[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: A _good_ and valid use for TPM
|
From: |
Robert Millan |
|
Subject: |
Re: A _good_ and valid use for TPM |
|
Date: |
Sat, 21 Feb 2009 21:08:44 +0100 |
|
User-agent: |
Mutt/1.5.18 (2008-05-17) |
On Sat, Feb 21, 2009 at 04:00:30PM +0100, Jan Alsenz wrote:
> > If you just want to ensure noone is tampering your box, simply make your box
> > tamper-proof. You don't need a protocol to allow third parties to check
> > anything.
>
> Ok, but if you have such a protocol, only use it for yourself and do trust the
> manufacturer, you only have to secure one of your boxes instead of them all,
> which is usually much easier.
You only have to secure those boxes you need to be secure. The method you use
to secure them is irrelevant to that.
> >> And how can wherever the key comes from be sure that it's talking to GRUB?
> >
> > Because you put it there, and made sure noone can overwrite it afterwards.
>
> Making sure, that noone can override it, can be awfully difficult, especially
> under a physical attacker. A hardware that is at least a bit designed to
> withstand such an attack can help a lot.
I'm not sure why is physical security so awfully difficult for you (can't you
use locks, tamper-proof seals, cameras and alarms?), but most people who're in
the bussiness of protecting physical goods manage to sort it out.
In any case, if your attacker is that much determined to archieve their goal,
reverse engineering a small chip isn't going to stop them.
--
Robert Millan
The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
how) you may access your data; but nobody's threatening your freedom: we
still allow you to remove your data and not access it at all."
- Re: A _good_ and valid use for TPM, (continued)
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/19
- Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/19
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/19
- Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/20
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/21
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/27
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
- Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/21
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/21
- Re: A _good_ and valid use for TPM, Jan Alsenz, 2009/02/21
- Re: A _good_ and valid use for TPM,
Robert Millan <=
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/21
- Re: A _good_ and valid use for TPM, phcoder, 2009/02/22
- Re: A _good_ and valid use for TPM, Michal Suchanek, 2009/02/22
- Re: A _good_ and valid use for TPM, phcoder, 2009/02/22
- Re: A _good_ and valid use for TPM, step21, 2009/02/22
- Re: A _good_ and valid use for TPM, Michal Suchanek, 2009/02/23
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/27
- Re: A _good_ and valid use for TPM, Robert Millan, 2009/02/27
- Re: A _good_ and valid use for TPM, Alex Besogonov, 2009/02/21
- Re: A _good_ and valid use for TPM, phcoder, 2009/02/21