Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: [News] Vista's Inherent Data Loss Risk

  • Subject: Re: [News] Vista's Inherent Data Loss Risk
  • From: Peter Hayes <not_in_use@xxxxxxxxxxxxxx>
  • Date: 18 Oct 2006 21:21:29 GMT
  • Newsgroups: comp.os.linux.advocacy
  • Organization: <Zzzzz>
  • References: <1161197411.508319.56770@f16g2000cwb.googlegroups.com> <GdvZg.27661$H7.2001@edtnps82>
  • User-agent: Halime (Mac OS X 10.4.8 (PPC))
  • Xref: news.mcc.ac.uk comp.os.linux.advocacy:1171831
In <GdvZg.27661$H7.2001@edtnps82> Oliver Wong wrote:
> "Roy Schestowitz" <newsgroups@xxxxxxxxxxxxxxx> wrote in message 
> news:1161197411.508319.56770@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>> Problems inherent to Vista's complex security
>> ,----[ Overview ]
>> | Vista's security poses the risk of significant data loss
>> `----
>> http://www.heise-security.co.uk/articles/79432
>     To elaborate:
> http://www.heise-security.co.uk/articles/79432
> <quote>
> So, this process builds on a BIOS hash, a kernel hash and finally a 
> driver  hash. If anything fails to add up, the process stops and the 
> computer is  locked. In reality the whole key generation and access 
> process is fairly  complex and outside the scope of this article.
> A consequence of this technology is that the significance of the 
> quality of  the motherboard supplier you select is vastly greater than 
> before. The basis  of trust in your systems, including cryptographic 
> services, is now in the  hands of your motherboard supplier. Can you 
> really be sure they are not  located in a country with which you do 
> not particularly care to share all  your secrets...?
> [Snipped very verbose passage basically saying if your motherboard 
> breaks,  you'll lose your decryption key.]
> Backed up or remotely stored encrypted data will often not be 
> recoverable  because the decryption key will be bound to the broken PC.
> </quote>

It would seem therefore that backups shouldn't be encrypted using this 
technology. I wonder how many users will lose all their data before this 
truth becomes common knowledge.

>     So it's more of a criticism of TPM than Vista.

Yes, any OS deploying it is playing Russian Roulette with users' data.



[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index