>> Proven? As any chip it can only know what's on its pins. High-tech >> electric lab equipment can fool any chip. Asking nicely at university >> most students can gain access to one. > > I doubt this is even necessary. What's the real difference between > mounting the chip on the mainboard and plugging one into an external > port (besides the inability to use content encrypted by the chip on > different machine if you wanted to)? I also doubt that it's necessary - perhaps an adapter can be soldered from parts without big difficulty. I just say that it's possible and even if it's complicated it's not impossible and once it's published exactly how to do it it will be much easier. Nothing can make general-purpose computer tamper-resistant - it's simply not designed this way. Smartcards can be tamper-resistant because they are designed to be such (and even they sometimes fail this goal). Making system tamper-resistant means that every component must be tamper-resistant and all the connections. As you see I deliberately avoided word "tamperproof" because I don't believe in this being anything more as an idealisation similar to hash being random oracle except that no real hash is one and in some cases even the smallest difference between real hash and random oracle makes whole system insecure. No chip can make laptop or server tamper-resistant. I acknowledge that tamperproveness can be an useful cryptographical property but no realisation of it should be locked by manufacturer for consumer devices. It's fine for e.g. medical equipment or flight guidance system to be tamper-resistant but a consumer who bought a device has right to use it for whatever use he likes to no matter what manufacturer wants. No baker sells the bread with conditions like "you can eat it only evening" or "you can't give it with your neighbour" and so on. Why would consumer electronics manufacturer be allowed to do so? > > Thanks > > Michal > > > _______________________________________________ > Grub-devel mailing list > [email protected] > http://lists.gnu.org/mailman/listinfo/grub-devel >
-- Regards Vladimir 'phcoder' Serbinenko Personal git repository: http://repo.or.cz/w/grub2/phcoder.git _______________________________________________ Grub-devel mailing list [email protected] http://lists.gnu.org/mailman/listinfo/grub-devel
