Re: machine owner (was: Re: Challenge: Find potential use cases for non-trivial confinement)

[Bas Wijnen]

On Mon, May 01, 2006 at 07:56:46PM +0200, address@hidden wrote:
> Hi,
> 
> On Mon, May 01, 2006 at 06:21:11PM +0200, Pierre THIERRY wrote:
> > Scribit Bas Wijnen dies 01/05/2006 hora 14:09:
> 
> > > I wrote at least twice already that the primary space bank is *not*
> > > owned by the system administrator.  It is owned by the TCB, which is
> > > an entity itself.
> > 
> > So let's rephrase: it follows immediately that the machine owner can
> > inspect all storage, |...]
> 
> Yes, if he installed a variant of the OS that contains a backdoor in the
> TCB. (This is true regardless whether we have constructors or not.)

Or didn't use a TC chip to encrypt his hard disk, and inspects it externally
(that is, from some other OS instance).

> This is one thing the TPM is supposed to make harder, on the premise
> that the user can check what variant of the OS exactly is installed. Too
> bad it is not really feasible in an overwhelming majority of situations
> in practice.

I'm actually quite happy about that. :-)

Thanks,
Bas

-- 
I encourage people to send encrypted e-mail (see http://www.gnupg.org).
If you have problems reading my e-mail, use a better reader.
Please send the central message of e-mails as plain text
   in the message body, not as HTML and definitely not as MS Word.
Please do not use the MS Word format for attachments either.
For more information, see http://129.125.47.90/e-mail.html

signature.asc
Description: Digital signature