On Wed, 2 Feb 2005, Dan Kaminsky wrote:

> Uh, you *really* have no idea how much the black hat community is
> looking forward to TCPA.  For example, Office is going to have core
> components running inside a protected environment totally immune to
> antivirus.

How? TCPA is only a cryptographic device, and some BIOS code, nothing
else. Does the coming of TCPA chips eliminate the bugs, buffer overflows,
stack overflows, or any other way to execute arbitrary code? If yes, isn't
that a wonderful thing? Obviously it doesn't (eliminate bugs and so on).

>  Since these components are going to be managing
> cryptographic operations, the "well defined API" exposed from within the
> sandbox will have arbitrary content going in, and opaque content coming
> out.  Malware goes in (there's not a executable environment created that
> can't be exploited), sets up shop, has no need to be stealthy due to the
> complete blockage of AV monitors and cleaners, and does what it wants to
> the plaintext and ciphertext (alters content, changes keys) before
> emitting it back out the opaque outbound interface.

I use cryptographic devices everyday, and TCPA is not different than the
present situation. No better, no worse.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to