> From: Bill Bogstad [mailto:[email protected]] > > It seems like > whenever people start talking about computer security, there is a > tendency to shoot for the maximum theoretically possible. We don't do > that when it comes to our cars or homes, but it does with computers.
Along a similar vein - There was formerly a FAQ on Truecrypt's website about the TPM. They said something like "Using the TPM is the best sure way to guarantee you have no security. We refuse to work with the TPM." I recognize the grain of truth in there - that using the TPM and Bitlocker first of all guarantees that the "$5 wrench" technique of extracting a password from the user is sure to be effective (there is no plausible deniability), and second of all, if we assume that Intel or the NSA or whoever has backdoored the TPM, then there's another technique to extract the info. However, the place where I disagree with Truecrypt is here: When I deploy bitlocker, I am not deploying a system intended to thwart the NSA. I am deploying a system intended to thwart laptop thieves from retrieving the company financial data, credit card database, product design files, etc. which are valuable on the black market. I have actually worked at a chip company before, where we discovered our own product was pirated and sold on the black market. One of our sales reps went to a meeting in Taiwan, and in that meeting they asked us, "Why should we buy your product when we could get the same thing from these other guys?" And they proceeded to show us our own slides with some other company's logo on them. To protect against this type of attack, no we do not need 256 bit, or even 128 bit. To protect against this type of attack, the mere existence of a password prompt is probably sufficient - even if your password is "baby" but probably not if your password is "password." It's nice to eliminate the hassle of entering two passwords every time. I'm strongly in favor of using the TPM for everyday security, even if the NSA might have backdoored them all. You want something to thwart the NSA? You need plausible deniability. _______________________________________________ Discuss mailing list [email protected] http://lists.blu.org/mailman/listinfo/discuss
