In <GdvZg.27661$H7.2001@edtnps82> Oliver Wong wrote:
>
> "Roy Schestowitz" <newsgroups@xxxxxxxxxxxxxxx> wrote in message
> news:1161197411.508319.56770@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
>> Problems inherent to Vista's complex security
>>
>> ,----[ Overview ]
>> | Vista's security poses the risk of significant data loss
>> `----
>>
>> http://www.heise-security.co.uk/articles/79432
>
> To elaborate:
>
> http://www.heise-security.co.uk/articles/79432
> <quote>
> So, this process builds on a BIOS hash, a kernel hash and finally a
> driver hash. If anything fails to add up, the process stops and the
> computer is locked. In reality the whole key generation and access
> process is fairly complex and outside the scope of this article.
>
> A consequence of this technology is that the significance of the
> quality of the motherboard supplier you select is vastly greater than
> before. The basis of trust in your systems, including cryptographic
> services, is now in the hands of your motherboard supplier. Can you
> really be sure they are not located in a country with which you do
> not particularly care to share all your secrets...?
>
> [Snipped very verbose passage basically saying if your motherboard
> breaks, you'll lose your decryption key.]
>
> Backed up or remotely stored encrypted data will often not be
> recoverable because the decryption key will be bound to the broken PC.
> </quote>
It would seem therefore that backups shouldn't be encrypted using this
technology. I wonder how many users will lose all their data before this
truth becomes common knowledge.
> So it's more of a criticism of TPM than Vista.
Yes, any OS deploying it is playing Russian Roulette with users' data.
--
Peter
|
|
