TPM & disk crypto
Kuehn, Ulrich
Ulrich.Kuehn at telekom.de
Tue Oct 10 12:28:46 EDT 2006
> From: James A. Donald [mailto:jamesd at echeque.com]
> Sent: Dienstag, 10. Oktober 2006 06:40
>
> What we want is that a bank client can prove to the bank it
> is the real client, and not trojaned. What the evil guys at
> RIAA want is that their music player can prove it is their
> real music player, and not hacked by the end user. Having a
> system that will only boot up in a known state is going to
> lead to legions of unhappy customers who find their system
> does not come up at all.
>
Who is "we"? In the case of my own system I payed for (so speaking for myself) I would like to have such a mechanism to have the system prove to me before login that it is not tampered with. The TCG approach does not provide this. Oh, and predetermined means that the machine admin can declare to which known state the system is going to boot.
>From a company point of view it might be interesting to make sure the employees have systems that come up to a predetermined state, or not at all, so when infected this turns up at next boot so that the admin can fix it.
Here the TCG approach would also be helpful as the remote attestation against a central server (or a number of them) can help.
And for the RIAA guys, they have no business on the machine I did pay for (!), as long as I do not infringe their copyright. Assumed innocent until proven guilty! On the other hand, there has been an infamous record company that miserably failed to ensure their components on consumers' computers are _not_ a security risk.
Ulrich
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list