[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: TPM support status ?
|
From: |
Vladimir 'phcoder' Serbinenko |
|
Subject: |
Re: TPM support status ? |
|
Date: |
Wed, 19 Aug 2009 19:04:13 +0200 |
>> 2) Ethical Aspects
>> ==================
>>
> Every technology has its evil uses, so does TPM. However, there's a very
> large gap between currently implemented solutions and what you suggest.
How can you know this? I met persons who say that it's very difficult
to mount a PKI infrastructure to make remote attestation. would have
agreed if remote attestation would be a corner case of something and
if there was no coordination between TPMs. But none of this holds
true. Additionally some manufacturers even say explicitly that the key
is "approved" and if you reset your TPM your key will be "unaproved"
which implies that some kind of such infrastructure exists.
> Of course, someone may use TPM in a software suite that completly lock
> down your computer. However, I don't think that it's the TPM's fault;
> its just a technology.
Handcuffs are just a technology too but you probably wouldn't disagree
if I say that they are the opposite of freedom.
> I would rather consider it's the fault of
> countries with laws that tolerates these behaviours ...
Money makes goverments blind.
>
> The goal of TPM is to be used in broader security schemes. Its use is
> only to make sure that the integrity of the system was preserved. This
> would prevent an attacker from inserting a stealth PCI device which can
> leaks data using SMM.
>
Please ellaborate. Who is the attacker? What is he after in someone
else's computer? Obviously he isn't after hardware components. If he's
after the data then the owner of data should encrypt is with a decent
password.
> As an ending note, I am much more less confident in Intel's processor
> microcode that is patented than in a chip I can deactivate and live
> without it.
>
Intel microcode is an issue too but it's not hte one which is
discussed right now
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.9 (MingW32)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkqMKXAACgkQBV7eXqefhqgLiwCgnQf3/vAS05SaFQhFm8op44y7
> 9+oAoIzZouLxPa16A2d+L8VTFNPlZit6
> =zq07
> -----END PGP SIGNATURE-----
>
>
> _______________________________________________
> Grub-devel mailing list
> address@hidden
> http://lists.gnu.org/mailman/listinfo/grub-devel
>
--
Regards
Vladimir 'phcoder' Serbinenko
Personal git repository: http://repo.or.cz/w/grub2/phcoder.git
Re: TPM support status ?, Robert Millan, 2009/08/19
Re: TPM support status ?, Duboucher Thomas, 2009/08/19
- Re: TPM support status ?,
Vladimir 'phcoder' Serbinenko <=
- Re: TPM support status ?, Duboucher Thomas, 2009/08/19
- Re: TPM support status ?, Vladimir 'phcoder' Serbinenko, 2009/08/19
- Re: TPM support status ?, Duboucher Thomas, 2009/08/19
- Re: TPM support status ?, Vladimir 'phcoder' Serbinenko, 2009/08/19
- Re: TPM support status ?, Duboucher Thomas, 2009/08/19
- Re: TPM support status ?, Vladimir 'phcoder' Serbinenko, 2009/08/19
- Re: TPM support status ?, Duboucher Thomas, 2009/08/19
- Re: TPM support status ?, Michal Suchanek, 2009/08/19
- Re: TPM support status ?, Duboucher Thomas, 2009/08/19
- Re: TPM support status ?, Vladimir 'phcoder' Serbinenko, 2009/08/19