Eddie Bleasdale, open source evangelist and the man behind NetProject, has a new plan. Secure, managed desktop computing: Linux for the non-techies. At the heart of the Trusted Computing Project is a £200 black box, about the size of those funny little Mac boxes, running a root-locked Ubuntu distribution. The user pays an …
An oldie but a goodie
Sounds like a UNIX-based thin client to me.
Hasn't that been about to take over the world for, oh I don't know, about thirty years now?
Shurely shome mishtake ?
Aw c'mon, how many bits of Linux advocacy have you seen containing the phrase "would you buy a car with the bonnet welded shut" ?
See also http://www.theregister.co.uk/2007/09/14/microsoft_dispels_stealth_update_rumors/
and the related comments.
Who in their right mind is going to want a box that you can't control but someone else can ?
What happens when you stop paying the fee ?
What happens when h8krz publicise ways to break into it ?
/etc/* /etc/* /etc/*
Can't see it myself.
and software is updated remotely? Sounds insecure to me...
So let me get this straight; the box is locked up tight so users can't mess with it, but the software is updated REMOTELY? Sounds like locking the barn door while leaving a large first-floor back window open and unguarded. REAL security generally involves NOT allowing remote administrator access to the box. I'll be fascinated to know how long it is from the first deployment of these systems (if ever -- I'm skeptical) to the discovery and exploitation of a remote-access vulnerability that turns'em into malware zombies.
I hate it
No, no no.
This is not the way forward. The way forward is that the user must become smarter and the software must become easier.
Don't buy into "their" (the user's) game of playing dumb.
Sounds like a good idea for granny....
They'l just need to get it into a turn-key shrink-wrapped box at Walmart now.
To previous responses:
I am sure it *could* be done securely, with VPN and whatnot, we'll see if it is.
Shot in the dark? Definitely, but that doesn't mean they can't try. Best of luck to 'em.
"Show me the money"
I'm sure it's just for keep plain folk out of mucking up their Internet browser and not for locking out users to stop them from doing naughty things with video or music.
... All your root password are belong to us.
Interesting. I can see the point for people who are afraid of breaking their computer, but by installing linux, your immediately scaring the non-techies of the world, as they won't be able to find the start button. Its not like Which? magazine covers the flavors of linux in its user manuals.
Had to laugh at that one. As the poster above mentioned about the unix thin client, this type of thing has been around for (at least) 30 years and so have secure means of remote administration, ssh for instance.
The majority of the internet runs on more or less the same type of platform, no telnet or internet explorer here :) If they can keep the projected prices for the units and support then they its a damn good deal.
A really terriffic idea!
A really terriffic idea for the 90% of computer owners who just want something that works that they do not have to think about.
The successful completion of a project like this is what would be needed to displace Windows as the mainstream operating system for the regular consumer and SOHO market.
That is does not meet the needs of the remaining 10% (it is inappropriate for a hobbiest who wants to learn to administer their own system) is totally irrelevant -- that 10% is not in the target market.
The devil is in making this project work. There will be a lot of work required. This will not be a small project.
Unfortunately there is lots of software that ordinary people want to run that is not open source (e.g. various games, the same office software they use at work).
A later phase of this project will have to successfully address this issue in order to expand the customer base. Once that happens this project could technically meet the needs of the 90% of users, and then it is a matter of getting users to switch, and computer vendors to install it.
What the hobbiests and academics tend to miss in their comments is that a product has to meet the needs of the intended user/purchaser, not the needs of the vendor, and not the needs of bystanders.
forget TCP--I want a 5W computer!
5W is some seriously efficient computing.
Of course I want a <=5W computer with a trillion 37 petahertz cores and at least one yottabyte of RAM, but one can dream, right?
To the above commenters, a great many hosts and individuals leave SSH servers running without issue, assuming good passwords were picked. What makes this any different? Hell, why use passwords at all, encryption keys are even better.
More like Brain Locked
Until someone finds a way to educate Joe sixpack there will be no such thing as a 'secure' internet.
and software is updated remotely
That's easy enough without ANY remote access:
Just use cron to kick off a periodic self-update. No remote access is needed because all connections originalte from the system being updated. The technology is well-known: its been a configurable option with RedHat Fedora since at least FC4 and since FC6 I've not had to check and fix customised configuration files for updated packages such as Open Office, Apache, named and Samba.
