On Thu, 29 Jan 2009, John Gilmore wrote: > If it comes from the "Trusted Computing Group", you can pretty much > assume that it will make your computer *less* trustworthy. Their idea > of a trusted computer is one that random unrelated third parties can > trust to subvert the will of the computer's owner.
Indeed, the classic question is "I've just bought this new computer which claims to have full-disk encryption. Is there any practical way I can assure myself that there are (likely) no backdoors in/around the encryption?" For open-source software encryption (be it swap-space, file-system, and/or full-disk), the answer is "yes": I can assess the developers' reputations, I can read the source code, and/or I can take note of what other people say who've read the source code. Alas, I can think of no practical way to get a "yes" answer to my question if the encryption is done in hardware, disk-drive firmware, or indeed anywhere except "software that I fully control". -- -- Jonathan Thornburg <jth...@astro.indiana.edu> Dept of Astronomy, Indiana University, Bloomington, Indiana, USA "Washing one's hands of the conflict between the powerful and the powerless means to side with the powerful, not to be neutral." -- quote by Freire / poster by Oxfam --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com