I agree with Peter here.  I also tried to procure a motherboard with a TPM chip 
- to play with Bitlocker mostly - and came to
the same conclusion.

I did find a few MBs, mostly from Intel, and a couple of other vendors.  All of 
these were corporate-style MB's, as opposed to
the gamer/enthusiast style I needed.

For example: the Gigabyte GA-965QM-DS2 (rev 2.0) which "features security 
enhancement by TPM".  More common (ASUS, Foxconn) was
the "TPM Connector", which seemed to be a hedged bet, by replacing the cost of 
the TPM chip with the cost of a socket.

I also went looking for a TPM on some other delivery mechanism (USB stick?  PCI 
card?  Anything...) but didn't turn anything up
I was actually able to purchase at the time (but maybe not now - see the 
BCM5751 below).

There's a slightly out of date matrix of products here:

http://www.tonymcfadden.net/tpmvendors_arc.html

I too have heard rumors of TPM functionality being included in either North or 
South Brigdes, but I haven't seen that happen yet
(aside from Intel, few vendors release detailed chipset datasheets anyway).  
Winbond do have a "Trusted IO" series of chips
which are basically LPC controllers plus the TPM chip (all now "not recommended 
for new designs"), and Transmeta did embed the
TPM in the TM5800.  Apparently Broadcomm also did embed a TPM on their BCM5751 
and BCM5751M ethernet controllers.

Interestingly, you will find the BCM5751 on several high end motherboards, but 
the presence of TPM functionality isn't often
mentioned.  Riiigggghhhhtttt.... :)

Apple is one vendor who I gather does include a TPM chip on their systems, I 
gather, but that wasn't useful for me.

Ian.

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Peter Gutmann
Sent: Saturday, 23 June 2007 10:49 PM
To: [EMAIL PROTECTED]
Cc: cryptography@metzdowd.com
Subject: Re: Free Rootkit with Every New Intel Machine

[EMAIL PROTECTED] writes:

>my understanding from a person active in the NEA working group (IETF) 
>is that TPMs these days "come along for free" because they're included 
>on-die in at least one of said chips.

Check again.  A few months ago I was chatting with someone who works for a 
large US computer hardware distributor and he located
one single motherboard (an Intel one, based on an old, possibly discontinued 
chipset) in their entire inventory that contained a
TPM (they also had all the ex-IBM/Lenovo laptops, and a handful of HP laptops, 
that were reported as having TPMs).  He also said
that there were a handful of others (e.g. a few Dell laptops, which they don't
carry) with TPMs.

I've seen all sorts of *claims* of TPM support, but try going out and buying a 
PC with one (aside from IBM/Lenovo and the
handful of others) - you have to look really, *really* hard to find anything, 
and if you do decide you specifically want a
TPM-enabled MB or laptop you're severely restricting your options (unless it's 
a Lenovo).

Unless something truly miraculous happens, TPMs are destined to end their lives 
as optional theft-discouragement gadgets for
laptops (assuming they're running Windows XP, or possibly Vista if you can find 
the drivers).  They've certainly failed to make
any impression on the desktop market.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to