From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with archive (Exim 4.43) id 1LasQo-0001ZH-13 for mharc-grub-devel@gnu.org; Sat, 21 Feb 2009 09:02:14 -0500 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1LasQk-0001YZ-Cz for grub-devel@gnu.org; Sat, 21 Feb 2009 09:02:10 -0500 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1LasQf-0001Xl-Oc for grub-devel@gnu.org; Sat, 21 Feb 2009 09:02:07 -0500 Received: from [199.232.76.173] (port=56976 helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1LasQe-0001Xc-9j for grub-devel@gnu.org; Sat, 21 Feb 2009 09:02:04 -0500 Received: from xsmtp0.ethz.ch ([82.130.70.14]:25994) by monty-python.gnu.org with esmtp (Exim 4.60) (envelope-from ) id 1LasQd-0001q7-KF for grub-devel@gnu.org; Sat, 21 Feb 2009 09:02:03 -0500 Received: from xfe1.d.ethz.ch ([82.130.124.41]) by XSMTP0.ethz.ch with Microsoft SMTPSVC(6.0.3790.3959); Sat, 21 Feb 2009 15:02:02 +0100 Received: from [192.168.2.105] ([81.221.97.38]) by xfe1.d.ethz.ch over TLS secured channel with Microsoft SMTPSVC(6.0.3790.3959); Sat, 21 Feb 2009 15:02:02 +0100 Message-ID: <49A008FC.7070503@student.ethz.ch> Date: Sat, 21 Feb 2009 15:00:28 +0100 From: Jan Alsenz User-Agent: Thunderbird 2.0.0.19 (X11/20090104) MIME-Version: 1.0 To: The development of GRUB 2 References: <499C7809.6030203@student.ethz.ch> <499D7526.70907@gmail.com> <20090219073836.2d532392@gibibit.com> <20090221133852.GI16068@thorin> In-Reply-To: <20090221133852.GI16068@thorin> X-Enigmail-Version: 0.95.7 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="------------enig9740E579F6B04614A5E1F771" X-OriginalArrivalTime: 21 Feb 2009 14:02:02.0352 (UTC) FILETIME=[F8639F00:01C9942C] X-detected-operating-system: by monty-python.gnu.org: Windows 2000 SP4, XP SP1+ Subject: Re: A _good_ and valid use for TPM X-BeenThere: grub-devel@gnu.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: The development of GRUB 2 List-Id: The development of GRUB 2 List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Feb 2009 14:02:11 -0000 This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig9740E579F6B04614A5E1F771 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Robert Millan wrote: > On Thu, Feb 19, 2009 at 07:38:36AM -0800, Colin D Bennett wrote: >> While TPM may open a door for corporations to prevent machine owners >> from having control over their machines, in this instance I do not see= >> another way to solve Alex's problem. >=20 > There's an easy way out of this. Simply verify data integrity from the= > flash chip, and make sure nobody can write to the flash chip. >=20 > You can archieve the first by e.g. installing coreboot/GRUB there and > add some crypto support to it. >=20 > You can archieve the second by cutting the WE wire, or by dumping lots = of > concrete over your board. Yes, this is a gazillon times more secure th= an > a TPM. TPMs are vulnerable to reverse engineering. Everything is vulnerable to reverse engineering. The problem with a TPM is not, that it uses bad/proprietary crypto, but a= s you state, that you can't own it completely. >> The evil part of TPM seems to be when a person buys a computer but the= >> computer is locked down with a key not provided to the buyer. >=20 > Precisely. If it came with a key that is known to the buyer (e.g. prin= ted > on paper), or with an override mechanism that is only accessible to its= > legitimate buyer, there would be no problem with it. >=20 > But AFAICT there are no TPMs that do this. It probably even violates t= he > spec. I also haven't seen a TPM that does it, but it is in the specs - called a= revocable endorsement key - as an optional feature... Greets, Jan --------------enig9740E579F6B04614A5E1F771 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkmgCQQACgkQfZylhtn4XvelAACgqBM2lJ/ZYwq9M+oBvA11Z/3v w84AmQHHuggY33k/6jGnLQB0COaKMUW4 =zSIO -----END PGP SIGNATURE----- --------------enig9740E579F6B04614A5E1F771--