April 22, 2004

Running Notes

David Safford: Why Trusted Computing?

* Hackers have tried attacking servers, the networks, but now they realize that the client is the best target because users are the weakest link.
* Threat model: remote software attacks and physical theft
* Not interested in DRM
* I want to be able to trust my machine.

- What does TPM do?
* Private Keys generated and remain on processor
* Hash of applications to prevent hacks, backdoors
* Attestation - software manufacturers can validate copy on your drive

- Taking Control of TPM
* BIOS can turn TPM on or off
* If off, software cannot turn it back on
* IBM currently ships with TPM turned off at BIOS
* User must "take ownership" of TPM to create new Storage Root Key and owner secret.

Seth Schoen: How to abuse trusted computing

When Seth went to math camp, people used to play "core wars" where computer programs would fight each other and trying to destroy each other by tricking it into executing an illegal instruction.

Recently, he used Windows XP and noticed this behavior -- programs fighting each other for control and to neutralize other programs.

* Trusted computer will change the balance of power in these modern core wars.
* TC is arbitrary.
* Software is being upgraded all the time.
* Who decides what is a good or bad program?
* We can all agree that viruses are bad but there is a lot of grey

* Users want to protect themselves = good
* Attestation allows others to control what changes you can make to your computer = bad; i.e. you are considered a potential attacker.
* Software developers can use TC to prevent reverse engineering, which diminishes innovation and competition.

Posted by jasonschultz at April 22, 2004 09:31 AM
Post a comment

Remember personal info?