Even a reboot after a kernel upgrade is easy enough: just generate an e-mail to the owner asking him to reboot if/when needed. Similarly, e-mail him details of what has been updated so he doesn't feel like the victim of a mystery software change.
Great in principal
SSH for remote admin is great. I do so for many servers. But when you're talking about farming out admin to a host of various linux admin types, the ever increasing chance of your password/cert/whatever authentication slipping into dodgy hands goes up considerably. Of course, you can't simply have a random set of access codes for these things, they have to be maintained in some db or other. But how do you stop your admin user from changing it?
So many problems, I can't see it working.
Nice idea, but...
Although at some level I like this idea- I don't really believe that the masses will ever be smart enough to run their own damn computer- this proposal seems to raise more security concerns than it solves.
You're putting the security of your box in the hand of some 'geek' you've never met who works for the management company. (Or maybe just a 'volunteer' to the project?) Maybe that geek is trustworthy. Maybe he's not. All it would take is one malicious 'administrator' to turn all the boxes into a botnet.
This sort of things works pretty well in a corporate setting, where you're turning over control to the IT department, who you have some level of 'relationship' with and some reason to trust them, but to turn over control of a personal computer to an organizaton with offices hundreds/thousands of miles away (maybe outsourced to India someday), enh, I wouldn't let my granny do it.
Unless granny is turning over control to someone she already trusts (i.e., her geeky grandson)- which pretty much eliminates any edge this has over existing Linux distributions- then I fail to see how they intend for this to be trustable in a grander fashion. They better have an ace up their sleeve if they intend for this to go anywhere.
Re: 37 Petahertz
"Of course I want a <=5W computer with a trillion 37 petahertz cores and at least one yottabyte of RAM, but one can dream, right?"
Tsk, Tsk... yet another filthy peta-phile!
Show Me The Money!
I've played with this theme and variation for some time. The technical aspects are as variable as are the marketing aspects. In terms of marketing the biggest obstacle I see is that people make a purchase wanting to maximize utility in terms of common perceptions. For example, using the hackneyed automobile analogy, it would be great if commuters bought small, smart cars, or, better yet that smart cars were part of the transit system and were made available by reservation at main transit stops. There is movement toward small, efficient cars but generally the masses want a car that allows them to do all the big, family things as well as commute to work. The same applies to computers. Generally the people want a computer, as advertised. A desktop with shortcuts is what people know about navigating on a computer. They'd guess it's running Windows, but really if they found out it ran Linux they'd likely not know what that meant. Point, click.
Establishing a market for thin clients requires identifying a niche market or creating one. For example, cafes that want to offer internet access but don't want to maintain the boxes. I considered putting up kiosks downtown. Four thin clients to a kiosk, pump in some change and do your business while the meter runs. If the vendor made the effort to secure the boxes, worked for their customers' best interests (this wouldn't be allowed in America where caring for a customer's best interests is seen as a commie, terrorist action and will get you a one way trip to gitmo) and sold security, it might be possible to tie thin clients into ATMs. There are obvious challenges.
In terms of full blown boxes ISPs are now offering free computers as sign up incentives. It might be worth looking at putting boxes in customers homes and maintaining them as long as they stayed hooked up to the ISP. Again, it necessary to develop the market. For example, professional groups are prone to going with what works and gives them a bit more smoke and cover in terms or Errors and Omissions. Set up a secure network and advertise the boxes to an area's professionals.... I got a million of 'em :), but then as a sign in a barber shop read: "If you're so smart why ain't you rich?"
there will always be a "joe sixpack" or a Radio One listener who wishes to operate a computer. So I guess users do need protecting from themselves. And I believe it is much better that the Open Source community look after an idiots PC than micro$oft.
We cannot make these people smarter though, it's down to the content of the gene pool. Perhaps if some of the warnings on household products, zebra/pelican crossings and the words on the wing mirrors of American cars were removed, the dumb would then become less of a problem.
