Any Mac Pro owner here? What does your ioreg say?

[rpp3po]

I would join your club and order one today, if anybody of you could help me with definitely clearing up this TPM issue.

Just run the command 'ioreg' on your terminal and post the output. (It doesn't matter if this output gets cut at line ends, since we only need the first left half.)

Why this issue might be important to the future-proofness of the Mac Pro can be read here:

In short: Without a TPM it'd be much easier for hackers to paravirtualize a Mac Pro on commodity PC hardware. So IF the Mac Pro really hasn't got a TPM (all other Intel Macs do), new OSX versions may one day be backwards compatible to almost all Macs but the first generation Mac Pro for copyright reasons.

https://forums.macrumors.com/threads/235108/

(Just ignore the distractions from the impertinent guy posting "answers" to the issue, at the same time being unable to prove anything).

 

[Origin]

Here is my output

 

[John Inman]

ioreg File

I have run this script on my Mac Pro but I can't post it because it is too large.

If you want to email me capn_video@mac.com I will be happy to send it to you.

 

[rpp3po]

Thank you both very much!! I have checked the attached file and it does indeed NOT list a TPM.

For example, that's an excerpt from a MacBook:

+-o SBS0 <class IOACPIPlatformDevice, registered, matched, active, busy $
| +-o TPM <class IOACPIPlatformDevice, registered, matched, active, busy 0$
| +-o DMAC <class IOACPIPlatformDevice, registered, matched, active, busy $
| +-o FWHD <class IOACPIPlatformDevice, registered, matched, active, busy $
| +-o HPET <class IOACPIPlatformDevice, registered, matched, active, busy $


Notice the "TPM" entry. There is no corresponding one in the Mac Pro output.

So we can conclude that the Mac Pro has got no TPM.

Don't know if I should buy one anyway. It's really a compelling machine.

Though the TPM is missing Apple may anticipate that there's never really going to be a problem with hacking as whoever can afford a XEON workstation could buy the original Apple in the first place. And the cheaper platforms stay TPM protected.

 

[John Inman]

Tpm

I switched from a HP xw9300 to a Mac Pro. Mainly because of the fact that it would run windows natively and because of the excellence of engineering in the hardware. If there ever was a dream machine for geeks, this is it! I currently have OS X and Win XP Pro on one harddrive, Vista RC1 on its' own harddrive and an additional drive shared with all three OSs.

I highly recommend this system, it's the quietest computer I have ever heard, and most certainly the Rolls Royce of hardware.

Just my 2 cents worth!

 

[Altimeter88]

Though the TPM is missing Apple may anticipate that there's never really going to be a problem with hacking as whoever can afford a XEON workstation could buy the original Apple in the first place. And the cheaper platforms stay TPM protected.

That is why I purchased one, at first I thought I could go to newegg and buy the parts and a nice case, put a hacked version of OSX86 on it and I would have a mac pro at a much cheaper price. Well I added the price of parts with the 2x2.66Ghz Xeons, X1900XT, nice case and psu and the price was more than I could just buy the real deal via edu. discount.
So I decided to just order the real Mac Pro and it has been great so far (except lack of RAID 5).
You just can't discount how well this case is engineered. I have a really nice Lian Li Aluminum case that cost almost $300 but that thing in nothing compared to this new Mac Pro. This case is amazingly silent, looks amazing, and everything fits together so nice and smooth.

 

[Trekkie]

Just curious but why do you care so much that it has a TPM chip or not. XP doesn't use it, OS X doesn't use it, so why bother?

 

[chatin]

I switched from a HP xw9300 to a Mac Pro. Mainly because of the fact that it would run windows natively and because of the excellence of engineering in the hardware. If there ever was a dream machine for geeks, this is it! I currently have OS X and Win XP Pro on one harddrive, Vista RC1 on its' own harddrive and an additional drive shared with all three OSs.

I highly recommend this system, it's the quietest computer I have ever heard, and most certainly the Rolls Royce of hardware.

Just my 2 cents worth!

True, no one does aluminum industrial design like Apple! So, if Apple is tempted to go carbon fiber, I'm keeping mine for a long time.

 

[Origin]

Just curious but why do you care so much that it has a TPM chip or not. XP doesn't use it, OS X doesn't use it, so why bother?

For the laptop and iMac series, as far as I know, the TPM is used to lock Mac Os X on Apple plateform, to no allow Mac Os X to run on any PC hardware !

 

[rpp3po]

For the laptop and iMac series, as far as I know, the TPM is used to lock Mac Os X on Apple plateform, to no allow Mac Os X to run on any PC hardware !

That's correct. Because there's technically no substantial difference between Intel Macs and PC's anymore, Apple has hardcoded a request for an original Apple TPM into OSX on all Intel machines.

The Mac Pro seems to be the first Intel machine without it. Until today that's absolutely no problem. There is no cheaper Xeon competition being worth having to run a hacked OS-X.

Nevertheless I think it's a risk for Apple. I'd be much easier from a programmer's perspective to emulate the Mac Pro's Intel 5000X chipset on top of a commodity PC one, than faking a TPM.

