TPM - will it work as pushed to the public?

["Todd Towles" <toddtowles () brookshires com>]

http://www.msnbc.msn.com/ID/10441443
<http://www.msnbc.msn.com/ID/10441443> 

Is it me or is this totally not going to work for normal people?

"Of course you could always "fool" the system by starting your computer
with your unique PIN or fingerprint and then letting another person use
it, but that's a choice similar to giving someone else your credit

card.) "

Umm you mean like a backdoor installed on the system, VNC injection..the
attacker can "use" your computer and your TPM chip from anywhere in the
world. This will protect huge corporations by stopping attackers from
using username/passwords on other computer systems, but how is this
going to protect grandma (aka people that don't patch and therefore get
infected anyways). MITM attack will still work, even with TPM

Of course, people will find a way to spoof the TPM by using another
computer infront of their own or someother trick. This seems to be just
another left jab in the ongoing boxing match...not a "cure".

-Todd

 

 
 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/