grub-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TPM support with SATA drives


From: Julian Blake Kongslie
Subject: Re: TPM support with SATA drives
Date: Fri, 18 Apr 2008 11:20:46 -0700

On Fri, 2008-04-18 at 13:22 +0200, Robert Millan wrote:
> Hi Laurent,
> 
> The problem with these TPM chips is that they have the hidden purpose of
> restricting you as user.  Despite that you paid for the hardware and are its
> owner, the chip will never give you its master key.

Sorry, but this message is confusing me. Having the TPM in my machine
act as a cryptographic proxy on my behalf is the entire point of the
TPM: if the software stack has access to the SRK then attackers would
prefer to attack dead swap space or temp files rather than the TPM
itself.

> The idea behind this is that you can be coerced into accepting that someone
> else can spy on your computer (they call it "remote attestation").  When
> enough users accept this form of blackmail, it will become impossible to
> resist to it in practice.

And this is the really confusing part. How can someone else spy on my
computer because of my TPM? I can *voluntarily* enter into a remote
attestation system, but to do that I would need to tell my peers the
public key I will be using to sign the attestations; if I was so
inclined, I could choose any key that I like for this purpose, and
instruct the software on my machine to get the unencrypted PCRs from my
TPM, modify their values as I saw fit, and sign that configuration
instead.

Even if the software that runs the remote attestation is honest (say,
because I'm running some Windows-based scheme that I can't easily
change), I can still elect to boot into Linux, authenticate to the TPM
with the owner password, and ask it to perform whatever operations I
want with whatever PCR configuration I want.

> For these reasons, I'd like to encourage you to consider the ethical
> implications of using and supporting this technology, and look for
> alternatives that would satisfy whatever needs you had in it (I'd welcome
> some discussion about that, to see how GRUB can help).

-- 
-Julian Blake Kongslie
<address@hidden>

If this is a mailing list, please CC me on replies.
vim: set ft=text :





reply via email to

[Prev in Thread] Current Thread [Next in Thread]