TPM & disk crypto
James A. Donald
jamesd at echeque.com
Thu Oct 12 20:54:42 EDT 2006
James A. Donald:
>> Well obviously I trust myself, and do not trust
>> anyone else all that much, so if I am the user, what
>> good is trusted computing?
>>
>> One use is that I can know that my operating system
>> has not changed behind the scenes, perhaps by a
>> rootkit, know that not only have I not changed the
>> operating system, but no one else has changed the
>> operating system.
Alexander Klimov wrote:
> The argument that TPM can prevent trojans seems to
> imply that the trojans are installed by modification
> of raw storage while the OS is offline.
No it does not.
> Btw, how the TCG allows to regularly change the kernel
> for security patches and still keep the same
> ``reported hash''?
It can report that the hash is a value that has
been blessed by signed software - and can report that
its list of reputable signing authorities is blessed by
Microsoft, and does not include me.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list