 

[iMeowbot]

Here is my output

There you go:

+-o Dont_Steal_Mac_OS_X <class Dont_Steal_Mac_OS_X, !registered, !matched, active, busy 0, retain count 5>

that is the kernel extension that deals with the TPM.

(Just ignore the distractions from the troll who started this paranoid inquiry.)

 

[rpp3po]

+-o Dont_Steal_Mac_OS_X <class Dont_Steal_Mac_OS_X, !registered, !matched, active, busy 0, retain count 5>

that is the kernel extension that deals with the TPM.

(Just ignore the distractions from the troll who started this paranoid inquiry.)

That's a software module, you pro. It's not tied to a TPM, but just checks for a blend of device ID's which can be easily replicated (in contrast to a real TPM).

The module you mention is also listed on other Intel Macs. The only difference is that all Intel Macs but the Mac Pro list the following additional line:

| +-o TPM <class IOACPIPlatformDevice, registered, matched, active, busy

What's your obsession with this? You don't own a Mac Pro, but try to tell everybody that it indeed has a TPM where we have seen that it hasn't. What are you basing your claims on?

I just wanted to clear things up before I buy. The posted ioreg outputs were exactly what was needed to resolve the issue. They have saved me a hundred miles to the next Apple store and I'm thankful for that.

Since the first time you have heard my question, you're running in circles. A little Don Quixotesk your little crusade, don't you think?

 

[Trekkie]

You didn't answer my question though. Why do you care if it has a TPM or not?

 

[iMeowbot]

You didn't answer my question though. Why do you care if it has a TPM or not?

The Blu-Ray conspiracy theory doesn't even make sense. AACS only works properly if the encryption system is built into the Blu-Ray drive itself, and likewise the whole point of HDCP is to take the CPU out of the decryption loop. A TPM on the system logic board is useless to these schemes.

 

[rpp3po]

You didn't answer my question though. Why do you care if it has a TPM or not?

See the first post in this thread..

 

[rpp3po]

The Blu-Ray conspiracy theory doesn't even make sense. AACS only works properly if the encryption system is built into the Blu-Ray drive itself, and likewise the whole point of HDCP is to take the CPU out of the decryption loop. A TPM on the system logic board is useless to these schemes.

Again you're telling crab. Where are you getting all this false information from? The HDCP specification is public, so show me the passage where it says that the CPU must be bypassed in a computer system. Even less likely you'll find a passage where it says that the whole "point of HDCP is to take the CPU out of the decryption loop".

Why do you think you need a 3Ghz+ CPU for watching HD content on PC's? Because the CPU is bypassed? Where do you want to do the very processing intensive VC-1 or AVC decoding? Within the Blu-Ray drive? I haven't met a clown like you in a long time.

The point of HDCP is a secure path from the drive to the monitor. That does NOT mean that the CPU get's bypassed. It does mean that every participating element (drivers, playback software) must be certified and must not expose any unencrypted data. A very secure and inexpensive way to do this is digitally signing them against a TPM.

 

[iMeowbot]

Again you're telling crab. Where are you getting all this false information from? The HDCP specification is public, so show me the passage where it says that the CPU must be bypassed in a computer system. Even less likely you'll find a passage where it says that the whole "point of HDCP is to take the CPU out of the decryption loop".

It's right in the overview. That is what are meant by "eavesdropping devices." The HDCP is encoded onto the disk, and is processed by the video card and finally decoded by the receiver and display hardware. the computer doesn't get into the act.

Why do you think you need a 3Ghz+ CPU for watching HD content on PC's? Because the CPU is bypassed? Where do you want to do the very processing intensive VC-1 or AVC decoding? Within the Blu-Ray drive? I haven't met a clown like you in a long time.

The CPU will produce a nicely formatted scrambled video. Only computers fitted with HDCP cards and displays will be able to display them in the clear. Only a reduced-resolution form of the video, or none at all, will be available to computers lacking the necessary video hardware.

The point of HDCP is a secure path from the drive to the monitor. That does NOT mean that the CPU get's bypassed. It does mean that every participating element (drivers, playback software) must be certified and must not expose any unencrypted data. A very secure and inexpensive way to do this is digitally signing them against a TPM.

No, a TPM does not accomplish this. The video hardware needs to implement this independently to protect against virtual device attacks.

 

[rpp3po]

It's right in the overview. That is what are meant by "eavesdropping devices." The HDCP is encoded onto the disk, and is processed by the video card and finally decoded by the receiver and display hardware. the computer doesn't get into the act.

It's almost boring to answer all of your crab, but you deserve my respect for continuously making a fool of yourself.

The HDCP is not encoded onto the disk. It's also not encrypted there if you mean that. HDCP is SOLELY specifying a standard for encrypting DVI and HDMI links. Nothing else! You have obviously not read the specification:

"HDCP 1.2 is designed for protecting Audiovisual content over certain high-bandwidth interfaces, referred to as HDCP-protected Interfaces, from being copied. In HDCP 1.2, the HDCP-protected Interfaces are Digital Visual Interface (DVI) and High Definition Multimedia Interface (HDMI)."

