Home page logo

fulldisclosure logo Full Disclosure mailing list archives

Re: Trustworthy Computing Mini-Poll
From: Ron DuFresne <dufresne () winternet com>
Date: Fri, 20 Dec 2002 12:58:20 -0600 (CST)

On Fri, 20 Dec 2002, Simon Richter wrote:


I'd say protection from binary viruses and stack overflows, plus if
someone breaks into your computer and you have stored your key in a safe
place you can tell what she modified. So this would be a definitve must
if you're builing a server, and I'm asking now whether you would like
those features on your home box as well, even if you had to give up DVD
copying or get special illegal hardware for it.

tripwire and any other applcation that stores and checks md5 or sha1
checksum signatures for files already accomplishes the later part above,
if properly maintained.  So, TCPA would be overkill, and redundant for
those that already  use applications for this purpose.

Basically I'm on your side -- but I fear that if noone speaks up and
points out a better alternative, we will be stuck with TCPA as it
currently is, and lose the options we currently have anyway (since we
cannot decrypt stuff from the Internet or from DVDs on our hardware). So
I'm searching for a better alternative. I'm ignoring all the copy
protection stuff since it will be broken withing a few moths anyway, and
just concentrate on the stuff M$ invented against the OSS people.

Initiatives like this tend to fail, miserably when they are dominated by
single chipmakers rather then rooled out as an industry standard.  Intel
and the M$ folks have to gain far more buy in to really gain a silod
foothold, unless that foothold stands only for the home desktop user.

The better alternative is ruuning the proper products to avoid viri and
unwarranted access to systems and resources as well as education and a
heightened sense of  paranoia, which seems to be lacking in most lusers
and many admins today.

Your old computers cannot do evil things -- they cannot access media
created since the TCPA rollout.

Unless that 'protection ends up eing as flawed as that for the adobe
web-books or the recording industries anti-piracy protections...



Ron DuFresne
"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]