I just wonder how support would feel about guys like me who are possibly more confident than able when it comes to tinkering "under the bonnet". It would not be welded shut for long. The developers would also have to work closely with industry, support for the latest hardware is thin on the ground, this would exclude the enthusiast market. Debian is the only distro I can get to work on my i915 based laptop, I had to do a minor hack on the install to make that boot. And who knows what ugly beasts may arise from the collusion of an open source community with a capitalist, closed source industry? It would be nice to think that principles would hold over cash.
A 5W PC is very nice(Earth friendly)... but could it compete with a Core2Duo @3.2Ghz and 2x ATI X1900XT in crossfire? I do like to escape into gaming, the only real reason I still run XP. That and Cuebase.
Any success of this project is really down to trust, and application interfaces not being wildly different to m$ applications. The latter is non too difficult to address, but gaining trust is going to be much more difficult. Power does corrupt and judging by the way things are with the world, it is in man's nature to be corrupted by power.... Wake up, open eyes, look around. Having said that, the number of people who will happily supply social networking sites with personal information indicates that this trust is far too easily won.
It only takes a greedy bastard or two to fugg this kind of thing up.
someone didn't do their cost averaging.
I'm not sure this is going to be a good model. these people may be radically underestimating what their costs are going to be.
If anyone remembers BSDI, the non open source BSD implementation, I knew a guy who worked tech support for them. What he got was about 50 people who required normal levels of support, and a couple guys who were obviously clueless about the system and basically forced tech support to do their job for them. These guys took up more support than the other 50 together.
getting a skilled salaried employee for 1/1000 of the effective cost is a great thing for the customer but I doubt the company is going to be able to keep up.
Support in general
"and a couple guys who were obviously clueless about the system and basically forced tech support to do their job for them. These guys took up more support than the other 50 together."
Yeh, but that's true the world over ... 98% of my clients are great, they read the fine manual and get on with it ... the other 2% ... bah humbug!
Tried before, and died...
Larry Ellison (yes, of Oracle fame) put together a company called 'NIC' and tried this. They had a Linux distrubution on a CD-Rom that ran on a 64Meg small clone box (about 1.5 the size of a CD-Rom square and about 2 inches thick. It worked pretty well, but clunked along. Very secure as the CD-Rom drive couldn't write, and if it froze, you just re-booted. While it worked pretty well (I even have one!) the marketing just wasn't there. The other problem is that it was just slow, being run from a CD-Rom and all. The biggest problem is the updating of the software. They finished with a bad release of the browser (it wouldn't save any of its settings), and was old to boot. I had sites that wouldn't work (banking in particular) because it wasn't up to date.
The company (I had a friend that was one of the last employees there) died because the sales just didn't go anywhere (sounds familiar!). They had all sorts of grand ideas that some corner office "PHB" came up with. They needed a good dose of "reality" (what a concept).
It sounds like a great idea, but until you get ALL the bugs out, and a wide acceptance, it just isn't going to fly, much less take off!
No it's not a good idea
My suggestion lock yourself out of your computer
forever it's best that way. If you can't use it
don't, you are obviously retarded you don't need
a job as you should be institutionalized and you don't need
a computer of any kind. People need to stop suggesting this
type of crap it makes a mockery of education and trying to
put an end to this sick sad ignorance. This isn't what Linux is and it makes me physically ill at the thought of this claptrap being taken at all seriously.
If Microsoft proposed this, everyone would be up in arms about privacy and not being able to use their own machines to their full potential. But it's alright for some random UNIX/Linux nerd to log in remotely and rifle your files once a year?
Bleasdale doesn't understand Trust
It's a typical Eddie Bleasdale: fast reaction, lots of hyperbole, limited amount of thinking.
Fundamentally, you cannot call something TRUSTed because TRUST comes from you. It's your decision to believe something, to accept a transaction, based on the circumstances surrounding that decision at the time of that decision. It's atomic.
