Edward Ned Harvey (blu) wrote:
The most obvious solution to me, is to have an authentication server (AD/Ldap/Kerberos) which boots using TPM.
But TPM is potentially vulnerable to cold boot attacks, and pre-boot PIN systems are vulnerable to bootkit attacks. The only reliable defense against these is to maintain good physical security.
-- Rich P. _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
