[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A _good_ and valid use for TPM
From: |
Alex Besogonov |
Subject: |
Re: A _good_ and valid use for TPM |
Date: |
Sat, 21 Feb 2009 04:27:30 +0200 |
>> The hard part is initializing the hardware without the use of the
>> original BIOS - the specifics of initializing various chips are not
>> public, and probably depend on companion hardware and/or trace length
>> on the particular board as well.
>It's not actually needed. If one can nop tpm code in bios then he can
>boot from anything and read tpm keys. You don't need to understand the
>whole bios to do it. Of course it's obfuscated but obfuscation isn't a
>security in any way. Also if you write completely different code to
>flash bios you don't need to be able to initialise the whole hardware
>all you need is being able to read tpm and write to serial port. Then
>you can simply read the key at your serial console. Actually bios isn't
>protected. It's just obfuscated.
It won't work. BIOS itself is checksummed by the TPM. And TPM by
design gains control even _before_ BIOS.
- Re: A _good_ and valid use for TPM, (continued)
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/21
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/21
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/27
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/21
- Re: A _good_ and valid use for TPM, phcoder, 2009/02/21
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
Re: A _good_ and valid use for TPM,
Alex Besogonov <=