On 10/5/06, Erik Tews <[EMAIL PROTECTED]> wrote:
First, you need a system with tpm. I assume you are running linux. Then
you boot your linux-kernel and an initrd using the trusted grub
bootloader. Your bios will report the checksum of trusted grub to the
tpm before giving control to your grub bootloader. Your grub bootloader
will then report the checksum of your kernel and your initrd to the tpm
before giving control to them.

Awesome, that's incredibly useful information.
I had not heard of trusted grub.  Thanks!

One thing you should know is, that a tpm can never find out, if a
software meets some specifications, like does not have an buffer
overflow or does not execute code from the network or so. You just can
check is has not been altered.

Of course.  However, you can sandbox x86 code efficiently:
Enhance your calm, fellow citizen; it's just ones and zeroes.
Unix "guru" for rent or hire -><- http://www.lightconsulting.com/~travis/
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066  151D 0A6B 4098 0C55 1484

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to