|
| From: | phcoder |
| Subject: | Re: A _good_ and valid use for TPM |
| Date: | Thu, 19 Feb 2009 17:02:48 +0100 |
| User-agent: | Thunderbird 2.0.0.19 (X11/20090105) |
It's not actually needed. If one can nop tpm code in bios then he can boot from anything and read tpm keys. You don't need to understand the whole bios to do it. Of course it's obfuscated but obfuscation isn't a security in any way. Also if you write completely different code to flash bios you don't need to be able to initialise the whole hardware all you need is being able to read tpm and write to serial port. Then you can simply read the key at your serial console. Actually bios isn't protected. It's just obfuscated.The hard part is initializing the hardware without the use of the original BIOS - the specifics of initializing various chips are not public, and probably depend on companion hardware and/or trace length on the particular board as well.
Regards Vladimir 'phcoder' Serbinenko
| [Prev in Thread] | Current Thread | [Next in Thread] |