Imagine if your next Mac cost you only $300, and ran faster than any G4 or G5 you’ve ever used.
That future may already be unfolding: Hackers have found a way to bypass a chip designed to prevent the Mac OS from running on non-Apple PCs, which are often cheaper than Macs.
Some of the hackers are running the tweaked version of the operating system on their PCs natively. Others are using the system with VMware, which allows the Mac OS to support more PC hardware.
Hackers and curious computer users this week have been downloading the tweaked Mac OS X for PCs, nicknamed “OSx86,” from the BitTorrent file-distribution system.
OSx86 is designed to run on Apple Computer’s next generation of hardware, which some call “MacIntels” and others “MacTels” because the machines will run on Intel microprocessors rather than the PowerPC processor used in current Macs. The hacked version of OSx86 is based on pirated software, which came from copies of the operating system sent to participants in the Apple Developer Connection. The ADC participants also received MacIntel computers for testing and development.
Now the hacked version of OSx86 is running on Dell laptops and other PCs with Intel and AMD microprocessors.
“Mileage varies depending on what kind of hardware you’re using, but it (OSx86) is working on several PCs,” said “Mashugly,” a college student majoring in communications who manages the OSx86 Project, a community of developers interested in the new operating system.
No one knows exactly why OSx86 appears to be running faster on the PCs than the Mac OS does on today’s Macs.
“To be honest, we’re not sure,” said a hacker nicknamed “cmoski,” who said he works for a large software company. “Some in the Pentium camp want to say, ‘Because a Pentium is faster, of course,’ some want to say (Intel chip architectures are better than Apple’s) and some in the PowerPC camp just want to say that it isn’t full OS X (running on the beta systems).”
The hacked OSx86 bypasses a chip, the Trusted Platform Module, or TPM, that is intended to prevent the system from running on ordinary PCs.
“We have even gone so far as to remove the TPM kernel extension called AppleTPMACPI.kext entirely,” said cmoski.
The hack shows that Steve Jobs’ company will be turning out machines indistinguishable from any other PC, or “white box,” said German hacker Michael “mist” Steil.
“Apple wants to avoid the word getting out that (MacIntels) are just PCs, and that (OSx86) works on PCs,” said Steil.
Steil made a name for himself hacking Microsoft’s Xbox game console. He has seen the hacked OSx86 running on a PC, and has been watching the conversations at the OSx86 Project website. But he said he is not hacking the operating system himself.
“The problem with this hack is that it is based on illegal software,” said Steil. “You have to start by downloading pirated software.”
The hackers are also writing software extensions so they can run their Wi-Fi cards and other non-Apple gadgets with the Mac OS.
“We have been working on many areas of the operating system,” said cmoski. “Some are working on developing kernel extensions (the OS X equivalent of drivers) for our favorite hardware. For example, one driver that I am involved with is for the Broadcom wireless chipset.”
Companies such as Microsoft and Intel originally laid the groundwork for the TPM. The companies insist the chip is meant to verify trusted computers on a network and prevent malicious code from running on PCs.
But critics have called the TPM an anti-competitive device that stifles innovation. They suspect the company may use the chip to keep unwanted third-party software off its machines. Others doubt Apple would take such a hard line with developers.
“Apple is a better company than Microsoft in general,” said Bruce Schneier, a security expert, author and CTO of Counterpane Internet Security. “So, it’s hard to attribute these nasty motives to them. But those are the risks.”
Microsoft, through its participation in the Trusted Computing Group, laid the groundwork for the TPM “as a way to shore up its monopoly,” said Schneier.
Apple could use the TPM, which stores digital encryption keys and certificates, to block third-party iTunes plug-ins from running on MacTels. (Apple currently plays a cat-and-mouse game with plug-in developers by having its software look for known unauthorized code.)
Such a move would help Apple and its partners secure short-term gains in market share for its iPod, which meshes tightly with iTunes and the iTunes Music Store.
Apple employees appear to have been trying to listen in on IRC discussions among OSx86 hackers, according to hackers citing the IP records from their IRC channels.
The hackers suspect Apple wanted to demonstrate the weaknesses of TPM security, and may have plans to license its operating system to PC makers eventually.
“Perhaps Steve Jobs wants to be able to tell Apple shareholders, ‘Hey, I tried,’ before he licenses the operating system (to other manufacturers),” said Mashugly.
It seems like getting around the TPM wasn’t that hard, according to a hacker nicknamed “parch,” who said, “Apple could have made the lock heavier.”