On Mon, 9 Oct 2006, James A. Donald wrote: > Well obviously I trust myself, and do not trust anyone else all that > much, so if I am the user, what good is trusted computing? > > One use is that I can know that my operating system has not changed > behind the scenes, perhaps by a rootkit, know that not only have I > not changed the operating system, but no one else has changed the > operating system.
The argument that TPM can prevent trojans seems to imply that the trojans are installed by modification of raw storage while the OS is offline. Probably, this can be a case for malicious internet-cafes, but 99.9% of trojans on home PCs of normal people are installed when the OS is active (0.1% is for trojans installed by law enforcement). (Of course, an attacker with physical access can install physical trojans: hardware keylogger and camera.) Since a regular installation should not change ``reported OS hash,'' TPM will not be able to detect the difference. Am I missing something? Btw, how the TCG allows to regularly change the kernel for security patches and still keep the same ``reported hash''? -- Regards, ASK --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
