Apple Inc (AAPL)

[M Paquette]

The scary, scary part contains...

One (1) SHA-1 hardware hash generator
One (1) 'true' random number generator
One (1) RSA processor
Some EEPROM space
Some NVRAM space
One (1) 16 bit microcontroller to make it go...

Now, there's nothing in the chip that implements the whole 'Grand Scheme' of Palladium/Trusted Computing thing. That particular dim idea requires lots of software work, which in turn means lots of exciting opportunities to subvert the software work. The chip isn't Palladium. Palladium is a Whacky Microsoft Initiative, covered by Patents 6,330,670 and 6,327,652, so it's not likely Apple will be implementing it. (And yeah, Palladium and it's descendants will be hacked.)

The chip is a pretty convenient (and cheap) mechanism for avoiding a need to enter product activation keys, and all the hassle that goes along with those. "Oops! Hardware looks a little different. Better ask for the key again. Nope. Changed too many times recently. Make the user phone Bangalore for permission to use his computer." (I went through this cr*p with a PCMCIA Ethernet card and a WiFi card early in XP's history. Each time I swapped them Windows thought I had tinkered with the hardware a bit too much and wanted to phone home.. Try doing that at 37,000 feet in an airplane seat.)

It's a glorified hardware-based key. It provides a reasonable check for unhacked software to use without making a user go through the activation key drill. (Note to Apple: Get the Pro apps to use this. License key strings are so last century.)

People that freak over this should be equally concerned about the tpm_infineon module for Linux.