What Eddie says here is "Trust me instead of the other guy". From a business perspective I have no reason to trust Eddie either (I know his heart's in the right place but that doesn't quite qualify as a business decision model :-). The facts is, with such an outsourced model I will always have to decide to invest some trust into a service, but that still doesn't mean the "Trusted" naming is anything more than a marketing gimmick, merely displaying a profound lack of understanding what trust is. You earn it, you can't tell someone to trust you just like that.
A good intro is the animation made about Trusted Computing, see http://www.lafkon.net/tc/ - it makes that point very nicely.
About the only interesting thing about this system is the hardware. I wouldn't mind having a look at a thin terminal in that format.
yes , never forget that ...
All Your Cuebase Are Belong To US
A discrace to Linux users
This guy deserves a Darwin award for taking the Open out of Open Source.
What is a Linux box if you can't upgrade system libraries yourself or tweak the kernel to run as you please? Isn't that no different from Windows?
And for RM1400/US$350/£200, I'm pretty sure you can get or build a decent box that will run Linux fine.
Environmentally-Friendly Trusted Computing
yeah, they're using koolu boxes as the faster of the two main choices, linutop and koolu as the koolu uses the AMD Geode LX 800 and so doesn't require special optimisations in order to do VoIP and MPEG playback for example.
the combination of 5 watts, saving masses of money on electricity, smaller machines therefore the reclaim and recycling cost is lower, security built-in including remote management and secure off-site backups is a compelling combination.
Relevant quote from Cryptogram 0709
bruce schneier says:
"I wonder about those who say "educate the users." Have they tried? Have they ever met an actual user? It's unrealistic to expect home users to be responsible for their own security. They don't have the expertise, and they're not going to learn. And it's not just user actions we need to worry about; these computers are insecure right out of the box.
The only possible way to solve this problem is to force the ISPs to become IT departments." ....
and other classic quotes - the whole article is well worth reading.
the point about "secure and remotely manageable" can easily be made trustworthy
for the users by requiring the remote administration to be activated by the user
themselves. this is exactly how many remote admin systems already work.
the little boxes, if anyone's interested, are available direct from http://koolu.com
It's a good plan
This needs doing. As the original article said, it is "Linux for the non-techies". More to the point, it is a *managed computing service* for non-techies.
When you look at what most people actually *use* computers for, you find web-browsing, email, a bit of word-processing, and maybe the holiday snaps from the digital camera. If the machine can do all that while relieving the owner of the problems of software updates, anti-virus subscriptions, and Patch Tuesday panics then there should be a market for it. The market is clearly not geeks and gadgeteers, so readers of The Register may not be big purchasers. On the other hand, I would certainly recommend these things to friends and family - it would reduce the amount of casual IT support that I get asked to do when visiting people!
Trust must be earned. A well-managed service using carefully locked-down boxes has the potential to earn that trust. Using open-source software as the basis makes it easier to audit what the supplier is doing, though it also makes it easier to set up in competition. Maybe we will see services competing on trustworthiness in future - it will certainly make a change!
To all say the password could be leaked
..This is true, but then again surly if you where going to do this project you would make sure every administrator had a unique ID generator number to access the box as well as the password they are used for the likes of access to Citrix over web as a double security measure..
Not the right way of looking at it.
If rather than trying to make a fool-proof computer he was making a system that will manage all your VoIP calls and record your TV channels for you while letting you browse you emails and the internet through your TV I'd say he'd be onto a winner.
You'd get a box that you couldn't mess up (like a sky box/freeview box everything is built in) and they'd push updates to you.
Using the box for anything more complicated would proove limiting. You wouldn't use an XBox to word process or a printer to play videos, why would you use a cut down computer to take the place of the highly versitile desktop pc?
That rung a bell or two! Didn't cix used to run on something called a Bleasdale before it ported to Sequent? Any relation? I could be wrong, it was a while ago.
Some of the older Vultures may remember this.
Trusted computing means...
that the owner of the boxes (the manufacturer) gets to choose what software users can run on them. In this case they decided not to allow skype on them. When normal people get to choose between a locked black box where they can't use their favourite programs and between an unsecured open windows box that doesn't need a subscrition but runs every program they want. Well, it looks like this closed (trused) computing is something they would never choose on their own.
