-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 10:58 PM 8/13/2002 -0700, Joseph Ashwood wrote: >Lately on both of these lists there has been quite some discussion >about TCPA and Palladium, the good, the bad, the ugly, and the >anonymous. :) However there is something that is very much worth >noting, at least about TCPA. > >There is nothing stopping a virtualized version being created.
The only thing to stop that is the certificate on the TCPA's built-in key. You would have to shave one TCPA chip and use its key in the virtualized version. If you distributed that shaved key publicly or just to too many people, then its compromise would likely be detected and its power to attest to S/W configuration would be revoked. However, if you kept the key yourself and used it only at the same frequency you normally would (for the normal set of actions), then the compromise could not be detected and you should be able to run virtualized very happily. That's one of the main problems with TCPA, IMHO, as a security mechanism: that its security depends on hardware tamper resistance -- but at the same time, the TPM needs to be a cheap part, so it can't be very tamper resistant. - Carl -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQA/AwUBPVpb2XPxfjyW5ytxEQIaAgCgh72smP3W6qclzgRbNiWt5prdpk4AmwWw aKNdDfQbHWxRVJ3yQ02FxtJb =eEI+ -----END PGP SIGNATURE----- +------------------------------------------------------------------+ |Carl M. Ellison [EMAIL PROTECTED] http://world.std.com/~cme | | PGP: 75C5 1814 C3E3 AAA7 3F31 47B9 73F1 7E3C 96E7 2B71 | +---Officer, arrest that man. He's whistling a copyrighted song.---+