On Thursday 20 August 2009 18:09:00 Robert Millan wrote:
> And I forgot to mention tax filings, which may also end up preventing free
> software from being used to file taxes. Likewise for many other tasks that
> citizens can't avoid.
>
> So, just move to another state and use a different IRS?
Na
On Thursday 20 August 2009 12:58:50 Michal Suchanek wrote:
> How does TPM protest your machine from physical access? I thought it's
> a small chip somewhere on the board, not a steel case around the
> machine.
The TPM can be configured to only divulge the secret once it's been proven
that only th
On Thursday 20 August 2009 12:15:42 Vladimir 'phcoder' Serbinenko wrote:
> On Thu, Aug 20, 2009 at 9:38 AM, Michael Gorven
wrote:
> > On Wednesday 19 August 2009 22:25:00 Vladimir 'phcoder' Serbinenko wrote:
> >> > 99% of people with this use case are n
On Thursday 20 August 2009 10:20:02 Michal Suchanek wrote:
> 2009/8/20 Michael Gorven :
> > On Thursday 20 August 2009 09:59:42 Michal Suchanek wrote:
> >> 2009/8/20 Michael Gorven :
> >> > On Thursday 20 August 2009 09:49:06 Michal Suchanek wrote:
> >> >
On Thursday 20 August 2009 09:59:42 Michal Suchanek wrote:
> 2009/8/20 Michael Gorven :
> > On Thursday 20 August 2009 09:49:06 Michal Suchanek wrote:
> >> 2009/8/20 Michael Gorven :
> >> > On Wednesday 19 August 2009 21:21:28 Michal Suchanek wrote:
> >>
On Thursday 20 August 2009 09:49:06 Michal Suchanek wrote:
> 2009/8/20 Michael Gorven :
> > On Wednesday 19 August 2009 21:21:28 Michal Suchanek wrote:
> >> Tell me one technical benefit of TPM over coreboot.
> >
> > Coreboot doesn't provide protected
On Wednesday 19 August 2009 21:21:28 Michal Suchanek wrote:
> Tell me one technical benefit of TPM over coreboot.
Coreboot doesn't provide protected storage of secrets (e.g. harddrive
decryption keys).
--
http://michael.gorven.za.net
PGP Key ID 1E016BE8
S/MIME Key ID AAF09E0E
signature.asc
De
On Wednesday 19 August 2009 22:44:18 Vladimir 'phcoder' Serbinenko wrote:
> But why can't I generate my keys on first use? Or why do I need
> manufacturer's signature?
You don't.
--
http://michael.gorven.za.net
PGP Key ID 1E016BE8
S/MIME Key ID AAF09E0E
signature.asc
Description: This is a dig
On Wednesday 19 August 2009 22:25:00 Vladimir 'phcoder' Serbinenko wrote:
> > 99% of people with this use case are not going to put their BIOS chip in
> > concrete. Configuring a TPM chip a lot easier.
>
> 98% of people in this case don't really care if they are secure or not.
I said "with this us
On Wed, Aug 19, 2009 at 10:27:59PM +0200, Vladimir 'phcoder' Serbinenko wrote:
Since we're going to say no anyway, there's no reason to do it
later. The
longer we wait the stronger they'll be, and the more difficult for us to
reject their unreasonable demands.
Because there are valid use case
On Wed, Aug 19, 2009 at 04:42:32PM +0200, Robert Millan wrote:
On Wed, Aug 19, 2009 at 02:25:21PM +0200, Michael Gorven wrote:
On Wednesday 19 August 2009 13:51:34 Vladimir 'phcoder' Serbinenko wrote:
> 1) Making use of TPM you become dependent on good will of TPM
> manufacture
On Wed, Aug 19, 2009 at 08:48:13PM +0200, Vladimir 'phcoder' Serbinenko wrote:
Since the BIOS can be "easily" replaced, it cannot be trusted, hence you
can't build a chain of trust starting from your BIOS. It is a "little"
more difficult to replace a TPM, even more if it's holding a shared
secret
On Wed, Aug 19, 2009 at 08:01:06PM +0200, Vladimir 'phcoder' Serbinenko wrote:
I can imagine a world with computers you can access from free and from
whom you can boot with your USB pen-drive (or trust the installed OS, or
whatever you want). But this world is still far away from here ... :|
TPM
On Wed, Aug 19, 2009 at 04:01:39PM +0200, Robert Millan wrote:
Can you give a reason not to provide the owner with any of:
- A printed copy of the private key corresponding to the chip he paid for.
