Free Rootkit with Every New Intel Machine
Ian Farquhar (ifarquha)
ifarquha at cisco.com
Sun Jul 1 20:17:15 EDT 2007
Dave Korn wrote:
> Ian Farquhar wrote:
>> Maybe I am showing my eternal optimist side here, but to me, this is
>> how TPM's should be used, as opposed to the way their backers
>> originally wanted them used. A removable module whose connection to a
>> device I establish (and can de-establish, assuming the presence of a
>> tamper-respondent barrier such as a sensor-enabled computer case to
>> legitimize that activity) is a very useful thing to me, as it
>> facilitates all sorts of useful applications. [...]
> If you can remove it, what's to stop you plugging it into another machine and copying all
> your DRM-encumbered material to that machine?
>
> It's supposed to identify the machine, not the user. Sounds to me like what you want is a
> personally identifying cert that you could carry around on a usb key...
Nothing, but you missed my point. I'm not interested in the DRM functionality, or user-removability. My point was to look
beyond that original remit.
Specifically, a module which supports authenticated physical removal (with a programmed tamper response) *is* useful, especially
for server applications. (*) Smartcards and "secure" USB devices might be useful for other applications, but not the one I was
describing, because they lack a tamper response.
Note I'm also saying "programmable tamper response". Although I like the idea of wiping keys on tamper response, it's not
necessarily the ideal response. A better possibility (in certain circumstances) is the device entering a "lockdown" mode with
selected and modelled reduced functionality. Examples of such circumstances are where the tamper might be triggerable
maliciously, thus facilitating a DoS attack against the service.
Ian.
(*) And isn't it interesting how so many "desktop" systems are now starting to run application mixes which really look like
servers?
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list