Re: A _good_ and valid use for TPM

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A _good_ and valid use for TPM

From:	Alex Besogonov
Subject:	Re: A _good_ and valid use for TPM
Date:	Sun, 22 Feb 2009 03:02:43 +0200
User-agent:	Thunderbird 2.0.0.17 (Windows/20080914)

Robert Millan wrote:

Private part of the endorsement key _never_ leaves the device (if
manufacturer uses the recommended TPM_CreateEndorsementKeyPair
method). Even device manufacturer doesn't know it.

Even if that is true (which I doubt), it's merely incidental, because...

It's not really incidental. TCG was initially started as a group todevelop trusted computing platform. MS later tried to hijack it torealize their wet dream of locked-down computer.

Public key is then
signed by manufacturer's certificate. This ensures that the private
key can't be compromised.

...this ensures that $evil_bob can challenge you to prove you're running
his proprietary anti-user software.

So I won't be able to answer $evil_bob challenge in any case, since I'mmostly running Linux now.

The question is, will it be practical for you to do disable the TPM a few
years from now?

(I think yes, but that's not the point)

--
With respect,
            Alex Besogonov (address@hidden)

[Prev in Thread]

Current Thread

[Next in Thread]

Re: A _good_ and valid use for TPM, (continued)
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/20

Prev by Date: Re: bugs in loader/i386/pc/multiboot.c
Next by Date: Re: A _good_ and valid use for TPM
Previous by thread: Re: A _good_ and valid use for TPM
Next by thread: Re: A _good_ and valid use for TPM
Index(es):
- Date
- Thread