Not really, although not having any trace of the private key reduces the
chance of it being st
On Wed, Aug 19, 2009 at 03:48:18PM +0200, Vladimir 'phcoder' Serbinenko wrote:
On Wed, Aug 19, 2009 at 3:24 PM, Michael Gorven wrote:
On Wednesday 19 August 2009 14:42:37 Vladimir 'phcoder' Serbinenko wrote:
Even if they can't stop from working at all they can make
On Wednesday 19 August 2009 14:42:37 Vladimir 'phcoder' Serbinenko wrote:
> Even if they can't stop from working at all they can make it
> effectively useless by e.g. not allowing you to see online videos, buy
> online or even just send an e-mail (saying it's "spam control") if you
> aren't TPM-che
On Wednesday 19 August 2009 13:51:34 Vladimir 'phcoder' Serbinenko wrote:
> 1) Making use of TPM you become dependent on good will of TPM
> manufacturer. You can never know if or when the TPM manufacturer or
> someone connected with them will ask you to use remote attestation to
> prove them that y
On Tuesday 18 August 2009 18:18:31 Duboucher Thomas wrote:
> Actually, I wanted to know if the code in the mercurial repository was
> the same as the one in the Bazaar repository. The reason is I made
> previously a patch from hg and I do not have what I need to diff the two
> repositories. :|
The
On Monday 17 August 2009 19:15:23 Duboucher Thomas wrote:
> I have a stupid question what's the difference between the tip in
> your Mercurial repository[1] and the head in your Bazaar repository[2]?
The Mercurial repo is deprecated. I'll actually remove it.
--
http://michael.gorven.za.net
On Monday 17 August 2009 18:07:07 Vladimir 'phcoder' Serbinenko wrote:
> Diff would be nice. Because not all developpers (including me) are
> familiar with bzr and it would take time for me to find out how to
> request specifically the patch I want to review. Additionally not
> posting diff makes i
On Monday 01 June 2009 16:22:12 Vladimir 'phcoder' Serbinenko wrote:
> I say we should go for git. It would safeguard us from possible future
> problems with savannah as we can easily switch between different git
> mirrors. Additionally the main argument not to switch to git was that
> it doesn't g
On Monday 01 June 2009 15:37:23 Pavel Roskin wrote:
> My git mirror git://repo.or.cz/grub2.git should be up-to-date, as it was
> mirrored by a cron job twice an hour.
I have a Bazaar repo up to r2240 (2009-05-28 22:08:33) and a Mercurial repo up
to r2238 (Tue May 26 23:19:42) if it helps.
Michae
On Thursday 16 April 2009 18:27:33 phcoder wrote:
> Why don't you help us with that? Install truecrypt, dump mbr and mbr
> gap. Disassemble mbr and send an explanation of what it does in plain
> english here
There seems to be a decent specification[1] of the TrueCrypt format on their
website. It
On Tuesday 31 March 2009 10:50:57 phcoder wrote:
> How big is your core.img?
With the following modules (untested), 61K.
configfile sha1 biosdisk pc linux ext2 minicmd crypto aes luks sha256
--
http://michael.gorven.za.net
PGP Key ID 6612FE85
S/MIME Key ID AAF09E0E
signature.asc
Description: T
On Tuesday 31 March 2009 09:50:17 phcoder wrote:
> Michael Gorven wrote:
> > On Tuesday 31 March 2009 04:48:02 steve wrote:
> >> Update, i was able to get the right modules to load into a core.img by
> >> making the encrypted partition start at 1mb instead of 32.5kb, t
On Tuesday 31 March 2009 04:48:02 steve wrote:
> Update, i was able to get the right modules to load into a core.img by
> making the encrypted partition start at 1mb instead of 32.5kb, the modules
> loaded into core.img were:
Nice! I briefly looked at getting everything into core.img, but it seeme
On Sunday 29 March 2009 21:54:54 steve wrote:
> Whatever is easier for you, though a repo would be easier for me.
I've published the repo at http://michael.gorven.za.net/hg/grub/luks. I merged
with trunk this morning and fixed some compilation errors, but haven't
actually tested it yet so it mig
On Sunday 29 March 2009 00:52:43 steve wrote:
> I have been following the past conversations about support for cryptoroot
> and LUKS in grub2, concerning various patches and licensing issues, and i
> would like to know what is the current status of the development process?
