[Arm-netbook] TPM backdoor

freebirds at fastmail.fm freebirds at fastmail.fm
Wed Sep 4 04:40:47 BST 2013


luke.leighton" <luke.leighton at gmail.com wrote " we need either funding
or we need people to move it forward without funding.  that's all."

I recommend including the status of the project in
http://rhombus-tech.net/community_ideas/laptop/. Include an estimate of
needed kickstart funds, a link to donations, a brief outline of how
people could help and this email list address for people to join. I have
recommended the rhombus laptop in my comment to one article on TPM
having a backdoor. I will include it in my comments to other articles.
Yet, newbies reading this link will probably become confused. Its too
geek. There needs to be an introductory paragraph explaining in simple
english that the laptop would have open source hardware and run linux
and what it would not have: no TPM,  hidden embedded bluetooth, etc.  

Regardless whether you believe TPM is a backdoor and Microsoft required
manufacturers to install hidden bluetooth, both TPM and bluetooth have
an extremely visible unique identifier (UUID). Their UUID can be
geolocated. TPM and hidden bluetooth cannot be disabled. Now is the time
to generate publicity for open source hardware and request donations.
There are more articles on TPM's backdoor than I listed two days ago and
more forum posts too. 

On Mon, Sep 2, 2013, at 04:14 PM, Derek wrote:
"BUT, if you... if I own the keys to my TPM (which is to say  I generate
them and never allow them to leak), then I control my
computer. " The articles say the opposite. That Windows 8 ships with TPM
2.0 preactivated and cannot be disabled. That the Chinese manufacturers
of TPM, Microsoft and trusted third parties have the initial key. Any
key an user can generate is subordinate and ineffective against them. 

Starting in 2006 with Vista, Microsoft secretly required manufactuers to
install TPM. The hype is that users had the option to enable TPM in the
BIOS and then had to activate it and that Microsoft required TPM to be
shipped activated only with Windows 8. This is false and a spin. I say
secretly because the manufacturers' specifications do not include TPM.
The notebook reviews didnt discuss TPM. Vista, Windows 7 and Linux do
not have an TPM icon to click to enable. The BIOS did NOT have an option
to enable TPM. I have read the specs of numerous netbooks. None
mentioned TPM. I have looked at the BIOS of numerous netbooks to make
sure none had computrace. None of the BIOS listed TPM. Windows and Linux
hardware profilers do not list TPM. Hence, I naively purchased netbooks
that had TPM. T

My HP Mini 1000 netbook, released in 2009 with Windows XP has TPM. My
Asus 1025C netbook released in 2011 with Windows 7 has TPM. lsmod shows
the TPM is enabled,  activated and being used but not by me. : 

lsmod from live DVD of Tails using Asus 1025C netbook on Jan 9, 2013:

tpm 17566 1 tpm_tis
tpm_bios 12836 1 tpm
tpm_tis 13150 0 

lsmod from live DVD of Tails using HP Mini 1000 netbook on 9/2/2013:

tpm 17735 1 tpm_tis
tpm_bios 13244 1 tpm
tpm_tis 13040 0 

TPM is very active. I didn't encrypt my harddrive with TPM. I didn't use
TPM. What is TPM doing?

I believe TPM uses hidden embedded bluetooth to disclose geolocation of
both their UUIDs and data when the computers are offline. Microsoft is
requiring manufacturers to install bluetooth starting with Windows 8.1.
This is a spin as apparently Microsoft had required manufacturers to
install hidden bluetooth probably starting with 2009. 

The specifications of laptops are misleading. eMachine 250's
specification listed bluetooth none. MSI specified "n/a" for bluetooth
in their specification of my two MSI L1350D netbooks. "n/a" is
ambiguous. Asus specified some 1015PE has them and some not depending on
"region." HP Mini 100 netbook specification was some have bluetooth,
some don't. Toshiba specified "no antennae" for the Toshiba NB505
erroneously indicating bluetooth could not be transmitted without an
antennae. 

