Free Rootkit with Every New Intel Machine

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Jun 25 23:47:11 EDT 2007


hal at finney.org ("Hal Finney") writes:

>The idea of putting a TPM on a smart card or other removable device is even
>more questionable from this perspective.

It's not just questionable, it's a really, really bad idea.  TPMs are
fundamentally just severely feature-crippled smart cards.  That is, they're
optimised for doing DRM/secure boot/whatever-you-want-to-call-it, but in
practice not much good for doing anything else (even if there are paper and
Powerpoint-slide claims to the contrary).  So you have something with all the
drawbacks of a smart card (external widget that needs to be bought at extra
cost and plugged in) and none of the advantages.

>Possibly with Vista's BitLocker disk encryption we will see more use of TPMs.

BitLocker just uses the TPM as a glorified USB key (sealing a key in a TPM is
functionally equivalent to encrypting it on a USB key).  Since BitLocker isn't
tied to a TPM in any way (I'm sure Microsoft's managers could see which way
the wind was blowing when they designed it), it's not going to be TPM's killer
app.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list