On Tue, Feb 12, 2008 at 10:52:47AM +0900, Kuniyasu Suzaki wrote: > > >>From: Tzafrir Cohen <[EMAIL PROTECTED]> > >>Subject: Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0) > >> > >>On Mon, Feb 11, 2008 at 07:31:11AM -0800, Andrew Sackville-West wrote: > >>> On Mon, Feb 11, 2008 at 11:32:51AM +0000, steef wrote: > >>> > Kuniyasu Suzaki wrote: > >>> >> Dear, > >>> >> > >>> >> We released KNOPPIX5.1.1 for Trusted Computing Geeks (v1.0). > >>> >> http://unit.aist.go.jp/itri/knoppix/index-en.html > >>> >> It includes trusted computing software based on TPM(Trusted Platform > >>> >> Module). Debian packages on KNOPPIX is validated by Remote > Attestation. > >>> > -------------------------------------------------------^^^^^^^^^^^^^^^^^^^ > >>> > >>> sounds an awful lot like Remote Exploit to me. > >> > >>That's indeed remotely similar. > > Our remote attestation is a kind of CHECKER of two type of database > for trustworthy. The database of DSA (Debian Security Advisory) > validates the packages of knoppix. The database of platform integrity > was created by our samples, which is listed at > http://sourceforge.jp/projects/openpts/wiki/PlatformInfo > The database validates the boot procedure, which is based on "Trusted > Computing".
Sorry, I just don't get it. Given that the platform includes gcc, perl and python (and wget), what practical use is there in in the guarantees you can achive? What happens if I just innstall something from source? Recall that for the Xbox it only took one buggy game to allow installing an arbitrary software (e.g.: Linux) by the user. -- Tzafrir Cohen | [EMAIL PROTECTED] | VIM is http://tzafrir.org.il | | a Mutt's [EMAIL PROTECTED] | | best ICQ# 16849754 | | friend -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
