From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1LarxM-0008S0-8A for mharc-grub-devel@gnu.org; Sat, 21 Feb 2009 08:31:48 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LarxK-0008Qx-5S for grub-devel@gnu.org; Sat, 21 Feb 2009 08:31:46 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LarxH-0008Pr-Hq for grub-devel@gnu.org; Sat, 21 Feb 2009 08:31:45 -0500 Received: from [199.232.76.173] (port=37588 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LarxH-0008Pn-Cj for grub-devel@gnu.org; Sat, 21 Feb 2009 08:31:43 -0500 Received: from aybabtu.com ([69.60.117.155]:36877) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1LarxH-0003Rg-2F for grub-devel@gnu.org; Sat, 21 Feb 2009 08:31:43 -0500 Received: from [192.168.10.10] (helo=thorin) by aybabtu.com with esmtp (Exim 4.69) (envelope-from ) id 1Larqk-00074K-25; Sat, 21 Feb 2009 14:24:58 +0100 Received: from rmh by thorin with local (Exim 4.69) (envelope-from ) id 1LarxD-0004FY-8t; Sat, 21 Feb 2009 14:31:39 +0100 Date: Sat, 21 Feb 2009 14:31:39 +0100 From: Robert Millan To: The development of GRUB 2 Message-ID: <20090221133139.GH16068@thorin> References: <499DB343.9020301@gmail.com> <499DF97E.1080800@student.ethz.ch> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <499DF97E.1080800@student.ethz.ch> Organization: free as in freedom X-Message-Flag: Worried about Outlook viruses? Switch to Thunderbird! www.mozilla.com/thunderbird X-Debbugs-No-Ack: true User-Agent: Mutt/1.5.18 (2008-05-17) X-detected-operating-system: by monty-python.gnu.org: Genre and OS details not recognized. Cc: Alex Besogonov Subject: Re: A _good_ and valid use for TPM X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Feb 2009 13:31:46 -0000 On Fri, Feb 20, 2009 at 01:29:50AM +0100, Jan Alsenz wrote: > First of all a TPM is not just some kind of secure memory only accessible from > early BIOS, it basically is a small computer. The thing is, we have many of these "small computers" in any standard PC. Many of them are technically capable of performing crypto checks and validating your memory. What makes the TPM different is not what it is, but what is _designed for_. When you get one, it comes with an hostile setup. If this computer was a crypto card, this would be no trouble, since the crypto card can't coerce you into using proprietary software. However, the TPM device is capable of deciding for you when your computer is "clean" and when it isn't. This empowers third parties to figure out if you're "clean" or not. To get the picture, imagine this situation: - Youtube demands you run approved version of Adobe Flash. - You don't want to use Adobe's proprietary program, you'd rather use Gnash instead. - Youtube can challenge you to use your TPM to prove you're running Flash. Then you're forced into either bowing to your TPM or not watching any videos. Such kind of submission to a small piece of silicon is not acceptable. -- Robert Millan The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and how) you may access your data; but nobody's threatening your freedom: we still allow you to remove your data and not access it at all."