Full Disclosure mailing list archives
TPM - will it work as pushed to the public?
From: "Todd Towles" <toddtowles () brookshires com>
Date: Thu, 15 Dec 2005 12:47:10 -0600
http://www.msnbc.msn.com/ID/10441443 <http://www.msnbc.msn.com/ID/10441443> Is it me or is this totally not going to work for normal people? "Of course you could always "fool" the system by starting your computer with your unique PIN or fingerprint and then letting another person use it, but that's a choice similar to giving someone else your credit card.) " Umm you mean like a backdoor installed on the system, VNC injection..the attacker can "use" your computer and your TPM chip from anywhere in the world. This will protect huge corporations by stopping attackers from using username/passwords on other computer systems, but how is this going to protect grandma (aka people that don't patch and therefore get infected anyways). MITM attack will still work, even with TPM Of course, people will find a way to spoof the TPM by using another computer infront of their own or someother trick. This seems to be just another left jab in the ongoing boxing match...not a "cure". -Todd
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- TPM - will it work as pushed to the public? Todd Towles (Dec 15)
- Re: TPM - will it work as pushed to the public? Valdis . Kletnieks (Dec 15)
- Re: TPM - will it work as pushed to the public? Jeroen Massar (Dec 15)
- <Possible follow-ups>
- RE: TPM - will it work as pushed to the public? Todd Towles (Dec 15)
- Re: TPM - will it work as pushed to the public? Valdis . Kletnieks (Dec 15)