If you had read more than three sentences of the HDCP specification "eavesdropping devices" in the context of this spec are devices intercepting the DVI or HDMI connection. What in heaven leads you to the believe that they mean CPU's? You wont find a single reference for this.

What you're probably confusing all that with is AACS. AACS is encrypted on the disk. It's the operating system's task to establish a secure path from the Blu-Ray drive to the graphics card. The operating system of course runs on the CPU, also the decoding of VC-1 and AVS data.

The CPU will produce a nicely formatted scrambled video. Only computers fitted with HDCP cards and displays will be able to display them in the clear.

As VC-1 and AVS are no pixel-wise codecs and rely on motion vectors, the picture cannot be decoded "anonymously" by the CPU without relating to the original picture stream. The HDCP cipher is applied to the unencrypted picture within the graphics card, not the other way around as you are trying to tell us.

That's why a signed and trusted path through the operating system is of such importance. If hackers would use modified graphics drivers they could reroute the unencrypted picture anywhere they wanted to. So to get Blu-Ray approval operating system vendors must prove that they can provide trusted paths through their operating systems which refuse operation as soon as modified components (drivers, etc.) are detected in the media path. That's where a TPM comes into play. The operating system can ask the TPM if a driver's signature is valid without much effort. Microsoft is trying to do this even without a TPM in Vista, but it's a lot more effort and less safe. If operating system vendors fail to provide this safety they can get their decryption keys revoked from the Blu-Ray association.

 

[waremaster]

I would join your club and order one today, if anybody of you could help me with definitely clearing up this TPM issue.

Just run the command 'ioreg' on your terminal and post the output. (It doesn't matter if this output gets cut at line ends, since we only need the first left half.)

Why this issue might be important to the future-proofness of the Mac Pro can be read here:

In short: Without a TPM it'd be much easier for hackers to paravirtualize a Mac Pro on commodity PC hardware. So IF the Mac Pro really hasn't got a TPM (all other Intel Macs do), new OSX versions may one day be backwards compatible to almost all Macs but the first generation Mac Pro for copyright reasons.

https://forums.macrumors.com/threads/235108/

(Just ignore the distractions from the impertinent guy posting "answers" to the issue, at the same time being unable to prove anything).

Hello there rpp3po if I am not mistaken the TPM chip is what Apple uses to insure that it's OS cannot be installed on a generic Dell for example. I am Absolutely positive that that is the part of the OS that was hacked in order to install the OSX os on a Dell so if you think that the Mac Pro does not have a TPM chip are you saying I should be able to install that os on my Dell?

 

[rpp3po]

Hello there rpp3po if I am not mistaken the TPM chip is what Apple uses to insure that it's OS cannot be installed on a generic Dell for example. I am Absolutely positive that that is the part of the OS that was hacked in order to install the OSX os on a Dell so if you think that the Mac Pro does not have a TPM chip are you saying I should be able to install that os on my Dell?

Yes, it's correct that the TPM protection has already been cracked. But the crack involves modifications of some deep inner parts of OSX and therefore tends to be buggy. You could try that on your Dell. See osx86.org for further info. It may be illegal in you country, though.

You cannot install an unmodified OSX on your Dell, yet. OSX checks the device-IDs of your hardware. For commodity Xeons using the same Intel 5000X chipset a thin paravirtualization layer could be written which would report the same device-IDs as the Mac Pro instead. So you would be able to boot an unmodified OSX which could drive the commodity Intel mainboard with its own Mac Pro drivers.

Remember that all this is purely hypothetical. But things which are possible to code and make sense often just appear suddenly on the net.

For now I think I just go for the real thing. You get horse power for a decade and exceptional mechanical engineering. I really like the massive dual FSB's and ECC protected memory, too. This thread snowballed a little from a question out of personal interest. But I think everything is clear now.

 

[waremaster]

Yes, it's correct that the TPM protection has already been cracked. But the crack involves modifications of some deep inner parts of OSX and therefore tends to be buggy. You could try that on your Dell. See osx86.org for further info. It may be illegal in you country, though.

You cannot install an unmodified OSX on your Dell, yet. OSX checks the device-IDs of your hardware. For commodity Xeons using the same Intel 5000X chipset a thin paravirtualization layer could be written which would report the same device-IDs as the Mac Pro instead. So you would be able to boot an unmodified OSX which could drive the commodity Intel mainboard with its own Mac Pro drivers.

Remember that all this is purely hypothetical. But things which are possible to code and make sense often just appear suddenly on the net.

For now I think I just go for the real thing. You get horse power for a decade and exceptional mechanical engineering. I really like the massive dual FSB's and ECC protected memory, too. This thread snowballed a little from a question out of personal interest. But I think everything is clear now.

Actually no need for me to try OSX on my dell as A) It's already been done and B) I already own a Mac Pro.