Free Rootkit with Every New Intel Machine
Dave Korn
dave.korn at artimi.com
Tue Jun 26 04:22:54 EDT 2007
On 26 June 2007 00:51, Ian Farquhar (ifarquha) wrote:
>> It seems odd for the TPM of all devices to be put on a pluggable module as
>> shown here. The whole point of the chip is to be bound tightly to the
>> motherboard and to observe the boot and initial program load sequence.
>
> Maybe I am showing my eternal optimist side here, but to me, this is how
> TPM's should be used, as opposed to the way their backers originally wanted
> them used. A removable module whose connection to a device I establish
> (and can de-establish, assuming the presence of a tamper-respondent barrier
> such as a sensor-enabled computer case to legitimize that activity) is a
> very useful thing to me, as it facilitates all sorts of useful
> applications. The utility of the original intent has already been widely
> criticised, so I won't repeat that here. :)
If you can remove it, what's to stop you plugging it into another machine
and copying all your DRM-encumbered material to that machine?
It's supposed to identify the machine, not the user. Sounds to me like what
you want is a personally identifying cert that you could carry around on a usb
key...
cheers,
DaveK
--
Can't think of a witty .sigline today....
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list