RE: TCPA hack delay appeal
On Thu, 15 Aug 2002, Lucky Green wrote: Hopefully some of those people will not limit themselves to hypothetical attacks against The Spec, but will actually test those supposed attacks on shipping TPMs. Which are readily available in high-end IBM laptops. But doesn't the owner of the box create the master key for it? They imply that in their advertising, but I've not seen anything else about it. It was advertised to be protection for corporate data, not a DRM/control type thing. It would be very interesting to know the details on that. I found this: http://www.pc.ibm.com/ww/resources/security/securitychip.html but the link to IBM Embedded Security Subsystem goes to page not found. but this one: http://www.pc.ibm.com/ww/resources/security/secdownload.html says in part: IBM Client Security Software is available via download from the Internet to support IBM NetVista and ThinkPad models equipped with the Embedded Security Subsystem and the new TCPA-compliant Embedded Security Subsystem 2.0. By downloading the software after the systems have been shipped, the customer can be assured that no unauthorized parties have knowledge of the keys and pass phrases designated by the customer. So it looks like IBM is ahead of Microsoft on this one. but if TCPA isn't fully formalized, what does TCPA-compliant mean? In any case, they imply here that the customer needs to contact IBM to turn the thing on, so it does seem that IBM has some kind of master key for the portable. I wonder if they mean IBM is authorized to know the customer's keys? Patience, persistence, truth, Dr. mike
RE: TCPA hack delay appeal
AARG! Wrote: It seems that there is (a rather brilliant) way to bypass TCPA (as spec-ed.) I learned about it from two separate sources, looks like two independent slightly different hacks based on the same protocol flaw. Undoubtedly, more people will figure this out. Hopefully some of those people will not limit themselves to hypothetical attacks against The Spec, but will actually test those supposed attacks on shipping TPMs. Which are readily available in high-end IBM laptops. --Lucky Green
RE: TCPA hack delay appeal
On Thu, 15 Aug 2002, Lucky Green wrote: Hopefully some of those people will not limit themselves to hypothetical attacks against The Spec, but will actually test those supposed attacks on shipping TPMs. Which are readily available in high-end IBM laptops. But doesn't the owner of the box create the master key for it? They imply that in their advertising, but I've not seen anything else about it. It was advertised to be protection for corporate data, not a DRM/control type thing. It would be very interesting to know the details on that. I found this: http://www.pc.ibm.com/ww/resources/security/securitychip.html but the link to IBM Embedded Security Subsystem goes to page not found. but this one: http://www.pc.ibm.com/ww/resources/security/secdownload.html says in part: IBM Client Security Software is available via download from the Internet to support IBM NetVista and ThinkPad models equipped with the Embedded Security Subsystem and the new TCPA-compliant Embedded Security Subsystem 2.0. By downloading the software after the systems have been shipped, the customer can be assured that no unauthorized parties have knowledge of the keys and pass phrases designated by the customer. So it looks like IBM is ahead of Microsoft on this one. but if TCPA isn't fully formalized, what does TCPA-compliant mean? In any case, they imply here that the customer needs to contact IBM to turn the thing on, so it does seem that IBM has some kind of master key for the portable. I wonder if they mean IBM is authorized to know the customer's keys? Patience, persistence, truth, Dr. mike
Re: TCPA hack delay appeal
Well, it's probably safer to publish the hack anonymously and see if it withstands counter-hacking. Could be Microsoft is baiting and waiting for just such attacks. The giant might even leak and spread a few itself in order to shoot them down, to boost its eye-mote credibility. Send the hack to Cryptome anonymously if there's no better way to test its effectiveness. Keeping snakeoil secret is a sure way to uncontested success, aka the way of Redmond.
RE: TCPA hack delay appeal
AARG! Wrote: It seems that there is (a rather brilliant) way to bypass TCPA (as spec-ed.) I learned about it from two separate sources, looks like two independent slightly different hacks based on the same protocol flaw. Undoubtedly, more people will figure this out. Hopefully some of those people will not limit themselves to hypothetical attacks against The Spec, but will actually test those supposed attacks on shipping TPMs. Which are readily available in high-end IBM laptops. --Lucky Green
