[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A _good_ and valid use for TPM
From: |
Robert Millan |
Subject: |
Re: A _good_ and valid use for TPM |
Date: |
Fri, 27 Feb 2009 20:59:20 +0100 |
User-agent: |
Mutt/1.5.18 (2008-05-17) |
On Sun, Feb 22, 2009 at 03:14:07AM +0200, Alex Besogonov wrote:
> Jan Alsenz wrote:
>>>> Yeah, but an attacker could patch that out too.
>>> Not if we first measure the MBR. It can be done without any
>>> TPM-specific code in the MBR if I'm not very mistaken.
>> Could you elaborate on that?
>> E.g. where do you measure the MBR from?
> MBR is automatically measured by the TPM module, it requires no
> intervention from GRUB.
Well, that is true, but for GRUB to measure all of its own stages
it gets quite complicated. Overall, from a technical POV it looks
like a lousy approach. It makes a lot more sense to simply have the
firmware load GRUB as an executable image and measure that IMO.
You can do that easily when you're in a legacy-free environment.
--
Robert Millan
The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
how) you may access your data; but nobody's threatening your freedom: we
still allow you to remove your data and not access it at all."
- Re: A _good_ and valid use for TPM, (continued)
Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/19
- Re: A _good_ and valid use for TPM, phcoder, 2009/02/19
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/19
- Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/19
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/19
- Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/20
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/21
- Re: A _good_ and valid use for TPM,
Robert Millan <=
Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/21
Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/21
Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/21
Re: A _good_ and valid use for TPM, phcoder, 2009/02/22
Re: A _good_ and valid use for TPM, Michal Suchanek, 2009/02/22
Re: A _good_ and valid use for TPM, phcoder, 2009/02/22
Re: A _good_ and valid use for TPM, step21, 2009/02/22