> Is there a separate dev
On Saturday 21 February 2009 22:31:36 Robert Millan wrote:
> On Sat, Feb 21, 2009 at 05:29:34PM +0200, Michael Gorven wrote:
> > On Saturday 21 February 2009 15:51:42 Robert Millan wrote:
> > > On Fri, Feb 20, 2009 at 09:45:28AM +0200, Michael Gorven wrote:
> > > > T
On Saturday 21 February 2009 15:51:42 Robert Millan wrote:
> On Fri, Feb 20, 2009 at 09:45:28AM +0200, Michael Gorven wrote:
> > TPM can be used for good or for bad, but this is the case for everything
> > involving cryptography. We don't refuse to use encryption algorithms
&g
On Friday 20 February 2009 13:27:28 phcoder wrote:
> Free software is about freedom of choice. I think we should have
> possibility to have multiple authentication and key sources. Then one
> could e.g. not save password as md5 somewhere in configfile or embedded
> in module but check that this pas
On Friday 20 February 2009 02:29:50 Jan Alsenz wrote:
> So in the end (after boot) you have a bunch of PCR values, that represent
> all the code and data, that was used to boot the system. If you have this
> and are sure, that the current configuration is correct, you have a
> reference value of th
On Monday 18 August 2008 23:23:54 Simon Peter wrote:
> In the meantime, I've assigned copyright of my work (excluding the AES
> and RIPEMD implementations) to the FSF. The documents are probably
> already waiting in my mailbox at home. I'll get the signing done once
> I'm back home at the end of th
On Saturday 09 August 2008 17:24:23 Marco Gerards wrote:
> I was about the review Simon's patch. What is the best way to
> proceed. More than one person works on this and I am confused about
> how to deal with this. Would it help if Simons work got in first, or
> didn't you continue with this, b
Hi
Two months ago[1] I announced on this list that I was working on adding
support for LUKS encrypted partitions to GRUB. I had some queries[2]
regarding other code which I have used, and still haven't had a proper
response to those queries. Could someone please advise me on what needs to be
d
On Wednesday 06 August 2008 22:01:29 Robert Millan wrote:
> I think the first you should do is check the list archives. IIRC there was
> someone else already working on this (not sure if he's still active,
> though).
I'm basically waiting for my patch to be reviewed, and for a response
regarding
On Wednesday 06 August 2008 18:04:16 W. Michael Petullo wrote:
> I am interested in seeing support for encrypted partitions added to GRUB.
> On the GRUB Wiki, encryption support is listed as a suggested project for
> Google's Summer of Code 2008. Did anyone pick up this project? If not, I
> would l
On Monday 21 July 2008 01:49:52 Simon Peter wrote:
> I'm still interested in getting strong crypto into grub mainline and
> while it's still not in, I just saw you guys proposed this as a project
> for Google's summer of code. Are you going to point students at the
> code I already produced? Would
On Saturday 12 July 2008 16:39:21 Robert Millan wrote:
> On Tue, Jul 08, 2008 at 08:24:33AM +0200, Michael Gorven wrote:
> > On Tuesday 08 July 2008 07:32:40 Yoshinori K. Okuji wrote:
> > > This news, basically, says that my company will provide a solution to
> > &g
On Tuesday 08 July 2008 07:32:40 Yoshinori K. Okuji wrote:
> This news, basically, says that my company will provide a solution to
> activating pre-installed software in a computer, after entering an access
> code with cryptography, using GRUB 2.
I have been working on adding support for encrypted
devel/ChangeLog 2008-05-31 16:31:29.0 +0200
@@ -1,3 +1,8 @@
+2008-05-31 Michael Gorven <[EMAIL PROTECTED]>
+
+ * term/terminfo.c (grub_terminfo_set_current): Correct vt100 cursor
+ on and off sequences.
+
2008-05-31 Robert Millan <[EMAIL PROTECTED]>
* util/update-grub_lib.
On Wednesday 28 May 2008 18:58:20 Vesa Jääskeläinen wrote:
> Michael Gorven wrote:
> > On Wednesday 28 May 2008 18:26:09 Vesa Jääskeläinen wrote:
> >> Michael Gorven wrote:
> >>> Numerous ciphers and hashes from libgcrypt: Copyright FSF and LGPL 2.1
> >>&g
On Wednesday 28 May 2008 18:26:09 Vesa Jääskeläinen wrote:
> Michael Gorven wrote:
> > Numerous ciphers and hashes from libgcrypt: Copyright FSF and LGPL 2.1
> > AES cipher from Simon's patch: LGPL 2.1
>
> If we are to go with libgcrypt way... why you are not using AES f
On Wednesday 28 May 2008 16:07:09 Robert Millan wrote:
> On Thu, May 22, 2008 at 03:56:53PM +0200, Michael Gorven wrote:
> > 2. If I am to submit Simon's patch, what remaining issues are there with
> > it? If there is a problem with the license of the ciphers I can replace
&g
On Friday 23 May 2008 15:50:53 Julien Ranc wrote:
> method handler that registered with this name. It could be, for
> example "plain" for plain texts, "md5", "sha256", etc.
I am currently implementing support for LUKS encrypted partitions in GRUB and
have working SHA1, SHA256 and SHA512 modules.
Hi
I am currently adding support for LUKS encrypted partitions to GRUB2. Although
I'm far from finished, there are a few issues I'd like to address.
1. I am using the crypto patch submitted by Simon Peter[1][2]. Are there any
plans to integrate this patch, or should I resubmit it as part of my
46 matches
Mail list logo
