[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Broken dream of mine :(
|
From: |
Sam Mason |
|
Subject: |
Re: Broken dream of mine :( |
|
Date: |
Mon, 21 Sep 2009 23:20:49 +0100 |
|
User-agent: |
Mutt/1.5.13 (2006-08-11) |
On Mon, Sep 21, 2009 at 05:32:07PM +0200, Michal Suchanek wrote:
> 2009/9/21 Sam Mason <address@hidden>:
> > Yup, I wasn't trying to protect against the admin. Just noting that it
> > will help to tell them when things are getting out of date.
>
> You can send them an email or show a warning message on the terminal
> until they upgrade without any need for TPM.
Yes, the machines could be blocked from the network and the admin
emailed.
> > But you can't be sure that a remote attacker hasn't put a rootkit in
> > somewhere. AFAIU, TPM should allow you to detect this.
>
> As should any other comparison with previous checksums which can be,
> for example, stored on a readonly boot media together with a
> bootloader that checks them.
There are a boatload of attacks against this aren't there? If it's
just a checksum, the attacker can remember the checksum from before and
send it back every time. It could also simulate the entire machine and
insert bad data when it wants.
> > I'd agree, I'm struggling to think of any use cases outside of high
> > assurance that would want anything to do with TPM.
>
> It doesn't give high assurance. It only gives assurance in combination
> with physical security in which case it is just one of many options,
> and not particularly appealing.
Physical security does nothing about remote/software attacks though.
> You have to rely on the TPM
> manufacturer quite a bit because the devices come as blackboxes with
> unknown internals.
Yes, but they're implementing a public spec and the economic incentives
all seem to be pointing the right way with this. If the manufacturer
screws up their implementation they're going to look bad to the people
who matter.
> Then netboot the machines. No need for reimaging and users staring at
> broken machines.
An attacker can modify the bios so that it points to somewhere it
controls. Again, this isn't for normal PCs.
> The TPM specification was developed for drm although it allows other
> uses.
Huh. I thought it was developed for other things, but my memory seems
to have got that wrong. All references I can see to it are from media
driven interest groups. Sorry about that!
--
Sam http://samason.me.uk/
- Re: Broken dream of mine :(, (continued)
- Re: Broken dream of mine :(, Michal Suchanek, 2009/09/17
- Re: Broken dream of mine :(, Bas Wijnen, 2009/09/20
- Re: Broken dream of mine :(, Michal Suchanek, 2009/09/21
- Re: Broken dream of mine :(, Sam Mason, 2009/09/21
- Re: Broken dream of mine :(, Michal Suchanek, 2009/09/21
- Re: Broken dream of mine :(, Arne Babenhauserheide, 2009/09/21
- Re: Broken dream of mine :(, Sam Mason, 2009/09/21
- Re: Broken dream of mine :(, Michal Suchanek, 2009/09/21
- Re: Broken dream of mine :(, Sam Mason, 2009/09/21
- Re: Broken dream of mine :(, Michal Suchanek, 2009/09/21
- Re: Broken dream of mine :(,
Sam Mason <=
- Re: Broken dream of mine :(, Michal Suchanek, 2009/09/21
- Re: Broken dream of mine :(, Arne Babenhauserheide, 2009/09/21
- Re: Broken dream of mine :(, Sam Mason, 2009/09/21
- Re: Broken dream of mine :(, Michal Suchanek, 2009/09/22
- Re: Broken dream of mine :(, Sam Mason, 2009/09/22
- Re: Broken dream of mine :(, Michal Suchanek, 2009/09/22
- Re: Broken dream of mine :(, Jonathan S. Shapiro, 2009/09/22
- Re: Broken dream of mine :(, Arne Babenhauserheide, 2009/09/22
- Re: Broken dream of mine :(, Sam Mason, 2009/09/22
- Re: Broken dream of mine :(, Michal Suchanek, 2009/09/22