Re: TPM chip and Grub bootloader
hallo bist cool Am Donnerstag, den 31.05.2007, 01:28 +0200 schrieb Stefan Reinauer: * Robert Millan [EMAIL PROTECTED] [070530 15:18]: IOW, no matter who the keys belong to, the problem is there's a component in the hardware I paid for that is hostile to me, which contains keys that I cannot retrieve (good, because of security), and refuses to use the keys on anything I want it to (bad, because it's inherently an abusive tool). You do not need a TPM based system. Todays BIOSes prohibit flashing anything not signed by the vendor using SMI and hardware lockdown mechanisms. You are locked out already, even though you might not care or know yet. Stefan -- GNU Maintainer (uid:klausweiss) Free Software - Free as in Freedom ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
Hi, sorry for the last mail, my younger sister was playing with my computer... -- GNU Maintainer (uid:klausweiss) Free Software - Free as in Freedom ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
Robert Millan schrieb: IOW, no matter who the keys belong to, the problem is there's a component in the hardware I paid for that is hostile to me, which contains keys that I cannot retrieve (good, because of security), and refuses to use the keys on anything I want it to (bad, because it's inherently an abusive tool). As far as I know, this mechanism doesn't prevent you from creating another root. (or just deleting the old one) Not to speak of that it isn't (again afaik) in use or even implemented yet - though I'm unsure about that last part (implementation), as I didn't look too deep into the mud created by those in the media industry that tried to coerce the TCG into implementing their wet dream of an ultimately locked down consumer world. Patrick Georgi ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
On Thu, May 31, 2007 at 12:45:10PM +0200, Patrick Georgi wrote: As far as I know, this mechanism doesn't prevent you from creating another root. (or just deleting the old one) No, but it stablishes a practice that it is ok to use someone else's root. When everyone starts doing this (and they WILL do this since someone else will take the decision for them), that practice will become standard, then I am being labeled as not clear by omission if I insist in using my own root instead of someone else's. An example: if a website requires that you must use Internet Explorer to view it, and uses a TPM scheme to get clients to prove they're using IE, there's nothing I can do to visit this website, other than using IE. Before Treacherous Computing, such kind of lockdown was impossible to accomplish. I don't deny that this technology could be oriented towards legitimate uses, becoming Trusted Computing rather than Treacherous. But this may only come when everyone stops the pretension that a TPM system that can be used with someone else's root and doesn't provide any backdoor for owner with physical access is indeed agnostic about good and evil. We'll see that when they start selling preconfigured TPMs where root belongs to a mallicious 3rd party (if they aren't doing that already). -- Robert Millan My spam trap is [EMAIL PROTECTED] Note: this address is only intended for spam harvesters. Writing to it will get you added to my black list. ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
Stefan Reinauer [EMAIL PROTECTED] writes: * Robert Millan [EMAIL PROTECTED] [070530 15:18]: IOW, no matter who the keys belong to, the problem is there's a component in the hardware I paid for that is hostile to me, which contains keys that I cannot retrieve (good, because of security), and refuses to use the keys on anything I want it to (bad, because it's inherently an abusive tool). You do not need a TPM based system. Todays BIOSes prohibit flashing anything not signed by the vendor using SMI and hardware lockdown mechanisms. You are locked out already, even though you might not care or know yet. That sounds terrible. How do you deal with this for LinuxBIOS? -- Marco ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
* Marco Gerards [EMAIL PROTECTED] [070531 18:40]: You do not need a TPM based system. Todays BIOSes prohibit flashing anything not signed by the vendor using SMI and hardware lockdown mechanisms. You are locked out already, even though you might not care or know yet. That sounds terrible. How do you deal with this for LinuxBIOS? currently by pulling the chip and writing it in an external flash writer. But that is a bad option for the people out there without this kind of equipment. -- coresystems GmbH • Brahmsstr. 16 • D-79104 Freiburg i. Br. Tel.: +49 761 7668825 • Fax: +49 761 7664613 Email: [EMAIL PROTECTED] • http://www.coresystems.de/ ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
On Fri, May 25, 2007 at 11:06:49AM +0200, Patrick Georgi wrote: As so often, it can be used for, and against the user. Do these chips support so-called owner override ? If they don't, then this tool contains logic specificaly designed to be used _against_ the user, and your argument that it can be used for good or bad doesn't hold: It is not like a hammer, it's like a gun. -- Robert Millan My spam trap is [EMAIL PROTECTED] Note: this address is only intended for spam harvesters. Writing to it will get you added to my black list. ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
On Fri, May 25, 2007 at 10:11:03AM -0500, Bruno Wolff III wrote: On Fri, May 25, 2007 at 11:06:49 +0200, Patrick Georgi [EMAIL PROTECTED] wrote: As so often, it can be used for, and against the user. Binding certain data to a machine (eg. certificates) and making it non-trivial to get at them. And the way to tell is who has the keys that are stored on the TPM chip. If it is use, then things are good. If it is someone else, then things are bad. That's a missconception. It's not the fact that a CA has a master key that makes this system a threat, it's the fact that when someone else has that key, there's no way for the owner to use physical access to become the root of the trust chain and make his own computer sign anything he wants. IOW, no matter who the keys belong to, the problem is there's a component in the hardware I paid for that is hostile to me, which contains keys that I cannot retrieve (good, because of security), and refuses to use the keys on anything I want it to (bad, because it's inherently an abusive tool). That, of course, unless owner override feature is present. Then it's a whole different story. -- Robert Millan My spam trap is [EMAIL PROTECTED] Note: this address is only intended for spam harvesters. Writing to it will get you added to my black list. ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
* Robert Millan [EMAIL PROTECTED] [070530 15:18]: IOW, no matter who the keys belong to, the problem is there's a component in the hardware I paid for that is hostile to me, which contains keys that I cannot retrieve (good, because of security), and refuses to use the keys on anything I want it to (bad, because it's inherently an abusive tool). You do not need a TPM based system. Todays BIOSes prohibit flashing anything not signed by the vendor using SMI and hardware lockdown mechanisms. You are locked out already, even though you might not care or know yet. Stefan -- coresystems GmbH • Brahmsstr. 16 • D-79104 Freiburg i. Br. Tel.: +49 761 7668825 • Fax: +49 761 7664613 Email: [EMAIL PROTECTED] • http://www.coresystems.de/ ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
There are some patches floating around in the world for grub1 to use TPM. Actually you can find it here: http://sourceforge.net/projects/trustedgrub/ It is still being kept up as there was a release this month. This would be a good project to look at, if you have not already. On 5/24/07, karmo [EMAIL PROTECTED] wrote: hi i want to program Grub to use the TPM chip to load certified Operating System (like windows or redhat, it doesn't matterbut perhaps i will use a redhat versione). can you give me documents about how to do this? thanks ps sorry for my scholastic english ;) -- View this message in context: http://www.nabble.com/TPM-chip-and-Grub-bootloader-tf3808785.html#a10779735 Sent from the Grub - Dev mailing list archive at Nabble.com. ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
Robert Millan schrieb: On Thu, May 24, 2007 at 01:41:31AM -0700, karmo wrote: hi i want to program Grub to use the TPM chip to load certified Operating System (like windows or redhat, it doesn't matterbut perhaps i will use a redhat versione). can you give me documents about how to do this? Is that related to Digital Restriction Management? (just curious) The TPM trust chain has multiple uses, somewhat related to each other: 1. bind executables to a system state (as defined by a hash over BIOS image, boot loader, kernel, a set of drivers, ...) 2. bind the keystore in the TPM chip to that system state As so often, it can be used for, and against the user. Binding certain data to a machine (eg. certificates) and making it non-trivial to get at them. The bad side is that the system state lock means some kind of lock-in (read your encrypted data on two different systems on the same machine? well, they lead to different system states, so the keys you need aren't available). it also didn't help in the early state of TPM, that some media industry chills proposed lots of extensions to the basic TPM model that would make a media player intrusion proof (right in front of the press that took their wet dreams at face value and part of the specs), and that some misleading and downright wrong papers by opponents (the infamous tcpa faq) became popular. Patrick Georgi ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
On Fri, May 25, 2007 at 11:06:49 +0200, Patrick Georgi [EMAIL PROTECTED] wrote: As so often, it can be used for, and against the user. Binding certain data to a machine (eg. certificates) and making it non-trivial to get at them. And the way to tell is who has the keys that are stored on the TPM chip. If it is use, then things are good. If it is someone else, then things are bad. ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
TPM chip and Grub bootloader
hi i want to program Grub to use the TPM chip to load certified Operating System (like windows or redhat, it doesn't matterbut perhaps i will use a redhat versione). can you give me documents about how to do this? thanks ps sorry for my scholastic english ;) -- View this message in context: http://www.nabble.com/TPM-chip-and-Grub-bootloader-tf3808785.html#a10779735 Sent from the Grub - Dev mailing list archive at Nabble.com. ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
There already exist a patched version of Grub (not Grub 2, as far as I know), named TrustedGrub, available at this address : http://www.prosec.rub.de/trusted_grub.html I never tried it though, so I won't be able to assist you in using it. Hope that helps. 2007/5/24, karmo [EMAIL PROTECTED]: hi i want to program Grub to use the TPM chip to load certified Operating System (like windows or redhat, it doesn't matterbut perhaps i will use a redhat versione). can you give me documents about how to do this? thanks ps sorry for my scholastic english ;) -- View this message in context: http://www.nabble.com/TPM-chip-and-Grub-bootloader-tf3808785.html#a10779735 Sent from the Grub - Dev mailing list archive at Nabble.com. ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel -- Julien RANC [EMAIL PROTECTED] ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel
Re: TPM chip and Grub bootloader
On Thu, May 24, 2007 at 01:41:31AM -0700, karmo wrote: hi i want to program Grub to use the TPM chip to load certified Operating System (like windows or redhat, it doesn't matterbut perhaps i will use a redhat versione). can you give me documents about how to do this? Is that related to Digital Restriction Management? (just curious) -- Robert Millan My spam trap is [EMAIL PROTECTED] Note: this address is only intended for spam harvesters. Writing to it will get you added to my black list. ___ Grub-devel mailing list Grub-devel@gnu.org http://lists.gnu.org/mailman/listinfo/grub-devel