On Sat, Feb 21, 2009 at 06:48:50PM +0200, Alex Besogonov wrote: > On Sat, Feb 21, 2009 at 3:51 PM, Robert Millan <r...@aybabtu.com> wrote: > > I don't agree with this analogy. Unlike cryptography, TPMs have been > > designed > > from the ground up to serve an evil purpose. They *could* have designed > > them with good intent, for example either of these could apply: > > - Buyer gets a printed copy of the TPM's private key when they buy a board. > Private part of the endorsement key _never_ leaves the device (if > manufacturer uses the recommended TPM_CreateEndorsementKeyPair > method). Even device manufacturer doesn't know it.
Even if that is true (which I doubt), it's merely incidental, because... > Public key is then > signed by manufacturer's certificate. This ensures that the private > key can't be compromised. ...this ensures that $evil_bob can challenge you to prove you're running his proprietary anti-user software. >Besides, you can _disable_ endorsement key > (TPM_DisablePubekRead) to protect your privacy. Of course. And if you're serious about privacy, you can even trash your computer or unplug it from the internet. The question is, will it be practical for you to do disable the TPM a few years from now? -- Robert Millan The DRM opt-in fallacy: "Your data belongs to us. We will decide when (and how) you may access your data; but nobody's threatening your freedom: we still allow you to remove your data and not access it at all." _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
