Verily I say unto thee, that Linonut spake thusly:
> * Erik Funkenbusch peremptorily fired off this memo:
>> Yep. All the TPM chip is is a hardware repository for encryption
>> keys.
Oh dear, I thought it was only your protégé Smith who feigned obtuseness
to obfuscate the truth. Here's the part you missed:
[quote]
Remote attestation allows changes to the user's computer to be detected
by authorized parties. For examples, software companies can avoid users
tampering with their software to circumvent technological protection
measures.
[/quote]
http://en.wikipedia.org/wiki/Trusted_computing#Remote_attestation
This is an abuse of technology that violates consumers' fair-use rights,
that might (for example) be used to prevent making (or subsequently
using) backup copies of purchased media. IOW this is DRM.
>> For example, it's hard to have a fully encrypted hard drive without
>> something like a TPM (otherwise you have to carry keys on a USB
>> drive or CD or something similar)
>
> Isn't the latter kind of what you'd want to do anyway, to keep the
> machine safe when you're not around?
I would imagine it's easier to access (and subsequently hack) keys
stored on a standard mass storage device than a TPM, but I suppose that
depends on the hacker and his tools. Of course the upside to using
removable storage is that the hacker must first /find/ and steal that
device (in addition to the machine being hacked) before he can proceed.
In either case, there's always cold-boot attacks:
[quote]
Generally, pushing the security down to the hardware level in
conjunction with software provides more protection than a software-only
solution that is more easily compromised by an attacker. However even
where a TPM is used, the key is still vulnerable while a software
application that has obtained it from the TPM is using it to perform
encryption/decryption operations, as has been illustrated in the case of
a cold boot attack.
[/quote]
http://en.wikipedia.org/wiki/Trusted_Platform_Module
--
K.
http://slated.org
.----
| "Stallman has frequently pointed out, Free Software is by no means
| antithetical to making money: it's just a question of how you make
| money." ~ Glyn Moody: http://tinyurl.com/4wn2l2 (ComputerworldUK)
`----
Fedora release 8 (Werewolf) on sky, running kernel 2.6.23.8-63.fc8
17:28:21 up 190 days, 14:03, 2 users, load average: 0.05, 0.05, 0.06
|
|