From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1MdmN8-0000EA-Eq for mharc-grub-devel@gnu.org; Wed, 19 Aug 2009 10:42:42 -0400 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1MdmN6-0000DY-KQ for grub-devel@gnu.org; Wed, 19 Aug 2009 10:42:40 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1MdmN2-0000BR-U6 for grub-devel@gnu.org; Wed, 19 Aug 2009 10:42:40 -0400 Received: from [199.232.76.173] (port=54064 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1MdmN2-0000BK-Cm for grub-devel@gnu.org; Wed, 19 Aug 2009 10:42:36 -0400 Received: from mx20.gnu.org ([199.232.41.8]:51879) by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA1:32) (Exim 4.60) (envelope-from ) id 1MdmN1-0004I4-SQ for grub-devel@gnu.org; Wed, 19 Aug 2009 10:42:36 -0400 Received: from xvm-190-8.ghst.net ([217.70.190.8] helo=aybabtu.com) by mx20.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1MdmN0-0007T0-6X for grub-devel@gnu.org; Wed, 19 Aug 2009 10:42:34 -0400 Received: from [192.168.10.10] (helo=thorin) by aybabtu.com with esmtp (Exim 4.69) (envelope-from ) id 1MdmMz-0007Qj-7O for grub-devel@gnu.org; Wed, 19 Aug 2009 16:42:33 +0200 Received: from rmh by thorin with local (Exim 4.69) (envelope-from ) id 1MdmMy-0001yr-AJ for grub-devel@gnu.org; Wed, 19 Aug 2009 16:42:32 +0200 Date: Wed, 19 Aug 2009 16:42:32 +0200 From: Robert Millan To: The development of GRUB 2 Message-ID: <20090819144232.GD4210@thorin> References: <4A8BDB5B.5000407@labri.fr> <200908191425.29202.michael@gorven.za.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200908191425.29202.michael@gorven.za.net> Organization: free as in freedom X-Message-Flag: Worried about Outlook viruses? Switch to Thunderbird! www.mozilla.com/thunderbird X-Debbugs-No-Ack: true User-Agent: Mutt/1.5.18 (2008-05-17) X-Detected-Operating-System: by mx20.gnu.org: GNU/Linux 2.6 (newer, 3) X-detected-operating-system: by monty-python.gnu.org: GNU/Linux 2.6, seldom 2.4 (older, 4) Subject: Re: TPM support status ? X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 19 Aug 2009 14:42:41 -0000 On Wed, Aug 19, 2009 at 02:25:21PM +0200, Michael Gorven wrote: > On Wednesday 19 August 2009 13:51:34 Vladimir 'phcoder' Serbinenko wrote: > > 1) Making use of TPM you become dependent on good will of TPM > > manufacturer. You can never know if or when the TPM manufacturer or > > someone connected with them will ask you to use remote attestation to > > prove them that you use only the software they signed and that they > > effectively control your computer. > > How are you dependent? If they ask you to use remote attestation then just say > no The trick is, you can't skip a remote attestation test. Either you prove you're clean or you're not. So if you "just say no", what does it mean? It could mean you can't access your bank account unless you use their designated non-free browser. It could mean you can't read a book unless you use their designated non-free reader (with DRM restrictions, etc). Since we're going to say no anyway, there's no reason to do it later. The longer we wait the stronger they'll be, and the more difficult for us to reject their unreasonable demands. > > Why do I as user need someone else to check my computer? > > Because you don't always own or completely control the computer. Right, but we're defending the rights of the legitimate owner of that device, which doesn't have to be the same as the end user (e.g. kiosk). -- Robert Millan The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and how) you may access your data; but nobody's threatening your freedom: we still allow you to remove your data and not access it at all."