Trusted Computing for Mac OS X

A “trusted computing” module (TPM) was found in Intel-based Apple computers, but the reason for it is unknown. Amit Singh, a member of Google’s technical staff, discusses the existence of the chip in his book, “Mac OS X Internals: A Systems Approach,” in which he also writes that there is no way for Apple’s Mac OS X to directly make use of the TPM; no DRM or similar restrictions are linked to the chip. “The TPM is an opt-in feature,” said Singh. “Apple can’t turn it on–nobody can, other than the user.” The TPM is a single chip that is made up of a random number generator, a small memory chip, and a low-power processor, plus a few other parts. It has no influence on the system due to a lack drivers that are aware of it in either the computer’s OS or its firmware. While it is possible for users to make use of the TPM, Singh’s best guess is that the chip is simply part of the motherboard package from Intel. Ross Anderson, a professor of security engineering at the Computer Laboratory at the University of Cambridge, does not believe that the TPM would be included without reason. Based on “software economics” and “Apple’s traditional business model,” he suggests “future use of the TPM, whether in OS X 10.5, 10.6 or later,” or “use directly by application software vendors, e.g. in Office 2007.” Anderson has been very critical of past trusted computing efforts, linking them to attempted, strict DRM restrictions, such as the prevention of the copying of purchased media files or the playing of a CD on more than one computer.

Sources: ACM TechNews, eWeek.

Read full chapter from Amit Singh’s book here.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.