On Monday 30 Mar 2015 01:52:14 Rich Freeman wrote: > On Sun, Mar 29, 2015 at 8:32 PM, Walter Dnes <waltd...@waltdnes.org> wrote: > > Be careful what you wish for. I have my doubts that TPM chips would > > > > boot linux with Microsoft offering "volume discounts" to OEMS. Call me > > cynical. > > TPM chips don't control what boots. They just accept the hash of the > bootloader reported by the firmware and store it (and that is it as > far as the OEM's contribution to the process).
Rich, the problem with TPM as I understand it is that the private key in the TPM chip is not yours, generated on your trusted platform, but the TPM manufacturer's and is burned into the TPM chip at the time of production. If the TPM OEMs are in US or within the sphere of influence of the US, then I would consider this key as good as compromised. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
