[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TPM support status ?

From: Michael Gorven
Subject: Re: TPM support status ?
Date: Wed, 19 Aug 2009 22:03:49 +0200
User-agent: Mutt/1.5.18 (2008-05-17)

On Wed, Aug 19, 2009 at 08:01:06PM +0200, Vladimir 'phcoder' Serbinenko wrote:
I can imagine a world with computers you can access from free and from
whom you can boot with your USB pen-drive (or trust the installed OS, or
whatever you want). But this world is still far away from here ... :|
TPM doesn't protect your computer from being stolen and HD wiped.

No it doesn't, and that's not what I'm trying to avoid.

Also, you are not owning a computer by using a chain of trust. You are
only sure that the software you trust on your computer haven't been
tampered. And you can keep trusting them, even if they have a backdoor
you weren't aware of! ;)

That's what open source is here for. You just said it yourself that
you can easier trust open source than closed source and TPM doesn't
change that.

So make an open hardware TPM chip.

- Lock down via proprietary crypto chip (TPM).  Different software can
happen if "attacker" figured out how to break into your TPM, which is
actually quite possibly easier, not harder, than replacing hardware
because the TPMs are closed systems that don't disclose their design and
Wow! Software hacked TPM? Software breaking into TPM? I must be missing
something. :|
It's possible that using some kind of obscure power control sequence
you can reset tpm to its boot state and then nicely ask it to do
whatever you want.

Yes, and then the decryption key is gone and my data is safe.

Every technology has its design and its implementation, and also its
design flaws and implementation flaws. Remember Debian and OpenSSL.
Well, if a chip has a design flaw, it is more expensive to change it;
however, people that will truly require it will also be able to. ;)

TPM claims to e.g. protect your hd encryption keys. But what a hacker
would do is to boot computer, wait that it retrieves the keys and then
execute cold boot attack (in most cases it's enough to just cool RAM
down and reboot with a USB key which will dump the memory). I don't
spend my time on implementing a "security" which increases hacking
cost by $15, claims to be unbreakable and can be used for evil
purposes (in which case it's more difficult to crack)

It's still more secure than your solutions.

This chain of trust is useful for people that have to work with a
computer and data in an untrusted environnement, and that's how and what
it was designed for.
Then this design is fundamentaly flawed. You just can't trust hardware
in untrusted environment.
Claiming to achieve impossible is an advantage proprietary security
suites have over free ones.

Yes it's impossible, but TPM moves it a lot closer.

PGP Key ID 6612FE85

Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]