Dailydave mailing list archives
Re: TPM attacks
From: Pete Herzog <pete () isecom org>
Date: Tue, 03 Jul 2007 15:47:44 +0200
Hi, Following the thread about the BH US presentation on the TPMkit (http://www.nvlabs.in/?q=node/32) being canceled, the discussion has entered on the internal list now at www.opentc.net. The idea there is to build a secure and trusted system using the TPM, virtualization, and open source software. A good portion of that process requires security testing of all trusted system components including the TPM software. So talk of such things like the TPMkit are apt to pop up. Apparently, there is a TPM attack at the boot process and from the opentc mailing list the following papers are mentioned: https://www.cosic.esat.kuleuven.be/publications/article-591.pdf http://os.inf.tu-dresden.de/papers_ps/kauer07-oslo.pdf So there is definite truth behind the proposed concept unfortunately it was already public knowledge. Maybe they had something else in mind? What makes me suspicious is the pop-star-like hype of their announcement about TPMkit equating the TPM to DRM in an attempt to make a flashier announcement. Sincerely, -pete. -- Pete Herzog - Managing Director - pete () isecom org ISECOM - Institute for Security and Open Methodologies www.isecom.org - www.osstmm.org www.hackerhighschool.org - www.isestorm.org _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Re: TPM attacks Pete Herzog (Jul 03)