2009/8/20 Michael Gorven <[email protected]>: > On Thursday 20 August 2009 09:49:06 Michal Suchanek wrote: >> 2009/8/20 Michael Gorven <[email protected]>: >> > On Wednesday 19 August 2009 21:21:28 Michal Suchanek wrote: >> >> Tell me one technical benefit of TPM over coreboot. >> > >> > Coreboot doesn't provide protected storage of secrets (e.g. harddrive >> > decryption keys). >> >> TPM does not either at the time the BIOS is loaded. Remember, it's the >> CPU what's running the BIOS, not the TPM chip. >> >> Only after BIOS enables TPM or coreboot enables any crypto device you >> choose you get any secrets or keys. > > So? It's still protected storage. You can read a BIOS chip, but you can't just > read the contents of a TPM chip. >
You can use decent crypto storage rather than half-broken TPM. There is no advantage to using it. Thanks Michal _______________________________________________ Grub-devel mailing list [email protected] http://lists.gnu.org/mailman/listinfo/grub-devel