Windows and Linux bluetooth manager did not detect bluetooth. Windows
and Linux hardware profilers did not detect bluetooth. I naively
purchased netbooks misbelieving they neither had bluetooth nor TPM.
Thereby, enabling my abuser's crackers to continue to geolocate,
bluesnarf and infect my netbooks offline. The only netbook I purchased
that the specs stated had bluetooth was an Asus 1015PX (different model
than 1015PE). I paid a computer repairman to open the Asus to remove the
Broadcom combo wifi/bluetooth half mini PCI card. Yet, I continued to be
cracked offline.

lsmod of Asus 1015X after removal of combo wifi/bluetooth card:

bnep                   18863  2 
bluetooth             258249  7 bnep
rfkill                 20451  4 bluetooth, asus_wmi

DMESG, lsmod, ps ax | grep blue detected active bluetooth in all of my
netbooks. I posted lsmod outputs on forums inquiring whether Linux loads
bluetooth modules on all computers or just computers with bluetooth. I
asked for someone without bluetooth to post their lsmod. No one posted.
The only response I received was that my lsmod showed active bluetooth. 

It as not until I actually read the processes listed by Conky on the
desktop of a live PartedMagic CD that I realized that bluetooth was not
only installed but extremely active.  Blueman is almost always the top
first process in memory. Three out of the top five processes in memory
that Conky lists are bluetooth:

blueman-app PID 4218
Krfcommd
obex-data-server

Bluetooth is being used but not by me. 

HP, eMachine and MSI do not list bluetooth in the BIOS. Asus 1015PX
listed bluetooth in the BIOS for the combo card but not for its second
bluetooth which is hidden. I cannot disable bluetooth in the BIOS. I
attempted to kill bluetooth in htop but could not. I typed bluetooth=no
upon boot up. Bluetooth still loaded.  

I searched for commands to kill TPM and found them at
http://lunaticoutpost.com/private.php?action=send&uid=3135.  I haven't
tried the commands as I fear TPM will still load.
The crackers have complete remote control of my netbooks independent of
the operating systems I use. They  freeze the downloading of linux ISOs.
The ISOs I do download completely, they replace with tampered ISOs
before I can burn them to a DVD. They won't boot. Or they do boot but
are obviously missing packages and are obviously tampered with. Hence, I
purchased linux DVDs from OSDisc. 

They infected my harddrives with their bootloader. My netbooks booted up
to their tampered OS. I removed the harddrives and returned to booting
to live DVDs using an external DVD writer. They broke into my room,
stole my external DVD writer, infected it with firmware rootkit and
returned my DVD writer. 

I attempted to install Linux on SD cards. They froze my computer during
installation. The distros I was able to install on SD cards and boot to,
the crackers crashed the kernel and rendered the sd cards unbootable.

They infected my music, movie, pdfs, jpgs, doc and rtf files. They
installed hidden protected encrypted partitions on my flashdrives and sd
cards that auto run when inserted into a Linux or windows computer. The
malware infects the computer and phones home to the crackers and I
become geolocated. After booting to a live DVD of Ubuntu Privacy Remix, 
truecrypt, which is preinstalled in UPR, asks for a password. Opening
the media folder in root shows several harddisks for my sd card as well
as for my flashdrive. Killdisk detects the hidden partitions as
individual harddisks, not as partitions. Wiping the sd cards and
flashdrives with a live CD of hdat2, killdisk, DBAN and BC Wipe Out do
not delete the hidden partitions. 

After booting to a live DVD of Security Onion, I am asked to choose a
program to open the null files. I check show hidden files. I do not see
hidden files. The null files are either in the hidden protected
encrypted partitions or in folders that I initially had created but the
crackers changed the permissions of. They frequently denied me access to
my own files and folders. I cannot open them nor delete them. I can only
wipe the cards to delete the folders and files.I also have been unable
to change the file permissions of the rest of my files which is read,
write and execute. Error message: "You are not the owner so you cannot
change the permissions." Logging in as root does not help as the
crackers immediately log in as root after boot up. 

This month, I purchased an Averatec 1150 netbook released in 2006 and an
Asus 900 released in 2008 from Ebay. I hope when I conduct the
diagnostics that they won't have TPM and hidden bluetooth. I thank this
mailing list for discussing pengpod. Last night I ordered a pengpod. I
will need to open it and kill the embedded wifi card.

What I need most is the rhombus laptop. I hope it will become a reality.

-- 
http://www.fastmail.fm - The way an email service should be




More information about the arm-netbook mailing list