He goes on saying: "The TCP is for those who recognise there has to be a radical change in the way computing is provided to the public" while forgetting that the public (aka the people) don't recognise this and they don't want anything that has to do with limiting them in a way. Most non skilled people are happy with how windows works and just wants to keep using it as they do it now.
ps: Isn't this kind of hardware/software setup is against the gnu-gpl? Afaik they have to provide the source code and the root password to access the system, otherwise it would count as a closed system.
They'd only have to offer the source to those who asked for a copy. Even if they sent a CD or DVD with all the source on it with the box, the customers of this kind of service don't know how to run a compiler, so forget about them modifying it themselves. There's no root password requirement AFAIK.
Yes, it'd be easy for you, for me, or for thousands of others to take that source and make the box do something different. However, I'm certainly not willing to pay a yearly fee to have someone else admin my Linux box.
The only other place the source is an issue is if they're worried about competition in the same market segment. However, the hardware, marketing, and the remote admin team are what differentiates the service. They can give competitors the software source and all without changing their business model.
I have my doubts about the success of the business model, but the source shouldn't be an issue. Keep in mind they're not selling a product, but a service that happens to require some hardware and software. The service is the whole point.
"If rather than trying to make a fool-proof computer he was making a system that will manage all your VoIP calls and record your TV channels for you while letting you browse you emails and the internet through your TV I'd say he'd be onto a winner."
that's what koolu themselves are promoting (their little boxes for). the best available combinations at the moment are with voxbone and mythtv.
"When normal people get to choose between a locked black box where they can't use their favourite programs and between an unsecured open windows box"
you can always get it "unlocked" - i.e. ask for the root password. you just can't claim it's "trusted" any more.
"They'd only have to offer the source to those who asked for a copy."
of course. everything has to be free software - otherwise it can't be trusted. they just can't have the digital signing private keys and, if they ask for the root password, they're unlikely to be a "normal" customer (i.e. they're probably geeks) and they are likely to know what they're doing... and don't really _need_ a "trusted computing" platform from eddie's group in the first place!
"However, I'm certainly not willing to pay a yearly fee to have someone else admin my Linux box."
good for you. you're in the top .... err.... fractional percentage of people in the world.
"The only other place the source is an issue is if they're worried about competition in the same market segment."
...not really. the principle is more important - demonstrating that it's actually possible...
"However, the hardware, marketing, and the remote admin team are what differentiates the service. They can give competitors the software source and all without changing their business model."
... precisely. and our competitors aren't going to have the same digital signature private keys, are they! so those people who build up the best team, the best reputation as being "trustworthy" precisely as you correctly surmise.
you know how the free software business model works: it's all about being honest, about not doing "lock-in", and leading the way. in other words, it's back to the principle of guilds and craftsmen providing valuable service, instead of wage-slaving and ownership providing service you have to go to because there's nothing else.
so it's entirely essential that the whole process be open and absolutely impeachable, and actively encourages and invites competition. eddie's group actively seeks to be the one that breaks the ice - gets things going - and intends to remain the innovative market leader in the trusted arena.
Sounds good to me..
If some people want a locked-down, secure box managed by someone who knows what they are doing then why not, if it's done carefully and properly?
A lot of my resolutely non-techie customers are happy to have Unix/Linux and even Windoze servers that are managed by us and not only 'just work' but keep on 'just working'.
They can configure the useful top-layer stuff however they like but have no access to the complex, breakable bits.
They love it this way because they can get on with their lives and jobs and let us worry about the complicated technical stuff.
Many of them are now even moving to thin clients connecting to their managed servers via RDP or VNC so they don't have to worry about managing them either.
How many Joe-public types moan that they cannot tweak the kernel code of their mobile phone or set-top box or swap their car's clutch for another on a weekly basis? Not many.
Give them the illusion of control and most are happy for the real technical gubbins underneath to be looked after by the experts and 'just work'. Let's face it most 'average consumers' would be quite happy to drive a car with a welded-shut bonnet so long as they had a choice of black or pink floor-mats.
The only real problem I can see is that Linux is crap for games so a two box solution (one TCP box for serious stuff and a games/media box for recreation) would be necessary.