Robert Millan wrote: > On Thu, Feb 19, 2009 at 07:38:36AM -0800, Colin D Bennett wrote: >> While TPM may open a door for corporations to prevent machine owners >> from having control over their machines, in this instance I do not see >> another way to solve Alex's problem. > > There's an easy way out of this. Simply verify data integrity from the > flash chip, and make sure nobody can write to the flash chip. > > You can archieve the first by e.g. installing coreboot/GRUB there and > add some crypto support to it. > > You can archieve the second by cutting the WE wire, or by dumping lots of > concrete over your board. Yes, this is a gazillon times more secure than > a TPM. TPMs are vulnerable to reverse engineering. Everything is vulnerable to reverse engineering. The problem with a TPM is not, that it uses bad/proprietary crypto, but as you state, that you can't own it completely.
>> The evil part of TPM seems to be when a person buys a computer but the >> computer is locked down with a key not provided to the buyer. > > Precisely. If it came with a key that is known to the buyer (e.g. printed > on paper), or with an override mechanism that is only accessible to its > legitimate buyer, there would be no problem with it. > > But AFAICT there are no TPMs that do this. It probably even violates the > spec. I also haven't seen a TPM that does it, but it is in the specs - called a revocable endorsement key - as an optional feature... Greets, Jan
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
