Autor: Isaac Dunham Datum: To: T.J. Duchene CC: dng Betreff: Re: [Dng] TPM
On Mon, Dec 22, 2014 at 05:23:30PM -0600, T.J. Duchene wrote: >
> On 12/22/2014 3:44 PM, Joe Awni wrote:
> >
> >
> >IMO, the amplitude of potential TPM-nightmare scenarios should give a clue
> >about the strength of the technology.
> >IE: If it can do that in the "wrong-hands," what can it do in the right?
> >
> >
> Hi Joe!
>
> What can it do in the right? Nothing that can't be done without the TPM
> chip. One of the first things that you learn in computer engineering is
> that anything problem can be solved on software or hardware. The only
> difference is a question of efficiency.
>
> The TPM chip is specifically designed to act as a hardware safeguard against
> user intervention in software. It's intended to provide certain facilities
> that already exist in software. The purpose in putting them in hardware is
> to limit your access to them, so that you - the user - cannot personally
> override them.
A couple years ago I saw a package in the Debian squeeze repositories
that uses the TPM to check for rootkits/viruses.
As I have never owned any hardware with a TPM*, I did not investigate
any further.
* All my computers were made from cheap parts designed in 2008 or earlier,
as far as I can tell.