On Fri, Feb 20, 2009 at 09:45:28AM +0200, Michael Gorven wrote: > > TPM can be used for good or for bad, but this is the case for everything > involving cryptography. We don't refuse to use encryption algorithms because > they could be used for DRM, so why should we refuse to use TPM?
I don't agree with this analogy. Unlike cryptography, TPMs have been designed from the ground up to serve an evil purpose. They *could* have designed them with good intent, for example either of these could apply: - Buyer gets a printed copy of the TPM's private key when they buy a board. - An override button that's physically accessible from the chip can be used to disable "hostile mode" and make the TPM sign everything. From that point physical access can be managed with traditional methods (e.g. locks). But they didn't. -- Robert Millan The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and how) you may access your data; but nobody's threatening your freedom: we still allow you to remove your data and not access it at all." _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel