On Tuesday, March 20, 2018 at 6:51:24 AM UTC-4, awokd wrote: > On Mon, March 19, 2018 5:03 pm, Giulio wrote: > > > In summary, > > are the TPM benefits enough to forcw me to keep the ME? I know this may be > > more subjective depending on everyone's own threat model but i would like > > to hear opinions on it. > > Like you said, depends on threat model. TPM would allow you to use > Anti-Evil Maid in Qubes, which helps prevent local tampering with the > device. There are some other measures that can also help deter local > tampering such as keeping GRUB/boot off local storage or SED (depending > how much you trust your manufacturer's implementation). > > ME with AMT and known and potentially more unknown exploits permits > remote/network tampering with the device. ME without AMT and unknown > exploits may also permit remote/network tampering or escalations of > privilege. Since the source code is closed, there's no way for an end-user > to be sure.
It doesn't actually "prevent" tampering. Just notifies you if something changed. And if it was compromised the only solution is to buy a new pc. Any board that lets you flash firmware from the O/S is exploitable remotely. Which is pretty much all of them. Unless you have a board with secure boot, secure flash, or a board with a jumper to prevent flashing. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/139eecab-cabf-417d-9c3e-065290c6c749%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
