[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TPM support status ?

From: Michal Suchanek
Subject: Re: TPM support status ?
Date: Thu, 20 Aug 2009 01:39:25 +0200

2009/8/19 Vladimir 'phcoder' Serbinenko <address@hidden>:
> On Wed, Aug 19, 2009 at 10:57 PM, Duboucher Thomas<address@hidden> wrote:
>> Hash: SHA1
>> Michal Suchanek a écrit :
>>>>> Without threat model we're speaking placebo.
>>>> Stoned Bootkit?
>>> Coreboot can prevent that as well as TPM can.
>> Coreboot can be "stoned" as easily as your MBR since you can easily
>> rewrite the MBR from the software. On MB that does not support online
>> overwriting, you may require physical access (but since you already have
>> to do some dirt work to replace your RO BIOS, that is not really difficult).
> You can remove TPM too

That would remove the keys, too. And the chips are designed to erase
them in this case because then you could copy your media files from
one device to other and not buy media for each device separately.

But the bios on most boards is removable and/or upgradeable in place
so you can do the same with TPM+BIOS as you could with coreboot+any
crypto you choose but you get much fewer options in the case of



reply via email to

[Prev in Thread] Current Thread [Next in Thread]