[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A _good_ and valid use for TPM
|
From: |
Alex Besogonov |
|
Subject: |
Re: A _good_ and valid use for TPM |
|
Date: |
Wed, 18 Feb 2009 17:10:50 +0200 |
On Wed, Feb 18, 2009 at 4:52 PM, Isaac Dupree
<address@hidden> wrote:
> Alex Besogonov wrote:
> But guess what? While your system is running, they can take out your RAM and
> read it (disk-encryption key and all) before the RAM forgets its contents, see
> e.g. http://blogs.zdnet.com/security/?p=900
I know. But there's no way to guard against this attack, so there's no
sense fretting over it for now.
>> or
>> exploiting some local vulnerability (which is rather unlikely).
> maybe. But how do you patch security vulnerabilities in e.g. the GRUB
> install, if modification = tampering? (I guess there's a way to do it,
> though.)
Yes, there are ways to do this. They require additional credentials
(which won't be available for attackers), of course.
>> I'm trying to guard against attacker who can _steal_ the server itself
>> and/or tamper with the hardware.
> which is very difficult. Why do you have to reboot, though?
Power failure, kernel panic, someone accidentally kicking the power cord, etc.
10-15 minutes of downtime for reboot are acceptable, but several
hours, required to dispatch administrator with enough access rights to
boot the server, are not.
> and is there someway you can store the key locally in those cases, without
> compromising it further?
I can't think of one. I'm open to suggestions, though :)
>> PS: please, at least read the relevant specs before calling TPM
>> 'Treacherous'.
> the ones that say to keep the keys in the hands of the manufacturers?(no I
> haven't read the specs either, maybe Robert Millan has though)
So far every TPM I tried can be fully controlled by me. I also don't
remember bits of specs saying about keeping keys in the hands of
manufacturers.
Of course, TPM in theory can be used to lock down your computer, but I
doubt that in this case DRM Mafiaa is going to consider using GRUB to
do this. Also, projects like SELinux can then be used to lock down
your computer even further, but somehow we don't see Richard Stallman
battling SELinux folks.
Maybe we can just rename TPM to 'Secure Key Storage'?
- Re: A _good_ and valid use for TPM, (continued)
- Re: A _good_ and valid use for TPM, Colin D Bennett, 2009/02/19
- Re: A _good_ and valid use for TPM, phcoder, 2009/02/19
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
- Re: A _good_ and valid use for TPM, phcoder, 2009/02/21
- Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/21
- Re: A _good_ and valid use for TPM, Michal Suchanek, 2009/02/19
- Re: A _good_ and valid use for TPM, phcoder, 2009/02/19
Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/18
Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/19
- Re: A _good_ and valid use for TPM, phcoder, 2009/02/19
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/19
- Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/19
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/19
- Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/20
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/21
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/27