Germany warns TPM is backdoor. Which netbooks have TPM?

freebirds

Honorable
Sep 2, 2013
6
0
10,510
Germany warns TPM is a backdoor. As the articles below explain, TPM grants
complete remote control of the computer. The recommended switch to Linux does not suffice. My abuser's crackers tampered with my Linux OS to use TPM. TPM uses hidden embedded bluetooth to geolocate a computer offline by the bluetooth's MAC address and to bluesnarf (bluetooth hacking).

This hidden embedded bluetooth is not detected by hardware profilers. It cannot be accessed and disabled by the user. This bluetooth is detected by linux system processor scanners such as conky and htop which detect processes in CPU and memory. It is also detected by linux terminal commands dmesg, lsmod, ps ax | grep bluetoothd. Yet, terminating its process does not actually terminate it.

Manufacturers of netbooks do not list complete specifications regarding bluetooth and TPM. Typically, they don't list TPM at all. They either don't mention bluetooth at all if the bluetooth is hidden or they are intentionally ambiguous. For example, Emachine's specification is no bluetooth but it has hidden bluetooth. MSI's specification was "n/a." Toshiba's specification for NB505 was yes but no antennae. Toshiba mislead bluetooth cannot broadcast its MAC address and be hacked without an antennae. Whereas, bluetooth, especially low level bluetooth and Smart bluetooth have an extremely long range.

Specifications for netbooks with bluetooth accessible to users do not disclose there is also an embedded bluetooth. Removing the combo wifi/bluetooth half mini PCI card does not remove the hidden embedded bluetooth.

I have purchased netbooks because their specifications did not state they had bluetooth and TPM to unfortunately still being bluetooth snarfed via TPM and hidden bluetooth.

Articles on how to detect TPM are outdated. They advise that there is a TPM setting in the BIOS that can be enabled. Yet, I have never seen a TPM setting in a BIOS. Linux uses TPM for full harddrive encryption. Besides being hacked via TPM and bluetooth, Linux's full harddrive encryption has been the only method of detection for TPM other than opening the netbooks for examination of a TPM module.

Can anyone recommend used netbooks that neither have TPM nor bluetooth?

http://www.networkworld.com/community/blog/german-government-claims-windows-8-has-backdoor-big-enough-drive-bus-through-sideways

http://www.liveleak.com/view?i=e44_1377252731

http://technoblimp.com/2013/08/22/why-does-windows-ship-with-a-backdoor-that-allows-microsoft-and-others-to-remotely-control-your-computer/

http://techrights.org/2013/08/22/nsa-back-doors-blowback/

http://translate.google.com/translat...-nsa%2Fseite-1

http://www.wilderssecurity.com/showthread.php?p=2271127
 

Supermuncher85

Distinguished
Aug 18, 2010
133
0
18,660
So stay away from windows 8 ;D

Btw you can in check for TPM modules via cmd -> tpm which will list the tpm modules installed. And as explained in the article you can still harden your system using known BSD or unix systems.

Mean it also says in the article :"Aus einem anderen Dokument geht hervor, dass Windows 8 und dessen Nachfolger zusammen mit TPM 2.0 "bereits heute" nicht einsetzbar seien. Windows 7 immerhin könne "bis 2020 sicher betrieben werden". Danach müssten Lösungen für die IT-Systeme der Bundesverwaltung gefunden werden."

Saying: From a different Document the following statments can be found, where the use of windows 8 and it's successor combined with the TPM 2.0 module are already not suggested. However windows 7 can still safely be used till 2020. After that time frame a different solution for IT-systems used in the Bundesverwaling need to be found".

Overall this doesn't come as a surprise for me. I wrote a paper on TCG aka TPM back in 2004 warning of the risks in it's implementation. When you add a central "trusted" group to do the handshaking if/when they get compromised (goverment intervention see NSA) bad things happen. Talk about putting all your eggs in one basket.
 

freebirds

Honorable
Sep 2, 2013
6
0
10,510
Your warning to stay away from Windows 8 does not suffice. Microsoft's hardware requirement for TPM started with Vista. I don't use Windows. I use Linux. Linux kernels contain TPM's modules. If the computer has TPM, Linux will automatically load the TPM modules when booting up.

My HP Mini 1000 netbook was released in 2009 with Windows XP. I wiped XP and installed Linux. My Asus 1025C was released in 2007 with Windows 7. I wiped Windows 7 and installed Linux. There was no option to enable TPM in the BIOS. Nonetheless, TPM was not only enabled, TPM was activated as the linux lsmod command detected. I do not know how to disable TPM. I doubt there is a way to permanently disable TPM. Crackers and malware could probably discretely enable TPM.

Tails lsmod using Asus 1025C netbook on Jan 9, 2013

tpm 17566 1 tpm_tis
tpm_bios 12836 1 tpm
tpm_tis 13150 0


Tails lsmod using HP Mini 1000 netbook on 9/2/2013

tpm_tis 13040 0
tpm 17735 1 tpm_tis
tpm_bios 13244 1 tpm
 

freebirds

Honorable
Sep 2, 2013
6
0
10,510
The author of the article is wrong. Almost all "linux machines" were formerly Windows machines. Microsoft requires TPM and starting with Windows 8.1, Microsoft will require bluetooth. TPM and bluetooth modules are in the linux kernels. Linux does not automatically enable and activate TPM and bluetooth. Though crackers and anyone else surveilling can. Once enabled, they can be active. The TPM and bluetooth in my netbooks are active. I didn't not enable them. Though I do not know how to disable TPM, I did send the command to kill bluetooth by tabbing and typing bluetooth=no while booting up and killing bluetooth in htop. Bluetooth remained active. The crackers have complete remote control of my netbooks despite my not being online.

The solution is open hardware. There are numerous mostly open hardware boards that run Linux: Cubieboard2, beagle bone black, raspberry pi, gooseberry, Olex, etc. There are two mostly open tablets that run Linux: pengpood and vivaldi flying squirrel. There is Rhombus' laptop project at http://rhombus-tech.net/community_ideas/laptop/. Rhombus needs funding and volunteers. None of these devices have TPM and bluetooth.

However, all of these devices have an ARM processor. ARM has virtualization extensions and Mobicore granting ARM and trusted third parties the ability to surveil and control. ARM is not open source. The Ainol Novo 7 Paladalin had a MIPS processor. MIPS does not have Mobicore but unfortunately is developing virtualization extensions.

The solution is running linux or BSD on completely open hardware. Completely open hardware does not exist yet. Even a mostly open hardware laptop does not exist yet as Rhombus needs funding and volunteers.

Hence, my request for recommendations of older used netbooks that neither have TPM nor bluetooth. In the meanwhile, last night I ordered a pengpod tablet.

MIPS