mailing list archives
Re: CSI 2008 Redux
From: Alexander Sotirov <alex () sotirov net>
Date: Mon, 24 Nov 2008 04:52:14 -0800
On Sun, Nov 23, 2008 at 04:06:40PM +0100, Joanna Rutkowska wrote:
... which, of course, doesn't prevent the hypervisor from being exploited 5 secs
after it got securely loaded, e.g. via some buffer overflow bug...
Of course :-)
But, nevertheless, yes, this indeed is a very important feature of the TPM (and
the whole trusted boot concept, like e.g. Intel TXT), and people should
eventually stop talking that TPM is bad. It is not, and it indeed can provide
great value for users concerned about security (and not only physical security!).
BTW, I'm also glad to see a VMWare researcher acknowledging it :) So far, only
the Xen hypervisor can use the trusted boot mechanism via the Intel-provided
tboot component AFAIK. So, looking forward to see the ESX implementing trusted
boot at some point in time.
Actually I just quit VMware, so my opinions are my own. I can't speak for the
company or comment on ESX.
I do agree that TPM has a lot more interesting uses than just DRM. It really
looks like we're building something similar to the Secure Hardware Environment
from Rainbow's End. I'm not sure if that's a good thing or not, but I doubt it
can be stopped, so we might as well try to take advantage of it.
Dailydave mailing list
Dailydave () lists immunitysec com
Re: CSI 2008 Redux Alexander Sotirov (Nov 23)
- Re: CSI 2008 Redux Joanna Rutkowska (Nov 23)
- Re: CSI 2008 Redux Alexander Sotirov (Nov 25)