestation, moving the drive and the TPM into a new machine won’t work because the system configuration won’t pass. You have to have the exact drive in the exact machine with the same TPM AND the password, to decrypt it.
Of course that won’t protect against someone who has your password and access to your machine.
The TPM can also be used for DRM, with license keys stored there so they can’t be discovered and forged.
PC mag compares the TPM to a home alarm. Turning on a PC, or getting to the disk decryption stage of boot up is like opening your door. The TPM is like the keypad for your alarm. The disk or OS is trying to enter the right code on the keypad to keep the alarm from going off. Of course in the case of the TPM if the code is wrong it doesn’t sound an alarm, the analogy would — I guess- be it blasts you out of the doorway and locks all the doors and windows.
And that’s just for boot up stuff. Email clients like Outlook use it to handle encrypted or key-signed messages. Firefox and Chrome use it for maintaining SSL certificates for websites and other devices like printers and smart home devices use it as well.
It’s worth noting now that there are five different types of TPMs. Though you won’t usually encounter them all.
The most secure is a discrete TPM. It is isolated from other systems and its routines are set in hardware so more resistant to bugs. They include tamper resistance that just stop working if they detect somebody tried to mess with them in any way.
Integrated TPMs are almost as secure, but they are part of another chip so are not required to implement tamper resistance.
Firmware TPMs are software and run in a CPU’s trusted execution environment. They are fairly isolated from other software because of that but still not as secure as hardware. However their affordability and lack of complexity mean they are implemented on low and mid-range devices. Intel, AMD and Qualcomm have implemented firmware TPMs.
A Hypervisior TPM is hidden from software running in virtual machines. It’s kind of like a firmware TPM running in a VM.
And software TPMs are the least secure. They add none of the usual protections a TPM can, being only as secure as the operating environment. And those are mostly used for development purposes.
The latest version of TPM is TPM 2.0 issued under a BSD license. It’s been required on new wIndows PCs since 2016. TPM 2.0 is not backward compatible with TPM 1.2 though it offers many of the same features.
One of the main advantages of a TPM, and why hardware versions are more secure, is that a TPM has a unique RSA Key burned into itself. That lets it create new keys with an almost impossible to detect private key and one that is pretty much as close to impossible to change as one could imagine. That’s why software TPMs aren’t as secure because it’s easier to change some bits in software than the wires in a chip.
Even the keys made using the burned-in keys can be kept inside the TPM and never leave. Requests for authorization are computed within the TPM meaning phishing can’t retrieve the key because it can’t be copied without the TPM.
So there you have it. The TPM is a vault specially created to keep your encryption keys safe and your machine from being tampered with.
In other words I hope you Know A Little More about the Trusted Platform Modules.

Intel counts its Ps and Es – DTNS 4140

Intel announces Alderlake processors releasing this year, Casey Newton suggests more context is needed regarding the Facebook Papers released by Francis Haugen, and Adobe Max has released detailed on new AI powered features for video.

Starring Tom Merritt, Scott Johnson, Roger Chang, Joe, Amos

MP3 Download

Follow us on Twitter Instgram YouTube and Twitch


Using a Screen Reader? Click here

Multiple versions (ogg, video etc.) from Archive.org

Please SUBSCRIBE HERE.

Subscribe through Apple Podcasts.

A special thanks to all our supporters–without you, none of this would be possible.

If you are willing to support the show or to give as little as 10 cents a day on Patreon, Thank you!

Become a Patron!

Big thanks to Dan Lueders for the headlines music and Martin Bell for the opening theme!

Big thanks to Mustafa A. from thepolarcat.com for the logo!

Thanks to our mods Jack_Shid and KAPT_Kipper on the subreddit

Send to email to feedback@dailytechnewsshow.com

Show Notes
To read the show notes in a separate page click here!


What We Do in the Shadows (309) – It’s Spoilerin’ Time 381

Next week: Squid Game (102), What We Do in the Shadows (309), Miami Vice (102)

Email the show at Cordkillers@gmail.com
Subscribe, get expanded show notes, and past episodes at Cordkillers.com

Support Cordkillers at Patreon.com/Cordkillers. If we get to 1850 patrons or $1850/episode, we can begin the Spoilerin’ Project and give you show-based Spoilerin’ Time feeds. Find out more and pledge here.

Download audio

Squid Game (101) – It’s Spoilerin’ Time 381

Next week: Squid Game (102), What We Do in the Shadows (309), Miami Vice (102)

Email the show at Cordkillers@gmail.com
Subscribe, get expanded show notes, and past episodes at Cordkillers.com

Support Cordkillers at Patreon.com/Cordkillers. If we get to 1850 patrons or $1850/episode, we can begin the Spoilerin’ Project and give you show-based Spoilerin’ Time feeds. Find out more and pledge here.

Download audio