Re: CONFIG_INTEL_TXT
On Thu, 22 Oct 2009 18:39:53 +0100 Jon Masters j...@redhat.com wrote: Don't forget to mention the more paranoid hand-waving about removing RAM chips at runtime with liquid nitrogen after going into suspend and hax0ring. I think there will be more upstream discussion anyway. I'm sorry but this argument makes no sense whatsoever. Claiming that a feature should not be enabled because someone is talking about a mythical attack that is waaay outside the scope of what a technology wants to protect is not solid reasoning, it's fear mongering instead. -- Arjan van de VenIntel Open Source Technology Centre For development, discussion and tips for power savings, visit http://www.lesswatts.org ___ Fedora-kernel-list mailing list Fedora-kernel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-kernel-list
Re: CONFIG_INTEL_TXT
On Fri, 2009-10-23 at 08:20 -0700, Arjan van de Ven wrote: On Thu, 22 Oct 2009 18:39:53 +0100 Jon Masters j...@redhat.com wrote: Don't forget to mention the more paranoid hand-waving about removing RAM chips at runtime with liquid nitrogen after going into suspend and hax0ring. I think there will be more upstream discussion anyway. I'm sorry but this argument makes no sense whatsoever. Smiley face missed off there - I wasn't being serious about the attacking of TXT. At the end of the day, if you've got physical access to a system, there are worse things you can do. Jon. ___ Fedora-kernel-list mailing list Fedora-kernel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-kernel-list
Re: CONFIG_INTEL_TXT
2009/10/23 Arjan van de Ven ar...@infradead.org: On Thu, 22 Oct 2009 18:39:53 +0100 Jon Masters j...@redhat.com wrote: Don't forget to mention the more paranoid hand-waving about removing RAM chips at runtime with liquid nitrogen after going into suspend and hax0ring. I think there will be more upstream discussion anyway. I'm sorry but this argument makes no sense whatsoever. Claiming that a feature should not be enabled because someone is talking about a mythical attack that is waaay outside the scope of what a technology wants to protect is not solid reasoning, it's fear mongering instead. All the same, it was disappointing news to me to read that Intel are even pushing stuff that leverages binary blobs with no source code. There would be nothing to fear and no need for fear mongering if it was an open blob. It would make the whole argument moot. -- Christopher Brown ___ Fedora-kernel-list mailing list Fedora-kernel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-kernel-list
Re: CONFIG_INTEL_TXT
On Fri, 2009-10-23 at 18:34 +0100, Christopher Brown wrote: 2009/10/23 Arjan van de Ven ar...@infradead.org: On Thu, 22 Oct 2009 18:39:53 +0100 Jon Masters j...@redhat.com wrote: Don't forget to mention the more paranoid hand-waving about removing RAM chips at runtime with liquid nitrogen after going into suspend and hax0ring. I think there will be more upstream discussion anyway. I'm sorry but this argument makes no sense whatsoever. Claiming that a feature should not be enabled because someone is talking about a mythical attack that is waaay outside the scope of what a technology wants to protect is not solid reasoning, it's fear mongering instead. All the same, it was disappointing news to me to read that Intel are even pushing stuff that leverages binary blobs with no source code. There would be nothing to fear and no need for fear mongering if it was an open blob. It would make the whole argument moot. No, Arjan is right. Jon is talking about wildly unrelated system attack vectors which are in no way related to TXT or to the binary blob. Jon was out of line seemingly trying to scare people away from this technology for wholly illogical reasons. It's like we're talking about putting a lock on the window and Jon's talking about cutting through the walls. It's just not useful. Open or closed blob is irrelevant and does not influence the situation to his fear mongering line of attack. Please, however, continue to be disappointed that Intel is pushing a closed source blob. That is a productive train of thought :) -Eric ___ Fedora-kernel-list mailing list Fedora-kernel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-kernel-list
Re: CONFIG_INTEL_TXT
On Fri, 2009-10-23 at 13:51 -0400, Eric Paris wrote: No, Arjan is right. Jon is talking about wildly unrelated system attack vectors which are in no way related to TXT or to the binary blob. I made a joke about paranoid ranting on LKML and missed off a smiley face...sorry! :) :) :) There are bigger things to worry about than someone taking the RAM chips out of my system while it's suspended. Jon. ___ Fedora-kernel-list mailing list Fedora-kernel-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-kernel-list