grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A _good_ and valid use for TPM

From: Robert Millan
Subject: Re: A _good_ and valid use for TPM
Date: Sat, 21 Feb 2009 21:39:28 +0100
User-agent: Mutt/1.5.18 (2008-05-17) 
On Sat, Feb 21, 2009 at 06:48:50PM +0200, Alex Besogonov wrote:
> On Sat, Feb 21, 2009 at 3:51 PM, Robert Millan <address@hidden> wrote:
> > I don't agree with this analogy.  Unlike cryptography, TPMs have been 
> > designed
> > from the ground up to serve an evil purpose.  They *could* have designed
> > them with good intent, for example either of these could apply:
> >  - Buyer gets a printed copy of the TPM's private key when they buy a board.
> Private part of the endorsement key _never_ leaves the device (if
> manufacturer uses the recommended TPM_CreateEndorsementKeyPair
> method). Even device manufacturer doesn't know it.

Even if that is true (which I doubt), it's merely incidental, because...

> Public key is then
> signed by manufacturer's certificate. This ensures that the private
> key can't be compromised.

...this ensures that $evil_bob can challenge you to prove you're running
his proprietary anti-user software.

>Besides, you can _disable_ endorsement key
> (TPM_DisablePubekRead) to protect your privacy.

Of course.  And if you're serious about privacy, you can even trash your
computer or unplug it from the internet.

The question is, will it be practical for you to do disable the TPM a few
years from now?

-- 
Robert Millan

  The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and
  how) you may access your data; but nobody's threatening your freedom: we
  still allow you to remove your data and not access it at all."
reply via email to
[Prev in Thread] Current Thread [Next in Thread]