[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TPM support status ?

From: Michael Gorven
Subject: Re: TPM support status ?
Date: Wed, 19 Aug 2009 22:16:45 +0200
User-agent: Mutt/1.5.18 (2008-05-17)

On Wed, Aug 19, 2009 at 04:42:32PM +0200, Robert Millan wrote:
On Wed, Aug 19, 2009 at 02:25:21PM +0200, Michael Gorven wrote:
On Wednesday 19 August 2009 13:51:34 Vladimir 'phcoder' Serbinenko wrote:
> 1) Making use of TPM you become dependent on good will of TPM
> manufacturer. You can never know if or when the TPM manufacturer or
> someone connected with them will ask you to use remote attestation to
> prove them that you use only the software they signed and that they
> effectively control your computer.

How are you dependent? If they ask you to use remote attestation then just say no

The trick is, you can't skip a remote attestation test.  Either you prove
you're clean or you're not.  So if you "just say no", what does it mean?

It could mean you can't access your bank account unless you use their
designated non-free browser.

It could mean you can't read a book unless you use their designated non-free
reader (with DRM restrictions, etc).

So use a different bank and a different publisher.

Since we're going to say no anyway, there's no reason to do it later.  The
longer we wait the stronger they'll be, and the more difficult for us to
reject their unreasonable demands.

Because there are valid use cases that aren't about restricting the owner's freedom.

> Why do I as user need someone else to check my computer?

Because you don't always own or completely control the computer.

Right, but we're defending the rights of the legitimate owner of that device,
which doesn't have to be the same as the end user (e.g. kiosk).

I don't see how you're defending the owner's rights. If the owner wants to lock down the device then they should be able to.

PGP Key ID 6612FE85

Attachment: signature.asc
Description: Digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]