Jon Callas wrote:
> On Jun 25, 2007, at 7:23 PM, Matt Johnston wrote:
>> On Mon, Jun 25, 2007 at 04:42:56PM +1200, David G. Koontz wrote:
>>>   Apple (mis)uses
>>> TPM to unsuccessfully prevent OS X from running on non-Apple Hardware.
>>> All Apple on Intel machines have TPM, that's what 6 percent of new PCs?
>> To nit pick, the TPM is only present in some Apple Intel
>> machines and isn't used in any of them. See
>> Their OS decryption key is just stored in normal firmware,
>> unprotected AIUI.

Are you discussing how they handle their encrypted swap, encrypted disk
(via FileVault) or their encrypted sleep image? I was unaware that Apple
had implemented full root file system encryption.

> They've apparently stopped shipping TPMs. There isn't one on my MacBook
> Pro from last November, and it is missing on my wife's new Santa Rosa
> machine.
> If you want to see if a machine has one, then the command:
> sudo ioreg -w 0 | grep -i tpm
> should give something meaningful. Mine reports the existence of
> ApplePCISlotPM, but that's not the same thing.

A positive match looks like this:

    | +-o ApplePCISlotPM  <class ApplePCISlotPM, !registered, !matched,
active, busy 0, retain count 8>
    | +-o TPM  <class IOACPIPlatformDevice, registered, matched, active,
busy 0, retain count 6>

Jacob Appelbaum

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to