[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

machine owner (was: Re: Challenge: Find potential use cases for non-triv

From: olafBuddenhagen
Subject: machine owner (was: Re: Challenge: Find potential use cases for non-trivial confinement)
Date: Mon, 1 May 2006 19:56:46 +0200
User-agent: Mutt/1.5.11+cvs20060403


On Mon, May 01, 2006 at 06:21:11PM +0200, Pierre THIERRY wrote:
> Scribit Bas Wijnen dies 01/05/2006 hora 14:09:

> > I wrote at least twice already that the primary space bank is *not*
> > owned by the system administrator.  It is owned by the TCB, which is
> > an entity itself.
> So let's rephrase: it follows immediately that the machine owner can
> inspect all storage, |...]

Yes, if he installed a variant of the OS that contains a backdoor in the
TCB. (This is true regardless whether we have constructors or not.)

This is one thing the TPM is supposed to make harder, on the premise
that the user can check what variant of the OS exactly is installed. Too
bad it is not really feasible in an overwhelming majority of situations
in practice.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]