[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TPM support status ?

From: Vladimir 'phcoder' Serbinenko
Subject: Re: TPM support status ?
Date: Wed, 19 Aug 2009 22:18:01 +0200

>>>> - Lock down via proprietary crypto chip (TPM).  Different software can
>>>> happen if "attacker" figured out how to break into your TPM, which is
>>>> actually quite possibly easier, not harder, than replacing hardware
>>>> because the TPMs are closed systems that don't disclose their design and
>>>> flaws...
>>> Wow! Software hacked TPM? Software breaking into TPM? I must be missing
>>> something. :|
>> It's possible that using some kind of obscure power control sequence
>> you can reset tpm to its boot state and then nicely ask it to do
>> whatever you want.
> Yes, and then the decryption key is gone and my data is safe.
Reset tpm to boot state means put it in the state as it is on boot.
Not "wipe TPM"
> It's still more secure than your solutions.
Not a lot.
>>> This chain of trust is useful for people that have to work with a
>>> computer and data in an untrusted environnement, and that's how and what
>>> it was designed for.
>> Then this design is fundamentaly flawed. You just can't trust hardware
>> in untrusted environment.
>> Claiming to achieve impossible is an advantage proprietary security
>> suites have over free ones.
> Yes it's impossible, but TPM moves it a lot closer.
> --
> PGP Key ID 6612FE85
> Version: GnuPG v1.4.9 (GNU/Linux)
> 3golKVb+E3t0bDb/vzgLCMnRSkRvGpV6g2dMy3dUIom/Gima5AkLfixcaK1YYecv
> yFiHroIp3T+NhfBICfVYleAlKu9ri5fuoJzyONx5Uwhmo/fHdZYApvIm34dXJf0D
> 4V+z74OL/AHOZpc5HWoimvoO3p30nbBMALVKoH5du9vKtnRsL9uypqCBhP9tKe+L
> j2JdY5ZLZaAFMOCgnrkZ7kS1s6gQ74LD0kYRgW9idvdvRkH4t6vqqf8PRVLKAJJQ
> q/dL6WfLjlfkWwdH0HFOn4m7zvIvX3d5qTUrToSOgAJXuSWpW4vDlLwldepjlyfF
> 72pYDbFWHg3cMjQ46oQebCbA5dDogfQ+uNVh/8jwHzXr7rCArhpVwNBmuwIw3k9v
> hwljr4lsLtjg+8x0km3zGo7dS7vkStjVslPCp/XRz/3QwSYJETWZgwvGUAlxmIw0
> V5Ju7qxAKB3AowCe7RpLIy95LpRnjRmJZjLoVJwkf2BVJNte7yeQhSU6U5N59EEC
> PHlDuxbEWqzYXTmcOTjPu/2vBWdPysIUC7RpkisB592SJ8Zkr4iZtGEg/xmWWDLT
> wu9DphdcDaE62ePFlfouedOoDOl1ZUV1dGwuWXND55UJjlgzLEBegR1Sg6qoup3L
> NAjC4pUJowcsfog9vlY5
> =hJYM
> _______________________________________________
> Grub-devel mailing list
> address@hidden

Vladimir 'phcoder' Serbinenko

Personal git repository:

reply via email to

[Prev in Thread] Current Thread [Next in Thread]