>> 2) Ethical Aspects >> ================== >> > Every technology has its evil uses, so does TPM. However, there's a very > large gap between currently implemented solutions and what you suggest. How can you know this? I met persons who say that it's very difficult to mount a PKI infrastructure to make remote attestation. would have agreed if remote attestation would be a corner case of something and if there was no coordination between TPMs. But none of this holds true. Additionally some manufacturers even say explicitly that the key is "approved" and if you reset your TPM your key will be "unaproved" which implies that some kind of such infrastructure exists. > Of course, someone may use TPM in a software suite that completly lock > down your computer. However, I don't think that it's the TPM's fault; > its just a technology. Handcuffs are just a technology too but you probably wouldn't disagree if I say that they are the opposite of freedom. > I would rather consider it's the fault of > countries with laws that tolerates these behaviours ... Money makes goverments blind. > > The goal of TPM is to be used in broader security schemes. Its use is > only to make sure that the integrity of the system was preserved. This > would prevent an attacker from inserting a stealth PCI device which can > leaks data using SMM. > Please ellaborate. Who is the attacker? What is he after in someone else's computer? Obviously he isn't after hardware components. If he's after the data then the owner of data should encrypt is with a decent password. > As an ending note, I am much more less confident in Intel's processor > microcode that is patented than in a chip I can deactivate and live > without it. > Intel microcode is an issue too but it's not hte one which is discussed right now > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.9 (MingW32) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkqMKXAACgkQBV7eXqefhqgLiwCgnQf3/vAS05SaFQhFm8op44y7 > 9+oAoIzZouLxPa16A2d+L8VTFNPlZit6 > =zq07 > -----END PGP SIGNATURE----- > > > _______________________________________________ > Grub-devel mailing list > Grub-devel@gnu.org > http://lists.gnu.org/mailman/listinfo/grub-devel >
-- Regards Vladimir 'phcoder' Serbinenko Personal git repository: http://repo.or.cz/w/grub2/phcoder.git _______________________________________________ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
