On Mon, 8 May 2006, Ross Werner wrote:
It seems really unlikely to me that an attacker who is able to get (a) the
encrypted files and (b) the passphrase will be unable to (c) get past
whatever hardware requirement I have in place.
CEO Alice or Grandma Carol are probably going to end up compromising (c) the
same way they compromise the security of (a) and (b). And people who *aren't*
going to compromise the security of (c) are probably going to do well with
(a) and (b) too.
I just don't see "trusted" computing as being a win for desktop applications.
Well, that's why I'm asking for a precise scenario. I could see a USB drive
getting lost or stolen, and somebody brute forcing the passphrase. If the key
can only be recovered by a certian set of TPM modules, then that could *maybe*
be nice, but I'm not sure yet how that would work or whether it would be any
easier than doing something similar without a TPM module.
-J
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
