get a grip on what TCPA is for
John S. Denker
jsd at monmouth.com
Thu Aug 15 21:54:58 EDT 2002
bear wrote:
>
> No tamper-reistant hardware can even start to compare
> with a simple BIOS change to keep the entire hard drive
> encrypted. Without the proper passphrase on bootup, you
> can't even tell what operating system is installed, let
> alone install a trojan.
If the hardware isn't tamper-resistant, the adversary
can just put in a slightly-less simple BIOS that
captures your passphrase the next time you use it. At
this point the game is pretty much over. You've lost.
As a general rule: If you don't have physical security,
you don't have security.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list