Mike Rosing wrote: >>Why exactly is this so much more of a threat than, say, flash BIOS >>upgrades? The BIOS has a lot more power over your machine than the >>TPM does. > > > The difference is fundamental: I can change every bit of flash in my BIOS. > I can not change *anything* in the TPM. *I* control my BIOS. IF, and > only IF, I can control the TPM will I trust it to extend my trust to > others. The purpose of TCPA as spec'ed is to remove my control and > make the platform "trusted" to one entity. That entity has the master > key to the TPM. > > Now, if the spec says I can install my own key into the TPM, then yes, > it is a very useful tool. It would be fantastic in all the portables > that have been stolen from the FBI for example. Assuming they use a > password at turn on, and the TPM is used to send data over the net, > then they'd know where all their units are and know they weren't > compromised (or how badly compromised anyway). > > But as spec'ed, it is very seriously flawed.
Although the outcome _may_ be like this, your understanding of the TPM is seriously flawed - it doesn't prevent your from running whatever you want, but what it does do is allow a remote machine to confirm what you have chosen to run. It helps to argue from a correct starting point. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ Available for contract work. "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff