[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TPM support status ?

From: Michal Suchanek
Subject: Re: TPM support status ?
Date: Thu, 20 Aug 2009 09:59:42 +0200

2009/8/20 Michael Gorven <address@hidden>:
> On Thursday 20 August 2009 09:49:06 Michal Suchanek wrote:
>> 2009/8/20 Michael Gorven <address@hidden>:
>> > On Wednesday 19 August 2009 21:21:28 Michal Suchanek wrote:
>> >> Tell me one technical benefit of TPM over coreboot.
>> >
>> > Coreboot doesn't provide protected storage of secrets (e.g. harddrive
>> > decryption keys).
>> TPM does not either at the time the BIOS is loaded. Remember, it's the
>> CPU what's running the BIOS, not the TPM chip.
>> Only after BIOS enables TPM or coreboot enables any crypto device you
>> choose you get any secrets or keys.
> So? It's still protected storage. You can read a BIOS chip, but you can't just
> read the contents of a TPM chip.

You can use decent crypto storage rather than half-broken TPM. There
is no advantage to using it.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]