Re: TPM chip and Grub bootloader

[Robert Millan]

On Fri, May 25, 2007 at 10:11:03AM -0500, Bruno Wolff III wrote:
> On Fri, May 25, 2007 at 11:06:49 +0200,
>   Patrick Georgi <address@hidden> wrote:
> > 
> > As so often, it can be used for, and against the user. Binding certain 
> > data to a machine (eg. certificates) and making it non-trivial to get at 
> > them.
> 
> And the way to tell is who has the keys that are stored on the TPM chip.
> If it is use, then things are good. If it is someone else, then things
> are bad.

That's a missconception.  It's not the fact that a CA has a master key that
makes this system a threat, it's the fact that when someone else has that
key, there's no way for the owner to use physical access to become the root
of the trust chain and make his own computer sign anything he wants.

IOW, no matter who the keys belong to, the problem is there's a component in
the hardware I paid for that is hostile to me, which contains keys that I
cannot retrieve (good, because of security), and refuses to use the keys on
anything I want it to (bad, because it's inherently an abusive tool).

That, of course, unless owner override feature is present.  Then it's a whole
different story.

-- 
Robert Millan

My spam trap is address@hidden  Note: this address is only intended
for spam harvesters.  Writing to it will get you added to my black list.